Help Net Security
Most security products fail to perform
Nearly 80 percent of security products fail to perform as intended when first tested and generally require two or more cycles of testing before achieving certification, …
Safe online shopping tips
Cyber Monday, one of the busiest days of the year for online shopping, is quickly approaching (Nov. 30), and a new national survey from ISACA shows employees plan to spend the …
Week in review: cyber war, SQL injection, spam evolution, Apple and Microsoft patches
Here’s an overview of some of last week’s most interesting news, interviews and articles: Cyber war is coming, the impact could be huge Admiral Mike McConnell, …
Serious Adobe Flash vulnerability
Foreground Security discovered a critical vulnerability in Adobe Flash. This vulnerability allows the same-origin policy of Adobe Flash to be exploited to allow nearly any …
WordPress 2.8.6 security release
WordPress 2.8.6 fixes two security problems that can be exploited by registered, logged in users who have posting privileges. If you have untrusted authors on your blog, …
Biggest website security weaknesses
WhiteHat Security released a report assembled from real-world website security data, is a high-level perspective on major website security issues that continue to compromise …
Spam evolution: September 2009
Spam in email traffic The amount of spam detected in email traffic averaged 86.3% in September 2009. A low of 83.3% was recorded on 18 September with a peak value of 91.3% …
Apple Safari 4.0.4 patches critical vulnerabilities
Safari 4.0.4 includes improvements to performance, stability, and security. ColorSync An integer overflow exists in the handling of images with an embedded color profile, …
Real-world data on software security initiatives
Cigital and Fortify Software released the Building Security In Maturity Model for Europe or “BSIMM Europe,” an application of the industry’s first-ever set …
Looking back at 2009 through SQL injection goggles
The earliest public mention I could find of SQL injection (“piggybacking SQL statements’ as the author put it) was from someone who called himself Rain Forest …
How to protect personal information
How do you know if your online activities are secure, or if trouble is lurking around the corner? IEEE has brought together its security expert members to evaluate the most …
Cybersecurity threats agencies face every day
CDW Government released its 2009 Federal Cybersecurity Report, which found that across Federal civilian and Department of Defense agencies, the number and severity of …