Ryan Naraine

Microsoft is on the verge of shipping another “critical” bulletin to cover holes in its Microsoft Office productivity suite. The worlds largest software maker plans to include the Office bulletin in a batch of three updates in this months Patch Tuesday, according to an advance notice released Sept. 7. In the first eight months of […]

Former Microsoft security strategist Window Snyder is joining Mozilla to lead the companys effort to protect its range of desktop applications from malicious hacker attacks. Snyder, who was responsible for security sign-off for Microsofts Windows XP Service Pack 2 and Windows Server 2003, will spearhead Mozillas security strategy, eWEEK has learned. The hiring of Snyder […]

Theres another Microsoft Word zero-day attack under way. Microsoft on Sept. 5 confirmed that malicious attackers are exploiting a new, undocumented flaw in Word 2000 to load back-door Trojans on Windows machines. The acknowledgment follows a warning from anti-virus vendor Symantec that the threat was detected in the wild targeting Windows 2000, Windows 95, Windows […]

Microsoft researchers are experimenting with an automatic code zapper for the companys Internet Explorer Web browser. Researchers at the Redmond, Wash., company have completed work on a prototype framework called BrowserShield that promises to allow IE to intercept and remove, on the fly, malicious code hidden on Web pages, instead showing users safe equivalents of […]

Botnet herders have reloaded and launched a new round of worm attacks against Windows users, exploiting multiple product flaws to hijack unpatched computers. In addition to the MS06-040 Windows Server Service flaw, attackers have added exploits for three other Windows worm holes as part of the latest wave of attacks, according to anti-virus experts tracking […]

A security company that pays hackers for information on software flaws and exploits plans to release a list of 29 unpatched flaws in products sold by a host of big-name vendors, including Microsoft, IBM, Apple Computer and Novell. The Aug. 28 disclosure from TippingPoints ZDI (Zero Day Initiative) flaw bounty program is a significant change […]

A security company that pays hackers for information on software exploits and flaws plans to release a list of 29 unpatched flaws in products sold by a host of big-name vendors, including Microsoft, IBM, Apple Computer and Novell. The Aug. 28 disclosure from TippingPoints ZDI (Zero Day Initiative) flaw bounty program is a significant change […]

When Joe Stewart spotted a variant of the Mocbot Trojan hijacking unpatched Windows machines for use in Internet Relay Chat-controlled botnets, he immediately went to work trying to pinpoint the motive for the attacks. Stewart, a senior security researcher with the Threat Intelligence Group for Lurhq, in Chicago, set up a way to silently spy […]

The high-powered StopBadware.org coalition has slapped a “badware” label on the free version of the AOL 9.0 software program. The group, which is funded by Google, Lenovo Group and Sun Microsystems, accused AOL of installing additional software without telling the user; adding components to the browser and taskbar without disclosure; automatically updating software without user […]

Network routing and switching giant Cisco Systems has issued an alert for a potentially serious security flaw affecting multiple firewall products, warning that the bug could cause passwords to be changed without any user interaction. The San Jose, Calif., company said unauthorized users can take advantage of the firewall bug to try to gain access […]