Assume your Drupal 7 site has been compromised

Posted on 30 October 2014.  |  Automated attacks began compromising Drupal 7 websites within hours of the announcement of the existence of the SQL injection vulnerability.

US ICS operators under attack

Posted on 29 October 2014.  |  The US ICS-CERT has issued a warning about an ongoing sophisticated malware campaign that has hit a number of ICS environments using a variant of the BlackEnergy malware.

Top 10 cloud myths

Posted on 28 October 2014.  |  Even with a mostly agreed on formal definition, multiple perspectives and agendas still conspire to mystify the subject ever more.

Tor exit node found patching downloaded binaries with malware

Posted on 27 October 2014.  |  The node was adding malicious code that made users' computers open a port to send HTTP requests to and receive commands from a remote server.

Ebola-themed emails deliver malware, exploit Sandworm vulnerability

Posted on 24 October 2014.  |  One of the most prolific campaigns is the one that impersonates the World Health Organization.


Fake "Online Ebola Alert Tool" delivers Trojan

Posted on 29 October 2014.  |  Cyber scammers continue to take advantage of the fear and apprehension surrounding the proliferation of the Ebola virus.

What's New
Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.


Thu, Oct 30th
McAfee FOCUS 14
27 October - 29 October 2014.
INTERPOL World 2015
14 April - 16 April 2015.

Editor's choice

Facebook open-sources osquery, an OS analysis tool

30 October 2014. | Facebook has open-sourced osquery, a framework that allows developers to write SQL-based queries to explore operating systems, diagnose problems, troubleshoot performance issues.

Assume your Drupal 7 site has been compromised

30 October 2014. | Administrators of sites that run Drupal 7, and have not yet updated to version 7.32 are advised to consider their site as potentially compromised and proceed to fix the issue.

Photo gallery: McAfee FOCUS 14

30 October 2014. | Help Net Security attended McAfee's Annual Security Conference FOCUS 14 that has been held this week at The Venetian and the Palazzo Congress Center in Las Vegas.

Fixing the broken windows of software security

29 October 2014. | In the context of software security, developing new software without paying attention is a signal that no one cares, and thatís where many organizations are today.

Crooks use stolen magnetic payment card info to make fraudulent chip-enabled transactions

28 October 2014. | Most US banks have yet to issue chip-based payment cards but some of them have already been fleeced via fraudulent chip-enabled transactions.

Automation is the key to successful policy implementation

28 October 2014. | With the explosion of data collection and the influx of information, previously effective approaches to monitoring and regulation of electronic data are becoming impractical.

Explaining infosec magic to kids

27 October 2014. | Magic! Itís the basis for countless childrenís stories filled with adventure and excitement. Itís also how many kids think cyberspace works.