Network Security Topic Center

Network security news, features, advice and more to help you protect your IT systems

Fort Disco malware is now targeting email and FTP servers

A piece of malware designed to launch brute-force password guessing attacks against websites built with popular content management systems like WordPress and Joomla has started being used to also attack email and FTP servers.
Read more...

Iran accused of hacking into U.S. Navy computers

Hackers backed by Iran have penetrated an unclassified U.S. Navy network in one of the most serious incidents of cybercrime yet by the Middle East nation, according to a report Friday.

IE zero-day vulnerability exploited more widely than previously thought

A recently announced and yet-to-be-patched vulnerability that affects all versions of Microsoft Internet Explorer (IE) has been exploited in targeted attacks against organizations in Taiwan since the beginning of July, according to security researchers.

5 bad signs for Apple's iPhone 5s fingerprint scanner

When Apple announced its new iPhone 5s last week, the fingerprint scanning technology, called Touch ID, stood out as one of the most notable additions. The benefits are easy enough to identify a iPhone users will no longer need to repeatedly type in an annoying security PIN code to unlock their phones or download apps or media from iTunes.

South Korean systems attacked, North Korean hackers suspected

South Korean organizations that conduct research on international affairs, national security and Korean unification are under siege from cyberspies whose attack may have its origins in North Korea.

NIST releases draft cybersecurity framework to more public scrutiny

Following through on an order earlier this year from President Obama, the National Institute of Standards and Technology is rapidly developing a set of guidelines and best practices to help organizations better secure their IT systems.

Cisco fixes critical remote command execution vulnerability in Secure Access Control Server

Cisco Systems released security patches for Secure Access Control Server for Windows to address a critical vulnerability that could allow unauthenticated attackers to remotely execute arbitrary commands and take control of the underlying operating system.

Spear phishing led to DNS attack against the New York Times, others

The cyberattack that resulted in nytimes.com and some other high-profile websites being inaccessible to a large number of users Tuesday started with a targeted phishing attack against a reseller for Melbourne IT, an Australian domain registrar and IT services company.

New York Times site outage caused by attack on domain registrar, company says

The New York Times blamed a prolonged website outage on Tuesday on a hacking attack at the company's Australia-based domain name registrar, Melbourne IT.

NSA broke into UN video teleconferencing system

The U.S. National Security Agency reportedly cracked the encryption used by the video teleconferencing system at the United Nations headquarters in New York City.

'HoneyDocs' lays irresistible bait for hackers

Police in Austin, Texas, set up sting operations with cars they have under surveillance, watching for thieves to break into them. Marcus J. Carey's Web service, HoneyDocs -- born in the same city -- uses the same concept, only with computer files.

Hacked burger tweets draw cybercrowds

"There's no such thing as bad publicity"

Chinese Government's Link to Cyber Espionage Clearer Than Ever

It's a common belief in the information security world that the Chinese government is behind many of the advanced persistent threats that target companies around the world in an effort to steal their IP and trade secrets. Now one security firm has come forward with years of evidence to link a prolific APT group to a unit inside the Chinese government.

Unseen, all-out cyber war on the U.S. has begun

Security pros and government officials warn of a possible cyber 9/11 involving banks, utilities, other companies, or the Internet

Samba 4 review: No substitute for Active Directory -- yet

Samba's open source alternative to Microsoft's domain controller is a good start, but not ready for prime time

What developers can learn from Anonymous

The reason Anonymous has a permanent place in our collective imagination: For a time, its organizational model worked very well

ATM fraud refunds may not come quickly, if at all

In early April, A$800 vanished from my account, the result of a late-night withdrawal from a cash machine in a Sydney neighborhood I'd never been to before.

Red Sky Alliance: An experiment in information sharing

Chris Camacho, information security officer at The World Bank Group in Washington D.C., explains how the Red Sky alliance helps member organizations safely share information.

Review: 7 password managers for Windows, Mac OS X, iOS, and Android

1Password and KeePass lead the field in features, flexibility, browser integration, and ease-of-use

How security can add value to DevOps

Gene Kim, award-winning entrepreneur, researcher and founder of security firm Tripwire, walks us through his vision.