Capabilities and weaknesses of token-based authentication
From Martin McKeay’s blog: As most security professionals know, passwords are a losing proposition. We use them because the capability comes with your operating system, …
HP to acquire web application security expert
HP today announced that it has signed a definitive agreement to acquire SPI Dynamics, Inc., a provider of web application security assessment software and services, to further …
Business model based on the malicious MPack tool
PandaLabs has discovered the new 0.90 version of the malicious tool Mpack, available for US$1000 on the Web. This application could be defined as “a kit for installing …
A closer look at Tor privacy tool
Tor is a tool that can help you anonymize web browsing and publishing, instant messaging, IRC, SSH, and other applications that use the TCP protocol. This is a graphical …
Fast-moving web threat spreads around the world
Security researchers at Trend Micro reported an accelerating infection in Italy of seemingly legitimate web pages loaded with malicious code that could plant a keylogger to …
Monitoring all local and privileged user access to database
Tizor Systems announced Mantra V5.4 with Enterprise Local Audit Architecture, the most complete solution for monitoring all local and privileged user access to databases. …
Hedgehog database security and insider threat prevention solution
Sentrigo announced the general availability of Hedgehog, product specifically designed to combat data breaches caused by insiders with access privileges—including employees, …
New ASUS notebooks with biometric fingerprint sensors
AuthenTec announced that its AES1610 fingerprint sensors are standard in more than a dozen new 2007 Windows Vista-model ASUS notebooks. Bundled with the Trusted Platform …
Watch out for .hk domains with embedded malware code
ISC handler Maarten Van Horenbeeck writes that many valued contributors wrote in yesterday with various spam messages that contained nothing but a short piece of text and a …
Trojan horse allows attacker connect to Internet through your computer
A malware named Trojan-Proxy.Win32.Agent.y is on the prowl and like other members of its family, this one too facilitates a remote attacker to access the Internet via a …
This week’s top malware: “YouTube” and Dotex worms
This week’s PandaLabs report looks at two very dangerous worms: Dotex.A and SpreadBanker.A, as well as the six security patches published by Microsoft to fix up to …
New AI-based security data and log analyzer
Privacyware has released Adaptive Security Analyzer 2.0 (ASA), a software solution that helps system administrators and security and compliance personnel detect, understand …
Featured news
Resources
Don't miss
- Product showcase: Cogent Community democratizes vulnerability intelligence with agentic AI
- Cyber-espionage campaign mirroring Sandworm TTPs hit Russian and Belarusian military
- A new way to think about zero trust for workloads
- Heisenberg: Open-source software supply chain health check tool
- Securing real-time payments without slowing them down