Ryan Naraine

In this video, courtesy of Kaspersky's Lab Matters, Ryan Naraine talks with  David Lenoe, Head of the Product Security Incident Response Team, Adobe, about that company's process for responding to security vulnerabilities in its products.  Read more »

Adobe will join Microsoft on the security patch treadmill next Tuesday (February 8, 2011) with “critical” updates for code execution holes in its flagship Adobe Reader and Adobe Acrobat products.

 Read more »

As part of this month’s Patch Tuesday schedule, Microsoft plans to ship a dozen bulletins with fixes for 22 vulnerabilities, some serious enough to allow hackers complete access to a vulnerable Windows machine.

According to Microsoft’s advance notice, three of the 12 bulletins will carry be rated “critical,” the company’s highest severity rating. Read more »

Facing a wave of criticism for not offering a secured browsing option, Facebook has finally added a new feature to browse the popular social network on a secure connection (https). Read more »

A fast-moving Twitter worm is in circulation, using Google's goo.gl redirection service to push unsuspecting users to a notorious scareware (fake anti-virus) malware campaign.

At 8:45 a.m EST today, this Twitter search shows thousands of Twitter messages continuing to spread the worm. Read more »

Microsoft is planning another massive Patch Tuesday this month: 17 bulletins with fixes for 40 security vulnerabilities.

The December batch of patches will cover security holes in Microsoft Windows, Office, Internet Explorer, SharePoint and Exchange, according to an advance notice posted Thursday.

Google has shipped a new version of its Chrome web browser to fix at least 14 security vulnerabilities that expose users to malicious hacker attacks.

The Chrome 8.0.552.215 update also include a new built-in PDF viewer that is secured in Chrome’s sandbox, according to a brief note posted by Google’s Jason Kersey. Read more »

A security researcher has released an exploit for an unpatched security vulnerability in Adobe’s Shockwave Player, warning that the flaw could be targeted to launch drive-by malware download attacks.

The open-source Linux operating system contains a serious security flaw that can be exploited to gain superuser rights on a target system.

The vulnerability, in the Linux implementation of the Reliable Datagram Sockets (RDS) protocol, affects unpatched versions of the Linux kernel, starting from 2.6.30, where the RDS protocol was first included.

Mozilla has released Firefox 3.6.11 with patches for a dozen security holes, some serious enough to launch attacks if a user simply surfs to a booby-trapped website. Read more »