National Security Agency’s (NSA) SE Linux team, citing critical gaps in the security of Android , is building a Security Enhanced (SE) version of the publicly available source code for the Android project. This is a variant of the SE Linux project co-developed by NSA and RedHat, which gives (among other things) a more granular

Static passwords: if we can’t kill them off, can we at least improve them? Yes, but here’s a not of caution.

WPS, Reaver, and what you can expect from anti-virus by way of vulnerability scanning

Update: A US Federal Court extended the deadline for shutting down the replacement DNS servers to July 9, 2012. On Wednesday, the German Federal Office for Information Security (BSI) published a press release advising users to recheck DNS server settings on their computers. This recommendation is related to the successful botnet takedown – dubbed ‘Operation

We've noted the often staggering fees associated with a credit card breach, normally accompanied by a slew of bad press. We've seen Stratfor, in light of their recent hack, dealing with public exposure issues due, in part, to unencrypted payment card information (for which, to their credt, they’ve publicly apologized for). Now we see a

Says the first line of the presentation entitled “Building a Distributed Satellite Ground Station Network – A Call To Arms” given some time ago at the 28th Chaos Communication Congress (28C3) in Berlin by hackers from the Hackerspace Global Grid team. The presentation was lead off by Nick Farr who had already proposed the need

Do Xmas shopping and porn surfing account for a spike in Win32/Scrinject detections?

ZeuS-related malware appears to be sent by US-CERT and also misuses the name of APWG (the Anti-Phishing Working Group).

The two most prevalent threats over 2011 were still INF/Autorun and Conficker: ESET’s December ThreatSense Report looks at threat trends in the new year.

Our white paper on Potentially Unwanted Applications (PUAs) has been revised with additional information, including information about how legitimate software can become classified as a PUA due to its misuse, a discussion of a type of downloader called a software wrapper and updated screen shots. It can be found in the White Papers section  Problematic,