NEWS FEEDS CONSOLE (v2)

BBC News Technology
Milo comes out to play at TED
China web filter hit by problems
Highs and lows
dot.Rory
Tech brief
Morpurgo welcomes book technology
Airships to protect British troops
Microsoft to launch Windows slate
Outlook gets Facebook integration
Privacy fears over gay teen site
Tech Brief
Unmanned combat plane is unveiled
dot.Rory
Google debuts Android code tools
Facebook agrees to 'panic button'
Wired Magazine
‘Facebook Killer’ Ello Hatches Plan to Stay Ad-Free Forever
The Fire Phone Is Officially a Failure
Filling a Gap: Bellcomm’s 1968 Lunar Exploration Program
A Dutch Town Installs 5 Giant Eyeballs on Buildings, Because Art
Regular Guy From Boston Decides to Map the City’s Entire History
Now Everyone Wants to Sell You a Magical Anonymity Router. Choose Wisely
Tech Time Warp of the Week: Watch Jeff Goldblum Sell the World on Apple…And This Crazy Email Thing
Naim Does the Impossible: Build a Soundbar Even Audiophiles Love
Week’s Best TV: Jimmy Kimmel Fires a Lightning Gun and The Simpsons Go Kubrick
How the XPrize Foundation Is Building Our Next-Gen Health Sensors
Mother Superior
Museum-Worthy Clocks Meant to Change Our Sense of Time’s Passing
The Future of Adobe’s App Interaction Looks Pretty Awesome
The Laborers Who Keep Dick Pics and Beheadings Out of Your Facebook Feed
A Universal Set of Icons That Mashes Up Chinese and Western Ideas
Net-Security Vulnerabilities
Symantec Endpoint Protection Manager Remote Command Execution Exploit
Adobe Flash Player 12.0.0.44 Memory Corruption Vulnerability
Linksys Multiple Routers tmUnblock.cgi Input Validation Error Vulnerability
Internet Explorer CMarkup use-after-free vulnerability
Apache Tomcat Manager Application Upload Authenticated Code Execution
Microsoft Internet Explorer 8 CTreeNode Use-after-Free Memory Corruption Vulnerability
Apache Struts OGNL Expression TextParseUtil.transl ateVariables Code Execution Vulnerability
Apache Struts Wildcard Matching Code Execution Vulnerability
Oracle Fusion Middleware Reports Developer Unspecified Data Compromise Vulnerability
Adobe Flash Player Unspecified Code Execution Vulnerability (APSB14-04)
RealNetworks RealPlayer RMP File Heap-Based Buffer Overflow Vulnerability
HP Data Protector Remote Code Execution Vulnerability
PHP CGI Query String Parameter Processing Remote Code Execution Vulnerability
Red Hat CloudForms Management Engine Path Traversal
Adobe Reader and Acrobat "ToolButton&quo t; Use-after-Free Vulnerability
eWeek Security
Microsoft Patches Internet Explorer Zero-Day Flaw in Security Update
Software Code Sandboxes a Bright Spot as Security Flaws Trend Higher
Android Phone Hacked by Researchers Via NFC
Microsoft Releases Fix It Tool to Fight IE Zero-Day Flaw
Microsoft Urges Users to Patch Internet Explorer Flaw
TDSS Malware Infecting Fortune 500 Includes Evasion Tactic
Flamer Malware Spied on Middle East for More Than Five Years
Google Adding 'Do No Track' Into Chrome's Latest Developer Build
PCI Security Standards Council Issues Guidance for Mobile Payment Industry
Security Infrastructure Market to Top $86 Billion in 2016: Gartner
Microsoft to Patch Adobe Flash Player in Windows 8 'Shortly'
Cisco Beefs Up IPS, Firewalls to Better Protect Data Centers
Microsoft Issues XSS Patches, but Security Researchers Focus on Oct. Update
GoDaddy Goes Down in Major Web Outage
BYOD: 10 Tips Enterprises Can Use to Protect Their Data
Computer Crime Research Center
BBC World News commissions major new Cybercrime series
Cyber Crime talks for Arusha
USM opens cybersecurity training lab
Concealed cyber crime gang uncovered
Microsoft strikes cybercrime agreement with ACMA
Fraud prosecutions dramatically decrease as cybercrime rises
Cyber crime needs tackling head on says Warwickshire police chief
Police Grapple With Cybercrime
Internet group ‘AnonymousR 17; threatens cyberattack on APD
Head of FBI’s Milwaukee office targets cyber crime
A Cyber History Of The Ukraine Conflict
CIT seminar to put cybercrime in spotlight
How the cybercrime industry fueled Target breach: McAfee
Cyber Squared says the solution to cyber crime lies in firms sharing information
Groups face the conundrum of cyber crime
The Register
Yahoo! Timestamps! Now! Block! Facebook! Email! Snoops!
Boffins want to put Quanta in containers, after docking
'Careful management of headcount' for Juniper after tepid quarter
MAVEN snaps eight-bit SPACE INVADER
Adorkable overshare of words like photobomb in this year's dictionaries
Rackspace launches big red rack eater
Something about this really STINKS: Rosetta probe shoves nose under comet's tail
Google absorbs Oxford Uni boffins in artificial intelligence boost quest
WIN a 1TB monster Samsung EVO 840 SSD
Pssst. Want to buy a timeshare in the clouds?
HEY! GET A ROOM, yells Facebook as it discovers IRC, slaps it in an app
Whisper. Explain this 'questionable' behavior – senior US senator
Facebook, IBM, court future Chinese elite
Jeff Bezos rolls up another $437m, lights Amazon's cigar with it
Moscow, Beijing poised to sign deal on joint cyber security ops
Net-Security News
NEW URL FOR HNS RSS FEED: http://feeds.feedbur ner.com/HelpNetSecur ity
NEW URL FOR HNS RSS FEED: http://feeds.feedbur ner.com/HelpNetSecur ity
NEW URL FOR HNS RSS FEED: http://feeds.feedbur ner.com/HelpNetSecur ity
NEW URL FOR HNS RSS FEED: http://feeds.feedbur ner.com/HelpNetSecur ity
NEW URL FOR HNS RSS FEED: http://feeds.feedbur ner.com/HelpNetSecur ity
NEW URL FOR HNS RSS FEED: http://feeds.feedbur ner.com/HelpNetSecur ity
NEW URL FOR HNS RSS FEED: http://feeds.feedbur ner.com/HelpNetSecur ity
Off the wire: Microsoft seeks patent for office 'spy' software
Security World: Wireless security lacking at a large convention
Off the wire: Setup and benchmark encrypted partitions in Ubuntu
Security World: Information Security Forum: It is time to take information classification seriously
Security World: USB encryption product news #1: KeyPoint Solo Vault
Security World: USB encryption product news #2: SafeHouse 3.0
Security World: 5 VoIP threat predictions for 2008
Off the wire: Annvix: A stable, secure, no-frills server distro
Net-Security Advisories
CentOS Errata and Security Advisory - Moderate CentOS 6 libvirt Update (CESA-2014:0103)
SUSE Security Update - puppet (SUSE-SU-2014:0155-1 )
Slackware Security Advisory - mozilla-nss (SSA:2014-028-02)
Slackware Security Advisory - bind (SSA:2014-028-01)
Gentoo Linux Security Advisory - Perl Digest-Base module: Arbitrary code execution (GLSA 201401-33)
Gentoo Linux Security Advisory - Exim: Multiple vulnerabilities (GLSA 201401-32)
Ubuntu Security Notice - munin vulnerabilities (USN-2090-1)
CentOS Errata and Security Advisory - Important CentOS 6 java-1.6.0-openjdk Update (CESA-2014:0097)
CentOS Errata and Security Advisory - Important CentOS 5 java-1.6.0-openjdk Update (CESA-2014:0097)
Gentoo Linux Security Advisory - CEDET: Privilege escalation (GLSA 201401-31)
Gentoo Linux Security Advisory - GNU TeXmacs: Privilege escalation (GLSA 201401-27)
Gentoo Linux Security Advisory - Tomboy: Privilege escalation (GLSA 201401-28)
Gentoo Linux Security Advisory - VIPS: Privilege Escalation (GLSA 201401-29)
Gentoo Linux Security Advisory - Oracle JRE/JDK: Multiple vulnerabilities (GLSA 201401-30)
Mandriva Linux Security Update Advisory - perl-Proc-Daemon (MDVSA-2014:021)
Linux Exposed
Cron Explained
Analyzing Malicious SSH Login Attempts
Enhance Security with Port Knocking
Preventing Accidental Denial of Service
Torrents and SSH Tunnels
Ilegal SEO techniques
Cracking WPA and WPA2 passwords
Windows Hacking and Windows Security Site
Inspecting HTTP
Hosted Exchange and Hosted Sharepoint
Using IPC -- pipes
Formatstrings and OpenBSD
Analyzing Malicious SSH Login Attempts
Enhance Security with Port Knocking
Preventing Accidental Denial of Service
Info World Security
Fake security software scammers jump on Conficker
China denies cyberespionage charges
Gartner: IT spending drop-off worse than after dot-com bust
Conficker activation passes quietly, but threat isn't over
Forrester now says '09 U.S. IT spend to drop 3.1 percent
Conficker may be more widespread than previously thought
Bill would give feds role in private sector cybersecurity
IBM continues push for Sun, but will the deal kill Solaris?
