Kali Linux 2023.2, the second version of 2023, is now available with a pre-built Hyper-V image and thirteen new tools, including the Evilginx framework for stealing credentials and session cookies.
Less than 20 percent of organizations using virtualization technology are adopting security tools to work in tandem with the software in order to decrease the risks that are inherent in a virtualized environment. This according to John Burke, Principal Research Analyst with Nemertes Research, who spoke Tuesday at the IT Roadmap Conference and Expo in Boston about the emerging threats posed to mobile and virtual environments.
The update of the Apache HTTP Server (httpd) to version 2.2.18 earlier this month to close a denial of service (DoS) problem appears to have exposed a related DoS vulnerability. The developers have now released httpd 2.2.19 to fix this new problem which has been rated as moderately critical; however, as with the previous DoS vulnerability, it requires that mod_autoindex is enabled in the web server.
When technology manager Lincoln Cannon wants to give his company's employees and business partners controlled access to various internal resources or cloud-based services the company uses, he goes to one cloud-based single sign-on security service to assign access privileges.
The successful use of phishing emails to breach secure organizations like Oak Ridge National Laboratory and EMC's RSA security division is a stark reminder of the serious threat posed by a type of attack that was previously dismissed as low-tech.
The Sony PlayStation network down news for PS3 and Qriocity players is sobering. The network has been down for several days following an "external intrusion" a.k.a. hacker attack. Sadly, the PSN will be down longer while more security is put in place.