Brian Prince

A new U.S. Dept. of Commerce report (PDF) on online privacy drew a mixed reaction from watchdogs Dec. 16, some of who called it a thinly veiled gift to the online advertising industry. The sweeping report, released Dec. 16, calls for a “Dynamic Privacy Framework” that would revitalize Fair Information Practice Principles (FIPPs) and establish […]

Mozilla has expanded its bug rewards program to include security vulnerabilities discovered on its Websites. “Many people are not aware that we have paid a bounty in the past on web application security vulnerabilities which impact client security,” blogged Chris Lyon, director of infrastructure security at Mozilla. “We have only paid on critical or extraordinary […]

Oracle announced the general availability of MySQL 5.5 with a number of enhancements aimed at improving performance and scalability and a focus on Windows. The company unveiled the release candidate for the open-source database in September at the Oracle OpenWorld 2010 conference in San Francisco. At the time, the company touted moves meant to bolster […]

An e-mail touched off a bit of a firestorm when a former government contractor alleged the FBI put backdoors and side-channel key leak mechanisms in the OpenBSD Cryptographic Framework some 10 years ago. The e-mail, which was posted online here by OpenBSD founder Theo de Raadt, came from Gregory Perry, who is now CEO of […]

The FBI is looking into the recent hack of Gawker Media that exposed password information and e-mail addresses belonging to users, according to reports. A group known as “Gnosis” has taken credit for the attack, and put the data it swiped into a file that was initially available via The Pirate Bay. Rumors of the […]

Symantec is adding new machine learning technology to its data loss prevention (DLP) product to ease efforts to classify sensitive data and define policies. The feature, called Vector Machine Learning, will be included in Symantec Data Loss Prevention 11 when it becomes available during the first half of 2011. The technology, the company explained, aims […]

A new NSS Labs report puts Internet Explorer way ahead of rival browsers from Google, Apple, Mozilla and Opera in the fight against malware. The report, which was commissioned by Microsoft, is the fourth analysis by NSS Labs aimed at testing the ability of Web browsers to block “socially engineered malware” attacks. The findings are […]

Microsoft bid farewell to 2010 Patch Tuesday updates with 17 security bulletins and 40 security fixes, among them a patch for an Internet Explorer vulnerability first disclosed in November. Two of the 17 bulletins are rated “Critical”-the IE bulletin and another that covers three vulnerabilities in Windows’ OpenType Font driver-while 14 are rated “Important” and […]

“Operation Payback” is taking a new twist, as attackers have begun a new fax-based campaign against some of the companies that cut ties with WikiLeaks. Hacktivists with “Anonymous” are encouraging members to send faxes to Amazon, MasterCard, PayPal, Visa, Tableau Software and Moneybookers in a bid to launch a fax-based version of denial-of-service, according to […]

Gawker Media’s servers were hit by hackers during the weekend, exposing the e-mail addresses and passwords of registered users of their Websites and apparently leading to a spam campaign launched on Twitter. A group called “Gnosis” has taken credit for the attack and put the compromised data in a 500MB file. Inside is information on […]