Help Net Security
Winning the browser security battle
Operation “Aurora”, the sophisticated Chinese cyber attack that hit several dozen companies in December 2009, not only compromised the intellectual property of the …
New book: “Microsoft SQL Server 2008 Administrator’s Pocket Consultant”
Microsoft SQL Server 2008 Administrator’s Pocket Consultant, 2nd Edition is a concise, immediate reference you’ll want with you at all times as you deal with SQL …
iTunes 9.2 fixes security vulnerabilities
iTunes 9.2 comes with several new features, improvements and security fixes. ColorSync A heap buffer overflow exists in the handling of images with an embedded ColorSync …
(IN)SECURE Magazine issue 26 released
(IN)SECURE Magazine is a free digital security publication discussing some of the hottest information security topics. Issue 26 has been released today. Table of contents PCI: …
Nessus now audits Cisco routers and switches
Nessus now includes the ability to perform security and policy compliance configuration audits of Cisco IOS routers and switches. The audits are based on best practices …
Farmville and Sex and the City 2 used for Facebook clickjacking
PandaLabs reported the proliferation of scams hijacking the Facebook “Like” option. The attack uses eye-catching messages related to the popular game Farmville or …
PDF malware analysis with PDF Dissector
PDF Dissector is a tool for PDF malware analysis. Use cases: Understand the structure of malicious PDF files Let PDF Dissector report known vulnerabilities in PDF files Make …
420,000 scam emails sent every hour
More than 420,000 scam emails are sent every hour in the UK according to a report by CPP which estimates that Brits were targeted by 3.7 billion phishing emails in the last 12 …
Poor passwords can lead to disaster
Passwords are valuable information and when they fall in the wrong hands, the end result can be a personal and financial disaster. Many people have established secure password …
Mac users get universal, secure network access
NCP engineering released the NCP Secure Entry Mac Client which enables efficient handling and usage whilst providing “end-to-end’ security. The software supports …
A new approach for identity-based smartcards
Entrust is extending their public key infrastructure technology to provide a multipurpose smartcard offering. The Entrust Credentialing Service is an end-to-end hosted …
Apple patches Mac OS X vulnerabilities
Apple released Security Update 2010-004 which increases the stability, compatibility, and security of your Mac. CUPS A cross-site request forgery issue exists in the CUPS web …