-
Highly critical vulnerability fixed in Nginx Web server software
The development team behind the popular Nginx open-source Web server software released security updates on Tuesday to address a highly critical vulnerability that could be exploited by remote attackers to execute arbitrary code on susceptible servers.
-
Stealthy Web server malware spreads further
A stealthy malicious software program is taking hold in some of the most popular Web servers, and researchers still don't know why.
-
Apache web servers targeted by stealthy 'Cdorked' malware
Security researchers have discovered a new Apache web server backdoor that is so stealthy it leaves almost no trace of its redirection behaviour on the hard drive or in server log files.
-
FAQ: Phishing tactics and how attackers get away with it
Phishing attacks on enterprises can be calamitous in terms of compromised networks or damaged brand names, and the Anti-Phishing Working Group (APWG), which aggregates and analyzes phishing trends data worldwide, offers some of the best insight from industry into what's occurring globally in terms of this cybercrime.
-
DDOS attacks have increased in number and size this year
The volume, duration and frequency of distributed denial-of-service (DDOS) attacks used to flood websites and other systems with junk traffic have significantly increased during the first three months of this year, according to a report released Wednesday by Florida-based DDOS mitigation provider Prolexic.
-
Dell: ARM needs 64-bit processors for server take-off
The low-power capabilities of ARM-based processors have created high expectations for their use in servers, but one of Dell's top engineers said they are unlikely to take off until 64-bit versions hit the market.
-
LenovoEMC fortifies small-business storage with enterprise know-how
Small and medium-sized enterprises with no full-time IT staff are beginning to get some of the same storage management features that large data centres have for efficiency and control.
-
Potential weakness in SSL/TLS security downplayed by certificate group
Claims by a cryptography researcher this week about weaknesses in the RC4 algorithm used in SSL/TLS certificates is being downplayed by the group known as the Certificate Authority Security Council (CASC) which was recently established to address questions on security in this area.
-
New Certificate Authorities group promises better revocation checking
Several Certificate Authorities (CAs) have formed an advocacy group called the Certificate Authority Security Council (CASC), which will focus on promoting new security standards, policies and best practices for SSL (Secure Sockets Layer) deployment on the Web.
-
Symantec SSL certificate crypto 10k times harder to break than RSA-bit key
Symantec today began offering multi-algorithm SSL certificates for Web servers that go beyond traditional crypto to include what's known as the Elliptic Curve Cryptography (ECC) Digital Signature Algorithm (DSA).
