NEWS FEEDS CONSOLE (v2)
BBC News Technology
Milo comes out to play at TED
China web filter hit by problems
Highs and lows
dot.Rory
Tech brief
Morpurgo welcomes book technology
Airships to protect British troops
Microsoft to launch Windows slate
Outlook gets Facebook integration
Privacy fears over gay teen site
Tech Brief
Unmanned combat plane is unveiled
dot.Rory
Google debuts Android code tools
Facebook agrees to 'panic button'
Wired Magazine
Exclusive Gallery: 1983 Nintendo Family Computer Teardown
Electric Kettles Are Steeped in the Future
FaceTime Lets You Share Your Point of View
Sept. 2, 1969: First U.S. ATM Starts Doling Out Dollars
Hostage-Taker Besieges Discovery Channel, Posts Demands on Web
Aviation Thinks Outside the Black Box
Live Blog: Apple's iPod, Music Event
New Image of Superwind-Blowing Starburst Galaxy
Pakistan Flood-Relief Efforts Stuck at 1.0
Attorney: Army Disabled Manning's Weapon Prior to Leaks
Ugly Vegas Carpets Want You to Keep Playing
Video: Mysterious Patterns Reveal Self-Organizing Muscle Fibers
Aston Martin's Cygnet Microcar Headed to America
Hot Water Around Giant Carbon Star Creates Interstellar Mystery
Apple Takes Aim at Cable With Tiny New Apple TV
Net-Security Vulnerabilities
Red Hat VDSM Module SSL Connection Denial of Service Issue
PHP "ibase_gen_id() " Function off-by-one Buffer Overflow
Novell iPrint Client Multiple Security Vulnerabilities
ACCESSGUARDIAN Unspecified Cross-Site Scripting Issue
PHP City Portal "login.php" ; Multiple SQL Injection Issues
Netpet CMS "confirm.php&qu ot; Local File Include
Tuniac ".m3u" File Buffer Overflow
FreeBSD "setusercontext ()" Local Security Bypass Issue
Google Chrome Multiple Security Vulnerabilities
LXR Cross Referencer TITLE Element Cross-Site Scripting Issue
phpMyAdmin Multiple Cross-Site Scripting Vulnerabilities
DotNetNuke Syndication Handler Remote Denial of Service Issue
SonicWALL E-Class SSL-VPN Format String Issue
UiPlayer "UiCheck.dll&qu ot; ActiveX Buffer Overflow
Linux Kernel JFS xattr Namespace Rules Security Bypass Issue
eWeek Security
Check Point Pushes Virtual Security for VMware Environments
How to Design a Secure DMZ
HP WebScan Feature Can Expose Scanned Documents
Spammers Stay Busy Despite Pushdo Botnet Hit
Microsoft Releases New 'Fix-it' for DLL Vulnerability
Trend Micro Targets Virtualization, Cloud Security
Phishing Attacks Target CEOs
Hackers Focus on Misconfigured Networks, Survey Finds
Twitter Turns to OAuth for Application Authentication
Researchers Find Quantum Encryption Hack
AVG Lists Most Dangerous Countries for Web Surfers
CA to Acquire Arcot Systems for Fraud Prevention
3M to Acquire Cogent Systems for Biometric Security
India`s BlackBerry Compromise Won`t Solve Underlying Security Problem
U.S. Cyber-Security Leads Week in Security News
Computer Crime Research Center
Support site for victims of cybercrime set to close
Apple devices are vulnerable to attack, say German security officials
Cybercrime costs firms $3.8 million yearly
Bulgarian police shut down websites
Cyber crimes cost organizations $3.8 million per year
Cybercrime: one in 10 computers vulnerable to attack
Anti-fraud coalition lauded as 'useful' in cybercrime fight
America to help Nigeria tackle cyber crime
Space crunch puts GRP cyber crime cell on hold
Cybercrime getting more sophisticated
Law enforcement equipped to battle cyber crime
Microsoft launches cybercrime center
Lewis: U.S. not in a cyber war
Get ready for cyber crime on the phone
Cyber crime: UNIOSUN partners Microsoft
The Register
Samsung specs up 7in Android tablet
If HP gets 3PAR, does Donatelli get HP?
Hands on with Motorola's Milestone 2 and Defy
NASA seeks inflatable popup roof for camper vans on Mars
My Exchange conversion
Punters still puzzled by broadband ads
RFID patent pool prices up wireless
StreetView passed by Kiwi cops
Verbatim InSight 500GB external hard drive
General Motors bitchslaps Tesla with Range Anxiety™
Apple inks Ping trademark deal with golf gear maker
Jobs takes swing at Google over Android activations
Apple states tax take on UK iPod pricing
HP bids $2.4bn for 3PAR
Boris bikes for tourists delayed till year end
Net-Security News
NEW URL FOR HNS RSS FEED: http://feeds.feedbur ner.com/HelpNetSecur ity
NEW URL FOR HNS RSS FEED: http://feeds.feedbur ner.com/HelpNetSecur ity
NEW URL FOR HNS RSS FEED: http://feeds.feedbur ner.com/HelpNetSecur ity
Off the wire: Microsoft seeks patent for office 'spy' software
Security World: Wireless security lacking at a large convention
Off the wire: Setup and benchmark encrypted partitions in Ubuntu
Security World: Information Security Forum: It is time to take information classification seriously
Security World: USB encryption product news #1: KeyPoint Solo Vault
Security World: USB encryption product news #2: SafeHouse 3.0
Security World: 5 VoIP threat predictions for 2008
Off the wire: Annvix: A stable, secure, no-frills server distro
Virus Center: Don't fall in love with the Storm worm
Off the wire: Swedish prosecutors dump 4,000 legal docs on The Pirate Bay
Off the wire: Student points out 2nd security flaw on TSA Web site
Off the wire: MediaDefender hacker speaks out
Net-Security Advisories
Apple Product Security - iTunes 10 (APPLE-SA-2010-09-01 -1)
Ubuntu Security Notice - wget vulnerability (USN-982-1)
SUSE Security Announcement - kernel (SUSE-SA:2010:036)
SUSE Security Announcement - acroread (SUSE-SA:2010:037)
Mandriva Linux Security Update Advisory - openssl (MDVSA-2010:168)
Debian Security Advisory - New wireshark packages fix several vulnerabilities (DSA 2101-1)
Mandriva Linux Security Update Advisory - perl-libwww-perl (MDVSA-2010:167)
VMware Security Advisory - VMware ESX third party updates for Service Console (VMSA-2010-0013)
VMware Security Advisory - ESX Service Console and vMA third party updates (VMSA-2010-0004.3)
Ubuntu Security Notice - libwww-perl vulnerability (USN-981-1)
Ubuntu Security Notice - bogofilter vulnerability (USN-980-1)
Mandriva Linux Security Update Advisory - libgdiplus (MDVSA-2010:166)
Mandriva Linux Security Update Advisory - libHX (MDVSA-2010:165)
Debian Security Advisory - New openssl packages fix double free (DSA 2100-1)
Mandriva Linux Security Update Advisory - phpmyadmin (MDVSA-2010:163)
Linux Exposed
Analyzing Malicious SSH Login Attempts
Enhance Security with Port Knocking
Preventing Accidental Denial of Service
Torrents and SSH Tunnels
Ilegal SEO techniques
Cracking WPA and WPA2 passwords
Windows Hacking and Windows Security Site
Inspecting HTTP
Hosted Exchange and Hosted Sharepoint
Using IPC -- pipes
Formatstrings and OpenBSD
Analyzing Malicious SSH Login Attempts
Enhance Security with Port Knocking
Preventing Accidental Denial of Service
Torrents and SSH Tunnels
Info World Security
Fake security software scammers jump on Conficker
China denies cyberespionage charges
Gartner: IT spending drop-off worse than after dot-com bust
Conficker activation passes quietly, but threat isn't over
Forrester now says '09 U.S. IT spend to drop 3.1 percent
Conficker may be more widespread than previously thought
Bill would give feds role in private sector cybersecurity
IBM continues push for Sun, but will the deal kill Solaris?
