Ryan Naraine

Exactly five years after the Slammer worm wreaked havoc on the Internet, database security guru David Litchfield has come up with an idea that might help pinpoint the author of the worm code. Litchfield (right), who was credited with discovering the MS02-039 vulnerability that was exploited by Slammer, says there are already clues in the […]

A new version of the open-source Mozilla Thunderbird mail client has been released to fix at least six security vulnerabilities that could expose users to PC takeover attacks.The most serious of the six vulnerabilities, a “critical” heap buffer overflow in external MIME bodies, could allow an attacker to execute arbitrary code with the privileges of […]

The U.S. Computer Emergency Readiness Team has raised an alert for an in-the-wild malware attack against Microsoft Windows CE powered mobile devices.According to the US-CERT warning, the Trojan horse program is capable of disabling Windows Mobile application installation security.The Trojan, dubbed WinCE/InfoJack by anti-virus vendor McAfee, has been programmed to hijack the infected device’s serial […]

One of the most hated things on Apple’s new MacBook Air laptops-the fact that it’s impossible to upgrade the laptop’s RAM-could accidentally turn out to be quite a useful security feature. In fact, according to Ivan Krstic, director of security architecture at OLPC (One Laptop per Child), the sleek new MacBook Air is one firmware […]

Organizers of the annual CanSecWest security conference have expanded the PWN 2 OWN hacking contest to pit fully patched laptops running Mac OS X, Windows Vista and Ubuntu against some of the world’s smartest hackers.Last year, the contest was aimed specifically at two MacBook Pro machines and was won by Dino Dai Zovi, a New […]

After a short stay of execution, America Online has finally pulled the plug on Netscape with an update notice encouraging users to migrate immediately to either Firefox or Flock. On the screen, Flock is listed ahead of Netscape and there’s even a nudge on the Netscape blog recommending the social media browser (which is based […]

WASHINGTON – Personally identifiable information baked into the magnetic strip on your credit card can be easily hijacked by hackers using lightweight tools, according to a warning from RFID security guru Adam Laurie.At the Black Hat DC briefings here, Laurie announced the release of CHaP.py, a test program created to read chip and PIN credit […]

Cult of the Dead Cow, or cDc, an old-school hacking crew famous for its anti-censorship stance, has shipped a new tool that turns the Google search engine into an easy-to-use vulnerability scanner.Taking its cue from Johnny Long’s Google Dorks-search queries that reveal sensitive information-cDc’s new Goolag Scan pushes the envelope even more, offering a stand-alone […]

Four of the most widely used disk encryption technologies-Windows Vista’s BitLocker, Apple’s FileVault, TrueCrypt and dm-crypt-have been rendered useless by a new attack class, according to a research paper released Feb. 21.The issue is described as a design limitation that could allow practical attacks against laptops in “sleep” or “hibernation” mode.Although a successful attack requires […]

The Google-backed StopBadware.org group has explained the thinking behind its decision to slap the “badware” label on two versions of RealNetworks’ RealPlayer software, insisting there are serious problems with the installation process and behavior of the products.But RealNetworks is hitting back, arguing that the claims raised by StopBadware.org doesn’t justify the company’s flagship media player […]