Alerts
5:19 PM (4 hours ago)
Apple Security Updates, (Thu, Feb 12th)
from SANS Internet Storm Center, InfoCON: green
Apple today released a number of security updates: 1 - Safari for Windows. This update will bring ...(more)...
Security News
5:54 PM (3 hours ago)
Security assessment of the Transmission Control Protocol (TCP)
from CGISecurity - Website and Application Security News by Robert A.
The following email was sent to Full Disclosure today. I haven't had a chance to read this monster 140 document yet but it sure sounds interesting."The TCP/IP protocol suite was conceived in an environment that was quitedifferent from the hostile environment they currently operate in.However, the effectiveness of the protocols led...
4:10 PM (5 hours ago)
F-Secure Hacked Via XSS, SQL injection
from CGISecurity - Website and Application Security News by Robert A.
"A Romanian hacker site said on Wednesday it was able to breach the website of Helsinki-based security firm F-Secure just as it had gained access to the sites of two other security companies earlier in the week. F-Secure is "vulnerable to SQL Injection plus Cross Site Scripting," an entry on the...
8:57 PM (33 minutes ago)
Kaiser Permanente breach leads to ID theft
from The Register - Security
Workers notified after police cuff suspect
Kaiser Permanente has admitted a breach of its employee records systems has resulted in incidents of identity theft.…
8:57 PM (33 minutes ago)
Apple update plugs over two dozen security vulns
from The Register - Security
Beefs OS X, Java, Safari for Windows
Apple has released a set of security updates that plug over two dozen holes in Mac OS X - including the Safari RSS vuln discovered last month - plus a vuln apiece in Java for Mac OS X 10.5, 10.4, and Safari for Windows.…
3:57 PM (5 hours ago)
Heartland data breach hit 160 banks (and rising)
from The Register - Security
How deep does the rabbit hole go?
More than 160 banks have been affected by the information security breach at US payment processor Heartland Security.…
3:57 PM (5 hours ago)
IBM, HP, and EMC call for encryption key juggler standard
from The Register - Security
Push unified protocol though open standards org
Any key management platform will be able to communicate across all of a company's encryption systems - if IBM, Hewlett-Packard, Thales, and EMC have their way.…
3:57 PM (5 hours ago)
MS puts up $250K bounty for Conficker author
from The Register - Security
Zombie masterminds wanted undead or alive
Microsoft is offering a $250,000 reward for information that leads to the arrest and conviction of the virus writers behind the infamous Conficker (Downadup) worm.…
11:38 AM (9 hours ago)
Scareware scammers Rickroll Digg
from The Register - Security
Bot comment blitz intensifies
Digg.com has become the latest Web 2.0 service to be abused by hackers in order to punt malware.…
9:38 AM (11 hours ago)
Win 7 and smartphones targeted in Pwn2own challenge
from The Register - Security
Hacker security shootout shindig
An annual hacking challenge has put the security of browsers and smartphones in the firing line.…
Feb 11, 2009 (23 hours ago)
New Windows virus attacks PHP, HTML, and ASP scripts
from The Register - Security
Virut gets around
Researchers have identified a new strain of malware that can spread rapidly from machine to machine using a variety of infection techniques, including the poisoning of webservers, which then go on to contaminate visitors.…
4:29 PM (5 hours ago)
IT, security funds find place in stimulus package
from Network World on Security by Jaikumar Vijayan
The massive economic stimulus package that is working through Congress includes hundreds of millions of dollars for various IT and physical security projects, including $448 million for a new headquarters for the U.S. Department of Homeland Security .
4:29 PM (5 hours ago)
HP, IBM push new OASIS encryption key standard
from Network World on Security by Robert McMillan
A group of industry vendors, led by IBM, Hewlett-Packard and EMC, is proposing a new standard to make their encryption management software work together.
4:29 PM (5 hours ago)
Microsoft puts $250,000 bounty on Conficker worm
from Network World on Security by Robert McMillan
Microsoft is trying to put some pressure on the criminals responsible for the worst Internet worm outbreak in years, offering a US$250,000 reward for information leading to the arrest and conviction of Conficker's creators.
4:29 PM (5 hours ago)
StillSecure on the fence about hosted NAC
from Network World on Security by Tim Greene
When StillSecure announced this week it will offer services as well as security gear, it was still on the fence about whether to include hosted NAC.
4:29 PM (5 hours ago)
NSA identifies top 25 programming errors
from Network World on Security by M. E. Kabay
The National Security Agency, working with MITRE Corp., SANS, and dozens of industry experts from many other organizations, has published a valuable list of the top 25 most dangerous programming errors.
4:29 PM (5 hours ago)
Los Alamos National Lab missing 67 computers
from Network World on Security by Jaikumar Vijayan
New Mexico-based Los Alamos National Laboratory (LANL) , the nation's leading nuclear weapons lab, once again finds itself the focus of concerns about potentially serious cybersecurity lapses.
7:40 PM (2 hours ago)
ID Theft: Yes, It Is the Hackers
from Wired Top Stories by Kevin Poulsen
A new report claims that lost or stolen wallets are responsible for most identity theft, and slams the media for blaming data breaches and other hack attacks. But the fine print in the report tells another story.
8:17 PM (1 hour ago)
Conficker Worm Draws a Counter-Attack
from PC World Latest Technology News
Microsoft, Symantec and others announce a heavy-hitter team to fight the Conficker worm, with a $250,000 reward..
6:16 PM (3 hours ago)
Apple Releases Security, Java Updates
from PC World Latest Technology News
Apple on Thursday released the first security update of 2009, the aptly named Security Update 2009-001. The update, which is...
