At the OWASP AppSec Poland 2009 web security conference two Italian security experts presented a new kind of web application attack threat. The presentation slides for the method called HTTP Parameter Pollution (HPP) are now available online.more »
Version 1.2.0 of the recovery distribution System Rescue CD brings all kinds of changes. Particularly the FSArchiver provides more in the new version.more »
Adobe has released security updates for its PDF Reader and Acrobat 9.1 and earlier versions.more »
In a recent blog, Sun developer Malte Timmermann took a position on the security concerns of the Ecole Superieure d'Informatique, Electronique, Automatique (ESIEA) in Paris-Laval, France. The subject was the vulnerability of OpenOffice, involving document macros, for example.more »
IBM, Sun Microsystems, PGP, Red Hat and other firms have formed a standards working group in the OASIS organization to develop a new Key Management Interoperability Protocol (KMIP) for encryption key management.more »
AVG Technologies has released a new version of its virus scanner for Linux as AVG 8.5. Biggest features are its malware protection, improved virus filter and on-access scanner based on the RedirFS filesystem.more »
FreeIPA Integrated identity management with FreeIPAMay 01, 2009
FreeIPA offers integrated identity management and big ideas for the future.more »
Security Lessons File and protocol attacksMay 01, 2009
We explain how file or protocol fuzzing leads to direct improvements in code quality. You'll also learn more about available open source fuzzing tools.more »
Kernel king admits his tone has alienated volunteers, but says the demands of the process require directness.
New flaw in an old encryption scheme leaves the experts scrambling to disable SSL 3
Lennart Poettering wants to change the way Linux developers talk to each other.
Enterprise giant frees itself from ink and home PCs (and visa versa).
Mozilla’s product think tank sinks silently into history.
TODO group will focus on open source tools in large-scale environments.
New tool will look like GParted but support a wider range of storage technologies.
New public key pinning feature will help prevent man-in-the-middle attacks.
Carnegie Mellon researchers say 3 million pages could fall down the phishing hole in the next year.
The US government rolls new best-practice rules for protecting SSH.