Brian Prince

Microsoft has released a community technology preview for its cloud-based SQL Azure Database, continuing a busy month for the company’s database business. The SQL Azure Database CTP features a relational data model supporting T-SQL (Transact-SQL), including T-SQL stored procedures, as well as the ability to access SQL Azure with common data access APIs such as […]

When resentment against a pro-Georgian blogger boiled over into a distributed denial-of-service attack against social networking sites Aug. 6, it seemed to echo the cyber-attacks that occurred when Russia invaded Georgia in August 2008. Experts say this type of hacktivism will likely continue to increase, leaving countries with the question of what to do in […]

Virtualization adoption continues to grow, often outpacing efforts to secure virtual environments, analysts say. The most common virtualization management problems, such as virtual sprawl and separation of duties, should sound familiar to IT administrators. “People are deploying virtualization as fast as they can, and they’re being slow to deploy the management tools and the compliance […]

In a browser security death match, Microsoft Internet Explorer 8 has come out on top. According to research from independent security company NSS Labs, IE 8 detected almost three times as many socially engineered malware links as Mozilla Firefox and Apple Safari. IE 8 blocked 81 percent of socially engineered malware URLs, defined as links […]

Successful exploits need not be zero-day attacks. In fact, it is often older vulnerabilities in popular applications that are the doorknob intruders turn to compromise systems. This point was underscored recently by separate research from Qualys and Trusteer highlighting some troublesome findings in the patch management process. According to the July 28 Qualys report, (PDF) […]

It’s been a tough week for Twitter. First DDoS attacks. Now Arbor Networks security researcher Jose Nazario has come across something more troublesome – a botnet using Twitter for its command-and-control. According to Nazario, the botnet uses the micro-blogging service’s status messages to communicate to compromised machines. The tweets contain obfuscated links to sites with […]

eBay is advising members of its Developers Program to change their passwords due to an unspecified threat to their accounts. According to the company, eBay has discovered a way for someone to gain unauthorized access to account information on the Developers Program site. In a blog post, Kumar Kandaswamy, head of the program, said exploiting […]

Apple has issued a new round of patches to cover critical issues in its Safari browser. All totaled, Apple plugged six security holes. Three of them cover problems in the browser’s Webkit engine, which also powers Google Chrome. Arguably the most serious of the Webkit issues is a buffer overflow vulnerability in the engine’s parsing […]

After plugging a series of security holes in Mac OS X on Aug. 6, Apple has issued another security update. This time the patch is for the BIND service, and is aimed at systems running Mac OS X 10.5.8 and v10.4.11, including server editions. According to Apple, a logic issue in the handling of dynamic […]

Scientists at Sandia National Laboratories are harnessing more than a million Linux kernels as virtual machines as part of an effort to aid researchers to better analyze botnet behavior. According to Sandia, which serves as an R&D arm for the Department of Energy, the project will allow security researchers to observe behavior found in botnets […]