Help Net Security
Fake LinkedIn spam attack
Starting on Monday, cyber criminals sent spam email messages targeting the LinkedIn social media community. Victims are emailed an alert link with a fictitious social media …
Manual SQL Injection demonstration using DVWA
Scripts are nice, but they will fail eventually. But, that doesn’t mean the flaw is not exploitable. Eventually you will need to turn to manual techniques to verify a …
As the PCI deadline looms, merchants should avoid quick fix measures
On Thursday 30 September 2010, the latest PCI DSS deadline kicks in, requiring all level one merchants (those processing more than six million transactions per year) to adhere …
USB drive identifies and extracts data, leaving no footprint
Harris Corporation introduced a highly customizable USB thumb drive that quickly extracts targeted data from computers. The device – called BlackJack – is designed …
60% of organizations suffered $2 million losses for Web 2.0 security issues
While organizations see the potential value of Web 2.0 tools, decision makers continue to debate whether or how to allow employee usage of the technology in the workplace. A …
Free malicious PDF analysis e-book
Didier Stevens, the hacker who became a synonym for malicious PDFs, released a free e-book. It’s a chapter he wrote as co-author of a malware analysis book. For more …
Week in review: Stuxnet, XSS Twitter flaw, and 2-factor authentication from Google
Here’s an overview of some of last week’s most interesting news and articles: Cybercriminals steal Interpol Chief’s identity to access info on fugitives …
Scaling intrusion prevention systems for 10G, 40G and beyond
The Internet is still growing and, as we make the transition from Intrusion Detection Systems (IDS) to Intrusion Prevention Systems (IPS) – driven in part by the fact …
E-crime gangs targeting classifieds, social networking and gaming websites
Phishing gangs have been increasing their efforts against brands in the social networking, online classifieds and online gaming industries, according to the APWG. In its …
Cisco delivers secure network connectivity for Apple iOS 4.1
Cisco AnyConnect Secure Mobility Solution is now available from the App Store. It offers highly secure network connectivity from any Apple iOS 4.1 device, improving the …
Majority of U.S. federal domain names still don’t use DNSSEC
The majority of Federal agency run .gov domains are not signing their DNS with DNSSEC despite a December 2009 Federal deadline for adoption, according to an IID report. DNSSEC …
Preparing for a firewall audit
Network security audits are getting a lot of coverage these days thanks to standards like SOX, PCI-DSS, and HIPAA. Even if you don’t need to comply with any of those …
Featured news
Resources
Don't miss
- Millions of Android devices roped into Badbox 2.0 botnet. Is yours among them?
- June 2025 Patch Tuesday forecast: Second time is the charm?
- Why IAM should be the starting point for AI-driven cybersecurity
- Protecting patient data starts with knowing where it’s stored
- Ransomware and USB attacks are hammering OT systems