Hackers seize on 0-day flaw in Microsoft's PowerPoint
IBM sees Conficker hitting 4 percent of PCs
Fake security software scammers jump on Conficker
China denies cyberespionage charges
Gartner: IT spending drop-off worse than after dot-com bust
Conficker activation passes quietly, but threat isn't over
Forrester now says '09 U.S. IT spend to drop 3.1 percent
Hack In The Box
DARPA launches insider threat detection effort for military
Heartland to pay Discover $5M for 2008 data breach
Malware hosted on Google Code project site
PSJailbreak code leaked online
How Google attacks changed the security game
Algerian Hackers Attack Wrong Website
Malaysian National Institute of Public Administration suffers cyber attack
Apple's iOS 4.1 ships Sept. 8
US undergrads crash NASA satellite into Arctic
Windows Phone 7: Done
China demands real names from mobile phone users
How Your Cloud Dream Is Becoming a Security Nightmare
VMWare Sees Big Business In Becoming The Internet Operating System
Feds crack phone clone scam that cost Sprint $15m
How to Design a Secure DMZ
CERT
TA10-238A: Microsoft Windows Insecurely Loads Dynamic Libraries
TA10-231A: Adobe Reader and Acrobat Vulnerabilities
TA10-223A: Adobe Flash and AIR Vulnerabilities
TA10-222A: Microsoft Updates for Multiple Vulnerabilities
TA10-194A: Microsoft Updates for Multiple Vulnerabilities
TA10-194B: Oracle Updates for Multiple Vulnerabilities
TA10-162A: Adobe Flash and AIR Vulnerabilities
TA10-159A: Adobe Flash, Reader, and Acrobat Vulnerability
TA10-159B: Microsoft Updates for Multiple Vulnerabilities
TA10-131A: Microsoft Updates for Multiple Vulnerabilities
TA10-103B: Oracle Updates for Multiple Vulnerabilities
TA10-103C: Adobe Reader and Acrobat Vulnerabilities
TA10-103A: Microsoft Updates for Multiple Vulnerabilities
TA10-089A: Microsoft Internet Explorer Vulnerabilities
TA10-068A: Microsoft Updates for Multiple Vulnerabilities
Computer World Security
Dot-org domains can now be protected by DNSSEC
iPhones, iPads in the enterprise: 5 security views
Fiberlink aims to cut costs with cloud patch management
Apple leaves iPad vulnerable after monster iPhone patch job
Trustwave buys application firewall maker
The 4 tiers of a secure B2B framework
World Cup: Guard labor strike was a game-changer
Why security needs to catch up to Web 2.0
Most firms face security 'red alert' as XP SP2's retirement looms
Wireless security myths 2010
Avenda offers full-featured network access control
Alcatel-Lucent/InfoE xpress combo needs better integration
Ultimate guide to network access control products
Network access control vendors pass endpoint security testing
The Grill: Patricia Titus
Sophos - Graham Cluley
I Don't Care button spam on Facebook
Mark Zuckerberg spots friend's Facebook account is hacked
Shocking hidden message on Coca-Cola logo, and other Facebook scams
Fake TweetDeck update preys on Twitter users
Don't panic! The ragtime jazz virus hasn't infected Gmail
PCI data security song [VIDEO]
iPad and iPhone 4 tester scams hit Facebook
Did Gmail make you look like a spammer this week?
Follow Cluley on the new Digg
Outbreak: Fake Fedex Tracking Number emails carry malware
Girl who had sex with 5000 men exploited by sleazy Facebook scammers
Mystery surrounds iTunes/PayPal web scam
Apple issues PDF security patch and other Mac OS X updates
Malicious spammers launch major fake anti-virus attack
Zurich Insurance slammed with £2.28 million fine for losing customer data
FireEye Lab
Infiltrating Pushdo -- Part 2
Chasing CnC Servers - Part 1
Musings on download_exec.rb
World's Top Malware
World's Smallest PDF
Mariposa Still Alive
Some Notes About Neosploit
Storm Resurrection, is it true?
Who is Exploiting the Java 0-day?
Win32 API Shellcode Hash Algorithm
Black Energy Crypto
MITB (Man in the Browser) Protection Layers
Conference Stuff
Man in the Browser
Who is Exploiting the Adobe Flash 0-day? - Part 2
Linux Security
Review: The Official Ubuntu Book
Review: Zabbix 1.8 Network Monitoring
Review: Hacking: The Art of Exploitation, Second Edition
Review: Ubuntu Unleased 2010 Edition: Covering 9.10 and 10.4
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Review: Practical Guide to Linux Commands, Editors, and Shell Programming
Review: Mod-Security 2.5 by Magnus Mischel
Review: Googling Security: How Much Does Google Know About You
A Secure Nagios Server
Never Installed a Firewall on Ubuntu? Try Firestarter
Review: Hacking Exposed Linux, Third Edition
Security Features of Firefox 3.0
Review: The Book of Wireless
Review: Googling Security: How Much Does Google Know About You
A Secure Nagios Server
NetSec Blog
FBI launches cybersecurity project - from Keith
Wonderful bedtime stories - The Metasploit (wiki) ...
Pretty good ideas:The 10 Commandments for New Lin...
"Safe Bedside Table"
Speaking of Bad Guys
Nothing new here - Monster.com hacked, 1.6 million...
Storm Worm Strikes Back
Delete This! - A series of legal events means that...
U.S. legal time changing to UTC
Source Code Subpoena Request as Legal Defense Tact...
Design flaw in AS3 socket handling allows port pro...
Sprint to offer WiMAX-enabled Nokia N800 in 2008
Helix 1.9a Released
Will security firms detect police spyware?
Fall Classes Start August 23rd ITN260 Network Se...
joatBlog
We've moved.
OpenSuse 11.2
SELF Day 1
Bitlbee and Everything
SELF 2010
Upgrade frustration
Connecting Bitlbee to ????
Update to OpenFire and JIRC
CDR notes update
Vertex/Yaesu VX-150
Openfire install II
Trixbox Xen?
Update: Pulling RSS feeds through a translator
Working...
