Say what you want about the ethics of the "month of bugs" phenomenon, these vulnerability disclosure projects are getting immediate -- and valuable -- results.
Staying on top of the latest in software/hardware security research, vulnerabilities, threats and computer attacks.
Violet Blue is the author of The Smart Girl's Guide to Privacy. She contributes to ZDNet, CNET, CBS News, and SF Appeal.
Larry Seltzer has long been a recognized expert in technology, with a focus on mobile technology and security in recent years
Next week's Patch Tuesday updates from Microsoft will include fixes for a wide range of "critical" vulnerabilities in the Windows, Office and Exchange product lines, the software giant announced today.As part of its advance notice mechanism, Microsoft said a total of 7 bulletins will be released on May 8, 2007.
Secunia is muscling its way into the corporate vulnerability scanning market with a new tool that challenges established players like Tenable, Qualys and Sourcefire.
After a brief lull -- and two fakes -- the "month of bugs" security projects are back, taking aim this time at flaws in ActiveX controls used by software developers.
Apple has released QuickTime 7.1.6 to patch the code execution hole discovered by Dino Dai Zovi and exposed during the CanSecWest MacBook hijack contest.
Security holes in two popular desktop software applications could put millions of computer users at risk of code execution attacks. The flaws, rated "highly critical," were flagged in the Trillian cross-platform IM program and Nullsoft's Winamp media player.
Verisign is expected to announce a deal with Innovative Card Technologies to equip banks and e-commerce sites with cards that work with its two-factor authentication system.
CNET News.com security reporter Joris Evers is leaving the journalism field to take a job in McAfee's PR department.
How did the super-critical animated cursor (.ani) vulnerability get past all the strict code review, fuzz testing and other defense-in-depth mitigations built into Windows Vista? Michael Howard has the answer and he's sharing it with us...
An anonymous blogger claims he/she was able to monitor the network at CanSecWest security conference and snag a full packet capture of the MacBook hijack contest.