Blogs | Page 63
Microsoft Withdraws 4 Patch Day Bulletins
By Ryan Naraine | Posted: 2007-01-05
Microsoft has suddenly yanked four bulletins from next Tuesday's Patch Day batch, a surefire sign that the company continues to struggle with the patch testing process.
Apple Flaw Project Odds and Ends
By Ryan Naraine | Posted: 2007-01-05
MoAB update: An official patch from VideoLAN, hidden taunts and heated verbal punditry.
Where's Microsoft on CVSS Support?
By Ryan Naraine | Posted: 2007-01-04
Cisco has joined Oracle and others supporting the Common Vulnerability Scoring Standard, but unless Microsoft joins the party, the flaw rating scheme will continue to flounder.
Cisco + IronPort = Done Deal
By Ryan Naraine | Posted: 2007-01-03
UPDATE: The rumor mill is buzzing tonight about an $825 million merger between Cisco and IronPort.
Flash Phishing, MySpace Passwords and Hacking PDFs
By Ryan Naraine | Posted: 2007-01-03
LINKS DU JOUR: Google's blacklisted URL database is chock full of MySpace login credentials; Who knew Symantec had a full-fledged rock band?
VLC Media Player Bug Bites at Apple
By Ryan Naraine | Posted: 2007-01-02
UPDATE: The second flaw warning in the Month of Apple Bugs project is for a remote code execution issue affecting the cross-platform VLC media player distributed by VideoLAN.
Google Serves Ads in Phishing Attacks
By Ryan Naraine | Posted: 2006-12-22
TGIF Links du jour: Inside the Vista proof-of concept; Month of Apple Bugs reaction; Google makes money from phishing attacks; Is Intel indirectly sponsoring an anti-OLPC Web site?
Patch Watch: Firefox, Apple QuickTime Flaw Fixes
By Ryan Naraine | Posted: 2006-12-20
Mozilla has shipped a "highly critical" Firefox update to correct multiple security bugs that could cause cross-site scripting, information disclosure, denial-of-service and system access attacks.
Coming in January: Month of Apple Bugs
By Ryan Naraine | Posted: 2006-12-19
The hacker behind the MoKB (Month of Kernel Bugs) plans to take a big bite out of Apple Computer's insecurities.
MS Investigating Vista Zero-Day Exploit Sale
By Ryan Naraine | Posted: 2006-12-18
Microsoft's security response team is trying to verify the accuracy of reports that underground hackers are selling zero-day exploits for Windows Vista.
ORDB.org Calls It Quits
By Ryan Naraine | Posted: 2006-12-18
After five-and-a-half years of maintaining IP addresses of verified open SMTP relays, ORDB.org is calling it quits, citing irrelevance as the main reason.
IE 7 Code Execution Exploit; Yahoo IM Patch
By Ryan Naraine | Posted: 2006-12-15
Links du jour: A sampling of useful security stories may have slipped through the cracks ...
PHP Security Guru Quits in Disgust
By Ryan Naraine | Posted: 2006-12-14
German researcher Stefan Esser has quit the PHP Security Response Team in disgust, accusing the open-source group of hiding the slow response time to fixing vulnerabilities and, even worse, refusing to fix known flaws for months.
UCLA Confirms Massive Database Breach
By Ryan Naraine | Posted: 2006-12-12
A "sophisticated computer hacker" has broken into a restricted UCLA campus database containing personal information about current and some former students, faculty, and staff, the university confirmed in an e-mail to those affected.
Where's the MS Word Zero-Day AV Protection?
By Ryan Naraine | Posted: 2006-12-07
UPDATE: More than 48 hours after the confirmation of active exploits of a zero-day vulnerability in Microsoft Word, anti-virus protection remains largely nonexistent -- even through Microsoft's own Windows Live OneCare security product.























