Browse archive

Latest news

(IN)SECURE Magazine issue 34 released

Romanian hackers arrested for hitting government websites

17% of the world's PCs are unprotected

Dissecting modern privacy concerns

DNS-changing Trojan leads to phishing banking sites

Olympics fans targeted with lottery scam

WikiLeaks founder Assange loses extradition appeal

Security and privacy in the AWS cloud

UFED Touch: Field-ready mobile forensics solution

Securing the Virtual Environment

Flamer removal tool from Bitdefender

Hack In The Box conferences

Google releases web application security scanner

Posted on 22 March 2010.

Google released Skipfish, a free fully automated, active web application security reconnaissance tool. It prepares an interactive sitemap for the targeted site by carrying out a recursive crawl and dictionary-based probes.

The resulting map is then annotated with the output from a number of active (but hopefully non-disruptive) security checks. The final report generated by the tool is meant to serve as a foundation for professional web application security assessments.

Key features:

High speed: Pure C code, highly optimized HTTP handling, minimal CPU footprint - easily achieving 2000 requests per second with responsive targets.
Ease of use: Heuristics to support a variety of quirky web frameworks and mixed-technology sites, with automatic learning capabilities, on-the-fly wordlist creation, and form auto completion.
Cutting-edge security logic: High quality, low false positive, differential security checks, capable of spotting a range of subtle flaws, including blind injection vectors.

The tool supports Linux, FreeBSD 7.0+, MacOS X, and Windows (Cygwin) environments.

Spotlight

17% of the world's PCs are unprotected

Posted on 30 May 2012. | In a study that analyzed data from voluntary scans from an average of 27-28 million computers per month, McAfee researchers found 17% of the world is browsing the internet completely unprotected.

What's new in ISO 22301

Posted on 29 May 2012. | Currently there are many business continuity frameworks and standards around the world, but none of them have really taken the dominant position.

Trojan spyware promoted as Steam keygen

Posted on 29 May 2012. | To users looking for keygens for their Steam games, read on: we found something that will make you think twice and probably leave you steering clear of key generators forever.

New cyber weapon targets systems in the Middle East

Posted on 28 May 2012. | A new sophisticated piece of malware dubbed "Flame" has been discovered in systems belonging to users in many Middle Eastern countries and is though to have been developed by a nation state.

RuFraud scammers caught and fined

Posted on 28 May 2012. | PhonepayPlus managed to cut off a malware attack that took the form of premium SMS fraudulent apps masquerading as popular apps offered on Google Play and other online stores.

Daily digest

By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.

Weekly newsletter

With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.

DON'T
MISS
Wed, May 30th

30 May 2012.

Dissecting modern privacy concerns

30 May 2012.

(IN)SECURE Magazine issue 34 released

30 May 2012.

Security and privacy in the AWS cloud

29 May 2012.

Flamer removal tool from Bitdefender

29 May 2012.

Facebook Timeline Remover is still alive