Brian Prince

Apple has pushed out an upgrade for Mac OS X that plugs 18 security holes, among them a series of critical bugs tied to the handling of various image formats. The update, which brings the OS to version 10.5.8, fixes a number of issues related to ImageIO’s handling of OpenEXR images, EXIF metadata and PNGimages. […]

Microsoft has nine security bulletins planned for the Aug. 11 Patch Tuesday release, including one addressing a critical vulnerability Microsoft warned was under attack. Tucked in among the five critical bulletins Microsoft will release is a patch for a vulnerability in Microsoft Office Web Components the company said in July could be exploited to take […]

Researchers have uncovered numerous vulnerabilities in popular XML libraries from Sun Microsystems, Python and the Apache Software Foundation. The bugs were discovered by researchers at code testing firm Codenomicon in early 2009 while the company was developing a new product for testing XML. When testing XML libraries, evidence of multiple flaws in the parsing of […]

A report released Aug. 4 found that nearly 90 percent of Microsoft Bing’s sponsored search results for prescription drugs and pharmacies lead to rogue operations. The report, (PDF) authored by anti-spam outfit KnujOn and online pharmacy locator LegitScript, found that 89.7 percent of the pharmacies paying for ads on Microsoft’s search engine are engaged in […]

It should come as no surprise that at a security conference called ‘Black Hat’ there would be a fair amount of shenanigans going on over the WLAN network. According to Aruba Networks, which provided the Wi-Fi network at the conference last month in Las Vegas, attackers were up to their usual tricks. The company tracked […]

Vertica Systems has enhanced its column database with a new data storing and processing architecture designed to improve performance. The company has dubbed the new architecture FlexStore. With it, customers can organize different parts of the database in different ways to achieve maximum performance and compression, Dave Menninger, vice president of marketing and product management […]

The Pentagon is reviewing its policies toward social networking sites amid network security and other concerns. According to reports, U.S. officials have ordered a review of the threats and benefits of using Web 2.0 sites such as Facebook and others. The review is slated to be completed by the end of September. News of the […]

A 25-year-old New Jersey man is the state’s first person to be arrested for domain name theft. Daniel Goncalves of Union Township was busted July 30 on charges that he stole the domain name P2P.com three years ago. After the theft, Goncalves reportedly went on eBay and sold the domain to NBA player Mark Madsen, […]

A few weeks ago, Juniper Networks announced that they would not be giving a talk on ATM security vulnerabilities at the DEFCON 17 conference in Las Vegas. Perhaps then it is slightly ironic that attendees at that very conference would end up uncovering ATM card skimming scams. According to reports, attendees at the conference noticed […]

Acting cyber-security chief Melissa Hathaway plans to step down later in August, according to a report in The Wall Street Journal. Hathaway, the acting senior director for cyberspace for the National Security and Homeland Security Councils, will reportedly resign Aug. 21 for personal reasons. She was once considered a frontrunner for the cyber-security coordinator position […]