Stories about: CERT

The security researcher who recently discovered a heretofore unknown flaw in the Internet's core Domain Name System (DNS) protocol warned IT managers on Thursday to expect more security fixes aimed at mitigating the issue over the coming months.

A software patch released by Microsoft to plug a hole in the Domain Name System protocol was just one of nine security fixes the company issued last week. And like the others, the DNS patch got only an "important" severity rating, one step below Microsoft's top rating of "critical."

Paul Mockapetris, inventor of the Internet's Domain Name System architecture, has some advice for those in any doubt about the seriousness of a weakness in the DNS protocol that was disclosed yesterday: Patch your DNS servers right now.

A vulnerability in a Web server contributed to attacks on some 300 Web sites in Lithuania last week, according to a computer security expert.

Google has thrown its weight behind a fledgling security reporting group for the open-source community.

While CNN recently faced distributed denial-of-service attacks from Chinese hackers angry about the television network's coverage of a recent Chinese crackdown in Tibet, Chinese security officials remain worried hackers will strike while the Olympic Games are being held in Beijing.

ActiveX controls accounted for an overwhelming majority of all browser plug-in vulnerabilities in the second half of 2007, Symantec said this week in its semi-annual Web security report.

A noted ActiveX researcher Monday revealed a bug in RealNetworks' RealPlayer that could be exploited by attackers to hijack Windows machines running nternet Explorer.

Part of security software vendor CA's Web site was hacked last week and was redirecting visitors to a malicious Web site hosted in China.

Security experts are saying that a reported al-Qaeda cyber jihad attack planned against Western institutions should be treated with skepticism.

May was not a good month for geeks in Estonia.