Brian Prince

Microsoft is planning to release 14 security bulletins Aug. 10 for Patch Tuesday-the company’s highest total ever. The bulletins will cover 34 vulnerabilities across multiple products, including Windows, Internet Explorer, Silverlight and Microsoft Office. Eight of the bulletins are rated critical, while the six remaining bulletins are rated important. “For those who keep track of […]

Adobe Systems is planning to issue an out-of-band security update later this month to plug multiple security holes, including one discussed last week at the Black Hat security conference. The update will cover critical bugs affecting Adobe Reader and Acrobat. Among them will be a flaw mentioned at Black Hat by Charles Miller, principal security […]

Starting a career in cyber-crime operation is simple, but just how do attackers go about building a botnet into a multimillion dollar business? During the Black Hat security conference in Las Vegas last week, Damballa Vice President of Research Gunter Ollmann gave attendees a behind-the-scenes view of how easily botnets can be built, and how […]

Facebook is extending its privacy controls to its mobile users. The company announced today that all of its privacy settings will now be available to users on any browser-based mobile device. “As of today, you can use these controls no matter where you are, what kind of device you have access to, or when you […]

Researchers at Trusteer have uncovered a large botnet of 100,000 computers built using a variant of the Zeus malware. Almost all of the infected bots are in the United Kingdom, according to Trusteer. After infecting the computers with Zeus 2, the botnet pilfered all kinds of user data, ranging from log-in information for banks to […]

St. Bernard Software has acquired Red Condor for its managed e-mail security business. The buy is meant to help expand St. Bernard’s focus, which has traditionally been on serving small and midsize enterprises with appliances, software and hosted solutions. The acquisition was made for an undisclosed sum, and is meant to combine Red Condor’s e-mail […]

HP announced changes today to the disclosure policy for its TippingPoint Zero Day Initiative (ZDI). Henceforth, the company will publish vulnerability advisories no later than six months after flaws are detected and submitted to the program. According to HP, the idea is to make sure vendors fix vulnerable software quickly to reduce the risk of […]

A new jailbreak for the Apple iPhone has provided another example of remote exploits on mobile devices, security researchers say. According to security researchers, the JailbreakMe 2.0 exploit takes advantage of two distinct vulnerabilities to free devices running Apple’s iOS. Now officially legalized, jailbreaking allows users to run unauthorized third-party applications on a mobile device. […]

Two critical security bugs have been uncovered in the VxWorks operating system powering products from Apple, Nokia and numerous other vendors. VxWorks is developed by Wind River Systems, now owned by Intel. Designed for use in embedded systems, VxWorks is a real-time operating system used to power a wide range of devices, including printers, fibre-channel […]

Microsoft is releasing an out-of-band patch for a Windows security vulnerability that attackers have been targeting for the past few weeks. The bug-a vulnerability in the Windows shell component that attackers have been exploiting via malicious .LNK files-has increasingly become the target of exploits. In light of the attacks, Microsoft announced it is planning to […]