Fahmida Y. Rashid

Microsoft quickly updated its security tools after users reported seeing warnings that Google’s home page was infected with the Blackhole exploit kit. Microsoft’s Forefront corporate security products and the consumer-focused Security Essentials anti-malware software were updated Feb. 14, shortly after the company announced nine bulletins for its scheduled Patch Tuesday release. Corporate users trying to […]

Mozilla executives are considering sending letters to certificate authorities (CAs) warning them that issuing subordinate root certificates would violate its root CA program policies. The draft letter was posted on the Mozilla.dev.security.policy group a few days after Trustwave voluntarily revoked the certificate it had issued to a customer and said it would not issue similar […]

The list of security updates IT administrators have to stay on top of this month just got a little longer as Oracle and Adobe released new patches fixing a slew of security vulnerabilities in their products. Adobe released a security update addressing seven critical vulnerabilities in its Flash Player software on Feb. 15, a day […]

The Waledac spam botnet has reawakened, and its new password-stealing capabilities make it a much more dangerous threat than the older one Microsoft shut down more than a year ago, according to Palo Alto Networks. Computers infected with the new variant of Waledac still send out spam, but the malware has added capabilities to steal […]

Cyber-criminals are increasingly relying on a web of malicious networks, or “malnets,” to launch their attacks, according to security firm Blue Coat. Instead of worrying about specific malware families or samples, security vendors should focus on identifying the common components within malicious infrastructure, said Sasi Murthy, global technology director and general manager of Blue Coat […]

Adobe is fixing several security vulnerabilities in its Shockwave Player, as well as its Robohelp authoring product, as part of the company€™s scheduled update. Adobe’s Product Security Incident Report Team closed nine critical security holes in Shockwave Player version 11.6.3.633, as well as earlier versions of the software, for both Microsoft Windows and Apple€™s Mac […]

Microsoft released nine new security bulletins fixing 21 vulnerabilities in all supported versions of Internet Explorer and the Windows operating system, Microsoft Office and .NET/Silverlight in its February Patch Tuesday release. Four of the nine bulletins were rated “critical” because the vulnerabilities could result in remote-code execution on the computer if exploited, according to Microsoft’s […]

Twitter has enabled HTTPS for all its users, which now means that traffic on the social networking site is encrypted and there is more protection against potential man-in-the-middle attacks. Less than a year after Twitter introduced the privacy-friendly option on its settings page, the microblogging site has turned on HTTPS by default for all users, […]

Chinese hackers allegedly breached telecommunications company Nortel in 2000 and these cyber-spies gained access to reams of sensitive technical documents, as well as internal communications and email, for nearly 10 years, according to a report in The Wall Street Journal. The attackers, suspected of being based in China, breached the network using stolen credentials and […]

Cryptome.org, a Website known for publishing intelligence documents and leaked files, appears to have been compromised and infected with the Blackhole exploit kit, according to documents posted on the site. Unknown attackers breached Cryptome.org on Feb. 8 and installed the Blackhole exploit kit, Cryptome reported on Feb. 12. The infection was identified by a reader […]