AIRC Blog

AIRC Blog

[0x1] Hackers use a Facebook hoax to plant Rouge Antimalware

[0x2] Johnny Depp fake death notice - fake ActiveX codec

[0x3] Top 10 Chinese cyber attacks

[0x4] Out-of-band patch for the Aurora exploit will be released today by Microsoft

[0x5] Google vs. China - Round 1

[0x6] Hacking TLS

[0x7] Malware spreading via 'Facebook Password Reset Confirmation' email

[0x8] Microsoft Security Bulletin Summary for October 2009

[0x9] Microsoft Security Bulletin Summary for September 2009

[0xA] Hackers use Twitter to control botnets

Network Security Blog

Join me as I spend 30 minutes each week talking about the computer security issues facing us today. I discuss privacy, hacking, malware and the Payment Card Industry (PCI) Data Security Standards.

[0x1] “PCI Compliance” and “Public Cloud” don’t mix

[0x2] Network Security Podcast, Episode 183

[0x3] Break time’s over

[0x4] Network Security Podcast, Episode 182

[0x5] The Great PCI Security Debate of 2010: Part 2

[0x6] Network Security Podcast, Episode 181

[0x7] Network Security Podcast, Episode 180

[0x8] The Network Security Podcast, Episode 179

[0x9] Network Security Podcast, Episode 178

[0xA] Network Security Podcast, Episode 177

CSOONLINE.com - PCI and Compliance

[0x1] So What Is PCI Really About?

[0x2] Report: CISOs Keep Breach Costs Lower

[0x3] The Great PCI Security Debate of 2010: Transcribed

[0x4] PCI DSS, Come Forward and Be Judged

[0x5] Ten 2010 IT Security Predictions, Part 2: Schmidt and ICSA Labs

[0x6] 2009 Rewind: 3 Tales of FUD

[0x7] Compliance as Security: The Root of Insanity

[0x8] Ending the PCI Blame Game

[0x9] The Mass. 201 CMR 17 Survival Guide

[0xA] The Cloud Security Survival Guide

LinuxSecurity.com: Debian Advisories

The central voice for Linux and Open Source security news.

[0x1] Study: Spammers use e-mail ID to gain legitimacy

[0x2] Review: Mod-Security 2.5 by Magnus Mischel

[0x3] Debian: chrony denial of service

[0x4] Debian: squid/squid3 denial of service

[0x5] Debian: trac-git package fixes regression

[0x6] Debian: trac-git code execution

[0x7] Debian: fuse denial of service

[0x8] Debian: qt4-x11 several vulnerabilities

[0x9] Debian: moodle several vulnerabilities

[0xA] Debian: lighttpd denial of service

Techworld.com Operating Systems

Latest IT articles from Techworld's Operating Systems channel

[0x1] Four in five IT managers do not use cloud technologies

[0x2] Microsoft Office 2010 RC released

[0x3] Microsoft plans massive Windows patch next week

[0x4] Microsoft and science foundation collaborate on cloud computing

[0x5] Microsoft investigate Windows 7 battery problems

[0x6] The best security features in Windows 7

[0x7] Sick of the iPad? Google Chrome OS tablet idea revealed

[0x8] Microsoft to shut down Windows 7 previews

[0x9] Microsoft Windows 7 steams ahead, XP drops share

[0xA] Microsoft makes Windows Azure cloud platform public

Syrinx Technologies Podcasts

Interviews with local, regional and international technology experts on various topics.

[0x1] Application Development in a Web 2.0 World

[0x2] Ingredients for a Successful Disaster Recovery Plan

[0x3] Security & Web Facing Applications

[0x4] Different Approaches to SSO

[0x5] Story as Brand

[0x6] Effective Network Management Strategies

[0x7] HIPAA Privacy and Security

[0x8] What’s Wrong with the Federal, State and Local Budget Process

[0x9] Business Continuity Planning

[0xA] Identity Federation and Compliance

HacDC

HacDC's mission is to improve the world by creatively rethinking technology.

[0x1] Hacker's Lounge CANCELED

[0x2] Hacker's Lounge this Friday (2/5)! [CANCELED]

[0x3] DorkbotDC Meeting!

[0x4] Article on Open Source Hardware in Wired Magazine

[0x5] Magnify the Motorola Droid

[0x6] The Gentle Hackers' Literary Salon: Makers

[0x7] Tea Night on Tues., January 19th (or, Putting the TEA in KB3TEA)

[0x8] Thursday Talk on Twilio at HacDC: Build your own Dial-a-Song!

[0x9] Inside HacDC Web/Twitter Portal Update

[0xA] Fun Kits Continuing in January

DarkReading - All Stories

DarkReading

[0x1] 'Rugged' Initiative Brings Secure Software Development To The Masses

[0x2] Database Account-Provisioning Errors A Major Cause Of Breaches

[0x3] Twitter Gives Details On Phishing Attack

[0x4] Test: Most Web Application Scanners Missed Nearly Half Of Vulnerabilities

[0x5] House Mulls First Major Cybersecurity Bill

[0x6] IBM ISS Researcher Exposes Holes In Cisco's Internet Surveillance Architecture

[0x7] Researcher Cracks Security Of Widely Used Computer Chip

[0x8] Black Hat DC: Researchers Reveal Connection String 'Pollution' Attack

[0x9] Product Watch: Microsoft Rolls Out Free SDL Code For 'Agile' Development

[0xA] Botnet Floods Major Websites With Fake SSL Connections

The Hacker's Choice - Freeworld News

News around The Hacker's Choice including releases, papers, exploits and other activities

[0x1] Found vmap FINAL during cleanup!

[0x2] THC is hosting a #bluebox party at har2009.

[0x3] THC is proud to release a video and a tool to backup data...

[0x4] BLOG: The risk of ePassports and RFID

[0x5] BLOG: Story from the past of how to scan the internet

[0x6] THC is proud of hosting BlueMaho, a Bluetooth Security Te...

[0x7] From now on THC is sharing their thoughts with you!

[0x8] THC is proud to announce the SIM Toolkit Research Project.

[0x9] THC is proud to announce that the GSM Software Project an...

[0xA] Dear visitors, dear fans and supporters of THC.

All Virus Alerts

[0x1] Net-Worm.Win32.Kido

[0x2] Virus.Win32.Gpcode.ak

[0x3] Email-Worm.Win32.Warezov.nf

[0x4] Email-Worm.Win32.Warezov.mx

[0x5] Email-Worm.Win32.Warezov.ms

[0x6] Email-Worm.Win32.Zhelatin

[0x7] Email-Worm.Win32.Zhelatin.u

[0x8] Email-Worm.Win32.Zhelatin.r

[0x9] Email-Worm.Win32.Zhelatin.o

[0xA] Email-Worm.Win32.Warezov

milw0rm.com

milw0rm.com's latest exploit rss feed

[0x1] BigAnt Server <= 2.50 SP6 Local (ZIP File) Buffer Overflow PoC #2

[0x2] Joomla com_mytube (user_id) Blind SQL Injection Exploit

[0x3] Joomla com_jinc (newsid) Blind SQL Injection Vulnerability

[0x4] Snort < 2.8.5 Unified1 Output Denial of Service Exploit

[0x5] WX Guest Book 1.1.208 (SQL/XSS) Multiple Remote Vulnerabilities

[0x6] Loggix Project <= 9.4.5 Multiple Remote File Inclusion Vulnerabilities

[0x7] ProdLer <= 2.0 (prodler.class.php sPath) RFI Vulnerability

[0x8] CMScontrol 7.x (index.php id_menu) SQL Injection Vulnerability

[0x9] cP Creator 2.7.1 (Cookie tickets) Remote SQL Injection Exploit

[0xA] Winplot (.wp2 File) Local Buffer Overflow Exploit

Raffy - Security Data Visualization

IT security data visualization and log management as seen by Raffael Marty

[0x1] links for 2009-12-30

[0x2] Applied Security Visualization Book seen in Singapore

[0x3] links for 2009-07-01

[0x4] CISCO Subnet Blogging in May

[0x5] Data Visualization in the Cloud – PixlCloud

[0x6] links for 2009-03-11

[0x7] The Security Market As Seen By Peter Kuper

[0x8] Security Visualization and Log Analysis Workshop – Sign up now!

[0x9] links for 2009-02-12

[0xA] Applied Security Visualization Spotted in Dublin

nixCraft Linux Sys Admin Blog

This is a Linux sys admin journal by Vivek about sys admin work, Linux tips & tricks, hacks, news and more.

[0x1] Download of the day: GNU/Linux Advanced Administration PDF Book

[0x2] 10 Greatest Open Source Software Of 2009

[0x3] HowTo: Create sar Graphs With kSar [ Identifying Linux Bottlenecks ]

[0x4] Google Public DNS Servers Launched

[0x5] nixCraft FAQ PDF Collection Now Available To All

[0x6] FreeBSD 8.0 Review: Enterprise Ready Server Operating System

[0x7] Download Fedora 12 CD / DVD ISO

[0x8] Linux / Windows Application For Prevention Of RSI (Repetitive Strain Injury)

[0x9] 20 Linux Server Hardening Security Tips

[0xA] Download Ubuntu 9.10 (Karmic koala) CD ISO Images

Ubergizmo

Ubergizmo is a top consumer electronics news and reviews site.

[0x1] ZoomIt iPhone Accessory Allows You To Access SD Cards

[0x2] Analyst: Apple Might Lower Price Of iPad

[0x3] Nexus One Equipment Recovery Fee Reduced To $150

[0x4] MacBook Pro Deleted From Best Buy Inventory

[0x5] NVIDIA considers external graphics accelerators

[0x6] Thermaltake Toughpower XT line of power supply units

[0x7] Corsair Nova and Reactor SSDs

[0x8] Canon unveils new PowerShots at PMA 2010

[0x9] Scale Rug offers (un)friendly welcome

[0xA] 3M Littmann Bluetooth Stethoscope

CSOONLINE.com - Awareness

[0x1] Social Media Risks: The Basics

[0x2] Companies on IT Security Spending: Where's the ROI?

[0x3] Social Engineering: The Basics

[0x4] 10 Things That Didn't Happen in 2009 (And Probably Won't Happen in 2010)

[0x5] Checklist: 11 Security Tips for Black Friday, Cyber Monday

[0x6] 3 Basic Steps to Avoid Joining a Botnet

[0x7] The Cloud Security Survival Guide

[0x8] PCI DSS: No Angel, But Certainly Not the Devil

[0x9] 7 Ways to Stay Happy in a Miserable Profession

[0xA] 4 Tips for Writing a Great Social Media Security Policy

CSOONLINE.com - Identity Theft

[0x1] Delayed Again: Red Flags Rule Deadline Now June 1, 2010

[0x2] A Look At Stolen Hotmail Data Finds Simple Passwords

[0x3] School Boards Hit with Cash-Stealing Trojan

[0x4] News Flash: Data Debauchery That Happens in Vegas Doesn't Stay There

[0x5] Hacker Gonzalez Pleads Guilty to 20 Charges

[0x6] SQL injection Attacks Led to Heartland, Hannaford Breaches

[0x7] Mass. Makes Changes to ID Theft Regulations

[0x8] LexisNexis Warns of Breach After Alleged Mafia Bust

[0x9] Report: Social Security Numbers Easy to Guess

[0xA] Seven Deadly Sins of Social Networking Security

Security Justice

Security Justice

[0x1] Shmoocon and how to protect yourself from Shmooball attackers!

[0x2] Security Justice Episode 21 – Woot.com, Hack Challenge, @dave_rel1k and SET

[0x3] Security Justice Episode 20 – Shmoocon 2010 Interview with Bruce Potter (@gdead)

[0x4] Security Justice Episode 19 – Epic Interview with Jason Scott (@textfiles)

[0x5] Select Talks from ISS2009 Now Available for Download

[0x6] Security Justice Special Edition – Interview with Richard Bejtlich (@taosecurity)

[0x7] Security Podcasters “Go the Mo” for Men’s Health

[0x8] Security Justice Special Edition – Jayson Street and Dissecting the hack: the f0rb1dd3n network

[0x9] Security Justice Episode 18 – Louisville InfoSec, Rapid7, Interview with Wesley McGrew

[0xA] Security Justice International BBQ Edition – Nick Owen (@wikidsystems)

The Geek Stuff

Guides, HowTos and Tips for Technology Geeks

[0x1] Nagios XI Review (Free Nagios core Vs Nagios XI)

[0x2] How To Change Wallpaper in Fluxbox Window Manager

[0x3] 7 Powerful Awk Operators Examples (Unary, Binary, Arithmetic, String, Assignment, Conditional, Reg-Ex Awk Operators)

[0x4] Unix Less Command: 10 Tips for Effective Navigation

[0x5] 2 Books Giveaway Winners: Linux Firewall and Learning jQuery 1.3

[0x6] 8 Powerful Awk Built-in Variables – FS, OFS, RS, ORS, NR, NF, FILENAME, FNR

[0x7] Gone in 60 Seconds – Find Disappeared Internet Pages

[0x8] Shell Script Execution Guidelines for Newbies

[0x9] How To Add Shutdown / Reboot Functionality to Fluxbox Window Manager for X

[0xA] Awk Tutorial: Understand Awk Variables with 3 Practical Examples

CSOONLINE.com - Pandemic

[0x1] Lack of Telework Preparedness Puts Business Continuity in Danger?

[0x2] Gartner Joins GAO in Raising Flu Network Congestion Fears

[0x3] Most Businesses READY for Flu Pandemic?

[0x4] Swine Flu Near You? IPhone App Will Let You Know

[0x5] A Swine Flu (H1N1) Business Continuity Planning Guide

[0x6] Swine Flu: Watching the Southern Hemisphere for Signs of H1N1 Havoc

[0x7] WHO Declares Swine flu a Pandemic. Now What?

[0x8] Swine Flu: A Wake-up Call for Emergency Planners

[0x9] Swine Flu: Now That the Hype Is Over, Keep Planning

[0xA] 10 Questions for Pandemic Planning

DojoSec

Security. Thought. Leadership.

[0x1] Jeremy Brown – From Static Analysis to 0day Exploit

[0x2] Mobile Communications Security Symposium

[0x3] Marcus’ Mailbag: Policy, Enforcement, and Monitoring

[0x4] Virtualization is Great for Forensics

[0x5] Google Hacking Renders Redaction Futile

[0x6] Metasponse Talk at Techno Forensics

[0x7] Cloud Computing and Sunburn

[0x8] Malwarebytes – An Effective Malware Removal Tool

[0x9] DojoSec Monthly Briefings – October 1, 2009

[0xA] DojoSec TV – Web Application Security with Matt Fisher

Moreover Technologies - Computer security news - 30 of 8786 returned

Moreover Technologies - Real-time news and blogs from thousands of sources

[0x1] Successful DOD Contractors Use ProPricer - Sponsored Link

[0x2] $2.5 million estimated missing from Sauter escrow

[0x3] Hacker training company closed

[0x4] China Says Hacker Training Site Closed

[0x5] China Hacker Crackdown Could Reassure Google

[0x6] Endace Highlights Limits of Current Intrusion Detection and Intrusion Prevention Solutions With the Capture Replay Challenge

[0x7] Chinese police shut down hacker-training business

[0x8] US Intel Chief Paints Dark Picture of Cyberattack Defense

[0x9] China Shuts Down Hacker Training Website

[0xA] TCS restores Web site after hackers put it up For Sale'

Twitter / TrendMicro

Twitter updates from TrendMicro / TrendMicro.

[0x1] TrendMicro: MSFT warns of record patch Tues tomorrow w/13 security bulletins (5 critical 7 important) http://bit.ly/9a2Ogy

[0x2] TrendMicro: Phishing Pages Pose as Secure Login Pages http://blog.trendmicro.com/?p=21577

[0x3] TrendMicro: Caisse d’Epargne Customers, Beware! http://blog.trendmicro.com/?p=21623

[0x4] TrendMicro: The Pushdo Puzzle - DDoS or not DDoS? http://blog.trendmicro.com/?p=21610

[0x5] TrendMicro: Spammers Fake Responses from <i>Google</i> Job Applications http://blog.trendmicro.com/?p=21563

[0x6] TrendMicro: On the Trustworthiness of the AV Industry and AV Tests http://blog.trendmicro.com/?p=21566

[0x7] TrendMicro: Early Hearts’ Day Presents from Spammers http://blog.trendmicro.com/?p=21540

[0x8] TrendMicro: Much Ado About FAKEAV http://blog.trendmicro.com/?p=21518

[0x9] TrendMicro: TrendLabs takes a look at HYDRAQ -- the backdoor used in the Google attack http://bit.ly/ab7rG6.

[0xA] TrendMicro: Haiti Spam Leads to New Malware http://blog.trendmicro.com/?p=21479

Carnal0wnage Blog

carnal0wnage and zero(day) solutions blog

[0x1] metasploit getsystem command

[0x2] KiTrap0d now in metasploit

[0x3] Ruby, Nmap XML, and Databases

[0x4] Various Online Password Crackers

[0x5] 2009 Blog Stats

[0x6] Beating Up On Oracle Book List

[0x7] Hackers -- Net Cafe Series Video circa 1996

[0x8] Digging into SSL Cipher Checking

[0x9] Hacking Unprotected JBOSS JMX Console Installations

[0xA] Past, Present, and Future of Security and the Security Community

SearchSoftwareQuality: Software quality news and advice

News, analysis and technical advice about securing applications and Web services.

[0x1] Measure the risks before embedded your application into social media waters

[0x2] Preflight builds are key in speedy iteration delivery says Electric Cloud's CEO

[0x3] Using soapUI to mock Web services can offer insight on user acceptance

[0x4] Choosing automated software testing tools: Open source vs. proprietary

[0x5] Q&A: Software tester describes daily application performance testing work

[0x6] How do I create a test case based on requirements documents for user acceptance testing?

[0x7] Slim chance of revision to PCI DSS expected this year

[0x8] Nine ways to evaluate automated software testing tools

[0x9] Finding software flaws with error-guessing tours

[0xA] According to 2009 study, Data compromise costs rose

Dana Epp's ramblings at the Sanctuary

Life, the Universe and everything Security

[0x1] Reflecting on our Windows 7 birthday party

[0x2] Time to party! Windows 7 is here!

[0x3] RunAs Radio podcasts you might want to listen to

[0x4] Coding Tip: Why you should always use well known SIDs over usernames for security groups

[0x5] Major Windows 7 gotcha you should know about that may block you from upgrading

[0x6] Microsoft SDL bans mempcy()... next it will be zeros!!!!

[0x7] Using TS RemoteApp as an attack vector

[0x8] Is Twittering safe?

[0x9] Come have Coffee and Code in Vancouver with me and Microsoft tomorrow

[0xA] Choosing the right offset backup provider

Enterprise Storage Forum News

Covering security, storage, and networking for the enterprise IT professional

[0x1] Solid State Drives Get Faster with TRIM

[0x2] Solid State Drives in Enterprise Applications

[0x3] Oracle to Keep Sun's Data Storage, Tape Businesses

[0x4] LTO-5 Breathes New Life into Tape Storage

[0x5] NetApp Deepens Ties with Cisco, VMware

[0x6] EMC Reports Strong Data Storage, Deduplication Sales

[0x7] Symantec Adds Deduplication to Backup Software

[0x8] EMC Doubles Clariion, Celerra Density with 2TB SATA Drives

[0x9] RAID Storage Levels Explained

[0xA] NetApp, Cisco and VMware Deal May Be Coming

Check Point SmartDefense Service Advisories

The SmartDefense Service provides real-time updates and new attack protection capabilities for Application Intelligence, Web Intelligence, and Network defenses for various products.

[0x1] Update Protection against Sun Java System Application Server HTTP TRACE Vulnerability

[0x2] Security Best Practice: Protect Yourself from Microsoft Internet Explorer US-ASCII Charset Obfuscation Exploits

[0x3] Update Protection against Novell eDirectory NDS Verb Integer Overflow Vulnerability

[0x4] Update Protection against Multiple Vendors NTP Mode 7 Denial of Service

[0x5] Update Protection against Zeus Web Server SSL2_Client_Hello Buffer Overflow

[0x6] Update Protection against Hydraq Trojan/Aurora Attack (MS10-002)

[0x7] Update Protection against Microsoft Internet Explorer Event Operations HTML Object Memory Corruption Vulnerability (MS10-002)

[0x8] Update Protection against Microsoft Internet Explorer DOM Operations Handling Memory Corruption Vulnerability (MS10-002)

[0x9] Update Protection against Microsoft Internet Explorer Table Operations Memory Corruption Vulnerability (MS10-002)

[0xA] Preemptive Protection against Microsoft Internet Explorer Uninitialized Memory Corruption Vulnerabilities (MS10-002)

Penetration testing blog

A penetration tester's sequence of words for the community

[0x1] Hacking Internet Kiosks and iKAT

[0x2] Disguising a USB drive as a standard phone jack @ home

[0x3] Python script for renaming and deleting files recursively (AKA: Fixing a broken magento update)

[0x4] CLOC - Count Lines of Code

[0x5] Counting lines of source code

[0x6] CISCO IOS Rookits are da bomb

[0x7] Testing a personal firewall solution, a couple of resources

[0x8] Mass deleting your e-mails from Gmail

[0x9] Gmail security? Well at least start with customizegoogle

[0xA] Quick shellscript for replacing a watermark

Deb Shinder's Blog

Deb Shinder is MS SECURITY. An Enterprise Security MVP, she has the “inside story” on all topics related to securing Microsoft networks, from the server all the way down to the network-connected smart phone. Her blog will address Microsoft’s security products and technologies including those built into the operating system (access controls and permissions, EFS, BitLocker, etc.), network security technologies (Active Directory, IPsec, DirectAccess, etc.) and separate security products (ISA Server/TMG, IAG, ILM and the Forefront family of client and server security products and services). This blog focuses on how network administrators and network security specialists can create a multi-layered security strategy, develop sound security policies, and build a strong line of defense around the network to prevent both internal and external attack.

[0x1] Cybersecurity bill passed by House

[0x2] Over half a million web sites infected

[0x3] iPhones on your corporate network: How secure?

[0x4] Don’t hang out the “Phishing Gone” sign just yet

[0x5] Good news for IT security pros: Forrester says network security spending will rise in 2010

[0x6] Google adds security features to Chrome browser

[0x7] Microsoft COFEE and other forensics tools targeted

[0x8] Facebook security bug on AT&T mobile network

[0x9] Jesper Johansson: How Delegation Privileges are Represented in AD

[0xA] Why you should implement password policy enforcement

Zero Day

Tracking the hackers

[0x1] Oracle rushes out patch for gaping server hole

[0x2] Mozilla Firefox hit by malware add-ons

[0x3] Does Blippy really pose a security risk?

[0x4] MS Patch Tuesday heads-up: 13 bulletins, 26 vulnerabilities

[0x5] Microsoft warns of new IE data-leakage vulnerability

[0x6] Code execution holes in iPhone OS, iPod Touch

[0x7] Report: 48% of 22 million scanned computers infected with malware

[0x8] Bogus IQ test with destructive payload in the wild

[0x9] Tor Project suffers hack attack

[0xA] RealPlayer haunted by 11 critical vulnerabilities

GlobalSecurity.org

Reliable Security Information from GlobalSecurity.org.

[0x1] 02/01/10 Gates/Mullen DoD News Briefing

[0x2] DoD News: Statement by Secretary of Defense Robert Gates on the Death of Congressman Jack Murtha

[0x3] US Congressman John Murtha Dead at 77

[0x4] Ivory Coast Elections Could be Delayed Again

[0x5] Gates: Iran’s Nuclear Program Puts Middle East in Danger

[0x6] Iranian Atomic Plans Bring New Calls for Sanctions

[0x7] Guard Responds in Record D.C. Snowfall

[0x8] Space Shuttle Endeavour Heads to International Space Station

[0x9] Yanukovych Heads To Victory In Ukrainian Election

[0xA] Yanukovych wins Ukraine presidential vote

Secu.be

Secu.be

[0x1] Latest OSVDB Vulnerabilities: Oracle Database DBMS_JAVA.SET_OUTPUT_TO_JAVA Procedure Argument Handling Privilege Escalation

[0x2] Latest OSVDB Vulnerabilities: Oracle Database DBMS_JVM_EXP_PERMS Package IMPORT_JVM_PERMS Function Privilege Escalation

[0x3] Latest OSVDB Vulnerabilities: Oracle Times-Ten In-Memory Database timestend Process Remote DoS

[0x4] Latest OSVDB Vulnerabilities: Oracle Internet Directory oidldapd Remote Heap Corruption

[0x5] SANS Internet Storm Center, InfoCON: green: Oracle has an unscheduled security alert and patch for CVE-2010-0073. The issue affects WebLogic Server and is remotely exploitable. Details and patch are here http://www.oracle.com/technology/deploy/security/alerts/alert-cve-2010-0073.html, (Tue, Feb

[0x6] The Register - Security: Adobe apologizes for festering Flash crash bug

[0x7] The Register - Security: Conficker outbreak infects Leeds hospital servers

[0x8] SANS Internet Storm Center, InfoCON: green: When is a 0day not a 0day? Samba symlink bad default config, (Tue, Feb 9th)

[0x9] The Register - Security: Oracle issues emergency security patch for WebLogic

[0xA] Help Net Security - News: Multiple vulnerabilities in popular Web servers

[H]ardOCP News/Article Feed

News/Article Feed for [H]ardOCP

[0x1] Former Intel Exec Pleads Guilty in Galleon Insider Case

[0x2] Teen's Facebook Party Trashes $1.5M Home

[0x3] Ten Years Ago In Tech

[0x4] DirectX End-User Runtimes

[0x5] [H]ardware Round-Up II

[0x6] Security Chip That Does Encryption in PCs Hacked

[0x7] The iPad Tweet That Enraged Steve Jobs?

[0x8] $70k For Broadband Installation

[0x9] LIAN LI T1 Spider on Video

[0xA] Gaming [H]eadlines

SearchSecurity: Security Wire Daily News

The latest information security news on IT threats, vulnerabilities and market trends from the award-winning SearchSecurity.com.

[0x1] CISOs take measured steps to reduce social media risks

[0x2] Microsoft to fix 26 flaws in Windows, Office

[0x3] Microsoft warns that IE zero-day vulnerability causes data leakage

[0x4] Tripwire enters tumultuous SIEM market

[0x5] Microsoft extends SDL program, adds Agile development template

[0x6] Google to pay for Chrome browser vulnerabilities

[0x7] SCADA system, critical infrastructure security lacking, survey finds

[0x8] MA 201 CMR 17 enforcement less likely with prompt reporting, cooperation

[0x9] No major PCI DSS revision expected in 2010

[0xA] PCI QSAs, certifications to get new scrutiny

Peter Guerra

All about security

[0x1] How Robber Barons hijacked the telegraph system

[0x2] The Bedazzler

[0x3] iPhone fix

[0x4] Twitter for Botnet control

[0x5] BlackHat 2009 Presentation

[0x6] SLE, Quantitative versus Qualitative Risk, and Finance

[0x7] BlackHat 2009

[0x8] White House Cyber Security Review is out

[0x9] Panda Cloud Antivirus

[0xA] 500,000 Unique Malware Files Every Day

Google Online Security Blog

The latest news and insights from Google on security and safety on the Internet.

[0x1] More Information about Malware Details

[0x2] Do machines dream of electric malware?

[0x3] Best Practices for Verifying and Cleaning up a Compromised Site

[0x4] Protecting Users and Ads from Malware

[0x5] Show Me the Malware!

[0x6] The Malware Warning Review Process

[0x7] Malware Statistics Update

[0x8] Ask the Google Anti-Malware Team

[0x9] Improving web browser security

[0xA] Password strength and account recovery options

Shellcode - Shell-storm.org

Last shellcodes

[0x1] portbind shellcode - 167 bytes

[0x2] XP SP3 addFirewallRule

[0x3] sp2 (En + Ar) cmd.exe - 23 bytes

[0x4] Shellcode Collection - (calc) 19 bytes

[0x5] chmod 666 /etc/shadow - 27 bytes

[0x6] overwrite MBR on /dev/sda with LOL! - 43 bytes

[0x7] kill all processes - 9 bytes

[0x8] eject /dev/cdrom - 42 bytes

[0x9] append /etc/passwd & exit() - 107 bytes

[0xA] unlink(/etc/passwd) & exit() - 35 bytes

Rational Survivability

PLEASE NOTE: I HAVE PERMANENTLY MOVED MY BLOG TO http://www.rationalsurvivability.com/blog <-- All these posts/comments have been moved there and all new posts since May 2009 appear there.

[0x1] IMPORTANT REMINDER: My Blog and RSS Feed Have Moved To http://www.rationalsurvivability.com/blog

[0x2] IMPORTANT REMINDER: My Blog and RSS Feed Have Moved

[0x3] IMPORTANT: Moving My Blog & RSS Feed

[0x4] BeanSec! Wednesday, March 18, 2009 - 6PM to ?

[0x5] How To Be PCI Compliant in the Cloud...

[0x6] On the Overcast Podcast with Geva Perry and James Urquhart

[0x7] More On Clouds & Botnets: MeatClouds, CloudFlux, LeapFrog, EDoS and More!

[0x8] Source Boston - Video Interviews of Security Rockstars...

[0x9] Oh Noes: We Can't Monitor/Protect Against Intra-VM Traffic!

[0xA] Sun vs. Cisco? I'm Getting My Popcorn...

Network World on Windows

The latest Windows news, analysis and feature articles from NetworkWorld.com.

[0x1] Microsoft's Patch Tuesday to be all about required reboots

[0x2] 50 smartphone blogs: A whirlwind tour of iPhone, Android and BlackBerry sites

[0x3] Microsoft exceeds goal of 5,000 layoffs

[0x4] Win 7 business sales weak, but uptick expected

[0x5] Apple iPad could give Microsoft fits

[0x6] Annoyed and disappointed

[0x7] WhatsUp Gold buys Windows security management vendor

[0x8] 14 free enterprise training tools from Microsoft

[0x9] 10 years ago: Standards in the spotlight

[0xA] A couple of follow-ups and syncing IMAP servers

Packet Storm Security Last 100

100 Most Recent Packet Storm File Additions

[0x1] HPSBUX02503-SSRT100019.txt

[0x2] MDVSA-2010-034.txt

[0x3] nightdahack2010-cfp.txt

[0x4] CORELAN-10-010.txt

[0x5] wsnguestdb-disclose.txt

[0x6] bluedove-sql.txt

[0x7] synspam_0.4.0-1.tar.gz

[0x8] as3flexdb-sqldisclose.txt

[0x9] HPSBMA02487-SSRT100024.txt

[0xA] jdownloader-exec.txt

Techworld.com Security

Latest IT articles from Techworld's Security channel

[0x1] PayPal suspends service in India

[0x2] China shuts down hacker training site

[0x3] BlackBerry spyware released

[0x4] Intel Atom netbooks get whole-disk encryption

[0x5] Antivirus maker Symantec hit with class-action lawsuit

[0x6] EU and US fight over bank data sharing

[0x7] Oracle patches WebLogic flaw

[0x8] European Parliament looks to stop data-sharing deal

[0x9] Google enlists NSA after alleged Chinese hacks, Washington Post says

[0xA] Infected Firefox add-ons slipped past Mozilla security

ITWeb Internet

Latest ICT Internet news

[0x1] King III links in with social networks

[0x2] Rivals gain from Google book deal

[0x3] US lawmaker rallies broadband changes

[0x4] Twitter offers advertising service

[0x5] Websense harnesses cloud

[0x6] FinSwitch introduces Web services

[0x7] IP over avian carrier

[0x8] Initiative sees teachers collaborate online

[0x9] Asian sites profit from virtual money

[0xA] Obama warns teens of Facebook

LinuxSecurity.com: FreeBSD Advisories

The central voice for Linux and Open Source security news.

[0x1] Study: Spammers use e-mail ID to gain legitimacy

[0x2] Review: Mod-Security 2.5 by Magnus Mischel

[0x3] FreeBSD: Kernel memory disclosure in procfs and linprocfs

[0x4] FreeBSD: fetch Overflow error

[0x5] FreeBSD: syscons Boundary checking errors in syscons

[0x6] FreeBSD: cvs number of vulnerabilities

[0x7] FreeBSD: kernel Improper memory access vulnerability

[0x8] FreeBSD: kernel Excessive privilege vulnerability

[0x9] FreeBSD: core:sys Buffer cache invalidation vulnerability

[0xA] FreeBSD: cvs Heap overflow vulnerability

suck-o.com hacking - coding - development

Hacking, coding, web development, lots of high quality downloads and friendly forums. Join our community, we are non-commercial and independent!

[0x1] ‘Don’t Be Evil,’ Meet ‘Spy on Everyone´: How the NSA Deal Could Kill Google

[0x2] Google to enlist NSA to help it ward off cyberattacks

[0x3] Parallel Algorithm Leads to Crypto Breakthrough

[0x4] CIA, PayPal under bizarre SSL assault

[0x5] Internet Service Providers have a pessimistic view of the future

[0x6] Mozilla unfurls first mobile Firefox

[0x7] Hackers Targeted Oil Companies for Oil-Location Data

[0x8] Amateur goof makes Twitter account hijacking a snap

[0x9] Tor Project servers hacked

[0xA] Law firm suing China suffers attack

The RISKS Digest

The website of the RISKS mailing list

[0x1] Doug Maughan's CACM article & Roadmap for Cybersecurity Research

[0x2] UI fix freezes NYSE, affects 975 stocks

[0x3] False positives galore in SARs

[0x4] DC Metro - only kills average of 1 customer each 3 years

[0x5] GPS Control Software Glitch: NANU Issued

[0x6] How Not to Design Authentication

[0x7] Radiation Offers New Cures, and Ways to Do Harm

[0x8] Warning: Your Cell Phone May Be Hazardous to Your Health

[0x9] Driver watching laptop movie kills woman

[0xA] It depends on which bus you take

Security Basics

A high-volume list which permits people to ask "stupid questions" without being derided as "n00bs". I recommend this list to network security newbies, but be sure to read Bugtraq and other lists as well.

[0x1] Re: MSN virus

[0x2] Re: Transparent vs Routed Firewall

[0x3] Re: SMS Banking

[0x4] Re: SMS Banking

[0x5] RE: SMS Banking

[0x6] RE: SMS Banking

[0x7] Re: Transparent vs Routed Firewall

[0x8] Managed Security Services

[0x9] Re: SMS Banking

[0xA] Re: [OT ish] Router vs Firewall - corporate environment

PCI Security Standards Council News

Latest press releases from PCI SSC

[0x1] Bruce Rutherford Named New PCI Security Standards Council Chairperson

[0x2] PCI Security Standards Council Launches Global Website With New Resources In Eight Languages

[0x3] PCI Security Standards Council Opens Ask The Council Webinar To All

[0x4] PCI Security Standards Council Enters Next Phase of Data Security Standards Development

[0x5] PCI Security Standards Council Provides Best Practices For Skimming Prevention

[0x6] PCI Security Standards Council Wireless Special Interest Group Publishes New Giude to Wireless Security

[0x7] PCI Security Standards Council Appoints Lead Trainer

[0x8] PCI Security Standards Council Invites Collaboration On Next Generation Security Standards

[0x9] PCI Security Standards Council Announces New Board Of Advisors

[0xA] PCI Security Standards Council to Hold First Standards Training Session in Asia Pacific

Kaspersky.com / All News

[0x1] Kaspersky Anti-Virus for Linux Mail Server 5.6.42.0 MP1 CF2

[0x2] Monthly Malware Statistics: January 2010

[0x3] Kaspersky Internet Security 2010 named Best in Class in Sweden

[0x4] Visit Kaspersky Lab at Mobile World Congress 2010 in Barcelona

[0x5] Kaspersky Internet Security 2010 named Product of the Year by PC Achat

[0x6] Kaspersky Lab acknowledges a false positive returned by its products for a number of Internet resources with Google contextual advertising

[0x7] Kaspersky Internet Security 2010 named 'Product of the Year' in Romania

[0x8] Kaspersky Lab patents innovative method for minimizing false positives

[0x9] Kaspersky Lab Changes Support Structure in the Benelux Region

[0xA] Monthly Malware Statistics: December 2009

Microsoft news from Network World

Breaking Microsoft news and analysis from NetworkWorld.com

[0x1] Symphony 3.0 beta signals IBM attack on Office

[0x2] Microsoft's Patch Tuesday to be all about required reboots

[0x3] Researcher reveals how IE flaw can turn your PC into a public file server

[0x4] Microsoft-funded CodePlex Foundation gets first exec

[0x5] Microsoft juices Visual Studio with secure coding tools

[0x6] Microsoft exceeds goal of 5,000 layoffs

[0x7] CommVault ties backup software to the cloud

[0x8] Chapter 3: Case Study: You Cannot Manage What You Cannot Measure

[0x9] Win 7 business sales weak, but uptick expected

[0xA] Apple iPad could give Microsoft fits

Headquarter, Linux, Network security and research

[0x1] Security threats Toolkit

[0x2] Unusual disk latency: The other day I met a friend and between...