Hackers seize on 0-day flaw in Microsoft's PowerPoint
IBM sees Conficker hitting 4 percent of PCs
Fake security software scammers jump on Conficker
China denies cyberespionage charges
Gartner: IT spending drop-off worse than after dot-com bust
Conficker activation passes quietly, but threat isn't over
Forrester now says '09 U.S. IT spend to drop 3.1 percent
Hack In The Box
Latest hack on PBS news site is the best hack ever
Hackers breached US defense contractors
Hidden URLs in phone and tablet browsers
Microsoft downplays IE 'cookiejacking' bug
Beware of vengeful IT personnel
Honda security breach exposes 283,000 customers
Aussie banks cancel 10,000 credit cards
What Your Wireless Carrier Knows About You
Lloyds TSB suffers internet banking problems
Bulging tweet: lewd photo leaves politician red-faced
Skype partner update leads to worm fears
#HITBSecNews - The Revolution Begins 1st June 2011
Skype Suffers Outage: What You Need to Know
Playstation Network Down Still as Sony Rolls Out New Identity Theft Protection M
French "three strikes" anti-piracy software riddled with flaws
CERT
TA12-073A: Microsoft Updates for Multiple Vulnerabilities
TA12-045A: Microsoft Updates for Multiple Vulnerabilities
TA12-024A: "Anonymous" DDoS Activity
TA12-010A: Microsoft Updates for Multiple Vulnerabilities
TA12-006A: Wi-Fi Protected Setup (WPS) Vulnerable to Brute-Force Attack
TA11-350A: Adobe Updates for Multiple Vulnerabilities
TA11-347A: Microsoft Updates for Multiple Vulnerabilities
TA11-312A: Microsoft Updates for Multiple Vulnerabilities
TA11-286A: Apple Updates for Multiple Vulnerabilities
TA11-284A: Microsoft Updates for Multiple Vulnerabilities
TA11-256A: Microsoft Updates for Multiple Vulnerabilities
TA11-222A: Adobe Updates for Multiple Vulnerabilities
TA11-221A: Microsoft Updates for Multiple Vulnerabilities
TA11-201A: Oracle Updates for Multiple Vulnerabilities
TA11-200A: Security Recommendations to Prevent Cyber Intrusions
Computer World Security
Dot-org domains can now be protected by DNSSEC
iPhones, iPads in the enterprise: 5 security views
Fiberlink aims to cut costs with cloud patch management
Apple leaves iPad vulnerable after monster iPhone patch job
Trustwave buys application firewall maker
The 4 tiers of a secure B2B framework
World Cup: Guard labor strike was a game-changer
Why security needs to catch up to Web 2.0
Most firms face security 'red alert' as XP SP2's retirement looms
Wireless security myths 2010
Avenda offers full-featured network access control
Alcatel-Lucent/InfoE xpress combo needs better integration
Ultimate guide to network access control products
Network access control vendors pass endpoint security testing
The Grill: Patricia Titus
FireEye Lab
YAJ0: Yet Another Java Zero-Day
It's a Kind of Magic
The Number of the Beast
In Turn, It's PDF Time
LadyBoyle comes to town with a new exploit
YAJ0: Yet Another Java Zero-Day
It's a Kind of Magic
The Number of the Beast
In Turn, It's PDF Time.
LadyBoyle comes to town with a new exploit
An Encounter with Trojan Nap
Operation BEEBUS
Hackers Targeting Taiwanese Technology Firm
Happy New Year from New Java Zero-Day
CFR Watering Hole Attack Details
Linux Security
Free Online security course (LearnSIA) - A Call for Help
Using the sec-wall Security Proxy
sec-wall: Open Source Security Proxy
Securing a Linux Web Server
Password guessing with Medusa 2.0
Peter Smith Releases Linux Network Security Online
Password guessing as an attack vector
Squid and Basic Authentication
Squid and Digest Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
Using the sec-wall Security Proxy
sec-wall: Open Source Security Proxy
Book Review: Linux Kernel Programming
Securing a Linux Web Server
NetSec Blog
FBI launches cybersecurity project - from Keith
Wonderful bedtime stories - The Metasploit (wiki) ...
Pretty good ideas:The 10 Commandments for New Lin...
"Safe Bedside Table"
Speaking of Bad Guys
Nothing new here - Monster.com hacked, 1.6 million...
Storm Worm Strikes Back
Delete This! - A series of legal events means that...
U.S. legal time changing to UTC
Source Code Subpoena Request as Legal Defense Tact...
Design flaw in AS3 socket handling allows port pro...
Sprint to offer WiMAX-enabled Nokia N800 in 2008
Helix 1.9a Released
Will security firms detect police spyware?
Fall Classes Start August 23rd ITN260 Network Se...
ZDNet US Security
Microsoft to start phasing out its NNTP newsgroups
Apple vs. Adobe on antitrust: Should regulators dictate what's in an SDK?
Report: DOJ and FTC investigating Apple (Updated)
Apple in antitrust crosshairs? If so, Jobs' Flash rant makes more sense
Jailbreak for iPad and newer iPhone released
Counterfeit check security alert (5/3/2010)
Behind the open codec FUD attack
Avatar Blu-ray DRM bites legitimate customers
Facebook's privacy timeline: Possible backlash or just evolution?
