Help Net Security
Assessing the security of cloud providers
The Cloud Security Alliance announced the launch of a new initiative to encourage transparency of security practices within cloud providers. The CSA Security, Trust & …
Week in review: Mobile drive-bys, Facebook bug bounty and Operation Shady RAT
Here’s an overview of some of last week’s most interesting news and articles: Facebook introduces bug bounty program Facebook has decided to follow in …
July 2011 threat landscape
July has been a hot month for SEO poisoning, and its popularity is expected to continue in August, says GFI. Users to be cautious of likely search term targets for scammers, …
Drive-by attacks targeting smartphones are in our future
A new study that has analyzed the behavior of 10,000 applications downloaded from the Android Market, shows that many mobile applications leak personal information and that …
Hacktivists are “villains”, say IT security pros
The majority of IT security professionals have – unsurprisingly – a negative opinion of “hacktivists”, say the results of a survey of 211 attendees at …
Amazon extends cloud access, enables “identity federation” for accessing it
Amazon Web Services has extended Amazon Virtual Private Cloud (Amazon VPC) to all AWS Regions, allowing enterprises to launch their Amazon VPC environments in the US East and …
Scanning thousands of Web apps in days, not months
Faced with the reality that exploiting a single SQL Injection vulnerability or cross-site scripting (XSS) error in any web application could take down an organization’s …
Penetration testing for mobile phones
Core Security announced the Core Impact Pro v12 penetration testing software, a commercial-grade solution that pinpoints security exposures in Android, BlackBerry and iPhone …
Free password reset self service solution for SMBs
Nervepoint Technologies announces the launch of Access Manager Self Service, a free Password Self Service solution for SMBs. With almost zero-configuration, the service …
Web application security on a new level
Qualys announced QualysGuard WAS 2.0, enabling organizations to leverage the power and scalability of the cloud to discover, catalogue and scan large numbers of web …
Automated malware analysis for businesses
GFI released GFI SandBox 3.4 (formerly CWSandBox), the latest update to their malware analysis tool that helps security professionals assess suspected files and URLs for …
Virtualized scanners and report customization for security assessment
Qualys announced a new edition of the QualysGuard Consultant service, featuring virtualized scanner appliances (vScanners) and a report customization module. The new edition …
Featured news
Resources
Don't miss
- How CISOs can talk cybersecurity so it makes sense to executives
- How OSINT supports financial crime investigations
- Review: Effective Vulnerability Management
- Vuls: Open-source agentless vulnerability scanner
- Attackers exploited old flaws to breach SonicWall SMA appliances (CVE-2024-38475, CVE-2023-44221)