Brian Prince

From the shutdown of McColo to last week’s disruption of the Pushdo botnet, spammers have continually found ways to stay in business. Nearly 20 of the 30 command and control (CnC) servers associated with Pushdo were taken offline last week due to efforts by security vendor LastLine. The servers were supported by eight hosting providers, […]

Research from Zscaler has exposed how a feature in Hewlett-Packard’s all-in-one printers can be abused remotely to steal scanned documents. The feature, WebScan, allows users to remotely scan a document and have an image of the document sent from the scanner to their Web browser. Unfortunately, Zscaler found that oftentimes this functionality is not password-protected […]

Trend Micro continued its push around virtualization and cloud security Aug. 31 with two new product releases. Part one of the announcement – which was made in conjunction with the VMworld 2010 conference running this week in San Francisco – is Trend Micro Deep Security 7.5, which leverages the latest VMware vShield Endpoint API and […]

Microsoft released a “Fix-it” to help administrators deal with DLL loading problems believed to be affecting scores of applications. The new solution comes roughly a week after Microsoft released a security advisory on the issue. Along with the Fix-it, the company also pledged to address any DLL loading issues in its own software. “First, I […]

A team of researchers has uncovered a new way to crack the security of quantum cryptography. The researchers hailed from the Norwegian University of Science and Technology in Norway as well as the University of Erlangen-N??rnberg and Max Planck Institute for the Science of Light in Germany. Their findings revealed a way to remotely control […]

Twitter has completed its move to OAuth for authentication for all third-party applications. OAuth allows people to use applications without them storing their passwords. In the past, Twitter officials explained in a blog post, developers have been able to choose between basic authentication and OAuth to enable Twitter applications to access user accounts. Both methods […]

Ever wonder what IT resource is the easiest for hackers to exploit? According to a survey of attendees of the annual Defcon security conference, the answer is misconfigured networks. The survey was conducted by Tufin Technologies, which polled 101 attendees of Defcon 18 in July. Seventy-six percent named misconfigured networks as the easiest IT resource […]

A security researcher has uncovered a new vulnerability in Apple QuickTime that can be used to bypass some security protections in Microsoft Windows. According to Wintercore Security’s Ruben Santamarta, the bug seems to be the result of a parameter from an older version of QuickTime being mistakenly left in the code. The vulnerability can be […]

CA Technologies has agreed to acquire Arcot Systems for its authentication and anti-fraud technology. The acquisition comes with a price tag of $200 million. Founded in 1997, Arcot develops software-based digital signature and identity tools to help secure online transactions. Delivered via the cloud or on-premise, the company’s products protect about one million online credit […]

A snapshot of the threat landscape by AVG Technologies named Turkey the most dangerous place to surf the Web. AVG’s analysis is based on an examination of attacks during the last week of July. According to the company, AVG software detected attacks against one in 10 customers browsing the Web in Turkey during that period. […]