Serious XSS flaw haunts Microsoft SharePoint
How to remove the ICPP Copyright Violation Alert ransomware
Microsoft's new directory-federation services finally ready to roll
iPad owning Windows users targeted by hackers
Google: Fake antivirus makes up 15 percent of all malware
iPad users on Windows targeted with malware
ZDNet UK Security
Mobile M2M connections set to rocket
India to create 8m outsourcing jobs in next decade
Mobile tech gets cautious praise from aid groups
Wi-Fi operator launches automatic sign-on tool
Microsoft platform tops Web 2.0 developer survey
Verizon funds undersea internet cable network
Vodafone lands multinational iPhone deal
India mulls tax-break extension for outsourcers
Microsoft resumes XP SP3, Vista SP1 updates
McAfee strikes Yahoo search deal
Sun previews JavaFX for rich web applications
Microsoft and Yahoo: The next step
Sun shows off JavaFX platform
Auction site QXL going, going, gone
Sun demos JavaFX apps
Politechbot
Hamline University student suspended after pro-gun rights email
MIT student picking up friend at airport nearly shot, charged with "infernal machine" crime
Colorado sheriff creates roadblock so private firm can demand DNA blood samples
Paul Levy: Politicians, infomercial kings try to stifle anonymous Internet speech
Federal police will gain access to military spy satellites
Congress at its finest: P2P networks as "national security threat"
Sen. John Kerry wants to outlaw "transmitting" dog fighting images
Whoops! Nevada governor accidentally posts Outlook password
FBI remotely installs spyware to trace bomb threat
Will security firms detect police spyware? A survey of 13 of them
Correction on security firms and detecting spyware
Democrats criticize AT&T's exclusive iPhone deal, just because they can
DEA key logger docs in Ecstasy drug case posted online
DEA key logger used to eavesdrop in real time on alleged drug manufacturers
John Gilmore on Real ID and why the immigration bill died
Slashdot
NY Doctor Recently Back From West Africa Tests Positive For Ebola
Incapacitating Chemical Agents: Coming Soon To Local Law Enforcement?
Microsoft Exec Opens Up About Research Lab Closure, Layoffs
SMART Begins Live Public Robocar Tests In Singapore
How Sony, Intel, and Unix Made Apple's Mac a PC Competitor
Tracking a Bitcoin Thief
We Need Distributed Social Networks More Than Ello
We Need Distributed Social Networks More Than Ello
German Publishers Capitulate, Let Google Post News Snippets
Ubuntu 14.10 Released With Ambitious Name, But Small Changes
Leaked Documents Reveal Behind-the-Scenes Ebola Vaccine Issues
Assange: Google Is Not What It Seems
Mark Zuckerberg Speaks Mandarin At Tsinghua University In Beijing
Tech Firm Fined For Paying Imported Workers $1.21 Per Hour
Sale of IBM's Chip-Making Business To GlobalFoundries To Get US Security Review
Government Computer News
Report: WikiLeaks source exploited security flaw
Out with the old security configurations, in with the new
Stuxnet story is high-profile but still out of reach
7 social media resolutions to keep in the new year
Lump of coal: No Android for your agency
Microsoft rolls out HTML5 Labs test site
Army salutes top 10 battlefield inventions
WikiLeaks app disappears from Apple App Store
To secure agency systems, start at the top
Do commercial electronics threaten military security?
NASA ahead of the curve in real-time IT security
The WikiLeaks lesson? It’s classified.
After the spending bill: What now?
FISMA 'capstone' document ready for public scrutiny
Group aims to help secure the technology supply chain
InfoSec News
Teacher Passwords Stolen, Grades Hacked At 3 Seattle High Schools
ICANN taps DefCon founder for top security spot
US-Russian dictionary defines cyber war, other concepts
Unfollowed: How a (Possible) Social Network Spy Came Undone
Advance Announcement: 2011 ACM Cloud Computing Security Workshop (CCSW) is back !
Phone-hacking laws are 'very uneven and unclear'
PlayStation credit card data was encrypted
Oracle hedging its vulnerability reports?
Are we talking "cyber war" like the Bush admin talked WMDs?
Experts dissect hacker attacks during cybersecurity forum at Hagerstown Community College
Cyberespionage: US finds FBI agents in elite unit lack necessary skills
[ACM CCS'11] Reminder: Deadline Approaching (May 6, 2011)
Police: Wireless network hacker targeted Seattle-area businesses
Is Iran just seeing Stars?
China Implicated In Hacking Of SMB Online Bank Accounts
CNet
Matterport 3D modeled a CNET studio in less than 2 hours
Your very own piece of galactic history (pictures)
Ways to view March Madness
Google Maps sails down the Colorado River (pictures)
The Blue Angels acrobatics are back (pictures)
NBA pros wear Google Glass to give fans a new point of view
The NBA puts you in the game with wearable tech (pictures)
NBA players wear Glass to enhance fan experience
James Bond's deadliest cars, boats, and jetpacks (pictures)
Wearable Technology Show dons fitness trackers, smart shorts (pictures)
Jules Verne-inspired steampunk submarine star of garden show (photos)
Hands-on with Oppo's Quad HD Find 7 phone (pictures)
Tech to enhance March Madness
Developers now have access to Oculus Rift Dev Kit 2 (pictures)
Tech to help decide on a college
InfoSec Officer
Creating a Modern Security Engineering Organization
Dyre Malware Reinforces Need for Strong Endpoint Security
BlackHat and DerbyCon 2014 Videos are Available!
Latest "CelebGate" Photo Leak is New News of an Old Problem
Scumblr and Sketchy: Gathering Threat Intel on a Budget!
Shakacon: Open Source Threat Intelligence [VIDEO]
Blackhat & DefCon Tips: 2014 Edition
Blackhat 2014 & Def Con 22 Cheat Sheets!
Netflix Open Sources AWS Monitoring Tool: Security Monkey!
The Ultimate XSS Protection Cheat Sheet for Developers
OSX Malware Persistence Overview
Windows Forensic Environment (WinFE) Online Training - FOR FREE!
Chief's Pick: Amazing Capture The Flag (CTF) Guide - Must Read
XSS: The Game - Train Developers on XSS the Fun Way
VIDEO: Bypassing Anti-Virus Easy Peasy
Rootsecure.net
Cisco Zine: How to create self-signed certificates
Cisco Zine: Unicast flooding due to asymmetric routing
Acros Security: Adobe Reader X (10.1.2) msiexec.exe Planting
Marco Ramilli's Blog: CVE-2012-0507
Cisco Zine: Twelve Cisco vulnerabilities
Cisco Zine: Cisco Linksys WVC200 Wireless-G PTZ Internet Video Camera buffer overflow
Offensive Security: FreePBX Exploit Phone Home
Cisco Zine: How to perform SSH RSA User Authentication
The Register: Researchers find MYSTERY programming language in Duqu Trojan
arstechnica: Stakeout: how the FBI tracked and busted a Chicago Anon
Marco Ramilli's Blog: Steganography Tools - a non exhaustive survey
arstechnica: Doxed: how Sabu was outed by former Anons long before his arrest
arstechnica: How Anonymous plans to use DNS as a weapon
Marco Ramilli's Blog: An interesting tool for your SwissKnife
Cisco Zine: Cisco Linksys WAG54GS CSRF Change Admin Password
Security Focus
Gunter Ollmann: Time to Squish SQL Injection
Infocus: Data Recovery on Linux and ext3
Infocus: WiMax: Just Another Security Challenge?
