CrowdStrike launches Intelligence Exchange Program
At Black Hat, CrowdStrike announced the launch of the CrowdStrike Intelligence Exchange Program (CSIX). The exchange enables vendor partners to access and share threat …
Teen researcher publishes PayPal 2FA bypass exploit
Joshua Rogers, a teenage whitehat based in Australia, has found an extremely simple way to bypass PayPal’s two-factor authentication feature. Rogers first discovered the …
Open source threat visualization engine for infosec pros
OpenDNS has released OpenGraphiti, an interactive open source data visualization engine that enables security analysts, researchers and data scientists to pair visualization …
DDoS attack volumes plummet as NTP servers got patched
Wise to attackers’ exploitation of the Network Time Protocol (NTP) vulnerability to create distributed reflection denial of service (DrDoS) attacks, information security …
The weak links in an increasingly dynamic threat landscape
The Cisco 2014 Midyear Security Report, released today at Black Hat, examines the “weak links” in organizations – outdated software, bad code, abandoned …
PF Chang’s data breach lasted 8 months
Asian-themed US restaurant chain P.F. Chang’s China Bistro has finally provided some more details about the breach it suffered earlier this year, including the 33 …
Android RAT impersonates Kaspersky Mobile Security
A clever malware delivery campaign impersonating well-known AV vendor Kaspersky Lab is actively targeting Polish Android users. It all starts with a spam email sporting the …
How to foil SynoLocker and minimize the damage
We wrote on Monday warning about Synology NAS users being targeted with SynoLocker, a customized version of the Cryptolocker ransomware, which encrypts the files contained on …
Poweliks malware creates no files, lays low in the registry
For most malware, performing their malicious task(s) is the primary goal, and a close second is to stay unnoticed on the system for as long as possible. As developers of …
NIST asks for comments on security guide for federal information systems
The National Institute of Standards and Technology (NIST) has issued for public comment a draft update of its primary guide to assessing the security and privacy controls that …
China bans Symantec, Kaspersky software from govt systems
Symantec and Kaspersky Lab have become the latest victims of Chinese government’s procurement agency’s axe as the two firms have been dropped from the approved …
New game sharpens secure coding skills
Today at Black Hat, Checkmarx launched Game of Hacks, a challenging game for software developers and security professionals to test their application hacking skills, improve …
Featured news
Resources
Don't miss
- Five identity-driven shifts reshaping enterprise security in 2026
- What if your face could say “don’t record me”? Researchers think it’s possible
- Conjur: Open-source secrets management and application identity
- Counterfeit defenses built on paper have blind spots
- Budding infosec pros and aspiring cyber crooks targeted with fake PoC exploits