Don't-Miss Stories

Tool Released at Black Hat Contains 150 Ways to Bypass Web Application Firewalls

A tool for testing if Web application firewalls (WAFs) are vulnerable to around 150 protocol-level evasion techniques was released at the Black Hat event.

Microsoft Rolls BlueHat Prize Finalist's Concept Into EMET 3.5

Microsoft is launching a new version of the Enhanced Mitigation Experience Toolkit (EMET), which includes new techniques contribute by a BlueHat Prize finalist.

Power Pwn Outlet Strip Doubles as Stealth Hacking Tool

Look closely at that surge protector under your desk. It might be covertly spying on you and your network.

Oracle's Wooing of CentOS Users Raises Questions

Some members of the business Linux community greet Oracle security claims with skepticism.


Black Hat: Hacking Iris Recognition Systems

What if iris scans could be faked for real via a simple printed image to fool iris recognition systems?

Why You Shouldn't Train Employees for Security Awareness

If there's one myth in the information security field that just won't die, it's that an organization's security posture can be substantially improved by regularly training employees in how not to infect the company.

Nvidia Investigates Breach of Hashed Passwords

Nvidia said it is investigating the release of encrypted passwords from its user forums, another significant data breach following recent compromises at Yahoo.

Cybercrime Defense: Think -- and Act? -- Like a Hacker

Security experts warn that "active defense" or "strike-back" techniques could escalate the battle with hackers.

Three Steps to Avoid Getting Hacked Like Yahoo

Hackers breached Yahoo and exposed more than 450,000 passwords, but Yahoo is to blame for making it easy.

Update: Yahoo Confirms 450k Voice Passwords Breached

The hackers say they were able to obtain the credentials through an SQL injection, a common attack method that gave Sony so much trouble in 2011.