Help Net Security
Protection against Duqu malware
A new vulnerability in Windows has been recently identified and is already exploited in the wild. For now, only a handful of targeted attacks have been found. The …
Firefox 8.0 brings security and stability fixes
Mozilla released Firefox 8.0 that fixes several security and stability issues. Add-ons installed by third party programs are now disabled by default, as if add-on management …
Hardware-based enterprise key management platform
Escalating threats, expanding regulatory requirements, and the movement to cloud-based and virtualized infrastructures are driving the need for a more unified approach to …
New cloud computing credential
CompTIA and ITpreneurs are collaborating on a new cloud computing skills credential. The Cloud Essentials exam, scheduled for availability in December 2011, will validate …
Light Patch Tuesday features four bulletins
For the November Patch Tuesday, Microsoft released four bulletins that fix vulnerabilities targeting Windows. One is marked as critical, two are important, and the last one is …
Fedora 16: Cloud and virtualization features
The Fedora Project announced the availability of Fedora 16, the latest version of its free open source operating system distribution. Notable feature enhancements include: …
Unknown malware rampant in enterprise networks
New research from Palo Alto Networks shows that targeted and unknown malware are a reality in enterprise networks today, finding hundreds of unique, previously-unknown malware …
Spammers’ URL shortening sites highlight weakness of old security
A recent Web threat report warned that spammers are now using their own URL shortening servicesto lure spam recipients into clicking on malicious web links. These use the …
One in nine Internet users surfing without protection
The number of new malware strains continues to rise. G Data Security Labs counted over 1.2 million new computer malware strains in the first half of the year alone. Despite …
Framework for analyzing web-based threats
Wepawet is a framework for the analysis of web-based threats. It uses a composition of tools and techniques to execute, trace, analyze, and characterize the activity of code …
Hybrid social engineering attacks
Fraudulent phone calls are increasing in popularity. One possible use for these bogus “bank’ calls is to utilize personal identification information stolen using …
Secure access to Office 365 cloud-based web applications
RSA SecurID can now be integrated with the Windows Active Directory Federation Services 2.0 (AD FS 2.0). This integration can enable organizations to provide secure user …
Featured news
Resources
Don't miss
- Google patches actively exploited Chrome (CVE‑2025‑6554)
- Federal Reserve System CISO on aligning cyber risk management with transparency, trust
- How cybercriminals are weaponizing AI and what CISOs should do about it
- How analyzing 700,000 security incidents helped our understanding of Living Off the Land tactics
- CitrixBleed 2 might be actively exploited (CVE-2025-5777)