-
Microsoft to fix 23 vulnerabilities in May 2012 Patch Tuesday
Microsoft said it plans to address flaws in Windows, Office, Silverlight and the .NET Framework.News | 03 May 2012
-
Java, HTML exploits via Black Hole toolkit dominate attacks, Microsoft says
The Black Hole Exploit toolkit is behind the bulk of the HTML and Java exploits, according to version 12 of the Microsoft Security Intelligence Report.News | 25 Apr 2012
-
Google Vulnerability Reward Program increases, Microsoft unfazed
Google increased the reward for a code execution bug to $20,000. Microsoft remains against a bug bounty.News | 24 Apr 2012
-
HP study finds widespread custom Web application flaws
A review of hundreds of unique custom Web applications found more than half are vulnerable to cross-site scripting and more than 86% contain injection flaws.News | 18 Apr 2012
-
HP warns of malware in HP ProCurve switches' flash cards
HP has notified customers that some ProCurve 5400 zl switches were shipped that contained compact flash cards infected with malware.News | 16 Apr 2012
-
Dangerous Samba vulnerability affects all Linux systems
The commonly used tool contains an error that can be executed remotely by attackers, giving them root access to a system. Proof-of-concept code is available, experts warn.News | 11 Apr 2012
-
April 2012 Patch Tuesday: Microsoft to issue six bulletins, four critical
Microsoft’s six bulletins include critical server repairs, Internet Explorer updates and a critical update of its .NET Framework.News | 05 Apr 2012
-
Cisco IOS gets fixes for 12 DoS bugs
Cisco releases 9 advisories to address 13 vulnerabilities on March patch day as part of its bi-annual IOS patching exercise.News | 02 Apr 2012
-
Likely Visa, MasterCard security breach linked to third-party processor
The credit card giants tell banks that a third-party payment processor may have been breached, causing the loss of tens of thousands of card numbers.News | 30 Mar 2012
-
Adobe Flash Player patch fixes critical holes, releases silent automatic updater
Adobe released a bulletin addressing critical flaws in Flash Player and rolled out a silent automatic update feature in Flash 11.2News | 29 Mar 2012
- VIEW MORE ON : Viruses, worms, spyware, and other malware
-
Maltego tutorial - Part 1: Information gathering
Maltego is a powerful OSINT information gathering tool. Our Maltego tutorial teaches you how to use Maltego for personal reconnaissance of a target.Tip
-
Airtel’s DLP technology rollout makes data egress a thing of the past
Airtel’s DLP technology implementation, India’s largest, went live in December 2010. Join us in exploring its inner workings, even as it is poised for bigger things.Feature
-
Information systems audits must evolve to become information audits
We have some way to go before information systems audits evolve to borderless information audits, covering the entire lifecycle of all types of information.Tip
-
Spear phishing attacks likely key in U.S. Chamber of Commerce breach, experts say
Spear phishing attacks via China were likely what led to the lengthy U.S. Chamber of Commerce breach, experts say.News | 21 Dec 2011
-
crimeware kit (attack kit)
A crimeware kit, also called an infection, exploit or DIY attack kit, is a programming tool that allows someone who does not have any experience writing software code to create, customize and distribute malware. Definition
-
Massive Epsilon email breach could lead to email attacks, spam
At least 50 banks, retailers and other firms are affected by a major email breach at a Texas-based data management firm that provided marketing email services.News | 06 Apr 2011
-
A social networking policy template for information awareness training
Regardless of whether your organisation allows social networking, you must have a policy to address inappropriate employee postings. Expert Michael Cobb lays out a checklist of what you should be sure to include in your policy and employee training.Tip
-
IBM predicts rising mobile threats, critical infrastructure attacks in 2011
Big Blue anticipates organizations struggling to manage smartphone security and predicts that critical infrastructure will be among the top targets of cybercriminals in 2011.News | 04 Jan 2011
-
PDF distiller exploit lets hackers attack BlackBerry smartphones
Attackers can exploit PDF distiller for BlackBerry Attachment Service and execute malicious code. RIM issues security update.Security Alert | 17 Dec 2010
-
Phishing attack on Facebook leverages iframes
Popular social networking site, Facebook being used for phishing attacks and open redirects, claims Websense Security Labs.News | 01 Dec 2010
