web-security
The Web Application Security Consortium (WASC) is an international group of experts, industry practitioners, and organizational representatives who produce open source and widely agreed upon best-practice security standards for the World Wide Web.
As an active community, WASC facilitates the exchange of ideas and organizes several industry projects. WASC consistently releases technical information, contributed articles, security guidelines, and other useful documentation. Businesses, educational institutions, governments, application developers, security professionals, and software vendors all over the world utilize our materials to assist with the challenges presented by web application security.
Links
Be Aware Conficker is Dangerous Worm
his April 1st will be not funny at all for security experts. We are at D-1 and until today nobody knows what this worm so called Conficker C can really do ! It can damage your computer, your data, steal private information, none knows ! All we know until today that at D-Day all infected computers will be under control of a master computer located somewhere across the web.
Conficker which have been discovered the first time on November 21, 2008, seems to be the worst infection since the SQL Slammer. Estimates of the number of computers infected range from almost 9 million PCs to 15 million computers. On March 27, 2009, the British Director of Parliamentary ICT released a (leaked) memo stating that the House of Commons computer network has been infected with the virus and called for all people who have access the network to use caution and not to connect any unauthorized equipment to the network.[
Conficker is clever in the way it hides its tracks because it uses an enormous number of URLs to communicate with HQ. The first version of Conficker used just 250 addresses each day -- which security researchers and ICANN simply bought and/or disabled -- but Conficker C will up the ante to 50,000 addresses a day when it goes active, a number which simply can't be tracked and disabled by hand.
- Comments | | http://xpertspot.com