Help Net Security
Microsoft patches vulnerability in ASP.NET
Today Microsoft released a security update which resolves a publicly disclosed vulnerability in ASP.NET. The vulnerability could allow information disclosure. An attacker who …
U.S. leads the way in malware and firewall attacks
The US has overtaken India and Russia to become the biggest producer of viruses, according to Network Box. The U.S. is now responsible for 12.05 per cent of the world’s …
CompTIA A+ certification exam to include Windows 7 content
CompTIA will update its flagship CompTIA A+ certification exams with new content related to the Windows 7 operating system beginning in January 2011. Windows 7 content will be …
Spamhaus launches whitelist service
The Spamhaus Project has released the Spamhaus Whitelist which allows Internet mail servers to separate incoming email traffic into 3 categories: Good, Bad and Unknown, …
Fake LinkedIn spam attack
Starting on Monday, cyber criminals sent spam email messages targeting the LinkedIn social media community. Victims are emailed an alert link with a fictitious social media …
Manual SQL Injection demonstration using DVWA
Scripts are nice, but they will fail eventually. But, that doesn’t mean the flaw is not exploitable. Eventually you will need to turn to manual techniques to verify a …
As the PCI deadline looms, merchants should avoid quick fix measures
On Thursday 30 September 2010, the latest PCI DSS deadline kicks in, requiring all level one merchants (those processing more than six million transactions per year) to adhere …
USB drive identifies and extracts data, leaving no footprint
Harris Corporation introduced a highly customizable USB thumb drive that quickly extracts targeted data from computers. The device – called BlackJack – is designed …
60% of organizations suffered $2 million losses for Web 2.0 security issues
While organizations see the potential value of Web 2.0 tools, decision makers continue to debate whether or how to allow employee usage of the technology in the workplace. A …
Free malicious PDF analysis e-book
Didier Stevens, the hacker who became a synonym for malicious PDFs, released a free e-book. It’s a chapter he wrote as co-author of a malware analysis book. For more …
Week in review: Stuxnet, XSS Twitter flaw, and 2-factor authentication from Google
Here’s an overview of some of last week’s most interesting news and articles: Cybercriminals steal Interpol Chief’s identity to access info on fugitives …
Scaling intrusion prevention systems for 10G, 40G and beyond
The Internet is still growing and, as we make the transition from Intrusion Detection Systems (IDS) to Intrusion Prevention Systems (IPS) – driven in part by the fact …
Featured news
Resources
Don't miss
- Report: The State of Secrets Sprawl 2025
- APTs have been using zero-day Windows shortcut exploit for eight years (ZDI-CAN-25373)
- Moving beyond checkbox security for true resilience
- Dependency-Check: Open-source Software Composition Analysis (SCA) tool
- Protecting your iCloud data after Apple’s Advanced Data Protection removal in the UK