News (105)

Donations flood in for 'guilty' security researcher

Security expert Guillaume Tena, who was last week ordered to pay a fine of 14,300 euros for breach of French copyright law after publishing information about security vulnerabilities in an anti-virus application, has already collected around half the money in donations after appealing for help on his Web site. Read more »

Web threats to surpass e-mail pests

By next year, Internet users can expect more cyberattacks to originate from the Web than via e-mail, security firm Trend Micro predicts. Read more »

MacBook hacked in contest at security event

Software engineer Shane Macaulay hacked into a MacBook through a zero-day security hole in Apple's Safari browser, winning a free laptop in the process. The computer was one of two offered as a prize in the "PWN to Own" hack-a-Mac contest at the CanSecWest conference in Vancouver, Canada. Read more »

'Dangerous' Flash exploit can infect by stealth

A Flash flaw discovered this month could change the face of Web security by allowing criminals to infect users of any browser or operating system with malware — without making their browser or application crash. Read more »

Oracle attack code out

Code is in the wild for one of the holes patched by the database firm on tuesday. Read more »

Sun Java patch schedule put millions at risk: eEye

The way Sun Microsystems patched serious vulnerabilities in its Java Runtime Environment (JRE) put millions of users at risk, according to security firm eEye. Read more »

iPhone hacked in less than a month?

Apple's iPhone has been on the market for less than a month, but already researchers have claimed to have hacked the popular device. Read more »

Hacker backpedals on Firefox zero-day

A hacker who claimed to have found a serious zero-day bug in Firefox now says he was never able to exploit the supposed vulnerability to hijack computers. Read more »

IBM chides security researchers

Technology giant IBM has taken independent security researchers to task for their role in making information about unpublished computer attacks available in an undisciplined manner. Read more »

Google fixes Web site security bug

Google has fixed a security flaw on its Web site that opened the door to phishing scams, account hijacks and other attacks, security researchers said on Monday. Read more »

More Bug, Exploit, Secure News Results

Features (11)

Bug hunters, software firms in uneasy alliance

Although many software makers promote responsible disclosure, it isn't universally backed by the security community. Critics say it could make security companies lazy in patching. Full disclosure of flaws is better is preferred. Read more »

Clickjacking: Potentially harmful web browser exploit

Clickjacking has the potential to redirect unknowing users to malicious websites or even spy on them. We all need to be aware of clickjacking and how to avoid its trappings. Read more »

The secrets of open source security

The Linux vs. Windows security debate is a contest of examples, which stand in place of the concepts that comprise a larger, more fundamental question of what the security benefits and detriments are for the open source and closed source development models. Read more »

Security and open source software: An analysis.

This article from Australian technology commentator Con Zymaris examines the security threat of open source software. Read more »

New security flaw in Outlook, IE

A Danish security researcher has warned that a recently discovered software flaw could leave user's systems open to malicious code carried on Web pages or in e-mails. Read more »

Open, closed source security about equal?

Proprietary programs should mathematically be as secure as those developed under the open-source model, a Cambridge University researcher argued in a paper presented in Toulouse, France. Read more »

Interview: Microsoft's security guru, Steve Riley

Before the start of Tech.Ed 06 Builder AU caught up with Steve Riley who works at Microsoft as a Senior Security Strategist to talk about Vista's new networking stack, security vs usability, and the uptake of IPv6. Read more »

Smart planning reduces Web services security risks

Web services have great potential, but security concerns are preventing many organisations from taking advantage of the technology. Here are several suggested policies that CIOs can follow to develop a solid Web services plan. Read more »

Troubleshoot Apache with these tips

The Apache Web server is well-proven, but can still offer an administrator headaches from time to time when things go wrong. Read more »

Strengthen your app defences

These tips will help you secure your network against attacks that exploit application vulnerabilities. Read more »

More Bug, Exploit, Secure Features Results

Blog (2)

Sysadmin hijacks San Francisco while Torvalds attacks security circus

Staff [blogs:syslog] -- This edition of the Weekly Roundup looks at how one man has taken over the network of the city of San Francisco, take a glance at a local news start-up and Linus Torvalds calls out the IT security sector. Read more »

Attack Modeling vs Threat Modeling

[blogs:] -- Traditional Threat Modeling from an adversarial approach is actually Attack Modeling. So what is Threat Modeling then and how does it differ from Attack Modeling? Read more »

Log in


Sign up | Forgot your password?

Blogs

RSS feed

What's on?