An analysis of over 1900 penetration tests and 200 actual security breaches over the last year has show that over four out of five security problems come from third party suppliers.

Security researchers have defeated vulnerability protections baked into the latest versions of Internet Explorer, demonstrating that it's possible to poke holes in a safety net that's widely relied on to keep end users safe from drive-by exploits.

IT security firm Sophos today released a list of the top ten countries hosting malware on the web, indicating which territories are the biggest offenders. Sophos detected over 50,000 newly infected web pages every day with its findings revealing that the problem of compromised websites is truly global.

After removing Google's Android driver code from the Linux kernel, Novell Fellow and Linux developer Greg Kroah-Hartman has argued that the mobile OS is incompatible with the project's main tree.

A growing emphasis by computer hackers on stealing payment card data from hotels and resorts and their increasingly sophisticated malicious software and attack methods are two highlights in a new report from security consulting and technology firm Trustwave Holdings Inc.

Activists have long grumbled about the privacy implications of the legal "backdoors" that networking companies like Cisco build into their equipment--functions that let law enforcement quietly track the Internet activities of criminal suspects. Now an IBM researcher has revealed a more serious problem with those backdoors: They don't have particularly strong locks, and consumers are at risk.

Christopher Tarnovsky, who operates the California-based consulting firm Flylogic Engineering, must strike dread into the heart of anyone working on secure computer chips.

A bug in the design of the Oracle database -- the world's top-selling software for storing electronic information -- could allow hackers to break into private databases via the Internet, said David Litchfield, chief research scientist of NGSSoftware Ltd, a UK-based computer security company.

Sticking to the rules of the cat-and-mouse game between the iPhone Dev Team and Apple, the former has been able to confirm that iPhone OS 3.1.3 IPSWs are jailbreakable by the group’s redsn0w jailbreak tool. Supported devices currently include the iPhone 2G (first-gen iPhones), iPhone 3G, and iPod touch 2G (second-gen iPod touch).

Пираты побеждают. Дело не только в том, что Пиратская партия Швеции — уже в Европарламенте, а обвинительный приговор, которым завершился процесс против владельцев одного из крупнейших торрент-трекеров Pirate Bay, не остановил работу сайта

A Chinese government official has said that his country is the world’s leading target in hacking attacks.

A report (PDF) into the security of banking internet systems has found that one of the biggest problems faced is the reuse of login passwords by customers.

Apple's iPhone is vulnerable to exploits that allow an attacker to spoof web pages even when they're protected by the SSL, or secure sockets layer, protocol, a security researcher said.

iDefense is warning users of several critical vulnerabilities in several versions of its online media application, RealPlayer, that could open the door for a remote code execution attack on both Windows and Mac systems, according to iDefense Labs security blog.

They go by names such as Piratecrackers, Yourhackers and Slickhackerz. Although illegal, a handful of internet services brazenly advertise that for a usual hundred dollar fee they can obtain almost any email password. One site boasts that it provides an ideal way to catch a cheating spouse or significant other.

A mysterious flood of SSL packets from the Pushdo botnet, possibly an attempted DDOS attack, is not succeeding, according to the Internet Storm Center. None of the attacked sites are experiencing significant outages.

Ежесекундно по интернет-каналу корпоративной сети проходят тысячи пакетов. Часть из них нацелена на то, чтобы обойти все заслоны и нарушить работу сетевых сервисов или предоставить их автору базу для рассылки спама. И здесь на помощь администратору приходят системы обнаружения атак, позволяющие вовремя среагировать на угрозу

Представь, что ты администратор Сети и в руках твоих Nokia N900, основанный на MAEMO. Ты весь в делах и разъездах и твой мобильный компьютер - единственная связь с твоей подведомственной локалкой и внешними сетями. Рулить ими надо всерьез и надолго - конечно при помощи N900

A new Website launched today called Security Scoreboard includes information on more than 600 security vendors and their products, as well as customer reviews. The site is aimed at CISOs, CIOs, and others looking for a one-stop shop to find security product and services information.

Five months after Ameriprise Financial fixed a bug that could have helped criminals steal user authentication credentials, the financial giant's website is vulnerable again.