Ryan Naraine

Some of the biggest names in the anti-virus industry have flunked detection tests for known malware samples on Windows Vista Service Pack 1. Seventeen of 37 anti-malware products pitted against “in the wild” viruses on the latest version of Vista failed to obtain VB100 certification, an industry benchmark used to rate product quality, according to […]

Worried about the state of security incident response among open-source software projects, a group of computer security professionals has launched an ambitious effort to manage the coordination of vulnerability warnings and patch release information between open-source vendors large and small. The new organization, called oCERT (Open Source Computer Emergency Response Team), emerged from stealth mode […]

Microsoft plans to release eight security bulletins on April 8 to patch multiple security vulnerabilities affecting Windows, Microsoft Office and Internet Explorer users. As part of its pre-release advance notice mechanism, the Redmond, Wash., software vendor said five of the eight bulletins will be rated “critical,” Microsoft’s highest severity rating.The remaining three bulletins will be […]

Using a zero-day vulnerability in Adobe’s ubiquitous Flash Player, hacker Shane Macaulay hacked into a Windows Vista laptop to win a $5,000 cash prize at this year’s CanSecWest Pwn2Own challenge. Macaulay, who uses the “K2” hacker moniker, also won the Fujitsu U810 laptop running Windows Vista Ultimate SP1 that he hijacked with the exploit. According […]

A targeted malware attack described as “new and sophisticated” is to be blamed for the data breach at Hannaford Bros. Co. that exposed more than four million credit and debit card numbers to identity thieves, the supermarket chain said in a letter to regulators in Massachusetts.In the letter, which was sent by Hannaford general counsel […]

Using a drive-by browser exploit, security researcher Charlie Miller has hacked into Apple’s shiny new MacBook Air, winning himself the machine and a $10,000 cash prize.Miller, a well-known hacker who was among the first to break into the iPhone, hijacked the MacBook Air within minutes of the opening of this year’s CanSecWest Pwn2Own hacker challenge.According […]

A hacker picking apart the security model of Microsoft’s brand new Windows Server 2008 has found serious design weaknesses that render some of the product’s new security protections “useless.” Cesar Cerrudo, founder and Chief Executive Officer of Argeniss Information Security, in Parana, Argentina, says the weaknesses could lead to privilege escalation attacks opens the door […]

Mozilla is shipping a “critical” Firefox update to provide patches for at least 11 security vulnerabilities affecting the open-source browser.The most serious of the flaws affects the browser’s JavaScript engine and could lead to privilege escalation or arbitrary code execution attacks, Mozilla said in release notes on March 25 that accompanied the Firefox update.The new […]

Convinced that all modern Web browsers suffer from “fundamental design flaws” that expose users to nonstop hacker attacks, researchers at the University of Illinois at Urbana-Champaign are building a new browser from scratch, with security as the killer feature.The project, code-named OP (for Opus Palladianum) as a tribute to the Mosaic browser, is the brainchild […]

When Lockdown Networks announced March 18 that it would cease operations “due to overall economic trends and slower than predicted adoption of Network Access Control technology,” the decision prompted raised eyebrows among industry watchers worried that the shakeout is only now beginning. Lockdown Networks, a Seattle-based startup that banked about $15 million in venture funding, […]