Help Net Security
First OpenStack Infrastructure-as-a-Service cloud solution
Dell announced the Dell OpenStack Cloud Solution, which integrates the OpenStack cloud operating system, cloud-optimized Dell PowerEdge C servers, the Dell-developed …
Samba XSS and request forgery vulnerabilities
Two vulnerabilities have been reported in Samba, which can be exploited by malicious people to conduct cross-site scripting and request forgery attacks. 1. The Samba Web …
22% in US admit to potential abuse of private data
22% of US, 29% of Australian and 48% of British employees who have access to their employer’s or client’s private data, would feel comfortable doing something with …
Phishing attacks on Facebook intensify
There was a significant increase in the amount of phishing attacks on Facebook, as well as other social networking sites such as Habbo in June, according to the latest spam …
Metasploit Pro 4.0 released
Rapid7 launched Metasploit Pro 4.0, a penetration testing solution that provides security professionals with a better view of their threat landscape by integrating with more …
Entrust strengthens mobile security with device authentication
In an era when mobile devices are commonplace, Entrust introduces a straightforward method for adding digital certificates to mobile devices – and with little management …
New OAuth toolkit
Layer 7 Technologies unveiled its OAuth Toolkit, an enterprise-class solution to provide a generalized framework for handling a broad range of OAuth scenarios across cloud, …
Mac OS X Lion login password easily revealed
Mac OS X stores user login passwords in system memory even if the computer is locked or put into a sleep mode. The vulnerability is present in all modern versions of Mac OS X, …
SpyEye Trojan country hit list
The number of financial institutions targeted by the SpyEye Trojan is growing, according to Trusteer. Risk analysis teams have also observed an increase in the number of …
Apple releases iOS 4.3.5
Apple released iOS 4.3.5, which can be downloaded and installed using iTunes. A certificate chain validation issue existed in the handling of X.509 certificates. An attacker …
Enterprises fail to control mobile access
The results of a Courion survey of 988 IT decision makers at large organizations indicate that whilst organizations are confident that they can assure appropriate user access …
Most workaholics don’t secure their mobile devices
Bags packed, flights booked and foreign currency in their pockets. The workforce might be jetting off but they’re definitely not leaving the daily grind behind. Instead, …
Featured news
Resources
Don't miss
- How CISOs can talk cybersecurity so it makes sense to executives
- How OSINT supports financial crime investigations
- Review: Effective Vulnerability Management
- Vuls: Open-source agentless vulnerability scanner
- Attackers exploited old flaws to breach SonicWall SMA appliances (CVE-2024-38475, CVE-2023-44221)