Mark Rasch: Lazy Workers May Be Deemed Hackers
Adam O'Donnell: The Scale of Security
Mark Rasch: Hacker-Tool Law Still Does Little
Infocus: Enterprise Intrusion Analysis, Part One
More rss feeds from SecurityFocus
News: Change in Focus
News: Google: 'no timetable' on China talks
News: Monster botnet held 800,000 people's details
News: MS uses court order to take out Waledac botnet
News: Latvian hacker tweets hard on banking whistle
Brief: Google offers bounty on browser bugs
Brief: Cyberattacks from U.S. "greatest concern"
Security Focus BugTraq
Vuln: Apple Mac OS X CVE-2014-4350 Buffer Overflow Vulnerability
Vuln: Apple Mac OS X CVE-2014-1391 Memory Corruption Vulnerability
Vuln: Apple Mac OS X QuickTime CVE-2014-4351 'm4a' File Handling Buffer Overflow Vulnerability
Vuln: Wireshark RTP Dissector CVE-2014-6421 Remote Denial of Service Vulnerability
Bugtraq: iFunBox Free v1.1 iOS - File Include Vulnerability
Bugtraq: File Manager v4.2.10 iOS - Code Execution Vulnerability
Vuln: Drupal TableField Module Cross Site Scripting Vulnerability
Vuln: Splunk 'Referer' Header Cross Site Scripting Vulnerability
Vuln: Drupal Marketo MA Module Multiple Cross Site Scripting Vulnerabilities
Vuln: Drupal Site Banner Module Cross Site Scripting Vulnerability
Bugtraq: FreeBSD Security Advisory FreeBSD-SA-14:22.nam ei
Bugtraq: FreeBSD Security Advisory FreeBSD-SA-14:20.rts old
Bugtraq: FreeBSD Security Advisory FreeBSD-SA-14:21.rou ted
Bugtraq: FreeBSD Security Advisory FreeBSD-SA-14:23.ope nssl
Vuln: Wireshark HIP Dissector CVE-2014-6426 Remote Denial of Service Vulnerability
Full Disclosure @Insecure.org
[KIS-2014-11] TestLink
[KIS-2014-12] TestLink
CVE-2014-7180 - ElectricCommander Local Privilege Escalation
Dell SonicWall GMS v7.2.x - Persistent Web Vulnerability
File Manager v4.2.10 iOS - Code Execution Vulnerability
Mulesoft ESB Authenticated Privilege Escalation
Vulnerabilities in WordPress Database Manager v2.7.1
Re: [oss-security] CVE request: remote code execution in Android CTS
Incredible PBX remote command execution exploit
iFunBox Free v1.1 iOS - File Include Vulnerability
File Manager v4.2.10 iOS - Code Execution Vulnerability
Files Document & PDF 2.0.2 iOS - Multiple Vulnerabilities
FileBug v1.5.1 iOS - Path Traversal Web Vulnerability
AST-2014-011: Asterisk Susceptibility to POODLE Vulnerability
Re: [oss-security] CVE request: remote code execution in Android CTS
SecurityTracker Vulnerabilities
Blue Coat ProxySG SSL 3.0 Protocol Downgrade Flaw Lets Remote Users Decrypt SSL Traffic
Blue Coat PacketShaper SSL 3.0 Protocol Downgrade Flaw Lets Remote Users Decrypt SSL Traffic
Blue Coat Director SSL 3.0 Protocol Downgrade Flaw Lets Remote Users Decrypt SSL Traffic
Wireshark Multiple Dissector Bugs Let Remote Users Deny Service
VMware vSphere Data Protection Discloses Authentication Information to Remote Users
FreeBSD routed(8) Processing Flaw Lets Remote Users Deny Service
FreeBSD namei Kernel Facility Memory Leak Lets Remote Users Deny Service
Microsoft Windows OLE Processing Flaw Lets Remote Users Execute Arbitrary Code
FreeBSD Buffer Overflow in rtsold(8) IPv6 Router Solicitation Daemon May Let Remote Users Execute Arbitrary Code
Apple iOS Bugs Let Users Obtain Potentially Sensitive Information
Asterisk SSL 3.0 Protocol Downgrade Flaw Lets Remote Users Decrypt SSL Traffic
Drupal Input Validation Flaw in Database Abstraction API Lets Remote Users Inject SQL Commands
Apple OS X Server Lets Local Users Access Passwords and Remote Users Bypass Access Control Settings
Apple OS X Multiple Flaws Let Users Execute Arbitrary Code, Obtain Elevated Privileges, Bypass Security Restrictions, and Obtain Potentially Sensitive Information
Apple QuickTime Buffer Overflow in Processing Audio Samples Lets Remote Users Execute Arbitrary Code
Dana Epp's Weblog
Time to party! Windows 7 is here!
RunAs Radio podcasts you might want to listen to
Coding Tip: Why you should always use well known SIDs over usernames for security groups
Major Windows 7 gotcha you should know about that may block you from upgrading
Microsoft SDL bans mempcy()... next it will be zeros!!!!
Using TS RemoteApp as an attack vector
Is Twittering safe?
Come have Coffee and Code in Vancouver with me and Microsoft tomorrow
Announcing Elevation of Privilege: The Threat Modeling Game
Reflecting on our Windows 7 birthday party
Time to party! Windows 7 is here!
RunAs Radio podcasts you might want to listen to
Coding Tip: Why you should always use well known SIDs over usernames for security groups
Major Windows 7 gotcha you should know about that may block you from upgrading
Microsoft SDL bans mempcy()... next it will be zeros!!!!
Cryptome
How to Donate
Cryptome
How to Donate
Texting Ban While Driving Commercial Vehicles
Funds for More Cops and Spies on Campus
SWIFT Lawful Spying Guide (337KB)
One Communications Lawful Spying Guide
Integra Telecom Lawful Spying Guide
Go Daddy Lawful Spying Guide
Masterspy Inflates and Churns Trivial Spy Info
National Security Threatened by Insane Waste (5.6MB)
DHS Inflates and Churns Aviation-Surface Sec
Law Enforcement Online Spying Guide (1.8MB)
CIA BBC Long-time Spy Partners (2MB)
Spy Reform Rest in Peace (879KB)
Silicon Security
ID cards: Seven years of missed deadlines and U-turns
Leaked report reveals billions in budget cuts for public sector IT
Photos: When hackers get together to do the world a favour
Why you must rein in your power users
Is losing a mobile device really such a big deal?
Trojan bank fraud gang sentenced
UK ID cards rollout hit by delay as launch date revealed
£500,000 fine coming for businesses that lose data?
Naked CIO: Is IT responsible for workers' output and errors?
