Ryan Naraine

LAS VEGAS—Ben Fathi slipped into the darkened, standing-room-only conference room and took a seat on the carpeted floor. On the Black Hat stage, malware researcher Joanna Rutkowska, of COSEINC, was discussing a new technique that could plant an offensive rootkit in Windows Vista, Microsofts “most secure ever” operating system. As corporate vice president for Microsofts […]

LAS VEGAS— Michael Lynn, the security researcher who provoked a firestorm of controversy at the 2005 Black Hat conference, just wants to fly under the radar this year. Lynn, who quit his job at Atlanta-based Internet Security Systems to discuss a serious flaw in Cisco IOS (Internetwork Operating System), was spotted attending sessions and gabbing […]

LAS VEGAS—Wi-Fi-enabled computers are sitting ducks for code execution attacks because of gaping flaws in wireless drivers shipped on both Mac and Windows systems, security researchers warned at the Black Hat Briefings security conference here. A pair of hackers—David Maynor and Jon Ellch—demonstrated such a break-in on an Apple MacBook laptop fitted with a wireless […]

Microsoft plans to issue a dozen security bulletins on August 8 to cover a wide range of security vulnerabilities affecting Windows and Office users. The Redmond, Wash., software maker said that 10 of the 12 bulletins will contain patches for bugs in its flagship Windows operating system. Some of those will be rated “critical,” Microsofts […]

LAS VEGAS—The FBIs point man for Internet crime wants hackers to join the fight against international gangs of Web mobsters. Dan Larkin, unit chief of the FBIs Internet Crime Complaint Center, used the spotlight of the Black Hat security conference here to call for a new level of trust and cooperation between security researchers and […]

A code execution vulnerability in software products sold by Internet security vendor McAfee could put millions at risk of computer takeover attacks, according to a warning from eEye Digital Security. The flaw affects fully patched versions of all McAfee consumer security products, including the companys flagship McAfee Internet Security Suite 2006. eEye Chief Hacking Officer […]

An anonymous security researcher has posted a proof-of-concept exploit for a flaw patched in Microsofts “critical” MS06-035 bulletin, but the companys security response team says the issue is actually a brand-new, unpatched vulnerability. The researcher, who uses the online moniker “cocoruder,” published the attack code on the Milw0rm Web site alongside a claim that it […]

For Microsoft, the coming days of Black Hat Briefings hacker scrutiny in Las Vegas could make or break its claim that Windows Vista is the “most secure operating system ever.” The software maker will use the August 2-3 security conference to showcase a wide range of security features and functionality being fitted into the successor […]

Jesper Johansson, a high-profile security guru at Microsoft, has left the company. Johansson, who served for five years as a senior security strategist at the Redmond, Wash., software maker, will move to become principal security program manager at Amazon.com, headquartered in Seattle. A regular at security conferences and Microsoft events, Johansson served as a passionate […]

Internet security vendor Symantec has shipped patches to cover a pair of vulnerabilities in its enterprise-facing BrightMail AntiSpam product. Cupertino, Calif.-based Symantec warned in an advisory that the bugs could lead to data manipulation, denial-of-service attacks or the exposure of sensitive information. Affected products include Symantec BrightMail AntiSpam 4.x through 6.x. The company recommends that […]