U.S. networks pumped out the highest percentage of attacks during the second half of last year, with China running a distant second, according to a report released Monday by security firm Symantec.
The U.S. accounted for 31 percent of malicious activity originating from computer networks, while 10 percent came from China and 7 percent from Germany, Symantec said in its Internet Security Threat Report.
Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.13 (Version 3.0, Release 13). This release includes many updated packages and bug fixes, some feature enhancements to Guardian Digital WebTool and the EnGarde Secure Linux Installer, and a few new features.
Guardian Digital is happy to announce the release of EnGarde Secure
Community 3.0.12 (Version 3.0, Release 12). This release includes many
updated packages and bug fixes, several feature enhancements to Guardian
Digital WebTool and the SELinux policy, and a few new features.
The Free Standards Group (FSG) and Open Source Development Labs (OSDL), two of the major non-profit corporations dedicated to promoting open source software, are merging to form a new organization called The Linux Foundation. The new organization will be led by Jim Zemlin, the former FSG executive director, and for now will continue the work of both predecessors. The merger will be legally complete in early February, but work on the practical details will begin immediately.
Source: Net-Security - LogError - Posted by Benjamin D. Thomas
HNS is running an article about how the crawling of web applications. Its objective is to collect all possible resources from the server in order to automate vulnerability detection on each of these resources. A resource that is overlooked during this discovery phase can mean a failure to detect some vulnerabilities. The introduction of Ajax throws up new challenges for the crawling engine and new ways of handling the crawling process are required as a result of these challenges. The objective of this paper is to use a practical approach to address this issue using rbNarcissus, Watir and Ruby.
The Web Security Trends Report focuses on dynamic code obfuscation as a method to hide malicious code, a trend that is growing in popularity among hackers as a means of bypassing traditional signature-based solutions in order to propagate malware. The report also describes recent specific incidents of sophisticated hacker attacks that take advantage of Web 2.0 technologies to embed malicious code in high-traffic web sites. In addition, the report includes a review of web security threats that emerged this year and the outlook for security trends in 2007.
Recently, the Imperva Application Defense Center announced the discovery of a critical vulnerability in DWR (Direct Web Reporting), a key underlying technology in the AJAX web application development framework. To discuss this vulnerability and its implications HNS talked with Amichai Shulman, the co-founder and CTO of Imperva, where he heads the ADC.
Today’s computers have more than 2,000 times as much memory as the machines of yesteryear, yet programmers are still writing code as if memory is in short supply. Not only does this make programs crash annoyingly, but it also can make users vulnerable to hacker attacks, says computer scientist Emery Berger from the University of Massachusetts Amherst. With such problems in mind, Berger created a new program that prevents crashing and makes users safer, he says.
Source: Net-Security.org - LogError - Posted by Benjamin D. Thomas
HNS is running an article with a list of those malicious codes which, although they may not have caused serious epidemics, have stood out in one way or another.
Information security will never go out of style. As long as companies have computing infrastructure, security professionals will be needed to ward off dangers. But like all other IT careers, the market demands wax and wane and the requirements change. Experts say spending on security will continue to rise – and specialization, compliance knowledge and documented work experience are in demand.