Bletchley Park's World War Two codebreakers in their own words
Phishers set their sights on corporate accounts
'You're responsible for your own wi-fi security' say ISPs
'UK must up privacy safeguards following Phorm'
Hackers breach Guardian Jobs site
Video: 60-Second Pitch: End-point security
Netcraft
Google’s POODLE affects oodles
October 2014 Web Server Survey
Phishing with data: URIs
Most Reliable Hosting Company Sites in September 2014
September 2014 Web Server Survey
Most Reliable Hosting Company Sites in August 2014
August 2014 Web Server Survey
Most Reliable Hosting Company Sites in July 2014
July 2014 Web Server Survey
Most Reliable Hosting Company Sites in June 2014
Bitcoin phishers get desperate with search engine ads
Steam phishing attacks exploiting look-alike domain names
Deceptive search engine ads used in Bitcoin wallet attacks
Criminals launch mass phishing attacks against online dating sites
June 2014 Web Server Survey
Reuters - Tech/Internet
Fewer-than-expected listeners tune in to Pandora in third quarter
U.S. broadcasters win preliminary injunction against Aereo
Fewer-than-expected listeners tune in to Pandora in third quarter
Options investors see good times rolling for Facebook
GrubHub revenue jumps as more customers order food online
U.S. senator asks Internet providers to commit to no 'fast lanes'
Google bolsters artificial intelligence efforts, partners with Oxford
Yelp.com owner fourth-quarter revenue forecast misses expectations
Google launches new email service dubbed 'Inbox'
Angie's List revenue jumps 24 percent as ad sales rise
Hungary plans new tax on Internet traffic, public calls for rally
Apple CEO discusses security with top Chinese official amid hacking claims: Xinhua
New York financial regulator pushes banks to plug gaps in cybersecurity
Israel's ThetaRay turns to maths to detect cyber threats
Djibouti Internet start-up aims to boost broadband speeds across east Africa
InfoSec Writers
Experimental Review of IPSec Features to Enhance IP Security
Internet Acceptable Use Policies: Drawing the line
Securing Amazon Web Services (AWS) and Simple Storage Service (Amazon S3) Security
Getting maximum value from Penetration Testing
TERMPAPER: Smart Phone Hacking
An Analysis of the IDS Penetration Tool: Metasploit
Old School Newbie Guide circa 2000
Analysis of Malicious Software Infections
Malware in Information Security
DoS! Denial of Service
Experimental Review of IPSec Features to Enhance IP Security
Internet Acceptable Use Policies: Drawing the line
Securing Amazon Web Services (AWS) and Simple Storage Service (Amazon S3) Security
Getting maximum value from Penetration Testing
Cloud Computing – Storm Clouds or is it Smooth Flying?
OSVD
Oracle FLEXCUBE Universal Banking Core Component Unspecified Remote DoS
Oracle FLEXCUBE Universal Banking Core Component Unspecified Remote Information Disclosure
Oracle Agile PLM for Process Supplier Portal Component Unspecified Remote Issue
Oracle Agile PLM Install Component Unspecified Remote Issue
Oracle Agile PLM Supplier Portal Component Unspecified Remote Issue
Oracle Agile PLM SCRM - Company Profiles Component Unspecified Remote Issue
Oracle AutoVue Office Desktop API Component Unspecified Remote Issue
Oracle iPlanet Web Server Administrator Console Unspecified XSS
Linux Kernel net/ipv6/xfrm6_tunne l.c xfrm6_tunnel_rcv() Function Use-after-free IPv6 Packet Parsing Remote DoS
KVM Memory Leak IOMMU Device Mapping Unpinning Local DoS
RuggedCom Rugged Operating System (ROS) Hardcoded Credentials
Oracle Grid Engine Unspecified Local Privilege Escalation
PolicyKit wheel Group Local Admin Privilege Ecalation
Oracle Solaris Kernel/Privileges Component Unspecified Local Privilege Escalation
Oracle Solaris libsasl(3LIB) Component Unspecified Remote Issue
Microsoft Security
MS11-057 - Critical: Cumulative Security Update for Internet Explorer (2559049)
MS11-058 - Critical: Vulnerabilities in DNS Server Could Allow Remote Code Execution (2562485)
MS11-059 - Important: Vulnerability in Data Access Components Could Allow Remote Code Execution (2560656)
MS11-060 - Important: Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution (2560978)
MS11-061 - Important: Vulnerability in Remote Desktop Web Access Could Allow Elevation of Privilege (2546250)
MS11-062 - Important: Vulnerability in Remote Access Service NDISTAPI Driver Could Allow Elevation of Privilege (2566454)
MS11-063 - Important: Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege (2567680)
MS11-064 - Important: Vulnerabilities in TCP/IP Stack Could Allow Denial of Service (2563894)
MS11-065 - Important: Vulnerability in Remote Desktop Protocol Could Allow Denial of Service (2570222)
MS11-066 - Important: Vulnerability in Microsoft Chart Control Could Allow Information Disclosure (2567943)
MS11-067 - Important: Vulnerability in Microsoft Report Viewer Could Allow Information Disclosure (2578230)
MS11-068 - Moderate: Vulnerability in Windows Kernel Could Allow Denial of Service (2556532)
MS11-069 - Moderate: Vulnerability in .NET Framework Could Allow Information Disclosure (2567951)
MS11-053 - Critical: Vulnerability in Bluetooth Stack Could Allow Remote Code Execution (2566220)
MS11-054 - Important: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2555917)
CNet Security
Microsoft defends opening Hotmail account of blogger in espionage case
Microsoft sniffed blogger's Hotmail account to trace leak
Symantec fires CEO Steve Bennett
Syria's Internet goes dark for several hours
Microsoft sniffed private Hotmail account to trace trade secret leak
In most-anticipated SXSW talk in years, Edward Snowden fires up Austin
IBM's new services zero in on fraud, financial crime
In most-anticipated SXSW talk in years, Edward Snowden fires up Austin
In most-anticipated SXSW talk in years, Edward Snowden fires up Austin
Despite assault on privacy, Page sees value in online openness
In most-anticipated SXSW talk in years, Edward Snowden fires up Austin
Microsoft touts study showing the cost of pirated software
NSA top lawyer says tech giants knew about data collection
Hackers transform EA Web page into Apple ID phishing scheme
WikiLeaks' Julian Assange: NSA critics got lucky because agency had no PR strategy
F-Secure Weblog
Wanted: Testers For The Greatest Android App Ever
RATs threatening democracy activists in Hong Kong
One Doesn't Simply Analyze Moudoor
Bob and Alice Discover a Mac OPSEC Issue
NCR ATM API Documentation Available on Baidu
Terms of Service
CryptoWall updated to 2.0
Are malware authors targeting people via marketing services?
BlackEnergy 3: An Intermediate Persistent Threat
Notice: Freedome v2.0.1 Issue on iOS 8
CosmicDuke and the latest political news
Paying For Content
Why do Apple's security questions still suck?
A Twitch of Fate: Gamers Shamelessly Wiped Clean
H1 2014 Threat Report
Schneier on Security
Friday Squid Blogging: Giant Squid Found Off the Coast of Spain
Conspiracy Theories and the NSA
Another Interview
The NSA's Cryptographic Capabilities
The NSA Is Breaking Most Encryption on the Internet
Journal of Homeland Security and Emergency Management
The Effect of Money on Trust
Human/Machine Trust Failures
SHA-3 Status
Business Opportunities in Cloud Security
Syrian Electronic Army Cyberattacks
Our Newfound Fear of Risk
1983 Article on the NSA
Opsec Details of Snowden Meeting with Greenwald and Poitras
Friday Squid Blogging: Bobtail Squid Photo
Kasperky Lab Weblog
It’s an Easter Spam Eggs-traviganza!
A new version of Sality at large
Malicious Javascript vs. card reader
Moscow bombings lead to Twitter malware 'bombings'
The TJX Hacker Black SEO Campaign
No honor among thieves – even in Germany
It takes only one 'nice' person
Active Koobface C&C servers hit a record high – 200+ and counting
Koobface C&C servers steadily dropping - new spike coming soon?
New Brazilian banking Trojans recycle old URL obfuscation tricks
Lock, stock and two smoking Trojans: bank robbery in the 21st century
Adobe yet again
When too much is not enough too much.
