Help Net Security
Half of U.S. tax payers are unaware about identity theft risks
While consumers take steps to protect themselves against identity theft and remain concerned about the possibility of a data breach when sharing their personal information, …
Vulnerabilities surge: 8,000 recorded in 2010
IBM today released results from its annual X-Force 2010 Trend and Risk Report, highlighting that public and private organizations around the world faced increasingly …
Key security experts unfamiliar with DNSSEC
Half of IT personnel in charge of Internet security at the world’s largest organizations either haven’t heard of DNSSEC or have limited familiarity with it, …
Tips for protecting against advanced evasion techniques
By challenging the rules of traditional evasion techniques and combining multiple evasions, AETs are currently unable to be detected by existing network security systems. Ted …
Application control within virtual environments
Sourcefire announced integration between Sourcefire and VMware vShield App and vShield Edge. The integrations enable the Sourcefire Intrusion Prevention System (IPS) to …
Cisco ACS unauthorized password change vulnerability
A vulnerability exists in some Cisco Secure Access Control System (ACS) versions that could allow a remote, unauthenticated attacker to change the password of any user account …
ICSA Labs reveals electronic health record testing program
ICSA Labs unveiled a new certification program for electronic health record systems and has certified the first three products in two domains under the program. ICSA Labs …
Harvest geolocation user info with Creepy
Creepy is an application that allows you to gather geolocation related information about users from social networking platforms and image hosting services. The information is …
The need for data encryption in the cloud
Recent Microsoft research shows that almost two-fifths of companies will start paying for cloud services within three years. Cloud-using firms need to revisit their encryption …
Lifecycle model for managing unknown vulnerabilities
Codenomicon released its Unknown Vulnerability Management (UVM) Lifecycle model, a security assurance process, which focuses on unreported vulnerabilities. The UVM model helps …
Siemens FactoryLink multiple vulnerabilities
Multiple vulnerabilities in Siemens FactoryLink can be exploited by malicious people to disclose potentially sensitive information, cause a Denial of Service, and compromise a …
Qualys partners with StopBadware
Qualys is partnering with the non-profit anti-malware organization StopBadware. The two organizations will leverage one another’s strengths to bolster the Web’s …