Alerts
-- No new Security Alerts this morning.
Security News
7:05 PM (11 hours ago)
Single drive wipe protects data, research finds
from CGISecurity - Website and Application Security News by Robert
An article at securityfocus claims a single drive wipe is enough to prevent electron microscopes from recovering drive data."A computer forensics specialist has a message for security-minded computer users: A single wipe will make drives impossible to read. In research published on Thursday, auditor Craig Wright tested the ability of a...
Jan 19, 2009 (14 hours ago)
Safari RSS Reader Vulnerability
from CGISecurity - Website and Application Security News by Robert
In 2006 I gave a talk at blackhat on the risks of RSS vulnerabilities. It appears Safari has a flaw in its RSS reader as outlined by Brian Mastenbrook."The original version of this page contained a simple workaround for this issue which I believed would protect users against this problem. I...
Jan 19, 2009 (20 hours ago)
Shrinking Patch Timelines – The Need For HIPS
from McAfee Avert Labs by Vinoo Thomas
Over the years, the window between exploit discovery to its incorporation into a worm candidate has shrunk from months, to weeks, to zero-day. This leaves administrators with very little time to schedule and deploy patches to all servers and workstations on their network. Virus authors, on the other hand, have been at the cutting edge for including exploit code in their creations whenever a critical vulnerability is reported. The chart below shows the time frame between a vulnerability being reported and how long it took for virus authors to incorporate it into a worm candidate.
6:20 AM (8 minutes ago)
MoD networks still malware-plagued after two weeks
from The Register - Security
Officials: But all our base email are belong to us
Ongoing malware problems at the Ministry of Defence have left some officials and service personnel still without desktop computing, a fortnight after infections began. However, the MoD insists that media reports of its email being sent to Russia are untrue.…
Jan 19, 2009 (13 hours ago)
Three in 10 Windows PCs still vulnerable to Conficker exploit
from The Register - Security
Worm food
Three in ten systems remained unpatched against the exploit fueling the spread of the infamous Conficker worm, according to security tools firm Qualys.…
Jan 19, 2009 (20 hours ago)
Security boffins attempt to freeze out cold boot crypto attack
from The Register - Security
Cache from chaos
Security researchers have developed prototype countermeasures to defend against the recently developed cold boot crypto attack.…
Jan 19, 2009 (22 hours ago)
'Obama quits' spam recruits zombie drones
from The Register - Security
President-Elect heading for office, not Pacific island
Scammers are capitalising on worldwide interest about Barack Obama's inauguration via a spam email campaign that claims the Illinois senator turned prez44 plans to turn down the office he fought so long to obtain.…
6:20 AM (8 minutes ago)
McKinnon's lawyers hope UK prosecution will derail extradition
from The Register - Security
Will change of administration mean change of venue?
Pentagon hacker Gary McKinnon has secured a potential lifeline in his long-running fight against extradition to the US on hacking charges.…
Jan 19, 2009 (16 hours ago)
Fake sites spreading malware claim Obama won't take oath
from Network World on Security
Sites claiming President-Elect Barack Obama will refuse to take the oath of office Tuesday...
9:44 PM (8 hours ago)
Acunetix Web Vulnerability Scanner 6 Review
from Darknet - The Darkside by Darknet
As you might know if you’ve been reading for some time, I do occasionally review commercial software if it’s interesting and relevant - the last one I remember doing was back in 2007 “Outpost Security Suite PRO Review“. This time it’s for a much more relevant piece of software IMHO, and one which I actually like [...]Read the full post at darknet.org.uk
Jan 19, 2009 (17 hours ago)
Conficker (AKA Downadup or Kido) Infections Skyrocket To An Estimate 9 Million
from Darknet - The Darkside by Darknet
There hasn’t been a viral outbreak of this scale for quite some time, Conficker or Downadup as it’s known was only fairly recently discovered (Oct 2008) and has already infected an estimated 9 million machines! It’s spreading fast though and it auto-updates itself via downloads from random domains making it almost impossible to...Read the full post at darknet.org.uk
9:38 PM (8 hours ago)
DOE report paints bleak picture of our electric future
from Ars Technica by jtimmer@arstechnica.com (John Timmer)
The US Department of Energy has snuck out a report on the future of the US electric grid, one that describes a huge series of challenges that we'll face just to keep the power flowing in the coming decades.
Read More...
7:02 PM (11 hours ago)
DC's CTO prepares for data onslaught on inauguration eve
from Ars Technica by julian.sanchez@arstechnica.com (Julian Sanchez)
Techies in government at CES mull how to protect critical infrastructure—and how DC will deal with the hordes of cell-toting tourists flooding the town for this week's inauguration.
Read More...
Jan 19, 2009 (14 hours ago)
Watch the 2009 Presidential Inauguration without a TV
from Ars Technica by jacqui@arstechnica.com (Jacqui Cheng)
Do you want to watch President-elect Obama's inauguration tomorrow, but don't want to be tied to your TV set? Neither do we. That's why we found a few resources that will let you follow the goings on online and via your mobile phone.
Read More...
Jan 19, 2009 (16 hours ago)
New malware scam claims Obama to resign. Hint: It's not true
from Ars Technica by jhruska@arstechnica.com (Joel Hruska)
Spammers have been taking advantage of President-elect Obama's imminent election over the past few days, but they aren't capitalizing on the excitement surrounding his election. Instead, the authors are spreading rumors that Obama has quit altogether.
Read More...
