We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
Rapid action saw Mozilla issue a fix for the flaw exploited on the Nobel Peace Prize website within 48 hours of its discovery. After a week, Adobe has rolled out a patch for Shockwave.
Nearly seven weeks after the arrival of Chrome 6 on its second birthday, Google has released version 7 of Chrome into the web browser's stable channel. The update includes hundreds of bug fixes, an updated HTML5 parser, support for directory upload and an HTML5 File API, which allows for web-based content to read files stored locally on a user's system.
When Rapid7 bought the Metasploit Project exactly one year ago this week, there were rumblings of concern that the open-source penetration testing tool would lose its identity and go all commercial.
Google has rolled out a service that alerts administrators when the sites on their networks contain links used in phishing attacks.
"Joomla is already scaling to some of the world
Plugged security holes and stability fixes come to fans of the Opera browser as its Norwegian publisher released version 10.63 on Tuesday.
Some two thirds of popular Apple iPhone applications transmit users' UDIDs, leading to potential security concerns, a new study has warned.
The Spamhaus Project has debuted a new whitelisting service that is designed to be the inverse of the way that most approved-sender lists work. The Spamhaus Whitelist will exclude by default any IP address or domain that sends marketing or soliciting mail at all and will require domain owners to have an inviation in order to join the whitelist.
One day after it released updates for its Firefox web browser, the Mozilla Project has issued versions 3.1.4 and 3.0.8 of Thunderbird, the latest stable and legacy branch updates of its popular open source email client. According to the developers, the latest maintenance updates improve the applications overall stability and address several user experience concerns found in the previous stable branch release.
Commercial operating system maker Novell is close to selling itself off after breaking it into two bits, according to the is New York Post.
Google is updating its stable version of the Chrome browser for Linux, Mac, and Windows, fixing at least nine security vulnerabilities. Only one of the vulnerabilities in Chrome 6.0.472.59 is rated by Google as being "critical" -- the highest threat level Google assigns to vulnerabilities -- although six of the fixes carry a "high" rating, the next-most severe level.
Mozilla, which launched the latest beta of Firefox 4 last week, has started to drop features from the still-under-construction browser.
Mozilla on Tuesday patched 15 vulnerabilities in Firefox, 11 of them labeled critical. One of yesterday's patches addressed a problem found in scores of Windows applications, making Firefox one of the first browsers to be patched against the DLL load hijacking bug that went public three weeks ago.
The race to accelerate browser features continues as Mozilla developers race towards the finish line to get the finished version of the Firefox 4 Web browser out the door.
Mozilla released two new versions of its browser on Tuesday, Firefox 3.6.9 and Firefox 3.5.12, to close 10 critical security vulnerabilities in each and to help Web site operators block a risk called clickjacking. Firefox 3.6.9 is also available from CNET Download.com for Windows, Mac, and Linux
Firefox 3.6.9 now supports the X-FRAME-OPTIONS header, which enables web servers to forbid clients from opening downloaded pages in iframes. Clickjacking involves an attacker website inserting a transparent iframe containing, for example, Facebook content under the cursor. Users think they are clicking on the visible web page, but are in fact clicking on elements in the transparent Facebook iframe.
Secunia has updated its Personal Software Inspector (PSI) with the ability to silently download and apply patches from multiple vendors soon after their release. PSI 2.0 is now available in an open beta test,
Google on Monday said that a recent report claiming it failed to patch one-third of the serious bugs in its software had the facts wrong. IBM's X-Force security unit, which released the report last week, acknowledged the error and issued a revised chart that shows Google patched all the vulnerabilities rated "critical" or "high" in its online services.
Ksplice, the technology that allows Linux kernel updates without a reboot, is now free for users of the Fedora distribution. Using Ksplice is like
Back in 2001 Microsoft CEO Steve Ballmer called Linux a
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