Patch Tuesday
Too many passwords?
Network World Fusion
Israel-based software company claims police call recording software fixed
Beware the next circle of hell: Unpatchable systems
University researchers test cyber-defense for nation's power grid
Google pulls trigger, cripples some Chrome add-ons
Cloud provider FireHost's security chief brings lessons from the front lines
IBM patents technique for killing fraud, using click patterns
Companies should already know how to protect data, FTC argues
House panel investigating FTC data breach enforcement
Global mobile roaming hub accessible from the Internet and vulnerable, researchers find
How to avoid cyberspies on Facebook, LinkedIn
In baffling move, TrueCrypt open-source crypto project shuts down
Massive Flash exploit campaign directed at Japan seeks financial data
Google starts accepting 'right to be forgotten' requests in Europe
Hackers put security tool that finds payment card data into their arsenal
New attack methods can 'brick' systems, defeat Secure Boot, researchers say
SANS
ISC StormCast for Thursday, May 8th 2014 http://isc.sans.edu/ podcastdetail.html?i d=3969, (Thu, May 8th)
May OUCH Newsletter: I'm Hacked, Now What? http://www.securingt hehuman.org/resource s/newsletters/ouch/2 014#may2014, (Wed, May 7th)
New DNS Spoofing Technique: Why we haven't covered it., (Wed, May 7th)
ISC StormCast for Wednesday, May 7th 2014 http://isc.sans.edu/ podcastdetail.html?i d=3967, (Wed, May 7th)
And the Web it keeps Changing: Recent security relevant changes to Browsers and HTML/HTTP Standards, (Tue, May 6th)
ISC StormCast for Tuesday, May 6th 2014 http://isc.sans.edu/ podcastdetail.html?i d=3965, (Tue, May 6th)
Coin Mining DVRs: A compromise from start to finish., (Mon, May 5th)
ISC StormCast for Monday, May 5th 2014 http://isc.sans.edu/ podcastdetail.html?i d=3963, (Mon, May 5th)
Verizon 2014 Data Breach Report, (Sun, May 4th)
Observations from Key-logged Passwords, (Sat, May 3rd)
PHP 5.4.28 available. 19 bugs were fixed including CVE-2014-0185., (Fri, May 2nd)
ISC StormCast for Friday, May 2nd 2014 http://isc.sans.edu/ podcastdetail.html?i d=3961, (Fri, May 2nd)
Exposing WPA2 Paper, (Fri, May 2nd)
Busybox Honeypot Fingerprinting and a new DVR scanner, (Thu, May 1st)
Microsoft Announces Special Patch for IE 0-day (Win XP included!), (Thu, May 1st)
2600
NEW 'Off The Hook' ONLINE
NEW 'Off The Wall' ONLINE
NEW 'Off The Wall' ONLINE
AUTUMN ISSUE OF 2600 RELEASED ALONG WITH SPECIAL SUBSCRIBER OFFER
NEW 'Off The Hook' ONLINE
NEW 'Off The Wall' ONLINE
NEW 'Off The Hook' ONLINE
NEW 'Off The Wall' ONLINE
NEW 'Off The Hook' ONLINE
VOLUME 4 OF THE HACKER DIGEST RELEASED ALONG WITH DETAILS ON ITS HISTORY
NEW 'Off The Wall' ONLINE
NEW 'Off The Hook' ONLINE
NEW 'Off The Wall' ONLINE
NEW 'Off The Hook' ONLINE
NEW 'Off The Wall' ONLINE
CNet Security Blog
Mapping the human face in 900 megapixels
Not so fast: Environmental concerns halt Atari 'E.T.' cartridge dig
Matterport 3D modeled a CNET studio in less than 2 hours
Your very own piece of galactic history (pictures)
Ways to view March Madness
Google Maps sails down the Colorado River (pictures)
The Blue Angels acrobatics are back (pictures)
NBA pros wear Google Glass to give fans a new point of view
The NBA puts you in the game with wearable tech (pictures)
NBA players wear Glass to enhance fan experience
James Bond's deadliest cars, boats, and jetpacks (pictures)
Wearable Technology Show dons fitness trackers, smart shorts (pictures)
Jules Verne-inspired steampunk submarine star of garden show (photos)
Hands-on with Oppo's Quad HD Find 7 phone (pictures)
Tech to enhance March Madness
SecuriTeam
Apache mod_rewrite Vulnerability PoC
Adobe Flash Player 14.0.0.125 And AIR Cross Site Scripting Vulnerabilities
Autodesk SketchBook Pro PSD And PXD File Processing Two Vulnerabilities
Red Hat JBoss Products Remote Arbitrary Code Execution Vulnerabilities
Linux Kernel PPP Over L2TP Implementation Privilege Escalation Vulnerabilities
Google Chrome For Android Prior Multiple Security Vulnerabilities
Drupal 7.29 Multiple Remote Security Vulnerabilities
Cisco WebEx Meetings Server Information Disclosure Vulnerabilities
IBM Rational Software Architect Design Manager Security Vulnerabilities
Mozilla Firefox Memory Corruption Vulnerabilities
Microsoft Internet Explorer Execute Arbitrary Code Via A Crafted Web Site Vulnerabilities
Microsoft Internet Explorer 8 Memory Corruption Vulnerabilities
Mozilla Firefox Event Spoofing Vulnerabilities
Cisco Unified Customer Voice Portal Multiple Cross Site Scripting Vulnerabilities
SabreDAV XML External Entity Injection Vulnerabilities
Security Docs
54353
pass
SQL Injection Attack and Defense
Encryption Formula: In the True Light of Science
Writing syslog messages to MySQL
54353
pass
SQL Injection Attack and Defense
Encryption Formula: In the True Light of Science
Writing syslog messages to MySQL
Configuration of IPS to improve Incident Response Time
Foundations of Cryptography
SQL Injection Attack and Defense
Encryption Formula: In the True Light of Science
Writing syslog messages to MySQL
ZDNet - Security
Symantec fires CEO Steve Bennett
Syria's Internet goes dark for several hours
Microsoft defends opening Hotmail account of blogger in espionage case
Microsoft sniffed blogger's Hotmail account to trace leak
IBM's new services zero in on fraud, financial crime
Despite assault on privacy, Page sees value in online openness
NSA top lawyer says tech giants knew about data collection
Hackers transform EA Web page into Apple ID phishing scheme
Microsoft touts study showing the cost of pirated software
How to spy on your lover, the smartphone way
Mt. Gox update lets users see their Bitcoin balances
Fake Malaysia Airlines links spread malware
IBM: No, we did not help NSA spy on customers
Beware this big iOS flaw -- and it's not alone
Twitter CEO heads to China to meet with officials
Security Fix
Farewell 2009, and The Washington Post
Twitter.com hijacked by 'Iranian cyber army'
Hackers exploit Adobe Reader flaw via comic strip syndicate
Group IDs hotbeds of Conficker worm outbreaks
Hackers target unpatched Adobe Reader, Acrobat flaw
Check your Facebook 'privacy' settings now
Paper-based data breaches on the rise
Critical updates for Adobe Flash, Microsoft Windows
Security Fix author named 'cybercrime hero'
La. firm sues Capital One after losing thousands in online bank fraud
Phishers angling for Web site administrators
Apple issues security updates for Mac OS X
Bit.ly to scour shortened links for badness
Nastygram: CDC 'swine flu' vaccine scam
DC businessman loses thousands after clicking on wrong e-mail
