It's 2:34am, local time.  You're snoring up a storm after a hard day at the office.  You've patched all your servers, your lockdown scripts have been verified, and your IDS is humming along perfectly.  Oh, and by the way, someone named "R0kk1t" just stole your customer database.  A quick ...

    It's the words that keep IT Security Managers up at night - "We have a problem, I think we've been hacked".  Of course, there are few possible responses...Acknowledge Responsibly - You can acknowledge what has happened, open an investigation, and communicate with the public and your customers.  While ...

Netcraft is reporting today about a phishing attack leveraging XSS  against an Italian bank. From the article (emphasis mine) An extremely convincing phishing attack is using a cross-site scripting vulnerability on an Italian Bank's own website to attempt to steal customers' bank account details. Fraudsters are currently sending ...