Facebook battles likejacking scammers
Facebook and its users have been plagued for a while now by a seemingly never ending steady stream of scams, among which are those that hijack users’ “likes” …
Vulnerabilities in common web applications escalate
A new Cenzic report reveals widespread Web application vulnerabilities, with 2,155 discovered – a third of which have both no known solution and an exploit code publicly …
Massive SQL injection attack compromises 380,000 URLs
A massive SQL injection attack campaign has been spotted by Websense researchers, and the number of unique URLs affected by it has risen from 28,000 when first detected …
IEEE database breached, personal info compromised
The Institute of Electrical and Electronics Engineers (IEEE) has notified the Attorney General of New Hampshire, the FBI and 828 of its members that a file containing the …
Cybercriminals and their favorite baits
According to PandaLabs research, 25 percent of sites used video and multimedia content as bait; 21.63 percent referred to installers or program updates; 16.53 percent claimed …
Half of U.S. tax payers are unaware about identity theft risks
While consumers take steps to protect themselves against identity theft and remain concerned about the possibility of a data breach when sharing their personal information, …
Vulnerabilities surge: 8,000 recorded in 2010
IBM today released results from its annual X-Force 2010 Trend and Risk Report, highlighting that public and private organizations around the world faced increasingly …
Key security experts unfamiliar with DNSSEC
Half of IT personnel in charge of Internet security at the world’s largest organizations either haven’t heard of DNSSEC or have limited familiarity with it, …
Tips for protecting against advanced evasion techniques
By challenging the rules of traditional evasion techniques and combining multiple evasions, AETs are currently unable to be detected by existing network security systems. Ted …
Application control within virtual environments
Sourcefire announced integration between Sourcefire and VMware vShield App and vShield Edge. The integrations enable the Sourcefire Intrusion Prevention System (IPS) to …
Two more Comodo RAs compromised
The investigation Comodo has mounted following the recent compromise of one of its Registration Authorities and the issuing of rogue certificates for popular sites has …
Cisco ACS unauthorized password change vulnerability
A vulnerability exists in some Cisco Secure Access Control System (ACS) versions that could allow a remote, unauthenticated attacker to change the password of any user account …
Featured news
Resources
Don't miss
- Microsoft introduces protection against email bombing
- Sudo local privilege escalation vulnerabilities fixed (CVE-2025-32462, CVE-2025-32463)
- Google patches actively exploited Chrome (CVE‑2025‑6554)
- Federal Reserve System CISO on aligning cyber risk management with transparency, trust
- How cybercriminals are weaponizing AI and what CISOs should do about it