http://www.zdnet.com/blog/security/rss en-us Mozilla rates this a “critical” vulnerability that can be used to run attacker code and install software, requiring no user interaction beyond normal browsing.

]]> Fixes coming for dangerous security holes in Microsoft Windows, Microsoft Office, the Internet Explorer browser and .NET/Silverlight.

]]> M86Security’s newly released report “Security Labs Report - July – December 2011 Recap”, details some of the most commonly observed Web exploits currently in the wild.

]]> Security researchers from TrendMicro have spotted a fake version of popular game Temple Run, currently available at Android’s Market.

]]> Security researchers from AppRiver, have intercepted a currently spamvertised malware campaign, enticing end users into clicking on malicious links.

]]> Adobe security chief Brad Arkin argues that benevolent security researchers who publish techniques to defeat security mitigations are doing a major disservice.

]]> Adobe says sandboxing technology has proven very effective in protecting users by increasing the cost and complexity of writing effective exploits.

]]> The end result is a malicious Trojan with rootkit capabilities. The attack happens silently in the background and all the user sees is a blank WMP application playing a file.

]]> Pete Lindstrom argues that ‘irresponsible’ disclosure of security holes in SCADA systems could put human lives at risk and calls on the security research community to start thinking about the vulnerability problem in different ways.

]]> Microsoft pinpoints a Russian software developer who is being accused of creating, operating and growing the notorious Kelihos botnet.

]]>