Apple has released QuickTime 7.1.6 to patch the code execution hole discovered by Dino Dai Zovi and exposed during the CanSecWest MacBook hijack contest.
Staying on top of the latest in software/hardware security research, vulnerabilities, threats and computer attacks.
Violet Blue is the author of The Smart Girl's Guide to Privacy. She contributes to ZDNet, CNET, CBS News, and SF Appeal.
Larry Seltzer has long been a recognized expert in technology, with a focus on mobile technology and security in recent years
Security holes in two popular desktop software applications could put millions of computer users at risk of code execution attacks. The flaws, rated "highly critical," were flagged in the Trillian cross-platform IM program and Nullsoft's Winamp media player.
Verisign is expected to announce a deal with Innovative Card Technologies to equip banks and e-commerce sites with cards that work with its two-factor authentication system.
CNET News.com security reporter Joris Evers is leaving the journalism field to take a job in McAfee's PR department.
How did the super-critical animated cursor (.ani) vulnerability get past all the strict code review, fuzz testing and other defense-in-depth mitigations built into Windows Vista? Michael Howard has the answer and he's sharing it with us...
An anonymous blogger claims he/she was able to monitor the network at CanSecWest security conference and snag a full packet capture of the MacBook hijack contest.
Photoshoppers, be careful. Publicly available exploit code for a serious security flaw in Adobe Photoshop could allow attackers to take complete control of your Windows machine.
Mozilla seems to be having a hard time pulling the plug on Firefox 1.5. After today, the open-source group planned to stop shipping security and stability updates for Firefox 1.5 but now I'm hearing that support has been extended to the middle of May.
The vulnerability is a Java-based vulnerability in QuickTime, which is installed by default on Mac OS X. Any Java-enabled Web browser on this platform is an attack vector.
I caught up with security researcher Dino Dai Zovi to discuss his successful hijack of a MacBook Pro machine at last week's CanSecWest conference in Vancouver, Canada.We talk about the specific vulnerability, the motivation for the attack, Apple's response and his plans around Mac OS X research: RN: What's your OS of choice?