The free router software DD-WRT opens in its version 24(SP1) a huge door due to a vulnerability in its HTTP daemon server.more »
Virus analyst Yury Namestnikov investigated the structure, functionality and business model of botnets for antivirus firm Kaspersky Lab with some surprising results.more »
Adobe announced a critical vulnerability for its Flash Player 22.214.171.124 and 10.0.22.87 and earlier, along with the authplay.dll component in its Reader and Acrobat 9.x., that goes across platforms in Windows, Macintosh, Linux and Solaris.more »
Mozilla recommends its updated Firefox 3.0.12 version for its new 3.0 series in that it removes a few critical security issues.more »
After rumors of an OpenSSH exploit vulnerability got out, an anonymous hacker group intends to release the exploit code and an accompanying worm "within 48 hours."more »
A recently discovered root exploit attacked the newest Linux versions and circumvented protection systems such as SELinux and AppArmor. A solution has been found.more »
KDE and GNOME developers drafted a secret storage API designed to be a common interface for desktop applications that need to store passwords and other confidential data.more »
The middle of June, Yahoo! introduced a small change to its user login protocol that practically barred access from all Linux clients. IM services Pidgin and Kopete were hit and responded quickly.more »
Mozilla’s product think tank sinks silently into history.
TODO group will focus on open source tools in large-scale environments.
New tool will look like GParted but support a wider range of storage technologies.
New public key pinning feature will help prevent man-in-the-middle attacks.
Carnegie Mellon researchers say 3 million pages could fall down the phishing hole in the next year.
The US government rolls new best-practice rules for protecting SSH.
Klaus Knopper announces the latest version of his iconic Live Linux system.
All websites that use these popular CMS tools could be vulnerable to denial of service attacks if users don't install the updates.
According to a report, many potential victims of the Heartbleed attack have patched their systems, but few have cleaned up the crime scene to protect themselves from the effects of a previous intrusion.
DARPA and NICTA release the code for the ultra-secure microkernel system used in aerial drones.