Donald Sears

People still running the now-retired Windows XP Service Pack 2 (SP2) can
trick the operating system into installing security updates, finds a
researcher. Read the full article. [Computerworld]

The Foxit document reader has been updated to fix the same critical bug
that currently leaves iPhones, iPads, and iPod touches wide open to
malware attacks. Read the full article. [The Register]

Security expert Georgi Guninski has pointed out a security issue in the 1.0 branch of OpenSSL that potentially allows SSL servers to compromise clients. Read the full article. [The H Security]

One of the best-selling exploit packs on the market today is called Crimepack. Here is a closer look at the “exploit stats”
sections of a few working Crimepack installations to get a better sense
of which software vulnerabilities are most productive for Crimepack
customers. Read the full article. [Krebs on Security]

Significant weaknesses in the common
configuration of Kerberos-based authentication servers could allow
attackers to more easily circumvent security measures in networks that
rely on the open authentication standard, according to research
presented at Black Hat. Read the full article. [Dark Reading]

Federal prosecutors say they have have extradited one of the leaders of
an international crime ring accused of hacking in to bank card processor
RBS WorldPay and stealing more than $9.4m in a 12-hour period. Read the full article. [The Register]

Taking a page from rival Google’s playbook, Mozilla plans to introduce silent, behind-the-scenes security updating to Firefox 4. Read the full article. [Computerworld]