One for your toolkit
ZDNet US Security
Microsoft to start phasing out its NNTP newsgroups
Apple vs. Adobe on antitrust: Should regulators dictate what's in an SDK?
Report: DOJ and FTC investigating Apple (Updated)
Apple in antitrust crosshairs? If so, Jobs' Flash rant makes more sense
Jailbreak for iPad and newer iPhone released
Counterfeit check security alert (5/3/2010)
Behind the open codec FUD attack
Avatar Blu-ray DRM bites legitimate customers
Facebook's privacy timeline: Possible backlash or just evolution?
Serious XSS flaw haunts Microsoft SharePoint
How to remove the ICPP Copyright Violation Alert ransomware
Microsoft's new directory-federation services finally ready to roll
iPad owning Windows users targeted by hackers
Google: Fake antivirus makes up 15 percent of all malware
iPad users on Windows targeted with malware
ZDNet UK Security
Mobile M2M connections set to rocket
India to create 8m outsourcing jobs in next decade
Mobile tech gets cautious praise from aid groups
Wi-Fi operator launches automatic sign-on tool
Microsoft platform tops Web 2.0 developer survey
Verizon funds undersea internet cable network
Vodafone lands multinational iPhone deal
India mulls tax-break extension for outsourcers
Microsoft resumes XP SP3, Vista SP1 updates
McAfee strikes Yahoo search deal
Sun previews JavaFX for rich web applications
Microsoft and Yahoo: The next step
Sun shows off JavaFX platform
Auction site QXL going, going, gone
Sun demos JavaFX apps
Politechbot
Federal police will gain access to military spy satellites
Congress at its finest: P2P networks as "national security threat"
Sen. John Kerry wants to outlaw "transmitting" dog fighting images
Whoops! Nevada governor accidentally posts Outlook password
FBI remotely installs spyware to trace bomb threat
Will security firms detect police spyware? A survey of 13 of them
Correction on security firms and detecting spyware
Democrats criticize AT&T's exclusive iPhone deal, just because they can
DEA key logger docs in Ecstasy drug case posted online
DEA key logger used to eavesdrop in real time on alleged drug manufacturers
John Gilmore on Real ID and why the immigration bill died
Ethan Ackerman on politics behind Real ID and the immigration bill
Senate backs away from Real ID Act
John Gilmore on ACLU, free speech, and its checked history
W3C's openness hypocrisy: Public barred from "public" conference
Slashdot
The Best Video Games On Awful Systems
IBM Unveils Fastest Microprocessor Ever
Hawking Picks Physics Over God For Big Bang
Woman Wins Libel Suit By Suing Wrong Website
Samsung Shows Off Galaxy Tab, Android Allegiance
Ping Could Be Apple's Social Networking Backdoor?
Australian Crackdown On Console Modchips Likely To Continue
Target To Sell Facebook "Credits" As Gift Cards
Lineage II Addiction Lawsuit Makes It Past the EULA
Solving an Earth-Sized Jigsaw Puzzle
China Demands Real Names From Mobile Phone Users
A New Species of Patent Troll
Li-Ion Batteries Get Green Seal of Approval
Charles Darwin's Best-kept Secret
Senate Trying To Slip Internet Kill Switch Past Us
Government Computer News
DARPA tries to know when to hold 'em
Serious times: Unisys CISO talks tough
Researchers knock part of the Internet offline
How Google attacks changed the security game
Malware's role in fatal 2008 air crash
DOD's response could be driving traffic to WikiLeaks
Microsoft releases 'Fix it' help for DLL security flaw
Need to deploy DNSSEC? NIST publishes its how-to.
Does NSA's cybersecurity mission extend to the dot-com domain?
GSA fast tracks requirements for FedRAMP
The cyberattack that awakened the Pentagon
PowerPoint, Firefox, other apps at risk from Windows vulnerability
Domain-name security measure expands
Gates orders increased data sharing to protect military families
Microsoft warns of DLL flaw involving remote servers
InfoSec News
State retiree data breached
Darpa’s Star Hacker Looks to WikiLeak-Proof Pentagon
Iran's Cyber Army Hacks 1, 000 US, British, French Gov't Websites
IT Security Unleashes Employee Complaints
[Dataloss Weekly Summary] Week of Sunday, August 22, 2010
Obama to loosen rules on technology exports
Focus on Secrecy Could Hamper Pentagon's Cybersecurity Plans
HP Holds Navy Network 'Hostage' for $3.3 Billion
Gareth Williams: 'backroom boy' spy was really a high-flier
Linux Advisory Watch: August 27th, 2010
3 areas where FUD needs to stop
New DDoS Botnet Hits Nearly 200 Websites
Audit finds computer misuse at state employment agency
Pentagon considers preemptive strikes as part of cyber-defense strategy
CALL FOR PARTICIPATION-3rd Summer School on Network and Information Security (NIS'10)
CNet
Exclusive deals make 3D TV audience even smaller
Is Apple's iPod tune getting old?
Samsung: Galaxy Tab has leg up on Apple iPad
Steve Jobs on why no Facebook for Ping
HP ups 3Par bid to $33 a share
Walkman beats iPod in Japan, if only for a moment
Google and AOL renew their partnership
Two years on, Chrome reshapes browser market
A peek inside a new HP Netbook and ultrathin
Twitter plans to record all links clicked
How Apple's Ping dings Twitter, Facebook
Tab tweaks land in Chrome Canary
Apple teases third-party AirPlay support, but details are scarce
New Ford police utility vehicle targets tech (photos)
Apple iPod Touch, the best gets better
InfoSec Officer
How To DDOS A Cellphone, or How To Be A Complete Douchebag
BlackHat 2010 Presentations & Materials
DefCon 18 Day 2
DefCon 18 Day 1
BlackHat Briefings 2010: Day 2 LiveBlog
BlackHat 2010 Video! The ATM Hack and Jackpot
BlackHat Briefings 2010: Day 1 LiveBlog
BlackHat and DefCon Tips: 2010/N00b Edition
Did You Leave Your Video Tape In the VCR?
Spies, Lies and Damned Help Desks
Does It Ever Stop Haunting You?
2010 Forensic 4Cast Awards: Cast Your Nominations!
The iPad: So Easy, A Monkey Can Use It - Part II
Help Needed: Can You Identify This Sticker Found At An Airport?
Guest Case File Alert: Case of The Broken Bank
Rootsecure.net
IT World: China demands real names from mobile phone users
CNet: Skyfire promises Flash video playback on its iPhone app
Threat Post: Google Code Discovered Serving Malware
Darknet: Windows PowerShell DNS Server Blackhole Tool Blacklist Domains
H Security: Secunia's PSI 2.0 beta tackles Windows update annoyances
Apple Insider: Apple to offer live video stream of Wednesday's keynote
Bruce Schneier: Eavesdropping on Smart Homes with Distributed Wireless Sensors
c|net: Cars - The next hacking frontier?
