Brian Prince

More than 40,000 legitimate Websites have been hit by an attack that is redirecting users to a site laced with malware. The “Nine-Ball” compromise, which officials at Websense said they have been monitoring since June 3, has been dubbed Nine-Ball after the malicious site it directs users to. “We are not releasing the names of […]

When Bruce Jones decided to serve as global IT security risk and compliance manager at Eastman Kodak Company, he found he had a challenging problem on his hands – how to create a solid set of security metrics that could be used to communicate risk to the rest of the business. Roughly two-and-a-half years later, […]

Cligs, a popular URL shortening service for Twitter users, was hacked recently in an attack that exploited a security hole to redirect 2.2 million URLs. “Late last night/early this morning, a security hole in the Cligs editing functionality was discovered and was exploited by a malicious attacker,” according to a June 15 statement on the […]

EnterpriseDB launched the latest version of its Postgres Plus Advanced Server database June 16 with an eye toward improving performance and scalability. In Postgres Plus Advanced Server Version 8.3 Release 2, the company has added a feature called “infinite cache.” Built on Memcached, the technology is designed to increase performance and scalability for read-mostly applications. […]

Google officials responded June 16 to calls for better security by announcing that the company is considering turning on HTTPS in Gmail by default for all connections. The announcement follows an open letter sent to Google CEO Eric Schmidt by nearly 40 security and privacy experts that urged the search engine giant to enable industry-standard […]

It took a while, but Apple has finally fixed a security flaw in the Java applets that ship with the Mac OS X operating system. The patch for the vulnerability comes roughly three weeks after proof-of-concept exploit code leaked out in an effort to force Apple into fixing the issue. The bug, CVE-2008-5353, enables malicious […]

A Chinese company behind an Internet filtering program backed by the Chinese government is fighting back against critics as it looks to address reported software vulnerabilities. The company, Jinhui Computer System Engineering, has been accused of using pirated technology from U.S.-based Solid Oak Software in its Green Dam Youth Escort program. In a report released […]

A security researcher has painted a bull’s eye on Twitter starting July 1 in the “Month of Twitter Bugs.” The project is a spin on the “Month of Browser Bugs” initiative launched in July 2006. Three years later, Israeli security researcher Aviv Raff-who also participated in the 2006 effort-has said he will dedicate the month […]

The U.S. Army has officially ended its ban on Twitter, Facebook and Flickr, according to media reports. In a memo dated May 18, the Army ordered its network managers to permit access to social networking sites as a means to “tell the Army story and to facilitate the dissemination of strategic, unclassified information.” The order […]

Mozilla and Google both patched critical vulnerabilities in their browsers this week. Of the two, Mozilla plugged the most security holes. The company fixed 11 vulnerabilities in a June 11 update to Firefox. More than half of the bugs were labeled as “critical.” Three of the critical bugs were in the browser’s rendering JavaScript engines […]