CSO

New Certification Aims to Secure Software Throughout Development

New ISC2 certification targets practices and expertise that assess threats at the front end of the application development process, instead of after the damage is done.

» full story

Prominent Web Sites Found to Have Serious Coding Flaw

CSRF flaw observed in the wild

» full story

Clickjacking Vulnerability to Be Revealed

After shelving plans to detail a browser clickjacking vulnerability that is indirectly related to Adobe Systems' products at the company's request earlier this month, a security researcher plans to detail the flaw next month.

» full story

After Password Glitch, Firefox Patch Due Next Week

Mozilla hopes to release a Firefox 3.0.3 update early next week to fix a password bug affecting some users.

» full story

Hackers Resurrect Notorious Attack Tool Kit

Neosploit, thought dead three months ago, is behind PDF attacks, researcher says.

» full story

Researchers: Apple's Patch Process Stinks

Apple's patching process proves the company isn't serious about moving Macs into the enterprise, security researchers say.

» full story

Mozilla Patches 11 Firefox Bugs

Mozilla Corp. late Tuesday patched 11 vulnerabilities in Firefox 3.0, more than half of them labeled "critical," and fixed 14 flaws in the older Firefox 2.0.

» full story

Despite Threats, Companies Lag on Web 2.0 Security

A new study finds organizations may let employees use Web 2.0 technology, but they don't have the proper security tools in place to protect them from the new threats these applications pose.

» full story

Grossman: YouTube/Google flaw, step by step

Web app security expert hijacks YouTube accounts

» full story

Hacker Posts QuickTime Zero-day Attack Code

The exploit went public just a week after Apple fixed nine other bugs.

» full story

1 2 3 4 5 »