Threat modeling best practices
In the video below, Robert Zigweid, senior security consultant at IOActive, talks about threat modeling best practices. The video was recorded at the OWASP AppSec USA 2010 …
Highest profile software failures of 2010
SQS Software Quality Systems compiled a list of the worst software failures of 2010 that have damaged reputations, impacted negatively on finances and caused stress to users. …
Passwords are the weakest link in online security
A ZoneAlarm survey showed that 79% of consumers use risky password construction practices, such as including personal information and words. The survey also revealed that 26% …
The shape of security and compliance in 2011
With increasingly stringent compliance mandates, a flurry of vendor consolidation, demands for audit reporting, and a spike in complex security breaches, 2010 has been a …
Rapid7 releases NeXpose 4.10
Rapid7 announced NeXpose 4.10, the latest version of its vulnerability management solution, providing enterprise customers with visibility and actionable intelligence for …
Worm blocks access to Facebook
A relatively new worm that Symantec named W32.Yimfoca presents a very interesting and never before seen modus operandi. A variant of the worm spreads via Yahoo! Messenger and, …
How can independent media and human rights sites defend themselves from DDoS attacks?
Thanks to the attacks executed by hacktivist group Anonymous against sites of companies that have (in their eyes) wronged WikiLeaks, the DDoS attack has once again become a …
Web-based stealth attacks on network security will dominate 2011
Viruses will become more subtle and even harder to detect in 2011, and the primary line of attack will continue to be via the internet, according to Redscan. Malware is now …
Gawker’s future security plans revealed
An internal memo sent to the Gawker staff by Thomas Plunkett, Gawker Media CTO, has revealed further details about last week’s massive breach that resulted in the …
Database of routers’ embedded private SSL keys published
The recent publishing of a database containing over 2,000 private SSL keys hard-coded into various routers – with their corresponding public certificates and …
110,000 credit card records stolen in NY tour company web server breach
The web server of CitySights NY – a company that organizes tours around New York on double-decker buses – has been breached and names, addresses, e-mail addresses, …
Virus yearbook 2010: Mariposa, Stuxnet and MSNWorm most noteworthy
PandaLabs is closing the year with a look at some of the unique and noteworthy viruses that have appeared over the last twelve months. The list of viruses is vast and varied, …
Featured news
Resources
Don't miss
- Vulnerable firmware for Gigabyte motherboards could allow bootkit installation
- AsyncRAT evolves as ESET tracks its most popular malware forks
- Inorganic DNA: How nanoparticles could be the future of anti-counterfeiting tech
- Securing vehicles as they become platforms for code and data
- How service providers can turn cybersecurity into a scalable MRR engine