A former National Security Agency senior executive has been indicted for retaining classified information, obstructing justice and making false statements.
Researchers reveal Internet Explorer 8 XSS filtering flaw
A pair of security researchers have identified a way to use security tools within Internet Explorer 8 to compromise a website. The attack uses cross-site scripting filters implemented in the latest version of the Microsoft browser to execute cross-site…
Researcher releases malware hub forensics tool for Firefox
A Websense researcher has released a forensics tool designed to identify malicious web content from within the Firefox browser. Called Fireshark, the plug-in was released on Wednesday at the Black Hat security conference by Stephan Chenette, a principa…
Apache.org hit by XSS attack
The website for the open source Apache Web server at Apache.org was compromised this month by a targeted attack, said the Apache Software Foundation, which has provided a detailed blow-by-blow account of the hack.
Internet Explorer exploitation was most significant cybercrime issue during March
The latest monthly malware and vulnerability statistics released by Kaspersky Lab claims to show that the exploitation of vulnerability in Internet Explorer was the most significant cybercrime threat during the month of March.
Ministry of Defence: another day, another data loss
Detailed figures just released by the Ministry of Defence show that the military arm of the government had a total of 347 data loss incidents in 2009, with 71 further losses of confidential information in January plus February of this year alone.
Granular firewall environment needed for Facebook and Twitter
One of the least-reported areas of IT security in recent times is the topic of firewalls but, according to Gabi Reish, head of network security with Check Point, the technology is now into its fifth generation, largely as a result of the rise of the in…
Attackers use PAC feature to redirect browsers
Brazilian malware writers are making use of a long-available feature within most modern browsers to launch attacks that redirect victims to malicious websites without their knowledge. The feature, known as proxy auto config, is turning up in banking tr…
Game consoles at work threaten corporate security
Games console in the workplace pose an increasingly serious threat to enterprise security, according to new research from Sunbelt Software. The anti-malware vendor said that almost 4 in 10 respondents to the survey had no idea about any of the document…
Feds lagging on FDCC, watchdog says
Federal agencies are lagging behind in the implementation of the Federal Desktop Core Configuration (FDCC) requirements, according to the US Government Accountability Office.