Krebs On Security: MS Fix Shores Up Security for Windows Users
Network World: Gmail promo for Priority Inbox creeps out Chrome users
Net Security: Misconfigured networks main cause of breaches
arstechnica: Own your gaming console - iFixit now offers tools, guides, parts
CNN: Gmail looks to clear clutter with Priority Inbox
SANS: Interesting PHP injection
The Atlantic: Prison Without Walls
Security Focus
Infocus: WiMax: Just Another Security Challenge?
Mark Rasch: Lazy Workers May Be Deemed Hackers
Adam O'Donnell: The Scale of Security
Mark Rasch: Hacker-Tool Law Still Does Little
Infocus: Enterprise Intrusion Analysis, Part One
More rss feeds from SecurityFocus
News: Change in Focus
News: Google: 'no timetable' on China talks
News: Monster botnet held 800,000 people's details
News: MS uses court order to take out Waledac botnet
News: Latvian hacker tweets hard on banking whistle
News: Almost 2,500 firms breached in ongoing hack attack
News: Two Chinese schools implicated in Google Aurora attacks
News: Adobe pushes out Flash security fix
News: CIA, PayPal under bizarre SSL assault
Security Focus BugTraq
Vuln: PGP Desktop DLL Loading Arbitrary Code Execution Vulnerability
Vuln: Microsoft Windows Media Encoder 9 DLL Loading Arbitrary Code Execution Vulnerability
Vuln: WebKit JavaScript Array Signedness Error Remote Code Execution Vulnerability
Vuln: WebKit Regular Expression Handling Remote Memory Corruption Vulnerability
Vuln: WebKit 'font-face' and 'use' Elements Use-After-Free Remote Code Execution Vulnerability
Vuln: dBpowerAMP Audio Player M3U Buffer Overflow Vulnerability
Vuln: Softbiz Jokes and Funny Pictures Script 'sbjoke_id' Parameter SQL Injection Vulnerability
Vuln: Novell Netware SSH Remote Buffer Overflow Vulnerability
Bugtraq: XSS vulnerability in Rumba CMS
Bugtraq: XSS vulnerability in Amiro.CMS FAQ
Bugtraq: XSS vulnerability in ArtGK CMS forum
Bugtraq: Online Binary Planting Exposure Test
Bugtraq: [ MDVSA-2010:166 ] libgdiplus
Bugtraq: ZDI-10-168: Apple QuickTime ActiveX _Marshaled_pUnk Remote Code Execution Vulnerability
Bugtraq: KeePass version 2.12
Full Disclosure @Insecure.org
Re: DLL hijacking POC (failed, see for yourself)
Re: DLL hijacking POC (failed, see for yourself)
Re: DLL hijacking POC (failed, see for yourself)
[USN-982-1] Wget vulnerability
Re: DLL hijacking POC (failed, see for yourself)
Vulnerabilities in CMS WebManager-Pro
Re: DLL hijacking POC (failed, see for yourself)
[ MDVSA-2010:169 ] mozilla-thunderbird
Re: DLL hijacking POC (failed, see for yourself)
Re: DLL hijacking POC (failed, see for yourself)
Moovida Media Player version 2.0.0.15 Insecure DLL Hijacking Vulnerability (libc.dll, quserex.dll)
Re: DLL hijacking POC (failed, see for yourself)
Re: DLL hijacking POC (failed, see for yourself)
Re: DLL hijacking POC (failed, see for yourself)
Re: DLL hijacking POC (failed, see for yourself)
SecurityTracker Vulnerabilities
Linux Kernel Null Pointer Dereference in irda_bind() May Let Local Users Gain Elevated Privileges
cPanel Error in 'autoinstallhome.php ' Lets Local Users Bypass PHP Restrictions
HP Insight Diagnostics Online Edition Input Validation Hole Permits Cross-Site Scripting Attacks
Apple QuickTime Flaw in QTPlugin.ocx ActiveX Control Lets Remote Users Execute Arbitrary Code
Novell NetWare SFTP/SCP Buffer Overflow Lets Remote Authenticated Users Execute Arbitrary Code
Novell Identity Manager Lets Local Users Obtain Passwords
TANDBERG MXP Videoconferencing System SNMP Processing Error Lets Remote Users Deny Service
Cisco IOS XR BGP Attribute Processing Flaw Permits Denial of Service Attacks
RealPlayer Bugs Let Remote Users Obtain Files and Execute Arbitrary Code
NetBSD Buffer Length Check Error in CODA File System Lets Local Users Read Kernel Memory
IBM AIX Buffer Overflow in ftpd Lets Remote Authenticated Users Execute Arbitrary Code
HP Software Distributor Lets Local Users Gain Elevated Privileges
Trend Micro Internet Security Pro Memory Access Error in 'UfPBCtrl.dll' ActiveX Control Lets Remote Users Execute Arbitrary Code
Cisco Unified Presence SIP Processing Flaws Let Remote Users Disrupt Presence Services
Cisco Unified Communications Manager SIP Processing Flaws Let Remote Users Interrupt Voice Services
Dana Epp's Weblog
Major Windows 7 gotcha you should know about that may block you from upgrading
Microsoft SDL bans mempcy()... next it will be zeros!!!!
Using TS RemoteApp as an attack vector
Is Twittering safe?
Come have Coffee and Code in Vancouver with me and Microsoft tomorrow
Announcing Elevation of Privilege: The Threat Modeling Game
Reflecting on our Windows 7 birthday party
Time to party! Windows 7 is here!
RunAs Radio podcasts you might want to listen to
Coding Tip: Why you should always use well known SIDs over usernames for security groups
Major Windows 7 gotcha you should know about that may block you from upgrading
Microsoft SDL bans mempcy()... next it will be zeros!!!!
Using TS RemoteApp as an attack vector
Is Twittering safe?
Come have Coffee and Code in Vancouver with me and Microsoft tomorrow
Cryptome
Blocking Property of VIPs in North Korea
USA v. Stephen Jin-Woo Kim Court Filings
Russias New Military Doctrine
Obama Attacks North Korea with Money Weapons
DoD Leaked the Bradley Manning Material
Transit Security Whistleblower Protection
Wikileaks Mail Reverse
The True Story of The KGB Romeo Spy (526KB)
Microsoft Data Center San Antonio Eyeball
DoD Enlisted Administrative Separations
DoD Order of Succession
DoD Open Source Intelligence
IARPA RFI Recognizing Spy Signals
IARPA RFP Safe and Secure Spy Operations
IARPA RFP Innovative Spy Means and Methods
Silicon Security
ID cards: Seven years of missed deadlines and U-turns
Leaked report reveals billions in budget cuts for public sector IT
Photos: When hackers get together to do the world a favour
Why you must rein in your power users
Is losing a mobile device really such a big deal?
Trojan bank fraud gang sentenced
UK ID cards rollout hit by delay as launch date revealed
£500,000 fine coming for businesses that lose data?
Naked CIO: Is IT responsible for workers' output and errors?