Jan 19, 2009 (22 hours ago)
Building desktop Linux applications with JavaScript
from Ars Technica by segphault@arstechnica.com (Ryan Paul)
Ars takes a close look at Seed, a new framework that allows software developers to build GTK+ applications with JavaScript. The popular web scripting language could soon become the dominant application extension language on the Linux desktop.
Read More...
1:06 AM (5 hours ago)
Citrix Plans 'bare Metal' Desktop Hypervisor
from PC World Latest Technology News
Citrix Systems is working with Intel to deliver a "bare metal" hypervisor for client PCs, which proponents say could broaden...
Jan 19, 2009 (12 hours ago)
Feds to Shore Up Net Security
from PC World Latest Technology News
In an effort to prevent routing hijack attacks, the U.S. government is ramping up its move to secure the Internet's routing system
12:51 AM (5 hours ago)
Smartphone Security Measures
from PC Magazine Tips and Solutions
Even the simplest cell phones carry enough data to be dangerous in the wrong hands.
-- Aurora Report says time to go work out, extra content courtesy of extra probing due to lack of alerts.
Subscribe to:
Post Comments (Atom)
My Blog List
-
-
Amazon security boss blames Russia's GRU for years-long energy-sector hacks - 'Sustained focus on Western critical infrastructure' Russia's Main Intelligence Directorate (GRU) is behind a years-long campaign targeting energy, teleco...7 hours ago
-
Microsoft Patch Tuesday, December 2025 Edition - Microsoft today pushed updates to fix at least 56 security flaws in its Windows operating systems and supported software. This final Patch Tuesday of 2025 ...6 days ago
-
We have achieved FreeBSD 15.0-REL with KDE Plasma - Houston, we have installed #FreeBSD 15.0-REL with KDE Plasma 6.4.5 on a Lenovo ThinkPad X1 Carbon Gen 6 laptop. I have come full circle. I used to dail...
2 weeks ago -
Systemic Ransomware Events in 2025 – How Jaguar Land Rover Showed What a Category 3 Supply Chain Breach Looks Like - Systemic ransomware events in 2025, how Jaguar Land Rover’s shutdown exposed Category 3 supply chain risk, with lessons from Toyota, Nissan and Ferrari.2 weeks ago
-
Today's NYT Mini Crossword Answers for Tuesday, Oct. 7 - Here are the answers for The New York Times Mini Crossword for Oct. 7.
2 months ago -
Today's NYT Mini Crossword Answers for Tuesday, Oct. 7 - Here are the answers for The New York Times Mini Crossword for Oct. 7.
2 months ago
-
Announcing SecTemplates.com release #6: Security Partner Program Pack v1 - I have built several security partner programs at companies such as Box Inc. and Coinbase, with over 8 years of experience leading them. I have consistentl...6 months ago
-
Anybody knows that this URL is about? Maybe Balena API request?, (Wed, Feb 7th) - Yesterday, I noticed a new URL in our honeypots: /v5/device/heartbeat. But I have no idea what this URL may be associated with. Based on some googleing, I ...1 year ago
-
Comic for March 12, 2023 - Dilbert readers - Please visit Dilbert.com to read this feature. Due to changes with our feeds, we are now making this RSS feed a link to Dilbert.com.2 years ago
-
87% of Container Images in Production Have Critical or High-Severity Vulnerabilities - At the inaugural CloudNativeSecurityCon, DevSecOps practitioners discussed how to shore up the software supply chain.2 years ago
-
Vulnerability Summary for the Week of November 29, 2021 - Original release date: December 6, 2021 High Vulnerabilities Primary Vendor -- Product Description Published CVSS Score Source & Patch Info abb -- rtu50...4 years ago
-
AA21-336A: APT Actors Exploiting CVE-2021-44077 in Zoho ManageEngine ServiceDesk Plus - Original release date: December 2, 2021 Summary *This joint Cybersecurity Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (AT...4 years ago
-
Ransomware: Why one city chose to the pay the ransom after falling victim - Posted by InfoSec News on Aug 12 https://www.zdnet.com/article/ransomware-why-one-city-chose-to-the-pay-the-ransom-after-falling-victim/ By Danny Palmer Z...5 years ago
-
What the newly released Checkra1n jailbreak means for iDevice security - There are reasons to embrace it. There are reasons to be wary of it. Here's the breakdown.6 years ago
-
Privacy and Mobile Device Apps - Original release date: July 9, 2019 | Last revised: November 15, 2019 What are the risks associated with mobile device apps? Applications (apps) on your sm...6 years ago
-
44CON 2018 - 12th-14th September, London (UK) - Posted by Steve on Feb 28 44CON 2018 is the UK's best annual Security Conference and Training event. The conference spans 2.5 days with training on the 1...7 years ago
-
Cryptopp Crypto++ 5.6.4 octets Remote Code Execution Vulnerability - Crypto++ (aka cryptopp and libcrypto++) 5.6.4 contained a bug in its ASN.1 BER decoding routine. The library will allocate a memory block based on the leng...8 years ago
-
V2V Communications security considerations - The future of vehicles, road infrastructure and driving are changing. We are progressing with vehicle-to-vehicle (V2V) and vehicle-to-infrastructure (V2I) ...8 years ago
-
vTech – ignorance is no defence (and neither are weasel words) - This morning, Troy Hunt published a blog post alerting to a recent change in the Terms & Conditions published by children’s toy manufacturer vTech. The cha...9 years ago
-
DOJ probing claims U.S. drug agency 'collaborated' with NSA on intelligence - The U.S. Justice Dept. said it was "looking into the issues" raised by an Reuters story, that one of its law enforcement agencies collaborated with the NSA...12 years ago
-
-
-
-
-
-
-
-
-
Posts
No comments:
Post a Comment