Facebook has been hit by another scam that exploits the social network's 'Like' button, reports security firm Sophos.

Google Wave is a highly anticipated collaboration tool that is still on the horizon. What kind of security options is Google working on for its Wave protocol in 2010? Have some of the big security holes present in the September 2009 protocol release been addressed?

A recent survey conducted by Tufin Technologies, a provider of firewall management software, finds that of the 242 IT professionals working at companies with over 1,000 employees, 30 percent said they audited their firewall security only once in every five plus years. So when those systems are ultimately compromised, and then used to harm systems elsewhere, who should be liable? Obviously, the perpetrator of the crime is primarily responsible

Indian security agencies have tracked a server in Pakistan that was used to hack the computer of an Indian Army major based in the Andamans who is being questioned by the National Investigation Agency (NIA).

Over the last few days, news has emerged that a U.S. Army intelligence analyst, Bradley Manning, was the source that recently leaked classified information to Wikileaks. But he didn't just leak 260,000 classified cables and a brutal video of an Apache helicopter mowing down civilians and journalists in Iraq -- no, he also leaked the code name and details of the government investigation into the Chinese attacks on Google and other Silicon Valley businesses.

The revelation that the open-source Unreal IRC server download has been infected with malware for some eight months is pretty worrying. But the added discovery that this Trojan horse made its way into the Gentoo distro is real reason for the Linux community to re-examine how trusted repositories are handled.

Если вы видите вещи, которых нет на самом деле, это означает одно из двух: вы либо нуждаетесь в отдыхе в маленькой уютной комнате с мягкими стенами, либо являетесь одним из первых пользователей революционной технологии, которая в самое ближайшее время заставит нас увидеть окружающий мир совершенно по-новому

Буквально за несколько дней перед сдачей номера в печать Metasploit обзавелся свеженьким модулем, про который мы просто не могли не рассказать. Благодаря новой команде getsystem, на скомпрометированной системе стало возможно перейти из User Level в ring0, получив права NT AUTHORITY\SYSTEM! И это - в любых версиях винды.

Забудьте всё, что считаете, что знаете о хакинге. Забудьте про свои предпочтения, свои сомнения, свою этику, свои иллюзии. То, что вы собираетесь испытать на себе, смогут лишь немногие люди. То, что последует далее, является глубоким проникновением в некоторые из самых светлых умов нашего поколения — в умы хакеров.

More than 100,000 webpages, some belonging to newspapers, police departments, and other large organizations, have been hit by an attack over the past few days that redirected visitors to a website that attempted to install malware on their machines.

Trendnet has beaten off stiff competition to be first to market with a 450Mbps 802.11n router.

Olympus has confirmed that nearly 2,000 of its Stylus Tough 6010 digital cameras have shipped with a worm installed on the included microSD card.

An employee in one of Bank of America's customer call centers has admitted he stole sensitive account information and tried to sell it for cash.

AT&T has confirmed an iPad security breach which computer experts say has exposed over 100,000 early iPad adopters to potential malicious hacking and spam, with those vulnerable including dozens of CEOs, military officials, top politicians and media personalities.

Twitter is to introduce a new feature designed to wrap and shorten all links posted by users, in an effort to improve security and gain more information on links being shared.

Quantum links are said to be unhackable because the "key" used to establish a secure channel is encoded into the spin of a photon. If the photon is intercepted, it becomes altered in a detectable way. However, hackers have discovered loopholes that allow them to escape detection, for instance, by intercepting the photons and replacing them with copies.

A security researcher has warned of a vulnerability in older versions of the Windows operating system that allows attackers to take full control of a PC by luring its user to a booby-trapped website.

The local ISP industry is expected to take up the Australian Internet Industry's (AII) new voluntary code of practice on cyber security, but some doubts over the plan have been expressed.

Two security researchers have claimed there is a major security flaw in the way Windows 7 interacts with the hardware of its host machine. They argue it could be extremely difficult to fix the issue.

