Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.22 (Version 3.0, Release 22). This release includes many updated packages and bug fixes and some feature enhancements to the EnGarde Secure Linux Installer and the SELinux policy.

Tshark is actually part of the Wireshark package, and has some similar functionality. It does some cool stuff though so I thought it's worthy of its own post.

Criminal organizations are calling on black market hackers-for-hire, where they can buy the tools and services they need to break into brokerage accounts, says a new report by Canada's crime watchdog.

The Linux kernel has finally been purged of a privilege-escalation vulnerability that for at least half a decade allowed untrusted local users to gain unfettered rights to the operating system's most secure locations.

OpenSSH 5.6 has just been released. It will be available from the mirrors listed at http://www.openssh.com/ shortly.OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0 implementation and includes sftp client and server support.

As many as five million webosites hosted by Network Solutions have been serving up malware, probably for several months, a security expert said today.

The good news is that Web application vulnerabilities during the first two quarters of 2010 represent a smaller percentage (66%) of total commercial application vulnerabilities (4,019) than they did during the latter two quarters of 2009 (82% of 2652).

Over the past 20 years, in small cities and communities across America, the average daily police record of reported crimes and complaints would hold a familiar, and fairly uniform, list of events - a drunk and disorderly, car prowling, garage break ins, and vandalism would usually fill the police blotters of places like Issaquah and Sammamish.

Wikileaks, the online whistleblower is growing ever more daring. Three days after signing a deal with Piratpartiet, the Swedish pirate-friendly political party, it's put up a password-protected, encrypted file on its site that anyone can download--or host.

Thanks to rapid increases in computing power, your confidential information is probably not safe unless you use a 12-digit randomized password, experts say.

WikiLeaks founder Julian Assange has with his whistleblower website helped uncover some of the world's best hidden scandals, but he himself keeps much of his life shrouded in mystery.

A researcher earlier this month demonstrated how he solved Google's reCAPTCHA program even after recent improvements made to the anti-bot and anti-spam tool by the search engine giant.

According to Japanese site, Asahi.com, a Japanese hacker was arrested for allegedly writing a computer virus that destroys all files on a victim's computer and replaces them with homemade manga images of sea creatures like squid, octopuses and sea urchins.

For almost 18 months starting in 2005, attackers used wireless networks at TJX and other retail chains to steal credit card data. The vulnerabilities were not an isolated instance: Subsequent research found that about half of all retail outlets in one shopping center had insecure wireless networks.

In this video from the OWASP AppSec Research conference in Sweden, security researcher Ivan Ristic of Qualys discusses practical methods for breaking SSL.

Mozilla on Tuesday said that it will not patch a bug that blocks the display of a warning when Firefox detects a potentially deceptive URL, saying the flaw was not a threat.

Hewlett-Packard will acquire Fortify Software to gain possession of its ability to perform analysis on source code to detect security risks and exposures.

The software security sector continues to show vibrant M&A activity, with big companies like Hewlett-Packard trying to become a one-stop shop for all of their customers' technology needs, VentureWire reports. HP yesterday said it purchased Fortify Software Inc., a venture-backed maker of software-

SELinux is a great way to limit the access rights/roles on a Linux machine. But how do you limit CPU or memory usage of a given application? Red Hat engineer Dan Walsh has a solution that he calls SELinux Sandbox which he demoed at the LinuxCon conference today.

Hackers, malware writers and online criminal elements have operated like businesses for some time. Now, according to research by [1] Kaspersky Lab, these black hat organisations are expanding to include technical support and customer service for their victims. In a way, they're beginning to mimic security solution providers.

A clever feature of smartphones running Google's Android operating system is the gesture unlocking method, in which users choose a custom security pattern by selecting dots from a three-by-three grid entered via fingertip. But researchers recently showed how ordinary screen smudges that result from inputting the gesture can be used by a hacker to easily deduce the pattern.

Bank accounts and personal information online are at greater risk than ever thanks to "hopelessly inadequate" passwords and brute force tactics used by hackers.

As a high-profile, Washington-based think tank, the Center for American Progress takes strong positions on hot-button topics, such as health care reform, the Middle East and the state of the economy. With John Podesta, former chief of staff to former President Bill Clinton as its president and CEO, CAP remains firmly planted on the left side of the political equation.

Linux Full Disk Encryption (LFDE) is a tool designed to provide Linux with a means to do true full disk encryption (FDE).

In the enterprise data security chain, human beings often prove to be the weakest link. Using social engineering tactics, thieves can frequently gain secret information about a company's systems simply by asking. To prevent this, not only must employees be trained, but systems must be changed to reinforce the policies employees have learned.

Hackers. Faceless people who deface government Web sites, who can peek into your computer without you knowing. What are they like? Forbes India asked Akash Mahajan, a Certified Ethical Hacker, for a few insights into the shadowy world.

Traditional security technologies are losing the battle against the black hats and malicious code writers, according to digital security specialists Symantec. In a mid-year review of their IT security risks and predictions made early in 2010, Symantec has warned that there are simply too many new cyber threats out there for traditional automated systems to catch.

A new method for blocking approved plug-ins from third-party sources appeared in the developer's version of Google's Chrome browser. Available on Friday for Windows, Mac, and Linux, Google Chrome dev 6.0.490.1 includes numerous bug fixes and introduces the Click-to-Play feature for more finely tuned plug-in control.

A 15-year-old vulnerability in technology used to authenticate users on Windows and Unix networks continues to put the organizations that rely on it at risk, a security researcher said on Thursday.

Google now offers an extension for Chrome that automates the process of adding the secure Google search site as a search engine to the Chrome 6.x branch. Google SSL Web Search is an extension, still in beta, that works with Chrome 6.0.419.0 and later on Windows and Linux computers.