Bletchley Park's World War Two codebreakers in their own words
Phishers set their sights on corporate accounts
'You're responsible for your own wi-fi security' say ISPs
'UK must up privacy safeguards following Phorm'
Hackers breach Guardian Jobs site
Video: 60-Second Pitch: End-point security
Netcraft
August 2010 Web Server Survey
Most Reliable Hosting Company Sites in July 2010
July 2010 Web Server Survey
Firefox security test add-on was backdoored
Most Reliable Hosting Company Sites in June 2010
June 2010 Web Server Survey
June 2010 Web Server Survey
iPad: New incentive for phishing site reporters
Twitter still affected by networking error
Most Reliable Hosting Company Sites in May 2010
Busiest Sites Hosting Provider Switching Analysis
Netcraft News feed has moved
Symantec buys large share of SSL market
The Pirate Bay returns to the internet
May 2010 Web Server Survey
Reuters - Tech/Internet
AOL renews Google search agreement
Apple TV a first step for more ambitious plans?
Gameworld: Tween players impacting online game development
U.S. delays Web traffic rules by seeking more comment
Baidu to focus mobile Internet investment on search
Nokia to close down data access service Ovi Files
Apple TV takes aim at Web-connected living room
ASCAP flips switch on free app
Mother of young Syrian blogger appeals for her release
Apple takes wraps off new lineup of iPods
U.S. weighing wireless Web traffic rules
Target stores to sell Facebook gift cards
India says will ask Google and Skype for data access
"Robot Chicken" duo in Web reality experiment
Microsoft seeks China internet search partner: report
InfoSec Writers
Shedding Light on Quantum Cryptography
Experimental Review of IPSec Features to Enhance IP Security
The Importance of Securing AJAX Web Applications
End Points Malfeasance
Interpreting the Results of a Vulnerability Assessment: How to Focus on What’s Important in Your Web Application Security Testing
Biometrics, What and How
Why Passwords do not live up to Today's Needs
Infection Vectors In JSON Uniform Messaging Protocol
Preparing for Security Event Management
New Technology in the Armed Forces
Smart Surveillance
Virtual Private Networks: IPSec Vs. SSL
Securing a Virtual Environment
Investigating the SANS/CWE Top 25 Most Dangerous Programming Errors List
Cloud Computing – Storm Clouds or is it Smooth Flying?
OSVD
This feed is no more! Please see osvdb.org for more info.
This feed is no more! Please see osvdb.org for more info.
This feed is no more! Please see osvdb.org for more info.
Wireshark Checkpoint FW-1 Dissector Format String Flaw - Mon, 17 Jul 2006 10:03:49 EDT
VLC Media Player Ogg/Theora File Handling Plugin Format String - Wed, 20 Jun 2007 13:19:03 EDT
Wireshark MOUNT Dissector Memory Exhaustion DoS - Mon, 17 Jul 2006 10:03:49 EDT
Wireshark MQ Dissector Format String Flaw - Mon, 17 Jul 2006 10:03:49 EDT
Wireshark XML Dissector Format String Flaw - Mon, 17 Jul 2006 10:03:49 EDT
Wireshark NCP Dissector Unspecified Off-by-one - Mon, 17 Jul 2006 10:03:49 EDT
Wireshark NMAS Dissector Unspecified Off-by-one - Mon, 17 Jul 2006 10:03:49 EDT
Wireshark NDPS Dissector Unspecified Off-by-one - Mon, 17 Jul 2006 10:03:49 EDT
Wireshark NTP Dissector Format String Overflow - Mon, 17 Jul 2006 10:03:49 EDT
Wireshark SSH Dissector Infinite Loop DoS - Mon, 17 Jul 2006 10:03:49 EDT
WordPress BlixKrieg Theme s Variable XSS - Wed, 18 Jul 2007 17:21:44 EDT
WordPress Blixed Theme index.php s Variable XSS - Wed, 18 Jul 2007 17:07:12 EDT
Microsoft Security
MS10-047 - Important: Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (981852)
MS10-048 - Important: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2160329)
MS10-049 - Critical: Vulnerabilities in SChannel could allow Remote Code Execution (980436)
MS10-050 - Important: Vulnerability in Windows Movie Maker Could Allow Remote Code Execution (981997)
MS10-051 - Critical: Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution (2079403)
MS10-052 - Critical: Vulnerability in Microsoft MPEG Layer-3 Codecs Could Allow Remote Code Execution (2115168)
MS10-053 - Critical: Cumulative Security Update for Internet Explorer (2183461)
MS10-054 - Critical: Vulnerabilities in SMB Server Could Allow Remote Code Execution (982214)
MS10-055 - Critical: Vulnerability in Cinepak Codec Could Allow Remote Code Execution (982665)
MS10-056 - Critical: Vulnerabilities in Microsoft Office Word Could Allow Remote Code Execution (2269638)
MS10-057 - Important: Vulnerability in Microsoft Office Excel Could Allow Remote Code Execution (2269707)
MS10-058 - Important: Vulnerabilities in TCP/IP Could Allow Elevation of Privilege (978886)
MS10-059 - Important: Vulnerabilities in the Tracing Feature for Services Could Allow Elevation of Privilege (982799)
MS10-060 - Critical: Vulnerabilities in the Microsoft .NET Common Language Runtime and in Microsoft Silverlight Could Allow Remote Code Execution (2265906)
MS10-046 - Critical: Vulnerability in Windows Shell Could Allow Remote Code Execution (2286198)
CNet Security
Twitter plans to record all links clicked
China requires cell phone subscriber IDs
Sweden reopens rape probe of Wikileaks founder
Quantum crypto cracked, researchers say
Cars: the next hacking frontier?
Gmail, Skype now in India's crosshairs
RIM sidesteps BlackBerry ban in India
3M to buy biometrics firm Cogent for $943 million
'LOL is this you?' spam spreading via Facebook chat
Google working on Gmail spam issue
RIM extends olive branch to Indian government
Bad flash drive caused worst U.S. military breach
Rustock botnet responsible for 39 percent of all spam
Be cautious of Internet access at airports
Apple Releases Security update 2010-005 for OS X 10.5 and 10.6
F-Secure Weblog
Twitter Spam and the OAuthcalypse
When do 258 tweets equal nearly half a million dollars?
Phishing Attempt Alert!
CPAlead Spam on YouTube
DLL Hijacking and Why Loading Libraries is Hard
Corporate Identity Theft Used to Obtain Code Signing Certificate
I May Never Text Again: More Facebook Spam
What's the success rate of Facebook spam?
Malware and Critical Infrastructure
PS3 Jailbreak Trojan
Once Again, Zeus
Android game isn't actually a game
Facebook Recommends Spam Profiles
"I possibly wont be back for a while..."
Two Steps Away from a Free iPad
Schneier on Security
Cyber-Offence is the New Cyber-Defense
Wanted: Skein Hardware Help
More Skein News
Eavesdropping on Smart Homes with Distributed Wireless Sensors
High School Teacher Assigns Movie-Plot Threat Contest Problem
Misidentification and the Court System
Security Theater on the Boston T
Friday Squid Blogging: Jewel of the Sea
Me at the EastWest Institute
Is the Whole Country an Airport Security Zone?
Detecting Deception in Conference Calls
Social Steganography
Skeletal Identification
Malware Contributory Cause of Air Crash
Friday Squid Blogging: Flying Squid
Kasperky Lab Weblog
It’s an Easter Spam Eggs-traviganza!
