Help Net Security
Expanding phishing vector: Classified ads
The online classified advertisement services sector has been increasingly exploited as a phishing attack vector by ecrime gangs, a trend confirmed by the growth of attacks …
Free guide: Web application security
Vulnerabilities in web applications are now the largest vector of enterprise security attacks. Stories about exploits that compromise sensitive data frequently mention …
Widespread “undelivered package” spam attack delivers Trojans
Cybercriminals are currently sending out the spam messages – which come attached with a malware infected .zip file – with titles such as “Post Express …
Governance has a central role in IT security
A major survey from ISACA confirms the central role that governance plays in information security within large organizations and stresses the fact that 95% of IT professionals …
SecureSurf: Malware protection and web filtering
AppRiver introduced SecureSurf, a Web protection solution that provides defense against online threats. SecureSurf is an easy-to-deploy hosted solution that protects companies …
Vulnerabilities in Cisco WebEx conferencing applications
Core Security Technologies disclosed stack overflow vulnerabilities affecting the Cisco WebEx applications used to conduct Web-based video conferencing. They identified two …
New malware strains wreaking havoc on Facebook
PandaLabs announced the discovery of security exploits via popular social media sites Facebook and Twitter. In the last several days, two new malware strains have been …
Changing the status quo for security
When a problem is recognized that impacts virtually everyone and a group of experts provides a solution, what can possibly prevent the solution from being used? If the problem …
Free XSS flaws detection service
Cross-site scripting (XSS) errors are responsible for more than half of all web application vulnerabilities1. So, in this age of accountability and expectations for secure, …
Microsoft Windows MHTML XSS vulnerability
A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to conduct cross-site scripting (XSS) attacks, according to Secunia. The …
Week in review: Android malware, Facebook security features and Zuckerberg’s page hack
Here’s an overview of some of last week’s most interesting news and articles: Lush hack due to numerous security vulnerabilities The Web site of Lush, the natural …
Nmap 5.50 released
Nmap is a free and open source utility for network exploration or security auditing. A primary focus of the 5.50 release is the Nmap Scripting Engine, which has allowed Nmap …
Featured news
Resources
Don't miss
- Okta users under attack: Modern phishing kits are turbocharging vishing attacks
- One-time SMS links that never expire can expose personal data for years
- More employees get AI tools, fewer rely on them at work
- Energy sector orgs targeted with AiTM phishing campaign
- Exposed training apps are showing up in active cloud attacks