Ryan Naraine

Opera Software on Thursday shipped an updated version of its Opera for Windows Web browser to fix a trio of potentially serious security vulnerabilities. The Norwegian company recommends that Windows users upgrade to Opera 8.0.2 to protect against malicious hacker attacks. The most serious of the three flaws is due to an error in the […]

LAS VEGAS—Phil Zimmermann, the celebrated cryptographer who created PGP (Pretty Good Privacy) for e-mail encryption, is taking a shot at securing VOIP communications. Zimmermann took the stage at the Black Hat Briefings here to show off Zfone, a prototype application that encrypts voice-over-IP calls to thwart man-in-the-middle eavesdroppers. Using the open-source, cross-platform softphone Shtoom and […]

LAS VEGAS—The decision by 3Com Corp.s TippingPoint division to pay for the rights to information on software vulnerabilities has triggered an immediate response from iDefense Inc., the company that previously held a monopoly on the flaw bounty business. Effective immediately, iDefense is doubling its pricing structure for vulnerability submissions and hiking the value of the […]

LAS VEGAS—Just when anti-virus vendors think they have a bead on the threat from stealth rootkits, along comes word that a pair of researchers have discovered a new way to hide malicious programs. Jamie Butler, director of engineering at HBGary Inc., and Sherri Sparks, a PhD student at the University of Central Florida, demonstrated the […]

LAS VEGAS—Rootkits. Zero-day exploits. Social engineering. Encryption cracking. Cryptography. File format fuzzing. Kernel exploitation. These are just some of the buzzwords making the rounds at the Black Hat USA 2005 security conference here, where some of the sharpest minds in the research community will congregate to share information on computer and Internet security threats. The […]

Microsoft Corp. is working on a patch for a potentially serious security hole in fully patched versions of Windows XP Service Pack 2. The software makers confirmation follows public disclosure of the vulnerability by a private security researcher who goes by the moniker “badpack3t.” The researcher posted an advisory describing the issue as a remote […]

3Com Corp.s announcement that its Tipping Point division would start paying for the rights to security flaw information found by private researchers has reignited an old debate: Should underground hackers benefit from breaking into software systems? Tipping Points new ZDI (Zero Day Initiative), which will take center stage at the Black Hat Briefings in Las […]

Microsoft customers interested in disabling the automatic download of Windows Server 2003 Service Pack 1 have only a few days left to install the companys temporary blocking tool. Microsoft will start delivering the service patch through Automatic Updates starting July 26, 2005, but there is a “blocker tool kit” that lets companies stop that specific […]

Microsoft has acquired a minority stake in Finjan Software, an Internet security firm with which it has had a contentious relationship. Financial terms of the transaction and the size of Microsoft Corp.s equity stake were not released. The deal was part of a non-exclusive patent licensing agreement that lets Microsoft use select Finjan Software Inc. […]

Anti-virus vendor Trend Micro on Wednesday issued a warning for a new computer worm infecting users of America Online Inc.s Instant Messenger application. The worm, identified by Trend Micro Inc. as W32/Opanki, spreads by tricking users into clicking on a file named after Apples popular iTunes music service. “This worm arrives as the file ITUNES.EXE,” […]