[0x3] Untangle 7.1

[0x4] Lynis 1.2.9

[0x5] Wireshark 1.2.5

[0x6] Multiple Cisco WebEx WRF Player Vulnerabilities

[0x7] US drones hacked by Iraqi insurgents

[0x8] Video Interview with MacBook Bullet Girl

[0x9] Android Forensics

[0xA] Jobs for hackers

PaulDotCom

[0x1] What I learned at Shmoocon 2010

[0x2] PaulDotCom Security Weekly - Episode 185 Part 2 - January 28, 2010

[0x3] PaulDotCom Security Weekly - Episode 185 Part 1 - January 28, 2010

[0x4] PaulDotCom Security Weekly - Episode 184 Part 2 - January 21, 2010

[0x5] CSAW Challenge - Reflections on Pools of Radiance

[0x6] Pauldotcom 1-28 Technical Segment - Here's what you missed!

[0x7] Episode 185 recording notice - Thursday Jan 28 - 19:30 EST

[0x8] PaulDotCom Security Weekly - Episode 184 Part 1 - January 21, 2010

[0x9] PaulDotCom Security Weekly - Episode 183 Part 2 - January 14, 2010

[0xA] PaulDotCom Security Weekly - Episode 183 Part 1 - January 14, 2010

Aladdin Knowledge Systems Latest HASP Press Releases

Aladdin Knowledge Systems Latest HASP Press Releases - RSS Feed

[0x1] China's Largest CAD/CAM Software Developer Selects Aladdin HASP SRM

[0x2] HASP SRM v 3.60 Provides Automatic File Wrapping for Windows x64 Applications

[0x3] Leading Network Engineering Firm in China Selects Aladdin HASP SRM to Stop Software Piracy

[0x4] Aladdin Announces Enhanced HASP SRM Anti-Piracy Tool for Mac Software Developers

[0x5] Aladdin HASP SRM Adds Automatic File Wrapping to Secure Intellectual Property in Java-Based Applications

[0x6] Aladdin HASP SRM Adds Linux Support

[0x7] Iris Biometrics Leader Secures Software with Aladdin HASP SRM

[0x8] Aladdin HASP SRM Wins Codie Award for Best Digital Rights Management Solution

[0x9] Aladdin Announces First Runtime Installer Certified for Windows Vista

[0xA] Aladdin HASP SRM Receives CompTIA SoftwareCEO Innovation Award

InformationWeek Analytics Weblog

Here you'll find observations, anecdotes, and analysis from our experienced staff of reporters and editors, with links to stories, surveys and other content that appear on InformationWeek.com, TechWeb.com, and many other points on the Web. We welcome discussion, and invite you to share your opinions and thoughts. Please participate with us!

[0x1] Misguided Security Leads To Insecurity

[0x2] Cybercrime As An Economic Threat

[0x3] I Want You For My Server Survey

[0x4] Barracuda Networks Enters the Enterprise Firewall Market

[0x5] Linux's Hypervisor Complex

[0x6] InformationWeek's RSS Feed is brought to you by

[0x7] Your Dad's SLAs And The Cloud

[0x8] Websense To Monitor Facebook Pages

[0x9] Education: It's That Simple

[0xA] Security: Exception to the Rule?

Packet Storm Security Tools

Packet Storm Last 10 Tools

[0x1] synspam_0.4.0-1.tar.gz

[0x2] sipwitch-0.7.0.tar.gz

[0x3] dradis-v2.5.0.tar.gz

[0x4] netsniff-ng-0.5.4.1.tar.gz

[0x5] stunnel-4.31.tar.gz

[0x6] tinc-1.0.12.tar.gz

[0x7] Pound-2.5.tgz

[0x8] nikto-2.1.1.tar.gz

[0x9] Squipy.zip

[0xA] zzuf-0.13.tar.gz

SecuraBit

A show for security professionals.

[0x1] SecuraBit Episode 49: ConFoo.ca!

[0x2] SecuraBit Episode 48: Shmoocon (The Big Cheese) and PhoneFactor!

[0x3] SecuraBit Episode 47: Double Dutch!

[0x4] SecuraNibble Episode 03 - Security Hour on IMP

[0x5] SecuraBit Episode 46 â Making a Faster and Safer Web with Billy Hoffman

[0x6] SecuraBit Episode 45 â More on DOJOCON

[0x7] SecuraBit Episode 44 - Dennis Hurst and Movember!

[0x8] SecuraBit Episode 43 â The Academy Pro

[0x9] SecuraBit Episode 42 - Phreaking Sweet Con in TN.

[0xA] SecuraBit Episode 41 - Speaking of Cons, and forensics...

Jeremiah Grossman

A page to show up #1 on Google when searching for "Jeremiah" (Currently #5).
The prophet, TV show, and that pesky Owyang guy going down!

A page to show up #1 on Google when searching for "Jeremiah Grossman", and it FINALLY has!

[0x1] Best of Application Security (Friday, Feb. 5)

[0x2] Web 2.0 Pivot Attacks

[0x3] Converting unimplementable Cookie-based XSS to a persistent attack

[0x4] The Web won’t be safe, let alone secure, unless we break it

[0x5] Be Ready -- With Answers

[0x6] Best of Application Security (Friday, Jan. 29)

[0x7] WASC RSA Meet-Up 2010!

[0x8] Best of Application Security (Friday, Jan. 22)

[0x9] Best of Application Security (Friday, Jan. 15)

[0xA] Web-based systems vs. Advanced Persistent Threat

OSVDB Blog :

Everything Is Vulnerable

[0x1] Open Security Foundation - State of the Union 2010

[0x2] January Update: OSVDB Winter 2010 Fundraising Goal

[0x3] Microsoft, Aurora and something about forest and trees?

[0x4] Challenge: OSVDB Winter 2010 Fundraising Goal

[0x5] Adobe, Qualys, CVE and Math

[0x6] OSVDB 2009 Q4 Changelog

[0x7] Creditee System Overhauled

[0x8] Responsible Disclosure - Old Debate, Fresh Aspects?!

[0x9] Search Filters & Custom Exports

[0xA] What I learned from early CVE entries

InfoSecPodcast.com

Information Security related news, opinions and ramblings

[0x1] How-to on securing PDF documents

[0x2] Updating my feed location…thanks Google

[0x3] Most dangerous keywords to search for

[0x4] MIT Lincoln Lab Network Security Software

[0x5] 3 open InfoSec positions at MIT Lincoln Laboratory

[0x6] NAC Panel Discussion: What is the state of NAC?

[0x7] Record IM video on the network?

[0x8] WoW adds 2 factor authentication

[0x9] New blog theme

[0xA] Twitter + Security = Security Twits

SecurityInfoWatch Forums - Discussions for the Security Professional

Security discussion forums on topics of security management, policies, guard services, loss prevention, homeland security, alarm systems, network video, security jobs

[0x1] Toyota

[0x2] Drums, PR and Security

[0x3] The latest in Security Officer opportunities!

[0x4] Is Loss Prevention classified as a Private Protective Service under the law?

[0x5] Pictures from the snow storm

[0x6] Gang free

[0x7] State Reps. don't pay taxes

[0x8] Which states give the most power to security officers?

[0x9] Mock Robbery Training

[0xA] PGS and Northrop Grumman

HBH News Feed

HellBoundHackers RSS Feed

[0x1] Information Disclosure Vulnerability found in IE

[0x2] HBH Updates

[0x3] Firefox 3.6 released

[0x4] Patch for Internet Explorer exploit

[0x5] Google Hacked by China-based attackers

[0x6] Court bans sale of Microsoft Word in US

[0x7] Hackers are defeating tough authentication

[0x8] HBH Signature Competition

[0x9] Hackers steal electronic data

[0xA] New SSL Attack Can Hit Many Sites

chandanlog(3C)

Chandan's blog

[0x1] Fast Forward in Time: Flower Bloom

[0x2] Desktop OS for Personal Computing

[0x3] Netbooks and the end of the Laptop Decade

[0x4] Home Theater Architecture

[0x5] Can you lend me your iPhone for a minute?

[0x6] Doing the same thing again and expecting different results

[0x7] To prevent auto-reply e-mails

[0x8] Secure your Wi-Fi networks now!

[0x9] Notes from the 20th FIRST conference in Vancouver

[0xA] In the heart of Europe

ZDNet UK News - Security News

ZDNet UK News - Security News

[0x1] China breaks up Black Hawk hacking ring

[0x2] Oracle releases out-of-band patch for server hole

[0x3] Mozilla dumps infected add-ons, issues warning

[0x4] Phishing scam spurs EC into security revamp

[0x5] Google may team up with NSA for cyber-defence help

[0x6] Microsoft to plug 26 holes in Windows, Office

[0x7] DNA pioneer 'deeply worried' by database policy

[0x8] Microsoft looking into new Internet Explorer flaw

[0x9] Warning over rogue iPhone apps

[0xA] National database stores 14m number plates a day

InternetNews Realtime News for IT Managers

All the top news, features, analysis and insight into enterprise and Internet technology, geared for IT managers and delivered by the best in the industry.

[0x1] The Biggest Security Breeches of 2009

[0x2] Google Plans to Twitterize Gmail?

[0x3] Welcome to the New IT News Daily

[0x4] Opinion on the iPad Plummets Post-Intro

[0x5] Facebook Pulling Microsoft Banner Ads

[0x6] IBM Power7: Big Blue's Answer to Oracle, Intel

[0x7] Mozilla Firefox to Drop Support of Mac OS X 10.4

[0x8] Chip Stocks Stabilize as Market Fall Continues

[0x9] SAP's CEO Ouster Latest Indication of Troubles

[0xA] Oracle Adds SOA Depth with AmberPoint Deal

Virtual Shadows has MOVED!

[0x1] Virtual Shadows is MOVING!

[0x2] Hacking programmable road signs

[0x3] David Lacey likes my book!

[0x4] Censoring your blog

[0x5] Book launch on Monday Central London

[0x6] ouch ....

[0x7] Achieving miracles when times are tough

[0x8] The book arrived on Tuesday

[0x9] Your iPhone as a wind instrument!

[0xA] China's Net Nannies have been busy

GovInfoSecurity.com Agency Alerts RSS Syndication

GovInfoSecurity.com RSS News Feeds on government information security agency alerts.

[0x1] NIST IR 7628 (Draft): Smart Grid Cybersecurity Strategy and Requirements

[0x2] NIST SP 800-38E: Recommendation for Block Cipher Modes of Operation

[0x3] NIST SP 800-57: Recommendations for Key Management, Part 3

[0x4] GAO: Managing Sensitive Information

[0x5] NIST SCAP Version 1.1: Technical Specification for the Security Content Automation Protocol (DRAFT)

[0x6] Senate Judiciary Committee: Report on Personal Data Privacy and Security Act of 2009

[0x7] NIST: FIPS 140-30 Revised Security Requirements for Cryptographic Modules (Draft)

[0x8] OMB: Proposed FY 2010 FISMA Performance Metrics

[0x9] GAO: DHS's Progress and Challenges in Key Areas of Maritime, Aviation and Cybersecurity

[0xA] ENISA: Cloud Computing - Benefits, Risks and Recommendations for Information Security

Latest Secunia Blog Entries

Secunia collects, evaluates, verifies, and analyses vulnerability information.

[0x1] Secunia integrated with Microsoft WSUS

[0x2] Microsoft IIS Multiple Extensions Security Bypass Clarifications

[0x3] 2,000,000 Secunia PSI users

[0x4] heise online and Secunia introduces Online Vulnerability scanning for German users

[0x5] Announcement of partnership with CERT.PT

[0x6] Microsoft Windows SMB Response Denial of Service Clarifications

[0x7] Secunia CSI 3.0 - Final

[0x8] Congratulations Mozilla

[0x9] Secunia CSI 3.0 - Public Beta

[0xA] Microsoft IIS FTP Server NLST Buffer Overflow Clarifications

Web App Security

Provides insights on the unique challenges which make web applications notoriously hard to secure, as well as attack methods including SQL injection, cross-site scripting (XSS), cross-site request forgery, and more.

[0x1] winAUTOPWN 2.1 - Now you can sleep

[0x2] Dasient mod_antimalware_lite v0.2

[0x3] OWASP for Charities: Haiti relief effort

[0x4] Invitation: nullcon Goa 2010 International Security & Hacking Conference

[0x5] RE: Burp Suite v1.3 released

[0x6] HITB Ezine 'Reloaded' - Issue #001

[0x7] Re: Burp Suite v1.3 released

[0x8] Burp Suite v1.3 released

[0x9] Re: Context App Tool - New Web Application Testing Tool Released

[0xA] RE: Context App Tool - New Web Application Testing Tool Released

HSC Security Portal

Hackers Center Security Portal is one of the most complete, updated and visited Securty portals on the net. We offer Security Blogs, Exploits, Texts, Tools

[0x1] TemperIE

[0x2] Nikto 2

[0x3] hcraft 1.0.0

[0x4] MSNPawn 1.1

[0x5] httprint

[0x6] DIRB

[0x7] WebInject 1.4

[0x8] ht://Check 2.0.0

[0x9] Grabber

[0xA] Wapiti 2.2.1

XSSed syndication

You are welcome to syndicate and share xssed.com contents

[0x1] agriculture.gouv.fr XSS

[0x2] www.economie.gouv.fr XSS

[0x3] www.egov.santos.sp.gov.br XSS

[0x4] www.gov.me XSS

[0x5] www.woc.noaa.gov XSS

[0x6] landslides.usgs.gov XSS

[0x7] www.arb.ca.gov XSS

[0x8] adoption.state.gov XSS

[0x9] www.dsto.defence.gov.au XSS

[0xA] innerweb.nr.utah.gov XSS

pentestmonkey.net

Latest ramblings of the monkey...

[0x1] New Web Application Scanner: Netsparker

[0x2] Cross-Site Request Forgery For POST Requests With An XML Body

[0x3] exploit-suggester Update: v0.3

[0x4] YaptestFE Update: v1.1

[0x5] Yaptest Update: v0.2.1

[0x6] unix-privesc-check Update: v1.4

[0x7] Informix SQL Injection Cheat Sheet

[0x8] unix-privesc-check Update: v1.3

[0x9] exploit-suggester Update: v0.2

[0xA] Preventing Web-based Directory Enumeration Attacks Against IIS

Hackyourself.net Information Security Blog

Hack Yourself...before someone else does!

[0x1] Where are the DBAs?

[0x2] Some Free Web App Security Testing Tools & Resources

[0x3] CWE Top 25 Breakdown – Part 3 of 4

[0x4] CWE Top 25 Breakdown – Part 2 of 4

[0x5] CWE Top 25 Breakdown – Part 1 of 4

[0x6] Should I be worried about my web applications?

[0x7] Does PCI Compliance Work?

[0x8] Top 10 Issues Observed During Pen Tests in 2008

[0x9] A PHP Framework Worth Looking Into

[0xA] OSI is Dead

LinuxSecurity.com: EnGarde_Secure_Linux Advisories

The central voice for Linux and Open Source security news.

[0x1] Study: Spammers use e-mail ID to gain legitimacy

[0x2] Review: Mod-Security 2.5 by Magnus Mischel

[0x3] EnGarde Secure Community Release Notes 3.0.10

[0x4] EnGarde Secure Community 3.0.8 Release Notes

[0x5] EnGarde Secure Community 3.0.7 Release Notes

[0x6] EnGarde Secure Community 3.0.6 Release Notes

[0x7] EnGarde Secure Community 3.0.5 Release Notes

[0x8] EnGarde Secure Community 3.0.4 Release Notes

[0x9] EnGarde Secure Community 3.0.3 Release Notes

[0xA] EnGarde Secure Community 3.0.2 Release Notes

FaberBrent Security Blog

Security risk resilience TSCM debugging security news corporate espionage counter surveillance covert investigations counter terrorism ITSEC Bug sweeping

[0x1] The birth of the mobile phone and PCI payment

[0x2] Nearly half of Brits use the same password for all accounts

[0x3] $27 billion lawsuit could fold due to $50 covert surveillance device

[0x4] Shocking - The DWP do not keep records of how many times your data has been abused

[0x5] Met Police report shows CCTV costs £20,000 per single conviction - how many would an extra officer get per year?

[0x6] Charity offices bugged

[0x7] Mobile-phone handset complexity - the criminals friend.

[0x8] The security lessons from Britian's largest jewellery robbery

[0x9] Labour MP and Dutch VIP's suffer website data leaks found by a Google search

[0xA] Black-hatter shows how to utilise memory in Apple keyboard to create a hardware key-logger

OSF Data Loss - The Blotter

This feed contains the latest blotter articles posted to datalossdb.org.

[0x1] Gym rat: Leader of ID theft ring sentenced to prison

[0x2] Police Show How Easy Identity Theft Can Be

[0x3] Calif. man sentenced in Idaho for identity theft

[0x4] Woman sentenced to 34 years for identity theft of Irving ISD teachers

[0x5] Recession causes huge rise in identity fraud

[0x6] Texas man convicted in credit card theft

[0x7] Police: Major ID Theft, Crime Ring Busted

[0x8] Incidents of identity theft up by 32pc

[0x9] COMMENTARY: Massachusetts businesses must gird for new data security laws

[0xA] Anatomy of a Data Breach (Card Sharp)

Penetration Testing

While this list is intended for "professionals", participants frequenly disclose techniques and strategies that would be useful to anyone with a practical interest in security and network auditing.

[0x1] RE: SMS Banking

[0x2] Tools Update - Fist week of February 2010

[0x3] NEMESIS linux packet injection command line tool - IP options file as input argument

[0x4] Re: pentesting voip network-please help

[0x5] Re: SMS Banking

[0x6] Dradis Framework v2.5 is out!

[0x7] RE: SMS Banking

[0x8] Re: pentesting voip network-please help

[0x9] RE: Flash Web Application

[0xA] Re: Nessus, Harmful?

The SMB Minute

The SMB Minute

[0x1] Your photos are NOT posted online

[0x2] More Phishing attempts

[0x3] Interview with Chris Nickerson Part 2, NOW with BETTER audio

[0x4] Interview with Chris Nickerson (part 1)

[0x5] More fake antivirus

[0x6] Great Resource for Windows 7 tweaks.com

[0x7] We’re Conducting a Survey

[0x8] Facebook Phishing/Scam

[0x9] Cloud data

[0xA] HP battery recall

Free IT - Data Management Magazines and Downloads from bestsecuritytips.tradepub.com

Free publications and offers about databases and data management.

[0x1] Faster, Cheaper and Easier to Maintain: Can You Afford Not to Upgrade Your Servers to Today's Advanced, Energy-Efficient Technologies?

[0x2] F5 Virtualization Guide: Seven Key Challenges You Can't Ignore

[0x3] The Economic Impact of File Virtualization: Reducing Costs and Improving Efficiency for File-Based Storage

[0x4] Optimizing VMware View VDI Deployments with F5

[0x5] Connecting to the Cloud with F5 and VMware VMotion

[0x6] Application Automation in Enterprise Workload Automation

[0x7] Information Technology Adviser

[0x8] Oracle E-Business Suite Automation Kit

[0x9] Intelligent Service Automation for the Oracle E-Business Suite

[0xA] Improve your ROI for JD Edwards EnterpriseOne

BankInfoSecurity.com Blogs RSS Syndication

BankInfoSecurity.com.com Blog RSS Feeds

[0x1] New Information Security Survey - Why it Matters

[0x2] The Problem with Passwords

[0x3] 'Blippy' Gives Green Light to Spear Phishers

[0x4] Trends, Threats and Thought-Leaders

[0x5] Mystery Shoppers: The Latest Fraud Scheme

[0x6] 3 Steps to Protect Your IT from China-Like Attack

[0x7] Heartland One Year Later: What Have We Learned?

[0x8] Call to Duty: Security Professionals Must Give Back to Communities

[0x9] Identity Self-Defense: The Power of PIV

[0xA] Haitian Tragedy Inspires Fraudsters

GNUCITIZEN

Information Security Think tank

[0x1] Old-school Remote Command Exec Vulnerabilities on Avaya Intuity

[0x2] Skydive

[0x3] Free Web Application Security Testing Tool

[0x4] Of Sec Cons and Magstripe Gift Cards

[0x5] CVE-2009-1151: phpMyAdmin Remote Code Execution Proof of Concept

[0x6] Hacking Linksys IP Cameras (pt 5)

[0x7] Breaking Into a Home With an iPhone

[0x8] Extensions at War

[0x9] Exploit Sweatshop

[0xA] Jeriko Group and Source Code Repository

BigBlog.com: Computer Security

The latest in Computer Security

[0x1] SPYRUS Proud to Be Shipping Devices Implementing Higher Security XTS-AES Mode of AES Encryption Recently Added to FIPS 140-2

[0x2] SPYRUS Proud to Be Shipping Devices Implementing Higher Security XTS-AES Mode of AES Encryption Recently Added to FIPS 140-2

[0x3] Spammers hard at work

[0x4] Edward Gibson, Former Chief Cyber Security Advisor for Microsoft LTD in the U.K., Joins PricewaterhouseCoopers' U.S. Forensic Technology Solutions Practice

[0x5] Thales Adds Multipoint Capability to its Datacryptor Ethernet Layer 2 Network Encryptors

[0x6] Bank slammed after hackers steal $378,000 from Poughkeepsie

[0x7] Edward Gibson, Former Chief Cyber Security Advisor for Microsoft LTD in the U.K., Joins PricewaterhouseCoopers' U.S. Forensic Technology Solutions Practice

[0x8] China: Hacker training Web site shut down

[0x9] Edward Gibson, Former Chief Cyber Security Advisor for Microsoft LTD in the U.K., Joins PricewaterhouseCoopers' U.S. Forensic Technology Solutions Practice

[0xA] Edward Gibson, Former Chief Cyber Security Advisor for Microsoft LTD in the U.K., Joins PricewaterhouseCoopers' U.S. Forensic Technology Solutions Practice

LinuxSecurity.com: OpenBSD Advisories

The central voice for Linux and Open Source security news.

[0x1] Study: Spammers use e-mail ID to gain legitimacy

[0x2] Review: Mod-Security 2.5 by Magnus Mischel

[0x3] OpenBSD: kernel heap overflow in IPsec

[0x4] OpenBSD: login_radius security flaw

[0x5] OpenBSD: Xpm security fix

[0x6] OpenBSD: zlib reliabilty fix

[0x7] OpenBSD: cvs Multiple vulnerabilities

[0x8] OpenBSD: cvs Heap overflow vulnerability

[0x9] OpenBSD: procfs Incorrect bounds checking vulnerability

[0xA] OpenBSD: cvs Pathname validation vulnerabilities

HolisticInfoSec.org

The HolisticInfoSec.org blog includes follow-up on previously written articles and research, as well as the occasional rant. While the goal is promoting standards, simplicity, and efficiency in achieving holistic information security, we occasionally rally against industry shortcoming where necessary.

[0x1] Directory traversal as a reconnaissance tool

[0x2] toolsmith: Firefox Addons for the Security-minded

[0x3] Online finance flaw: Ameriprise FAIL...again

[0x4] DEF CON 17 CSRF Videos Remastered

[0x5] Drilling into web application flaws & HIPAA: the root of the issue

[0x6] XSSing Bob: At least GoDaddy got this one right

[0x7] Single Packet Authorization: The Ghost in the Machine

[0x8] Book Review: ModSecurity 2.5

[0x9] Russ = Rogueware: Is nothing sacred?

[0xA] Maltego is the 2009 Toolsmith Tool of the Year

Twitter / i0n1c

Twitter updates from Stefan Esser / i0n1c.

[0x1] i0n1c: @jf Oh I see you are in a good mood today

[0x2] i0n1c: PH0PACK - a nice name for a PHP app 0 day package :P

[0x3] i0n1c: @lapistano The sushi man has problems organizing himself.He lost my email reservation for yesterday.Luckily we were early enough...

[0x4] i0n1c: Is there any widespread 64 bit platform where heap is still executable?

[0x5] i0n1c: Just uploaded the infected class2.php from the e107 backdoor incident again to #virustotal . The only engine warning: ClamAV - PHP.ShellExec

[0x6] i0n1c: I really would like to visit CanSecWest this year, but ...

[0x7] i0n1c: Genau auf Karneval geboren zu sein ist ein besseres Gefühl, als 9 Monate danach.

[0x8] i0n1c: @dragosr Is the CanSecWest conference discount hotel rate booked out? Or why is the link dead?

[0x9] i0n1c: Since when do you post youtube videos of 0-day exploits that contain your IP? #kcope #fail

[0xA] i0n1c: @LambdaCube Haha... No wonder! Your flight to BH Europe is a bit early :P

ITWeb News Feed

Latest ICT news

[0x1] Kaspersky reveals six newcomers

[0x2] DCC extends Dell partnership

[0x3] Nokia waters its green strategy

[0x4] Social networking transforms data warehousing

[0x5] Miscommunication damages projects

[0x6] The data warehouse equals profit base

[0x7] Panda, Against Intuition fight cyber crime

[0x8] Building a Web 2.0 enterprise

[0x9] iBurst looks to newly licensed

[0xA] More fuss over Nyanda's cars

The Falcon's View

Mental meanderings of an infosec obsessive...

[0x1] Buy My ShmooCon Ticket!!

[0x2] Another ISSA Journal Cover

[0x3] BSides or Be Square: San Francisco and Austin

[0x4] Simply Unfair: The NFL OT Rules

[0x5] Non-Fiction: The 50th Law & Managing Softly

[0x6] Much Adieu: MS Search Data

[0x7] Makin' the Grade: On the D-List

[0x8] Do We Give Google Too Much?

[0x9] DIRECTV's Billing System of Doom

[0xA] Newark Breach Hype to Hysteria

Twitter / exploitdb

Twitter updates from Exploit Database / exploitdb.

[0x1] exploitdb: Blue Dove Sql Injection Vulnerability http://url4.eu/1LfGm

[0x2] exploitdb: JaxCMS v1.0 Local File Include Vulnerability http://url4.eu/1LKOe

[0x3] exploitdb: TinyMCE WYSIWYG Editor Multiple Vulnerabilities http://url4.eu/1L7oN

[0x4] exploitdb: Uiga Business Portal SQL/ XSS Vulnerability http://url4.eu/1L7V3

[0x5] exploitdb: Rostermain http://url4.eu/1L6bI

[0x6] exploitdb: EncapsCMS http://url4.eu/1L6bH

[0x7] exploitdb: Killmonster http://url4.eu/1KwCb

[0x8] exploitdb: Croogo v1.2.1 Multiple CSRF Vulnerabilities http://url4.eu/1Kv3N

[0x9] exploitdb: Joomla Component com_productbook SQL Injection Vulnerability http://url4.eu/1Kv3M

[0xA] exploitdb: Solaris/Open Solaris UCODE_GET_VERSION IOCTL Denial of Service http://url4.eu/1Kurm

GovInfoSecurity.com Articles RSS Syndication

GovInfoSecurity.com.com RSS News Feeds on government information security articles.

[0x1] Are You Ready for the Risk of Mobile Malware?

[0x2] China: Police Shutter Hacker Site

[0x3] Melissa Hathaway Joins Terremark's Board

[0x4] Technology as a Substitute for the IT Security Pro

[0x5] House Passes Cybersecurity Enhancement Act

[0x6] NASA IT Vulnerable to Disruption

[0x7] Cyber Scholarship to Require More Work

[0x8] Response to Obama on Regulatory Reform - Christie Sciacca, ex-FDIC

[0x9] Howard Schmidt: In His Own Words

[0xA] Navy Establishes Cyberspace Command

Gizmo's Freeware: Top selections

The best freeware finds from Gizmo's Freeware (www.techsupportalert.com)

[0x1] Free Utility Does Your PC Maintenance with the Click of a Button

[0x2] Updated: Where To Find Great Web Apps

[0x3] New Free Edition of Paragon Backup & Recovery Impresses

[0x4] Updated: Probably the Best Free Security List in the World

[0x5] Updated: Best Free Rootkit Scanner/Remover

[0x6] Free Music Player, Organizer, Tagger and More

[0x7] New Gizmo Caps and T Shirts Look Cool

[0x8] Will Your Software Run on Windows 7?

[0x9] How to Schedule Programs to Run Automatically

[0xA] Best Free Software for Linux

CSOONLINE.com - Application Security

[0x1] Why CSOs Should Care About ShmooCon

[0x2] ShmooCon | Your iPhone's Dirty Little Security Secret

[0x3] ShmooCon | Inside FarmVille's Sinister Underbelly

[0x4] ShmooCon | P2P Snoopers Know What's In Your Wallet

[0x5] Timeline: A Decade of Malware

[0x6] Accusations Fly Over Voice Encryption Hack

[0x7] Botnet Targets Major Web Sites with Junk SSL Connection

[0x8] Facebook, Twitter, Social Network Attacks Tripled in 2009

[0x9] Congressional Websites Hacked Near Obama Speech

[0xA] Report: Layer 7 Increasingly Under DDoS Gun

Security Tools News & Tips

Just another WordPress weblog

[0x1] Microsoft Security Essentials

[0x2] NSMXpress

[0x3] Korea to train 3,000 ‘cyber sheriffs’

[0x4] FortiClient standard edition

[0x5] 10 Solid Tips to Safeguard Your Facebook Privacy

[0x6] K9 Web Protection

[0x7] Check Point Power-1 Appliances

[0x8] Wordpress blogs hacked – Upgrade your Wordpress NOW!

[0x9] Cisco ASA 5500 Series Firewall

[0xA] (IN)SECURE Magazine Issue 22 is out

IT Management & Trends White Papers

CIO, Emerging Technologies, and Project Management White Papers

[0x1] Insiders' Guide to Evaluating Remote Control Software

[0x2] Best-Practice Automation of Invoice Delivery from SAP(R) Solutions - Keeping Customers Satisfied While Making the Move

[0x3] The Learning Organization Goes Digital

[0x4] 10 Tips - IT Training Support

[0x5] How to Make Your IT Staff Smarter

[0x6] Improving Application Development with Digital Libraries

[0x7] Working Green with Digital Libraries - How it Can Help

[0x8] Minimizing Technology Project Delays with Digital Libraries

[0x9] How VMware Virtualization Right-sizes IT Infrastructure to Reduce Power Consumption

[0xA] Reduce Energy Costs and Go Green with VMware Virtualization

Internet Security News - SecurityProNews

Breaking news and top stories from the world of Internet security.

[0x1] Google Goes After Impersonator Scammers

[0x2] Senate Uncovers Online Credit Card Tricks

[0x3] McAfee: Cyberwarfare A Big Threat

[0x4] ICSA Labs Finds Flaws In New Security Products

[0x5] Nigeria Announces Early Results Of Anti-Scammer Initiative

[0x6] MessageLabs Names Most- (And Least-) Spammed States

[0x7] Enormous Malware Archive Creates Stir

[0x8] Avsim Hacker (Maybe) Brought Before Cops

[0x9] Email Password Hackers Present Real Threat

[0xA] Laptops, CDs Alarm Governors, Credit Unions

Deb-Tech

[0x1] Beware of fake Firefox updates

[0x2] The new laptop: I went with my heart, not with my head

[0x3] iPad? iDon’tThinkSo

[0x4] Ebook readers in violation of the ADA?

[0x5] Here’s why I ignored your Facebook friend request

[0x6] Will Apple bring the Tablet back to Life?

[0x7] Omnia II, Part II

[0x8] ‘Tis the Season to Be on the Look Out for Email Scams

[0x9] Getting to Know the Samsung Omnia II

[0xA] Ding, Dong – the Dell is Here

BankInfoSecurity.com "The Agency Insider" Blog RSS Syndication

BankInfoSecurity.com.com RSS Feeds for The Agency Insider blog.

[0x1] The Problem with Passwords

[0x2] 'Blippy' Gives Green Light to Spear Phishers

[0x3] Mystery Shoppers: The Latest Fraud Scheme

[0x4] Heartland One Year Later: What Have We Learned?

[0x5] Haitian Tragedy Inspires Fraudsters

[0x6] Heartland/Visa Settlement Raises Questions

[0x7] The Security Professional's Wish List for 2010

[0x8] Could This Senior Citizen 'Lottery Winner' Be A Customer Of Yours?

[0x9] 'Tis the Season: Add Security to Holiday Greetings

[0xA] Is 2009 The Year of The Phish?

lkml.org :

lkml.org - the realtime linux kernel mailinglist archive

[0x1] [PATCH] ssb: Fix CONFIG_SSB_SDIOHOST typo

[0x2] Re: [PATCH] strcmp: fix overflow error

[0x3] Re: 64-bit DMA problems with BCM4312 using b43

[0x4] Re: CVE-2009-2584

[0x5] Re: pull request: wireless-next-2.6 2009-10-28

[0x6] Re: pull request: wireless-next-2.6 2009-10-28

[0x7] Re: [Bug #14278] New message "NOHZ: local_softirq_pending 08" at e ...

[0x8] Re: NOHZ: local_softirq_pending 08

[0x9] Re: b43: do not stack-allocate pio rx/tx header and tail buffers ( ...

[0xA] Re: [PATCH] b43: add 'struct b43_wl' missing declaration

Evilcodecave's Weblog

Just another RCE Weblog

[0x1] Rootkit Agent.adah Anatomy and Executables Carving via Cryptoanalytical Approach

[0x2] PHP/Spy.Bull Cryptanalysis of Encryption used and Threat Analysis

[0x3] Siberia ExploitPack and PDF Exploit Analysis

[0x4] DNAScan Malicious Network Activity Reverse Engineering

[0x5] Avast aswRdr.sys Kernel Pool Corruption and Local Privilege Escalation

[0x6] PHPSpyScanBot Analysis

[0x7] [Crimeware] Researches Reversing about Eleonore Exploit Pack

[0x8] [Crimeware] Researches and Reversing about Eleonore Exploit Pack

[0x9] [Malware] BDS/PHP.Agent.DW.8 Dissection

[0xA] [Malware] PHP-PBot Dissection

Netcraft

[0x1] Most Reliable Hosting Company Sites in January 2010

[0x2] January 2010 Web Server Survey

[0x3] National Rail website affected by snow

[0x4] Most Reliable Hosting Company Sites in December 2009

[0x5] December 2009 Web Server Survey

[0x6] Most Reliable Hosting Company Sites in November 2009

[0x7] 24 of the 100 top HTTPS sites now safe from TLS renegotiation attacks

[0x8] November 2009 Web Server Survey

[0x9] Most Reliable Hosting Company Sites in October 2009

[0xA] Koala loses a little karma with Ubuntu.com

Splunk Blogs

[0x1] Splunk4 + Instant Messaging = SplunkAIM

[0x2] SQL Injections: The Splunk Method for Auditing Your Application Security Model

[0x3] Be successful with Splunk in about an hour…

[0x4] Splunk memory use patterns

[0x5] Parsing the Splunk Timezone Format

[0x6] One of World’s Largest Financial Firms Presents at Splunklive Boston

[0x7] Customer Presentations Draw Record North American Attendance to Splunklive Boston

[0x8] Encrypting and Decrypting Fields

[0x9] The Splunkers are coming! The Splunkers are Coming! Boston SplunkLive this Thursday.

[0xA] Having trouble finding Splunk for Free?