More than a quarter of the security products submitted for the recent Windows Server 2008 R2 Virus Bulletin VB100 anti-malware tests failed to pass.

An analysis being presented this week says open source software is exploited faster and more effectively than proprietary solutions.

Unauthorized users penetrate Pentagon networks over six million times a day, says the head of the US Cyber Command, urging US military to guard against cyber attacks.

The Glorious People's Republic of China is facing a wave of hack attacks from inside its own bamboo curtain.

Researchers have released software that exposes private information and executes arbitrary code on sensitive websites by exploiting weaknesses in a widely used web development technology.

Ровно три года назад один из коллег спросил: "Ребята, я хочу определять в любое время местонахождение моей машины. Например, зайти на сайт и увидеть, где находится автомобиль на карте Москвы. Какие есть простые, надежные и недорогие решения?" В то время о недорогих устройствах оставалось только мечтать

Периодически в интернете можно встретить настолько ценные статьи, что хочется распечатать их и зачитать до дыр. При этом не на всех сервисах предусмотрена версия статьи для печати или наши желания распечатать не совпадают с предоставляемыми возможностями (хочется оставить картинку или изменить тип основного шрифта)

Обеспечение правильной и бесперебойной работы почтового сервиса является одной из приоритетных задач администратора. Можно спорить до хрипоты, что свободные сервера лучше, но факт остается фактом - Exchange Server пользуется большой популярностью среди многих компаний, благодаря надежности работы, тесной интеграции с Active Directory и планирующим особенностям

E-commerce company Digital River exposed data belonging to almost 200,000 individuals after hackers executed a “highly unusual search command” against its secured servers, according to a news report.

I’m as sick of writing about it as you are sick of reading about it. But because Facebook has become a societal juggernaut: a massive inexorable force that seems to crush everything in its way, we need to discuss it because it’s messing with lots of functions of society.

The ability to access the code of open-source applications may give attackers an edge in developing exploits for the software, according to a paper analyzing two years' worth of attack data.

Local police here have arrested a seven-member gang in Hyderabad for allegedly hacking the website of the Regional Passport Office.

Social engineering has evidently earned a new level of respect from hacker community: For the first time, this year's Defcon gathering in Las Vegas will feature a contest in which participants will compete to gather nuggets of information from unsuspecting target companies -- over the telephone instead of the Internet.

The internet as we know it is reaching its limits.

The Consumers’ Foundation yesterday said a number of social gaming companies do not provide adequate protection of consumers’ rights, as they have no standard procedures to prevent hackers from illegally accessing players’ accounts.

"Malware embedded into legitimate-looking games designed for Windows Mobile has appeared, automatically dialing up foreign telephone services to rig up hundreds of dollars in illicit charges for users behind their backs," Prince McLean reports for AppleInsider.

The Israeli radio reported today that hackers hacked 1000 Israeli websites since the Israeli attack of Freedom Flotilla on last Monday.

Recent reports have detailed Google's actions to phase out the internal use of Microsoft's operating system for security reasons following targeted attacks that the company has experienced. The targeted espionage attacks took place in January of this year and were carried out with the aim of gaining access to the Gmail accounts of Chinese human right activists.

Adobe has announced that an exploitable flaw in Adobe Reader 9.x, Acrobat 9.x, and Flash 9.x and 10.x has been discovered and is being actively exploited. Windows, Mac OS X, and Linux versions are all affected. The flaw allows arbitrary code execution by attackers, and hence it is deemed "critical."

Легальный взлом. Можно ли заниматься любимым делом и прокачивать свои навыки в пентесте, не нарушая закон? Где можно проводить инъекции и экспериментировать со сплоитами, не думая о том, включен VPN или нет? Как опробовать полученные знания, пробравшись от бага в скрипте до самого рута в системе? Способ есть!

Стандартный веб-интерфейс Twitter имеет определенные недостатки. Поэтому широкое распространение получили веб-клиенты и настольные приложения, делающие твиттинг по-настоящему приятным занятием.