HNS MAIN FEED
Monday, 02:48 EST
- Viral Facebook spam campaign delivers malware
- Compromised DreamHost-hosted websites lead to scams
- Week in review: Reactions to VeriSign hack, Anonymous leaks FBI conference call, and the new issue of (IN)SECURE Magazine
- Anonymous leaks FBI conference call on hacking investigations
- Server-side polymorphic Android apps
- Attackers use fake friends to blend into Facebook
- Kelihos botnet rises up again
- Concerned about online privacy? FBI says you might be a terrorist
- Google reveals it is already scanning Android apps for malware
- VeriSign hack: Reactions from the security community
- The fusion of hardware encryption, PIN access and USB 3.0
- Netop updates remote support and management solution
  Millions of infected Android apps... or not?Most disruptive and significant IT trendsLaw firms get hacked for deal dataKeeping on top of financial malware VeriSign hack: Reactions from the security community Attackers use fake friends to blend into Facebook Kelihos botnet rises up again Review: Network Warrior, 2nd Edition Government website passwords published by Anonymous Security breaches driving authentication changes (IN)SECURE Magazine issue 33 released Defense companies persistently targeted by cyber spies Malware redirects bank phone calls to attackers The state of global cyber-readiness Greatest risks to database security Compromised WordPress sites lead to Phoenix exploit kit |
VeriSign admitted it was hacked in 2010 and cannot identify what data was stolen. Here are comments on the situation that Help Net Security received from industry veterans from Entrust, BH Cosulting, Imperva, LogLogic, SystemExperts Corporation and Comodo.
A new Barracuda Labs study provides an example of an increasing number of attackers move to social networks to carry out their wares. The study analyzes a random sampling of 2,884 active Facebook accounts to identify key differences between average real user accounts and fake accounts created by attackers and spammers.
Kelihos - the botnet whose operation was disrupted last September by Microsoft and Kaspersky Lab by shutting down its C&C servers and making its bots contact a sinkhole instead - is back and working.
If you are interested in knowing everything that you can possibly know about networking, chances are you were already urged to read Network Warrior. Four years have passed since the first edition was published and found a place on the shelf of every serious network administrator, and this second edition has been modified somewhat to keep pace with the newer hardware and to cover additional subjects. 
As the moment when the new legislation for defending the rights of copyright holders regarding online sharing will be discussed is coming near, the Irish politician pushing it and the government itself are being repeatedly attacked by the hacker collective Anonymous.
Recent highly-targeted security attacks have impacted enterprise and government organizations. The breadth and sophistication of these attacks is prompting organizations to review their authentication strategies and solutions - some for the first time in years.
(IN)SECURE Magazine is a free digital security publication discussing some of the hottest information security topics. This time around we focus on Android security, we bring you the thoughts of the Facebook CSO and THE man behind Metasploit. To top if off, there are articles on web security, shellcode, mobile security, and more!
Researchers from security companies Zscaler and Seculert have issued a warning about bogus emails targeting employees of defense-related organizations around the world in order to trick them into installing malware.
Trusteer have discovered a concerning development in some new Ice IX configurations that are targeting online banking customers in the UK and US. Ice IX is a modified variant of the ZeuS financial malware platform.
McAfee and the Security and Defence Agenda (SDA) revealed the findings from a report that paints a global snapshot of current thinking about the cyber-threat and the measures that should be taken to defend against them, and assesses the way ahead.
The greatest challenge to database security may actually come from organizational issues, rather than nefarious or accidental acts. In most cases, database security is overseen by both database and security teams, thereby yielding a disconnect in ownership responsibilities as well as a lack of consensus on top priorities.
Hundreds of compromised websites that at first glance don't appear to be malicious have been discovered. The websites use Wordpress 3.2.1 and have been uploaded with an HTML page which redirects the users via a hidden iFrame to a page hosting the Phoenix exploit kit.