CSOONLINE.com - Supply Chain

[0x1] Supply Chain Security Threats: 5 Game-Changing Forces

[0x2] Chemical Spill Response: How Dow is Training Small Town America to Handle Hazmat Emergencies

[0x3] SLIDESHOW: Chemical Safety Training

[0x4] Swine Flu: How to Make Biz Continuity Plans

[0x5] UPDATED: Pandemic Preparedness Primer

[0x6] What New Air Cargo Security Rules Mean for Business

[0x7] CBP and Smart Containers: What Does It Know?

[0x8] 3 Global Risks to Business in 2009

[0x9] 10 Steps to Loading Dock Security

[0xA] Loading Docks in Multitenant Buildings

InternetNews Realtime News for IT Managers

All the top news, features, analysis and insight into enterprise and Internet technology, geared for IT managers and delivered by the best in the industry.

[0x1] The Biggest Security Breeches of 2009

[0x2] Google Plans to Twitterize Gmail?

[0x3] Welcome to the New IT News Daily

[0x4] Opinion on the iPad Plummets Post-Intro

[0x5] Facebook Pulling Microsoft Banner Ads

[0x6] IBM Power7: Big Blue's Answer to Oracle, Intel

[0x7] Mozilla Firefox to Drop Support of Mac OS X 10.4

[0x8] Chip Stocks Stabilize as Market Fall Continues

[0x9] SAP's CEO Ouster Latest Indication of Troubles

[0xA] Oracle Adds SOA Depth with AmberPoint Deal

Computer Security News

News on Computer Security continually updated from thousands of sources around the net.

[0x1] Security chip that does encryption in PCs hacked

[0x2] Cybersecurity stocks look hot in 2010

[0x3] Google cyber attacks a wake-up call for US: Intelligence chief

[0x4] Verint Systems Expands Workforce Optimization Suite with Acquisition of Iontas

[0x5] Botnet targets major Web sites with junk SSL connection

[0x6] Senator Questions Tech Companies on China Activities

[0x7] Experts offer tips to protect your identity on social networking sites

[0x8] Malware Continues to be a Challenge to Internet Security

[0x9] Verisign slow to take down malware sites, says researcher

[0xA] Group requests details on Google, NSA partnership

Voice&Data RSS Feed

Aggregate RSS Feed

[0x1] QoS may be the answer for mobile operators

[0x2] Inefficient document production costs councils millions

[0x3] AARnet and Southern Cross Cable extend partnership

[0x4] Why use SIP for IP communications?

[0x5] Apple iPad device with high-resolution Multi-Touch display

[0x6] Tripwire Log Centre log and event management software solution

[0x7] Symantec Backup Exec 2010 backup and recovery solution

[0x8] Symantec NetBackup 7 protection, storage and recovery platform

[0x9] IsatPhone Pro global handheld service

[0xA] Transforming a data centre is a sheer necessity

Jeff Jones Security Blog

Looking at Security from All Angles. Security is not simple, so we should try not to simplify it to the point of uselessness.

[0x1] End of Year – Clean Up Your E-Mail

[0x2] Expanding SDL for Cloud and Agile Development

[0x3] SDL Team Adds Test Tools to the SDL Tools Arsenel

[0x4] Project Quant Patch Management Survey Summary and Results – Available for Download

[0x5] Project Quant Open Patch Management Metric Model – Ready for Download

[0x6] Microsoft Security Essentials Beta Full in One Day

[0x7] Microsoft Free Anti-Malware (Morro/Microsoft Security Essentials) Released as Beta

[0x8] Open Patch Management Survey

[0x9] Project Quant : Patch Management Cycle

[0xA] Mythbusters jamie and Adam – Final Keynote RSA 2009

Technibble

A Resource for Computer Repair Technicians & to get PC tech support help.

[0x1] Windows 7 Battery Life

[0x2] The Answer To 2 Common Computer Technician Questions

[0x3] Starbucks Gift Card Scam

[0x4] Windows Reliability and Stability Fix

[0x5] February Patch Tuesday

[0x6] New IE Disclosed Vulnerability

[0x7] iMac Delays Caused By Popularity

[0x8] PstPassword – Repair Tool of the Week

[0x9] Windows 7 Notebook Battery Life

[0xA] Windows 7 RC Shut-Down

PandaLabs Blog

everything you need to know about Internet threats

[0x1] Distributing malware through Facebook

[0x2] 2nd Security Blogger Summit

[0x3] Microsoft Support informs you…

[0x4] Spam using Twitter and Youtube

[0x5] Ex-girlfriend worm

[0x6] You’ve received a (malicious) postcard

[0x7] This time it’s Apple iPad’s turn

[0x8] unNamed App (Updated)

[0x9] The Hell Angels or, better said, the Malware Angels…

[0xA] MS10-002 Exploit Constructor

War on Error

One day they'll laugh at what we think is secure. Thankfully, we won't be there to hear them...

[0x1] Pirates built online music so why not eBooks too?

[0x2] The lesson of the Twitter hack: Passwords are pitiful

[0x3] The lesson of the Twitter hack. Passwords are pitiful.

[0x4] The iPad, Apple's finest hour. Says an Apple hater

[0x5] The iPad, Apple's finest hour. Says an Apple hater.

[0x6] Johnny Depp's demise? True for 15 minutes

[0x7] Clinton waves fist at China

[0x8] Who is to blame for the Google hack? Everyone

[0x9] Who is to blame for the Google hack? Everyone.

[0xA] Who to blame for the Google hack? Everyone.

Search Engine Watch Discussion Forums

Search Engine Watch Forums

[0x1] Will HTML5 Replace SEO's?

[0x2] PR value time frame for new sites

[0x3] Keyword Optimization Plan

[0x4] Free real estate property submission

[0x5] Link building too fast?

[0x6] Website Architecture

[0x7] Measuring Keyword Effectiveness for each ad

[0x8] Starting New SEO company

[0x9] Can any one recommend a link building company

[0xA] Yahoo/Overture PPC Rebates

ITtoolbox Downloads

[0x1] Using WebSphere DataStage with IBM DataMirror Change Data Capture

[0x2] Extend and Reuse Existing Mainframe Functions Through SOA - Part 4 of the Roadmap To Reduce Webcast Series

[0x3] Consolidate Applications From Non-Strategic Platforms Onto z/OS - Part 3 of the Roadmap To Reduce Webcast Series

[0x4] Tech Talk:: Strategic Solutions To Help Solve Top Issues In The Data Center Today

[0x5] How Safe Is Your Network? - Analyst #1 Choice for Vulnerability Management - Free Trial

[0x6] Always be Open for Business

[0x7] Make Compliance Work for You

[0x8] Reduce Operational Costs By Up To 95% - Part 1 of the Roadmap To Reduce Webcast Series

[0x9] Increase productivity by up to 40% - Part 2 of the Roadmap To Reduce Webcast Series

[0xA] Database Trends and Applications Survey Results: The Freshest BI Data from the Journal of Enterprise Data Management

Boycott Novell

Exploring the reality behind exclusionary deals with Microsoft and their subtle (yet severe) implications

[0x1] IRC: #boycottnovell @ FreeNode: February 8th, 2010

[0x2] Links 8/2/2010: Linux 2.6.33 RC7 and Parsix GNU/Linux 3.0r2 Released

[0x3] Xbox 360 Still Under Many Lawsuits

[0x4] Facebook and Microsoft Revisited; New Examples of Microsoft Entryism

[0x5] Microsoft Still Exploits the Taxpayers-Funded NASA to Spread Silver Lie and Close Down Research

[0x6] Microsoft ‘Cloud’ Falls Offline for a Quarter of a Day, Zune ‘Cloud’ Deletes Music, Microsoft Shop Also Kaput

[0x7] Ubuntu Perspectives: Signs of Change

[0x8] Apple’s Newton Executive Negative About Apple’s Latest Attempts at a Shinier Newton

[0x9] Microsoft Loses Another Vice President, Management Vacuum Alarms the Press

[0xA] IRC: #boycottnovell @ FreeNode: February 7th, 2010

BankInfoSecurity.com "Information Technology Risk Management" Blog RSS Syndication

BankInfoSecurity.com.com RSS Feeds for Information Technology Risk Management blog.

[0x1] An Open Letter to Heartland CEO Robert Carr

[0x2] Risk Management, Compliance and Industry Standards

[0x3] Events of 2008 and What They Have Taught Us

[0x4] The Rescue Plan: Bringing Confidence Back to the Credit Markets

[0x5] Economic Crisis: Who Do We Blame Next?

[0x6] Bank of Asia Experience Teaches us: Get Ahead of the News

[0x7] WaMu is NoMore!

[0x8] Picking up the Pieces from 'Bloody Monday'

[0x9] TJX Case Indictments: Lessons Learned

[0xA] Banking Crisis Hits Home with Community Institutions

DarkReading - All Stories

DarkReading

[0x1] 'Rugged' Initiative Brings Secure Software Development To The Masses

[0x2] Database Account-Provisioning Errors A Major Cause Of Breaches

[0x3] Twitter Gives Details On Phishing Attack

[0x4] Test: Most Web Application Scanners Missed Nearly Half Of Vulnerabilities

[0x5] House Mulls First Major Cybersecurity Bill

[0x6] IBM ISS Researcher Exposes Holes In Cisco's Internet Surveillance Architecture

[0x7] Researcher Cracks Security Of Widely Used Computer Chip

[0x8] Black Hat DC: Researchers Reveal Connection String 'Pollution' Attack

[0x9] Product Watch: Microsoft Rolls Out Free SDL Code For 'Agile' Development

[0xA] Botnet Floods Major Websites With Fake SSL Connections

BankInfoSecurity.com "Secure Marketspace" Blog RSS Syndication

BankInfoSecurity.com.com RSS Feeds for Secure Marketspace blog.

[0x1] A World Without Payment Cards (and PCI Compliance)

[0x2] Multi-Factor Authentication ... or be Sued?

[0x3] Obama's "Big Brother" Vision of IAM

[0x4] 60 Technology & Security Vendor Interviews in 400 Minutes

[0x5] It's Not a Matter of Trust, It's a Matter of Honesty

[0x6] Electronic Voting: The Ultimate Online Banking Application

[0x7] FinancialStability.gov - From Translucent to Transparent

[0x8] Predicting the Next Regulatory Challenge for Financial Institutions

[0x9] How Google Will Save the Banking Industry (and the U.S. Economy)

[0xA] Credit Crisis as a Segue to a New Financial Model

Zscaler Research

The Zscaler Research Team is focused on bleeding edge web security research in the cloud computing era. This blog provides an opportunity for us to share our thoughts and ideas and interact with the community at-large. We welcome your feedback and encourage you to join the dialogue.

[0x1] Indian Gov't Site Victim of Ad Campaign

[0x2] The Death of IE 6 is Greatly Exaggerated

[0x3] Blackhat SEO is New Spam

[0x4] IE 0-Day on GOV.CN

[0x5] Watch out Bill Gates...

[0x6] What we can learn from Google's China attack

[0x7] Haiti Earthquake Also Rocks Internet (Update)

[0x8] Haiti Earthquake Also Rocks Internet

[0x9] Malware attacks on Winter Solstice - Shortest day of the year 2009

[0xA] Beware of SEO attacks

Free Network / Communications Magazines and Downloads from bestsecuritytips.tradepub.com

Free publications about networking and communication technologies and management.

[0x1] Next -Generation Management Software for Blade Environments

[0x2] Rethinking Server Virtualization: Breaking Performance and Manageability Barriers

[0x3] HP Expands Server Toolkit Provides Enhanced Options for Data Center

[0x4] Faster, Cheaper and Easier to Maintain: Can You Afford Not to Upgrade Your Servers to Today's Advanced, Energy-Efficient Technologies?

[0x5] SharePoint Site Migration Management Software FREE 15-Day Trial

[0x6] F5 Virtualization Guide: Seven Key Challenges You Can't Ignore

[0x7] Gartner Research: Load Balancers Are Dead: Time to Focus on Application Delivery

[0x8] Gartner Research: Magic Quadrant for Application Delivery Controllers, 2009

[0x9] VMware DRS: Why You Still Need Assured Application Delivery and Application Delivery Networking

[0xA] Optimizing VMware View VDI Deployments with F5

StoneBlog.stonesoft.com

Share knowledge about StoneGate

[0x1] Advanced Certificate to User Attributes Mapping in SSO

[0x2] StoneGate 5.1: IPsec VPN Client enhancements

[0x3] SSL VPN 1.4 Feature Previews

[0x4] StoneGate 5.1: Other enhancements

[0x5] StoneGate 5.1: Automatic CA renewal

[0x6] StoneGate 5.1: 3rd Party monitoring enhancements

[0x7] StoneGate 5.1: 64-bit Operating System support for SMC

[0x8] StoneGate 5.1: 3G interfaces for FW

[0x9] StoneGate 5.1: Web filtering

[0xA] StoneGate 5.1 feature previews

msnbc.com: Security

Msnbc.com is a leader in breaking news and original journalism.

[0x1] Security expert cracks PC encryption chip

[0x2] Chinese police shut down hacker training op

[0x3] Sponsored By:

[0x4] Chinese-born spy gets 15 years in prison

[0x5] Microsoft: Pirated software still sold in Russia

[0x6] The Internet will watch you FAIL!

[0x7] ‘Technostress’ to downside of modern technology

[0x8] Police: Fugitive's Facebook info leads to arrest

[0x9] Dueling rulings on school MySpace discipline

[0xA] Russian paper back online after hacker attack

Exotic Liability

Exotic Liability

[0x1] Exotic Liability 48: Benevolent

[0x2] Exotic Liability 47: Fast Forward

[0x3] Exotic Liability 46: Ninja Grillz

[0x4] Exotic Liability 45: The Couch

[0x5] Exotic Liability 44: A New Year of Terrorism

[0x6] Exotic Liability 43: An Exotic Christmas

[0x7] Exotic Liability 42: Tom Brennan

[0x8] Exotic Liability 41: That's My Face

[0x9] Exotic Liability 40: The CN vs .cn

[0xA] Exotic Liability 39: Marcus J. Carey

pSeries Tech Talk Forums

Free resource for IBM pSeries support, AIX support, Power Linux support and the latest information on IBM pSeries server virtualization.

[0x1] rajeshbreddy Intro

[0x2] msojdehei01 Intro

[0x3] poulpito Intro

[0x4] AIX v5.1 problem with terminal setting aix

[0x5] rsdoku Intro

[0x6] some practice for IBM 000-025 exam

[0x7] AIX v6.1 System Director on Power 4

[0x8] rits0m Intro

[0x9] Front plate error B150F22A or B121F2DF

[0xA] Front plate error B150F22A or B121F2DF

Business: Security Articles from EzineArticles.com

EzineArticles.com - Trusted By Millions as The Source For Quality Original Articles

[0x1] How to Choose an Alarm Company

[0x2] The Confidentiality Agreement and Paper Shredding Companies

[0x3] Instant Online Background Check - Your Easy Way to Check an Individual's Background

[0x4] How Defense Contractors Get a Facility Security Clearance

[0x5] The NISPOM is For All Cleared Employees, Not Just the FSO

[0x6] When is Accountability of Classified Information Required in NISPOM?

[0x7] IP Megapixel Cameras

[0x8] IP Megapixel Cameras

[0x9] Samsung Techwin

[0xA] Using Wireless Security to Protect Warehouse Assets

US-CERT Technical Cyber Security Alerts

US-CERT Technical Cyber Security Alerts provide timely information about current security issues, vulnerabilities, and exploits.

[0x1] TA10-021A: Microsoft Internet Explorer Vulnerabilities

[0x2] TA10-013A: Adobe Reader and Acrobat Vulnerabilities

[0x3] TA10-012B: Microsoft Windows EOT Font and Adobe Flash Player 6 Vulnerabilities

[0x4] TA10-012A: Oracle Updates for Multiple Vulnerabilities

[0x5] TA09-343A: Adobe Flash Vulnerabilities Affect Flash Player and Adobe AIR

[0x6] TA09-342A: Microsoft Updates for Multiple Vulnerabilities

[0x7] TA09-314A: Microsoft Updates for Multiple Vulnerabilities

[0x8] TA09-294A: Oracle Updates for Multiple Vulnerabilities

[0x9] TA09-286B: Adobe Reader and Acrobat Vulnerabilities

[0xA] TA09-286A: Microsoft Updates for Multiple Vulnerabilities

Open Source Security

Discussion of security flaws, concepts, and practices in the Open Source community

[0x1] gnome-screensaver vulnerability (CVE-2010-0414)

[0x2] Re: CVE request: information leak / potential crash in sys_move_pages

[0x3] CVE request - kernel: ima: fix null pointer dereference

[0x4] Re: Samba symlink 0day flaw

[0x5] Re: CVE request: information leak / potential crash in sys_move_pages

[0x6] CVE request: information leak / potential crash in sys_move_pages

[0x7] Re: Samba symlink 0day flaw

[0x8] Re: Samba symlink 0day flaw

[0x9] Re: Samba symlink 0day flaw

[0xA] Re: Samba symlink 0day flaw

TaoSecurity

Richard Bejtlich's blog on digital security and the practices of network security monitoring, incident response, and forensics.

[0x1] So Much for China's "Peaceful Rise"

[0x2] APT Presentation from July 2008

[0x3] Review of The Book of Xen Posted

[0x4] Answering APT Misconceptions

[0x5] DFRWS, VizSec, and RAID 2010 Calls for Papers

[0x6] Google and NSA Fulfilling 2008 Predictions

[0x7] DNI Blair Leads with APT as a "Wake-Up Call"

[0x8] Traffic Talk 9 Posted

[0x9] Two Dimensional Thinking and APT

[0xA] Example of Threat-Centric Security

An Expert's Guide to Database Solutions

Experienced DBA, Strategist, Architect, and Performance Expert James Koopmann provides information, guidance, technical savvy, and solutions for your database needs.

[0x1] High-level CPU consumption using Oracle's Time Model

[0x2] Did you like the mud slung by Oracle this last week?

[0x3] Oracle Statistics; Are we going backwards

[0x4] Email campaign to stop the Oracle/Sun deal

[0x5] Are we out of the recession yet?

[0x6] How is your 2010 shaping up to be?

[0x7] My top 10 list for DBAs in 2010

[0x8] Get Ready for the New Year - planning those New Year's Resolutions

[0x9] Installing MySQL 5.0.77 on Linux-CentOS-5

[0xA] Gain information about the O/S from inside Oracle

Light Blue Touchpaper

Security Research, Computer Laboratory, University of Cambridge

[0x1] New attacks on HMQV

[0x2] The need for privacy ombudsmen

[0x3] Why is 3-D Secure a single sign-on system?

[0x4] Multichannel protocols against relay attacks

[0x5] How online card security fails

[0x6] How hard can it be to measure phishing?

[0x7] Placebo bomb detectors

[0x8] Encoding integers in the EMV protocol

[0x9] Mobile Internet access data retention (not!)

[0xA] Practical mobile Internet access traceability

Linus' blog

Eventually this might even contain some Torvalds family pictures.

[0x1] Happy camper

[0x2] Embroidery.. gaah

[0x3] Finnish culture...

[0x4] WTF?

[0x5] Programming

[0x6] Parenting gold star (?)

[0x7] Not-so-evil empire

[0x8] Pathetic

[0x9] Outwitting the fashion police

[0xA] Happiness is a warm SCM

Free Information Technology Magazines and Downloads from bestsecuritytips.tradepub.com

Free publications about information technology and digital communication.

[0x1] Rethinking Server Virtualization: Breaking Performance and Manageability Barriers

[0x2] HP Expands Server Toolkit Provides Enhanced Options for Data Center

[0x3] Next -Generation Management Software for Blade Environments

[0x4] Faster, Cheaper and Easier to Maintain: Can You Afford Not to Upgrade Your Servers to Today's Advanced, Energy-Efficient Technologies?

[0x5] Business Value of Virtualization: Realizing the Benefits of Integrated Solutions

[0x6] Helping Utilities Fulfill FERC and NERC Requirements

[0x7] SAP for Utilities Solution Portfolio Asset & Work Mgmt White Paper

[0x8] SharePoint Site Migration Management Software FREE 15-Day Trial

[0x9] Gartner Research: Load Balancers Are Dead: Time to Focus on Application Delivery

[0xA] Gartner Research: Magic Quadrant for Application Delivery Controllers, 2009

The most recent News from Incisive Media

The most recent News from Incisive Media (Generated on Tuesday 9 February 2010 at 01:50:26)

[0x1] Ex-Intel executive owns up to Galleon insider trading

[0x2] Linux creator backs Nexus One

[0x3] Dealer jailed over phoney Cisco routers

[0x4] Cybercrooks fake the death of Bill Cosby

[0x5] AMD details Fusion innovations at ISSCC

[0x6] Touch-screens take majority of smartphone market

[0x7] Google threatens Chinese copycat site Goojje

[0x8] Google Earth presents historical photos

[0x9] English Heritage looking for IT infrastructure

[0xA] BT halfway through 24Mbit/s broadband rollout

Infosec Island Latest Articles

Adrift in Threats? Come Ashore!

[0x1] Today’s threat: computer network terrorism

[0x2] Defending Against Advanced Persistent Threats

[0x3] Security Consciousness Raising

[0x4] The 800-lb Dragon’s APTitude

[0x5] Heartland Payment Systems and Visa Inc. Announce Acceptance Rate of Over 97 Percent for Data Security Breach Settlement Agreement

[0x6] More Talks with Anti-Jihadi Hacker The Jester

[0x7] Eating your own dog food - how a Security Software company uses Security

[0x8] The Web won’t be safe, let alone secure, unless we break it

[0x9] Accuracy and Time Costs of Web Application Security Scanner Report

[0xA] Report Details Hacks Targeting Google, Others

DVLabs: Published Advisories

Published Advisories

[0x1] TPTI-10-01 - HP Data Protector Server Cell Manager Remote Code Execution Vulnerability

[0x2] TPTI-09-15 - HP OpenView Data Protector Cell Manager Heap Overflow Vulnerability

[0x3] TPTI-09-13 - HP OpenView NNM snmpviewer.exe CGI Host Header Stack Overflow Vulnerability

[0x4] TPTI-09-12 - HP OpenView NNM ovalarm.exe CGI Accept-Language Stack Overflow Vulnerability

[0x5] TPTI-09-11 - HP OpenView NNM OvWebHelp.exe CGI Topic Heap Overflow Vulnerability

[0x6] TPTI-09-10 - HP OpenView NNM webappmon.exe CGI Host Header Buffer Overflow Vulnerability

[0x7] TPTI-09-09 - HP OpenView NNM ovsessionmgr.exe userid/passwd Heap Overflow Vulnerability

[0x8] TPTI-09-08 - HP OpenView NNM ovlogin.exe CGI userid/passwd Heap Overflow Vulnerability

[0x9] TPTI-09-14 - HP OpenView NNM ovwebsnmpsrv.exe OVwSelection Stack Overflow Vulnerability

[0xA] TPTI-09-07 - Microsoft Windows License Logging Service Heap Corruption Vulnerability

Info Security News

Carries news items (generally from mainstream sources) that relate to security.

[0x1] BlackBerry has spyware risk too, researcher says

[0x2] IDF considers using BlackBerry

[0x3] Why CSOs Should Care About ShmooCon

[0x4] Biggest hacker training site shut down

[0x5] CSIIRW Sixth Cyber Security and Information Intelligence Research Workshop

[0x6] GAO Report: NASA Still Facing Weaknesses In IT Security

[0x7] Secunia Weekly Summary - Issue: 2010-05

[0x8] Fugitive VoIP hacker admits 10 million minute spree

[0x9] Military Intelligence: IDF is prepared for Cyberwarfare

[0xA] Report Details Hacks Targeting Google, Others

BreakingPoint Labs Blog

BreakingPoint Labs Blog

[0x1] A Cybersecurity Education: House Bill 4061

[0x2] Setting The Standard

[0x3] Answers to the Top IPv6 Questions

[0x4] Applying Probability to CyberSecurity

[0x5] Upcoming Cyber Security Events

[0x6] Google Leaving China After Cyber Attack?

[0x7] The Difficulty of Protecting People

[0x8] 2009 Blog Rewind: The Three-Way Handshake is a Lie!

[0x9] 2009 Blog Rewind: IPv6, CyberWar, Ruby String Processing...Oh My!

[0xA] 2009 Blog Rewind: Protocol Reverse Engineering

Securitas Operandi™

Incorporating security and risk into everyday thought.

[0x1] Certification and Experience: Putting the Cart Before the Horse

[0x2] How to opt out from advertising tracking cookies

[0x3] Connection? TSA Breach + airliner bomb attempt

[0x4] Time Magazine – Google Earth mystery solved

[0x5] E-mail security problems and the Canadian ISPs that are ignoring them

[0x6] TSA learns redaction lesson the hard way…

[0x7] Breathing new life into old hardware with Ubuntu

[0x8] Rest in peace: officers Renninger, Griswold, Owens and Richards

[0x9] Switch to Kaspersky

[0xA] Security question: being watched while watching videos

tanasi.it

Alessandro `jekil` Tanasi blog

[0x1] Dipendenza dal social network moderno

[0x2] CSS Layouts e templates web gratis

[0x3] Malware trovato sull’Android Market

[0x4] Libri di programmazione gratis

[0x5] Video su intercettazioni tramite cellulari spia

[0x6] Acqua Evian: Il video dei bambini che ballano breakdance sui pattini

[0x7] Lol: Ruby FAIL

[0x8] Cinema: Zoolander

[0x9] Spostamento

[0xA] Lol: Hosting Your Windows 7 Torrenting Party

Edible Apple

Apple News, Rumors, and Analysis

[0x1] Amazon appears ready to upgrade the Kindle in a major way to take on the iPad

[0x2] Alleged photos of next-gen iPhone front panel reveal larger form factor

[0x3] Apple open to iPad price cuts if sales disappoint

[0x4] A closer look at the iPad’s A4 processor and its incredible battery life

[0x5] iPad DRM activists are morons

[0x6] John Gruber on the “Auteur Theory of Design” from Macworld 2009

[0x7] Google’s “Parisian Love” video rumored to run during the Super Bowl

[0x8] New details about Microsoft’s upcoming Windows Phone 7 OS emerge

[0x9] A look at the iPad Human Interface Guidelines

[0xA] How Steve Wozniak brought color to the personal computer [Video]

ZDI: Recent Press

Recent Press Hits

[0x1] Zero-day vulnerabilities on the market

[0x2] Barriers Remain for Bug Bounty Bait

[0x3] Google to pay bounties for Chrome browser bugs

[0x4] Google Attack Highlights 'Zero-Day' Black Market

[0x5] HP Patches OpenView Vulnerabilities

[0x6] Microsoft knew of critical Office ActiveX bug in '07

[0x7] Apple patches 10 critical QuickTime bugs

[0x8] Apple Patches QuickTime Bug That Was Hidden in Book

[0x9] Pwn2Own hacker: Apple Safari is 'easy pickings'

[0xA] Hacking contest to test iPhone's security

Ministry of Justice Latest news

[0x1] Tribunal awards: defaulters' names to be put on public debt register

[0x2] Powers of Attorney cost reduction takes effect

[0x3] New probation trusts announced to cut reoffending

[0x4] Law firms to allow non-lawyer partners

[0x5] Appointment of new members to Advisory Panel on Public Sector Information

[0x6] Guide to Criminal Procedure (Amendment No. 2) Rules 2008

[0x7] Her Majesty's Courts Service key performance indicators 2009-10

[0x8] Public have their say on how criminals payback

[0x9] Domestic violence: 18 new special courts announced

[0xA] Justice minister welcomes annual report on deaths in custody

Help Net Security - News

Help Net Security is a daily updated security related site. We offer information on the latest happenings in the InfoSec world, advisories, viruses, papers, and more. HNS also has a large download section of security tools for Windows, Linux, Mac OS X and Pocket PC.

[0x1] Multiple vulnerabilities in popular Web servers

[0x2] Automated malware analysis platform

[0x3] Beyond the cloud: Common Assurance Metric

[0x4] Phishing site spoofing secure login page

[0x5] Zero-day vulnerabilities on the market

[0x6] Rogue software details: AntiSpyware

[0x7] Sensitive information retrieved from P2P networks

[0x8] Biggest Chinese hacker training site taken down

[0x9] Safer surfing mobile social networks

[0xA] Week in review: cloud computing security, black hat hacking, identity theft

Hack In The Box

Hack In The Box Backend

[0x1] Germany to purchase stolen Swiss bank data for $3.5 million

[0x2] Inside CloudLinux's New Linux-Based Cloud OS

[0x3] IT Outsourcing: Why It Pays to Appraise Your Contract

[0x4] 95% of user-generated content was malicious in 2H 2009

[0x5] Hackers training website shut down by China government

[0x6] Blackberry spyware source code released

[0x7] P2P Snoopers Know What's In Your Wallet

[0x8] Symantec hit with class-action lawsuit over auto-renewals

[0x9] Internet Overuse Invites Depression, Study Says

[0xA] Recovery, Transformation for IT, Telecom in 2010

Lenny Zeltser's Website

Lenny Zeltser's publications, research, and projects related to information security, risk management, business, and life in general.

[0x1] Interview on InfoSec Daily Podcast

[0x2] Analyzing Malicious Documents Cheat Sheet

[0x3] What to Include in a Malware Analysis Report

[0x4] Free Online Tools for Looking Up Potentially Malicious Websites

[0x5] Public Blocklists of Suspected Malicious IPs and URLs

[0x6] Free Automated Malware Analysis Services

[0x7] What to Include in a Malware Analysis Report

[0x8] Webcast: Malware Threats and Defenses That Work

[0x9] Security Architecture for Internet Applications

[0xA] Podcast: Security Risks and Mitigation Suggestions of Social Networking Sites

What's New

What's New at FIRST website

[0x1] 2010 dates for the Corporate Executive Program!

[0x2] FIRST is accepting theme suggestions for the 23rd Annual FIRST Conference in Vienna in 2011

[0x3] New Exhibitors for Miami 2010

[0x4] FIRST welcomes four new teams in January

[0x5] FIRST has established relationships with both ISO and ITU-T

[0x6] Please join us in welcoming new teams and thanking their sponsors

[0x7] CFP Reminder!

[0x8] Please join us in welcoming the new team from Raiffeisen Informatik CERT (R-IT CERT), Austria!

[0x9] December TC Program Updated

[0xA] Call for Speakers Open!

CSOONLINE.com - Global

[0x1] Friday Quiz: Google Versus Everybody

[0x2] Managing Security Overseas: Contact and Coordination with Local, Regional, and International Authorities

[0x3] Counterfeit Money: Still Going Strong

[0x4] The Pirate of Prague, Foreign Corrupt Practices, and You

[0x5] Chinese Teen Beaten to Death at Internet Addict Camp

[0x6] China's Web Porn Arrests Include Tech-Savvy Site Owners

[0x7] Can Pirates be Stopped?

[0x8] China Denies U.S. Power Grid Attack

[0x9] Piracy Law Cuts Swedish Net Traffic By Half

[0xA] Worldwide Cybercrime Police Network Grows

Technology News

Get the latest technology news, comment and anlaysis from the Telegraph.

[0x1] Australian twins learn of brother's Sydney car crash death 'from Facebook'

[0x2] Google translation phone "two years away"

[0x3] Chinese hacker training website shut down

[0x4] Consumers 'unconvinced' by Apple iPad, study shows

[0x5] Google Maps to offer location-based recommendations

[0x6] Apple says 27in iMac screen problems 'resolved'

[0x7] Vodafone suspends employee over obscene Twitter update

[0x8] Four things you can do with Foursquare

[0x9] Foursquare enjoys surge of popularity

[0xA] Facebook makes layout changes

Layer 7 Technologies

Layer 7 Technologies markets a family of XML appliances and software to secure, simplify and scale Web services.

[0x1] New Article - Layer 7 Expands into Dutch Market with ION-IP Partnership - ChannelWeb

[0x2] New Press Release - Working Opportunity Fund makes follow on investment in Layer 7 Technologies (February 2, 2009)

[0x3] New Award - 2009 Ready to Rocket List - Rocketbuilders

[0x4] Watch VP Marketing & Alliances, Dimitri Sirota, interviewed by Sys-Con.TV at JavaOne Conference in June, 2008.

[0x5] New Press Release - SOA Consortium Releases New Podcast from K. Scott Morrison, Layer 7 Technologies, on How to Fail at SOA (August 18, 2008)

[0x6] New Press Release - Layer 7 Joins SOA Consortium as Silver Sponsor (June 30, 2008)

[0x7] New Article - Layer 7 Nominated for SYS-CON's "SOA World Magazine Readers' Choice Awards": The SecureSpan XML Networking Gateway Nominated for "Best Security Solution" - SOA World

[0x8] New Press Release - Layer 7 Technologies Enhances Field Collaboration for SOA Through HP ISV Marketplace Referral Program (June 18, 2008)

[0x9] New Article - Layer 7 to Provide Security and Operational Governance for Sun Java CAPS - eBizQ

[0xA] New Press Release - Layer 7 Technologies to Provide Security and Operational Governance for Sun Java CAPS (June 9, 2008)

Unwired: Building & Maintaining Secure Wireless Networks

Journey into the latest in wireless technology! You'll find updates on new security issues and vulnerabilities, information on IEEE standards, advice on networking hardware, and unique insight on building and maintaining a secure wireless network.

[0x1] Quantum Cryptography

[0x2] In-Flight Wi-Fi

[0x3] Economic effects on IT Field

[0x4] Blackberry Storm Simulator

[0x5] 3G Wireless

[0x6] Wireless Network Users have Come a Long Way!

[0x7] Dilemma of a Passionate Programmer

[0x8] Can Old Wireless Network Interface Cards be Upgraded to Support WPA?

[0x9] Ramifications of a Cracked WPA Passphrase

[0xA] More Ramblings on WiFi Allergies

MS Sec Notification

Beware that MS often uses these security bulletins as marketing propaganda to downplay serious vulnerabilities in their products -- note how most have a prominent and often-misleading "mitigating factors" section.

[0x1] Microsoft Security Bulletin Summary for January 2010

[0x2] Microsoft Security Bulletin Major Revision

[0x3] Microsoft Security Bulletin Summary for January 2010

[0x4] Microsoft Security Bulletin Re-Release

[0x5] Microsoft Security Bulletin Major Revisions

[0x6] Microsoft Security Bulletin Summary for December 2009

[0x7] Microsoft Security Bulletin Major Revisions

[0x8] Microsoft Security Bulletin Major Revisions

[0x9] Microsoft Security Bulletin Summary for November 2009

[0xA] Microsoft Security Bulletin Advance Notification for November 2009

Martin McKeay's blog

[0x1] Hacking locks instead of computers

[0x2] Did she think this of the potential consequences?

[0x3] Escaping a virtual machine

[0x4] Certs: Added value or minimum requirement?

[0x5] The dubious effects of monitoring surfing habits

[0x6] Should your ISP protect you from yourself?

[0x7] Was the iPhone ready for prime time?

[0x8] Maynor isn't the Sell Out or LMH

[0x9] Infosec Sell Out outed, disappears

[0xA] VA employee tried to hide the damage

FaceTime Communications - Press Releases

Press releases from FaceTime.

