PayPal's SecurePayments patched, shows site was not so secure

PayPal fixed a security flaw on Monday which could have allowed attackers to steal login credentials and credit card numbers by exploiting a cross-site scripting flaw in PayPal's SecurePayments site, reported Egyptian security researcher Ebrahim Hegazy.

Defense contractors face new data breach rules from Pentagon

Defense contractors take note. The Pentagon just published new rules for reporting data breaches and securing data in the cloud.

Attackers could take control of vulnerable DSL routers that use hard-coded credentials

DSL routers made by a number of manufacturers have hard-coded credentials that could enable an attacker to access the devices using telenet services and gain control of them remotely, according to an advisory issued by the Carnegie Mellon University's CERT.

Flaw in popular Android remote-support tool used by app developer to enable screen recording

A security vulnerability in the TeamView remote support tool for Android was apparently discovered by an independent developer, who used it in his screen recording app.

'Breach is the new normal,' says IDC security director

Approaching security as though the "barbarians are already in the gates" is the most effective way to build a response plan, said Christina Richmond, program director for security services at IDC, during an event on Wednesday in Washington, D.C. 


From Our Sister Sites


Spanish telecom provider Telefonica and mobile identity firm TeleSign are partnering to offer enterprises and service providers a suite of services to address mobile authentication and fraud prevention.


HP is getting cozier in its relationship with VMware as the company unveiled new consulting and support services for VMware's NSX software-defined networking product.