Ryan Naraine

Mozilla has released a new version of the Firefox Web browser with what is described as “significant security and stability improvements.” Details on the security vulnerabilities being patched were not available April 13 when Firefox 1.5.0.2 was shipped as a high-priority update. However, a source told eWEEK that the most serious flaw could allow “remote […]

Is Microsoft silently fixing security vulnerabilities and deliberately obfuscating details about patches in its monthly security bulletins? Matthew Murphy, a security researcher who has worked closely with the MSRC (Microsoft Security Response Center) in the past, is accusing the software maker of “misleading” customers by not clearly spelling out exactly what is being patched in […]

With questions swirling about the safety and privacy of its teenage user base, MySpace.com has tapped Microsoft executive Hemanshu Nigam to be its first chief security officer. Nigam, who currently serves as director of consumer security outreach and child safe computing at Microsoft, will join MySpace.com on May 1 to oversee safety, education, privacy and […]

Microsofts dominant Internet Explorer browser has undergone a major security makeover to plug 10 vulnerabilities that puts millions at risk of PC takeover, address bar spoofing and information disclosure attacks. The monster IE update includes a fix for the “createTextRange()” code execution flaw that caused zero-day drive-by downloads and a significant modification to the way […]

Ken Dunham, you could say, spends his life peeking into the bowels of the Internet. As director of the Rapid Response Team at VeriSign-owned iDefense, of Dulles, Va., Dunham—along with his team of malware hunters—infiltrates black hat hacker forums, chat rooms and newsgroups, posing as online criminals to gather intelligence on the dramatic rise in […]

A Microsoft security official said businesses should consider investing in an automated process to wipe hard drives and reinstall operating systems as a practical way to recover from malware infestation. “In some cases, there really is no way to recover without nuking the systems from orbit,” said Mike Danseglio, program manager in the Security Solutions […]

Virus researchers at Kaspersky Lab have found proof-of-concept code for a cross-platform virus capable of infecting both Windows and Linux systems. In an alert posted to Viruslist, Kaspersky said the sample virus has been given a dual name—Virus.Linux.Bi.a/ Virus.Win32.Bi.a—and highlighted the way attackers are targeting multiple platforms in malware attacks. “The virus doesnt have any […]

Anti-spyware activist Ben Edelman has flagged a spyware-powered click-fraud scam using Yahoos Overture advertising service to fleece advertisers. Edelman, a security researcher renowned for his meticulous work exposing the dark side of the adware business, has published a detailed report that documents a complicated syndication network that ends with a spyware program faking a click […]

Microsoft Research has released a new tool to help pinpoint large-scale typo-squatters that are known to be gaming pay-per-click domain parking services. The lightweight prototype, called Strider URL Tracer, builds on the work within Microsofts Cybersecurity and Systems Management group to keep tabs on a sophisticated typo-squatting scheme that uses multilayer URL redirection to make […]

Anti-virus security specialist McAfee has wasted no time gobbling up SiteAdvisor, a 1-year-old startup that rates the Web to determine if a sites content includes spyware, spam, viruses, browser-based exploits or online scams. McAfee announced April 5 it is acquiring the tiny Boston-based company that counts respected anti-spyware activist Ben Edelman among its roster of […]