[0x1] IBM Software Services for Lotus to Resell FaceTime Communications Security and Compliance Solutions

[0x2] FaceTime and YellowJacket Partner for Enhanced Energy Trading Compliance

[0x3] FaceTime Communications Names Tim Conley CFO

[0x4] FaceTime Wins Financial-i Leaders in Innovation Award for Messaging Compliance

[0x5] FaceTime Explores Social Media Compliance for Government Agencies at Gov 2.5 Conference

[0x6] FaceTime Adds Squid Proxy Support to Unified Security Gateway to Extend Enterprise Security for Web 2.0 Platforms

[0x7] FaceTime's application database acquisition highlights need for Web 2.0 control and security

[0x8] FaceTime Communications Integrates Sophos's Anti-Virus Engine With New Unified Security Gateway 3.0

[0x9] FaceTime Launches Augment, Migrate & Update (AMU) Kit for Blue Coat and Surfcontrol Users

[0xA] "Facebook Face-off" at Work Places Businesses at Risk

Department of Homeland Security News

Department of Homeland Security News

[0x1] Secretary Napolitano Launches Public Engagement Website

[0x2] $23 Million in Recovery Act Funding for Fire Station Construction Grants

[0x3] Remarks to the Homeland Security Advisory Council on Partnerships with Faith-Based and Community Groups

[0x4] Secretary Napolitano and Minister Toews Announce Joint Enforcement Efforts to Patrol Waterways During the 2010 Winter Games

[0x5] Transcript of Call with Senior DHS Officials on FY 2011 Budget Request

[0x6] Secretary Napolitano Discusses Port Security at Roundtable

[0x7] Secretary Napolitano Announces Fiscal Year 2011 Budget Request

[0x8] Secretary Napolitano Announces Fiscal Year 2011 Budget Request

[0x9] Readout of Secretary Napolitano's Meeting with Faith-Based and Community Leaders

[0xA] Canadian, U.S. Officials Discuss Efforts to Strengthen Aviation Security

US-CERT Cyber Security Tips

US-CERT Cyber Security Tips describe and offer advice about common security issues for non-technical computer users. Tips are restricted to a single topic, although complex issues may span multiple tips. Each tip builds upon the knowledge, both terminology and content, of those published prior to it.

[0x1] ST04-020: Protecting Portable Devices: Data Security

[0x2] ST04-019: Understanding Encryption

[0x3] ST04-018: Understanding Digital Signatures

[0x4] ST04-017: Protecting Portable Devices: Physical Security

[0x5] ST04-016: Recognizing and Avoiding Spyware

[0x6] ST04-015: Understanding Denial-of-Service Attacks

[0x7] ST04-014: Avoiding Social Engineering and Phishing Attacks

[0x8] ST04-013: Protecting Your Privacy

[0x9] ST04-011: Using Instant Messaging and Chat Rooms Safely

[0xA] ST04-010: Using Caution with Email Attachments

CGISecurity - Website and Application Security News

All things related to website, database, SDL, and application security since 2000.

[0x1] Larry Suto Web Application Security Scanner Comparison Report Inaccurate Vendors Say

[0x2] R.I.P. Apache 1.x: Apache 1.3.42 marks of end life

[0x3] Nikto version 2.1.1 released

[0x4] Weaning the Web off of Session Cookies Making Digest Authentication Viable

[0x5] WASC RSA Meet-Up 2010!

[0x6] Facebook security pretty much what you'd expect?

[0x7] Hacker Messes With Student's Schedule

[0x8] WASC Threat Classification to OWASP Top Ten RC1 Mapping

[0x9] Announcement: WASC Threat Classification v2 is Out!

[0xA] Stephen Watt sentenced to 2 years in prison for role in TJX

DVLabs: Blogs

Recent Blog Posts

[0x1] Mostrame la Guita!

[0x2] Ekoparty Wrap Up

[0x3] IPS Testing Realities

[0x4] Ekoparty 2009

[0x5] BlackHat USA 2009 Talk Choices

[0x6] Exploiting MS Advisory 971778: QuickTime DirectShow

[0x7] What's Worse Than Finding a Bug in Your Apple?

[0x8] The iPhone 3.0 Conundrum

[0x9] Authoring a Technical Book

[0xA] MindshaRE: Finding ActiveX Methods Dynamically

StatCounter Blog

[0x1] No Referring Link - Explained

[0x2] Season’s Greetings

[0x3] Unique Visitors - YOUR Questions Answered

[0x4] Unique Visitors - Explained

[0x5] General News

[0x6] Attack of Nasty Ads!

[0x7] StatCounter User Types

[0x8] NEW: Restricted Public Stats

[0x9] Bing Overtakes Yahoo!

[0xA] NEW: Display Uniques on My Projects Page

blog ntic de revolunet

Blog des Nouvelles Technologies de l'Information et de la Communication

[0x1] Symbian : l’open source comme ultime recours ?

[0x2] Appels illimités vers le Maroc

[0x3] Astuces Django

[0x4] Bien démarrer avec django

[0x5] Premiers pas Git : team workflow

[0x6] Test du Sanyo Xacti CA9

[0x7] Outrage

[0x8] Test QNAP TS409 Pro

[0x9] rsync alternative for low cpus

[0xA] NeufBox = catastrophe

CSOONLINE.com - Industry

[0x1] Clearing The Cloud 3: Some Security What-ifs

[0x2] Schmidt Tapped as White House Cybersecurity Coordinator

[0x3] Ten 2010 IT Security Predictions, Part 2: Schmidt and ICSA Labs

[0x4] 10 Predictions for 2010: Kaminsky and Weatherford

[0x5] Top Five Reasons For Security FAIL

[0x6] Security Wisdom Watch: Dropping Names, For Better or Worse

[0x7] The Botnet Hunters

[0x8] Federal Data Security Law: 'Careful What You Wish For'

[0x9] 6 Steps to Pull App Security Back to the Future

[0xA] 7 Ways to Stay Happy in a Miserable Profession

DRJ Current Articles

Current Articles from Disaster Recovery Journal

[0x1] Fraud: An Overlooked Risk

[0x2] Words Count in Emergency Notification

[0x3] 'Auld Lang Syne' - Forging the Link and Building the Chain

[0x4] DRI International’s Participation in the RIMS-PERK

[0x5] Following the Path of Downward Resiliency

[0x6] Lessons Learned By Flood Repair of Electrical Equipment

[0x7] Perfect Practice Makes Perfect

[0x8] Increasing the Value of DR in Everyday Operations

[0x9] Zen, Life, and the Art of Finding a Consultant

[0xA] Keep The Plan Simple, Easy To Understand, and Use Common Sense

[0x1] WiFi Hots(Honey)pots Go Mobile

[0x2] Wi-Fi Networks Open to Attacks

[0x3] WPA-PSK Passwords Now on Sale…Starting $17!

[0x4] SSL Renegotiation Vulnerability: Journey from Theory to Practice to Prevalence

[0x5] What, wireless security violation over flower vase?

[0x6] How “soft APs” can create “soft spots” in your network security

[0x7] 802.11w Tutorial

[0x8] Aerohive, Aruba Networks announce cloud based WLAN management services, is wireless vulnerability scanning far behind?

[0x9] Wi-Fi vulnerabilities exposed in Today Show video

[0xA] Making the right choice for rogue access point detection technology

CSOONLINE.com - Strategic Planning

[0x1] The Myth of Convergence

[0x2] Minimize Risk by Maximizing Accountability

[0x3] The Cloud Security Survival Guide

[0x4] Federal Data Security Law: 'Careful What You Wish For'

[0x5] Survey Says More Companies Hiring CSOs, Holding Steady on Spending

[0x6] The Seven Deadly Sins of Security Policy

[0x7] 7 Ways Security Pros DON'T Practice What They Preach

[0x8] No Excuses: Managing Operational Risk

[0x9] How to Succeed in a Two-Faced IT Security Job Market

[0xA] Surviving Layoffs: Five Career Lessons from the Security Trenches

Network World on Security

The latest security news, analysis, reviews and feature articles from NetworkWorld.com.

[0x1] Banning illegal file-sharers could breach human rights

[0x2] More evidence of value of security certification

[0x3] More evidence of value of security certification

[0x4] Malwarebytes' Anti-Malware Free

[0x5] An open letter to my public transit company

[0x6] China closes hacker training site, arrests three members

[0x7] Searches for news trends lead to malware

[0x8] Symantec hit with class-action lawsuit over auto-renewals

[0x9] ShmooCon: P2P Snoopers Know What's In Your Wallet

[0xA] ShmooCon: Your iPhone's Dirty Little Security Secret

NovaInfosecPortal.com

News, events, & resources for infosec professionals in NoVA, DC, & MD

[0x1] Top 3 NoVA Infosec Blog Posts of the Week

[0x2] Grecs’ Weekly Infosec Ramblings for 2010-02-04

[0x3] ShmooCon 2010 Firetalks – Update 4

[0x4] ShmooCon 2010 Cheat Sheet

[0x5] Where You Want to Be This Week for 2010-02-01

[0x6] Top 3 NoVA Infosec Blog Posts of the Week

[0x7] Grecs’ Weekly Infosec Ramblings for 2010-01-28

[0x8] NovaInfosecPortal ShmooCon Internship

[0x9] We Haz Sponsors (a.k.a., Firetalks – Update 3)

[0xA] Where You Want to Be This Week for 2010-01-25

Infosec Writers Latest Security Papers

Papers submitted by security professionals are published on the site and archived for readers. Categories include cryptography, E-mail security, exploitation, firewalls, forensics, honeypots, IDS, malware & wireless security.

[0x1] The Phishing Guide

[0x2] Shedding Light on Quantum Cryptography

[0x3] Securing a Virtual Environment

[0x4] Investigating the SANS/CWE Top 25 Most Dangerous Programming Errors List

[0x5] Hacking Tools & Techniques and How to Protect Your Network from Them

[0x6] Computer Forensics: Breaking Down the 1’s and 0’s of Cyber Activity for Potential Evidence

[0x7] Steps Involved in Exploiting a Buffer Overflow Vulnerability using a SEH Handler

[0x8] Exploring Below the Surface of the GIFAR Iceberg

[0x9] Anatomy of an XSS Attack

[0xA] Failed: Information Security and Data Protection in a Consumer Digital World

CSOONLINE.com - Privacy

[0x1] Why CSOs Should Care About ShmooCon

[0x2] ShmooCon | Your iPhone's Dirty Little Security Secret

[0x3] ShmooCon | Inside FarmVille's Sinister Underbelly

[0x4] ShmooCon | P2P Snoopers Know What's In Your Wallet

[0x5] MoD Staff Leak Military Secrets on Facebook and Twitter

[0x6] The Great PCI Security Debate of 2010: Transcribed

[0x7] Taken to the Cleaners

[0x8] Free Lunch 2010: Why Public Algorithms Beat the Alternative

[0x9] Why the IE-Google Incident Should Worry You

[0xA] Facebook Puts Your Privacy on Parade

Government Technology Policy / Management News

Government Technology: News: Policy/Management

[0x1] Portland, Ore.'s Citywide ERP Shows They Don't Come Easy

[0x2] Virginia Strengthens IT Security From Data Center to Desktop

[0x3] ARRA Stimulates State Transparency, Highlights Grant Management Flaws

[0x4] Nobody in Charge of IT in Atlantic City, N.J., Comptroller Report Says

[0x5] Backing Up Twitter and Facebook Posts Challenges Governments

[0x6] Twitter and Government Transparency

[0x7] Open Source Promoted in New California Policy

[0x8] IBM, Texas Announce New Framework for Data Center Consolidation

[0x9] New Year's Resolutions for Zombie Governments (Opinion)

[0xA] California DMV Poised to Launch Collaboration with Counties

Foro de elhacker.net - Noticias

Información en vivo desde Foro de elhacker.net

[0x1] ¿Dónde aparco?

[0x2] Bruselas publica un catálogo para proteger la privacidad del usuario de redes...

[0x3] La SGAE achaca las críticas al escaso "nivel cultural" de los españoles

[0x4] La Unión Europea prepara normas para regular "estado anárquico" de Facebook

[0x5] LG nos muestra como poner pelis piratas en sus TVs

[0x6] Monitoreo de una web con Specto

[0x7] AMD corrige un posible fallo en las Radeon HD 5800

[0x8] OpenOffice 3.2.0 RC5 disponible. Nueva versión de la Suite ofimática gratuita...

[0x9] Cuestionan procedimiento de Facebook para identificar "amigos" de personas ...

[0xA] China cierra la web de hacking "Seguridad Halcón Negro"

InformationWeek Security News

InformationWeek

[0x1] Google Gmail Getting Social Features

[0x2] China Closes Hacker Training Site

[0x3] Microsoft, Partners Pitch In On Super Bowl Security

[0x4] Mozilla Removes Two Malicious Firefox Add-Ons

[0x5] Microsoft Patch To Leave IE Hole Open

[0x6] Google Book Settlement Falls Short For Justice Dept.

[0x7] Utilities To Bolster Smart Grid Cybersecurity

[0x8] Apple Links iTunes Apps To Web Previews

[0x9] Intel Brings vPro To Core Processors

[0xA] InformationWeek's RSS Feed is brought to you by

Skypher

The blog for absolutely nothing!

[0x1] Wiki back up

[0x2] Google Chrome 4

[0x3] Microsoft Internet Explorer 6.0/7.0 NULL pointer crashes

[0x4] Advances in heap spraying #1: when size matters.

[0x5] Wiki temporarily down

[0x6] w32-exec-calc-shellcode released

[0x7] Download and LoadLibrary shellcode released

[0x8] Testival released

[0x9] ALPHA3 released

[0xA] Countslide alphanumeric GetPC

Vitalsecurity.org

A Revolution is the Solution

[0x1] osgof.gov.ng taken out by Death Ninjas

[0x2] Fake Steam password changer...

[0x3] Some fake Facebook programs...

[0x4] Superlite Anti-Virus 2010 will infect your PC

[0x5] Interview Time

[0x6] Question.

[0x7] Offtopic Post Ahoy

[0x8] Fake Google Jobs sites clog up your mailbox

[0x9] ukfi.gov.uk defaced...

[0xA] Interesting Vista to Win 7 Upgrade thread...

Lifehacker: hack attack

Lifehacker posts tagged hack attack

[0x1] Become a Gmail Master Redux

[0x2] How to Put Your PC to Good Use While You're Sleeping

[0x3] Build a Silent, Standalone XBMC Media Center On the Cheap

[0x4] Install Snow Leopard on Your Hackintosh PC, No Hacking Required

[0x5] How to Build a Hackintosh with Snow Leopard, Start to Finish

[0x6] Set Up "Push" Gmail on Your iPhone

[0x7] Carry Your PC on Your iPhone or iPod Touch

[0x8] Eight Best KeePass Plug-Ins to Master Your Passwords

[0x9] How to Set Up a Laptop Security System

[0xA] Expand Your Brain with Evernote

CSOONLINE.com - Loss Prevention

[0x1] Social Engineering: The Basics

[0x2] Supply Chain Security Threats: 5 Game-Changing Forces

[0x3] DHS: Counterfeit Goods Still Rampant in U.S.

[0x4] Checklist: 11 Security Tips for Black Friday, Cyber Monday

[0x5] 4 Cheap Options to Monitor Networks for Evidence

[0x6] Report: Retail Shrink, Theft Up in 2009

[0x7] Counterfeit Money: Still Going Strong

[0x8] Organized Crime and Retail Theft: Facts and Myths

[0x9] Special Report: Security Versus the Mob

[0xA] Study: Air Cargo Security Seriously Lacking

Oracle Security Alerts

Security Alerts Issued by Oracle

[0x1] Oracle Security Alert for CVE-2010-0073 - February 2010

[0x2] Critical Patch Update - January 2010

[0x3] Critical Patch Update - October 2009

[0x4] Critical Patch Update - July 2009

[0x5] Critical Patch Update - April 2009

[0x6] Critical Patch Update - January 2009

[0x7] Critical Patch Update - October 2008

[0x8] Critical Patch Update - July 2008

[0x9] Critical Patch Update - April 2008

[0xA] Critical Patch Update - January 2008

Infosecurity.US

Information Security And Occasional Forays Into Other Realms

[0x1] Oracle Patches Critical WebLogic Flaw

[0x2] Lisa Benson: Beanstalk

[0x3] USB Electronic Key Impressioner – Open Sesame

[0x4] Sherffius: Bacterial-Laden

[0x5] Firefox Malware Extensions Discovered

[0x6] Holbert: Trillion Dollar Stuck Pedal

[0x7] But Wait, There’s More – 13 Critical Security Patches Queued For Microsoft’s PatchTuesday

[0x8] Thach Bui: Monumental Upgrades

[0x9] New, Critical Internet Explorer Vulnerability – Nearly All Versions Affected

[0xA] Lisa Benson: Health Care Reform R.I.P.

NYT > Cryptography

News about cryptography, including commentary and archival articles published in The New York Times.

[0x1] Universities Spar Over Disappearing Electronic Messages

[0x2] Goodbye, Passwords. You Aren’t a Good Defense.

[0x3] Adding Math to List of Security Threats

[0x4] Studios’ DVDs Face a Crack in Security

[0x5] A Cryptologist Takes a Crack at Deciphering DNA’s Deep Secrets

[0x6] Graduate Cryptographers Unlock Code of 'Thiefproof' Car Key

[0x7] TECHNOLOGY; Researchers Develop Computer Techniques to Bring Blacked-Out Words to Light

[0x8] A Simpler, More Personal Key To Protect Online Messages

[0x9] Light Study Backs Teleportation, But Don't Try Beaming Up Yet

[0xA] Microsoft to Give Governments Access to Code

CSOONLINE.com - Network Security

[0x1] Why CSOs Should Care About ShmooCon

[0x2] ShmooCon | Inside FarmVille's Sinister Underbelly

[0x3] ShmooCon | P2P Snoopers Know What's In Your Wallet

[0x4] Skype Security: Is the Popular VOIP Service Safe for Business?

[0x5] Timeline: A Decade of Malware

[0x6] Facebook, Twitter, Social Network Attacks Tripled in 2009

[0x7] Report: Layer 7 Increasingly Under DDoS Gun

[0x8] Bank Files Lawsuit Against Victim of $800,000 Cybertheft

[0x9] Companies on IT Security Spending: Where's the ROI?

[0xA] Users Still Make Hacking Easy with Weak Passwords

LinuxSecurity.com: Foresight Advisories

The central voice for Linux and Open Source security news.

[0x1] Study: Spammers use e-mail ID to gain legitimacy

[0x2] Review: Mod-Security 2.5 by Magnus Mischel

[0x3] Foresight: firefox

[0x4] Foresight: python

[0x5] Foresight: firefox

[0x6] Foresight: imageop

[0x7] Foresight: nss_ldap

[0x8] Foresight: rsync

[0x9] Foresight: e2fsprogs

[0xA] Foresight: tetex

McAfee Avert Labs

Cutting edge security research as it happens.......

[0x1] Dave Marcus is ready for his Oscar

[0x2] Protecting Privacy by Design

[0x3] Hackers Disrupt European CO₂ Market

[0x4] Be careful on help files

[0x5] Scams Take Advantage of Haiti Relief Efforts

[0x6] Patch Released for Recent Microsoft Zero Day (CVE-2010-0249)

[0x7] Update on Recent Microsoft 0day (CVE-2010-0249)

[0x8] Investigating a Possible Charity Scam

[0x9] McAfee ‘Hacking Exposed’ Webcast Series Fights Cybercrime

[0xA] An Insight into the Aurora Communication Protocol

Tech Digest

Gadgets, mobile phones, news and reviews

[0x1] PowerShot SX210 IS rounds off a busy day for Canon

[0x2] Canon EOS 550D entry level DSLR delivers 18MP shots and 1080p video

[0x3] Canon introduce IXUS 210, 130 and 115 cameras

[0x4] Video: Megan Fox takes a bath with the Motorola Devour

[0x5] Aptly named HTC Incredible revealed, features massive 3.7 inch OLED display

[0x6] Burberry to stream catwalk show in 3D simultaneously across the globe

[0x7] Google Nexus One turns up for sale on Play UK

[0x8] Snapdragon-touting LG Arena Max outed

[0x9] Tapulous to follow Tap Tap Revenge iPhone app success with Riddim Ribbon game featuring the Black Eyed Peas

[0xA] UK built iTablet rears its head, runs off with a shed load of iPad hype

Episteme: Belief. Knowledge. Wisdom

[0x1] Return-to-Barry-White Human Exploitation

[0x2] NLP for Social Engineers

[0x3] Hacker Halted Redux

[0x4] Recap: The Hope Symposium

[0x5] Social Engineering Abounds

[0x6] Greed as a prime motivator

[0x7] Constraints and The Bandwidth Problem

[0x8] Social Networking and Security

[0x9] Obama and Hypnosis

[0xA] NLP is not Science

Casper Dik's Weblog

Casper Dik's Weblog

[0x1] OGP election

[0x2] NLOSUG: 26/10/2006 Dutch OpenSolaris User Group First Meeting

[0x3] Updated drivers: but only at www.opensolaris.org

[0x4] Small acpidrv update

[0x5] OpenSolaris User Group Meeting, Amsterdam, October 18th

[0x6] Laptop community live!

[0x7] Laptops

[0x8] First Installment (of frkit)

[0x9] User Credentials and all that

[0xA] Southpark Stdio

leetupload.com

NewsFeed for leetupload.com

[0x1] New Tutorial - How the Microprocessor Works

[0x2] Famous - Copper Heatsink/Wine Chiller Idea on engadget and Hack a Day!

[0x3] Copper Heatsink on the Rocks Mod Finished

[0x4] Another Tutorial - Technical Practical Jokes

[0x5] New Tutorial - Campus WarWalking

[0x6] IRC Up For Use, and IRC Java Client is Here to Stay!

[0x7] VIRII AND EXPLOIT DATABASE IS UP!

[0x8] Updates

[0x9] Mineral Oil PC, Woot!

[0xA] Signing up for the Virii DB = Great Success, Very Nice!

CSO Blogs - Leadership

[0x1] The Customer is Clueless – Not!

[0x2] Time to re-think encryption

[0x3] CyberTerror - the Arms Race We're Losing

[0x4] Risk Mitigation through Collaborative Innovation

[0x5] Data Genomes and Persistent Security - Protecting Information at its Inception

[0x6] High Tech Firms Who Outsource Software Development to China - The Dirty Little Secret

[0x7] Reasons Why Granny Clampett Kept Her Money in Her Mattress

[0x8] Good riddance!

[0x9] IT Talent Helping Haiti

[0xA] Growing Concern Over Risks To (And Of) The System

BankInfoSecurity.com "The Field Report" Blog RSS Syndication

BankInfoSecurity.com.com RSS Feeds for The Field Report blog.

[0x1] New Information Security Survey - Why it Matters

[0x2] Trends, Threats and Thought-Leaders

[0x3] 2010: A Good Time to Start an Information Security Career

[0x4] My 7 Banking/Security Resolutions for 2010

[0x5] My Favorite Interviews of 2009

[0x6] Top 10 Stories of the Year

[0x7] Top 10 Interviews of 2009

[0x8] Failed Banks: Better to Close than Receive?

[0x9] The 3 Biggest Stories No One is Discussing

[0xA] Early Predictions for 2010

CSOONLINE.com - Preparedness

[0x1] DDoS Attacks Are Back (and Bigger Than Before)

[0x2] Lack of Telework Preparedness Puts Business Continuity in Danger?

[0x3] How to Perform a Disaster Recovery Business Impact Analysis

[0x4] Most Businesses READY for Flu Pandemic?

[0x5] Business Continuity and Disaster Recovery in a Tornado Zone

[0x6] Swine Flu: Watching the Southern Hemisphere for Signs of H1N1 Havoc

[0x7] WHO Declares Swine flu a Pandemic. Now What?

[0x8] Survey: Business Continuity Plans Factor in Mobile, Social Networking

[0x9] Security Wisdom Watch: Swine Flu Edition

[0xA] Swine Flu: A Wake-up Call for Emergency Planners

Data center news from Network World Fusion

The latest data-center news and analysis from NetworkWorld.com.

[0x1] Energy Star for data centers coming in June

[0x2] Data center service provider helped develop Cisco OTV

[0x3] IBM will inch up heat in new data center

[0x4] Cisco to unleash data center extensions

[0x5] Government Carbon Reduction Commitment 'has loopholes'

[0x6] Green Grid to release new data center efficiency tools

[0x7] New at Disney: It's a Data Center World After All

[0x8] IT consultancy GlassHouse files for $75 million IPO

[0x9] Mike Manos quits Digital Realty Trust, joins Nokia

[0xA] Europe leads e-waste recycling

Welcome to the Frontpage

ThreatChaos. News, views and analysis. A security blog providing original research from the IT-Harvest team.

[0x1] Myth busting Monday

[0x2] Some important views on the China-Google affair

[0x3] Putting Chinese cyber espionage in perspective

[0x4] Google engages in cyber vigilantism

[0x5] 2010 to be a year of change for the security industry

[0x6] Targeted attacks work against Google.

[0x7] Cyber vigilante takes on Islamic extremists

[0x8] Cyber Help Wanted

[0x9] Content Delivery Networks as weapons of cyber defense

[0xA] US military blind to need for encryption

Upcoming Security Alerts

Upcoming Security Alerts

[0x1] Oracle Database

[0x2] Oracle Database

[0x3] Oracle Database

[0x4] Oracle Secure Enterprise Search

[0x5] Documentation bug concerning a special privilege

[0x6] Oracle Database

[0x7] Oracle Database

[0x8] Oracle Database

[0x9] Oracle Database

[0xA] Oracle Database

Panda Research Blog

Leading the way in proactive malware detection

[0x1] Spam Honeypot Catch

[0x2] Panda @ AV-Comparatives

[0x3] Blog Comment Spam Honeypot

[0x4] OT: Vacation

[0x5] Arguments against cloud-based antivirus

[0x6] New Panda Research Blog Style

[0x7] Panda Security Compatibility with Windows 7

[0x8] Panda Security Days in Sweden 09

[0x9] Panda USB Vaccine – Version 1.0.1.4

[0xA] The Perfect Antivirus!

Peter Van Eeckhoutte's Blog

:: [Knowledge is not an object, it´s a flow] ::

[0x1] Starting to write Immunity Debugger PyCommands : my cheatsheet

[0x2] Exploit writing tutorial part 8 : Win32 Egg Hunting

[0x3] Happy New Year

[0x4] Exchange Server 2010 available worldwide

[0x5] Exploit writing tutorial part 7 : Unicode – from 0×00410041 to calc

[0x6] Str0ke R.I.P. (or alive & kicking ?)

[0x7] Exchange 2010 Certificates

[0x8] Backup & Restore Windows Server based Print Servers

[0x9] Metasploit Project acquired by Rapid7

[0xA] Script to backup Cisco switches via telnet / tftp

Rapid7 Network Security Blog

Vulnerability Management

[0x1] February Microsoft Patch Tuesday Preview

[0x2] The True Value of “Free” in Vulnerability Management

[0x3] January Out of Band Microsoft Patch Tuesday Roundup

[0x4] The Story Behind NeXpose Community Edition

[0x5] January Microsoft Patch Tuesday Roundup

[0x6] Metasploit PSEXEC scanner (via Perl)

[0x7] December Microsoft Patch Tuesday Roundup

[0x8] December Microsoft Patch Tuesday Preview

[0x9] NeXpose Community Edition/Metasploit Integration: Responding to the Needs of Users

[0xA] The Noisy Assembly

Anton Chuvakin Blog - "Security Warrior"

This blog covers all sorts of issues of interest to me, including information security, network security, data security - and all other fun things security.

[0x1] Links for 2010-02-07 [del.icio.us]

[0x2] Links for 2010-02-06 [del.icio.us]

[0x3] Logging, Log Management and Log Review Maturity

[0x4] Monthly Blog Round-Up – January 2010

[0x5] Links for 2010-02-02 [del.icio.us]

[0x6] Live Test of FUD Value: Pro/Con?

[0x7] Top Nine Reasons How PCI Is Like APT

[0x8] Links for 2010-02-01 [del.icio.us]

[0x9] ShmooCon!!! or Anton in DC This Week!

[0xA] REAL PCI Compliance Percentages?

Tactical Web Application Security

Tac-ti-cal: of or relating to combat tactics: of or occurring at the battlefront <a tactical defense>

[0x1] 2010 Web Application Security Predictions

[0x2] Identifying Denial of Service Conditions Through Performance Monitoring

[0x3] WASC Honeypots - Apache Tomcat Admin Interface Probes

[0x4] Distributed Brute Force Attacks Against Yahoo

[0x5] Identifying Anomalous Behavior

[0x6] WASC Distributed Open Proxy Honeypot Update - XSS in User-Agent Field

[0x7] WASC WHID 2009 Bi-Annual Report - Social Media Sites Top Most Attacked Vertical Market

[0x8] Lessons Learned From Casino Surveillance

[0x9] We've been blind to attacks on our Web sites

[0xA] Challenges to webappsec - lightweight development

CSOONLINE.com - Malware/Cybercrime

[0x1] China Closes Hacker Training Site, Arrests Three Members

[0x2] Why CSOs Should Care About ShmooCon

[0x3] ShmooCon | Your iPhone's Dirty Little Security Secret

[0x4] ShmooCon | Inside FarmVille's Sinister Underbelly

[0x5] Versign Fails to Take Action Against Malicious Sites, Researcher Says

[0x6] Old Security Flaws Still a Major Cause of Breaches, Says Report

[0x7] Timeline: A Decade of Malware

[0x8] China Works to Toughen Hacking Laws

[0x9] Accusations Fly Over Voice Encryption Hack

[0xA] Facebook, Twitter, Social Network Attacks Tripled in 2009

Packet Storm Security Miscellaneous Files

Packet Storm Last 10 Miscellaneous Files

[0x1] nightdahack2010-cfp.txt

[0x2] reconCFP2010.txt

[0x3] libssh2-1.2.3.tar.gz

[0x4] HES2010-CFP.txt

[0x5] rev_honeytrap_av_v1.pdf

[0x6] xss-websecurity.txt

[0x7] asm_linux-i386.pdf

[0x8] php-trojans.txt

[0x9] WeaningTheWebOffOfSessionCookies.pdf

[0xA] PT-devteev-FAST-blind-SQL-Injection.txt

Command Line Kung Fu

This blog will include fun, useful, interesting, security related, non-security related, tips, and tricks associated with the command line. It will include OS X, Linux, and even Windows!

[0x1] Episode #80: Time Bandits

[0x2] Episode #79: A Sort of List

[0x3] Episode #78: Advanced Process Whack-a-Mole

[0x4] Episode #77: USB History

[0x5] Episode #76: Say Hello to My Little Friend Netstat

[0x6] Episode #75: Yule Be Wanting an Explanation Then

[0x7] Episode #74: Yule Love It!

[0x8] Episode #73: Getting the perfect Perm(s)

[0x9] Episode #72: That Special Time of Year

[0xA] Episode #71: Joining Up

CNET News.com

Tech news and business reports by CNET News. Focused oninformation technology, core topics include computers, hardware, software,networking, and Internet media..

[0x1] Verizon temporarily blocks some 4chan sites

[0x2] Security software maker Vitamin D exits beta

[0x3] China breaks up Black Hawk hacking ring

[0x4] PCI compliance: What it is and why it matters (Q&A)

[0x5] New UI, features highlight McAfee 2010 suites

[0x6] BlackBerry has spyware risk too, researcher says

[0x7] Mozilla yanks infected add-ons, warns users

[0x8] Caught on tape: Pastry thief and a bad dog walker

[0x9] DOJ not pleased with latest Google Book agreement

[0xA] Microsoft to patch 26 holes in Windows, Office

Robert E. Lee

Thoughts on security testing methodologies, regulatory compliance, security tools, security metrics, and other current events.

[0x1] Sockstress TCP DoS - CERT-FI Advisory

[0x2] Sockstress TCP DoS - CERT-FI Statement Update

[0x3] Jack C. Louis - The loss of a dear friend...

[0x4] Good to be back...

[0x5] Unicornscan on Debian - Some updated notes...

[0x6] TCP DoS tool (Complemento)...

[0x7] Fnta [Error fantaip.c:428] short packet!!!!

[0x8] Athens...

[0x9] On the road again...

[0xA] T2 Sockstress Talk Recap...

EFA

Electronic Frontiers Australia

[0x1] EFA’s draft R18+ for games discussion paper

[0x2] Sanity prevails: iiNet did not authorise its users’ infringements

[0x3] SA Electoral amendments and anonymity online

[0x4] Senate Internet Censorship Petition Update

[0x5] ACTA negotiations underway; background information from Michael Geist

[0x6] Update on the Great Australian Internet Blackout

[0x7] Australian web sites to go black on Australia Day

[0x8] What can you do to help?

[0x9] Next round of ACTA negotiations, Mexico: still no transparency in sight

[0xA] Government: “Global Internet freedom” means censorship

Edgeos - New Vulnerabilities

Edgeos - Private-Labeled Vulnerability Assessment Services

[0x1] CentOS : RHSA-2010-0019

[0x2] RHSA-2007-0868: rhns

[0x3] RHSA-2007-1069: jakarta

[0x4] RHSA-2008-0261: jabberd

[0x5] RHSA-2008-0264: rhn

[0x6] RHSA-2008-0524: jabberd

[0x7] RHSA-2008-0525: rhn

[0x8] RHSA-2008-0629: rhn

[0x9] RHSA-2008-0630: jfreechart

[0xA] RHSA-2008-0636: java

Security Weekly by Computerworld

Security Weekly by Computerworld

[0x1] CA brings SOA security to open source JBoss

[0x2] PayPal suspends personal payments to India

[0x3] Scott Cam face of CUA spam

[0x4] Extorted companies silent on stolen data

[0x5] Indian pleads guilty in overseas stock hacking scheme

[0x6] Spam, e-mail threats high in the Asia Pacific in January

[0x7] E-mail scam steals €3 million in carbon credits

[0x8] Researcher reveals how IE flaw can turn your PC into a public file server

[0x9] Fake Firefox update spreads unwanted app

[0xA] Too many people re-use logins, study finds

CSOONLINE.com - Video Surveillance

[0x1] How 9-11 Shaped Hoover Dam Security Operations

[0x2] Hoover Dam Security in Pictures

[0x3] Taking the 'Closed' Out of CCTV

[0x4] Charitable Risk: Security Challenges of the Bill and Melinda Gates Foundation

[0x5] Study: Air Cargo Security Seriously Lacking

[0x6] Fast-Food FAIL: Drive-Thru Displays Point-of-Sale LAN Details

[0x7] Report: Shoplifting Surges in Down Economy

[0x8] Social Engineering: 5 Security Holes at the Office (Includes Video)

[0x9] VMS: How to Manage Surveillance Video

[0xA] 4 Steps Security Can Take to Prevent Kidnapping

Subreption Blog

A surreptitious look over the work of an innovative startup.

[0x1] Why Linux security has failed (for the past 10 years)

[0x2] KERNHEAP for the Linux kernel 2.6 released

[0x3] Runtime binary loading via the dynamic loader on Apple Mac OS X

[0x4] Minor security fixes for Pyblosxom

[0x5] Apple Mac OS X 10.4 temp_patch_ptrace(): Nonsense in kernel-land

[0x6] Linux Kernel Silent Patching: VMI write_ldt_entry() privilege escalation

[0x7] Custom shellcode and return-to-libc on Mac OS X

[0x8] Marshal and Native API bridging on Microsoft Windows (NT)

[0x9] Pyblosxom and mod_wsgi benchmark

[0xA] PatchDiff 2 by Tenable Security

ITILSec.com - Collaborative Security - Published news

[0x1] How to Get Your Ex Back

[0x2] Стиральные Машины

[0x3] Телевизоры

[0x4] Холодильники

[0x5] Пылесосы

[0x6] Телефоны

[0x7] Мебель

[0x8] Квартиры

[0x9] Нотариус Одесса

[0xA] Знакомства

OStatic blogs

[0x1] LinuxCon Puts Out Call for Papers Ahead of Summer Event

[0x2] Oracle Cuts Affect GNOME Accessibility Work

[0x3] SourceForge Removes "Blanket" Block

[0x4] Layoffs Won't Stop Project Wonderland

[0x5] Mozilla Studying Menu Item Use in Firefox

[0x6] Raising Money for Open Source Projects: How Can We Improve?

[0x7] MySQL Founder Monty Widenius On What to Expect Next: Part 2

[0x8] Eben Moglen Live in NYC on Friday: Freedom in the Cloud

[0x9] Wikimedia Hires Danese Cooper as New CTO

[0xA] Facebook Friends PHP: Introducing HipHop

Dragos Lungu Dot Com | Security Tools And Tips

100% Unbiased Security Tools Reviews. Computer Security Blog about Phishing, Spyware, Malware and other Threats and Vulnerabilities we face everyday .

[0x1] GFI WebMonitor 2009 Review

[0x2] ModSecurity 2.5 – New Book Soon To Be Released

[0x3] NetWitness releases NextGen version 9.0

[0x4] Twitter Weekly Updates for 2009-07-19

[0x5] Twitter Weekly Updates for 2009-07-12

[0x6] Twitter Weekly Updates for 2009-07-05

[0x7] Twitter Weekly Updates for 2009-06-28

[0x8] NetWitness Investigator – Awesome Network Intelligence!

