A joint study conducted by TELUS and the Rotman School of Management at the University of Toronto surveyed more than 600 Canadian IT security professionals on Canadian IT security practices this year. The economic downturn has increased the risk organizations: “The threat environment worsens because when the...
Most organizations are focusing their patching efforts and vulnerability scanning on the operating system -- but 60 percent of the total number of attacks occur on Web applications, and many attacks are aimed at third-party applications such as Microsoft Office, and Adobe Flash and other...
Sun Microsystems' product plans are up in the air pending its acquisition by Oracle, but the company's chip engineers continue to present new designs in the hope they'll see the light of day. At the Hot Chips conference at Stanford University on Tuesday, Sun presented...
ISC is reporting that a new, remotely exploitable vulnerability has been found in all versions of BIND 9. A specially crafted dynamic update packet will make BIND die with an assertion error. There is an exploit in the wild and there are no access control...
Nmap Security Scanner version 5 has been released. Significant performance improvements were made, and many scripts have been added. Nmap can now log into Windows a system and perform local checks such as Conficker detection. Announcement Changes Download ...
Researchers have built a tool that automatically finds and exploits SQL injection and cross-site scripting vulnerabilities in Web applications. The so-called Ardilla tool uses a technique developed by the researchers -- MIT's Adam Kiezun, the University of Washington's Michael Ernst, Stanford's Philip Guo, and Syracuse University's...
Vancouver city council has endorsed the principles of making its data open and accessible to everyone where possible, adopting open standards for that data and considering open source software when replacing existing applications. More details on the announcement available at the Straight...
OpenBSD 4.5 has been released today. This release includes OpenSSH 5.2 as well as various tweaks, bugfixes, and enhancements. New and extended platforms include sparc64, and added device drivers. See the announcement page for a full list...
A piece of malicious software unwittingly shared over a peer-to-peer network in January was the key tool in what security researchers are saying was the first known attempt to create a botnet of Mac computers. Researchers at Symantec say the Trojan, called OSX.Iservice, hid itself in...
"The people who bring you the DroneBL DNS Blacklist services, while investigating an ongoing DDoS incident, have discovered a botnet composed of exploited DSL modems and routers. OpenWRT/DD-WRT devices all appear to be vulnerable. What makes this worm impressive is the sophisticated nature of the...