Things that freak out IT security pros

Posted on 31 October 2014.  |  Ghosts and zombies arenít the only things coming back from the dead this Halloween.

Assume your Drupal 7 site has been compromised

Posted on 30 October 2014.  |  Automated attacks began compromising Drupal 7 websites within hours of the announcement of the existence of the SQL injection vulnerability.

US ICS operators under attack

Posted on 29 October 2014.  |  The US ICS-CERT has issued a warning about an ongoing sophisticated malware campaign that has hit a number of ICS environments using a variant of the BlackEnergy malware.

Top 10 cloud myths

Posted on 28 October 2014.  |  Even with a mostly agreed on formal definition, multiple perspectives and agendas still conspire to mystify the subject ever more.

Tor exit node found patching downloaded binaries with malware

Posted on 27 October 2014.  |  The node was adding malicious code that made users' computers open a port to send HTTP requests to and receive commands from a remote server.


The security threat of unsanctioned file sharing

Posted on 31 October 2014.  |  Organisational leadership is failing to respond to the escalating risk of ungoverned file sharing practices among their employees, and employees routinely breach IT policies.

What's New
Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.


Fri, Oct 31st
McAfee FOCUS 14
27 October - 29 October 2014.
INTERPOL World 2015
14 April - 16 April 2015.

Editor's choice

Open source Knock Knock tool reveals OS X malware

31 October 2014. | Knock Knock shows users all the different persistent items (scripts, commands, binaries, etc.), that are set to execute automatically on their OS X machine.

Most orgs unprepared to handle a cyber incident

31 October 2014. | 75 percent of organizations Solutionary SERT assisted had neither an incident response team nor policies or procedures in place to effectively address a cyber incident.

Facebook open-sources osquery, an OS analysis tool

30 October 2014. | Facebook has open-sourced osquery, a framework that allows developers to write SQL-based queries to explore operating systems, diagnose problems, troubleshoot performance issues.

Assume your Drupal 7 site has been compromised

30 October 2014. | Administrators of sites that run Drupal 7, and have not yet updated to version 7.32 are advised to consider their site as potentially compromised and proceed to fix the issue.

Photo gallery: McAfee FOCUS 14

30 October 2014. | Help Net Security attended McAfee's Annual Security Conference FOCUS 14 that has been held this week at The Venetian and the Palazzo Congress Center in Las Vegas.

Fixing the broken windows of software security

29 October 2014. | In the context of software security, developing new software without paying attention is a signal that no one cares, and thatís where many organizations are today.

Crooks use stolen magnetic payment card info to make fraudulent chip-enabled transactions

28 October 2014. | Most US banks have yet to issue chip-based payment cards but some of them have already been fleeced via fraudulent chip-enabled transactions.