Brian Prince

Adobe Systems patched 20 bugs in its Shockwave Player in a critical update Aug. 24. The vulnerabilities were “identified in Adobe Shockwave Player 11.5.7.609 and earlier versions [running] on Windows and Macintosh systems,” the company said. Almost all of the bugs are memory corruption issues that, if triggered, could allow an attacker to execute code. […]

A senior Pentagon official has revealed details of a previously classified malware attack he declared “the most significant breach of U.S. military computers ever.” In an article for Foreign Affairs, Deputy Defense Secretary William J. Lynn III writes that in 2008 a flash drive believed to have been infected by a foreign intelligence agency uploaded […]

Researchers at Zscaler have discovered nearly three million fake YouTube pages indexed by Google that lead to rogue anti-virus programs. Zscaler found the pages by searching under “Hot Video” and a particular URL. Yandex, a Russian search engine, also returns numerous links to the pages as well, the researchers found. “The fake Youtube video page […]

Apple released a security update for Mac OS X that patches 13 vulnerabilities. The release fixes issues in several components, including CoreGraphics and Apple Type Services. Several of the vulnerabilities are buffer overflows that could be exploited to execute arbitrary code. According to the Apple advisory, the ATS (Apple Type Services) bug can be triggered […]

Rustock retained the top spot as the busiest spam-sending botnet on the Web this month despite the fact the number of bots under its control shrank. According to Symantec’s August 2010 MessageLabs Intelligence Report, Rustock increased its output from 32 percent of botnet spam in April to 41 percent in August. Ironically, this happened even […]

Visa has released a set of best practices for payment application vendors to help ensure security beyond the requirements of industry compliance. The document comes roughly two weeks after the PCI (Payment Card Industry) Security Standards Council outlined proposed changes to payment card industry regulations. According to Visa, which developed the guidance with the help […]

Microsoft issued an advisory Aug. 23 for application developers and customers about a security issue impacting hundreds of third-party programs. The week of Aug. 16, security researchers revealed that scores of applications running on Windows are affected by a class of vulnerabilities dubbed remote “binary planting” bugs by Acros Security. The situation, Microsoft said, is […]

A Trojan may have played a role in a 2008 plane crash in Madrid that claimed the lives of 154 people, according to a media report. The Spanair flight was headed for the Canary Islands in August 2008 when it crashed just after takeoff at Madrid-Barajas Airport. Just 18 people survived the crash. According to […]

When people think of cyber-crime, the typical image being pushed today is that of highly organized criminal operations. New research, however, suggests the underbelly of cyber-space may be less mafia-like than some think. In an effort to improve the level of understanding of today’s black hats, security researchers Fyodor Yarochkin and “The Grugq” have spent […]

IT Security Professionals Want a Bigger Payday, Says Survey by Brian Prince Salaries Remain the Same The survey found little change in salary between 2009 and 2010. The change that did occur for respondents was not good—5 percent more were making less than $100,000 in 2010 as opposed to in 2009. Feeling Underpaid More than […]