- VIEW MORE ON : Email and instant messaging threat defenses
-
Burp Suite Tutorial PDF compendium: WebApp tester’s ready reference
Our Burp Suite tutorial PDF compendium is a collection of our Burp Suite guides in PDF format made available to you for free offline reference.Tutorial
-
Exploit development tutorial - Part Deux
In our exploit development tutorial’s second part, we examine how you can write exploits in PERL. Then we see how to port exploits by scripting in Ruby.Tutorial
-
Sandboxing for secure app development: Adobe Reader’s ‘protected mode’
As sandboxing emerges as an answer to legacy codebases with multiple vulnerabilities, we dissect Adobe Reader X’s sandbox to understand how sandboxing works.Tutorial
-
Dangerous Microsoft RDP vulnerabilities repaired in Patch Tuesday
Vulnerability experts call the Microsoft Remote Desktop Protocol flaws dangerous and say they should be quickly addressed by patching admins.News | 13 Mar 2012
-
Research into cryptographic system limitations crucial, RSA panel says
Researchers testing some of the most relied upon cryptographic algorithms are making progress in breaking them, according to experts on the 2012 RSA Conference Cryptographer’s Panel.News | 28 Feb 2012
-
CrowdStrike to make RSA 2012 debut with Android attack via Webkit
Firm led by well-known security experts George Kurtz and Dmitri Alperovitch will focus on defending against targeted attacks.News | 25 Feb 2012
-
RSA 2012 talk to offer help understanding IPv6 security issues
Understanding IPv6 security issues can be a challenge, but the protocol's co-inventor says enterprises can no longer afford to ignore IPv6 security concerns.News | 22 Feb 2012
-
Mobile security, BYOD policy issues to trend at RSA 2012, analysts say
BYOD policy issues are a big concern for enterprises grappling to secure employee smartphones and tablets, say analysts previewing RSA 2012.News | 21 Feb 2012
-
Snapshots from nullcon Tritiya Day 2
A quick look at what happened during nullcon 2012.Photo Feature
-
Security startups to unveil new security technology at RSA 2012
One firm will leave RSA 2012 with the “Most Innovative” title, but industry experts say they all contribute in bringing the security industry up to par with sophisticated malware and hacking techniques.News | 16 Feb 2012
- VIEW MORE ON : Application and Web threat defenses
-
CEH certification gains credence in IT security domain
CEH certification is much sought after in the IT security domain today. Here’s how you can obtain CEH certification and why you should attempt do so.Feature
-
Maltego tutorial - Part 1: Information gathering
Maltego is a powerful OSINT information gathering tool. Our Maltego tutorial teaches you how to use Maltego for personal reconnaissance of a target.Tip
-
Burp Suite Tutorial PDF compendium: WebApp tester’s ready reference
Our Burp Suite tutorial PDF compendium is a collection of our Burp Suite guides in PDF format made available to you for free offline reference.Tutorial
-
Microsoft fixes code targeted by Duqu in May 2012 Patch Tuesday
Experts suggest patience when dealing with this month’s round of Microsoft updates.News | 08 May 2012
-
Adobe pushes patch for actively exploited Flash Player vulnerability
Adobe is addressing a zero-day flaw in Flash Player being used by cybercriminals in email attacks targeting Internet Explorer users.News | 04 May 2012
-
Microsoft program breach led to early RDP vulnerability exploit
Microsoft said a member of its confidential Active Protections Program leaked information that prompted an exploit targeting a flaw patched in March.News | 03 May 2012
-
Microsoft to fix 23 vulnerabilities in May 2012 Patch Tuesday
Microsoft said it plans to address flaws in Windows, Office, Silverlight and the .NET Framework.News | 03 May 2012
-
11 security audit essentials
IT security audit tools automate the IT security audit process, making it more efficient and effective. Here are 11 must-have IT security audit tools.Photo Story
-
GlobalPayments breach update explains scope of lapse
The payment processor breach is believed to be under 1.5 million credit cards, but the company indicated on Tuesday that banks are issuing a “wide net to protect customersNews | 02 May 2012
-
Java, HTML exploits via Black Hole toolkit dominate attacks, Microsoft says
The Black Hole Exploit toolkit is behind the bulk of the HTML and Java exploits, according to version 12 of the Microsoft Security Intelligence Report.News | 25 Apr 2012
- VIEW MORE ON : Hacking countermeasures