Select the directory option from the above "Directory" header!

Stories by Jaikumar Vijayan

  • Hackers offer subscription, support for their malware

    Like many just-launched e-commerce sites in the world, this unnamed Web site has a fairly functional, if somewhat rudimentary, home page. A list of options at top of the home page allows visitors to transact business in Russian or in English, offers an FAQ section, spells out the terms and conditions for software use and provides details on payment forms that are supported.

  • How to mitigate zero-day threats like Windows ANI

    The Windows animation bug (ANI) caused widespread concern because exploits against it became widely available before Microsoft could release a patch. But like other zero-day threats before it, there are measures companies can take to at least try to mitigate the risk from unpatched vulnerabilities, security experts said.

  • Hacker attacks getting more personal

    In the same way some e-commerce sites serve up customized content based on a user's profile, cybercriminals are increasingly using personalization techniques to more effectively attack those who visit their Web sites.

  • 'Month of Apple Bugs' turns up 10 flaws so far

    A month-long campaign by two independent security researchers to disclose security flaws in Apple's products has so far resulted in 10 vulnerabilities being publicly disclosed -- and several more on the verge of being announced. Exploit information has also been published along with proof-of-code detailing how to take advantage of the flaws, several of which were described as being remotely exploitable by the researchers.

  • Adobe calls for upgrades to mitigate vulnerability

    Adobe Systems Inc. is urging users to update to the latest versions of Adobe Reader and Acrobat to avoid being affected by a recently discovered cross-site scripting flaw in its software that allows attackers to run malicious JavaScript on a user's PC.

  • Fathi on draft API release for PatchGuard

    Microsoft Tuesday released draft application programming interfaces designed to give independent security vendors a way to get around a kernel patch protection technology in Windows Vista. Known as PatchGuard, the Vista technology has been at the center of a simmering dispute between Microsoft and several security vendors who claim that PatchGuard hampers the ability of their products to deliver key security capabilities such as host-based intrusion detection. The technology has also been part of broader antitrust concerns in the European Union that Microsoft has been forced to respond to. Ben Fathi Microsoft's vice president for the Windows core operating system, talked about the draft APIs and the company's rationale for releasing them. Excerpts from that interview follow: