VLC 1.1.7 fixes security issue
VideoLAN unveiled VLC 1.1.7, a security update on 1.1.6. When parsing an invalid MKV (Matroska or WebM) file, input validation are insufficient. If successful, a malicious …
Cain & Abel 4.9.38 released
Cain & Abel is a password recovery tool for Microsoft operating systems. It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted …
Expanding phishing vector: Classified ads
The online classified advertisement services sector has been increasingly exploited as a phishing attack vector by ecrime gangs, a trend confirmed by the growth of attacks …
Free guide: Web application security
Vulnerabilities in web applications are now the largest vector of enterprise security attacks. Stories about exploits that compromise sensitive data frequently mention …
Rogueware starts misusing names of legitimate AV
Rogueware authors have so far mostly avoided misusing names of legitimate AV software, and I often wondered why. My best guess is that they wanted to minimize the possibility …
Widespread “undelivered package” spam attack delivers Trojans
Cybercriminals are currently sending out the spam messages – which come attached with a malware infected .zip file – with titles such as “Post Express …
Governance has a central role in IT security
A major survey from ISACA confirms the central role that governance plays in information security within large organizations and stresses the fact that 95% of IT professionals …
SecureSurf: Malware protection and web filtering
AppRiver introduced SecureSurf, a Web protection solution that provides defense against online threats. SecureSurf is an easy-to-deploy hosted solution that protects companies …
Egyptians can now tweet without an Internet connection
After Facebook experienced the state-wide password hijacking attempt organized by the Tunisian government and solved it by using social authentication and routing login …
“Facebook closing all accounts” scam hits users
The latest scam to hit Facebook users is a slight variation of the survey scams that target them daily. But this time, the lure isn’t bogus “OMG” I …
Could a vulnerability tax spur vendors to improve security?
He has recently been appointed as Apple’s global director of security and he is expected to begin his work in March, but former National Security Agency cryptographer …
Vulnerabilities in Cisco WebEx conferencing applications
Core Security Technologies disclosed stack overflow vulnerabilities affecting the Cisco WebEx applications used to conduct Web-based video conferencing. They identified two …
Featured news
Resources
Don't miss
- Man vs. machine: Striking the perfect balance in threat intelligence
- Misconfig Mapper: Open-source tool to uncover security misconfigurations
- Why AI deployment requires a new level of governance
- Mastering the cybersecurity tightrope of protection, detection, and response
- PRevent: Open-source tool to detect malicious code in pull requests