Staying on top of the latest in software/hardware security research, vulnerabilities, threats and computer attacks.
Ryan Naraine is a journalist and social media enthusiast specializing in Internet and computer security issues.
Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, malware and cybercrime incident response.
A design error in Microsoft's Windows Mail, the e-mail application bundled into Windows Vista, could expose users to remote file-execution attacks, according to a warning from security researchers.A hacker known as "Kingcope" published proof-of-concept code to show that remote code execution is possible if a user is tricked into clicking a malicious link.
Ninety days after the release of Microsoft's Windows Vista to business customers, the new operating system has a much better security vulnerability profile than its predecessor and several other modern workstation operating systems including Red Hat, Ubuntu, Novell and Apple products.That's according to Jeff Jones, security strategy director in Microsoft's Trustworthy Computing group.
Just a quick follow-up to my story from earlier this week about XBox Live accounts being hijacked in what was believed to be a breach at Microsoft's Bungie.net.
Researchers at SecureWorks have stumbled upon what appears to be a massive identity theft ring using state-of-the-art Trojan code to steal confidential data from thousands of infected machines in the U.S.
Mozilla has shipped another Firefox update to patch a security flaw in the way the browser implements the FTP protocol.Exploitation of the flaw, which is rated low-risk, could allow an attacker to perform reconnaissance on a vulnerable machine.
Online gaming forums are buzzing with reports that Xbox Live accounts linked to Microsoft's Windows Live ID service are being hijacked by malicious hackers. Kevin Finisterre, a security researcher at Digital Munition, raised the issue on the Full Disclosure mailing list over the weekend, calling attention to rumors that Microsoft's Bungie.
Last week, I wrote about hackers starting to agitate for Microsoft (and other software vendors) to start paying for information on security vulnerabilities. As a follow-up to that post, I pinged a few security research pros, asking whether they agreed it's inevitable will start buying bugs.
Using a homegrown tool called Fiddler, researchers at Microsoft have come up with a system to track the money that flows from big-name advertisers to search engine spammers.
Here's a major security update that may have slipped under the (mainstream media) radar.The new version of RHEL (Red Hat Enterprise Linux) desktop includes fixes for a wide range of vulnerabilities, some rated "critical.
The month-of-bugs phenomenon is showing no signs of slowing down. Next up: MySpace.