vBulletin vulnerable to SQL injection
A Romanian hacking community has discovered and responsibly reported a critical SQL injection vulnerability found in the latest version (5.1.2) of the popular web forum …
UK data watchdog suffered data security breach
A data breach can really happen to anyone – just ask the UK’s Information Commissioner’s Office (ICO). Buried in the recently made public 2013-2014 Annual …
Selectively re-using bad passwords is not a bad idea, researchers say
For all the repeated advice to use different, complex password for each online account, users are still opting for easy-to-guess, short ones and use them repeatedly across …
Oracle delivers 113 updates
Oracle’s Quarterly Critical Patch Update (CPU) is never a minor event. In April we saw 104 security issues addressed, in January it was 144. This time around we are …
Researcher launches SSL Blacklist
Roman Hussy, the Swiss security activist behind Abuse.ch, has started another project: the SSL Blacklist (SSLBL). Known for the trackers that keep tabs on command and control …
Most dangerous superheroes to search for online
Though he has spent years fighting for good in comic books and on the big screen, Superman has emerged as one of the web’s biggest villains as he comes top in …
100+ DDoS events over 100GB/sec reported this year
Arbor Networks released global DDoS attack data derived from its ATLAS threat monitoring infrastructure. The data shows an unparalleled number of volumetric attacks in the …
How email user habits impact personal life
GFI Software announced the findings of its second independent study into email user habits, which revealed a stark increase in the way that work email is encroaching into the …
65 challenges that cloud computing poses to forensics investigators
The National Institute of Standards and Technology (NIST) has issued for public review and comment a draft report summarizing 65 challenges that cloud computing poses to …
Google goes to war against zero-days
Google has announced the launch of Project Zero, a dedicated internal team that will concentrate on finding zero-day vulnerabilities in Google’s and third-party software …
Breaches exposed 22.8 million personal records of New Yorkers
Attorney General Eric T. Schneiderman issued a new report examining the growing number, complexity, and costs of data breaches in the New York State. The report reveals that …
PittyTiger APT group sells its services to companies
APT attackers thought to be operating from China often seem financed by the government, but there are other groups that work for the highest bidder, which is usually a private …
Featured news
Resources
Don't miss
- 40 open-source tools redefining how security teams secure the stack
- Password habits are changing, and the data shows how far we’ve come
- Product showcase: Tuta – secure, encrypted, private email
- Henkel CISO on the messy truth of monitoring factories built across decades
- The hidden dynamics shaping who produces influential cybersecurity research