News (10)

IDC Web site defaced by 'eco-terrorists'

The Web site of Global IT research firm IDC has been hacked by a group purporting to be Brazilian environmental terrorists to serve a message urging people to take action over global warming. Read more »

Developers take Linux attacks to heart

A handful of recent online attacks on free and open-source software servers has open-source developers looking over their shoulders. Read more »

Microsoft Web site hack details unveiled

An SQL injection is the most likely technique used to hack Microsoft UK's Web site. Read more »

Microsoft may offer peek at SQL Server code

Will the software industry's wave of open-source databases spill onto Microsoft's turf? Read more »

Oracle aims to tone security muscle with Fusion

Billions of dollars worth of acquisitions have bought Oracle a perhaps unexpected bonus: security lessons. Read more »

Flaw hunters pick holes in Oracle patches

Oracle, the business software maker that has marketed its products as "unbreakable," faces mounting criticism over its security practices. Read more »

BusinessWeek site hacked

Hackers have broken into BusinessWeek's online site and set up an attack scenario in which visitors to a section of the site could have their own computers compromised and their data stolen, a security researcher said on Monday in the US. Read more »

McAfee automates Google hacking

McAfee has released an update to its tool that uses Google to automatically search for security holes in Web sites. Read more »

Script kiddies learn grown-up hacking techniques

Hackers with relatively few skills are using online guides to learn how to launch SQL injection hacking attacks. Read more »

Antivirus insecurity at Black Hat confab

Experts are warning that the popularity of antivirus software could turn the defensive measure into a security risk. Read more »

Features (8)

Ten commandments for the security-conscious programmer

Here are the steps from Builder AU that you should take to keep hackers and other security threats at bay. Read more »

Should you hire an ex-hacker?

Hiring a hacker as a chief security officer may sound crazy, but it has paid off for one company. See why an ex-hacker might be your smartest hire ever. Read more »

Should you fear IT ghost workers?

Ghosts of millions of former workers populate the databases of corporations. The workers have moved on, but their ghosts linger, awaiting a hacker intent on using the ghost's identity to damage the company's network systems. Read more »

Grant Web servers secure database access

Allowing Web clients to access a database is a delicate matter that should not be attempted lightly or without careful consideration. Read more »

Proprietary vs. open source? Take the best of both codes

The Microsoft vs. Linux confrontation is too often seen as a battle for the hearts and minds of this industry. From a corporate IT perspective, each side has legitimate claims and products to offer. It's not an either-or situation; it's about the price and service for goods rendered. The enterprise will be a hybrid world that continues to integrate both proprietary and open source code for a long time to come. Read more »

10 security problems unique to IT

Organisations face a host of security concerns driven by the power of technology and the vulnerabilities inherent in its use. IT pros have to be vigilant about all these issues, from system penetration threats to hardware portability to employee turnover. Read more »

How CGI programs make your server vulnerable

CGI is the popular standard for generating content dynamically on the server side. But running CGI apps on your server can result in a signficant security risk. Read more »

Bug hunters, software firms in uneasy alliance

Although many software makers promote responsible disclosure, it isn't universally backed by the security community. Critics say it could make security companies lazy in patching. Full disclosure of flaws is better is preferred. Read more »

Blog (1)

Google destroys Security Through Obscurity

Chris Duckett [blogs:betaliving] -- Google Labs' new Code Search makes it easier for hackers to find database username and password details by entering strings that are commonly used within configuration files. Read more »

Log in


Sign up | Forgot your password?

Blogs

RSS feed

  • Staff A first look at Windows 7 beta

    In this week's Roundup we show you a preview of Windows 7 beta, cover news from the annual Macworld and more. Read more »

    -- posted by Staff

  • Staff Opera's new SDK: Better browsing on the Wii?

    Opera has thrown a little more love at device developers by announcing an updated version of its software development kit on Wednesday at CES. Read more »

    -- posted by Staff

  • Staff 2008: Time to call stumps

    It's another year down but some things never change. That was shown this week as Internet Explorer remained under fire from yet another zero-day exploit. In other news, we set a hard drive on fire and Apple cans its involvement with MacWorld. Read more »

    -- posted by Staff

What's on?