[0x9] Twitter Weekly Updates for 2009-06-14

[0xA] Twitter Weekly Updates for 2009-06-07

OSVDB Blog :

Everything Is Vulnerable

[0x1] Open Security Foundation - State of the Union 2010

[0x2] January Update: OSVDB Winter 2010 Fundraising Goal

[0x3] Microsoft, Aurora and something about forest and trees?

[0x4] Challenge: OSVDB Winter 2010 Fundraising Goal

[0x5] Adobe, Qualys, CVE and Math

[0x6] OSVDB 2009 Q4 Changelog

[0x7] Creditee System Overhauled

[0x8] Responsible Disclosure - Old Debate, Fresh Aspects?!

[0x9] Search Filters & Custom Exports

[0xA] What I learned from early CVE entries

The Web Application Security Consortium

The Web Application Security Consortium (WASC) is an international group of experts, industry practitioners, and organizational representatives who produce open source and widely agreed upon best-practice security standards for the World Wide Web.

[0x1] Ryan Barnett reverted Distributed Open Proxy Honeypots

[0x2] Ryan Barnett edited Distributed Open Proxy Honeypots

[0x3] Ryan Barnett reverted Distributed Open Proxy Honeypots

[0x4] Ryan Barnett edited Distributed Open Proxy Honeypots

[0x5] Robert Auger edited Threat Classification References Mapping Proposal

[0x6] Romain Gaucher edited Threat Classification References Mapping Proposal

[0x7] Romain Gaucher edited Threat Classification References Mapping Proposal

[0x8] Romain Gaucher edited Threat Classification References Mapping Proposal

[0x9] Romain Gaucher edited Threat Classification References Mapping Proposal

[0xA] Romain Gaucher edited Threat Classification References Mapping Proposal

Linux Journal - The Original Magazine of the Linux Community

Since 1994: The Original Monthly Magazine of the Linux Community

[0x1] Symbian Opens Up

[0x2] The Small Picture: More OpenOffice.org Extensions

[0x3] Pass the Bug, Collect $500

[0x4] Start and Control konsole with DBUS

[0x5] Crafting Digital Media: A Book Review

[0x6] Amateur Radio Articles and Newsletter

[0x7] The Linux Foundation Will Train You - For Free

[0x8] Tech Tip: Use gxmessage for Displaying GUI Messages from Scripts

[0x9] Linux Audio Plugin Update

[0xA] Wither the web (site)

US-CERT Current Activity

The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.

[0x1] Oracle Releases Security Alert for WebLogic Server Vulnerability

[0x2] Microsoft Releases Advance Notification for February Security Bulletin

[0x3] Apple Releases iPhone OS 3.1.3 and iPhone OS 3.1.3 for iPod touch

[0x4] Microsoft Releases Security Advisory 980088

[0x5] Cisco Releases Security Advisory for Unified MeetingPlace

[0x6] Google Releases Chrome 4.0.249.78

[0x7] RealNetworks, Inc. Releases Updates to Address Vulnerabilities

[0x8] Microsoft Releases Cumulative Security Update for Internet Explorer

[0x9] Apple Releases Security Update 2010-001

[0xA] Adobe Releases Shockwave Player Update

EliteHackers.info Discussion Forums

EliteHackers.info has a large memberbase on our forums. We also have a files database, a text & tutorials archive. There is also a proxy list section as well as our ports list database.

[0x1] DNS server IP

[0x2] Another Wart On Your Back (Another Intro Thread)

[0x3] Bypassing HTML Entities

[0x4] ◙◘◙◘◙◘ DiGiChAt TuToRiAl By: D4M13N ◙◘◙◘◙◘

[0x5] ︽︾︽︾defacement ︽︾︽︾

[0x6] ▐▐ D4m13n ▐▐ - Introduction

[0x7] Haikus

[0x8] Window Managers

[0x9] iPods

[0xA] Creative Error 404 Pages

Lifedork

still GeeX? still SuX!

[0x1] how to view private myspace pictures with ViewMorePix.com

[0x2] Backtrack 4 Tutorial : Installing backtrack 4 to hardisk

[0x3] view facebook private photos with Photo Stalker

[0x4] Nmap 5 has been released !

[0x5] how to view private myspace profiles

[0x6] Xss scanner

[0x7] Download Yahoo invisible detector script

[0x8] Firefox 3.5 zero day exploit released

[0x9] Download Backtrack 4 Pre Final and Backtrack 4 Guide

[0xA] Firefox Keylogger Add on videos

Gandi IWI Blog

[0x1] IP Transit Outage in France Telecom

[0x2] Maintenance Gandi.Net and API

[0x3] .CN domain creation suspension

[0x4] -50% discount for .ME extensions

[0x5] .HK domains now available at Gandi!

[0x6] Accented .EU domain names open on December 10th at 11:00 CET!

[0x7] .PT domains available at Gandi

[0x8] Network Maintenance overnight 19-20 November

[0x9] Hosting: Launch of multiple IP addresses for your servers

[0xA] Your server on IPv6?

SecureLexicon

[0x1] Cyber War is with Us

[0x2] Risk Mitigation through Collaborative Innovation

[0x3] Political Survival for Security Pros – #1

[0x4] Food for Thought – Creation Spaces

[0x5] IT Talent Helping Haiti

[0x6] NetWitness’s Amit Yoran on The Art of War

[0x7] How to Sell Security Investments

[0x8] PGP’s Dunkelberger on Data Protection

[0x9] The Factors of CIO Success

[0xA] Michigan Businesses contribute to Homeland Security

Cisco Learning Home : All Content - Security

All Content in Security

[0x1] ASA vs PIX

[0x2] Cisco WCCP Security

[0x3] ASA - Inspect ICMP with PMTUD

[0x4] ASA Guidelines - VLANS

[0x5] IPv6 security concerns

[0x6] VPN Client

[0x7] Some Questions on ISCW

[0x8] Security Specialist Certifications

[0x9] Cisco ASA 5550 Best Guide/Book

[0xA] is it possible to create VPN connection using one subnet?

CSO Blogs - Data Protection

[0x1] Legacy Vendor Agreements and the Massachusetts Data Security Law

[0x2] Time to re-think encryption

[0x3] CyberTerror - the Arms Race We're Losing

[0x4] Risk Mitigation through Collaborative Innovation

[0x5] Data Genomes and Persistent Security - Protecting Information at its Inception

[0x6] Data Privacy Day: Playing It Safe Online

[0x7] Reasons Why Granny Clampett Kept Her Money in Her Mattress

[0x8] Good riddance!

[0x9] Plain Speaking About Industrial Spying

[0xA] The Devil’s Dictionary, InfoSec Edition

good coders code, great reuse

Peteris Krumins' blog about programming, hacking, software reuse, software ideas, computer security, google and technology.

[0x1] Famous Perl One-Liners Explained, Part V: Text conversion and substitution

[0x2] How to keep track of who’s talking about you

[0x3] How to Steal a Botnet (Video Lecture Summary)

[0x4] MIT Linear Algebra, Lecture 5: Vector Spaces and Subspaces

[0x5] Vim Plugins You Should Know About, Part VI: nerd_tree.vim

[0x6] Using Fibonacci Numbers to Convert from Miles to Kilometers and Vice Versa

[0x7] Famous Perl One-Liners Explained, Part IV: String and Array Creation

[0x8] MIT Linear Algebra, Lecture 4: A=LU Factorization

[0x9] A Unix Utility You Should Know About: lsof

[0xA] MIT Linear Algebra, Lecture 3: Matrix Multiplication and Inverse Matrices

HeapOverflow Computer Security Community & Forums : Heap Overflow.com

Computer security community with forums, blogs and directory covering exploit, vulnerability, advisory with various penetration testing tools.

[0x1] CVE-2003-1577 (one_web_server)

[0x2] CVE-2003-1578 (one_web_server)

[0x3] CVE-2003-1579 (one_web_server)

[0x4] CVE-2003-1580 (http_server)

[0x5] CVE-2003-1581 (http_server)

[0x6] CVE-2003-1582 (iis)

[0x7] CVE-2003-1583 (webtrends_log_analyzer)

[0x8] CVE-2003-1584 (surfstats)

[0x9] CVE-2003-1585 (weblog_expert)

[0xA] CVE-2003-1586 (webexpert)

The Web Application Security Consortium / FrontPage

The Web Application Security Consortium (WASC) is an international group of experts, industry practitioners, and organizational representatives who produce open source and widely agreed upon best-practice security standards for the World Wide Web.

[0x1] Robert Auger edited FrontPage

[0x2] Robert Auger edited FrontPage

[0x3] Robert Auger edited FrontPage

[0x4] Robert Auger edited FrontPage

[0x5] Robert Auger edited FrontPage

[0x6] Robert Auger edited FrontPage

[0x7] Robert Auger edited FrontPage

[0x8] Robert Auger edited FrontPage

[0x9] Robert Auger edited FrontPage

[0xA] Robert Auger edited FrontPage

Government Technology Web Strategies News

Government Technology: News: Web Strategies

[0x1] Online Data Sets Could Spur Innovation in High-Tech Northwest

[0x2] Visualization Platform Gives Stakeholders Sneak Peek of New Applications

[0x3] E-Government Score Remains at All-Time High

[0x4] Salt Lake County, Utah, Video Campaign Urges Residents to Improve Their Health

[0x5] San Jose, Calif.'s Wikiplanning Project on Course

[0x6] 2009 Best of California Award Winners Announced

[0x7] Colorado Launches New Public Benefits Web Site

[0x8] Seattle Releases Report on Residents' Technology Use

[0x9] Russian Cops Expose Corruption on YouTube

[0xA] Maine Counties Obstruct Land Database, Says Plaintiff

Juniper

Juniper RSS Feed

[0x1] Signature Update #1601

[0x2] Signature Update #1567

[0x3] Signature Update #1568

[0x4] Signature Update #1569

[0x5] Signature Update #1570

[0x6] Signature Update #1571

[0x7] Signature Update #1572

[0x8] Signature Update #1573

[0x9] Signature Update #1574

[0xA] Signature Update #1576

BugSpy.net - Today's Reports

[0x1] Cython (stopper severity): "cimport cython" broken in latest cython-devel

[0x2] Plone (stopper severity): loop in `borg.localrole`

[0x3] freedesktop.org (stopper severity): clipart: SVG file Upload refused with false error

[0x4] Hadoop (stopper severity): Hive using lzo comporession returns unexpected results.

[0x5] OpenSolaris (stopper severity): gui: New Firefox instances is executed as root by packagemanager

[0x6] JBoss SOA Platform (critical severity): jBPM : Process instances stuck in a fork

[0x7] Ruby 1.8 (critical severity): "case n when *VALID" Broken in Ruby 1.8.8; affects Ruby on Rails

[0x8] Debian (critical severity): gnome-mousetrap: doesn't work (opencv 1 → 2 problem?)

[0x9] Sakai Project (critical severity): Warning in log file when starting up 2.7.b2

[0xA] Mozilla Core Libs (critical severity): Seems random crash at tp4 (EXCEPTION_ACCESS_VIOLATION, 0x0)

Room362.com RSS Feed

Blog

[0x1] @RSnake ’s RFI List in Burp Suite

[0x2] Security (CAN BE) an ART not a SCIENCE

[0x3] grmn00bs podcast

[0x4] Linked in to Twitter

[0x5] Meterpreter tunneling and VNC revamped

[0x6] Metasploit with Ruby 1.9.1

[0x7] 2009 Geek Christmas List

[0x8] SHODAN The Computer Search

[0x9] Brute-Forcing Compatibility

[0xA] Stop blaming the admins!

My Security Blog

Security Chronicles By Umesh Thota

www.secureblog.net

[0x1] Must Have Security Solutions (for free)

[0x2] Goolag Scanner Released!

[0x3] Change DNS ? for a Safer, Faster Online Experience

[0x4] New Theme (*Garland)

[0x5] Iconix eMail ID!

[0x6] SQL Injection Scanner

[0x7] Symantec confirms vulnerability in antivirus software

[0x8] Symantec Anti Virus Software Flawed !!!

[0x9] Security in the CLR World Inside SQL Server

[0xA] New Yahoo IM Worm Poses as 'Safety' Browser

Betanews

Technology News and IT Business Intelligence

[0x1] Goodnight, moon: What I learned from a space shuttle

[0x2] Netflix to FCC: NBCU + Comcast could bypass net neutrality

[0x3] Report: Streaming video drove 72% global increase in mobile data consumption

[0x4] Stymied by continuing Nexus One 3G issues, Google blames the environment

[0x5] Microsoft Confessions: 'There were a ton of bozos'

[0x6] Microsoft Confessions: 'Poor worker bees'

[0x7] Microsoft Confessions: 'Deeply dysfunctional family'

[0x8] Wolfram|Alpha makes a strong argument for virtual keyboards

[0x9] DOJ: Google can't leverage class action to settle with future authors

[0xA] Motorola Droid gets its first official multi-touch gesture

Xatrix Security Advisories

Xatrix Security Advisories

[0x1] Ubuntu Linux: Firefox vulnerabilities

[0x2] Red Hat: Ruby safe-level vulnerability

[0x3] Red Hat: Seamonkey critical security vulnerabilities

[0x4] Debian: Drupal several remote vulnerabilities

[0x5] Debian: Kernel local race condition

[0x6] SUSE: Kernel local privilege escalation

[0x7] Ubuntu Linux: Update introduced regression

[0x8] Ubuntu Linux: Mozilla-Thunderbird vulnerabilities

[0x9] Mandriva: Perl log flaw

[0xA] Ubuntu Linux: Mozilla various vulnerabilities

Hacked Gadgets - DIY Tech Blog

Many articles about hacking gadgets. Examples of extreme technology. DIY projects describing how to build electronic projects. Fun top 5 and top 10 lists.

[0x1] Keyboard Keep Alive Circuit

[0x2] Wooden Gear Kinetic Sculpture

[0x3] RC Airplane Autopilot for Aerial Photography

[0x4] Name the Thing Contest - 118

[0x5] Coffee Can Clock

[0x6] Dennis Hong at TEDx NASA

[0x7] KUKA Robot Disassembly

[0x8] Microcontroller Temperature Controlled Pipe Heating keeps Pipe from Freezing

[0x9] Double Resonance Solid State TeslaCoil uses a Capacitor Bank integrated into the Primary Coil

[0xA] Rotary Encoder and Shift Registers Explained

CSO Blogs - Identity Management

[0x1] Time to re-think encryption

[0x2] CyberTerror - the Arms Race We're Losing

[0x3] Data Genomes and Persistent Security - Protecting Information at its Inception

[0x4] High Tech Firms Who Outsource Software Development to China - The Dirty Little Secret

[0x5] Reasons Why Granny Clampett Kept Her Money in Her Mattress

[0x6] Good riddance!

[0x7] $200 Discount for RSA

[0x8] Leveraging Compliance for Business Value

[0x9] Strategic guidance for applying PCI-DSS tactics.

[0xA] It Is Not A Hack If There is Nothing To Hack

F.A.T.

Release early, often, and w/ rap music.

[0x1] Google Streeview Driver Caught Urinating In Public…

[0x2] Imma Let You Finish Transmediale…

[0x3] SPOTTED: Google + China???

[0x4] Pantless Germans Flash Google Street View Car…..

[0x5] Google Streetcar in Berlin

[0x6] Fatlab introduces “The F.A.T.Pad”

[0x7] “FUCK GOOGLE” Firefox Persona

[0x8] Google jamming on your Firefox

[0x9] FUCK GOOGLE PINS

[0xA] Are you evil?

Identity Theft Blog

Welcome to the most progressive identity theft blog which includes original identity theft articles, identity theft tips, and identity fraud victim solutions.

[0x1] Yahoo Email Account

[0x2] Identity Management Careers

[0x3] Company Identity Theft

[0x4] Medical Identity Theft

[0x5] Red Flags Rules

[0x6] Automatic Card Reload

[0x7] Identity Theft News, Analysis And Commentaries

[0x8] Password Protection

[0x9] Identity Validation

[0xA] Total Identity Protection

CERIAS Blog

[0x1] Drone “Flaw” Known Since 1990s Was a Vulnerability

[0x2] An old canard reappears (sort of)

[0x3] Talking to the Police All the Time

[0x4] “Verified by VISA”: Still Using SSNs Online, Dropped by PEFCU

[0x5] Firefox Vulnerabilities: Souvenirs of Windows 95

[0x6] Are We All Aware Yet?

[0x7] Cassandra Firing GnuPG Blanks

[0x8] What About the Other 11 Months?

[0x9] The Secunia Personal Software Inspector

[0xA] Odds & Ends

InfoWorld SECURITY Feed

InfoWorld - Information Technology News, Computer Networking & Security

[0x1] IBM sees Conficker hitting 4 percent of PCs

[0x2] Hackers seize on 0-day flaw in Microsoft's PowerPoint

[0x3] IBM continues push for Sun, but will the deal kill Solaris?

[0x4] Bill would give feds role in private sector cybersecurity

[0x5] Conficker may be more widespread than previously thought

[0x6] Forrester now says '09 U.S. IT spend to drop 3.1 percent

[0x7] Conficker activation passes quietly, but threat isn't over

[0x8] Gartner: IT spending drop-off worse than after dot-com bust

[0x9] China denies cyberespionage charges

[0xA] Fake security software scammers jump on Conficker

Packet Storm Security Headlines

Packet Storm Headlines

[0x1] Microscope-Wielding Boffins Crack Cordless Phone Crypto

[0x2] Hackers Put TCS Site On Sale

[0x3] China Heralds Bust Of Major Hacker Ring

[0x4] Hacker Unleashes BlackBerry Spyware Source Code

[0x5] Verizon Wireless Blocks 4chan Website

[0x6] Cautionary Carbon Tale - Hackers Cash In On Cap-And-Trade

[0x7] Oracle Rushes Out Patch For Gaping Server Hole

[0x8] FBI Wants Records Kept Of Web Sites Visited

[0x9] Microsoft To Patch 17-Year-Old Computer Bug

[0xA] ZeuS Tracker Shrinks Takedowns From Days To Minutes

Security

[0x1] Smart Grid Security Investments to Increase

[0x2] New Printer Security Solution from Ricoh

[0x3] China Shuts Down Hacker Training Site

[0x4] Websense: Users Putting Too Much Faith in Search Results

[0x5] EPIC Wants Info on Google-NSA Partnership

[0x6] Hacker Pleads Guilty to VoIP Attacks

[0x7] February's Patch Tuesday to See 13 Security Updates

[0x8] Trusteer: Two-Thirds of Users Reuse Online Banking Credentials

[0x9] McAfee Gives SMBs a Quickstart

[0xA] Leaked Data a Boon for Cyber Criminals

SecuriTeam

Welcome to the SecuriTeam RSS Feed - sponsored by Beyond Security. Know Your Vulnerabilities! Visit BeyondSecurity.com for your web site, network and code security audit and scanning needs.

[0x1] LedgerSMB Multiple Vulnerabilities

[0x2] Kaspersky Lab Multiple Products Local Privilege Escalation Vulnerability

[0x3] Piwik Cookie Unserialize Vulnerability

[0x4] Invision Power Board SQL PHP File Inclusion and SQL Injection

[0x5] U.S. Defense Information Systems Agency (DISA) Unix Security Readiness Review (SRR) Vulnerability

[0x6] Netifera - Modular Open Source Platform for Security Tools

[0x7] WarVOX - Tools for Exploring, Classifying, and Auditing Telephone Systems

[0x8] Webshag - Web Server Audit Tool

[0x9] Browser Fuzzer

[0xA] FSpy - Linux Filesystem Activity Monitoring

SecureWorks Info Feed

SecureWorks news, press releases, events, and research alerts.

[0x1] News: China Closes Hacker Training Site (Information Week)

[0x2] Event: Atlanta Venture Pipeline

[0x3] Announcement: Hacker Attacks Targeting Healthcare Organizations Doubled in the 4th Quarter of 2009 according to SecureWorks' Data

[0x4] Threat Analysis: Opachki Link Hijacker Trojan Analysis

[0x5] News: Get Paid to Install Malware (Technology Review)

[0x6] Event: Technology Executives Roundtable (TER)

[0x7] Announcement: SecureWorks Extends PCI Approved Scanning Vendor Solutions

[0x8] Threat Analysis: Static Binary Analysis of Recent SMBv2 Vulnerability

[0x9] News: Cyberthieves are hiring, using online ads (Reuters)

[0xA] Event: SANS Phoenix

XSSed syndication

You are welcome to syndicate and share xssed.com contents

[0x1] New HSBC and Barclays bank XSS and open redirect bugs

[0x2] Flash clickTAG parameter XSS. Banks, e-shops, Adobe and others vulnerable

[0x3] Cross-site scripting flaw on Winbank's easypay.gr SSL site

[0x4] Major Greek bank sites with SSL vulnerable to XSS and open redirects

[0x5] Google SSL page vulnerable to XSS

[0x6] Google Chrome universal XSS vulnerability, now fixed

[0x7] Two critical XSS bugs on Barclays bank website

[0x8] XSS, Iframe injections and XMLHTTP post request errors on McAfee sites

[0x9] Five Sun.com XSS flaws in the SSL user login page

[0xA] New critical XSS bug in Google's Orkut

Zero in a bit

Application security testing, analysis, and metrics

[0x1] Is Your BlackBerry App Spying on You?

[0x2] Mobile App Security

[0x3] Google Admitting Compromise Good News

[0x4] An Ounce of Prevention is Worth a Pound of Cure

[0x5] We Need To Learn More About the RBS Worldpay ATM Attack

[0x6] White Box Better Than Black Box

[0x7] From the 10 Years Ago Today Department

[0x8] Stealing PII is So 2007 — They Want Your Endpoint

[0x9] Trust Your Own Code?! Trust Your Own Compiler?!

[0xA] SQL Injection Blamed for 7-11, Hannaford and Heartland Breaches

LinuxSecurity.com: Fedora Advisories

The central voice for Linux and Open Source security news.

[0x1] Study: Spammers use e-mail ID to gain legitimacy

[0x2] Review: Mod-Security 2.5 by Magnus Mischel

[0x3] Fedora 10 ruby-1.8.6.368-2.fc10

[0x4] Fedora 12 moodle-1.9.7-1.fc12

[0x5] Fedora 12 ntp-4.2.4p8-1.fc12

[0x6] Fedora 10 moodle-1.9.7-1.fc10

[0x7] Fedora 12 kernel-2.6.31.6-166.fc12

[0x8] Fedora 10 httpd-2.2.14-1.fc10

[0x9] Fedora 12 nss-util-3.12.5-1.fc12.1

[0xA] Fedora 10 rubygem-actionpack-2.1.1-5.fc10

CSOONLINE.com - Critical Infrastructure

[0x1] The Bumbling Airline Bomber, Stupid Reactions, and 8 Real Security Takeaways

[0x2] Security and Building Design: What Changed in This Decade

[0x3] Digital Security Stalled as Obama Eyes Afghanistan

[0x4] I Was Wrong: There Probably Will Be an Electronic Pearl Harbor

[0x5] How 9-11 Shaped Hoover Dam Security Operations

[0x6] Hoover Dam Security in Pictures

[0x7] Report: China Ready for Cyberwar, Espionage

[0x8] Charitable Risk: Security Challenges of the Bill and Melinda Gates Foundation

[0x9] Science and Technology Directorate of DHS: Do We Need It?

[0xA] Eight Years After 9-11: Better Security or Just Luck?

Liquidmatrix Security Digest

Bringing Fire To The Village: Your Source For Computer, Network & Information Security News from Dave Lewis, Security Blogger

[0x1] Researchers Break DECT

[0x2] Security Briefing: February 8th

[0x3] Liquidmatrix Immortalized In LEGO

[0x4] Thotcon Approaches

[0x5] Pics From Shmoocon Snowmageddon

[0x6] American Express Website Password Nonsense

[0x7] PC Load Letter?!? Time For A New Job?

[0x8] Where’d The Apple PR Contacts Go?

[0x9] PFO Form Letter

[0xA] Security Briefing: February 5th

Cryptography Blog

Cryptography Blog

[0x1] DNA cryptography?

[0x2] Self-Encrypting Hard Drives

[0x3] Diebold Audit Logs

[0x4] Black Hat DC 2009 and Research

[0x5] Data Theft and Loss - It's Inevitable So Just Be Prepared

[0x6] Electronical Health Records - Law and Technology

[0x7] SSL is not broken; MD5 is and has been for a long time

[0x8] A Basic Tip Regarding Wireless Security

[0x9] The Big Business of Computer Crime

[0xA] The Transparent Society Begins

Hak5 - Technolust since 2005

[0x1] Episode 625 – Create a BackTrack 4 Persistent USB Key and a Pimped out Zipit Linux Image

[0x2] Episode 624 – Homebrew Multitouch

[0x3] Cave Story

[0x4] Episode 623 – CES 2010 Part 2: Drones, Smartbooks, Pocket HD Cams, Gaming Gloves & Lego

[0x5] CES 2010: Nokia n900

[0x6] CES 2010: Ectaco jetBook-Lite

[0x7] CES 2010: Gambridge Hybrid MIDI / Gaming Guitar

[0x8] CES 2010: Plastic Logic Que

[0x9] CES 2010: Alienware M11x

[0xA] CES 2010: Boxee

NoScript Updates

Recent stable releases from noscript.net

[0x1] NoScript 1.9.9.45

[0x2] NoScript 1.9.9.42

[0x3] NoScript 1.9.9.39

[0x4] NoScript 1.9.9.36

[0x5] NoScript 1.9.9.35

[0x6] NoScript 1.9.9.30

[0x7] NoScript 1.9.9.27

[0x8] NoScript 1.9.9.26

[0x9] NoScript 1.9.9.25

[0xA] NoScript 1.9.9.22

LinuxSecurity.com: Red_Hat Advisories

The central voice for Linux and Open Source security news.

[0x1] Study: Spammers use e-mail ID to gain legitimacy

[0x2] Review: Mod-Security 2.5 by Magnus Mischel

[0x3] RedHat: RHSA-2010:0076-01 kernel security and bug fix update

[0x4] RedHat: RHSA-2010:0079-01 kernel security and bug fix update

[0x5] RedHat: kernel-rt security and bug fix update

[0x6] RedHat: gzip

[0x7] RedHat: bind

[0x8] RedHat: acroread

[0x9] RedHat: kernel security and bug fix update

[0xA] RedHat: kernel security and bug fix update

CSOONLINE.com - Employee Protection

[0x1] Disaster in Haiti: Advice for Employees and Operations on the Ground

[0x2] Security and Building Design: What Changed in This Decade

[0x3] Testing Shows Cocaine, Meth Use Down Among U.S. Workforce

[0x4] Excerpt: Conducting a Protective Security Advance

[0x5] Managing Security Overseas: Contact and Coordination with Local, Regional, and International Authorities

[0x6] How Security Should Handle Pickets and Strikes

[0x7] How 9-11 Shaped Hoover Dam Security Operations

[0x8] Hoover Dam Security in Pictures

[0x9] Charitable Risk: Security Challenges of the Bill and Melinda Gates Foundation

[0xA] Bomb Threat Procedures

BankInfoSecurity.com "Compliance Insight" Blog RSS Syndication

BankInfoSecurity.com.com RSS Feeds for Compliance Insight blog.

[0x1] Heartland: Where is the Outrage?

[0x2] Credit Unions Pay a Premium for Doing the Right Thing

[0x3] It's Time to Get Serious About PCI as a Regulation

[0x4] Heartland Breach Saps Resources, Time from Institutions

[0x5] Boards of Directors: How to Set the Tone at the Top for Security and Compliance

[0x6] Regulatory Compliance: It's Not Enough to Plan; You Must Test

[0x7] Increased Regulatory Scrutiny: A Good Thing or Bad?

[0x8] Four Tips for a Successful (and Secure) 2009

[0x9] New Year's Resolution: Assess Your Risk

[0xA] FDIC: Now Hiring 1400 New Examiners

evilrouters.net

im in ur datacentrz configurin' ur routerz

[0x1] Here’s something you don’t see everyday

[0x2] Use scapy to send JunOS killin’ packet

[0x3] JunOS PSN-2010-01-623 Exploit

[0x4] The right way to host your website

[0x5] My Thoughts on Christmas

[0x6] scientific inquiry into santa claus

[0x7] JNCIA-ER

[0x8] Mitigate latest Adobe vulns with a GPO

[0x9] IIS 6.0 may not function correctly after installing KB973917

[0xA] Upgrading FreeBSD 7.2 to 8.0 using freebsd-update

Security News items, Blog posts | ZDNet

News items, Blog posts relating to Security

[0x1] China breaks up Black Hawk hacking ring

[0x2] Oracle releases emergency patch

[0x3] ISM3 brings greater standardization to security measurement across enterprise IT

[0x4] Oracle rushes out patch for gaping server hole

[0x5] Firefox add-on contained toxic Trojan code

[0x6] Mozilla Firefox hit by malware add-ons

[0x7] Does Blippy really pose a security risk?

[0x8] U.S. House passes cybersecurity research bill

[0x9] Let compliance lead the way in preventing healthcare data breaches

[0xA] MS Patch Tuesday heads-up: 13 bulletins, 26 vulnerabilities

LinuxSecurity.com: Ubuntu Advisories

The central voice for Linux and Open Source security news.

[0x1] Study: Spammers use e-mail ID to gain legitimacy

[0x2] Review: Mod-Security 2.5 by Magnus Mischel

[0x3] Ubuntu: Samba vulnerability

[0x4] Ubuntu: PyXML vulnerabilities

[0x5] Ubuntu: Python 2.4 vulnerabilities

[0x6] Ubuntu: Python 2.5 vulnerabilities

[0x7] Ubuntu: Bind vulnerabilities

[0x8] Ubuntu: gzip vulnerabilities

[0x9] Ubuntu: LibThai vulnerability

[0xA] Ubuntu: Pidgin vulnerabilities

Twitter / mssecurity

Twitter updates from Microsoft Security / mssecurity.

[0x1] mssecurity: Microsoft security updates for November 2009 - http://bit.ly/35QaKW

[0x2] mssecurity: Sorry all, automated update pushing hasn't been working too well the last few times. Working on it.

[0x3] mssecurity: Microsoft security updates for October 2009 - http://bit.ly/RgyPY

[0x4] mssecurity: Microsoft security updates for July 2009 http://bit.ly/YUzPo

[0x5] mssecurity: Microsoft security updates for June 2009 http://tinyurl.com/mx8dxn

[0x6] mssecurity: Vista Service Pack 2 Standalone downloads now available - 32-bit http://sn.im/ismow, 64-bit http://sn.im/ismps

[0x7] mssecurity: Microsoft security updates for May 2009 http://tinyurl.com/ogxprk

[0x8] mssecurity: What is a botnet? http://tinyurl.com/oxwot3

[0x9] mssecurity: What is spam? http://tinyurl.com/qe46ka

[0xA] mssecurity: What is identity theft? http://tinyurl.com/r3evar

www.derkeiler.com: Pen-Test

Pen-Test

[0x1] Tools Update - Fist week of February 2010

[0x2] NEMESIS linux packet injection command line tool - IP options file as input argument

[0x3] Dradis Framework v2.5 is out!

[0x4] SMS Banking

[0x5] Tools Update - Last week of January 2010

[0x6] sivus- Voip vulnerability scanner

[0x7] pentesting voip network-please help

[0x8] winAUTOPWN 2.1 - Now you can sleep

[0x9] =?UTF-8?B?UkU6IFtGdWxsLWRpc2Nsb3N1cmVdIENhbiBJIG1hbmk=?= =?UTF-8?B?cHVsYXRlIHBhY2tldOKAmXMgc

[0xA] =?windows-1252?Q?Re=3A_=5BFull=2Ddisclosure=5D_Can_I_manipulate_packet=92s_sp?= =?windows-12

SearchSoftwareQuality: Software quality news and advice

News, analysis and technical advice about securing applications and Web services.

[0x1] Measure the risks before embedded your application into social media waters

[0x2] Preflight builds are key in speedy iteration delivery says Electric Cloud's CEO

[0x3] Using soapUI to mock Web services can offer insight on user acceptance

[0x4] Choosing automated software testing tools: Open source vs. proprietary

[0x5] Q&A: Software tester describes daily application performance testing work

[0x6] How do I create a test case based on requirements documents for user acceptance testing?

[0x7] Slim chance of revision to PCI DSS expected this year

[0x8] Nine ways to evaluate automated software testing tools

[0x9] Finding software flaws with error-guessing tours

[0xA] According to 2009 study, Data compromise costs rose

Anton Chuvakin Blog - "Security Warrior"

This blog covers all sorts of issues of interest to me, including information security, network security, data security - and all other fun things security.

[0x1] Links for 2010-02-07 [del.icio.us]

[0x2] Links for 2010-02-06 [del.icio.us]

[0x3] Logging, Log Management and Log Review Maturity

[0x4] Monthly Blog Round-Up – January 2010

[0x5] Links for 2010-02-02 [del.icio.us]

[0x6] Live Test of FUD Value: Pro/Con?

[0x7] Top Nine Reasons How PCI Is Like APT

[0x8] Links for 2010-02-01 [del.icio.us]

[0x9] ShmooCon!!! or Anton in DC This Week!

[0xA] REAL PCI Compliance Percentages?

EarthWeb IT Management News & Views

EarthWeb IT Management News & Views offers busy IT managers up-to-date reports and insightful analysis of IT industry trends.

[0x1] Welcome to the Enterprise Applications Daily Newsletter

[0x2] Service Oriented Architecture and the Cloud

[0x3] Mozilla Dropping Firefox Support for Mac OS X 10.4

[0x4] CEO Ouster Latest Sign of Woes at CRM Leader

[0x5] Oracle Snaps Up SOA Specialist AmberPoint

[0x6] How to Measure ITIL Service Utility and Warranty

[0x7] Top Ten Data Breaches and Blunders of 2009

[0x8] What Do the iPad and Windows Azure Have in Common?

[0x9] Wireless Network Security: 7 Simple Tips

[0xA] Red Hat Exchange: Do Open Source App Stores Work?

Leadership 101

Enhancing Global Leadership from the Inside-Out.

[0x1] The Voice Of A Leader... Part II

[0x2] The Voice Of A Leader...

[0x3] Effortless Leadership... Part III

[0x4] Effortless Leadership... Part II

[0x5] Effortless Leadership...

[0x6] Maximizing The Holidays...

[0x7] Leading During The Holidays...

[0x8] Growing Through Sports...

[0x9] The Traveling Leader...

[0xA] The Altruistic Leader... Part III

Emergency Management News

Government Technology: News: Latest Emergency Management News

[0x1] Text-a-Tip Programs Promote Campus and Public Safety

[0x2] States Scored on Health Emergency Preparedness Capabilities

[0x3] Web-Based System Simplifies South Carolina's Disaster Data Collection

[0x4] New York Testing Emergency Alerts Over Xbox, PlayStation, Wii Online Networks

[0x5] States Receiving Long-Awaited Funds for Enhanced 911

[0x6] Coast Guard Contingency Planner John Stanley Develops Strategies for Natural Disasters and ...

[0x7] Flood Management and Rebuilding Plans Help Iowa Town Recover

[0x8] Virtual Alabama Facilitates Data Sharing Among State and Local Agencies

[0x9] Satellite Technology Provides Disaster Communications When Cell Towers Fail

[0xA] Social Media Brings Together Resources, Creates More Resilient Communities (Analysis, Social ...

Black Hat Announcements

Black Hat Digital Self Defense. Black Hat provides cutting edge content in the information and computer security field. Keep up to date with Black Hat presentations, announcements, and free content.

[0x1] Black Hat DC Keynote

[0x2] Black Hat Europe 2010 Registration Now Open

[0x3] Black Hat DC Reminder: Regular registration rate ends January 15

[0x4] Black Hat DC 2010 Hotel - Group Rate Extended

[0x5] Official Announcement: Black Hat Abu Dhabi 2010

[0x6] Black Hat DC 2010 Early Bird Registration

[0x7] Visit the Black Hat booth during the Dec 9th virtual event and have access to all 2009 Black Hat event presentations.