6:16 PM (3 hours ago)
Twitter Clickjacking Attack Causes Post-Awards Annoyance
from PC World Latest Technology News
Just as Twitter Nation celebrates its first official Shorty Awards, so called Twitter clickjacking attacks are crashing the party.
6:16 PM (3 hours ago)
Enterprise, Orgs Unite to Stanch Downadup Worm
from PC World Latest Technology News
Task force is attempting to stop worm that is infecting nearly 2.2 million machines each day.
4:09 PM (5 hours ago)
Microsoft Puts $250,000 Bounty on Conficker Worm
from PC World Latest Technology News
Microsoft is offering a $250,000 reward for information leading to the conviction of the Conficker worm's author.
4:09 PM (5 hours ago)
Web Site: Number of Banks Affected by Heartland Breach Grows
from PC World Latest Technology News
The number of financial institutions that have said they were affected by the data breach disclosed last month by Heartland Payment Systems is growing.
12:16 PM (9 hours ago)
Hacker Challenge Takes Aim at Browsers, Smartphones
from PC World Latest Technology News
The hacking contest that has grabbed headlines two years running will take aim next month at browsers and smartphones...
10:16 AM (11 hours ago)
HP, IBM Push New OASIS Encryption Key Standard
from PC World Latest Technology News
HP and IBM are promoting a new encryption key management standard called KMIP.
Subscribe to:
Post Comments (Atom)
My Blog List
-
-
Rapid AI-driven development makes security unattainable, warns Veracode - Report claims more vulnerabilities created than fixed as remediation gap widens Veracode has posted its annual State of Software Security report, based on...10 hours ago
-
‘Starkiller’ Phishing Service Proxies Real Login Pages, MFA - Most phishing websites are little more than static copies of login pages for popular online destinations, and they are often quickly taken down by anti-abu...6 days ago
-
Happy 23rd Birthday TaoSecurity Blog - Happy birthday TaoSecurity Blog, born on this day in 2003! The best way to digest the key lessons from this site is to browse my four volume Best of Ta...
1 month ago -
Systemic Ransomware Events in 2025 – How Jaguar Land Rover Showed What a Category 3 Supply Chain Breach Looks Like - Systemic ransomware events in 2025, how Jaguar Land Rover’s shutdown exposed Category 3 supply chain risk, with lessons from Toyota, Nissan and Ferrari.3 months ago
-
Today's NYT Mini Crossword Answers for Tuesday, Oct. 7 - Here are the answers for The New York Times Mini Crossword for Oct. 7.
4 months ago -
Today's NYT Mini Crossword Answers for Tuesday, Oct. 7 - Here are the answers for The New York Times Mini Crossword for Oct. 7.
4 months ago
-
Announcing SecTemplates.com release #6: Security Partner Program Pack v1 - I have built several security partner programs at companies such as Box Inc. and Coinbase, with over 8 years of experience leading them. I have consistentl...8 months ago
-
Anybody knows that this URL is about? Maybe Balena API request?, (Wed, Feb 7th) - Yesterday, I noticed a new URL in our honeypots: /v5/device/heartbeat. But I have no idea what this URL may be associated with. Based on some googleing, I ...2 years ago
-
Comic for March 12, 2023 - Dilbert readers - Please visit Dilbert.com to read this feature. Due to changes with our feeds, we are now making this RSS feed a link to Dilbert.com.2 years ago
-
87% of Container Images in Production Have Critical or High-Severity Vulnerabilities - At the inaugural CloudNativeSecurityCon, DevSecOps practitioners discussed how to shore up the software supply chain.3 years ago
-
Vulnerability Summary for the Week of November 29, 2021 - Original release date: December 6, 2021 High Vulnerabilities Primary Vendor -- Product Description Published CVSS Score Source & Patch Info abb -- rtu50...4 years ago
-
AA21-336A: APT Actors Exploiting CVE-2021-44077 in Zoho ManageEngine ServiceDesk Plus - Original release date: December 2, 2021 Summary *This joint Cybersecurity Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (AT...4 years ago
-
Ransomware: Why one city chose to the pay the ransom after falling victim - Posted by InfoSec News on Aug 12 https://www.zdnet.com/article/ransomware-why-one-city-chose-to-the-pay-the-ransom-after-falling-victim/ By Danny Palmer Z...5 years ago
-
What the newly released Checkra1n jailbreak means for iDevice security - There are reasons to embrace it. There are reasons to be wary of it. Here's the breakdown.6 years ago
-
Privacy and Mobile Device Apps - Original release date: July 9, 2019 | Last revised: November 15, 2019 What are the risks associated with mobile device apps? Applications (apps) on your sm...6 years ago
-
44CON 2018 - 12th-14th September, London (UK) - Posted by Steve on Feb 28 44CON 2018 is the UK's best annual Security Conference and Training event. The conference spans 2.5 days with training on the 1...7 years ago
-
Cryptopp Crypto++ 5.6.4 octets Remote Code Execution Vulnerability - Crypto++ (aka cryptopp and libcrypto++) 5.6.4 contained a bug in its ASN.1 BER decoding routine. The library will allocate a memory block based on the leng...8 years ago
-
V2V Communications security considerations - The future of vehicles, road infrastructure and driving are changing. We are progressing with vehicle-to-vehicle (V2V) and vehicle-to-infrastructure (V2I) ...8 years ago
-
vTech – ignorance is no defence (and neither are weasel words) - This morning, Troy Hunt published a blog post alerting to a recent change in the Terms & Conditions published by children’s toy manufacturer vTech. The cha...10 years ago
-
DOJ probing claims U.S. drug agency 'collaborated' with NSA on intelligence - The U.S. Justice Dept. said it was "looking into the issues" raised by an Reuters story, that one of its law enforcement agencies collaborated with the NSA...12 years ago
-
-
-
-
-
-
-
-
-
Posts
No comments:
Post a Comment