Ryan Naraine

With the threat from kernel-mode rootkits on the rise, Microsoft plans to make a significant policy change to block uncertified drivers from loading on x64 versions of Windows Vista. Starting with Windows Vista and Windows Server (Longhorn), kernel-mode software must have a digital signature to load on x64-based computer systems. The decision to block unsigned […]

Security vendor Sunbelt Software has snapped up anti-spyware expert Eric Howes to head up its team of malware researchers. /zimages/6/28571.gifClick here to read about how Sunbelt researchers discovered an ID theft ring. Howes, well-known in security circles for his forensic work on spyware and its malicious mechanisms, has been named director of malware research and […]

A high-profile consumer advocacy group has asked the FTC (Federal Trade Commission) to pull the plug on the “illegal and deceptive practices” used by adware vendor 180Solutions Inc. to install unwanted software on millions of computers. A complaint from the nonprofit CDT (Center for Democracy & Technology) accused 180Solutions of using a complicated web of […]

A new version of the popular Skype VOIP application has been released to correct a bug that caused Skype to be misread as a potential security threat. The Skype 2.0.0.73 for Windows update fixes a flaw that triggered a DEP (Data Execution Protection) warning on systems running Windows XP SP2 with DEP-enabled Intel or AMD […]

Anti-virus vendors have detected a new batch of Trojans spreading on Symbian Ltd. smart-phone devices. According to definitions from Symantec Corp., the latest malware samples are capable of seriously disrupting the operations on Bluetooth-enabled Symbian devices. The Symbian operating system powers some cell phone models manufactured by Nokia, Siemens AG, Sony Ericsson Mobile Communications AB, […]

Finnish anti-virus specialist F-Secure Corp. has pushed out patches for multiple code execution vulnerabilities in its security software suite, prompting a new round of warnings that flaws in security products present a lucrative target for malicious hackers. The updates from F-Secure, rated “highly critical” because the vulnerabilities put users at risk of security bypass and […]

A vendor-neutral push to find an unambiguous way to describe rootkits has received backing from anti-virus specialist Symantec Corp., but security experts are suspicious of the plan, warning that strict definitions only serve to legitimize the use of a dangerous piece of technology. The issue has taken center stage after Symantec admitted to using a […]

Oracle Corp. has released a “moderately critical” batch of patches to plug a total of 82 security vulnerabilities in several database and server products. As part of its quarterly critical patch update release cycle, the Redwood City, Calif.-based vendor shipped fixes to ptach holes that could put customers at risk of data manipulation, system exposure […]

Exploit code for a buffer overflow vulnerability in Symantec Corp.s Veritas NetBackup product has been published online, putting enterprise customers at risk of system takeover attacks. The security vendor updated a months-old advisory this week to warn of the public release of the exploit and urged NetBackup users to immediately deploy the available patches. The […]

A critical security flaw in America Online Inc.s “Youve Got Pictures” service could put millions of users at risk of PC takeover attacks, according to a warning from the US-CERT (U.S. Computer Emergency Readiness Team). In an advisory, US-CERT described the flaw as a buffer overflow in an AOL YPG Picture Finder Tool ActiveX control […]