[0x8] Register for the Dec 9th Virtual Event & Save $250 for Black Hat DC 2010 Briefings

[0x9] Black Hat DC 2010 Hotel - Group Rate Available

[0xA] Black Hat & Dark Reading Virtual Event December 9th - IT Security The Next Decade

EduGeek.net Forums

EduGeek.net - The educational I.T. professionals' life line

[0x1] Happy Birthday martman2002uk

[0x2] [For Sale] iPod Touch 8gb

[0x3] Tracking down an old family friend

[0x4] Finally deployed, one small issue...

[0x5] Adobe Reader 9.2 and 9.3 crash when started

[0x6] Sllipstream Office 2003 SP2 to Virtual CD

[0x7] DDR RAM

[0x8] Windows 7 Sysprep File

[0x9] Cursor Snap Back in Windows 7

[0xA] [Solution] Vista Always Loads with Temporary Profile for Specific User Account

Government Technology Product News

Government Technology: News: Products

[0x1] Visualization Platform Gives Stakeholders Sneak Peek of New Applications

[0x2] Industrial Vending Machines Provide Work Gloves, Duct Tape and Other Essentials to City Staff

[0x3] New Products from Aluratek, Gateway, Memorex

[0x4] New Products from Plastic Logic, Pantech, Panasonic

[0x5] Microsoft Loses Appeal, Can No Longer Sell Word

[0x6] New Products from GammaTech, TomTom, IRES Technology Corp.

[0x7] Personal Computing: Multifunction Printers Increase in Popularity

[0x8] Personal Computing: Laptop as Desktop PC Replacement?

[0x9] Regional Permit Management System for Connecticut Cities and Towns

[0xA] California Mandates TV Energy Use Standards

The UNIX and Linux Forums

UNIX and Linux Forums - Learn UNIX, UNIX commands, Linux, Operating Systems, System Administration, Programming, Shell, Shell Scripts

[0x1] Compare File Differences in different directories

[0x2] old hand to FreeBSD, brand new to KDE ??'s

[0x3] Cyber Security Central

[0x4] UFW show args command

[0x5] Ubuntu 9.10 FIrewall--is UFW allowing anything through by default?

[0x6] Convert row data to column data

[0x7] How to send file descriptor by shared memory

[0x8] 10 Reasons Why Good Documentation Has To Be Huge

[0x9] Removing ^M through shell script

[0xA] how to start in the bash shell everytime I logon to sun os

ZDI: Upcoming Advisories

Upcoming Advisories

[0x1] ZDI-CAN-685: Hewlett-Packard

[0x2] ZDI-CAN-684: Hewlett-Packard

[0x3] ZDI-CAN-683: Hewlett-Packard

[0x4] ZDI-CAN-682: Hewlett-Packard

[0x5] ZDI-CAN-677: RealNetworks

[0x6] ZDI-CAN-675: Adobe

[0x7] ZDI-CAN-672: Microsoft

[0x8] ZDI-CAN-665: Adobe

[0x9] ZDI-CAN-663: IBM

[0xA] ZDI-CAN-662: IBM

Veracode in the News

Read the latest news about Veracode

[0x1] 1.15.10 - USA Today

[0x2] 1.7.10 - V3

[0x3] 12.15.09 - Mass High Tech

[0x4] 12.10.09 - Forbes

[0x5] 12.08.09 - SC Magazine

[0x6] 12.10.09 - V3

[0x7] 12.2.09 - Forbes

[0x8] 11.18.09 - BBC

[0x9] 11.18.09 - The Last Watchdog

[0xA] 11.18.09 - SC Magazine

Government Technology

[0x1] Government Technology - January 2009

[0x2] Government Technology - December 2008

[0x3] Government Technology - December 2008

[0x4] Government Technology - November 2008

[0x5] Government Technology - November 2008

[0x6] Government Technology - October 2008

[0x7] Government Technology - October 2008

[0x8] Government Technology - September 2008

[0x9] Government Technology - September 2008

[0xA] Government Technology - August 2008

LinuxSecurity.com: Mandriva Advisories

The central voice for Linux and Open Source security news.

[0x1] Study: Spammers use e-mail ID to gain legitimacy

[0x2] Review: Mod-Security 2.5 by Magnus Mischel

[0x3] Mandriva: squid

[0x4] Mandriva: rootcerts

[0x5] Mandriva: wireshark

[0x6] Mandriva: kernel

[0x7] Mandriva: mailcap

[0x8] Mandriva: gtk

[0x9] Mandriva: rootcerts

[0xA] Mandriva: evolution

CSOONLINE.com - Audit

[0x1] Report: Layer 7 Increasingly Under DDoS Gun

[0x2] Internal Investigations: The Basics

[0x3] The Great PCI Security Debate of 2010: Transcribed

[0x4] PCI DSS, Come Forward and Be Judged

[0x5] Compliance as Security: The Root of Insanity

[0x6] The Mass. 201 CMR 17 Survival Guide

[0x7] The Patch Tuesday Survival Guide

[0x8] Why Pen Testing Is Central to Pennsylvania's App Security

[0x9] 4 Ways to Get the Most from Your PCI QSAs

[0xA] One Man's View: Heartland CEO Must Accept Responsibility

milw0rm.com

milw0rm.com's latest exploit rss feed

[0x1] BigAnt Server <= 2.50 SP6 Local (ZIP File) Buffer Overflow PoC #2

[0x2] Joomla com_mytube (user_id) Blind SQL Injection Exploit

[0x3] Joomla com_jinc (newsid) Blind SQL Injection Vulnerability

[0x4] Snort < 2.8.5 Unified1 Output Denial of Service Exploit

[0x5] WX Guest Book 1.1.208 (SQL/XSS) Multiple Remote Vulnerabilities

[0x6] Loggix Project <= 9.4.5 Multiple Remote File Inclusion Vulnerabilities

[0x7] ProdLer <= 2.0 (prodler.class.php sPath) RFI Vulnerability

[0x8] CMScontrol 7.x (index.php id_menu) SQL Injection Vulnerability

[0x9] cP Creator 2.7.1 (Cookie tickets) Remote SQL Injection Exploit

[0xA] Winplot (.wp2 File) Local Buffer Overflow Exploit

AVG Top Threats

Latest security threats

[0x1] Downadup/Conficker worm

[0x2] I-Vers/Nuwar

[0x3] I-Vers/Nuwar

[0x4] I-Worm/Nuwar

[0x5] Win32/Mabezat.A

[0x6] Downloader.Tibs

[0x7] Trojan Downloader.Agent.UZM

[0x8] I-Worm/Stration downloader

[0x9] I-Worm/Stration downloader

[0xA] Stration downloader

Cisco Learning Home : All Content - Security

All Content in Security

[0x1] ASA vs PIX

[0x2] Cisco WCCP Security

[0x3] ASA - Inspect ICMP with PMTUD

[0x4] ASA Guidelines - VLANS

[0x5] IPv6 security concerns

[0x6] VPN Client

[0x7] Some Questions on ISCW

[0x8] Security Specialist Certifications

[0x9] Cisco ASA 5550 Best Guide/Book

[0xA] is it possible to create VPN connection using one subnet?

The Hacker Diaries

Ethical Hacking, Security Tools, and all things Cyber Security

[0x1] Hacktivists change the Global Warming Debate

[0x2] Protecting from Identity Theft? A good Start

[0x3] Social Security number code cracked, study claims

[0x4] Pink Floyd star David Gilmour joins fight to halt extradition to US of hacker Gary McKinnon

[0x5] The Myth of the Virus Free Mac

[0x6] Hackers launch phishing attack on Facebook users

[0x7] Social Networking making it easier for Hackers

[0x8] Twitter’s porn name game a hit with Hackers

[0x9] Anti-Virus Sites have XSS vulnerabilties??

[0xA] The FAA was successfully attacked

rAWjAW's Blog

Coding, Exploiting, Reverse Engineering

[0x1] Updates

[0x2] Second XSS and Milw0rm Submission

[0x3] Passed My C|EH

[0x4] Security Rant

[0x5] Contacted Back!

[0x6] First XSS Vulnerability Discovery!

[0x7] Jasager and Airbase-ng Defenses

[0x8] Passed the GPEN!

[0x9] MS08-067 in Metasploit

[0xA] GIAC Penetration Tester (GPEN)

Wilders Security Forums

This is a Computer Security discussion forum.

[0x1] Security chip that does encryption in PCs hacked

[0x2] Adobe apologizes for 16-month-old Flash bug

[0x3] Windows 7 Battery Notification Messages

[0x4] final uninstaller

[0x5] What's this about - "Searching for Windows on all hard drives"?

[0x6] ZoneAlarm Extreme Security US$49.95 only

[0x7] Tell me why I shouldn't turn off realtime scanning

[0x8] Windows Defender and ESS

[0x9] Rootkit Unhooker has no text in GUI

[0xA] Help - Can't get Win 7 and 2 VISTA to play nice together

Development & Integration White Papers

C Languages, EAI, Java, Visual Basic, and Web Design White Papers

[0x1] Insiders' Guide to Evaluating Remote Control Software

[0x2] Improving Application Development with Digital Libraries

[0x3] Introduction to The Most Popular Commercial Open Source Backup Software - Amanda Enterprise

[0x4] How Can I Back Up MySQL Database Without Killing Application Performance? NetApp and Zmanda Have the Answer.

[0x5] Achieving the Impossible- Unlimited Application Scalability

[0x6] Data Centre Transitions: UNIX to Linux

[0x7] Data Grids and Service  Oriented Architecture

[0x8] An Innovative Approach to Managing Software Requirements

[0x9] Using Virtualization to Maximize Your IT Environment

[0xA] Why Every Data Center Needs Automation

Techworld.com Networking

Latest IT articles from Techworld's Networking channel

[0x1] Europe lagging behind on fibre broadband adoption

[0x2] LG NAS N4B1 review

[0x3] VoIP patent under review by Patent Office

[0x4] YouTube now supports IPv6

[0x5] Where do web giants stand on IPv6?

[0x6] Intel details vPro for Core i5, i7 processors

[0x7] Microsoft IE still popular, researcher says

[0x8] How to protect your online reputation

[0x9] Gmail to drop IE6 support this year

[0xA] T-Mobile, Orange merger hits a snag

Security

Sun Security Blog

[0x1] Sun Alert 275790 A Security Vulnerability Exists if an OpenSolaris System was Joined to a Windows Domain Using kclient(1M) or smbadm(1M)

[0x2] Sun Alert 274990 Security Vulnerability in the Transport Layer Security (TLS) and Secure Sockets Layer 3.0 (SSLv3) Protocols Affects Multiple Server Products in the Sun Java Enterprise System Suite

[0x3] Sun Alert 273169 Security Vulnerability in BIND DNS Software Shipped With Solaris May Allow DNS Cache Poisoning

[0x4] Sun Alert 275890 Multiple Security Vulnerabilities in BIND DNSSEC Software Shipped With Solaris May Cause Bogus NXDOMAIN Responses

[0x5] Sun Alert 270268 Multiple Integer Overflow Vulnerabilities in the FreeType 2 Font Engine May Lead to a Denial of Service (DoS) or Allow Execution of Arbitrary Code

[0x6] Sun Alert 275711 Security Vulnerability in the Sun Java System Directory Server May Allow Crafted LDAP Search Requests To Cause A Denial Of Service (DoS) Condition

[0x7] Sun Alert 275530 Integer Overflow Security Vulnerability in AES and RC4 Decryption in the Solaris Kerberos Crypto Library May Lead to Execution of Arbitrary Code or a Denial of Service (DoS)

[0x8] Sun Alert 274870 Security Vulnerabilities in PostgreSQL Shipped With Solaris May Allow Escalation of Privileges or Man-in-the-Middle on SSL Connections

[0x9] Sun Alert 267088 Multiple Security Vulnerabilities in Solaris TCP (see tcp(7P)) Implementation May Lead to a Denial of Service (DoS) Condition

[0xA] Sun Alert 275590 A Security Vulnerability in the ntp Daemon (xntpd(1M)) May Lead to a Denial of the Solaris Network Time Protocol(NTP) Service

FaceTime Security Labs

The latest information on threats and vulnerabilities affecting IM and P2P.

[0x1] W32/Autorun.worm.zzo (Low)

[0x2] StonedBootkit.dr (Low)

[0x3] Ransom-J (Low)

[0x4] Spam-Mailbot!3F4D5065 (Low)

[0x5] FakeAlert-DI (Low)

[0x6] Generic FakeAlert!htm (Low)

[0x7] FakeAlert-DA (Low)

[0x8] FakeAlert-EL (Low)

[0x9] BackDoor-DTX (Low)

[0xA] Downloader-BRM (Low)

GovInfoSecurity.com Blogs RSS Syndication

GovInfoSecurity.com.com Blog RSS Feeds

[0x1] Political Lovefest Over Cybersecurity

[0x2] New Information Security Survey - Why it Matters

[0x3] The Problem with Passwords

[0x4] Legislating Infosec Education and Awareness

[0x5] Feds' Mysterious Cybersecurity Budget

[0x6] Trends, Threats and Thought-Leaders

[0x7] Google-China Row Perplexes Comcast CEO

[0x8] Have You Worked Around Dumb Security Measures?

[0x9] Mystery Shoppers: The Latest Fraud Scheme

[0xA] New "Czar" Gets Feet Wet on the Hill

Published Security Alerts

Published Security Alerts

[0x1] SQL Injection in SYS.KUPV$FT in Oracle 10g. Rel. 1

[0x2] SQL Injection in SYS.KUPV$FT_INT in Oracle 10g. Rel. 1

[0x3] Event 10053 logs TDE wallet password in cleartext

[0x4] Transparent Data Encryption stores key unencrypted in the SGA

[0x5] Cross-Site-Scripting in Oracle Workflow wf_route

[0x6] Cross-Site-Scripting in Oracle Workflow wf_monitor

[0x7] Shutdown listener via iSQL*Plus

[0x8] Shutdown listener via Forms Servlet

[0x9] Plaintext Passwords logged during Installation of Oracle HTMLDB

[0xA] Cross-Site-Scripting Vulnerabilities in Oracle HTMLDB

TheAppleBlog

TheAppleBlog, published by and for the day-to-day Apple user, is a prominent source for news, reviews, walkthroughs, and real life application of all Apple products.

[0x1] The iPad Could Mean Big Trouble for AT&T’s Network, FCC Warns

[0x2] Macworld Expo Tips: 12 iPhone Apps for Traveling to San Francisco

[0x3] Why Not to Buy a Mac (Now)

[0x4] Alleged Core i7 MacBook Pro Benchmarked

[0x5] Another Publisher Uses iPad as Leverage for Price Hike

[0x6] iTunes Web Previews Now Live for Apps, Too

[0x7] Atimi — Raising the Standard for iPhone Development

[0x8] Antivirus Software On Your Mac: Yes or No?

[0x9] Call for iPhone & Mac Developers/Writers

[0xA] Nehalem Mac Pros Getting Hot and Bothered

WEB-HACK.ru

Новостной портал по сетевой безопасности!

[0x1] Надежный и безопасный хостинг для белых проектов

[0x2] Data Guardian v1.5.9

[0x3] Топ-20 тем спама о Дне Святого Валентина

[0x4] Хакеры атакуют сторонников Барака Обамы

[0x5] Взлом сайта Общественной палаты

[0x6] ESET обновлила антивирус для смартфонов

[0x7] Kaspersky Security Bulletin. Развитие угроз в 2008 году

[0x8] Kaspersky Security Bulletin. Основная статистика за 2008 г.

[0x9] Kaspersky Security Bulletin. Спам в 2008 г.

[0xA] Хакеры получили доступ к данным 4,5 млн. человек на Monster.co.uk

SOURCE Conference Blog

SOURCE Boston 2009: March 11th-13th

[0x1] Splunk4.1 + Instant Messaging = SplunkAIM

[0x2] Is Your BlackBerry App Spying on You?

[0x3] Apoena

[0x4] SQL Injections: The Splunk Method for Auditing Your Application Security Model

[0x5] Be successful with Splunk in about an hour…

[0x6] Splunk memory use patterns

[0x7] Mobile App Security

[0x8] Parsing the Splunk Timezone Format

[0x9] One of World’s Largest Financial Firms Presents at Splunklive Boston

[0xA] Customer Presentations Draw Record North American Attendance to Splunklive Boston

ARN Security

ARN Security

[0x1] PayPal suspends personal payments to India

[0x2] Poulos builds channel in new vendor home

[0x3] CeTech and Vasco launch authentication-as-a-service

[0x4] Check Point brings on second distributor

[0x5] Indian pleads guilty in overseas stock hacking scheme

[0x6] Symantec hit with class-action lawsuit over auto-renewals

[0x7] Kaspersky: Google hack takes spotlight from Russia

[0x8] Apple iPhone security, privacy claims exaggerated, researcher says

[0x9] Microsoft slates colossal Windows patch next week

[0xA] Spam, e-mail threats high in the Asia Pacific in January

PandaLabs Blog

everything you need to know about Internet threats

[0x1] Distributing malware through Facebook

[0x2] 2nd Security Blogger Summit

[0x3] Microsoft Support informs you…

[0x4] Spam using Twitter and Youtube

[0x5] Ex-girlfriend worm

[0x6] You’ve received a (malicious) postcard

[0x7] This time it’s Apple iPad’s turn

[0x8] unNamed App (Updated)

[0x9] The Hell Angels or, better said, the Malware Angels…

[0xA] MS10-002 Exploit Constructor

Smart Security by Dharmesh M Mehta

An Application Security Blog

[0x1] Plenty of (IN)Secure Broadband Routers

[0x2] Mumbai to Host India’s First e-Crime Forum

[0x3] Latest Phishing Site of ICICI Bank

[0x4] Application security should be addressed in initial SDLC stages

[0x5] Can your Exchange Administrator view your mailbox

[0x6] No Built-In Response.HTMLEncode in Java

[0x7] Dev Tools for Security Testing

[0x8] Botnet Attack Details from Kaspersky

[0x9] Isn't that Impossible?

[0xA] Looking for better solution(s)

CNET News - Security

[0x1] Verizon temporarily blocks some 4chan sites

[0x2] Security software maker Vitamin D exits beta

[0x3] China breaks up Black Hawk hacking ring

[0x4] PCI compliance: What it is and why it matters (Q&A)

[0x5] New UI, features highlight McAfee 2010 suites

[0x6] BlackBerry has spyware risk too, researcher says

[0x7] Mozilla yanks infected add-ons, warns users

[0x8] Caught on tape: Pastry thief and a bad dog walker

[0x9] Microsoft to patch 26 holes in Windows, Office

[0xA] U.S. House passes cybersecurity research bill

OVAL News

OVAL news headlines for the latest compatible products, data and schema updates, upcoming conferences, new Web site features, OVAL in the news, etc.

[0x1] OVAL Version 5.7 in Draft Stage

[0x2] MITRE Hosts "Making Security Measurable" Booth at the 2010 Information Assurance Symposium

[0x3] OVAL Adoption Requirements Document Now Available

[0x4] MITRE Announces Initial "Making Security Measurable" Calendar of Events for 2010

[0x5] Security Automation Is Main Focus of DoD’s IAnewsletter

[0x6] OVAL Interpreter Updated to Version 5.6.4

[0x7] OVAL Repository Announces Top Contributors Awards for Q4-2009

[0x8] New OVAL Board Member

[0x9] Making Security Measurable Briefing and Booth at IT Security Automation Conference 2009

[0xA] OVAL Board Holds Teleconference Meeting

hacklab.to

Toronto's hacker collective

[0x1] Esperanto boot camp (Saturday January 23)

[0x2] Learn German on Jan 9!

[0x3] Python Hiatus

[0x4] RubyMine Donation

[0x5] Hacklab in The National Post

[0x6] No, really, it does play Super Mario

[0x7] Living in the Future, or, HackLab Buys a Cupcake

[0x8] miniSoOnCon 2009!

[0x9] Board Update

[0xA] Let’s party like it’s been a year!

Packet Storm Security Exploits

Packet Storm Last 10 Exploits

[0x1] CORELAN-10-010.txt

[0x2] wsnguestdb-disclose.txt

[0x3] bluedove-sql.txt

[0x4] as3flexdb-sqldisclose.txt

[0x5] jdownloader-exec.txt

[0x6] DSECRG-09-065.txt

[0x7] sapone_fc.tar.bz2

[0x8] uigabp-sqlxss.txt

[0x9] cve-2010-0453.c

[0xA] exponentcms-sql.txt

CSOONLINE.com - Investigations/Forensics

[0x1] How to Visualize Investigations

[0x2] Internal Investigations: The Basics

[0x3] How to Protect Your Privacy from Computer Forensics

[0x4] The Digital Trail of the Maltese Falcon: Private Investigations in the Information Age

[0x5] 4 Cheap Options to Monitor Networks for Evidence

[0x6] Family Matters: A Mafia Quiz

[0x7] How to Build Your Own Digital Forensics Lab - for Cheap

[0x8] Tools To Identify Anonymous Users Online

[0x9] An Investigator's Toolkit: 5 Free Tools to Send Anonymous Messages

[0xA] 5 Free Ways to Track Online Leaks of Information

CSOONLINE.com - Other

[0x1] Securities fraud and individual liability

[0x2] The need for privacy ombudsmen

[0x3] ShackF00: CISO reports where?

[0x4] Schneier: More details on Google v China

[0x5] Grossman: Web 2.0 pivot attacks

[0x6] Cyber coordinator a perfect metaphor for CIO impotence

[0x7] A glimpse into the security mindset

[0x8] How to smuggle diamonds

[0x9] Chinese response to hacking allegations: timeline

[0xA] Register: DARPA launches cyber genome project

GovInfoSecurity.com RSS Syndication

GovInfoSecurity.com RSS News Feeds on government information security news, regulations, and education.

[0x1] Are You Ready for the Risk of Mobile Malware?

[0x2] China: Police Shutter Hacker Site

[0x3] Melissa Hathaway Joins Terremark's Board

[0x4] NIST IR 7628 (Draft): Smart Grid Cybersecurity Strategy and Requirements

[0x5] NIST SP 800-38E: Recommendation for Block Cipher Modes of Operation

[0x6] NIST SP 800-57: Recommendations for Key Management, Part 3

[0x7] GAO: Managing Sensitive Information

[0x8] Emerging Threats in Financial Data Breaches

[0x9] Putting Threats of Cloud Computing in Perspective

[0xA] Improving Cyber Awareness - Strategies from Dena Haritos Tsamitis of Carnegie Mellon

TechRadar: All news feeds

TechRadar UK news feeds

[0x1] Microsoft and CEOP team up on customised IE8

[0x2] WinMo 7 coming without Flash support?

[0x3] Facebook on your mobile could give you a virus

[0x4] Google Street View awards the best streets

[0x5] In Depth: 5 best PlayStation 3 media streaming apps

[0x6] Canon EOS 550D officially announced

[0x7] Canon shows off PowerShot SX210 IS

[0x8] 95% of user generated content 'is spam'

[0x9] BT would open ducts to other ISPs

[0xA] In Depth: Why 2010 isn't the year for 3D in the home

www.rootkit.com

: www.rootkit.com News :

[0x1] TDL3 - Why so serious? Let's put a smile on that face ..

[0x2] Access token stealing on Windows

[0x3] One safe hook handler - E8 Method, paper

[0x4] Network Programming Interface of Windows Vista/2008: internals, using and hacking

[0x5] DiabloNova's blog: 032: Rootkit Unhooker LE 3.8.386.589 SR1 + Some Stuff

[0x6] DiabloNova's blog: 031: Rustock 2010

[0x7] DiabloNova's blog: 030: Rootkit Unhooker LE 3.8.386.588 SR1

[0x8] Dreg's blog: Rootkit Arsenal, Installing a Call Gate

[0x9] DiabloNova's blog: 029: SpiDiE V2 or Good-Bye Dr.Web!

[0xA] DiabloNova's blog: 028: Happy new 2010 year :)

DEFCON Announcements!

DEFCON is the world's largest annual hacker convention, held every year in Las Vegas, Nevada. The first DEFCON took place in June 1993. DEF CON is renowned for the "arcane arts" of drinking, socializing, debugging, and crowd control. DEFCON is what you make of it, so get involved and help the community grow. This Feed will keep you up to date with some announcements surrounding pre and post con events, references to DEFCON in the news, and other errata. For the most up to date information visit or subscribe to the rss feeds on the forums (http://forum.defcon.org/) See http://www.defcon.org/ for more details, discussion forums, past speeches, and planning for the next year.

[0x1] DEF CON Archives Complete!

[0x2] DEF CON 17 Merch at J!NX

[0x3] DEF CON Archives Nearing Completion!

[0x4] Pricing for DEF CON 18

[0x5] Happy New Year from DEF CON!

[0x6] DEF CON Archives Pages Up and Running!

[0x7] DEF CON HQ Update

[0x8] Dark Tangent to Keynote Virtual Event

[0x9] Early Christmas! DEF CON 17 Video and Audio Now Online!

[0xA] Re-encoded Past DEFCON Content!

CSOONLINE.com - Compliance

[0x1] PCI DSS, Come Forward and Be Judged

[0x2] Compliance as Security: The Root of Insanity

[0x3] 4 Cheap Options to Monitor Networks for Evidence

[0x4] The Mass. 201 CMR 17 Survival Guide

[0x5] PCI DSS: No Angel, But Certainly Not the Devil

[0x6] Federal Data Security Law: 'Careful What You Wish For'

[0x7] Analyst: PCI Security a Devil, 'Like No Child Left Behind'

[0x8] Delayed Again: Red Flags Rule Deadline Now June 1, 2010

[0x9] IT Security Outsourcing in Decline; Companies Do More In-house

[0xA] Companies Seek Social Networking's promise, Find Peril Instead

Moreover Technologies - Computer security news

Computer security news - more than 340 categories of real-time RSS news feeds

[0x1] Winning Cost Proposals With ProPricer - Sponsored Link

[0x2] $2.5 million estimated missing from Sauter escrow

[0x3] Hacker training company closed

[0x4] China Says Hacker Training Site Closed

[0x5] China Hacker Crackdown Could Reassure Google

[0x6] Endace Highlights Limits of Current Intrusion Detection and Intrusion Prevention Solutions With the Capture Replay Challenge

[0x7] Chinese police shut down hacker-training business

[0x8] US Intel Chief Paints Dark Picture of Cyberattack Defense

[0x9] China Shuts Down Hacker Training Website

[0xA] TCS restores Web site after hackers put it up For Sale'

CSOONLINE.com - Wireless/Mobile

[0x1] Why CSOs Should Care About ShmooCon

[0x2] ShmooCon | Your iPhone's Dirty Little Security Secret

[0x3] ShmooCon | P2P Snoopers Know What's In Your Wallet

[0x4] How Wi-Fi Attackers Are Poisoning Web Browsers

[0x5] Taken to the Cleaners

[0x6] Why the IE-Google Incident Should Worry You

[0x7] The Curse of Cloud Security

[0x8] Report: Employee Holiday Shopping Will Strain Security

[0x9] The Patch Tuesday Survival Guide

[0xA] 6 Ways We Gave Up Our Privacy

Christopher Mills

A place for stuff I write.

[0x1] That Shrimp Damn Near Melted My Face Off

[0x2] Today is cookie-baking day

[0x3] New Direction For This Blog

[0x4] Article: The Best Way To Remediate

[0x5] Installing and Configuring suPHP on CentOS 5.3

[0x6] Common Remediation Owner Enumeration (My Faux Standard In Development)

[0x7] Getting the data from the DB into the PHP Classes

[0x8] PHP Class for Calculating SCAP CVSS V2 Device Specific Score

[0x9] PHP Class for Getting all the SCAP Details

[0xA] How I store my Data

Irongeek's Security Site

Irongeek.com, Adrian Crenshaw's Information Security site (along with a bit about weightlifting and other things that strike my fancy). Home of my articles and videos on computer security. As I write articles and tutorials I will be posting them here. If you would like to republish one of the articles from this site on your webpage or print journal please e-mail me. Enjoy the site and write us if you have any good ideas for articles or links.

[0x1] I'll be at Shmoocon tomorrow, may have a live stream up some of the time

[0x2] XSS, SQL Injection and Fuzzing Barcode Cheat Sheet Updated

[0x3] When Web 2.0 Attacks - Rafal Los

[0x4] Infosec Daily Podcast Episode 56

[0x5] XSS, SQL Injection and Fuzzing Barcode Cheat Sheet

[0x6] Botnets Presentation For Malware Class

[0x7] Infosec Daily Podcast Episode 51

[0x8] Setting up the HoneyBOT HoneyPot

[0x9] Sitting in on Infosec Daily Podcast Episode 44

[0xA] Speaking at the Shmoocon FireTalks

Government Technology Public Safety / Justice / Homeland Security News

Government Technology: News: Public Safety / Justice

[0x1] Washington, D.C., Partners with Feds to Test 4G Technology for National Public Safety Network

[0x2] 911 Mapping System Pinpoints Cell Phone Callers

[0x3] Pennsylvania County Publishes Emergency Call Information Online

[0x4] Los Angeles County Uses DNA Tracking Database to Solve Cold Cases

[0x5] San Jose, Calif., Upgrades 911 Call Center Technology

[0x6] Houston High School Trains Students as 911 Phone Operators

[0x7] Text-a-Tip Programs Promote Campus and Public Safety

[0x8] New 911 Dispatch System in Missouri Cuts Call Times

[0x9] Real ID Act Postponed by Department of Homeland Security

[0xA] LEDs Save Energy, but Have Winter-Weather Drawback

Reformed(?) Hacker

[0x1] Lessons learned from a vendor

[0x2] Wiki tab sweep

[0x3] Graph processing

[0x4] Tab Sweep: Search

[0x5] Identifier Tab Sweep

[0x6] When two people know less than one

[0x7] Typical scaling progression for a large website

[0x8] Scalr

[0x9] Standalone, Java implementation of Bloom Filters

[0xA] Standalone, Java implementation of Cuckoo Hashing

OVAL Repository Latest Updates

This feed provides information about the latest updates to the OVAL Repository, including new OVAL definitions; definitions that have changed status (e.g., from Draft to Interim or Interim to Accepted); and definitions that have been modified is posted here. Each update to the OVAL Repository will also update this feed. The OVAL Repository is updated as edits and additions are completed. It is possible for this feed to be updated several times per day, but updates rarely occure more often than once per day.

[0x1] Definition oval:org.mitre.oval:def:8538 has been added to the OVAL Repository.

[0x2] Definition oval:org.mitre.oval:def:8506 has been added to the OVAL Repository.

[0x3] Definition oval:org.mitre.oval:def:8496 has been added to the OVAL Repository.

[0x4] Definition oval:org.mitre.oval:def:8491 has been added to the OVAL Repository.

[0x5] Definition oval:org.mitre.oval:def:8445 has been added to the OVAL Repository.

[0x6] Definition oval:org.mitre.oval:def:8444 has been added to the OVAL Repository.

[0x7] Definition oval:org.mitre.oval:def:8413 has been added to the OVAL Repository.

[0x8] Definition oval:org.mitre.oval:def:8408 has been added to the OVAL Repository.

[0x9] Definition oval:org.mitre.oval:def:8391 has been added to the OVAL Repository.

[0xA] Definition oval:org.mitre.oval:def:8390 has been added to the OVAL Repository.

National Vulnerability Database

This feed contains the most recent fully analyzed CVE cyber vulnerabilities published within the National Vulnerability Database.

[0x1] CVE-2010-0559 (opensolaris)

[0x2] CVE-2010-0558 (opensolaris)

[0x3] CVE-2010-0557 (cognos_express)

[0x4] CVE-2009-4185 (system_management_homepage)

[0x5] CVE-2009-2752 (websphere_commerce)

[0x6] CVE-2009-2751 (websphere_commerce)

[0x7] CVE-2003-1587 (loganpro)

[0x8] CVE-2003-1586 (webexpert)

[0x9] CVE-2003-1585 (weblog_expert)

[0xA] CVE-2003-1584 (surfstats)

CSOONLINE.com - Security Leadership

[0x1] Leadership Roles: Organizing for Success

[0x2] Report: CISOs Keep Breach Costs Lower

[0x3] Take a Walking Tour of Your Company's Security

[0x4] 10 Things That Didn't Happen in 2009 (And Probably Won't Happen in 2010)

[0x5] Schmidt Tapped as White House Cybersecurity Coordinator

[0x6] 2009 Rewind: 3 Tales of FUD

[0x7] The Ultimate Security Pro Holiday Gift Guide

[0x8] 10 Predictions for 2010: Kaminsky and Weatherford

[0x9] Join Me on the CSO Forum on LinkedIn

[0xA] Security Wisdom Watch: Dropping Names, For Better or Worse

Twitter / exploitdb

Twitter updates from Exploit Database / exploitdb.

[0x1] exploitdb: Blue Dove Sql Injection Vulnerability http://url4.eu/1LfGm

[0x2] exploitdb: JaxCMS v1.0 Local File Include Vulnerability http://url4.eu/1LKOe

[0x3] exploitdb: TinyMCE WYSIWYG Editor Multiple Vulnerabilities http://url4.eu/1L7oN

[0x4] exploitdb: Uiga Business Portal SQL/ XSS Vulnerability http://url4.eu/1L7V3

[0x5] exploitdb: Rostermain http://url4.eu/1L6bI

[0x6] exploitdb: EncapsCMS http://url4.eu/1L6bH

[0x7] exploitdb: Killmonster http://url4.eu/1KwCb

[0x8] exploitdb: Croogo v1.2.1 Multiple CSRF Vulnerabilities http://url4.eu/1Kv3N

[0x9] exploitdb: Joomla Component com_productbook SQL Injection Vulnerability http://url4.eu/1Kv3M

[0xA] exploitdb: Solaris/Open Solaris UCODE_GET_VERSION IOCTL Denial of Service http://url4.eu/1Kurm

kuro5hin.org

technology and culture, from the trenches

[0x1] The Jarmidor, Part 3

[0x2] 15 Yards: The Unsportsmanlike Tax Evasion of the NFL

[0x3] Obama The First Year

[0x4] Our Trip to Cuba

[0x5] Applying the First Amendment to Corporations: Well established and a good idea

[0x6] Tweaking K5

[0x7] Building Houses - One Bullet at a Time

[0x8] Firefox Has Too Many Developers

[0x9] NetBSD: Bankrupt Software Distribution

[0xA] Time to Update the Ol' LARP Résumé

Twitter / steaIth

Twitter updates from Sebastian Krahmer / steaIth.

[0x1] steaIth: ... "I have no idea who dino is" .... :D

[0x2] steaIth: Or into prctl()'ed or 'p'-flagged processes :)

[0x3] steaIth: Always wanted to inject DSO's in older kernels init? injectso without using ptrace(): http://is.gd/7LeIT

[0x4] steaIth: A device that I needed badly since 1995 and now is mainline: /dev/full

[0x5] steaIth: @silviocesare Nice to know. Grunge seems to be some virii related music :> Try Alter Bridge :)

[0x6] steaIth: Hole - Violet. The only femal singer I can accept.

[0x7] steaIth: md5: 19c86e7e98581fc2d94ce4304de893e6 sha1: 3801bbf53284d93a0a57799f366da2bf2d147fd1

[0x8] steaIth: Just realized that the OOM killer can be abused by user to info leak kernel function addresses if /proc/kallsyms is protected.

[0x9] steaIth: Nice side effect.Due to cred framework on 2.6.3x, setuid(getuid()) can now also fail on memory pressure.

[0xA] steaIth: welcome @msfriedl :)

Latest Secunia Blog Entries

Secunia collects, evaluates, verifies, and analyses vulnerability information.

