Security Projects - Page 32 - Results from #620

Discover Security Projects News

Computer hackers break bread, push boundaries of technology

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

In a corner of a Panera Bread store, amid the clatter of dinner plates and orders recited over a warbling sound system, a group of men and a woman gathered last week, laptops open. They threw around terms like "botnets" and "onion routers" with ease, talked about microcontrollers and how to crack into a computer database should the need arise to test their own computer defenses.

LinuxSecurity.com Team
Jul 19, 2010

Metasploit Framework 3.4.1 Released

The Metasploit Project is proud to announce the release of the Metasploit Framework version 3.4.1. This release sees the first official non-Windows Meterpreter payload, in PHP as discussed last month here.

LinuxSecurity.com Team
Jul 16, 2010

What This Chinese Hacker Could Teach Apple

Wu Shi, a security researcher in Shanghai, has become one of the world's top browser bug hunters. If tough love is the best way to fix the world's software, then Wu Shi may be one of the information security industry's unsung heroes.

LinuxSecurity.com Team
Jul 15, 2010

Andiparos

Andiparos is a fork of the famous Paros Proxy. It is an open source web application security assessment tool that gives penetration testers the ability to spider websites, analyze content, intercept and modify requests, etc.

LinuxSecurity.com Team
Jul 14, 2010

Stealing login details with a Google Chrome extension

The Google Chrome browser allows the installation of third-party extensions that are used to extend the browser to add new features. The extensions are written in JavaScript and HTML and allow manipulation of the DOM, amongst other features.

LinuxSecurity.com Team
Jul 12, 2010

RSA's best practices for preventing enterprise data loss

According to U.S. government estimates, incidents of enterprise data loss cost businesses more than $100 billion in a single year. As threats to enterprise data grow more sophisticated, it's imperative for businesses to implement a comprehensive data security strategy. But where to start?

LinuxSecurity.com Team
Jul 02, 2010

State of the CSO 2010: Progress and peril

Security is very old in most respects, yet very young in others. As a corporate discipline, security unfortunately languished for years in the basement. Today, as organizations come to grips with a wide swath of risks, the 2010 State of the CSO survey shows those organizations are rapidly adopting more sophisticated view of security. Of course, there's more work to be done--most prominently in the areas of security metrics and awareness programs.

LinuxSecurity.com Team
Jun 29, 2010

Help your competitor - Advise them of vulnerability

Tom Bicer wrote in to tell us about some interesting development amongst the SSL certificate providers. Comodo made a press release announcing that they found some vulnerabilities related to Verisign's certificate and had advised Verisign on the vulnerabilities.

LinuxSecurity.com Team
Jun 25, 2010

Another domain adopts added DNS security

The Public Interest Registry, which operates the .org generic top-level domain, announced today that it has completed deployment of Domain Name System Security Extensions, which provide an additional level of security to the DNS. The full deployment tops off a two-year deployment and testing period of DNSSEC in 18 live

LinuxSecurity.com Team
Jun 24, 2010

OpenSCAP

The OpenSCAP Project was created to provide an open-source framework to the community which enables integration with the Security Content Automation Protocol (SCAP) suite of standards and capabilities. It is the goal of OpenSCAP to provide a simple, easy to use set of interfaces to serve as the framework for community use of SCAP

LinuxSecurity.com Team
Jun 23, 2010

Firefox add-on encrypts Facebook and Twitter

Firefox users worried about Internet eavesdropping are being offered a new way to encrypt their interaction with a range of popular websites, including Facebook and Twitter.

LinuxSecurity.com Team
Jun 21, 2010

When It Comes to Security, Openness Isn't Always a Virtue - Rebuttals

Even as he referred to the "cost of transparency" uncovered by his research, Sam Ransbotham, a professor at Carroll School of Management, acknowledged that "the transparency benefits far outweigh this cost. ... The challenge for open source communities is to maintain the benefits while mitigating the downsides."

LinuxSecurity.com Team
Jun 17, 2010

Security in Migrating to Linux on IBM System z

Organizations that are in the process or considering migrating to Linux on System z look to a variety of sources for

LinuxSecurity.com Team
Jun 17, 2010

Why Can't Johnny Develop Secure Software?

Security experts agree that there's something wrong with the software development process, but there are differing opinions on how to solve the problem. It's another day in the life of a security pro -- or a hacker. Much of your time is spent searching applications for that one weak point, the one that will lead to the breach of sensitive data. And nearly every day, somebody finds one. Or more.

LinuxSecurity.com Team
Jun 17, 2010

Hacker: Apple iPad Simply Not a Safe Platform

Apple's reputation for security continues to take hits as hacker group Goatse Security this week accused the company of failing to patch a flaw in Safari -- known since March -- and rendering iPads susceptible to active exploits in the hundreds, if not thousands.

LinuxSecurity.com Team
Jun 16, 2010

Kaminsky Issues Developer Tool To Kill Injection Bugs

Renowned security researcher Dan Kaminsky today went public with the launch of a new venture as well as its first deliverable -- a tool for application developers that helps prevent pervasive string injection-type attacks, such as SQL injection and cross-site scripting (XSS).

LinuxSecurity.com Team
Jun 15, 2010

Another way to get protection for application-level attacks

I am a fan of modsecurity (//) as a fast and cheap way to get decent protection for application layer attacks. But, as you know, risks are increasing and when the risk analysis performed to your organization shows that application disruptions have a big impact to the core business, it's time to strengthen controls and think about delivering protection from the code itself.

LinuxSecurity.com Team
Jun 14, 2010

Drupal clarifies security rules after White-House gaper

Webmasters running unfinished modules for Drupal do so at their own risk after the open-source CMS updated its guidelines on fixing security vulnerabilities.

LinuxSecurity.com Team
Jun 11, 2010

Researchers release point-and-click website exploitation tool

Researchers have released software that exposes private information and executes arbitrary code on sensitive websites by exploiting weaknesses in a widely used web development technology.

LinuxSecurity.com Team
Jun 09, 2010

Google pays $2,000 for report of a vulnerability in Chrome

Google has paid out its highest sum yet, $2,000, for the discovery of a vulnerability found in its Chrome browser. The recipient is developer Sergey Glazunov, who found a DOM method-related means of circumventing the same origin policy.

LinuxSecurity.com Team
Jun 09, 2010

Security Projects - Page 32

Strengthen Your Linux Software Development Pipeline with Code Security Scanners

Linux Security Modules (LSM): SELinux vs AppArmor vs TOMOYO

OpenSSL's New Governance Structure: A Beacon of Progress for Open-Source Security