Sony hires new CISO
Sony Corporation announced that Philip R. Reitinger has been named Senior Vice President and Chief Information Security Officer, Corporate Executive in charge of global …
DigiNotar breach report reveals lousy security practices
An interim report issued by security audit firm Fox IT, who has been hired to investigate the DigiNotar breach, reveals that things are far worse than we were led to believe. …
OpenSSH 5.9 released
OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0 implementation and includes sftp client and server support. It encrypts all traffic (including passwords) to …
Cloud-based DDoS protection
Imperva announced Cloud DDoS Protection, a secure cloud-based service that safeguards businesses from DDoS attacks. By subscribing to this service, organizations can protect …
A bid for the (ISC)2 board of directors: Beyond campaign promises
It’s been roughly two weeks since I started my petition as a write-in candidate for the (ISC)2 Board of Directors (BoD) elections. And what a two weeks it has been. As …
Iranian users were the ultimate target in DigiNotar compromise
If you needed a confirmation of Google’s claims that the rogue SSL issued by DigiNotar for *.google.com domains was used mainly to mount man-in-the-middle attacks …
Rogue SSL certs were also issued for CIA, MI6, Mossad
The number of rogue SSL certificates issued by Dutch CA DigiNotar has ballooned from one to a couple dozen to over 250 to 531 in just a few days. As Jacob Appelbaum of the Tor …
New Zeus-based variant targets banks around the world
Another Zeus-based offering has been unearthed by Trend Micros researchers, and by the look of things, this one seems to be better crafted than the recently discovered Ice IX …
MantisBT multiple vulnerabilities
Vulnerabilities have been reported in MantisBT, according to Secunia. These can be exploited by malicious people to conduct cross-site scripting attacks and disclose …
The Register, The Daily Telegraph, UPS hit by DNS hack
Readers of British technology news and opinion website The Register got an unwelcome surprise when they tried to access it yesterday: But, what at first looked like a …
BackBox Linux 2 for penetration testers
BackBox is a Linux distribution based on Ubuntu. It has been developed to perform penetration tests and security assessments. Designed to be fast, easy to use and provide a …
Week in review: Anonymous arrests, Kernel.org and DigiNotar breaches, Google servers as a DDoS tool
Here’s an overview of some of last week’s most interesting news and interviews: Disaster preparedness tips for computers ISACA offers tips to the public and …
Featured news
Resources
Don't miss
- Google patches actively exploited Chrome (CVE‑2025‑6554)
- Federal Reserve System CISO on aligning cyber risk management with transparency, trust
- How cybercriminals are weaponizing AI and what CISOs should do about it
- How analyzing 700,000 security incidents helped our understanding of Living Off the Land tactics
- CitrixBleed 2 might be actively exploited (CVE-2025-5777)