[0x1] Secunia integrated with Microsoft WSUS

[0x2] Microsoft IIS Multiple Extensions Security Bypass Clarifications

[0x3] 2,000,000 Secunia PSI users

[0x4] heise online and Secunia introduces Online Vulnerability scanning for German users

[0x5] Announcement of partnership with CERT.PT

[0x6] Microsoft Windows SMB Response Denial of Service Clarifications

[0x7] Secunia CSI 3.0 - Final

[0x8] Congratulations Mozilla

[0x9] Secunia CSI 3.0 - Public Beta

[0xA] Microsoft IIS FTP Server NLST Buffer Overflow Clarifications

ComPly With Me--- a HIPAA Forum

[0x1] 3 I's

[0x2] Blue Suit, Red Cape and Red Boots

[0x3] International Talk Like a Pirate Day!

[0x4] Ah, Sweet Mystery

[0x5] Baby One More Time

[0x6] Over and over

[0x7] My Way

[0x8] Time After Time

[0x9] It Wasn't Me

[0xA] Secret Love

DRJ Current Articles

Current Articles from Disaster Recovery Journal

[0x1] Fraud: An Overlooked Risk

[0x2] Words Count in Emergency Notification

[0x3] 'Auld Lang Syne' - Forging the Link and Building the Chain

[0x4] DRI International’s Participation in the RIMS-PERK

[0x5] Following the Path of Downward Resiliency

[0x6] Lessons Learned By Flood Repair of Electrical Equipment

[0x7] Perfect Practice Makes Perfect

[0x8] Increasing the Value of DR in Everyday Operations

[0x9] Zen, Life, and the Art of Finding a Consultant

[0xA] Keep The Plan Simple, Easy To Understand, and Use Common Sense

Help Net Security - News

Help Net Security is a daily updated security related site. We offer information on the latest happenings in the InfoSec world, advisories, viruses, papers, and more. HNS also has a large download section of security tools for Windows, Linux, Mac OS X and Pocket PC.

[0x1] Multiple vulnerabilities in popular Web servers

[0x2] Automated malware analysis platform

[0x3] Beyond the cloud: Common Assurance Metric

[0x4] Phishing site spoofing secure login page

[0x5] Zero-day vulnerabilities on the market

[0x6] Rogue software details: AntiSpyware

[0x7] Sensitive information retrieved from P2P networks

[0x8] Biggest Chinese hacker training site taken down

[0x9] Safer surfing mobile social networks

[0xA] Week in review: cloud computing security, black hat hacking, identity theft

Rational Survivability

Hoff's Ramblings about Information Survivability, Information Centricity, Risk Management and Disruptive Innovation. Oh, I have a fondness for virtualization and cloud computing security, too...

[0x1] Microsoft Azure Going “Down Stack,” Adding IaaS Capabilities. AWS/VMware WAR!

[0x2] Where Are the Network Virtual Appliances? Hobbled By the Virtual Network, That’s Where…

[0x3] Hacking Exposed: Virtualization & Cloud Computing…Feedback Please

[0x4] MashSSL – An Excellent Idea You’ve Probably Never Heard Of…

[0x5] Cloud: Security Doesn’t Matter (Or, In Cloud, Nobody Can Hear You Scream)

[0x6] Incomplete Thought: Batteries – The Private Cloud Equivalent Of Electrical Utility…

[0x7] “Vint & Me” – Kickin’ Butt & Takin’ Names (Unfortunately Mine…)

[0x8] Cloud: Over Subscription vs. Over Capacity – Two Different Things

[0x9] Cloud Light Presents: Real Men Of Genius – Mr. Dump All Your Crap In the Cloud Guy.

[0xA] Recording & Playback of WebEx A6 Working Group Kick-Off Call from 1/8/2010 Available

2600: The Hacker Quarterly

Off The Hook and Off The Wall

[0x1] Off The Hook show for February 3, 2010

[0x2] Off The Wall show for February 2, 2010

[0x3] THE NEXT HOPE PREREGISTRATION NOW OPEN

[0x4] CALL FOR SPEAKERS FOR THE NEXT HOPE

[0x5] WINTER ISSUE OF 2600 RELEASED

[0x6] 2600 POLO SHIRTS ARE OUT!

[0x7] CLUB MATE NOW AVAILABLE THROUGH 2600

[0x8] AUTUMN ISSUE OF 2600 RELEASED

[0x9] SUMMER ISSUE OF 2600 RELEASED

[0xA] SPRING ISSUE OF 2600 RELEASED

physicsworld.com: all content

Latest content from physicsworld.com

[0x1] Metrology and Characterisation of Nanoparticles

[0x2] Brighton Science Festival

[0x3] Physicists watch entropy in action

[0x4] Graphene transistor breaks new record

[0x5] Exoplanet hunting brought down to Earth

[0x6] Small Multimedia Interface Optical Fiber Patch Cables

[0x7] Low Leakage Pigtailed Optical Fiber Photodiode

[0x8] WDM Optical Fiber 200GHz Band Splitters

[0x9] Microspectrophotometry of OLEDs advances with Elliot Scientific

[0xA] Entanglement pioneers bag Wolf Prize

InformationWeek - All Stories And Blogs

InformationWeek

[0x1] NASA Gets Cloud Experience Through Nebula

[0x2] Google's Universal Translator

[0x3] Google Gmail Getting Social Features

[0x4] PayPal Suspends Payments To India

[0x5] Novatel Completes 4G LTE Call

[0x6] IBM Rolls Out Power7 As Rivals Converge

[0x7] InformationWeek's RSS Feed is brought to you by

[0x8] Oracle To Buy AmberPoint

[0x9] The Importance Of QoS In Automated Tiering

[0xA] Open Government Dashboard, Agency Sites Launched

LWN.net comments

This feed contains the text of all comments posted to the LWN.net site.

[0x1] Linux Conf raises $33,000 for charity (ComputerWorld)

[0x2] What to do

[0x3] Linux Conf raises $33,000 for charity (ComputerWorld)

[0x4] Linux Conf raises $33,000 for charity (ComputerWorld)

[0x5] GNOME accessibility developers concerned about Oracle's commitment

[0x6] Too little too late

[0x7] Yikes.

[0x8] HTML5 video element codec debate reignited

[0x9] Security in the 20-teens

[0xA] apps for Maemo

Security - RSS Feeds

Security - RSS Feeds

[0x1] China Closes Hacker Training School, Arrests 3

[0x2] Researchers Present Web Application Attack Targeting Database Connection

[0x3] Microsoft Plans Massive Patch Tuesday Security Update

[0x4] Report: Google to Partner with NSA for Cyber-Security

[0x5] Microsoft Warns of IE Security Vulnerability

[0x6] Google, China and the Anatomy of the Aurora Attack

[0x7] Twitter Details Phishing Attacks Behind Password Reset

[0x8] Older IE Versions Maintain Sizable Market Share Despite Security Concerns

[0x9] PGP to Acquire TC TrustCenter for Cloud-Based Identity Management

[0xA] Researchers Uncover Security Vulnerabilities in Femtocell Technology

PenTestIT

Your source for Information Security Related information!

[0x1] UPDATE: KreiosC2 v3!

[0x2] MSNPawn – Footprinting, Profiling & Assessment with MSN Search

[0x3] UPDATE: ipt_pkd 1.6!

[0x4] openssh-53p1-remote-root.c – FAKE

[0x5] UPDATE: Dradis v2.5!

[0x6] WinFail2Ban – Host based intusion detection/prevention system!

[0x7] Game: I Hate Ice Levels!

[0x8] WIVET: The Web Input Vector Extractor Teaser!

[0x9] grsecurity – Improve *nix kernel security

[0xA] FSArchiver: The Filesystem Archiver for Linux!

Paranoia, Insecurity, and Overall Anxiety

I decided to create this blog to share information with those readers who are interested in some of the topics addressed. These topics will primarily be information security focused, but don't be surprised if I throw in a conspiracy theory or two from time to time.

[0x1] Don't Forget Iron Man

[0x2] Pursuit Robots

[0x3] I Have Returned

[0x4] Ubiquitous Computing - I Don't Like IT!

[0x5] A Little Satire

[0x6] Bundled Facial Recognition Software on New Laptops

[0x7] I Have Been Slipping!

[0x8] Unleash the Cracken aka DARPA

[0x9] I Think That My Internet is Tapped

[0xA] Rupert Murdoch Firm Goes on Trial for Alleged Tech Sabotage

DarkReading - All Stories

DarkReading

[0x1] 'Rugged' Initiative Brings Secure Software Development To The Masses

[0x2] Database Account-Provisioning Errors A Major Cause Of Breaches

[0x3] Twitter Gives Details On Phishing Attack

[0x4] Test: Most Web Application Scanners Missed Nearly Half Of Vulnerabilities

[0x5] House Mulls First Major Cybersecurity Bill

[0x6] IBM ISS Researcher Exposes Holes In Cisco's Internet Surveillance Architecture

[0x7] Researcher Cracks Security Of Widely Used Computer Chip

[0x8] Black Hat DC: Researchers Reveal Connection String 'Pollution' Attack

[0x9] Product Watch: Microsoft Rolls Out Free SDL Code For 'Agile' Development

[0xA] Botnet Floods Major Websites With Fake SSL Connections

Latest Analysis for All Threats

[0x1] Monthly Malware Statistics: January 2010

[0x2] Monthly Malware Statistics: December 2009

[0x3] Spam evolution: November 2009

[0x4] The botnet ecosystem

[0x5] z%^ef$g73$5r(@&#!! - a few words about encryption

[0x6] Spam evolution: October 2009

[0x7] Monthly Malware Statistics: November 2009

[0x8] Spam evolution: July-September 2009

[0x9] Rogue antivirus: a growing problem

[0xA] Browsing malicious websites

Daniel's Blog

Information security, scuba diving and some other things I am interested in...

[0x1] That “flip” thing

[0x2] MBAs and GMAT

[0x3] Where should you buy it? Try Mustafa*!

[0x4] Bondi got flipped!

[0x5] Are you aware of the new business models which are now available on the web?

[0x6] Hello Merlion!

[0x7] Movember video!

[0x8] Do you also hate telemarketers?

[0x9] Fraud Numbers in Australia. Are we secure?

[0xA] SaaS (Software as Service) Risks

Latest Alerts From Websense Security Labs

This is the Alert Rss Feed from Websense Security Labs

[0x1] Malicious Web Site / Malicious Code: Bollywood Hungama Web Site Compromised

[0x2] Malicious Web Site / Malicious Code: Zeus Campaign Targeted Government Departments

[0x3] Malicious Web Site / Malicious Code: Malicious Google Job Application Response

[0x4] Malicious Web Site / Malicious Code: Oklahoma Tax Commission Site Compromised

[0x5] Malicious Web Site / Malicious Code: Apple Tablet Announcement Black SEO

[0x6] Malicious Web Site / Malicious Code: Targeted Email Examples Relating to Microsoft Internet Explorer 0-day CVE-2010-0249

[0x7] Malicious Web Site / Malicious Code: Black Hat SEO Causing Malicious Search Results For Recent Haiti Earthquake

[0x8] Malicious Web Site / Malicious Code: Ice Skating Car Video Black Hat SEO

[0x9] Malicious Web Site / Malicious Code: Office.Microsoft.Com Search Results Can Lead To Rogue Anti-Virus

[0xA] Malicious Web Site / Malicious Code: Binsservicesonline Scam Spreading on Facebook and SEO Poisoning

SriniCenthala

Welcome ! You come to the right place for datawarehouse , Business Intelligence BI , Extraction Transformation and Loading ETL Process , Decision Support System (DSS) and OLTP System Design , Data Modeler , Data Architect who has extensive experience in building Very Large Systems. Project Management process PMI Process and PMP Certification. Provide help to any one who wants to know about PMO Office setup & also handling any IT Projects.

[0x1] Stay Agile & Succeed - Pairworks - Agile Project Management Tool On-Demand

[0x2] PureApp.com - Monitor & Control Continues Integration On-Demand

[0x3] "There are times brick hits your head!"..."Do not lose your faith on what you love to do!"

[0x4] Agile Project Management Tool - www.PairWorks.com

[0x5] Planning for "eServicePlace LinkedIn Application"

[0x6] New Launch of Datamartist

[0x7] eServicePlace.com How it works

[0x8] New Services Market Place , so What for you?

[0x9] Selecting an Engineering college that matches your marks / cut off made easy! How?

[0xA] Attended Microstrategy 9i BI class today

The MITRE Digest

The MITRE Digest is an online magazine that showcases our latest work in aviation, defense and intelligence, enterprise modernization, and cutting–edge research. We cover timely topics that affect our sponsors and the national interest.

[0x1] Millimeter–scale Robots: Small in Stature, Big in Capability

[0x2] MITRE's Collaborative Experimentation Environment: Putting Cooperation to the Test

[0x3] Finding the Way: Taking Web Infrastructure to the Network's Edge

[0x4] MITRE's Cyber Security Operations Center Helps Sponsors Keep Networks Secure

[0x5] Innovative Collaborative Community Helps Warfighters Connect the Dots

[0x6] MITRE Helps Illuminate the Rising Area of Metamaterials

[0x7] Predictive Heads–Up Display Compensates for Feedback Lag for Predators and Reapers

[0x8] Universal Core Advances Information Sharing Across Government Agencies

[0x9] MARIAAN Helps the Air Force "Fight Through" Cyber Attacks

[0xA] Beyond Vaccination: A New Platform for Treating Infectious Disease

SANS Internet Storm Center, InfoCON: green

[0x1] Infocon: green

[0x2] Oracle has an unscheduled security alert and patch for CVE-2010-0073. The issue affects WebLogic Server and is remotely exploitable. Details and patch are here http://www.oracle.com/technology/deploy/security/alerts/alert-cve-2010-0073.html, (Tue, Feb 9th)

[0x3] When is a 0day not a 0day? Samba symlink bad default config, (Tue, Feb 9th)

[0x4] When is a 0day not a 0day? Fake OpenSSh exploit, again. , (Mon, Feb 8th)

[0x5] Mandiant Mtrends Report, (Sun, Feb 7th)

[0x6] LANDesk Management Gateway Vulnerability, (Sat, Feb 6th)

[0x7] tweaked ISC layout. Please submit screen shot and browser details if things don't look right., (Sat, Feb 6th)

[0x8] Oracle WebLogic Server Security Alert, (Sat, Feb 6th)

[0x9] New version of Andreas Schuster's Evtx Parser released http://computer.forensikblog.de/en/2010/02/evtx_parser_1_0_2.html, (Sat, Feb 6th)

[0xA] Memory Analysis - time to move beyond XP, (Fri, Feb 5th)

Packet Storm Security Advisories

Packet Storm Last 10 Advisories

[0x1] HPSBUX02503-SSRT100019.txt

[0x2] MDVSA-2010-034.txt

[0x3] HPSBMA02487-SSRT100024.txt

[0x4] wippien-negotiation.txt

[0x5] MDVSA-2010-033.txt

[0x6] secunia-libmikmod.txt

[0x7] HPSBMA02504-SSRT090220.txt

[0x8] USN-894-1.txt

[0x9] dsa-1992-1.txt

[0xA] MDVSA-2010-032.txt

dropsafe

network security, free software, cycles, food, drink, life...

[0x1] Twitter Updates for 2010-02-08

[0x2] Twitter Updates for 2010-02-07

[0x3] Twitter Updates for 2010-02-06

[0x4] Twitter Updates for 2010-02-05

[0x5] Twitter Updates for 2010-02-04

[0x6] Twitter Updates for 2010-02-03

[0x7] Twitter Updates for 2010-02-02

[0x8] Twitter Updates for 2010-02-02

[0x9] Twitter Updates for 2010-02-01

[0xA] Twitter Updates for 2010-01-30

C skills

A blog dedicated to software and network trickery.

[0x1] Runtime hot-patching processes w/o ptrace

[0x2] Thoughts on companion worms

[0x3] Always check return value!

[0x4] Adventures in Heap Cloning

[0x5] xorl blog seems to be up again

[0x6] injectso 32bit x86 port

[0x7] New injectso available

[0x8] unixdump UNIX-socket sniffer available

[0x9] When const really means const

[0xA] GCC -fmudflap

Network World on Wireless Security

The latest wireless security news and analysis from NetworkWorld.com.

[0x1] How Wi-Fi attackers are poisoning Web browsers

[0x2] Pros and Cons of Windows 7 Security

[0x3] MS Provides Guidance on Windows 7 Zero-Day Vulnerability

[0x4] Shifting mobile cost to employees? Think twice

[0x5] Shifting mobile cost to employees? Think twice

[0x6] Protect Your PCs from Windows 7's Zero-Day Exploit

[0x7] A Guide to Windows 7 Security

[0x8] Protect Your Network With an Open-Source Firewall

[0x9] The Wacky World of WiFi

[0xA] Facebook, Twitter Provide Sensitive Info for Criminals

Cisco Security Advisories

Cisco Security Advisories (the 40 most recent advisories)

[0x1] Transport Layer Security Renegotiation Vulnerability

[0x2] SNMP Version 3 Authentication Vulnerabilities

[0x3] Multiple Vulnerabilities in Cisco Unified MeetingPlace

[0x4] Cisco Security Advisory: CiscoWorks Internetwork Performance Monitor CORBA GIOP Overflow Vulnerability

[0x5] Cisco Security Advisory: Cisco IOS XR Software SSH Denial of Service Vulnerability

[0x6] Multiple Cisco WebEx WRF Player Vulnerabilities

[0x7] Cisco Global Site Selector Appliances DNS Vulnerability

[0x8] IOS HTTP Server Command Injection Vulnerability

[0x9] Cisco IOS Software Internet Key Exchange Resource Exhaustion Vulnerability

[0xA] Cisco IOS Software Authentication Proxy Vulnerability

Delicious/kungfuhacker

bookmarks posted by kungfuhacker

[0x1] 18293: Belkin 54G Routers Admin Account Default Null Password

[0x2] Cigarbid.com Auctions

[0x3] Habanos & Hermanos - Cigar Viewer

[0x4] Tenable Network Security: Podcast

[0x5] YouTube - tenablesecurity's Channel

[0x6] YouTube - tang lang chuan - tao de la mante religieuse

[0x7] YouTube - Tang Lang Quan Complete Program Part 1

[0x8] YouTube - Shaolin Long Fist Kung Fu Intermediate Sequences with Applications DVD preview

[0x9] YouTube - Xiaohuyan

[0xA] YouTube - Xiao Hu Yan / So Ho Yun / 小 虎 燕

CSO Blogs - Career

[0x1] The Customer is Clueless – Not!

[0x2] CyberTerror - the Arms Race We're Losing

[0x3] High Tech Firms Who Outsource Software Development to China - The Dirty Little Secret

[0x4] Good riddance!

[0x5] IT Talent Helping Haiti

[0x6] Are You A Security Professional?

[0x7] $200 Discount for RSA

[0x8] Problem #3 for Security Professionals: Not Enough Humble Pie

[0x9] Strategic guidance for applying PCI-DSS tactics.

[0xA] RLM Communications names CSO

SecurityFocus News

SecurityFocus is the most comprehensive and trusted source of security information on the Internet. We are a vendor-neutral site that provides objective, timely and comprehensive security information to all members of the security community, from end users, security hobbyists and network administrators to security consultants, IT Managers, CIOs and CSOs.

[0x1] News: Twitter attacker had proper credentials

[0x2] News: PhotoDNA scans images for child abuse

[0x3] News: Conficker data highlights infected networks

[0x4] News: Popular apps need better patching, says report

[0x5] Brief: Google offers bounty on browser bugs

[0x6] Brief: Cyberattacks from U.S. "greatest concern"

[0x7] Brief: Microsoft patches as fraudsters target IE flaw

[0x8] Brief: Attack on IE 0-day refined by researchers

[0x9] News: Most consumers reuse banking passwords

[0xA] News: CIA, PayPal under bizarre SSL assault

Xatrix Security Headlines

Latest Computer Security Headlines

[0x1] Hack Attack: Get Windows XP SP3 Through Windows Update

[0x2] TPB files charges against media companies

[0x3] Storm worm: again.

[0x4] Onslaught on .ORGs

[0x5] OpenOffice.org insecure

[0x6] Leave your laptop at home

[0x7] Hack in the Box – Capture the Flag

[0x8] 35% of pay-per-click fraud?

[0x9] New variant mobile worm

[0xA] Google will help users surf safely

Shellcode Feed

Pipes Output

[0x1] Creation of Shellcode on Linux x86/32bits

[0x2] Tagged Books : shellcode (Page 1) | Get free shellcode ebooks ...

[0x3] Advanced Shellcoding Techniques | Free Training Blog

[0x4] Shellcode | Peter Van Eeckhoutte's Blog

[0x5] Discover From Your Favorite Topic or Web Page: shellcode.org/

[0x6] Buffer Overflow With Own Shellcode - Video

[0x7] Exploit writing tutorial part 2 : Stack Based Overflows ...

[0x8] Shellcode

[0x9] The Grey Corner: Heap Spray Exploit Tutorial: Internet ...

[0xA] - Cisco IOS Shellcode Hacking Video Tutorial SecuObs ...

InfoSecPodcast.com » Security Tools

Information Security related news, opinions and ramblings

[0x1] MIT Lincoln Lab Network Security Software

[0x2] Record IM video on the network?

[0x3] RFP for PenTesting

[0x4] Declassified window film stops wireless / cell signals

[0x5] List of Malware Analysis tool from SANS

[0x6] Malware Analyzing Sandbox

[0x7] Free Windows Honeypot from NetVigilance

[0x8] Ajax based port scanner

[0x9] Web based VMX file creator

[0xA] Bootable Linux security distros

Help Net Security - Vulnerabilities

Help Net Security is a daily updated security related site. We offer information on the latest happenings in the InfoSec world, advisories, viruses, papers, and more. HNS also has a large download section of security tools for Windows, Linux, Mac OS X and Pocket PC.

[0x1] MoinMoin Unspecified Security

[0x2] Joomla! "com_ccnewsletter" Component Directory Traversal

[0x3] Joomla! JE Quiz Component "eid" Parameter SQL Injection

[0x4] Joomla! "com_dms" Component "category_id" Parameter SQL Injection

[0x5] jVideoDirect Component for Joomla! "v" Parameter SQL Injection

[0x6] XAMPP Multiple Cross-Site Scripting Vulnerabilities

[0x7] Citrix XenServer Authentication Bypass

[0x8] C++ Sockets Library HTTP Headers Remote Denial of Service

[0x9] Hybserv2 ":help" Command Denial of Service

[0xA] Sun Java System Application Server HTTP TRACE Information Disclosure

Techworld Blogs

Aggregate feed of all active Techworld Blogs

[0x1] A bit of geek history

[0x2] Pirates built online music so why not eBooks too?

[0x3] The lesson of the Twitter hack: Passwords are pitiful

[0x4] The lesson of the Twitter hack. Passwords are pitiful.

[0x5] Is the future of the iPad as a thin client?

[0x6] How many Twits?

[0x7] The iPad, Apple's finest hour. Says an Apple hater

[0x8] The iPad, Apple's finest hour. Says an Apple hater.

[0x9] When it comes to router features, less is more

[0xA] The man from the ministry really is here to help

The TSA Blog

Terrorists Evolve. Threats Evolve. Security Must Stay Ahead. You Play A Part.

[0x1] TSA Haiti Evacuation Effort: A Federal Security Director's Perspective

[0x2] Orlando Officer Arrested

[0x3] What’s Wrong With This Picture?

[0x4] Can TSA Copy Your Laptop Hard Drive and Search Your Files?

[0x5] What Happened in Philadelphia?

[0x6] There Are No Children on the No Fly or Selectee Lists

[0x7] Help for Haiti: Learn What You Can Do

[0x8] Advanced Imaging Technology: Storing, Exporting and Printing of Images

[0x9] Incident on Flight 253 and TSA’s Role in International Security

[0xA] DHS Statement on Northwest Airlines Flight 253

The new Security and Penetration Testing Community - ArcaneSecurity.net - The new Security and Penetration Testing Portal

A new Information and Penetration Testing Protal for all security and network professionals. The site include a number of whitehat hacking tools and documents like nmap,dsniff,etterkap,yersinia,cisco security.

[0x1] Honeypot

[0x2] The Conflicker Worm

[0x3] Thoughts on Security of the Corporate documents

[0x4] Are Security Audits necessary ?

[0x5] RFID, its implications and how to defeat

[0x6] Assesing Risks

[0x7] FBI Raids: Pertinent or Paranoid?

[0x8] Protecting Children Online

[0x9] Sarbanes Oxley and IT

[0xA] Phishing For Your Identity

MITRE Career News

The MITRE Career News feed offers stories about working at MITRE, from our popular Employee Spotlight features, to useful information about upcoming recruiting events and more.

[0x1] Contributions to NextGen

[0x2] MITRE Named One of FORTUNE's "100 Best Companies to Work For" Nine Years in a Row

[0x3] ISR Forensics in the Lab and in the Field

[0x4] Pursuing Information Security Opportunities at Fort Meade

[0x5] First–Rate Career, Second Time Around for Working Mom

[0x6] Modeling a "Green" Effort

[0x7] MITRE Among Top Ten Corporations for Knowledge Management

[0x8] Supporting Warfighter Communications at Shaw AFB

[0x9] MITRE Named to Boston Globe's List of Top Places to Work

[0xA] Healthcare IT's Future Is Now

CAcert NEWS Blog

CAcert NEWS and up coming events.

[0x1] CAcert AGM, New Board and Annual Report

[0x2] CAcert at FOSDEM 2010

[0x3] PoJAM - PolicyOnJuniorAssurersMembers moves to DRAFT

[0x4] CAcert at OpenSourceDays-2010 Copenhagen, DK - March 5th + 6th

[0x5] Wien [Metalab] Einladung zum Fellowship-Treffen in Wien

[0x6] December 2009 Community Update

[0x7] Annual General Meeting

[0x8] CAcert at FOSDEM and CEBIT 2010 - Booths confirmed

[0x9] CAcert in India

[0xA] Support Activity and Error Rates

CSOONLINE.com - Metrics/Budgets

[0x1] Companies on IT Security Spending: Where's the ROI?

[0x2] Clear Metrics for Cloud Security? Yes, Seriously

[0x3] 7 Ways to Stay Happy in a Miserable Profession

[0x4] Survey Says More Companies Hiring CSOs, Holding Steady on Spending

[0x5] IT Security Outsourcing in Decline; Companies Do More In-house

[0x6] DHS to Get Big Boost in Cybersecurity Spending in 2010

[0x7] Data Breaches: Patterns and Their Implications

[0x8] How to Succeed in a Two-Faced IT Security Job Market

[0x9] 8 Dirty Secrets of the IT Security Industry

[0xA] The Five Rs: Building A Business Case For Information Security

(IN)SECURE Magazine Notifications RSS

Notifications of new (IN)SECURE Magazine issues.

[0x1] (IN)SECURE Magazine Issue 24

[0x2] (IN)SECURE Magazine Issue 23

[0x3] (IN)SECURE Magazine Issue 22

[0x4] (IN)SECURE Magazine Issue 21

[0x5] (IN)SECURE Magazine Issue 20

[0x6] (IN)SECURE Magazine Issue 19

[0x7] (IN)SECURE Magazine Issue 18

[0x8] (IN)SECURE Magazine Issue 17

[0x9] (IN)SECURE Magazine Issue 16

[0xA] (IN)SECURE Magazine Issue 15

Sun Bloggers

Welcome to Blogs.sun.com! This space is accessible to any Sun employee to write about anything.

[0x1] New Security Features in Glassfish v3 (Java EE 6) - Part III

[0x2] Important new features in latest PatchFinder release

[0x3] GlassFish ESB v2.x - Reading and Writing arbitrary SOAP Headers in BPEL 2.0 using NMProperties

[0x4] ZFS Crypto

[0x5] GlassFish ESB, v2.x - BPEL SSL Mutual Auth Mk.II and using JBI WS-Addressing for explicit routing - Exploring Effects of Security Policies, Rev.0.4.1

[0x6] Solaris 10 5/09 OS Receives Security Certification

[0x7] Metro performance comparision with Axis2

[0x8] GlassFish 密钥库中的到期证书

[0x9] GlassFish Keystoreで証明書失効

[0xA] Tips for porting Java applications to PS3 or any Blu-ray player

SecuObs.com

Observatoire de la securite Internet

[0x1] VMware Fusion 2 Beta Feature Demo

[0x2] How to Install Computer Memory in an Apple Mac Pro

[0x3] Metasploit Post Exploitation Meterpreter Script Prefetchtool

[0x4] Vsphere within VMware Workstation 7 Part 1

[0x5] GNU Radio with Audio Recognition

[0x6] HNNCast020510 News mov

[0x7] AVG 9 0 free edition review

[0x8] HACKTHEPLANET 4 ettercap 1 4

[0x9] HNNCast020510 Quickies mov

[0xA] ShmooCon S

Top 10 Latest Virus Threats from Aladdin

Virus List from Aladdin - RSS Feed

[0x1] Win32.Gimmiv.a - Updated on: 10/26/2008 - Threat Level: Low

[0x2] Win32.ACVE.o - Updated on: 10/2/2008 - Threat Level: Low

[0x3] Win32.Adload.aro - Updated on: 10/2/2008 - Threat Level: Low

[0x4] Win32.Adload.asj - Updated on: 10/2/2008 - Threat Level: Low

[0x5] Win32.Adload.ask - Updated on: 10/2/2008 - Threat Level: Low

[0x6] Win32.Adload.asn - Updated on: 10/2/2008 - Threat Level: Low

[0x7] Win32.Adload.asq - Updated on: 10/2/2008 - Threat Level: Low

[0x8] Win32.Adload.atq - Updated on: 10/2/2008 - Threat Level: Low

[0x9] Win32.Adload.atz - Updated on: 10/2/2008 - Threat Level: Low

[0xA] Win32.Adload.aub - Updated on: 10/2/2008 - Threat Level: Low

Linux Exposed

The Linux Security and hacking Resource

[0x1] Hosted Exchange and Hosted Sharepoint

[0x2] Inspecting HTTP

[0x3] Windows Hacking and Windows Security Site

[0x4] Cracking WPA and WPA2 passwords

[0x5] Ilegal SEO techniques

[0x6] Torrents and SSH Tunnels

[0x7] Preventing Accidental Denial of Service

[0x8] Enhance Security with Port Knocking

[0x9] Analyzing Malicious SSH Login Attempts

[0xA] Formatstrings and OpenBSD

CSOONLINE.com - Business Continuity

[0x1] Disaster in Haiti: Advice for Employees and Operations on the Ground

[0x2] Chemical Spill Response: How Dow is Training Small Town America to Handle Hazmat Emergencies

[0x3] SLIDESHOW: Chemical Safety Training

[0x4] Most Businesses READY for Flu Pandemic?

[0x5] Business Continuity and Disaster Recovery in a Tornado Zone

[0x6] Study: Air Cargo Security Seriously Lacking

[0x7] Swine Flu: Watching the Southern Hemisphere for Signs of H1N1 Havoc

[0x8] Symantec: Disaster Recovery Pressures Mount for Business

[0x9] Seven Deadly Sins of Home Office Security

[0xA] Survey: Business Continuity Plans Factor in Mobile, Social Networking

Computerworld Blogs

[0x1] Will Apple's new Core i5 and i7 MacBook Pros have 3G?

[0x2] Optimizing IT: How much can you save on storage?

[0x3] SAP's CEO resigns, effective immediately

[0x4] Apple's risky iPad strategy

[0x5] Oops!

[0x6] PayPal reversing India payments; here's why...

[0x7] Toyota's lesson: Software can be unsafe at any speed

[0x8] Canonical picks open-source leader for COO

[0x9] DOJ opposes revised Google book deal

[0xA] Potbound Apple and the iPad

Full Disclosure

An unmoderated high-traffic forum for disclosure of security information. Fresh vulnerabilities sometimes hit this list many hours before they pass through the Bugtraq moderation queue. The relaxed atmosphere of this quirky list provides some comic relief and certain industry gossip. Unfortunately 80% of the posts are worthless drivel, so finding the gems takes patience.

[0x1] [ MDVSA-2010:034 ] kernel

[0x2] Re: about jit and dep+aslr

[0x3] Re: about jit and dep+aslr

[0x4] Re: about jit and dep+aslr

[0x5] Re: about jit and dep+aslr

[0x6] Re: about jit and dep+aslr

[0x7] [Hacking Event] Night Da Hack 2010 : Call For Proposals

[0x8] CORELAN-10-010 - GeFest Web HomeServer v1.0 Remote Directory Traversal Vulnerability

[0x9] Re: Samba Remote Zero-Day Exploit

[0xA] The true power of cache

Hack a Day

Fresh hacks every day

[0x1] Modded C64 eye candy

[0x2] GuruPlug, the next generation of SheevaPlug

[0x3] ez430 home automation

[0x4] Built-in hex editor unlocks plasma TV features

[0x5] ‘Mod in the USA’ N900 PUSH competition

[0x6] FAT support for any microcontroller

[0x7] Hackaday links: February 7, 2010

[0x8] Putting on a show in the rain

[0x9] Performance oddities

[0xA] ExoPC shows off some guts

Will Hack For SUSHI

Hacking and Defending Wireless

[0x1] MiFi Config Hack

[0x2] Verizon MiFi Pwned (maybe they should take my class)

[0x3] Wordlist Generation – CeWL on Ubuntu

[0x4] QuahogCon: We should have a raw bar.

[0x5] Exploiting ZigBee at ToorCon 11 Slides

[0x6] ToorCon 11: KillerBee – Practical Zigbee Exploitation Framework

[0x7] Bluetooth and OS Language Pack Correlation

[0x8] Special Evening Webcast on Kismet Newcore Thursday!

[0x9] Wired: 100 Things Your Kids May Never Know About

[0xA] Webcast Tomorrow: Smart Grid and AMI Security Concerns

CSOONLINE.com - Career/Staffing

[0x1] Economic Recovery: Will Your IT Security Department Jump Ship?

[0x2] What is a CSO, Part 2

[0x3] Survey: Security Certifications Hot Among IT Pros

[0x4] 7 Ways to Stay Happy in a Miserable Profession

[0x5] Survey Says More Companies Hiring CSOs, Holding Steady on Spending

[0x6] IT Security Outsourcing in Decline; Companies Do More In-house

[0x7] Undercover: A Painful Lack of Security Jobs

[0x8] 2009 Women of Influence Award Winners Named

[0x9] A Day In The Life of Two IT Security Curmudgeons

[0xA] Sample Termination Checklist

Latest Blog Entries From Websense Security Labs

These are the latest blogs from the Websense security labs

[0x1] An In-Depth Exploit Analysis on Multilayer Obfuscations

[0x2] SOHU Digital Channel Web Site Compromised with Xunlei Thunder DapPlayer Exploit

[0x3] Don't update via email!

[0x4] Update on the Microsoft Internet Explorer 0-day

[0x5] New Internet Explorer 0-day Vulnerability and Targeted Attacks

[0x6] Avatar Success Attracts SEO Poisoning Attacks

[0x7] This Month in the Threat Webscape

[0x8] Google Scam Kits

[0x9] Video: Next Year in the Threat Webscape – Websense Security Labs Predictions for 2010

[0xA] This Month in the Threat Webscape

Splunk Blogs

[0x1] Splunk4 + Instant Messaging = SplunkAIM

[0x2] SQL Injections: The Splunk Method for Auditing Your Application Security Model

[0x3] Be successful with Splunk in about an hour…

[0x4] Splunk memory use patterns

[0x5] Parsing the Splunk Timezone Format

[0x6] One of World’s Largest Financial Firms Presents at Splunklive Boston

[0x7] Customer Presentations Draw Record North American Attendance to Splunklive Boston

[0x8] Encrypting and Decrypting Fields

[0x9] The Splunkers are coming! The Splunkers are Coming! Boston SplunkLive this Thursday.

[0xA] Having trouble finding Splunk for Free?

Securityvulns exploits channel

Securityvulns exploits newsline

[0x1] iMailDecrypt.py

[0x2] nautiluspoc.tar.gz

[0x3] cmsd_exploit.c

[0x4] 360secex.c

[0x5] serversman.py

[0x6] Rising0day.cpp

[0x7] server.c

[0x8] attftpd.c

[0x9] tls-renegotiation-poc.py

[0xA] simplephp.pl

LinuxSecurity.com: SuSE Advisories

The central voice for Linux and Open Source security news.

