Twitter tests XSS attack prevention on its mobile website
Twitter has been testing and has now implemented Content Security Policy – a new standard developed by Mozilla to block cross site scripting (XSS) attacks – on its …
Japan leakage analysis emails with malicious XLS attachments
Japan’s seemingly unending series of misfortunes has so far generated a vast variety of online scams. The latest one includes spam emails containing Excel attachments …
Find and eliminate credit card data
Nearly two-thirds of merchant computer systems store unencrypted payment card data in violation of the PCI DSS, according to scans of more than 475 merchant networks of all …
Password cracking in the cloud
Passware Kit Forensic is commercial software that enables users to harness the power of cloud computing to accelerate password recovery. It allows the use of Amazon Elastic …
Linux Kernel ROSE multiple vulnerabilities
Some vulnerabilities have been reported in the Linux Kernel. These can be exploited by malicious, local users to cause a Denial of Service and potentially gain escalated …
Things to watch out for during tax season
Most people look forward to their refunds to pay for a nice vacation or pay off some debt. But when filing your taxes online, there are a number of ways you can lose that …
Initiative measures the harm of breached patient information
Healthcare organizations are struggling with two key concerns: how to protect patient information and how to better understand the financial harm caused when protected health …
Hitachi ID Management Suite 7.1.0 released
Hitachi ID Systems released version 7.1.0 of its ID Management Suite. The new release includes updates to Password Manager and a rebranded Privileged Access Manager, both with …
Rogue SSL certificates issued for Google, Yahoo, Skype
A Comodo affiliate Registration Authority (RA) has been compromised and the incident resulted in the issue of nine rogue SSL certificates for seven popular domains, reported …
Play.com customers receiving malicious emails, Silverpop blamed
The notification and the warning that Play.com sent out to its customers following a breach of systems belonging to the company that handles part of its marketing …
Second hand phones contain extensive personal data
People are unsuspectingly selling their personal information to complete strangers as a new report from CPP finds half (54%) of second hand mobile phones contain extensive …
McAfee to acquire Sentrigo
McAfee announced its intention to acquire Sentrigo, a provider of database security and compliance, assessment, monitoring and intrusion prevention solutions. The proposed …
Featured news
Resources
Don't miss
- Avoiding vendor lock-in when using managed cloud security services
- The CISO’s dilemma of protecting the enterprise while driving innovation
- PoC exploit for Ivanti Endpoint Manager vulnerabilities released (CVE-2024-13159)
- Account takeover detection: There’s no single tell
- Man vs. machine: Striking the perfect balance in threat intelligence