How did the super-critical animated cursor (.ani) vulnerability get past all the strict code review, fuzz testing and other defense-in-depth mitigations built into Windows Vista? Michael Howard has the answer and he's sharing it with us...
Staying on top of the latest in software/hardware security research, vulnerabilities, threats and computer attacks.
Ryan Naraine is a journalist and social media enthusiast specializing in Internet and computer security issues.
Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, malware and cybercrime incident response.
An anonymous blogger claims he/she was able to monitor the network at CanSecWest security conference and snag a full packet capture of the MacBook hijack contest.
Photoshoppers, be careful. Publicly available exploit code for a serious security flaw in Adobe Photoshop could allow attackers to take complete control of your Windows machine.
Mozilla seems to be having a hard time pulling the plug on Firefox 1.5. After today, the open-source group planned to stop shipping security and stability updates for Firefox 1.5 but now I'm hearing that support has been extended to the middle of May.
The vulnerability is a Java-based vulnerability in QuickTime, which is installed by default on Mac OS X. Any Java-enabled Web browser on this platform is an attack vector.
I caught up with security researcher Dino Dai Zovi to discuss his successful hijack of a MacBook Pro machine at last week's CanSecWest conference in Vancouver, Canada.We talk about the specific vulnerability, the motivation for the attack, Apple's response and his plans around Mac OS X research: RN: What's your OS of choice?
Despite all the anti-malware roadblocks built into Windows Vista, a senior Microsoft official is lowering the security expectations, warning that viruses, password-stealing Trojans and rootkits will continue to thrive as malware authors adapt to the new operating system.
Hackers Dino Dai Zovi and Shane Macaulay teamed up to hijack a MacBook Pro laptop at the CanSecWest security conference here, effectively pouring cold water on the Mac faithful's belief that the machines are impenetrable.
Two tricked-out MacBook laptops survived the first day of a 'PWN to OWN' contest that dared hackers to take control of default Mac OS X installations.
Apple has issued a mega-update with patches for 25 new security vulnerabilities affecting Mac OS X users. This is the fourth update (89th security patch) issued by Apple in 2007.