At the OWASP AppSec Poland 2009 web security conference two Italian security experts presented a new kind of web application attack threat. The presentation slides for the method called HTTP Parameter Pollution (HPP) are now available online.more »
Version 1.2.0 of the recovery distribution System Rescue CD brings all kinds of changes. Particularly the FSArchiver provides more in the new version.more »
Adobe has released security updates for its PDF Reader and Acrobat 9.1 and earlier versions.more »
In a recent blog, Sun developer Malte Timmermann took a position on the security concerns of the Ecole Superieure d'Informatique, Electronique, Automatique (ESIEA) in Paris-Laval, France. The subject was the vulnerability of OpenOffice, involving document macros, for example.more »
IBM, Sun Microsystems, PGP, Red Hat and other firms have formed a standards working group in the OASIS organization to develop a new Key Management Interoperability Protocol (KMIP) for encryption key management.more »
AVG Technologies has released a new version of its virus scanner for Linux as AVG 8.5. Biggest features are its malware protection, improved virus filter and on-access scanner based on the RedirFS filesystem.more »
FreeIPA Integrated identity management with FreeIPAMay 01, 2009
FreeIPA offers integrated identity management and big ideas for the future.more »
Security Lessons File and protocol attacksMay 01, 2009
We explain how file or protocol fuzzing leads to direct improvements in code quality. You'll also learn more about available open source fuzzing tools.more »
New tool will look like GParted but support a wider range of storage technologies.
New public key pinning feature will help prevent man-in-the-middle attacks.
Carnegie Mellon researchers say 3 million pages could fall down the phishing hole in the next year.
The US government rolls new best-practice rules for protecting SSH.
Klaus Knopper announces the latest version of his iconic Live Linux system.
All websites that use these popular CMS tools could be vulnerable to denial of service attacks if users don't install the updates.
According to a report, many potential victims of the Heartbleed attack have patched their systems, but few have cleaned up the crime scene to protect themselves from the effects of a previous intrusion.
DARPA and NICTA release the code for the ultra-secure microkernel system used in aerial drones.
Should you trust an online service to store your online passwords?
New B+ board lets you build cool things without the complication of a powered USB hub.