Thursday, February 12, 2009

Around The Horn vol.1,39

Alerts

5:19 PM (4 hours ago)
Apple Security Updates, (Thu, Feb 12th)

from SANS Internet Storm Center, InfoCON: green
Apple today released a number of security updates: 1 - Safari for Windows. This update will bring ...(more)...

Security News

5:54 PM (3 hours ago)
Security assessment of the Transmission Control Protocol (TCP)

from CGISecurity - Website and Application Security News by Robert A.
The following email was sent to Full Disclosure today. I haven't had a chance to read this monster 140 document yet but it sure sounds interesting."The TCP/IP protocol suite was conceived in an environment that was quitedifferent from the hostile environment they currently operate in.However, the effectiveness of the protocols led...

4:10 PM (5 hours ago)
F-Secure Hacked Via XSS, SQL injection

from CGISecurity - Website and Application Security News by Robert A.
"A Romanian hacker site said on Wednesday it was able to breach the website of Helsinki-based security firm F-Secure just as it had gained access to the sites of two other security companies earlier in the week. F-Secure is "vulnerable to SQL Injection plus Cross Site Scripting," an entry on the...

8:57 PM (33 minutes ago)
Kaiser Permanente breach leads to ID theft

from The Register - Security
Workers notified after police cuff suspect
Kaiser Permanente has admitted a breach of its employee records systems has resulted in incidents of identity theft.…

8:57 PM (33 minutes ago)
Apple update plugs over two dozen security vulns

from The Register - Security
Beefs OS X, Java, Safari for Windows
Apple has released a set of security updates that plug over two dozen holes in Mac OS X - including the Safari RSS vuln discovered last month - plus a vuln apiece in Java for Mac OS X 10.5, 10.4, and Safari for Windows.…

3:57 PM (5 hours ago)
Heartland data breach hit 160 banks (and rising)

from The Register - Security
How deep does the rabbit hole go?
More than 160 banks have been affected by the information security breach at US payment processor Heartland Security.…

3:57 PM (5 hours ago)
IBM, HP, and EMC call for encryption key juggler standard

from The Register - Security
Push unified protocol though open standards org
Any key management platform will be able to communicate across all of a company's encryption systems - if IBM, Hewlett-Packard, Thales, and EMC have their way.…

3:57 PM (5 hours ago)
MS puts up $250K bounty for Conficker author

from The Register - Security
Zombie masterminds wanted undead or alive
Microsoft is offering a $250,000 reward for information that leads to the arrest and conviction of the virus writers behind the infamous Conficker (Downadup) worm.…

11:38 AM (9 hours ago)
Scareware scammers Rickroll Digg

from The Register - Security
Bot comment blitz intensifies
Digg.com has become the latest Web 2.0 service to be abused by hackers in order to punt malware.…

9:38 AM (11 hours ago)
Win 7 and smartphones targeted in Pwn2own challenge

from The Register - Security
Hacker security shootout shindig
An annual hacking challenge has put the security of browsers and smartphones in the firing line.…

Feb 11, 2009 (23 hours ago)
New Windows virus attacks PHP, HTML, and ASP scripts

from The Register - Security
Virut gets around
Researchers have identified a new strain of malware that can spread rapidly from machine to machine using a variety of infection techniques, including the poisoning of webservers, which then go on to contaminate visitors.…

4:29 PM (5 hours ago)
IT, security funds find place in stimulus package

from Network World on Security by Jaikumar Vijayan
The massive economic stimulus package that is working through Congress includes hundreds of millions of dollars for various IT and physical security projects, including $448 million for a new headquarters for the U.S. Department of Homeland Security .

4:29 PM (5 hours ago)
HP, IBM push new OASIS encryption key standard

from Network World on Security by Robert McMillan
A group of industry vendors, led by IBM, Hewlett-Packard and EMC, is proposing a new standard to make their encryption management software work together.

4:29 PM (5 hours ago)
Microsoft puts $250,000 bounty on Conficker worm

from Network World on Security by Robert McMillan
Microsoft is trying to put some pressure on the criminals responsible for the worst Internet worm outbreak in years, offering a US$250,000 reward for information leading to the arrest and conviction of Conficker's creators.

4:29 PM (5 hours ago)
StillSecure on the fence about hosted NAC

from Network World on Security by Tim Greene
When StillSecure announced this week it will offer services as well as security gear, it was still on the fence about whether to include hosted NAC.

4:29 PM (5 hours ago)
NSA identifies top 25 programming errors

from Network World on Security by M. E. Kabay
The National Security Agency, working with MITRE Corp., SANS, and dozens of industry experts from many other organizations, has published a valuable list of the top 25 most dangerous programming errors.

4:29 PM (5 hours ago)
Los Alamos National Lab missing 67 computers

from Network World on Security by Jaikumar Vijayan
New Mexico-based Los Alamos National Laboratory (LANL) , the nation's leading nuclear weapons lab, once again finds itself the focus of concerns about potentially serious cybersecurity lapses.

7:40 PM (2 hours ago)
ID Theft: Yes, It Is the Hackers

from Wired Top Stories by Kevin Poulsen
A new report claims that lost or stolen wallets are responsible for most identity theft, and slams the media for blaming data breaches and other hack attacks. But the fine print in the report tells another story.

8:17 PM (1 hour ago)
Conficker Worm Draws a Counter-Attack

from PC World Latest Technology News
Microsoft, Symantec and others announce a heavy-hitter team to fight the Conficker worm, with a $250,000 reward..

6:16 PM (3 hours ago)
Apple Releases Security, Java Updates

from PC World Latest Technology News
Apple on Thursday released the first security update of 2009, the aptly named Security Update 2009-001. The update, which is...

6:16 PM (3 hours ago)
Twitter Clickjacking Attack Causes Post-Awards Annoyance

from PC World Latest Technology News
Just as Twitter Nation celebrates its first official Shorty Awards, so called Twitter clickjacking attacks are crashing the party.

6:16 PM (3 hours ago)
Enterprise, Orgs Unite to Stanch Downadup Worm

from PC World Latest Technology News
Task force is attempting to stop worm that is infecting nearly 2.2 million machines each day.
4:09 PM (5 hours ago)
Microsoft Puts $250,000 Bounty on Conficker Worm

from PC World Latest Technology News
Microsoft is offering a $250,000 reward for information leading to the conviction of the Conficker worm's author.

4:09 PM (5 hours ago)
Web Site: Number of Banks Affected by Heartland Breach Grows

from PC World Latest Technology News
The number of financial institutions that have said they were affected by the data breach disclosed last month by Heartland Payment Systems is growing.

12:16 PM (9 hours ago)
Hacker Challenge Takes Aim at Browsers, Smartphones

from PC World Latest Technology News
The hacking contest that has grabbed headlines two years running will take aim next month at browsers and smartphones...

10:16 AM (11 hours ago)
HP, IBM Push New OASIS Encryption Key Standard

from PC World Latest Technology News
HP and IBM are promoting a new encryption key management standard called KMIP.

No comments:

Post a Comment

My Blog List