We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
A number of humorous yet undocumented features are hiding beneath the surface of some of the most popular open source software applications. Although easter eggs are generally easy to spot when you can look at an application's source code, there are a few that aren't widely known.
Great article by Kevin Poulsen. More than 100 drivers in Austin, Texas found their cars disabled or the horns honking out of control, after an intruder ran amok in a web-based vehicle-immobilization system normally used to get the attention of consumers delinquent in their auto payments.
McAfee, a leading maker of Internet security software, warned this week that software systems used by many companies to store and manage their intellectual property are being actively targeted by hackers and are in need of significantly increased security focus.
An Estonian virus writer has been jailed for two and a half years for creating a Windows worm family that launched denial of service attacks on the websites of a local insurance firm and ISP.
Two weeks ago, I essentially claimed that nearly every company I know is hacked -- and in many cases, thoroughly hacked. Although there's a bit of hyperbole in that statement, it isn't that far from reality. That statement, however, has led some readers to believe detecting hackers and preventing attacks is impossible. Nothing could be further from the truth.
Ongoing computer scams targeting small businesses cost U.S. companies US$25 million in the third quarter of 2009, according to the U.S. Federal Deposit Insurance Corporation. Online banking fraud involving the electronic transfer of funds has been on the rise since 2007 and rose to over US$120 million in the third quarter of 2009, according to estimates presented Friday at the RSA Conference in San Francisco, by David Nelson, an examination specialist with the FDIC.
Three University of Michigan computer scientists say they have found a way to exploit a weakness in RSA security technology used to protect everything from media players to smartphones and e-commerce servers.
Companies should take extra steps to secure their source code from the type of targeted attacks that hit Google, Adobe, Intel and others over the past few months. That's according to security vendor McAfee, which released a report detailing the way software source code was accessed in some of these attacks.
The number of software vulnerabilities fell overall in 2009, but the number of bugs in document readers and multimedia applications increased by 50 percent, according to IBM's annual X-Force Trend and Risk Report.
SQL injections top plenty of lists as the most prevalent means of attacking front-end Web applications and back-end databases to compromise data. According to recent published reports, analysis of the Web Hacking Incidents Database (WHID) shows SQL injections as the top attack vector, making up 19 percent of all security breaches examined by WHID.
A Russian security researcher on Thursday said he has released attack code that exploits a critical vulnerability in the latest version of Mozilla's Firefox browser.
Aaron Portnoy, TippingPoint Technologies Security Research Team Lead, has announced that the annual Pwn2Own contest will take place at this year's CanSecWest security conference on the 24th of March in Vancouver. To commemorate the 4th Pwn2Own contest, the total cash prize amount has been increased to $100,000 this year.
Former security researcher Max Butler has been sentenced to 13 years in federal prison for hacking financial firms and stealing nearly two million credit card numbers from banks, businesses and other hackers. The judgement is the longest sentence for a hacker in US history.
Patient care will not be affected by an NHS decision to pull a doctors' appraisal website offline to improve its security, but the life of UK doctors will be complicated. The return of the NHS Appraisal Toolkit, which provides an online database that allows NHS doctors to prepare for their annual appraisals, is not due until 3 March.
Most of us do not think twice about paying for something in a high street shop by keying in our pin. It is easy, fast and in most cases it works. But scratch a little under the surface and there are persistent reports of people who say they have been the subject of fraud of one kind or another on their credit or debit card.
A well-known security researcher yesterday showed how to subvert security in the Oracle 11g database by exploiting zero-day vulnerabilities that would let a savvy user gain full and complete control. Researcher claims hack of processor used to secure Xbox 360, other products
Here is a hugely popular article on LinuxSecurity.com from 2007 that is even more true today.Two Cambridge researchers have devised a relay attack with a hacked chip and PIN terminal that could enable attackers to bypass bank card security measures. Saar Drimer and Steven Murdoch, members of the Cambridge University Computer Laboratory, demonstrated in January how they could modify a supposedly tamper-proof chip and PIN terminal to play Tetris. They have now extended the hack to demonstrate how they can compromise the system by relaying card information between a fake card and a genuine one.
The recent hacking attack that prompted Google's threat to leave China is underscoring the heightened dangers of previously undisclosed computer security flaws
Apple fans are often smug about their immunity to virus attacks on their Macs and iPhones. Well, these devices are hardly safe from viruses, worms, or other attacks, but it's true that they're more secure than Windows PCs. A recent report from antivirus vendor Intego shows how few attacks made their way into the iPhone and Mac worlds last year.
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
