Brian Prince

Danish security company Secunia revealed July 1 that many popular third-party Windows applications are not taking advantage of two built-in Windows security measures that could help defend against code execution attacks. According to Secunia, applications such as Sun Java JRE, Apple QuickTime and RealPlayer are not making use of Microsoft’s DEP (Data Execution Prevention) and […]

A security researcher has found a way to circumvent Adobe Systems’ effort to address the /Launch action issue that made headlines a few months ago. In the recent update for Adobe Acrobat and Reader, the company sought to thwart any attempts to use a PDF reader’s “launch” command to run embedded executables. However, BKIS Senior […]

Microsoft reported June 30 that more than “10,000 distinct computers” have been attacked at least once using the Windows vulnerability uncovered in June by Google engineer Tavis Ormandy. The flaw, which lies in the Windows Help and Support Center function and affects Windows XP and Windows Server 2003, has been increasingly under attack by cyber-criminals […]

A report of a security flaw in Microsoft Office 2010 has been greeted with criticism by Microsoft because researchers chose not to notify the company of their findings. Researchers at Vupen Security said they discovered a memory corruption flaw that could be used by an attacker to execute code. The company June 22 said it […]

IBM has agreed to buy systems management vendor BigFix for an undisclosed sum. The move brings BigFix’s IT management technology into IBM’s fold, bolstering its configuration and compliance management capabilities and building on an existing partnership between the two companies. According to Al Zollar, general manager of IBM Tivoli Software, BigFix’s platform automates and simplifies […]

Facebook has launched more changes intended to improve privacy, this time focusing on tightening controls determining how applications collect and share data. “The majority of people on Facebook actively interact with applications and Facebook-integrated Websites every month,” Facebook CTO Bret Taylor wrote on the company’s blog. “In order for these applications and Websites to provide […]

Facebook offered users a glimpse at its anti-spam arsenal recently in an effort to be more transparent. With billions of pieces of content being shared on Facebook every month and spammers relentlessly targeting users, fighting spam isn’t easy, blogged Caroline Ghiossi, an associate on Facebook’s user operations team. The site relies in part on its […]

A company is launching video CAPTCHA technology designed to make spammers’ lives more difficult. NuCaptcha is offering a fresh approach to blogs and other Websites trying to verify that information is being entered by humans, not computers. The platform uses video technology and animation to make CAPTCHAs easier for humans to solve, yet harder for […]

Adobe Systems on June 29 plugged 17 critical security holes affecting Adobe Reader and Acrobat. Among the fixes is a patch for a zero-day vulnerability that impacted not only Reader and Acrobat, but versions of Adobe Flash Player as well, on multiple operating systems. Earlier in June, attackers were seen using the bug to plant […]

Identity management projects are on the menu for many businesses, and like all IT projects, planning is key. Among the most commonly cited challenges is correctly-sizing the project and not biting off more than you can chew, experts told eWEEK. To avoid that, step one involves doing a little homework. “To prepare for identity management, […]