A new version of Sality at large
Malicious Javascript vs. card reader
Moscow bombings lead to Twitter malware 'bombings'
The TJX Hacker Black SEO Campaign
No honor among thieves – even in Germany
It takes only one 'nice' person
Active Koobface C&C servers hit a record high – 200+ and counting
Koobface C&C servers steadily dropping - new spike coming soon?
New Brazilian banking Trojans recycle old URL obfuscation tricks
Lock, stock and two smoking Trojans: bank robbery in the 21st century
Adobe yet again
When too much is not enough too much.
Patch Tuesday
Too many passwords?
Network World Fusion
DARPA launches insider threat detection effort for military
Discover to get $5M from Heartland for '08 data breach
Miami man pleads guilty in ID theft case
Botnet takedown may yield valuable data
Wikileaks servers move to nuclear bunker under Stockholm
Russian Trojan blamed for credit card losses at US diner
Check Point bolsters VMware security
Researchers slate 'month of bugs' launch for Wednesday
Microsoft still mum on programs prone to DLL hijacking attacks
Eight great virtual appliances for VMware, free for the downloading
Quantum key security 'blinded' by new attack
Security-as-a-servic e growing
Huge spamming botnet injured but still alive
Twitter API has new third party sign-on method
Networks blighted by poor configuration
SANS
SDF, please!, (Thu, Sep 2nd)
Month of Undisclosed 0-day Bugs, (Wed, Sep 1st)
VMWARE releases 2 security advisories for ESX Service Console: http://lists.vmware. com/pipermail/securi ty-announce/2010/000 103.html and http://lists.vmware. com/pipermail/securi ty-announce/2010/000 104.html, (Wed, Sep 1st)
Microsoft issues updates to sysinternals ProcDump and Process Monitor: http://blogs.technet .com/b/sysinternals/ archive/2010/08/30/u pdates-procdump-proc ess-monitor-and-a-ne w-mark-s-blog-post.a spx, (Wed, Sep 1st)
Interesting PHP injection, (Tue, Aug 31st)
New poll on mobile device security http://isc.sans.edu/ poll.html, (Mon, Aug 30th)
Apple QuickTime potential vulnerability/backdo or, (Mon, Aug 30th)
Wireshark 1.4.0 is now available http://www.wireshark .org/download.html, (Mon, Aug 30th)
Cisco IOS XR Software Border Gateway Protocol Vulnerability http://www.cisco.com /en/US/products/prod ucts_security_adviso ry09186a0080b4411f.s html, (Mon, Aug 30th)
DLL hijacking - what are you doing ?, (Sun, Aug 29th)
Abandoned free email accounts, (Sun, Aug 29th)
FTP Brute Password guessing attacks, (Fri, Aug 27th)
Adobe released security update for Shockwave player that fix several CVEs: APSB1020, (Wed, Aug 25th)
, (Wed, Aug 25th)
DLL hijacking vulnerabilities, (Mon, Aug 23rd)
2600
Off The Hook show for September 1, 2010
Off The Wall show for August 31, 2010
Off The Hook show for August 25, 2010
Off The Wall show for August 24, 2010
Off The Hook show for August 18, 2010
ONE LAST CHANCE TO SAVE THE HOTEL PENNSYLVANIA
Off The Wall show for August 17, 2010
Off The Hook show for August 11, 2010
Off The Wall show for August 10, 2010
NEXT HOPE VIDEOS AND AUDIO NOW AVAILABLE
Off The Hook show for August 4, 2010
Off The Wall show for August 3, 2010
Off The Hook show for July 28, 2010
Off The Wall show for July 27, 2010
AUDIO AND VIDEO FROM SELECTED HOPE TALKS NOW AVAILABLE
CNet Security Blog
Exclusive deals make 3D TV audience even smaller
Is Apple's iPod tune getting old?
Samsung: Galaxy Tab has leg up on Apple iPad
Steve Jobs on why no Facebook for Ping
HP ups 3Par bid to $33 a share
Walkman beats iPod in Japan, if only for a moment
Google and AOL renew their partnership
Two years on, Chrome reshapes browser market
A peek inside a new HP Netbook and ultrathin
Twitter plans to record all links clicked
How Apple's Ping dings Twitter, Facebook
Tab tweaks land in Chrome Canary
Apple teases third-party AirPlay support, but details are scarce
New Ford police utility vehicle targets tech (photos)
Apple iPod Touch, the best gets better
SecuriTeam
VMWare VMnc Codec HexTile Encoding Buffer Overflow Vulnerability
Mozilla Firefox Plugin Parameter EnsureCachedAttrPara mArrays Code Execution Vulnerability
Ipswitch Imail Server List Mailer Reply-To Address Code Execution Vulnerability
Ipswitch Imail Server Queuemgr Format String Code Execution Vulnerability
VMWare VMnc Codec HexTile Encoding Two Integer Truncation Vulnerabilities
Apple QuickTime H.263 Array Index Parsing Code Execution Vulnerability
TANDBERG Video Communication Server Authentication Bypass Vulnerability
TANDBERG Video Communication Server Static SSH Host Keys Vulnerability
VMware Products Movie Decoder Heap Overflow Vulnerability
HP OpenView NNM webappmon.exe execvp_nc Code Execution Vulnerability
HP OpenView Network Node Manager Execution of Arbitrary Code Vulnerability
Krb5 kadmind Denial Of Service vulnerability
Apple Mac OS X ImageIO Framework JPEG2000 Code Execution Vulnerability
TCPDF Library Code Execution Vulnerability
Mozilla Firefox nsTreeSelection EventListener Code Execution Vulnerability
Security Docs
Writing syslog messages to MySQL
54353
pass
SQL Injection Attack and Defense
Encryption Formula: In the True Light of Science
Writing syslog messages to MySQL
Configuration of IPS to improve Incident Response Time
Foundations of Cryptography
SQL Injection Attack and Defense
Encryption Formula: In the True Light of Science
Writing syslog messages to MySQL
Configuration of IPS to improve Incident Response Time
Foundations of Cryptography
SQL Injection Attack and Defense
Encryption Formula: In the True Light of Science
ZDNet - Security
China requires cell phone subscriber IDs
Sweden reopens rape probe of Wikileaks founder
Quantum crypto cracked, researchers say
Cars: The next hacking frontier?
