The Apache Foundation, a nonprofit organization that supports open source software projects and is itself supported by important companies like Google, Yahoo, Microsoft, HP, and Facebook, has been attacked, and the Apache Infrastructure Team warned people today that some passwords were compromised in the process.

Microsoft fixed 25 holes on Tuesday, including critical ones for Windows that could be triggered by browsing to a malicious Web page, while Adobe plugged 15 holes in Reader and Acrobat and launched its new updater service.

Users hate them. They're a massive headache to network administrators. But IT departments often mandate them nonetheless: regularly scheduled password changes — part of a policy intended to increase computer security.

У каждого из команды ][ — свои предпочтения по части софта и утилит для пентеста. Посовещавшись, выяснили: выбор так разнится, что можно составить настоящий джентльменский набор из проверенных программ. На том и решили

Microsoft has delivered a significant update to its developer tools with the release of Visual Studio 2010, .Net Framework 4 and Silverlight 4.

Russia is not a safe haven for criminals or spammers, according to a Russian trade association campaigning to tighten up the admitted shortcomings of local cybercrime laws and build international cooperation.

Opera has announced Apple's approval of the company's Opera Mini browser in the iPhone App Store.

Since its launch, Internet Explorer 8 has blocked access to over 560 million sites that it determined were serving malware, or about 3 million blocks per day, said Brandon LeBlanc in a blog post on Friday. However, it is unclear how many of those sites were legitimate, duped into serving malware laced ads, sent to them from their ad network.

Michael Chertoff, former US secretary of Homeland Security; Richard Clarke, chairman of Good Harbor Consulting; and Marc Rotenberg, executive director of the Electronic Privacy Information Center, share their views on how to prevent future cyberthreats. They outline areas of focus and how to protect against cyberthreats without imposing on privacy rights.

Появился новый таск-менеджер, который совершенно бесплатен. Изначально он заточен под групповую работу. Написан очень красиво и напакован всякими приятными штучками. Лучше всего вам про него расскажет скринкаст от WWD:

While many enterprises continue to build systems and strategies to protect their relational databases, many organizations haven't done enough to secure the information in the most common database format: the flat-file database, experts say.

Two researchers from Trustwave will demonstrate how a man-in-the-middle attack on Oracle databases can be leveraged to swipe user credentials and hijack sessions at the upcoming Black Hat Europe security conference.

Security experts are warning Windows Mobile phone users to beware of downloading games to their devices as it emerged that a Russian-speaking hacker has been uploading versions of a particular game with malicious Trojan programs hidden inside.

Researchers have discovered a flaw in the latest version of Oracle's Java runtime environment that attackers can exploit to remotely execute malicious code on end user machines.

For all the credit Facebook has received for its privacy controls and user safety, the site still falls prey to an unsettling number of security issues and potential data breaches. Last month a botched code push accidentally revealed private user email addresses, and before that Facebook accidentally sent private messages to the wrong recipients. Today, security engineer Joey Tyson, AKA theharmonyguy, has detailed a major security hole in Facebook Platform — one that would allow a malicious website to silently access a user’s profile information, photos, and in some cases, messages and wall posts, with no action required on the user’s part.

О восстановлении данных с файловых систем Linux не писал только ленивый. Для выполнения этой задачи существует множество самых разнообразных средств, включая утилиту debugfs, которая с легкостью извлекает любые потертые файлы с ext2

Mac security specialist Intego has begun offering the first antivirus scanner capable of inspecting Apple's much-hyped iPad, despite the questionable need for security scans on the device.

Signs are emerging that Microsoft has realized it can exploit concerns over what Google does with information involving where you've surfed and what you've searched for.

Companies using SAP AG's business management software could be vulnerable to stealth attacks by hackers if their systems are not properly configured, according to a computer security expert.

Joanna Rutkowska, a security researcher known for her work on virtualization security and low-level rootkits, has released a new open-source operating system meant to provide isolation of the OS's components for better security.

Ты, конечно, не раз слышал про такую штуку, как аппаратная виртуализация – технологию, позволяющую запускать несколько гостевых ОС на одной машине (так называемом хосте). Исторически первой была программная виртуализация, затем разработчики процессоров призадумались, что неплохо было бы обеспечить аппаратную поддержку этого дела

TechTracker – утилита и веб-сервис в одной упаковке, проверяющая установленное программное обеспечение на наличие обновлений.

Enterprises are spending huge amounts of money on compliance programs related to PCI-DSS, HIPAA and other regulations, but those funds may be misdirected in light of the priorities of most information security programs, a new study has found.

The people who uncovered GhostNet, an extensive cyber espionage network that targeted the Tibetan exile community, are back with a sequel.

A new type of cross-site scripting (XSS) attack that exploits commonly used network administration tools could be putting users' data at risk, a researcher says.

Cisco has launched new upgrades for its Data Centre 3.0 portfolio, claiming that organisations will be able to take advantage of improved business agility and better support for datacentres.

Google has posted a new video instructing users on how to safely manage their Buzz accounts.

Digital certificate authority RSA Security on Tuesday acknowledged it issued a root authentication credential shipped in in the Mac operating system and Mozilla web browsers and email programs, ending four days of confusion about who controlled the ultra-sensitive document.

Software developer CA will eliminate 1,000 jobs, shutter some of its facilities and deliver full-year earnings at the bottom of its previous guidance, according to its latest filing with the Securities and Exchange Commission.

Windows Mobile may lack the elegance of more modern operating systems, but some phones based on Microsoft’s mobile OS are finding new life as Android handsets.

Euthanasia groups will hold computer seminars around Australia to teach people how they can defy the Federal Government's proposed internet filter to obtain suicide information.

Firefox developers say they're close to plugging an information leakage hole that has plagued every major browser for more than a decade.

A lot of people complained about the iPad’s closed-off software. But no one did anything about it — until now, apparently.

Recently a new mobile virus named "MMS Bomber" has run rampant in China, and millions of Chinese mobile phones were impacted, reported Beijing Business News. The National Computer Network Emergency Response Technical Team/Coordination Center of China has alerted mobile users that the targets of the virus are mobile devices with S60 3rd OS, mostly Nokia and Samsung smart-phones.

Data on 3.3 million borrowers was stolen from a nonprofit company that helps with student loan financing.

Police chiefs are under fire again after it was revealed today that the personal details of innocent motorists are being stored on a centralised database without their knowledge or permission.

И я знаю, конечно, что вы можете "джейлбрейкнуть" свой iPhone, получить права администратора и запустить всё, что заблагорассудится. Уверен, что кто-нибудь придумает, как "джейлбрейкнуть" iPad. Это не меняет дела. Я не хочу жить в мире, в котором приходится взламывать собственный компьютер, чтобы забраться к нему в потроха

Финансовый кризис заставил IT-специалистов пересмотреть традиционный подход к организации сети в сторону "тонких клиентов". В отличие от настольных компов, они экономичны, потребляют мало энергии, просты в сопровождении, легко адаптируются к любой среде

Судя по количеству публикаций на эту тему, авторы Демоблога любят небольшие текстовые редакторы, и это не спроста. Такие редакторы наилучшим образом подходят для чтения информационных и конфигурационных файлов, а так же программного кода PHP, CSS и HTML