Apache

(get it in RSS or Atom)

Lifting the lid on the Redkit exploit kit

In the first of a two part series, Fraser Howard takes a closer look at the Redkit exploit kit.

Learn more about how this kit works and the compromised web servers that are being used to host it.

Seagate's blog pushes malware on unsuspecting visitors via rogue Apache modules

Seagate's blog pushes malware on unsuspecting visitors via rogue Apache modules

SophosLabs has been tracking an infection of Mal/Iframe-AL on Seagate's blog since late February.

Are you taking enough care of your company's websites?

DHS website falls victim to hacktivist intrusion

DHS website falls victim to hacktivist intrusion

Hacktivist group NullCrew recently announced a succesful intrusion against a website in the DHS.GOV domain hierarchy.

It looks as though the site was vulnerable to what's known as a directory traversal vulnerability.

Popular websites leaking system status information, private data and even passwords

Popular websites leaking system status information, private data and even passwords

Security researchers have discovered that thousands of popular websites are putting their users' data at risk by leaking internal status information.

The sites in question include a host of well known names and should-know-betters including Ford, Tweetdeck, Webex, Php.net and Staples.

SSCC 98 - RSA keys, Blackhole exploits, Nitol botnets and Apache takes potshots at Microsoft

SSCC 98 - RSA key safety, Blackhole exploit kit updated, Nitol botnet takedown and Apache takes potshots at Microsoft

Duck joins Chet to take on the latest security news.

As usual, they don't mince their words, so take a listen and enjoy a quarter-hour mix of news, opinion, advice and research..

Monday review: the hot 20 stories of the week

Monday review: the hot 26 stories of last week

In case you missed any of these stories, here's everything we wrote in the last seven days.

Apache Foundation creates firestorm over user privacy choices [POLL]

Apache Foundation creates firestorm over user privacy choices

The Apache Foundation has decided to ignore user tracking preferences when surfing with Internet Explorer 10 in its market dominating web server. Read on for the controversy and the opportunity to weigh in with your thoughts.

Oracle issues rare out-of-band update for Apache DDoS vulnerability

Oracle issues rare out-of-band update to fix web server vulnerability

Giant enterprise database company Oracle has published an out-of-band security update for the recent Apache DDoS vulnerability.

Out-of-band updates from Oracle are rare, so this one spells one word, "Importance!"

Apache 2.2.20 released to fix DoS vulnerability

iStockVirusBug175

The Apache Foundation has released version 2.2.20 to address a denial of service vulnerability. Web admins using Apache should update as soon as possible.

Apache exploit leaves up to 65% of all websites vulnerable

apache-250x250

A newly discovered vulnerability in the Apache web server could leave up to 65% of all websites vulnerable to low-powered denial-of-service attacks.

Apache applauded for openness after security breach

Image (1) apache-logo.jpg for post 14886

On August 28th, the Apache Software Foundation made the headlines for all the wrong reasons after hackers compromised its servers and gained root privileges. Apache is at pains to point out that "at no time were any Apache Software Foundation Read more…