Mozilla's security chief Window Snyder has confirmed a proof of concept information leak flaw in Firefox--even fully patched versions.Snyder confirmed the issue in a blog post.
Staying on top of the latest in software/hardware security research, vulnerabilities, threats and computer attacks.
Violet Blue is an outspoken and controversial author and journalist; she contributes to ZDNet, CNET, CBS News and SF Appeal.
Larry Seltzer has long been a recognized expert in technology, with a focus on mobile technology and security in recent years
Fresh off a series of security problems with software included on HP laptops, the company is under the gun again, say security researchers. One common thread: HP vulnerabilities due to ActiveX issues.
Virtualization will become dominant in enterprises, but the security risks are fuzzy at best. Meanwhile, the usual defense--firewalls, security appliances and such aren't ready for virtualization.
Crispin Cowan, the Linux security expert behind StackGard, the Immunix Linux distro and AppArmor, has joined the Windows security team.In a blog post last week, Microsoft's Michael Howard, author of Writing Secure Code, wrote:For those of you who don’t know Crispin, Crispin is responsible for a number of very well respected Linux-based security technologies such as StackGuard, the Immunix Linux distro, SubDomain and AppArmor.
Updated below: Aviv Raff, a security researcher, has found a flaw in Skype that could allow an attacker to control your PC.On his blog, Raff explains the following:Skype uses Internet Explorer web control within the application to render internal and external HTML pages.
If you're like most folks you are taking your time installing Microsoft's latest round of security patches. However, you may want to get your rear end in gear.
Yahoo is supporting OpenID 2.0 and could triple the number of accounts in the single sign-on framework.
Cisco Systems on Wednesday shipped a high priority fix for its Cisco Unified Communications Manager software, formerly known as CallManager.Cisco gave the flaw, which allows remote code executions, a CVSS Base Score of 10, the highest rating available.
The Microsoft Security Response Center has confirmed ongoing attacks against Excel and is recommending that users either run files through a tool that strips out exploit code or block Office 2003 and earlier formats except for those from trusted locations.
Oracle as expected released its quarterly batch of security fixes Tuesday.In a blog post, Oracle said:Oracle today released the January 2008 Critical Patch Update (CPUJan2008).