IBM, Hewlett-Packard (HP) and Microsoft led the list of companies that failed to patch vulnerabilities within six months of being notified by the world's biggest bug bounty program, according to HP TippingPoint's Zero-Day Initiative (ZDI).
Two newly discovered vulnerabilities in Adobe's Flash Player can be exploited to execute arbitrary code remotely, according to <a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4694">advisories</a> from the U.S. Computer Emergency Readiness Team (US-CERT) and various security research companies.
U.S. and Russian antivirus vendors took shots at each other as they quarreled over a recent report of a cyber campaign that allegedly infiltrated scores of Western governments, organizations and corporations.
Google has taken the unprecedented step of warning millions of users whose PCs it believes are infected with fake security software and other malware, the company said yesterday. But some security experts are leery of Google's move.
Scammers are distributing fake security software aimed at the Mac by taking advantage of the news that al-Qaeda leader Osama Bin Laden has been killed by U.S. forces, a security researcher said today.