Brian Prince

Hackers have begun compromising Web sites to infect vulnerable computers with malware that exploits a zero-day flaw in Internet Explorer revealed last week. Microsoft reported a significant increase in the number of infected users over the weekend, and researchers at Trend Micro estimated about 6,000 sites had been infected. The move is a shift in […]

A test by IT consulting company Chapin Information Services has turned attention toward what is perhaps an undervalued element of browser security-password management. The company took a look at all the major browsers: Internet Explorer 7, Opera 9.62, Firefox 3.04, Safari 3.2 and Google Chrome. According to the study, each browser was susceptible to a […]

Microsoft has issued an advisory to help users deal with a zero-day flaw affecting Internet Explorer. In an update, Microsoft stated the flaw affects not only Internet Explorer (IE) 7 as originally thought, but also versions 5 and 6. However, as of Dec. 11, Microsoft had only seen attacks against IE 7. While the flaw […]

The Google Chrome browser is no longer a beta, and has been outfitted with a coat of security armor Google hopes will both protect users and help Chrome compete with rival browsers. The toughest piece of that armor involves sandboxing. In Chrome, HTML rendering and JavaScript execution are isolated in their own class of processes. […]

A day after December’s Patch Tuesday release Dec. 9, Microsoft found itself investigating reports of a zero-day bug affecting Internet Explorer 7 as well as attacks against an unpatched flaw in the WordPad Text Converter. According to Vupen Security, exploit code for the IE flaw takes advantage of an issue with the parsing of malformed […]

For those of us watching the database space, 2008 can be remembered as the year when cloud computing began to touch the database market in a major way. The biggest example was the launch of Microsoft SDS (SQL Data Services) in March. The move made Microsoft the first major database vendor to offer a version […]

Cyber-criminals are getting better; law enforcement needs to as well. That is the overall theme of the McAfee Virtual Criminology Report “Cybercrime Versus Cyberlaw.” The report paints a picture of poor international cooperation and ad hoc police efforts-all of which allow cyber-crooks to keep a step ahead of their pursuers. The cat-and-mouse game requires both […]

Microsoft pushed out eight security bulletins as part of this month’s Patch Tuesday, including a fix for a vulnerability currently under attack. According to the advisory, hackers have begun launching limited, targeted attacks against a vulnerability in an ActiveX control for the Microsoft Visual Basic 6.0 Runtime Extended Files. Visual Basic 6.0 Runtime Extended Files […]

A new variant of the DNSChanger Trojan is appearing in DNS pharming attacks.Once the malware, named Trojan.Flush.M by Symantec, infects a machine, it creates a rogue DHCP (Dynamic Host Configuration Protocol) server. DHCP is a protocol for assigning dynamic IP addresses to devices on a network. The compromised machine then sends bogus DHCP packets to […]

It was an interesting year for database vendors. It was a year of cloud databases and acquisitions, most notably Sun Microsystems’ purchase of MySQL. Here are some of the top stories for the database space in 2008, in no particular order: Sun Microsystems Acquires MySQL AB Sun’s $1 billion acquisition of MySQL made waves in […]