HNS MAIN FEED
Sunday, 21:23 EDT
- Scammers using IM to deliver "IQ Test" spam
- Automated vs. manual security
- Facebook boosts security by adding remote logout feature
- Trojan attacks remain widespread
- Spammers attack Apple's Ping social network
- Labor Day phishing warning
- User's opinions on malware infections revealed
- Google Code hosting malware-spreading project
- Fake browser warnings lure victims to rogue AV solution
- Rescue of Chilean miners used as lure by banker Trojan
- Phishing campaign targets McDonald's fans
- Cyber crooks steal nearly $1 million from University of Virginia
 Authentication (32) Compliance (18) Cryptography (11) Database (16) General Security (147) Hacking History (30) Interviews (189) Intrusion Detection (20) Linux (16) Mac OS X (21) Malware (51) Opinions (211) Podcasts (46) Security Products (100) Storage (21) Various (78) Video (45) Web Security (95) Wireless (23) |
Featured article
Malware detection with Neptune In this video recorded at Black Hat USA 2010, Rami Kawach, a software architect at Qualys, talks about Neptune - a project to build an automatic malware analysis engine and deliver it as a free tool. |
Last 10 added articles
| Malware detection with Neptune (Video) In this video recorded at Black Hat USA 2010, Rami Kawach, a software architect at Qualys, talks about Neptune - a project to build an automatic malware analysis engine and deliver it as a free tool. |
| Corporate espionage for dummies: HP scanners (General Security) Web servers have become commonplace on just about every hardware device from printers to switches. Such an addition makes sense as all devices require a management interface and making that interface web accessible is certainly more user friendly than requiring the installation of a new application. Despite typically being completely insecure, such web servers on printers/scanners are generally of little interest from a security perspective, even though they may be accessible over the web, due to network misconfigurations. Yes, you can see that someone neglected to replace the cyan ink cartridge but that's not of much value to an attacker. However, that's not always the case. |
| A closer look at GFI Backup 2010 Business Edition (Security Products) Through GFI Backup’s central web-based administration console, administrators can configure and implement company-wide backup policies in a single task. Additionally, through the product’s agent component, users can create their own personal backup and restore tasks, over and above the centrally-created default backups. |
| Network security challenges faced by universities (Opinions) Striking a balance between an open yet secure network remains a challenge for university IT departments. While universities are often on the cutting edge of innovation, they face complications when it comes to enforcing IT policies. In some cases, this has led to staggering data breaches. |
| Building secure software using fuzzing and static code analysis (Various) The increased complexity of new technologies and faster software release cycles are making traditional reactive security solutions ineffective. Instead, more adaptable, preemptive product security testing is needed. Moreover, for example, due to agile development and outsourcing, the software development process itself is also becoming more complicated further increasing the need for more effective product security practices. This whitepaper describes how fuzzing and static code analysis can be used as complementary methods to ensure the security and robustness of your software. |
| Seven questions you should ask about deduplication (Storage) Deduplication has been one of the hottest technologies in the storage industry for almost three years. IT managers in most midrange data centers typically have limited staff and few backup specialists, and it can be hard to figure out how deduplication might fit into their situation. Following are important questions for IT managers to ask as they consider deploying deduplication in a midrange datacentre. |
| Top scams and protection tips (Web Security) Criminals are always preparing for the next major event from which to hitch a ride and launch an attack in an effort to dupe us into believing their lies. What is it about these attacks that manage to fool so many people and what can we do to protect ourselves? |
| New data breach legislation (Opinions) In the past two months, there have been two bills introduced in Washington, D.C. that are attempting to set nationwide standards for the security and privacy of consumers’ personal information. There are already 46 different data breach notification laws in 46 states with somewhat different and inconsistent provisions regarding the notification of consumers. One of the intents of a national bill would be to eliminate these inconsistencies ensuring that all consumers are treated fairly and consistently when affected by a data breach incident. These bills are important to keep an eye on—and likely to be controversial—especially if you maintain and manage large amounts of consumer data. |
| SSL Labs: Researching the technology that protects the Internet (Video) In this video recorded at Black Hat USA 2010, Ivan Ristic talks about SSL Labs - a non-commercial research effort and collection of documents and tools related to SSL. It's an attempt to better understand how SSL is deployed, and an attempt to make it better. |
| Five imperatives for extreme data protection in virtualized environments (Opinions) Transforming an organization through server virtualization requires a strategic and coordinated approach. Data protection - which includes not only backup, but also secondary storage and disaster recovery considerations - is an area that can easily complicate virtualized data centers if implemented hastily. It is essential that data protection efforts reduce hardware purchases, rather than require additional hardware to make it work. The following are five critical data protection imperatives that organizations must consider during virtual server planning. |