New assurance mark of software application security
Veracode unveiled the VERAFIED High Assurance mark of software application security for the CWE/SANS Top 25 Most Dangerous Software Errors. This industry “seal of …
Sourcefire’s open source framework for deep threat inspection
Sourcefire announced Razorback, an open source framework designed to deliver deep inspection capabilities for combating today’s most complex threats. Developed to help …
100 million Facebook pages published on torrent site
A compilation of Facebook pages (and personal information) of 100 million users of the popular social network is available for download on a torrent site, courtesy of hacker …
Cell-phone call interception demonstration at Defcon might not be a sure thing
Ethical hacker Chris Paget is scheduled to give a talk on cellphone insecurity at Defcon this Saturday, during which he means to demonstrate the possibility of interception of …
Critical ToolTalk Database Server Parser vulnerability discovered
Check Point announced that its IPS Research team has recently discovered a critical vulnerability in a function of the ToolTalk Database Server Parser that can enable a remote …
Fake AV masquerading as Firefox/Flash update
The well known “fake scanning page” that pops up a warning about your computer being infected has been switched with a fake Firefox “Just Updated” page …
Critical vulnerability in Apple QuickTime
A highly critical vulnerability (as dubbed by security researchers from Secunia) affects the latest version of Apple QuickTime Player for Windows. “The vulnerability is …
Mariposa malware author arrested in Slovenia
A 23-year old Slovenian hacker that goes by the handle “Iserdo” has been arrested for developing the code that allowed the three alleged Spanish Mariposa botnet …
The cost of cyber crime
ArcSight and the Ponemon Institute announced the results of the First Annual Cost of Cyber Crime Study (registration required). Over a four-week period, the 45 organizations …
Secure cell phone conference calling
Cellcrypt announced that it has launched a secure conference service that provides both device authentication and voice call encryption to participants using popular cell …
Author of cloud-based phishing kit harvests collected credentials from phishers using it
People who embark on a life of crime are usually attracted by the promise of little effort and big money, and the hacker whose phishing kit was discovered to be collecting …
Exploitability data from real-time feeds
Qualys announced that QualysGuard Vulnerability Management now includes correlated exploitability information from real-time feeds to provide customers with up-to-date …
Featured news
Resources
Don't miss
- Where policy meets profit: Navigating the new frontier of defense tech startups
- Four arrested in connection with M&S, Co-op ransomware attacks
- Ruckus network management solutions riddled with unpatched vulnerabilities
- What EU’s PQC roadmap means on the ground
- Open source has a malware problem, and it’s getting worse