eEye Advisories
eEye Retina Wireless Scanner .RWS File Processing Memory Corruption
Multiple Vulnerabilities in CA ARCserve for Laptops and Desktops
BitDefender Online Scanner 8 Double Decode Heap Overflow
Multiple Vulnerabilities In .FLAC File Format and Various Media Applications
CA BrightStor ARCserve Backup Server Arbitrary Pointer Dereference
VGX.DLL Compressed Content Heap Overflow Vulnerability
Windows Metafile AttemptWrite Heap Overflow
eEye Retina Wireless Scanner .RWS File Processing Memory Corruption
Multiple Vulnerabilities in CA ARCserve for Laptops and Desktops
BitDefender Online Scanner 8 Double Decode Heap Overflow
Multiple Vulnerabilities In .FLAC File Format and Various Media Applications
CA BrightStor ARCserve Backup Server Arbitrary Pointer Dereference
VGX.DLL Compressed Content Heap Overflow Vulnerability
Windows Metafile AttemptWrite Heap Overflow
eEye Retina Wireless Scanner .RWS File Processing Memory Corruption
iDefense Vulnerabilities
Microsoft Windows Kernel Invalid Trap-Frame Management Privilege Escalation Vulnerability
Microsoft OLE CPropertyStorage::Re adMultiple Variant Type Confusion Vulnerability
Microsoft Excel LABELSST Record Memory Corruption Vulnerability
Microsoft Windows Media Player DVR-MS Memory Corruption Vulnerability
Microsoft Internet Explorer Time Element Behavior Use-After-Free Vulnerability
Adobe Shockwave .w32 FLST Heap Buffer Overflow Vulnerability
Apple Safari font-face Use-After-Free Vulnerability
Novell ZenWorks Handheld Management ReadStatusRecordData Integer Overflow Vulnerability
Novell ZenWorks Handheld Management Unicode String Parsing Integer Overflow Vulnerability
HP StorageWorks P4000 Virtual SAN Remote Command Execution Vulnerability
Multiple Vendor WebKit XML Use-After-Free Vulnerability
RealNetworks RealPlayer AAC Codec Memory Corruption Vulnerability
RealNetworks RealPlayer RealVideo Renderer Memory Corruption Vulnerability
RealNetworks RealPlayer RVRENDER Heap Buffer Overflow Vulnerability
Sybase M-Business Anywhere Insecure Permissions Vulnerability
MSRC Blog
Security Advisory 2028859 Released
May 2010 Security Bulletin Webcast
May 2010 Security Bulletin Release
Advance Notification for the May 2010 Security Bulletin Release
Update on MS10-016 for Microsoft Producer
Security Advisory 983438 Released
MS10-025 Re-Release Ready
Update on MS10-025
MS10-025 Security Update to be Re-released
Guidance on Internet Explorer XSS Filter
April 2010 Security Bulletin Release
New email address for Microsoft security email notifications
April 2010 Bulletin Release Advance Notification
New Twitter Account: @MSFTSecResponse
March Out-of-Band Security Bulletin Webcast
milw0rm
Winplot (.wp2 File) Local Buffer Overflow Exploit
cP Creator 2.7.1 (Cookie tickets) Remote SQL Injection Exploit
CMScontrol 7.x (index.php id_menu) SQL Injection Vulnerability
ProdLer
Loggix Project
WX Guest Book 1.1.208 (SQL/XSS) Multiple Remote Vulnerabilities
Snort < 2.8.5 Unified1 Output Denial of Service Exploit
Joomla com_jinc (newsid) Blind SQL Injection Vulnerability
Joomla com_mytube (user_id) Blind SQL Injection Exploit
BigAnt Server
Joomla com_surveymanager (stype) SQL Injection Vulnerability
DDL CMS 1.0 Multiple Remote File Inclusion Vulnerabilities
Joomla com_jbudgetsmagic (bid) Remote SQL Injection Vulnerability
FSphp 0.2.1 Multiple Remote File Inclusion Vulnerabilities
Zainu (album_id) Remote SQL Injection Vulnerability
Infoworld - Zero Day
Taking down teen hackers
Crimeware-as-a-servi ce taking off
Start-up wins NSF grant, pitches new AV
Exploring the data security quandary
Outlook bleak for Phishing defeat
Core finds new CEO
Conference seeks to bridge risk, research
Clarke sharply criticizes Bush cyber-security plans
Research: IT security maturing, but misaligned
Tips on employee monitoring
Most sites still hack-able
Web attacks won't stop
Badware not pushing users offline
Researchers uncover 100 VoIP vulnerabilities
Innovation, regulation and research on tap at RSA 2008
Security Reason
Solarwinds Storage Manager 5.1.0 SQL Injection
Strato Newsletter Manager Directory Traversal
GENU CMS 2012.3 SQL Injection
PHP-Pastebin Cross Site Scripting
MyChipTime CMS Cross Site Scripting
Winds Online SQL Injection
Symantec pcAnywhere Remote Code Execution
Symantec pcAnywhere Insecure File Permissions / Privilege Escalation
Mikrotik Router Denial Of Service
Samsung NET-i Viewer Active-X SEH Overwrite
Drupal Node Gallery 6.x Cross Site Request Forgery
Drupal cctags 6.x / 7.x Cross Site Scripting
Drupal Taxonomy Grid 6.x Cross Site Scripting
Drupal Glossify Internal Links Auto SEO 6.x Cross Site Scripting
MyClientBase 0.12 SQL Injection
Out Law
OECD gives companies anti-bribery advice
EU ministers back revival of old IP enforcement law
Rescuecom drops AdWords suit
ASA to take over Facebook, Twitter regulation
Ofcom wades into UK 'Net Neutrality' row
Why it's hard to buy eyewear online: E-tailer complains to OFT
Superfast broadband would hit 70% coverage with no funding, says Government
YouTube adds captions for all videos to improve accessibility
YouTube threatened by changes to Digital Economy Bill
Contractual interest on damages does contribute to capped sum, rules High Court
Government slashes libel success fees
EU consults on universal broadband obligation
Germany's data retention law ruled unconstitutional over privacy concerns
ACTA will not undermine individuals' rights, says EU Commission
Google convictions reveal two flaws in EU law, not just Italian law
Heise Security
MOD scatters laptops like confetti
Vista's Integrity Levels, Part 1
Vista's Integrity Levels, Part 2
WDM Driver Test
Fuzzy ways of finding flaws
The year 2008 in a review through the crystal ball
Basic security for PHP software
Antivirus software as a malware gateway
Manipulated ATMs
Logging onto Windows networks without a password
Structure of the "Russian Business Network"
The HMRC data loss - the real implications
A second look at the Mac OS X Leopard firewall
Secure programming
Modern Hydra - the new tricks of spammers and phishers
HP Security Bloggers
Mass web attack comprimises thousands of sites via SQL Injection
Top Five Web Application Vulnerabilities 05/24/10 - 06/06/10
Lack of national data breach standards places burden on small businesses
Psychology of "Secure Code"
Top Five Web Application Vulnerabilities 5/10/10 - 5/23/10
HP’s updated Application Security Software takes aim at vulnerabilities
Top Five Web Application Vulnerabilities 4/27/10 - 5/9/10
Web application security still misunderstood
Source: Boston Talk
The Lesser of Two Weevils
Episode 30 - "But wait! there's more!"
