Adobe pushed out an update to its Reader and Acrobat packages on Monday to close a pair of critical flaws in the popular packages.

Malware authors have created a strain of scareware packages that lifts the name of an infected user from the registry of an infected PC in order to create more convincing scams.

Microsoft is claiming big successes in its efforts to to rescue gamers from malware.

Developers have patched five vulnerabilities in the open-source programming language Ruby that could provide a trivial way for attackers to exploit a variety of web applications.

User beware. Today's web browsers offer more security protections than ever, but according to security experts, they do little to protect people surfing the net from some the web's oldest and most crippling threats.

Like nuclear stockpiles during the Cold War, new safety features amassed in Firefox, Internet Explorer and Opera are part of an arms-race mentality that leaves online criminal gangs plenty of room to launch attacks. What's more, the new protections often take years to be implemented and months to circumvent. Meanwhile, shortcomings that have bedeviled all browsers since the advent of the World Wide Web go unaddressed.

A rare Mac OS X Trojan has been spotted on the internet. The AppleScript-THT Trojan horse exploits a vulnerability within the Apple Remote Desktop Agent to load itself with root privileges onto compromised Mac machines.

NASA's Phoenix Mars lander has spotted the sublimation of probable water ice in a trench excavated by its robotic arm by comparing two photos taken on the 21st and 25th days of the mission, aka Sols 20 and 24 (15 and 19 June):

Researchers of Radboud University in Nijmegen in the Netherlands managed to crack and clone London's Oyster travel card. They were able to take free rides on the Underground and even perpetrated a DDoS attack on a Tube gate.

Interview Trend Micro’s CEO threw down the gauntlet to her competitors last week, proclaiming that hackers are ahead of the game and that the anti-virus industry “sucks”.

OSSEC, the open source host-based intrusion detection project, has been snapped up by Third Brigade, a commercial firm in the same information security sub-market. Terms of the deal, announced on Tuesday, were undisclosed.

Microsoft has pushed out a revised version of a security update issued earlier this month after realising its first attempt at cracking a Bluetooth security bug failed to do the business.

Yes, AVG's LinkScanner is spewing fake traffic across the internet, messing with the log files and bandwidth budgets of web sites large and small. But there's one thing it doesn't mess with: search engine paid clicks.

Supected botnet operators are using false reports that a fictitious earthquake near Beijing could disrupt the Olympic games to spread malware.

Updated A pair of US teens are looking at an extended spell behind bars over accusations they hacked into school computers to change their grades.

A firm of stockbrokers has been fined for failing to adequately protect its customers from the risk of identity fraud. The Financial Services Authority (FSA) said its mistakes included failing to manage the risks introduced by staff using instant messaging and web-based email.

Firefox 3 is only hours old but flaw finders have already located bugs in the browser bairn.

Photobucket, the popular photo sharing website, became the target of a DNS hack on Tuesday.

Miscreants have created a point-and-click toolkit designed to make it easier to both create and distribute Trojans.

Security appliance firm Fortinet is pushing into the database security market via the acquisition of technology from IPLocks. Fortinet has licensed IPLocks’ database monitoring and auditing tools as well as acquiring its vulnerability assessment tool, source code and related assets.

An Aussie risk advisory services manager has issued a chilling security alert concerning the Jura F90 net-connected coffee machine, warning caffeine-heads that the hi-tech brewing device could open their Windows PC to exploitation by internet paedophiles and al-Qaeda*, CNET reports.

Self-styled former spam king Scott Richter has been ordered to pay MySpace $6m over allegations he blitzed users of the social networking website with junk mail messages sent from hijacked accounts.

Japanese researchers have put another dent in Quantum cryptograpy's reputation as the final word in secure communications.

An IT manager who sought revenge for an unfavorable job evaluation was sentenced to more than five years in federal prison after being convicted of intentionally triggering a massive data collapse on his former employer's computer network.

Exclusive Early last month, webmasters here at The Reg noticed an unexpected spike in our site traffic. Suddenly, we had far more readers than ever before, and they were reading at a record clip. Visits actually doubled on certain landing pages, and more than a few ho-hum stories attracted an audience worthy of a Pulitzer Prize winner. Or so it seemed.

As it turns out, much of this traffic was driven by the new malware scanner from AVG Technologies.

Updated A cryptographic expert has questioned the practicality of a code breaking initiative geared to cracking the key used in the dangerous Gpcode-AK ransomware virus.

The Federal Trade Commission told a US Senate committee it could bring new vigor to the fight against spyware by making spyware purveyors pay civil penalties.

Security researchers have identified cross-site scripting (XSS) issues on the websites of three IT security heavyweights. Coding flaws on the websites of McAfee, Symantec and VeriSign create a possible mechanism for hackers to launch phishing or malware attacks, according to security watchdog XSSed.

Gasoline refineries, manufacturing plants and other industrial facilities that rely on computerized control systems could be vulnerable to a security flaw in a popular piece of software that in some cases allows attackers to remotely take control of critical operations and equipment.

The vast majority of information security breaches might have easily been prevented, a study has concluded.

Illegal pharmaceutical supply chain outfits have become the main customers of botnet farmers. Spam-pushing botnets, such as that established by the Storm worm, are raking it in advertising dodgy drug websites, according to a study by security appliance firm IronPort.

A US-based hacker has been sentenced to 41 months in jail for breaking into corporate computers in Europe and making them part of a money-generating botnet.

It never rains but it pours. Alongside a slew of Microsoft and Apple updates issued on Tuesday hard-pressed users and security admins also need to apply an important security fix from OpenOffice.

Credit card conmen have developed a technique for making fraudulent purchases in the UK appear more legitimate.

Update Cotton Traders has become the latest firm to spill sensitive customer account details.

Belgacom, the largest Belgian ISP, admitted today that 2,000 of its ADSL accounts were compromised earlier this year.

A 21-year-old American has admitted to using a potent botarmy to wage a relentless campaign of destruction on two volunteer websites as part of a scheme to punish the operators for behavior he thought was unfair.