News

Access control and authentication

Article | 1/11/2012 Unprotected Apache server status pages put popular websites at risk
Many Apache Web servers, including those hosting some popular websites, expose information about the internal structure of the sites they host, the IP...
Article | 31/10/2012 One year after DigiNotar breach, Fox-IT details extent of compromise
The 2011 security breach at Dutch certificate authority (CA) DigiNotar resulted in an extensive compromise and was facilitated in part by shortcomings...
Article | 26/10/2012 Critical flaw found in software used by many industrial control systems
CoDeSys, a piece of software running on industrial control systems (ICS) from over 200 vendors contains a vulnerability that allows potential attacker...
Article | 25/10/2012 SAP aims to be the Apple of enterprise mobility
A home improvement retail chain can use an app running on an iPad to help design a customer's home, check inventory for the products, give a cost esti...
Article | 22/11/2011 EFF proposes new method to strengthen Public Key Infrastructure
The Electronic Frontier Foundation (EFF) is proposing an extension to the current SSL chain of trust that aims to improve the security of HTTPS and ot...
Article | 15/11/2011 Researchers bypass the restrictions of Mac OS X default sandbox profiles
The restrictions imposed by Mac OS X generic application sandbox profiles can be easily bypassed, researchers from Core Security Technologies found.
Article | 4/11/2011 Amazon adds app for easier two-factor authentication
Amazon Web Services has added the option to use applications to create codes for its Multi-Factor Authentication (MFA) service, the company said on We...
Article | 4/11/2011 Ongoing drive-by download campaign hijacked MIT server
A server belonging to the Massachusetts Institute of Technology was commandeered by hackers who used it to launch attacks against other websites as pa...
Article | 2/11/2011 Duqu exploits zero-day Windows kernel vulnerability to infect computers
Security researchers from the CrySyS laboratory in Hungary have located an installer for Duqu, the <a href="http://www.pcworld.com/businesscenter/arti...
Article | 2/11/2011 Researchers defeat CAPTCHA on popular websites
Researchers from Stanford University have developed an automated tool that is capable of deciphering text-based anti-spam tests used by many popular w...
Article | 28/10/2011 IBM anoints Q1 Labs technology as centerpiece of security portfolio
IBM intends to make the security information and event management (SIEM) technology gained through the acquisition of Q1 Labs, which was officially cl...
Article | 27/10/2011 Researchers demo cloud security issue with Amazon AWS attack
Researchers from the Horst Goertz Institute (HGI) of the Ruhr-University Bochum (RUB) in Germany have demonstrated an account hijacking attack against...
Article | 27/10/2011 Researchers demo cloud security issue with Amazon AWS attack
Researchers from the Horst Goertz Institute (HGI) of the Ruhr-University Bochum (RUB) in Germany have demonstrated an account hijacking attack against...
Article | 26/10/2011 Exploit-powered Android Trojan uses update attack
A new variant of the DroidKungFu Android Trojan is posing as a legitimate application update in order to infect handsets, according to security resear...
Article | 21/10/2011 Adobe to fix Flash flaw that allows webcam spying
Adobe is working on a fix for a Flash Player vulnerability that can be exploited via clickjacking techniques to turn on people's webcams or microphone...