Over the weekend, a major Typolight security hole was identified that allows hackers to bypass password authentication and gain access to Typolight sites.

Intel has released a patch for its series of silicon-based security protections after researchers from Poland identified flaws that allowed them to completely bypass the extensions.

В этом ролике ты узнаешь, как можно за пару минут поднять собственный прокси-сервер с помощью утилы Pproxy. Сначала хакер выбирает обычный веб-шелл из заначки. Затем заливаем скрипт проксика на удаленный сервер, после чего, запускает локальную часть тулзы на своем компе

A dangerous vulnerability in Internet Explorer 6 and 7 became publicly known before a fix was available, raising the specter of a high-risk zero-day attack.The bug involves the way IE handles Cascading Style Sheets (CSS) objects, and could let an attacker run any command on a targeted Windows XP, Vista, Server 2003, or Server 2008 PC. Bad guys have already posted sample attack code online. IE 8 is not affected

Illegal file sharing levels are still not declining despite a recent crackdown by the government, according to new research from British recorded music industry body the BPI.

A DNS hijacking attack left Twitter temporarily affected for about an hour early on Friday.

Microsoft launched a pilot test program for an online tech-support forum that will be staffed by paid “independent experts.”

The Novell-backed Moonlight project released the final Moonlight 2, an open source Linux/Unix clone of Microsoft's Silverlight framework that offers improved media streaming. Novell and Microsoft also announced that they will continue their Moonlight collaboration and extend Microsoft's patent covenant to Moonlight distributors other than Novell.

Someone hacked into the N.C. Community College System server and accessed Social Security and driver’s license numbers of college user libraries, including more than a thousand users of Pamlico Community College's library.

On Dec. 16, the Seoul police department reported that two Koreans were arrested in China as suspects of the fraud. Park, 27, and his accomplice used a cyber virus to obtain victims’ information, which they used to withdraw money from their bank accounts. They are being charged for breaching information technology network laws. Since late last year, an increasing number of similar frauds have been reported, but this is the first time that actual arrests were made.

Кто-то работает дома, а кто-то в офисе. Но у нас у всех почти одинаковые столы, одинаковые мониторы, одинаковые стулья. Некоторых это не устраивает и появляются такие чудные биологичные рабочие столы с настоящей травкой

Не прошло и трех дней после сдачи моей прошлой статьи, как в голове родилась совершенно новая и куда более эффективная методика работы с Blind SQL Injection. Если ты помнишь, я рассказывал о том, как существенно уменьшить количество запросов к серверу при работе с уязвимостями такого рода

Botnet operators have always been able to easily infect and convert PCs into bots, but they also are increasingly going after servers -- even building networks of compromised servers.

Millions of user passwords to social networking sites have been exposed, after a serious SQL injection flaw on the Rockyou.com website left login details - stored in plain text - up for grabs.

The international hacker who has admitted to stealing more than 130 million payment card numbers has mounted a new defense claim that he might suffer from Asperger's syndrome, a court filing indicates.

The FBI has accused a man of copyright infringement for allegedly uploading to the Web the feature film "X-Men Origins: Wolverine" last spring.

Conficker may be under control, but the malicious family of programs is resident on more than 6.5 million computers worldwide, with more than 5 percent of some network's Internet addresses showing signs of infection.

Users should disable JavaScript in Adobe's Reader and Acrobat tools to protect themselves until a patch for a just-disclosed vulnerability is available, security experts said today.

Malware purveyors are exploiting web vulnerabilities in appleinsider.com, lawyer.com, news.com.au and a dozen other sites to foist rogue anti-virus on unsuspecting netizens.

Public fascination with television's "CSI" forensic detectives and with the virtual reality depicted in the "Matrix" films may be partly responsible for the high level of interest garnered by a Defense Department contest to solve cyber crimes.

As 2009 draws to a close and a new decade dawns, CSOonline has reached out to some of the industry's best known security pros in search of insight on what the next 12 months and beyond have in store for our IT and cyber infrastructure. Each participant was asked to make five predictions.

Research carried out by Bell Micro, the IT systems distributor, claims to show that 67% of organisations believe there is a greater threat to their IT systems security and integrity from within their organisation than from hackers outside.

Cybercriminals are lazy. Given the choice between adapting their malicious software to a new operating system or focusing on users who haven't made the switch, they'll inevitably choose the path of least resistance, according to a new report from Finnish security firm F-Secure.

In a newly released report, security researcher claims that Google’s reCAPTCHA, one of the most widely adopted free CAPTCHA services, contains weaknesses that would allow a 10,000 infected hosts botnet the ability to achieve 10 recognition successes every second, allowing it to register 864,000 new accounts per day.

Rest assured that 2010 is going to be a big year for the Android operating system, with many new handsets finding their way to stores around the world (including Google’s own phone) and an increasing number of developers building tools, games and the likes for the fast-growing platform.

According to web analytics company Net Applications, Chrome marketshare leaped to 4.4 percent last week, based on the analysis of 160 million unique visitors to 40,000 sites. Meanwhile, Safari only held 4.37 percent of the market. A narrow victory? Sure. But a victory the nonce.

A damaged Telstra cable under Melbourne airport brought down the airline's telecommunications service provider, crippling its passenger check-in process from lunchtime yesterday and forcing the cancellation of 48 flights.

Если ты считаешь, что Tor - это исключительно средство для обеспечения приватности в сети, то ты неправ дважды. Во-первых, его распределенную сеть можно использовать в разных целях. А, во-вторых, не так уж безопасен черт, как его малюют

Когда вам говорят об опасностях длительной работы за компьютером, какие риски чаще всего вспоминают? Испортишь глаза! Будет болеть спина! Все это верно, но риски для глаз практически сведены "на нет" хорошим монитором, а спина любит спортзал и хорошее кресло

Any break-in pursues its own aim, which determines its value. It's up to you to decide whether to deface a site for the latent risqué things lovers or to screw up another root shell. The reality is that any vulnerability in a web application poses a threat to the server. And if you don't confine yourself to the trite and somewhat boring SQL injections so this article is right for you. The victim's address is at input, the admin access via RDP is at output – these are classics of penetration!

The anti-spam community is unlikely to have any future successes on the same scale of the McColo shutdown, as botnet herders have learned from their mistakes to make botnets harder to track and close, according to McAfee.

A bug in the latest version of the Google Chrome browser could leak the identity of users trying to surf anonymously, developers warn.

Koobface - the long-running worm which first appeared 12 months ago - is being customised by hackers to crack security systems on website hosting services, and so allow it to auto-create its own web pages.

A team of hackers has successfully rooted the recently released Nook e-reader.

The United States and Russia have begun discussions on increasing security online. The two sides are also said to be working for an agreement to cut the number of online military attacks.

Online attacks against databases have taken off in the past 18 months, according to data released by IBM’s X-Force security team.

A new scareware package tries to sell bogus antivirus software to its victims using an apparent endorsement of the software by Microsoft.

Dr.Web Enterprise Suite предназначен для централизованного управления защитой рабочих станций корпоративной сети под управлением Windows 9x-Vista. В этом ролике мы установим компоненты данного решения и познакомимся с основными настройками консоли администрирования.

First the iPhone, now the Droid: A hacker has unleashed an exploit that lets a user wrest administrative root control of his or her Motorola Droid smartphone.

Microsoft may not have hustled as fast as researchers thought when the company patched a zero-day bug in Internet Explorer (IE) just 18 days after exploit code went public.