Help Net Security
The dangers of NOT passing cybersecurity legislation in 2012
According to the U.S. Government, cyber-security protection of critical infrastructure is a national priority. With 85 percent of the nation’s critical infrastructure …
Vulnerabilities in open source WAF ModSecurity
During our research of web application firewall evasion issues, we uncovered a flaw in ModSecurity that may lead to complete bypass of the installed rules, in the cases when …
Increase in cyber threats and sabotage on critical infrastructure
The Pacific Northwest National Laboratory (PNNL), in conjunction with McAfee, revealed a report that fully examines the current challenges facing critical infrastructure and …
Highest paying IT certifications
ISACA’s Certified Information Security Manager (CISM) and Certified in Risk and Information Systems Control (CRISC) credentials have been named two of the highest-paying …
Real life examples on hackers bypassing CAPTCHA
Computer-assisted tools and crowd sourcing can easily bypass traditional anti-spam solutions, forcing CAPTCHAs to evolve to address these techniques, according to Imperva. A …
Predicting Malicious Behavior
Predicting Malicious Behavior combines real-world security scenarios with actual tools to predict and prevent incidents of terrorism, network hacking, individual criminal …
Week in review: Link between Flame and Stuxnet discovered, and cracking LinkedIn passwords
Here’s an overview of some of last week’s most interesting news, reviews and articles: Lessons learned from cracking 2 million LinkedIn passwords Like everyone …
SAP security vulnerabilities, metrics and threats
A global report from ERPScan dedicated to SAP security shows various critical services exposed by 5%-25% (depending on the service) of companies that run SAP. One of the goals …
Ghost USB honeypot released
Ghost is a honeypot for malware that spreads via USB storage devices. It detects infections with such malware without the need of any further information. The honeypot …
IT leaders want greater insight
Only 44% of IT decision makers say the line levels of IT feel connected to their organization’s strategy and are empowered to execute it, according to TEKsystems. A …
Cloud-based endpoint security with protection for Exchange Server
Panda Security released Panda Cloud Office Protection Advanced, a cloud-based endpoint security solution with protection for Exchange Server. This new module is fully …
Data privacy protection for Hadoop
Dataguise released DgHadoop, a data privacy protection and risk assessment solution for Hadoop. It provides compliance assessment and enforcement for centralized data privacy …
Featured news
Resources
Don't miss
- Microsoft reveals actively exploited Office zero-day, provides emergency fix (CVE-2026-21509)
- When open science meets real-world cybersecurity
- Poland repels data-wiping malware attack on energy systems
- Inside Microsoft’s veteran-to-tech workforce pipeline
- Brakeman: Open-source vulnerability scanner for Ruby on Rails applications