Episode 29 - "Grade A+ Broken"
ASP.NET Cross-Site Scripting Followup: Mono
Episode 28 - "Making Your Vote Count (a lot)"
Episode 27 - "How to DoS an Airplane"
Light Blue Touchpaper
Post-Snowden: the economics of surveillance
IEEE Security and Privacy 2014
The pre-play vulnerability in Chip and PIN
Small earthquake, not many dead (yet)
New theme and upgrade
Heartbleed and RSA private keys
PhD studentship: Model-based assessment of compromising emanations
Latest health privacy scandal
Current state of anonymous email usability
Health privacy: complaint to ICO
Hardware Scrambling – No More Password Leaks
Ghosts of Banking Past
Financial cryptography 2014
Health privacy: not fixed yet
Research Assistants and Associates in OS, Compiler and CPU Security
ZDNet - Zero Day
Android app malware rates jump 40 percent
Single Android flaw can be used to target entire enterprise
iOS 7 records, displays user location data: Reactions from the trenches
DOJ probing claims U.S. drug agency 'collaborated' with NSA on intelligence
Cybersecurity incentive proposals from White House underwhelm
U.S. cloud industry stands to lose $35 billion amid PRISM fallout
Windows Phones open to hackers when connecting to rogue Wi-Fi
BGP spoofing - why nothing on the internet is actually secure
Trust the PKI or it's anarchy on the Internet
Carriers rush to fix SIM card vulnerability — by hacking into them
Best of Show, Black Hat USA 2013 Vendors and Sponsors
Researchers reveal details of active 'Comfoo' cyberespionage campaign
CFAA violations key to 2012 Obama victory?
Researchers reveal how to hack an iPhone in 60 seconds
Black Hat USA 2013: Day One, In Pictures
Secure Works
Transitive trust and SSL certificate verification
PCI Guidance on Virtualization and Cloud
DELL SECUREWORKS PARTNERS WITH QUALYS TO DELIVER SAAS-BASED VULNERABILITY MANAGEMENT SERVICES
Recent events cause re-assessment of SecurID integrity
Announcement: DELL SECUREWORKS WINS EUROPES MANAGED SECURITY SERVICE PROVIDER (MSSP) OF THE YEAR FROM SC MAGAZINE
April 2011 Patch Tuesday sets a new record
"Sony PlayStation Network Breach"
"Imperva SecureSphere XSS and the nature of security-product vulnerabilities"
Threat Analysis: RSA compromise: Impacts on SecurID
The Cloud Security Silver Lining
News: Happy birthday Dell: The beginning of an evolution/revolution (TG Daily)
Carrier IQ: Requires Additional Review
Transitive trust and SSL certificate verification
PCI Guidance on Virtualization and Cloud
DELL SECUREWORKS PARTNERS WITH QUALYS TO DELIVER SAAS-BASED VULNERABILITY MANAGEMENT SERVICES
Prevx
TDL4 rootkit is coming back stronger than before
ZeroAccess, an advanced kernel mode rootkit
Mozilla Firefox 4 just arrived: where is Electrolysis?
Carberp hits ZeuS and AV software
TDL4 rootkit is coming back stronger than before
ZeroAccess, an advanced kernel mode rootkit
Mozilla Firefox 4 just arrived: where is Electrolysis?
Carberp hits ZeuS and AV software
TDL4 rootkit is coming back stronger than before
ZeroAccess, an advanced kernel mode rootkit
Mozilla Firefox 4 just arrived: where is Electrolysis?
Carberp hits ZeuS and AV software
SpyEye, the infostealing trojan leader
Ransomware lands on the MBR
TDL4 exploits Windows Task Scheduler flaw
XSSed
Secure Amazon Seller Central password reset page XSSed
EV SSL-secured live PayPal site vulnerable to XSS
Persistent XSS bug discovered on eBay
More American Express sites vulnerable to XSS and open redirects
Cross-site scripting hole in American Express site using EV SSL
Amazon hit by persistent XSS vulnerability
Not surprisingly, McAfee websites are susceptible to XSS attacks
F-Secure, McAfee and Symantec websites again XSSed
Happy New Year 2012!
Another Ebay permanent XSS
Secure Amazon Seller Central password reset page XSSed
EV SSL-secured live PayPal site vulnerable to XSS
Persistent XSS bug discovered on eBay
More American Express sites vulnerable to XSS and open redirects
Cross-site scripting hole in American Express site using EV SSL
SANS Computer Forensics
"DFIRCON East Advanced Smartphone Forensics Challenge Winner Announced!"
"Announcing the GIAC Network Forensic Analyst Certification - GNFA"
"SANS Cyber Threat Intelligence Summit - Call For Papers Now Open"
"TorrentLocker Unlocked"
"Super Sunday Funday Forensic Challenge"
"Copier Forensics in 2014: The Good, The Bad, and The Ugly"
"Using Sysinternals System Monitor (Sysmon) in a Malware Analysis Lab"
"F-Response Enterprise now in FOR508: Advanced #DFIR"
"Dominando los 4 etapas del An\u00e1lisis de Malware"
"DFIRCON EAST Smartphone Forensics Challenge"
"Hibernation Slack: Unallocated Data from the Deep Past"
"Getting the most out of Smartphone Forensic Exams - SANS Advanced Smartphone Forensics Poster Release"
"SRP Streams in MS Office Documents Reveal Earlier Versions of Malicious Macros"
"Managing and Exploring Malware Samples with Viper"
"#FOR526 #MemoryForensics Course - Special Deal for Online Training and Capital City in July"
ZDNet Zero Day
'Extremely severe' flaw in Opera web browser
Serious XSS flaw haunts Microsoft SharePoint
How to remove the ICPP Copyright Violation Alert ransomware
1.5 million Facebook accounts offered for sale - FAQ
'Google even knows what you're thinking'
Microsoft admits MS10-025 patch didn't fix vulnerability
Attack of the Opt-In Botnets
Hundreds of high profile sites unprotected from domain hijacking
Report: ZeuS crimeware kit, malicious PDFs drive growth of cybercrime
Attackers hit Google single sign-on password system
Microsoft to fix security hiccups in IE 8 XSS filter
Researchers hack into Palm WebOS with text messages
Security gone awry: IE 8 XSS filter exposes sites to XSS attacks
Embedded PDF executable hack goes live in Zeus malware attacks
New Mac OS X malware variant spotted
Sophos - Graham Cluley
Firefox hit by critical zero-day vulnerability
Bredolab botnet shut down
Suspected Bredolab botnet operator arrested at Armenian airport
M00p virus-writing gang member pleads guilty
Will Google Street View encourage better Wi-Fi security?
6 year old's Happy Meal from McDonalds leads to Facebook clickjacking scam
Facebook sues CPALead CTO for alleged survey spamming
Facebook users call for application "walled garden" to protect against attacks
National Security Strategy: A windfall for computer security firms?
Yoinks! I'm a finalist in the Computer Weekly blog awards!
Cyberspace a "highest priority for UK national security", in black and green..
Cyberwarfare and Stuxnet discussed on Radio 4
Stuxnet on the BBC World Service
USA, your poorly protected PCs are polluting the world with spam
GCHQ chief talks of cyber attacks
[On your next visit to this page only news items you have not viewed will be displayed - cookies required]
Last Updated: Friday, 24th October 2014 @ 13:00:18