Ryan Naraine

Researchers at eEye Digital Security have taken a bite out of two popular Apple Computer Inc. products, flagging two critical vulnerabilities in the iTunes and QuickTime applications. The flaws, which put millions of Windows users at risk of code execution attacks, remain unpatched. Steve Manzuik, security product manager on eEyes research team, said the newest […]

Through a series of clever acquisitions and in-house creations, Yahoo Inc. has transformed itself from a dot-com survivor into a Web 2.0 powerhouse driven by blogs, podcasts and other forms of user-generated social media. The 10-year-old company is staying true to its search engine roots, but with the aggressive embrace of new technologies—from RSS (Really […]

Microsoft Corp. on Tuesday confirmed the sudden departure of Gordon Mangione, a 14-year Redmond veteran who last served as corporate vice president in the Security Technology Unit. Mangione, who was responsible for the development and support of Microsofts aggressive push into the security space, is leaving to pursue other interests, a company spokeswoman told Ziff […]

Microsoft Corp.s Windows OneCare beta is finally ready for public consumption. The consumer-facing PC security bundle, which is being tested in a private, invite-only manner, is on the verge of being rolled out to a broader public audience. In an e-mail to beta testers, Microsoft said the Windows OneCare Live Beta will be opened to […]

Search engine darling Google Inc. has issued a patch to cover a range of potentially dangerous security flaws in the enterprise-facing Google Mini search appliance. The companys patch was issued after researchers at the Metasploit Project pinpointed several bugs that can be exploited by malicious hackers to conduct cross-site scripting, file discovery and service enumeration […]

Exploit code for a critical flaw in fully patched versions of Microsoft Corp.s Internet Explorer browser has been released on the Internet, putting millions of Web surfers at risk of computer hijack attacks. The zero-day exploit, posted by a U.K.-based group called “Computer Terrorism,” could allow a remote hacker to take complete control of a […]

Google Inc. has quietly patched a security bug in its Gmail service, but the company is downplaying the severity of the risk to its users. Google confirmed that it made “modifications” to Gmail to cover an attack vector that allowed malicious hackers to take complete control of a victims Gmail account. The companys confirmation followed […]

Researchers at eEye Digital Security have taken a bite out of two popular Apple Inc. products, flagging two critical vulnerabilities in the iTunes and QuickTime applications. The flaws, which puts millions of Windows users at risk of code execution attacks, remain unpatched. Steve Manzuik, security product manager on eEyes research team, said the newest version […]

Security researchers have traced Octobers W32/Sdbot-ADD worm attack against AOLs Instant Messenger network to a rootkit-powered botnet controlled by hackers in the Middle East. With the botnet seeded, researchers at FaceTime Security Labs say the hacker group is now using a remote IRC (Inter Relay Chat) server to distribute a new malware payload with the […]

Microsoft late Wednesday confirmed a denial-of-service flaw in its implementation of the RPC (Remote Procedure Call) protocol and warned users that a working exploit is already publicly available. Microsoft Corp. countered the public disclosure of the vulnerability with an advisory that clarify the scope of the impact and to provide pre-patch workaround for Windows users. […]