HNS MAIN FEED
Saturday, 20:48 EST
- Web application security testing tool Websecurify 0.4 RC1 released
- Exploitation of online banking credentials on the rise
- Battle of the anti-virus: What is the best software?
- Single sign-in gains ground
- Facebook continues to shoot down deceptive ads
- RSA Conference 2010
- Major vulnerability in SSL authentication
- Twitter users troubled by locked accounts
- Video: Web application scanning with credentials using Nessus
- Google Dashboard: What does Google know about you?
- Backdoor access for millions of Facebook and MySpace accounts
- EU leaders agree on Internet access safeguards
  Twitter users troubled by locked accountsMalware writers target online gamersHacked iPhones held hostageEmbracing tokenization: Payment without painA closer look at Acunetix Web Vulnerability Scanner 6.5 Battle of the anti-virus: What is the best software? Major vulnerability in SSL authentication Backdoor access for millions of Facebook and MySpace accounts Q&A: Ubuntu 9.10 security   Hard drive encryption with Dave AndersonMalware threats, Windows 7 and cyber crime with Bo OlsenSocial networking privacy issues with Brian HonanFuzzing with Ari TakanenMac OS X security and forensics with Sean MorrisseyWorldwide surveillance and filtering with Rafal RohozinskiSQL injection with Justin ClarkeWindows 7 vulnerable to most viruses Ask the social engineer: Practice Record levels of spam, malware and Web-based threats |
AV-Comparative.org recently released the results of a malware removal tests with which they evaluated 16 anti-virus software solutions. The test focused only on the malware removal and cleaning capabilities, therefore all used samples were samples that the tested antivirus products were able to detect. 
Researchers discovered a serious vulnerability in SSL, the most common data security protocol on the Internet. The SSL Authentication Gap allows an attacker to mount a man-in-the-middle attack, and affects the majority of SSL-protected servers on the Internet.
Yvo Schaap, a young Dutch application developer on Facebook, stumbled on a back door into any user account that accesses the application he was working on. He discovered the exploitable mistake while trying to get around a function limitation on his application, and realized he could modify the accounts and that his illegitimate interventions into the account could not even be traced.
Kees Cook is the security engineer and Gerry Carr is the head of platform marketing at Canonical. In this interview they discuss the security improvements in Ubuntu 9.10, the security challenges the Ubuntu team faces as well as what the latest version of Ubuntu offers to the developer community.
Windows 7 was touted as a big improvement on Vista, security aspect included. The Sophos team wanted to test that assertion, so they installed a full release copy of the new OS on a previously cleaned computer, kept the default values for User Account Control and didn not install any anti-virus software. The results were disappointing.
One reader wrote in asking: "How can one practice social engineering before using it in the wild?"
The number of new file-sharing sites hosting unauthorized, copyrighted content skyrocketed over the last three months, according to the latest report by McAfee. It also shows that spam, malware and Web-based threat creation has reached record levels in the last quarter, and that cybercriminals are extorting site-owners with threats of DDoS attacks.