Alerts8:58 PM (9 hours ago)
How to Suck at Information Security, (Fri, Jan 9th)
from
SANS Internet Storm Center, InfoCON: greenThe following list presents common information security mistakes and misconceptions, so you can avoi ...(more)...
7:55 PM (10 hours ago)
BIND OpenSSL follow-up, (Thu, Jan 8th)
from
SANS Internet Storm Center, InfoCON: greenAs a follow-up to the story from yesterday on the BIND DNS server updates (as a result of the OpenSS ...(more)...
Security NewsJan 8, 2009 (16 hours ago)
Microsoft Security Bulletin Advance Notification for January 2009
from
Microsoft Security Content: Comprehensive EditionRevision Note: Advance Notification publishedSummary: This advance notification lists security bulletins to be released for January 2009.
Jan 8, 2009 (16 hours ago)
TJX Maxx hacker sentenced to 30 years
from
CGISecurity - Website and Application Security News by Robert
We've previously covered the TJX compromise. It appears one of the attackers involved is going to prison."Maksym Yastremskiy, the Ukrainian accused of being a key figure in the infamous TJX Maxx Wi-Fi hack of 2005, has been sentenced to 30-years in prison by a Turkish court. Yastremskiy - or 'Maksik' as...
8:11 PM (10 hours ago)
VeriSign remedies massive SSL blunder (kinda, sorta)
from
The Register - SecurityRolling the dice with the internet's future
Analysis After being publicly outed issuing web credentials that were vulnerable to attacks that could allow criminals to spoof the encryption certificates of any website on the internet, VeriSign has issued assurances it has neutralized any real-world threat.…
Jan 8, 2009 (13 hours ago)
Hackers, insiders blamed for US data breach growth
from
The Register - SecurityTaking a leak
US organisations lost even more sensitive data in a greater number of information security screw-ups last year, according to a new survey.…
Jan 8, 2009 (15 hours ago)
Major League Baseball pitches visitors foul ads
from
The Register - SecurityWebsite admins go AWOL
Once again, Major League Baseball's website has been caught serving ads designed to infect its considerable base of visitors with malware that trashes their machines.…
Jan 8, 2009 (16 hours ago)
Carder linked to TJX hack jailed for 30 years by Turkish court
from
The Register - SecurityUkrainian boards Midnight Express
A Ukrainian fraudster linked to the infamous TJX hack was sentenced to a 30 year prison sentence in Turkey on unrelated charges this week.…
Jan 8, 2009 (19 hours ago)
Virus peddlers set up shop on Google code project
from
The Register - SecuritySkin-flick codec scams follow MSN Spaces abuse
Internet scoundrels have begun abusing Google code hosting projects to distribute malware and promote smut. The assault follows a bout of the same kind of abuse against Microsoft's comparable MSN Spaces beta site dating back a year, net security firm McAfee reports.…
Jan 8, 2009 (20 hours ago)
HMRC warns over tax email scams
from
The Register - SecurityDeath and taxes and crime
The Treasury has taken the unusual step of warning UK taxpayers of a phishing scam doing the rounds, which looks to ensnare frantic last-minute tax return filers.…
Jan 8, 2009 (22 hours ago)
Take a hammer to your hard drive, shrieks Which?
from
The Register - SecurityWiping-tech confidence collapse insanity
Which? Computing has lost faith in wiping technology and advised punters to take a hammer to hard discs they intend to get rid of. Reg readers and experts have slammed the advice as misguided and irresponsible.…
Jan 8, 2009 (17 hours ago)
TJX Maxx hacker banged up for 30 years
from
Network World on SecurityMaksym Yastremskiy, the Ukrainian accused of being a key figure in the infamous TJX Maxx Wi-Fi hack of 2005, has been sentenced to 30-years in prison by a Turkish court.
Jan 8, 2009 (17 hours ago)
Destroy discarded hard drives, warn researchers
from
Network World on SecurityHere's the next essential item in a sysadmin's equipment - a hammer. Too many PCs are still dumped with confidential data intact according to Which? Computing, information that would be very tempting to identity thieves.
4:57 AM (1 hour ago)
E-mail snafu exposes names of confidential witnesses
from
Network World on SecurityFrom the how-not-to-keep-a-secret department comes the tale of an official at U.S Attorney Patrick Fitzgerald's office in Chicago who inadvertently e-mailed a document containing the names of more than 20 confidential witnesses in a federal probe to the media.
4:57 AM (1 hour ago)
Fake CNN malware attack spins Gaza angle
from
Network World on SecurityHackers have launched a large-scale spam attack masquerading as CNN.com news notifications about the Israeli invasion of Gaza, security researchers said Thursday, in a repeat of a massive campaign last summer that also posed as CNN alerts.
4:57 AM (1 hour ago)
The 5 Most Dangerous Security Myths: Myth #4
from
Network World on SecurityIt's a beloved phrase, used by the wise and the lazy alike in response to everything from potential construction to technical work: "If it ain't broke, don't fix it."
4:57 AM (1 hour ago)
The 5 Most Dangerous Security Myths: Myth #5
from
Network World on SecurityYou've cleared away most of the web of myth. You know that today's evil viruses and other malware exist to make money, that antivirus alone is no guarantee of safety, and that neither is your own good sense (as important as that is). And you know that some of the best protection comes from keeping your software and your operating system up-to-date.
4:57 AM (1 hour ago)
Microsoft slates single Windows patch for Tuesday
from
Network World on SecurityMicrosoft Thursday said it will issue just one security update next week, down dramatically from last month's record-setting eight updates that patched 28 vulnerabilities.
4:57 AM (1 hour ago)
Microsoft to kick off 2009 with single security fix
from
Network World on Security by Robert McMillan
After being forced to rush out an emergency patch for its Internet Explorer browser last month, Microsoft plans to release just one security update in its first patch release of 2009.
Jan 8, 2009 (17 hours ago)
Verizon service steps up analysis of security risks
from
Network World on Security by Ellen Messmer
Managed security services from Verizon Business get stronger risk-correlation capabilities
Jan 8, 2009 (19 hours ago)
Time and Attack Mapper AKA TA-Mapper - Time/Effort Estimator Tool For Blackbox Security Assessment
from
Darknet - The Darkside by Darknet
Time and Attack Mapper (alternatively known as TA-Mapper) is an effort estimator tool for blackbox security assessment (or Penetration Testing) of applications. This tool provides more accurate estimation when compared to rough estimation. Penetration testers who always has hard time explaining/justifying the efforts charged (or quoted) to their...Read the full post at darknet.org.uk
6:04 AM (16 minutes ago)
Cisco Vulnerability Given ‘Write Once, Run Anywhere’ Treatement
from
Darknet - The Darkside by Darknet
This is an interesting development in router security, Cisco bugs have been popping up now and then - not that often - but usually when they do they are quite serious. The problem with them was you needed so many variations unless you were just targeting one specific router, with that specific version of IOS and [...]Read the full post at darknet.org.uk
Jan 8, 2009 (18 hours ago)
Brief: Top cops urge greater focus on cybersecurity
from
SecurityFocus NewsTop cops urge greater focus on cybersecurity
-- Aurora Report says and that wraps up the week.
Posts
No comments:
Post a Comment