Gmail, Skype now in India's crosshairs
RIM sidesteps BlackBerry ban in India
3M to buy biometrics firm Cogent for $943 million
'LOL is this you?' spam spreading via Facebook chat
RIM extends olive branch to Indian government
Bad flash drive caused worst U.S. military breach
Rustock botnet responsible for 39 percent of all spam
Be cautious of Internet access at airports
Apple Releases Security update 2010-005 for OS X 10.5 and 10.6
Windows DLL bug hits dozens of apps
'Freemium' antivirus firm Avast gets funding boost
Security Fix
Farewell 2009, and The Washington Post
Twitter.com hijacked by 'Iranian cyber army'
Hackers exploit Adobe Reader flaw via comic strip syndicate
Group IDs hotbeds of Conficker worm outbreaks
Hackers target unpatched Adobe Reader, Acrobat flaw
Check your Facebook 'privacy' settings now
Paper-based data breaches on the rise
Critical updates for Adobe Flash, Microsoft Windows
Security Fix author named 'cybercrime hero'
La. firm sues Capital One after losing thousands in online bank fraud
Phishers angling for Web site administrators
Apple issues security updates for Mac OS X
Bit.ly to scour shortened links for badness
Nastygram: CDC 'swine flu' vaccine scam
DC businessman loses thousands after clicking on wrong e-mail
eEye Advisories
VGX.DLL Compressed Content Heap Overflow Vulnerability
Windows Metafile AttemptWrite Heap Overflow
eEye Retina Wireless Scanner .RWS File Processing Memory Corruption
Multiple Vulnerabilities in CA ARCserve for Laptops and Desktops
BitDefender Online Scanner 8 Double Decode Heap Overflow
Multiple Vulnerabilities In .FLAC File Format and Various Media Applications
CA BrightStor ARCserve Backup Server Arbitrary Pointer Dereference
VGX.DLL Compressed Content Heap Overflow Vulnerability
Windows Metafile AttemptWrite Heap Overflow
eEye Retina Wireless Scanner .RWS File Processing Memory Corruption
Multiple Vulnerabilities in CA ARCserve for Laptops and Desktops
BitDefender Online Scanner 8 Double Decode Heap Overflow
Multiple Vulnerabilities In .FLAC File Format and Various Media Applications
CA BrightStor ARCserve Backup Server Arbitrary Pointer Dereference
VGX.DLL Compressed Content Heap Overflow Vulnerability
iDefense Vulnerabilities
Adobe Shockwave Player Memory Corruption Vulnerability
Microsoft Office RTF Parsing Engine Memory Corruption Vulnerability
Microsoft Word RTF File Parsing Heap Buffer Overflow Vulnerability
Citrix ICA Client ActiveX Memory Corruption Vulnerabillity
Multiple Vendor LibTIFF 3.9.2 Stack Buffer Overflow Vulnerability
Samba 3.3.12 Memory Corruption Vulnerability
Adobe Flash Player Use-After-Free Vulnerability
Adobe Flash Player Out of Bounds Memory Indexing Vulnerability
Multiple Vendor WebKit HTML Caption Use After Free Vulnerability
Abobe Shockwave Player Heap Memory Indexing Vulnerability
Multiple Vendor AgentX++ Integer Overflow Vulnerability
Multiple Vendor AgentX++ Stack Buffer Overflow Vulnerability
VMware VMnc Codec Heap Overflow Vulnerability
Oracle Java Runtime Environment Image FIle Buffer Overflow Vulnerability
Microsoft Internet Explorer 'onreadystatechange' Use After Free Vulnerability
MSRC Blog
Security Advisory 2028859 Released
May 2010 Security Bulletin Webcast
May 2010 Security Bulletin Release
Advance Notification for the May 2010 Security Bulletin Release
Update on MS10-016 for Microsoft Producer
Security Advisory 983438 Released
MS10-025 Re-Release Ready
Update on MS10-025
MS10-025 Security Update to be Re-released
Guidance on Internet Explorer XSS Filter
April 2010 Security Bulletin Release
New email address for Microsoft security email notifications
April 2010 Bulletin Release Advance Notification
New Twitter Account: @MSFTSecResponse
March Out-of-Band Security Bulletin Webcast
milw0rm
Winplot (.wp2 File) Local Buffer Overflow Exploit
cP Creator 2.7.1 (Cookie tickets) Remote SQL Injection Exploit
CMScontrol 7.x (index.php id_menu) SQL Injection Vulnerability
ProdLer
Loggix Project
WX Guest Book 1.1.208 (SQL/XSS) Multiple Remote Vulnerabilities
Snort < 2.8.5 Unified1 Output Denial of Service Exploit
Joomla com_jinc (newsid) Blind SQL Injection Vulnerability
Joomla com_mytube (user_id) Blind SQL Injection Exploit
BigAnt Server
Joomla com_surveymanager (stype) SQL Injection Vulnerability
DDL CMS 1.0 Multiple Remote File Inclusion Vulnerabilities
Joomla com_jbudgetsmagic (bid) Remote SQL Injection Vulnerability
FSphp 0.2.1 Multiple Remote File Inclusion Vulnerabilities
Zainu (album_id) Remote SQL Injection Vulnerability
Infoworld - Zero Day
Taking down teen hackers
Crimeware-as-a-servi ce taking off
Start-up wins NSF grant, pitches new AV
Exploring the data security quandary
Outlook bleak for Phishing defeat
Core finds new CEO
Conference seeks to bridge risk, research
Clarke sharply criticizes Bush cyber-security plans
Research: IT security maturing, but misaligned
Tips on employee monitoring
Most sites still hack-able
Web attacks won't stop
Badware not pushing users offline
Researchers uncover 100 VoIP vulnerabilities
Innovation, regulation and research on tap at RSA 2008
Security Reason
libopie __readrec() off-by one (FreeBSD ftpd remote PoC)
Sun Solaris 10 Multiple Vulnerabilities
MacOS X 10.6.3 filesystem hfs Denial of Service Vulnerabilitys
Security Notes for MacOS X, Matlab, and J.
PHP 5.2.12 Released... unpatched
New Security Notes for: Thunderbird, Camino, Sunbird and Flock
New security notes for KDE, Opera, SeaMonkey and K-Meleon
Multiple BSD printf(1) and multiple dtoa/*printf(3) vulnerabilities
False Security Advisory from Mozilla
New vulnerabilities in libc:fts*(3)
libc:fts_*():multipl e vendors, Denial-of-service
PHP 5.2.9 safe_mode and open_basedir bypass
Multiple Vendors libc/gdtoa printf(3) Array Overrun
New vulnerabilities in PHP 5.3.0 / 5.2.10
glibc holes for years
Out Law
OECD gives companies anti-bribery advice
EU ministers back revival of old IP enforcement law
Rescuecom drops AdWords suit
ASA to take over Facebook, Twitter regulation
Ofcom wades into UK 'Net Neutrality' row
Why it's hard to buy eyewear online: E-tailer complains to OFT
Superfast broadband would hit 70% coverage with no funding, says Government
YouTube adds captions for all videos to improve accessibility
YouTube threatened by changes to Digital Economy Bill
Contractual interest on damages does contribute to capped sum, rules High Court
Government slashes libel success fees
EU consults on universal broadband obligation
Germany's data retention law ruled unconstitutional over privacy concerns
ACTA will not undermine individuals' rights, says EU Commission
Google convictions reveal two flaws in EU law, not just Italian law
Heise Security
MOD scatters laptops like confetti
Vista's Integrity Levels, Part 1
Vista's Integrity Levels, Part 2
WDM Driver Test
Fuzzy ways of finding flaws
The year 2008 in a review through the crystal ball
Basic security for PHP software
Antivirus software as a malware gateway
Manipulated ATMs
Logging onto Windows networks without a password
Structure of the "Russian Business Network"
The HMRC data loss - the real implications
A second look at the Mac OS X Leopard firewall
Secure programming
Modern Hydra - the new tricks of spammers and phishers
HP Security Bloggers
Mass web attack comprimises thousands of sites via SQL Injection
Top Five Web Application Vulnerabilities 05/24/10 - 06/06/10
Lack of national data breach standards places burden on small businesses
Psychology of "Secure Code"
Top Five Web Application Vulnerabilities 5/10/10 - 5/23/10
HP’s updated Application Security Software takes aim at vulnerabilities
Top Five Web Application Vulnerabilities 4/27/10 - 5/9/10
Web application security still misunderstood
Source: Boston Talk
The Lesser of Two Weevils
Episode 30 - "But wait! there's more!"
