Cloud-based fuzzing for zero-day vulnerability discovery
Codenomicon released the Fuzz-o-Matic cloud-based software security Testing-as-a-Service (TaaS) platform for enterprise software and applications running on Windows, Linux, …
auditing
Qualys expands its FreeScan service
Qualys announced its new and improved FreeScan service to help SMBs audit and protect their web sites from security vulnerabilities and malware infections. The new FreeScan …
Windows Phone App Analyser 1.0 released
David Rook, the author of the acclaimed security code review tool Agnitio, today released version 1.0 of Windows Phone App Analyser, an application that can be used to …
Ettercap 0.7.4 released
Ettercap is a network sniffer/interceptor/logger for ethernet LANs. It supports active and passive dissection of many protocols (even ciphered ones, like SSH and HTTPS). Data …
Cain & Abel 4.9.43 released
Cain & Abel is a password recovery tool for Microsoft operating systems. It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted …
40% of orgs doubt effectiveness of disposal procedures of old PCs
UK organizations aren’t certain that all data and settings are deleted from devices prior to disposal, say the findings of a recent survey by user and infrastructure …
Security code review tool Agnitio 2.1 released
Agnitio is an application security tool developed by David Rook to help further the adoption of the Principles of Secure Development and to bring more repeatability and …
Explore what ISO 27001 documentation looks like
Documentation is the core of your ISO 27001 implementation. A good set of documents will enable your employees to understand their obligations better while poorly written …
How to conduct an internal audit according to ISO 27001 and BS 25999-2
The key purpose of an internal audit is for an organization to find out if all the processes and activities are running as they are expected. An nternal audit is usually …
BackTrack 5 Wireless Penetration Testing Beginner’s Guide
Wireless technologies are inherently insecure and can be easily broken. BackTrack is a penetration testing and security auditing distribution that comes with a myriad of …
GlobalSign audit reveals only isolated web server breach
GlobalSign – the CA that has been named by the Comodohacker as also compromised and has stopped issuing certificates until it finished investigating these claims – …
Mozilla requests Firefox CAs to confirm they haven’t been compromised
As Google began notifying users that have been possibly affected by man-in-the-middle attacks through the use of the rogue SSL certificate issued by compromised CA DigiNotar, …