On any given day cybercriminals and nation states are in possession of as many as 100 zero-day software exploits known only to them, NSS Labs has calculated using the commercial vulnerability market as a baseline.
NSS Labs research director Dr. Stefan Frei reached this startling conclusion after studying at up to ten years’ worth of software vulnerability data from the two firms that pioneered the market for purchasing flaws from researchers, iDefense (which started its program in 2002) and TippingPoint (which started in 2005 and is now owned by Hewlett-Packard).
In the wake of the huge password breach where sites such as Facebook and Yahoo! were compromised, Microsoft developers have released a tool to curb the issue of account hacking.
Experimental project Telepathwords detects how risky passcodes are by predicting your password setting habits. The engine utilises a collection of passwords in its database along with an AI to make accurate predictions.
Common passwords which were made public as a result of security breaches alongside common password-selection behaviours such as “123456” are also easily predicted by the program.
The first photograph shows a slightly overweight young man standing in front of a white Porsche Cayenne, cigarette in hand, expression uneasy. In a second he appears to be reading a charge sheet as a masked military policeman in black stands guard in the background.
Could this confused-looking individual really be the creator of one of the most successful and feared cybercrime tools of all time?
The U.S. Department of Defense may have found a new way to scan millions of lines of software code for vulnerabilities, by turning the practice into a set of video games and puzzles and having volunteers do the work.
Having gamers identify potentially problematic chunks of code could help lower the work load of trained vulnerability analysts by "an order of magnitude or more," said John Murray, a program director in SRI International's computer science laboratory who helped create one of the games, called Xylem.
Security experts have found a big black hole in the Internet which is now being used by someone to suck up personal data like a giant Dyson.
According to Wired, two security researchers at the DefCon hacker conference demonstrated a massive security vulnerability in the worldwide internet traffic-routing system in 2008. It was a vulnerability so severe that it could allow intelligence agencies, corporate spies or criminals to intercept massive amounts of data.