Episode 29 - "Grade A+ Broken"
ASP.NET Cross-Site Scripting Followup: Mono
Episode 28 - "Making Your Vote Count (a lot)"
Episode 27 - "How to DoS an Airplane"
Light Blue Touchpaper
Capsicum: practical capabilities for UNIX
Passwords in the wild, part IV: the future
Passwords in the wild, part III: password standards for the Web
Passwords in the wild, part II: failures in the market
Passwords in the wild, part I: the gap between theory and implementation
Who controls the off switch?
Security and Human Behaviour 2010
Database state – latest!
Workshop on the economics of information security 2010
A very rapid betrayal
Digital Activism Decoded: The New Mechanics of Change
An old scam still works
IEEE best paper award
Erasing David
PINs and the burden on customers
ZDNet - Zero Day
RealPlayer haunted by 'critical' security holes
Microsoft ships 'Fix-It' for DLL load hijacking attack vector
Malware hosted on Google Code project site
Apple patches 13 Mac OS X vulnerabilities
Critical security holes in Adobe Shockwave
Verizon DBIR challenge clue #4
Details emerge on new DLL load hijacking Windows attack vector
ATM makers patch Black Hat cash-dispensing flaw
A Special Offer From Our Sponsor
Google pays $10,000 to fix 10 high-risk Chrome flaws
Adobe ships critical PDF Reader patch
HD Moore: Critical bug in 40 different Windows apps
DDoS extortion-themed scam circulating
Verizon DBIR challenge clue #3
Researchers use smudge attack, identify Android passcodes 68 percent of the time
Secure Works
News: Major Disruption of Pushdo Botnet Wasn't The Original Goal (Dark Reading)
News: BlackHat's "JackPot" Of Bank Tech Scams (Bank Technology News)
News: Managed Security Service Providers: Cloudy Future (MSP Mentor)
News: Dell Teams With Juniper, SecureWorks for SMB Security Solution (IT Channel Planet)
News: Hacker's extradition for cyber heist: sign US is gaining in cyber crime fight ( The Christian Science Monitor)
Announcement: SecureWorks Cited as a Leader in Managed Security Services by Independent Research Firm
News: Summer holiday security checklist (Help Net Security)
Threat Analysis: Big Boss Check Counterfeiting Ring
Announcement: SecureWorks Cited as a Leader in Managed Security Services by Independent Research Firm
News: Tips For IT Administrators To Maintain Security During Summer Holidays (Pro Security Zone)
News: Banks seek customers' help to stop online thieves (USA Today)
News: Researchers uncover Cisco firewall vulnerabilites, McAfee console flaws (SearchSecurity.com)
News: Massive Check Fraud Operation Run by Hackers Revealed at Black Hat (eWeek.com)
News: Internet crooks craft creative counterfeiting scam (Associated Press)
News: Wikileaks case puts focus on digital security challenges (Agency France Press)
Prevx
x64 TDL3 rootkit - follow up
TDL3 rootkit x64 goes in the wild
An old-new 0day Windows flaw on the horizon?
Isolated first worm using LNK vulnerability
0-day flaw discovered in Microsoft Windows
Take care of your PC with a limited account
SpyEye steals your data. Even in a limited account
Anti-malware software is not all that useless
The Browser Security Taxonomy Analysis Roll Call
Browser Security Bake Off Challenge
Lifelock, the FTC decision could have massive impact on the security industry
Has the MBR rootkit disappeared? Not really
BSOD after MS10-015? TDL3 authors "apologize"
Windows Black Screen recap
Windows Black Screen Root Cause
XSSed
Just another persistent Twitter XSS
YouTube persistent XSS vulnerability
Persistent XSS vulnerability affecting Twitter promptly corrected
National Security Agency (NSA) SSL web page XSSed
Norton Update Center critical XSS vulnerability
BP website again defaced via XSS to protest against oil spill
F-Secure.com vulnerable to cross-site scripting
Is IronPort.com capable of delivering exploits through cross-site scripting?
BP.com defaced with XSS to show Gulf of Mexico oil spill protesters
Critical Ask.com frame redirect and XSS security issues
New critical XSS vulnerabilities reported for Skype and Vodafone web sites
New HSBC and Barclays bank XSS and open redirect bugs
Vodafone.com XSS helps you trace unregistered "Pay As You Go" subscribers
Skype.com SSL powered support page vulnerable to XSS
A note regarding future updates on XSSed
SANS Computer Forensics
New York-Computer Forensic Essentials 408
New York-Reverse-Enginee ring Malware – Forensics 610
Toronto – Network Forensics 558
Why Teaching Matters – A Letter About FORENSICS 508 – Computer Forensic Investigations and Incident Response
Digital Forensics Case Leads: An OS X based Live CD, a Free Forensics App for Windows, Spying, and High Performance Password Cracking
Intro to Report Writing for Digital Forensics
SANS Institute Fall Events 2010
Computer Forensics: Armor For Your Feet
Digital Forensics Case Leads: Intel to Buy McAfee
Getting Started in Digital Forensics: Do You Have What It Takes?
Digital Forensics Reporting: CaseNotes Walkthrough/Review
Benefits of using multiple timestamps during timeline analysis in digital forensics
Digital Forensics: Introducing ForensicArtifacts.co m
Computer Forensics: Using Evidence Cleaners to Find Artifacts
Digital Forensics Case Leads: Does Forensicator Pro include a Hex Editor? and other tool tales
ZDNet Zero Day
'Extremely severe' flaw in Opera web browser
Serious XSS flaw haunts Microsoft SharePoint
How to remove the ICPP Copyright Violation Alert ransomware
1.5 million Facebook accounts offered for sale - FAQ
'Google even knows what you're thinking'
Microsoft admits MS10-025 patch didn't fix vulnerability
Attack of the Opt-In Botnets
Hundreds of high profile sites unprotected from domain hijacking
Report: ZeuS crimeware kit, malicious PDFs drive growth of cybercrime
Attackers hit Google single sign-on password system
Microsoft to fix security hiccups in IE 8 XSS filter
Researchers hack into Palm WebOS with text messages
Security gone awry: IE 8 XSS filter exposes sites to XSS attacks
Embedded PDF executable hack goes live in Zeus malware attacks
New Mac OS X malware variant spotted
[On your next visit to this page only news items you have not viewed will be displayed - cookies required]
Last Updated: Thursday, 2nd September 2010 @ 19:00:09