[0x1] Study: Spammers use e-mail ID to gain legitimacy

[0x2] Review: Mod-Security 2.5 by Magnus Mischel

[0x3] SuSE: Linux kernel

[0x4] SuSE: Linux kernel

[0x5] SuSE: acoread

[0x6] SuSE: Linux kernel

[0x7] SuSE: krb5

[0x8] SuSE: Linux kernel

[0x9] SuSE: IBM Java 6 security update

[0xA] SuSE: IBM Java 1.4.2

CSOONLINE.com - Identity & Access

[0x1] Free Lunch 2010: Why Public Algorithms Beat the Alternative

[0x2] Take a Walking Tour of Your Company's Security

[0x3] Groundhog Day: The Gartner IAM 2009 Event in Review

[0x4] Top Microsoft Security Architect: Windows 7 Will Slash Malware

[0x5] 6 Ways We Gave Up Our Privacy

[0x6] Where Defense in Depth Falls Short

[0x7] Defining Cloud Security: Six Perspectives

[0x8] News Flash: Data Debauchery That Happens in Vegas Doesn't Stay There

[0x9] Mass. Makes Changes to ID Theft Regulations

[0xA] Potential Gov't Cookie Policy Change Prompts Concerns

Twitter / mdowd

Twitter updates from mdowd / mdowd.

[0x1] mdowd: @rpisec I'll pay you $50 for an integer issue I don't know about

[0x2] mdowd: @mhackling Cheers, I actually quite like the cold weather.. it's been uncomfortably hot in Sydney lately

[0x3] mdowd: @ncb My dentist gives me glowing reports when I get a checkup, which makes me want a 2nd opinion. He must be mistaken

[0x4] mdowd: Arrived in Melbourne

[0x5] mdowd: @aushack I'm not going, I will be in Melbourne

[0x6] mdowd: RT @lostinsecurity: Symbian Operating System, Now Open Source and Free http://bit.ly/bXjDWC <- Symbian's last opportunity to success

[0x7] mdowd: RT @anthonymckay: Loving this paper by Dion Blazakis -- Interpreter Exploitation: Pointer Inference and JIT Spraying http://bit.ly/cr9VjM

[0x8] mdowd: @uglypackets just the weekend

[0x9] mdowd: Heading to melbourne tomorrow, first time in maybe 10 years (save for a brief overnight stopover last year)

[0xA] mdowd: @ncb The best bit of that is the first comment: "Greg? Is that you?" haha

Uninformed Journal

Informative information for the uninformed

[0x1] Using dual-mappings to evade automated unpackers

[0x2] Analyzing local privilege escalations in win32k

[0x3] Exploiting Tomorrow's Internet Today: Penetration testing with IPv6

[0x4] Can you find me now? Unlocking the Verizon Wireless xv6800 (HTC Titan) GPS

[0x5] An Objective Analysis of the Lockdown Protection System for Battle.net

[0x6] ActiveX - Active Exploitation

[0x7] Context-keyed Payload Encoding

[0x8] Improving Software Security Analysis using Exploitation Properties

[0x9] Real-time Steganography with RTP

[0xA] PatchGuard Reloaded: A Brief Analysis of PatchGuard Version 3

GeniusHackers.Com

Hacking, Network security and tech blog

[0x1] 21 interesting Online Games

[0x2] 10 best FTP Clients for win, linux, mac

[0x3] A core peek into chrome netbook

[0x4] An editorial take on Google Chrome OS

[0x5] Write for us and win RapidShare premium account and cash.

[0x6] Firewall administration

[0x7] Play multiplayer games via LAN and WLAN

[0x8] Remote Network Penetration via NetBios Hack on a windows PC

[0x9] SwiftThemes.Com launched, now you can download theme SWIFT

[0xA] Swift | The fastest loading wordpress theme from GeniusHackers.Com

Latest News for All Threats

[0x1] International cyber crime group charged

[0x2] Four year jail sentence for webcam hacker

[0x3] Credit card fraudsters jailed in UK

[0x4] Estonia arrests first hacker over cyberattacks

[0x5] Russian news sites suffer DoS attacks

[0x6] Spammers sued for $1bn

[0x7] Hackers target official Estonian portals in conflict over Soviet-era monument

[0x8] "Bumbling" hacker speaks out at Infosec

[0x9] Changes to UK cybercrime legislation are in the air

[0xA] Report shows Britons up for online risks

Latest Glossary Additions

[0x1] Keylogger

[0x2] World Wide Web

[0x3] WildList

[0x4] WiFi

[0x5] Whitelist

[0x6] Web browser

[0x7] War driving

[0x8] War chalking

[0x9] Vulnerability

[0xA] VoIP [Voice over IP]

Declan McCullagh's Politech

Politech is the oldest Internet resource devoted to politics and technology. Launched in 1994, the Politech mailing list and then the web site has chronicled the growing intersection of law, culture, technology, politics, and law. Edited by Declan McCullagh.

[0x1] Politicians push for mandatory data retention laws, bipartisanly

[0x2] Who'd make the most technology-friendly president? Discuss.

[0x3] Judge rules defendant can't be forced to divulge PGP passphrase

[0x4] ITU botnet paper published in draft form, comments requested

[0x5] David Burt and his Filtering Facts Web site are back

[0x6] FTC Internet advertising summit in Washington this week

[0x7] Hamline University student suspended after pro-gun rights email

[0x8] MIT student picking up friend at airport nearly shot, charged with "infernal machine" crime

[0x9] Paul Levy: Politicians, infomercial kings try to stifle anonymous Internet speech

[0xA] Colorado sheriff creates roadblock so private firm can demand DNA blood samples

Darknet - The Darkside

Ethical Hacking, Penetration Testing & Computer Security

[0x1] SecuBat – Modular Web Vulnerability Scanner

[0x2] Twitter Major Password Reset After Phishing Attack

[0x3] Nmap v5.20 Released – Open Source Network Exploration & Auditing Tool

[0x4] Google Willing To Pay Bounty For Chrome Browser Bugs

[0x5] Groundspeed 1.1 – Web Application Security Add-on For Firefox

[0x6] Playstation 3 (PS3) Finally Hacked & Exploit Released

[0x7] Browser Fuzzer 3 (bf3) – Comprehensive Web Browser Fuzzing Tool

[0x8] Websense Offers Facebook Users Free ‘Firewall’ Service

[0x9] Burp Suite v1.3 Released – Integrated Platform For Attacking Web Applications

[0xA] Microsoft Releases Out-Of-Band Patch For IE 0-Day Vulnerability

The Falcon's View

Mental meanderings of an infosec obsessive...

[0x1] Buy My ShmooCon Ticket!!

[0x2] Another ISSA Journal Cover

[0x3] BSides or Be Square: San Francisco and Austin

[0x4] Simply Unfair: The NFL OT Rules

[0x5] Non-Fiction: The 50th Law & Managing Softly

[0x6] Much Adieu: MS Search Data

[0x7] Makin' the Grade: On the D-List

[0x8] Do We Give Google Too Much?

[0x9] DIRECTV's Billing System of Doom

[0xA] Newark Breach Hype to Hysteria

Shon Harris' CISSP Blog

Certified Information Systems Security Professional

[0x1] Viruses, Malware And Various Threats To Mobile Devices (Part 4 of 5)

[0x2] Mobile Devices - Access Control, Wireless Network Risks And Security Implementations (Part 3 of 5)

[0x3] Mobile Devices - Security Implications and Countermeasures (Part 2 of 5)

[0x4] Mobile Devices – Definition And Security Issues (Part 1 of 5)

[0x5] Changes to the CISSP Exam

[0x6] A Satire of the Security Divas of Today

[0x7] Security Issues of Social Network Sites

[0x8] Web Application Security Testing Webcast hosted by Shon Harris

[0x9] CISSP Braindump And Shortcuts - Is It Really Smart To Take The Road More Frequently Travelled?

[0xA] Risk Management - What Is The Real Score In The Management Of Risks

halsten

arbitrary dump

[0x1] Security Conference(s)

[0x2] Zend Studio For Eclipse v.6.1 Keygen

[0x3] Reversing Pro Evolution Soccer 6 - End

[0x4] Reversing Pro Evolution Soccer 6 - Part 3

[0x5] Reversing Pro Evolution Soccer 6 - Part 2

[0x6] Reversing Pro Evolution Soccer 6 - Part 1

[0x7] Reversing Pro Evolution Soccer 6 - Intro

[0x8] Facebook Puzzles Solution

[0x9] Backdoor.W32.Small.PF Analysis

[0xA] Simple PE Viewer (wxWidgets)

Security Forums

Security Forums Dot Com :: Share Your Knowledge

[0x1] MAC and Trojan prevention

[0x2] Migration of Windows 2003 Domain & Active Directory

[0x3] windows 7 folder redirection

[0x4] I need a review for Pulse Telecom. Thanks.

[0x5] Which is the best Antivirus?

[0x6] Two NICs

[0x7] Printer files log jam - needs clearing/deletion

[0x8] New Network found in Zone alarm Pro (Loss of connectivity)

[0x9] Hello Members

[0xA] Got a hacked computer

xorl %eax, %eax

[0x1] xorl and the army…

[0x2] CVE-2009-4355: OpenSSL zlib_stateful_finish() Remote Memory Leak DoS

[0x3] CVE-2009-4141: Linux kernel FASYNC Locked File Use After Free

[0x4] NetBSD-SA2010-001: mount(2) Module Autoloading Race Condition

[0x5] CVE-2010-0007: Linux kernel netfilter ebtables Missing Check

[0x6] CVE-2010-0006: Linux kernel IPv6 Remote NULL Pointer Dereference

[0x7] News: BerliOS repository site hacked

[0x8] News: Google and 33 more companies got owned

[0x9] CVE-2009-4212: MIT Kerberos Multiple Integer Underflows

[0xA] CVE-2001-0053: OpenBSD FTPd Remote off-by-one Overwrite

CSOONLINE.com - Federated IDM

[0x1] Social Networking a Tool for More Secure Identity Management? No Joke!

[0x2] News Flash: Data Debauchery That Happens in Vegas Doesn't Stay There

[0x3] Why Security Pros Hate Microsoft SharePoint (and What to Do About It)

[0x4] Federated ID: An Idea Whose Time Never Came?

[0x5] Identity Management: Implementation Dos and Dont's

[0x6] Identity Management: Critical Components

[0x7] An Introduction to Identity Management

[0x8] Strong Authentication for Online Banking: Success Factors

[0x9] Thinking of Doing Federated Identity Management?

[0xA] The Truth About Federated Identity Management

GovInfoSecurity.com Webinars RSS Syndication

GovInfoSecurity.com RSS News Feeds on government information security webinars.

[0x1] Emerging Threats in Financial Data Breaches

[0x2] Career Trends Survey 2010 Results Webinar

[0x3] The Identity Enabled Network: The Future of Secure Cyberspace

[0x4] Data Protection and Incident Response

[0x5] Time: The Hidden Risks -- How to Create Compliant Time Practices

[0x6] Automating Security Controls Within Government Information Systems

[0x7] Legal Considerations About Cloud Computing

[0x8] Electronic Evidence & e-Discovery: What You Need to Know & Protect

[0x9] PCI 2010: Trends and Technologies

[0xA] Identity Theft: How to Respond to the New National Crisis

TippingPoint DVLabs Threat Protection Updates

Monthly threat protection updates from TippingPoint DVLabs. For more information, visit dvlabs.tippingpoint.com

[0x1] TippingPoint DVLabs Threat Protection Update - November 2009

[0x2] TippingPoint DVLabs Threat Protection Update - July 2009

[0x3] TippingPoint DVLabs Threat Protection Update - June 2009

[0x4] TippingPoint DVLabs Threat Protection Update - May 2009

[0x5] TippingPoint DVLabs Threat Protection Update - April 2009

[0x6] TippingPoint DVLabs Threat Protection Update - March 2009

[0x7] TippingPoint DVLabs Threat Protection Update - February 2009

[0x8] TippingPoint DVLabs Threat Protection Update - January 2009

[0x9] TippingPoint DVLabs Threat Protection Update - December 2008

[0xA] TippingPoint DVLabs Threat Protection Update - October 2008

Security Watch

Security Watch is a resource center for everything related to tech security: the latest news, review summaries and advice on security-related topics. We show you how you can protect your online identity and keep your computer safe.

[0x1] 16-Month Old Flash Bug Still Unpatched

[0x2] Amex Password Policies Declared Brain-Dead

[0x3] Windows 7 Upgrade Unsigns Some Vista Files

[0x4] What is an Act of Cyber War?

[0x5] Office 2010 Opts in to DEP by Default

[0x6] Researcher Releases More Details on JIT-Spraying

[0x7] New "JIT Spray" Penetrates Best Windows Defenses

[0x8] Microsoft to Issue Baker's Dozen Security Updates Next Tuesday

[0x9] Antimalware Tools Should Handle All Threats

[0xA] Vulnerability in IE Can Disclose Local Files

Firewall Wizards

Tips and tricks for firewall administrators

[0x1] Draft paper submission deadline is extended: ISP-10

[0x2] Hackito Ergo Sum 2010 - Call For Paper - HES2010 CFP

[0x3] Re: Is it possible to control access between clients on same LAN with a firewall?

[0x4] Re: Is it possible to control access between clients on same LAN with a firewall?

[0x5] Re: Is it possible to control access between clients on same LAN with a firewall?

[0x6] Re: Is it possible to control access between clients on same LAN with a firewall?

[0x7] Re: Is it possible to control access between clients on same LAN with a firewall?

[0x8] Re: Is it possible to control access between clients on same LAN with a firewall?

[0x9] Re: Is it possible to control access between clients on same LAN with a firewall?

[0xA] Re: Is it possible to control access between clients on same LAN with a firewall?

CSOONLINE.com - Identity Management

[0x1] Groundhog Day: The Gartner IAM 2009 Event in Review

[0x2] How 9-11 Shaped Hoover Dam Security Operations

[0x3] Hoover Dam Security in Pictures

[0x4] 6 Ways We Gave Up Our Privacy

[0x5] Social Networking a Tool for More Secure Identity Management? No Joke!

[0x6] News Flash: Data Debauchery That Happens in Vegas Doesn't Stay There

[0x7] Potential Gov't Cookie Policy Change Prompts Concerns

[0x8] Software Not Smart Enough to Sort Human Relationships

[0x9] Accountability in Enterprise Wireless Deployments

[0xA] How SCAP Brought Sanity to Vulnerability Management

Palisade Magazine : Application Security Intelligence

A publication by Paladion Networks

[0x1] Quiz: Specifying life time for a webpage

[0x2] SAP Baseline Security Audit

[0x3] Defeating Encryption in Some Thick Clients

[0x4] Database Links Security

[0x5] Quiz: Proposal to amend Same Origin Policy

[0x6] Cache Control Directives Demystified

[0x7] The Payment Application Data Security Standard (PA DSS)

[0x8] Defend against Reverse Engineering

[0x9] Quiz: Cross Site Printing

[0xA] CSRF - The hidden menace

ha.ckers.org web application security lab

Web Application Security Blog

[0x1] Releases.mozilla.org SSL and Manual Update Fail

[0x2] Accuracy and Time Costs of Web Application Security Scanner Report

[0x3] Large List of RFIs (1000+)

[0x4] Micro PHP LFI Backdoor

[0x5] JavaScript Embedded in Homepage Links in Firefox

[0x6] Quicky Firefox Bookmarklet Backdoor

[0x7] .EDU Hacks And Ambulance Chasing

[0x8] CSS History Hack In Firefox Without JavaScript for Intranet Portscanning

[0x9] Wait, Google - I Thought You Were Evil!

[0xA] Anonymous Proxy Woes

Vulnerability Analysis Blog

[0x1] Plain Text Email in Outlook Express

[0x2] Managing IPv6 - Part 2

[0x3] Managing IPv6 - Part 1

[0x4] Internet Explorer Kill-Bits

[0x5] Mitigating Slowloris

[0x6] Vulnerabilities and Attack Surface

[0x7] Release of Dranzer ActiveX Fuzzing Tool

[0x8] Bypassing firewalls with IPv6 tunnels

[0x9] Conficker.C: How many are there?

[0xA] Windows Installer Application Resiliency

Daily Dave

This technical discussion list covers vulnerability research, exploit development, and security events/gossip. It was started by ImmunitySec founder Dave Aitel and many security luminaries participate. Many posts simply advertise Immunity products, but you can't really fault Dave for being self-promotional on a list named DailyDave.

[0x1] Directory traversal as a reconnaissance tool (Russ McRee)

[0x2] Kernel bugs!

[0x3] Re: ASLR+DEP = no problem. :>

[0x4] Re: ASLR+DEP = no problem. :>

[0x5] Re: ASLR+DEP = no problem. :>

[0x6] Re: ASLR+DEP = no problem. :>

[0x7] Recon Call for Papers - July 9-11 2010

[0x8] Re: ASLR+DEP = no problem. :>

[0x9] Re: ASLR+DEP = no problem. :>

[0xA] Re: ASLR+DEP = no problem. :>

Symantec Security Response Podcasts

Listen online, download to your computer, or subscribe and get the latest information automatically.

[0x1] Internet Security Threat Report, Vol.12: Virtual Worlds

[0x2] Internet Security Threat Report, Vol.12: Staged Attacks

[0x3] Security Response Internet Security Threat Report, Volume 12

[0x4] Internet Security Threat Report, Vol.11: Future Watch

[0x5] Security Response Internet Security Threat Report, Volume 11

[0x6] Zero Day Vulnerabilities

[0x7] Windows Vista Security

[0x8] Internet Protocol v6

[0x9] January Security Response Blog

[0xA] Home and Home Office Security Report

Science&Tech | Mail Online

[0x1] Forget the Botox! New iPhone app 'zaps acne and wrinkles' with red and blue lights

[0x2] British astronaut blasts into orbit to fit a room with a view onto space station

[0x3] Eugenics fear as British couples are offered £700 online gene test for 100 inherited diseases

[0x4] Like shooting fish in a barrel: How a photographer coaxed a kingfisher to pose for the camera

[0x5] Why taller football players are more likely to fall foul of the referee

[0x6] Google to launch smartphones that will translate foreign languages in real time

[0x7] The battery's dead: Scientists invent wafer-thin plastic that can store electricity

[0x8] Are cat owners really top dogs for brains?

[0x9] Looking young for your age? Thank the Peter Pan gene

[0xA] Dino-hen: 'Striking' feathered dinosaur resembled 'exotic chicken', scientists reveal following fossil discovery

It's a shampoo world anyway

...la lausige Leben, revisited

[0x1] NoScript now includes LocalRodeo-like functionality

[0x2] OWASP Germany Conference

[0x3] LocalRodeo (beta) for Firefox 3

[0x4] Travel ahead

[0x5] DeepSec 2007 Roundup

[0x6] Why I do not like taint tracking

[0x7] DNS rebinding at CCS'07

[0x8] CfP: NordSec 2007 - The 12th Nordic Workshop on Secure IT Systems

[0x9] 2nd Rule: You do blog about Bar Camp

[0xA] New LocalRodeo Version

CSOONLINE.com - Access Control

[0x1] Y2K All Over Again in 2010?

[0x2] Groundhog Day: The Gartner IAM 2009 Event in Review

[0x3] How 9-11 Shaped Hoover Dam Security Operations

[0x4] Hoover Dam Security in Pictures

[0x5] Fingerprints Not Enough for Future Security Government Systems

[0x6] Why Pen Testing Is Central to Pennsylvania's App Security

[0x7] News Flash: Data Debauchery That Happens in Vegas Doesn't Stay There

[0x8] Judge: VIP Inc. Can't Sell Customer Data

[0x9] SQL injection Attacks Led to Heartland, Hannaford Breaches

[0xA] One Man's View: Heartland CEO Must Accept Responsibility

AirSafe.com Web Site

Site dedicated to providing the public with information on aviation safety and security.

[0x1] AirSafe.com News

[0x2] Podcast on Intial Details of Air France A330 Crash near Brazil

[0x3] Air France Flight 447 Accident Information

[0x4] Crash of Turkish Airlines 737 in Amsterdam

[0x5] Continental Connection Crash in Buffalo 12 February 2009

[0x6] A320 Crashes in the Hudson River

[0x7] Year in Review 2008

[0x8] Risks from Incapacitated Pilots and Pilots Who May Deliberately Crash Airplanes

[0x9] Interview on 'The Gregg Knapp Experience' - 18 November 2008

[0xA] Complacency and the Qantas A330 Accident of 7 October 2008

US-CERT Cyber Security Alerts

US-CERT Cyber Security Alerts provide timely information about current security issues, vulnerabilities, and exploits. Cyber Security Alerts are released in conjunction with Technical Cyber Security Alerts when there is an issue that affects the general public. Cyber Security Alerts outline the steps and actions that non-technical home and corporate computer users can take to protect themselves from attack.

[0x1] SA10-021A: Microsoft Internet Explorer Vulnerabilities

[0x2] SA10-013A: Adobe Reader and Acrobat Vulnerabilities

[0x3] SA10-012B: Microsoft Windows and Adobe Flash Player 6 Vulnerabilities

[0x4] SA09-343A: Adobe Flash Vulnerabilities Affect Flash Player and Adobe AIR

[0x5] SA09-342A: Microsoft Updates for Multiple Vulnerabilities

[0x6] SA09-314A: Microsoft Updates for Multiple Vulnerabilities

[0x7] SA09-286B: Multiple Vulnerabilities Affect Adobe Reader and Acrobat

[0x8] SA09-286A: Microsoft Updates for Multiple Vulnerabilities

[0x9] SA09-251A: Microsoft Updates for Multiple Vulnerabilities

[0xA] SA09-223A: Microsoft Updates for Multiple Vulnerabilities

OutScribe

All the tech that matters...

[0x1] Best And Most Used Symbian Applications On My Mobile

[0x2] Google Strips Beta Tag from Gmail, Calendar, Docs and Talk, Salvages the World

[0x3] Protect Your Precious and Pricey Mobile From Theft

[0x4] Use your old mail accounts to use your LinkedIn connections optimally

[0x5] GPS Bluetooth Receiver and Data Logger - Visiontac VGPS-900

[0x6] Why Wolfram Alpha is not a Google Killer!

[0x7] Google Internet Bus is coming to Bengaluru!

[0x8] Now share your Google Latitude location with Gtalk buddies and on your blog!

[0x9] When the Moon came close to say Hi!!

[0xA] Google launches “What’s Popular” Gadget, limits it to iGoogle

Securosis Blog

Main Securosis Blog

[0x1] Litchfield Discloses Oracle 0-Day at Black Hat

[0x2] Counterpoint: Admin Rights Don’t Matter the Way You Think They Do

[0x3] Project Quant: Database Security - Masking

[0x4] Rock Beats Scissors, and People Beat Process

[0x5] FireStarter: Admin access, buh bye

[0x6] RSVP for the Securosis and Threatpost Disaster Recovery Breakfast

[0x7] Kill. IE6. Now.

[0x8] Friday Summary: February 5, 2010

[0x9] Comments on Microsoft Simplified SDL

[0xA] The NSA Isn’t Evil (Even Working with Google)

What's New @ Mu

[0x1] Vulnerability analysis: Mu Dynamics

[0x2] IMS: Can it reliably deliver Voice over LTE (VoLTE)?

[0x3] Mu Dynamics Pcapr Packet Networking Site Reaches One-Year Mark

[0x4] Mu Dynamics Honored As One Of The ‘Top 20 Products in Last 20 Years’ by SC Magazine

[0x5] Trust No One (Mu Dynamics Blog)

[0x6] pcapr - Web 2.0 for packets

[0x7] Mu Dynamics Aims to Plug Service Testing Gap

[0x8] The Elephant in the Test Lab (Mu Dynamics blog)

[0x9] Mu Dynamics Moves To RealWorld IP Tests

[0xA] Cloud Services Tester Enhances Suite

Kaspersky Lab Weblog

[0x1] On the way to better testing

[0x2] Patch now: MS10-002

[0x3] Search poisoning, again

[0x4] Patch Tuesday - Jan 2010

[0x5] Open season on tax-payers

[0x6] Cybercriminals go shopping

[0x7] Trojan.Sejweek: a new variant

[0x8] All about Brittany on Twitter

[0x9] mwcollectd released

[0xA] Crime time

Realtime Community | IT Compliance

The Realtime IT Compliance Community is an objective source for information related to IT Compliance, regulations, information security, and data protection. The community provides a wide range of resources including blogs, articles, white papers, forums and podcast as well as links to external resources.

[0x1] Smart Grid Privacy: Possible Privacy Standards To Address Concerns

[0x2] 15 Smart Grid Privacy Concerns + Other Smart Grid Thoughts

[0x3] HIPAA And Surveillance In Hospitals

[0x4] CEs and BAs: Be HIPAA/HITECH Compliant Or Pay A Hefty Penalty

[0x5] Smart Grid Privacy: Laws and Implications

[0x6] 6 Critical Factors for Effective Information Security & Privacy Policies

[0x7] Who Are Your Business Associates?

[0x8] HIPAA/HITECH Etc. Retention: Does Your Reality = Your Requirements?

[0x9] Proposed HIPAA Privacy Rule Change Explicitly Makes Genetic Info PHI

[0xA] Privacy For The Deceased

Security forum - dslreports.com community

Security forum current topics

[0x1] If I was irresponsible with Linux would I be infected?

[0x2] Vista Uac = Discovery to more flaws

[0x3] If you are severely infected with viruses, rootkits etc....

[0x4] [Scam] Hijacked browser - Fake Virus Scan

[0x5] Avira warning on webpage - F/P or not?

[0x6] Adobe apologizes for festering Flash crash bug

[0x7] The Government Has Your Baby's DNA

[0x8] updates to Classmates.com's privacy policy

[0x9] Facebook invitation - how did they do this?

[0xA] what is the life span of a router

Ed Smiley's Blog

[0x1] Bookmarks for December 26th through January 15th

[0x2] Bookmarks for November 3rd through December 16th

[0x3] Bookmarks for September 4th through November 3rd

[0x4] Bookmarks for August 12th through September 3rd

[0x5] Would you pay for IT Freedom in the workplace?

[0x6] Bookmarks for June 24th through August 11th

[0x7] Bookmarks for June 5th through June 22nd

[0x8] Bookmarks for May 15th through June 3rd

[0x9] Bookmarks for May 1st through May 14th

[0xA] Windows 7 and XP Mode (XPM)

Jeremiah Grossman

A page to show up #1 on Google when searching for "Jeremiah" (Currently #5).
The prophet, TV show, and that pesky Owyang guy going down!

A page to show up #1 on Google when searching for "Jeremiah Grossman", and it FINALLY has!

[0x1] Best of Application Security (Friday, Feb. 5)

[0x2] Web 2.0 Pivot Attacks

[0x3] Converting unimplementable Cookie-based XSS to a persistent attack

[0x4] The Web won’t be safe, let alone secure, unless we break it

[0x5] Be Ready -- With Answers

[0x6] Best of Application Security (Friday, Jan. 29)

[0x7] WASC RSA Meet-Up 2010!

[0x8] Best of Application Security (Friday, Jan. 22)

[0x9] Best of Application Security (Friday, Jan. 15)

[0xA] Web-based systems vs. Advanced Persistent Threat

SecuraBit

This is a Computer Security podcast brought to you by the guys at SecuraBit.com. Please visit our web site at http://www.securabit.com or send questions/comments to feedback@securabit.com Thanks for listening!

[0x1] Vulnerability Roundup

[0x2] SecuraBit T-Shirts are back! Pre-order to pickup at the Podcaster’s Meetup!

[0x3] SecuraBit Episode 49: ConFoo.ca!

[0x4] The Academy Pro – Weekly Video Review

[0x5] Vulnerability Roundup

[0x6] Rob Lee will be on the 2/10 show!

[0x7] SecuraBit Live tonight!

[0x8] The Academy Pro – Weekly Video Review

[0x9] Escaping the clutches of The GOOG

[0xA] Honeynet Forensic Challenge 2010: Challenge 1

Security University 2010 Class Schedule

2010 Security University Classes

[0x1] CISSP® Prep/The Official SU CISSP® Prep Class

[0x2] Q/ND® Qualified/ Network Defender - Enroll Now!

[0x3] Q/EH® Qualified/ Ethical Hacker Class - Enroll Now!

[0x4] Q/SA® Qualified/ Security Analyst Penetration Tester Certification w/ Q/PTL® License - Enroll Now!

[0x5] Q/FE® Qualified/ Forensic Expert - Enroll Now!

[0x6] Q/NSP® Qualified/ Network Security Policy Admin and SOA Security Oriented Architect - Enroll Now!

[0x7] CWNA™/CWSP™ Boot Camp - Enroll Now!

[0x8] Q/WAD® Qualified/ Wireless Analyst and Defender - Enroll Now!

[0x9] Q/SSE® Qualified/ Software Security Expert Cert. - Enroll Now!

[0xA] Security Plus - Enroll Now!

Search Engine Watch

Keep updated with major stories about search engine marketing and search engines as published by Search Engine Watch.

[0x1] Universal Search Optimization 101

[0x2] Managing Client PPC Campaigns on the Go

[0x3] Review your PPC Keywords

[0x4] Top International Search Marketing Failures to Avoid in 2010, Part 2

[0x5] Selling Search up the Chain: Money & Traffic

[0x6] Universal Search 101

[0x7] Why Settle for Best Practices?

[0x8] Link Building With a Small Budget

[0x9] Search Engine Success: Getting Video SEO Right

[0xA] Is SEO Dying? How will it Evolve?

The Web Security Mailing List (WASC)

The Web Security Mailing List is an open information forum for discussing topics relevant to web security.

[0x1] [WEB SECURITY] The true power of cache

[0x2] [WEB SECURITY] Dradis Framework v2.5 is out!

[0x3] Re: [WEB SECURITY] Scanning Web Services That Require Signed SOAP Requests

[0x4] [WEB SECURITY] Scanning Web Services That Require Signed SOAP Requests

[0x5] [WEB SECURITY] Re: [Webappsec] Paper: Weaning the Web off of Session Cookies

[0x6] [WEB SECURITY] Draft paper submission deadline is extended: ISP-10

[0x7] Re: [WEB SECURITY] Findings.

[0x8] Re: [WEB SECURITY] Findings.

[0x9] [WEB SECURITY] Findings.

[0xA] Re: [WEB SECURITY] Fingerprinting web applications (Joomla, Mediawiki and Wordpress)

LinuxSecurity.com: Slackware Advisories

The central voice for Linux and Open Source security news.

[0x1] Study: Spammers use e-mail ID to gain legitimacy

[0x2] Review: Mod-Security 2.5 by Magnus Mischel

[0x3] Slackware: php

[0x4] Slackware: httpd

[0x5] Slackware: pidgin

[0x6] Slackware: mozilla-firefox

[0x7] Slackware: seamonkey

[0x8] Slackware: gimp

[0x9] Slackware: ntp

[0xA] Slackware: kernel

Free and Useful Online Resources for Designers and Developers

Free and useful online resources for designer and developers

[0x1] Stunning Photos That Are Not Manipulated

[0x2] The Creative Examples Of Colorful Splash Pages

[0x3] Six Powerful Free Disk Defragmentation Tool

[0x4] Smashing Release : Free Computer Part Icon Set

[0x5] Thank You Our Valued Sponsors For Being With Us In The Month Of January

[0x6] 85+ Excellent Resources And Tutorials Especially For Designers To Discover The Best Of The Web In January

[0x7] 45 High Quality And Inspiring 3D Desktop Wallpapers

[0x8] The Ultimate Collection Of Colorful And Inspiring Vector Art

[0x9] “The Page Can’t Be Found” Coolest Error 404 Pages In Web Design

[0xA] Fabulously cool: Icons for any designer creation

ITWeb Computing

Latest ICT Computing news

[0x1] Cloud computing brings risks

[0x2] Google makes concessions to Europe

[0x3] Stratus introduces ftServer line

[0x4] Toshiba unveils green hard drive

[0x5] The Beatles enter the digital age

[0x6] Mobile devices get virtualisation app

[0x7] Starship releases NAS solution

[0x8] European server sales hit rock bottom

[0x9] Gaming tech reaches operating room

[0xA] Power policies not enough

Blog by Paul Golding

Blog by Paul Golding

[0x1] O2 Incubator has been upgraded...

[0x2] Project Raindrop and Project #Blue and 2010...

[0x3] O2 Start-Up Incubation Program - already rocking!

[0x4] Slides from OpenMIC 3 - Augmented World Mash-Ups

[0x5] Slides from NCVO meeting - Mobile 2.0: Ubiquitous Connectivity

[0x6] Design-driven innovation - what is it?

[0x7] Museums, Mobiles and QR Codes...

[0x8] Situational Web Presentation (given at V&A Museum)

[0x9] See you at OpenMIC - augmented reality and location mash-ups unconference

[0xA] Mobile 2.0 Silicon Valley - Highlights

Boaz Gelbord

A look at information security management, spending in the security industry, and everything along the way.

[0x1] Security Scoreboard is Live!

[0x2] Mass Security Regulation Gets Tech Priorities Wrong

[0x3] YouSendIt Indictment is a Cloud Warning

[0x4] SEC eyes Identity Theft

[0x5] Visa Embraces End-to-End Encryption

[0x6] https Can Wait - SaaS Needs Better Authentication First

[0x7] OWASP Security Spending Benchmarks Project Report for Q2 Published

[0x8] Nevada Mandates PCI Standard, Part II

[0x9] Nevada Mandates PCI Standard

[0xA] Opera Invites You to Join the Cloud

Bugtraq

The premier general security mailing list. Vulnerabilities are often announced here first, so check frequently!

[0x1] [CORE-2010-0121] Multiple Vulnerabilities with 8.3 Filename Pseudonyms in Web Servers

[0x2] [Hacking Event] Night Da Hack 2010 : Call For Proposals

[0x3] JDownloader Remote Code Execution

[0x4] Re: Samba Remote Zero-Day Exploit

[0x5] Re: Samba Remote Zero-Day Exploit

[0x6] Re: Samba Remote Zero-Day Exploit

[0x7] RE: Samba Remote Zero-Day Exploit

[0x8] Re: Samba Remote Zero-Day Exploit

[0x9] [security bulletin] HPSBUX02503 SSRT100019 rev.1 - HP-UX Running Java, Remote Increase in Privilege, Denial of Service and Other

[0xA] [security bulletin] HPSBMA02487 SSRT100024 rev.1 - HP Operations Agent Running on Solaris 10, Remote Unauthorized Access

IBM Internet Security Systems Frequency X Blog

Frequency X, the blog site for IBM Internet Security Systems' world-renowned security research and development team, X-Force, provides an opportunity for the researchers to converse directly with the world about threats and vulnerability research.

[0x1] My Blackhat DC Paper, Slides, and Video are available

[0x2] The Google Attacks

[0x3] My talk at the upcoming Blackhat DC conference

[0x4] A New Years Resolution - Find out how your corporate domain name is managed.

[0x5] Reflecting on NTLM Reflection

[0x6] Blackhat Demo Explained

[0x7] No Thanks Koobface

[0x8] Internet Explorer CSS 0day likely to take off

[0x9] Stealing Cookies with SSL Renegotiation

[0xA] ...and while we're talking about MITM...

Antionline Forums - Maximum Security for a Connected World

AntiOnline Forums - Computer security community for internet safety and trusted networks

[0x1] Repair Windows Installation w/out Disc or Safemode

[0x2] Is my ROOT jacked?

[0x3] Small PPC Linux Distro

[0x4] Microsoft to patch 17-year-old computer bug

[0x5] Microsoft's Creative Destruction‏

[0x6] Unidentified Local User

[0x7] Hardware Diagnostic Software

[0x8] Data masking/scrubbing tools

[0x9] Haskell Matrix Question NEED HELP!

[0xA] "Get out Of Jail Free Card" help

HSC Security Portal

Hackers Center Security Portal is one of the most complete, updated and visited Securty portals on the net. We offer Security Blogs, Exploits, Texts, Tools

[0x1] TemperIE

[0x2] Nikto 2

[0x3] hcraft 1.0.0

[0x4] MSNPawn 1.1

[0x5] httprint

[0x6] DIRB

[0x7] WebInject 1.4

[0x8] ht://Check 2.0.0

[0x9] Grabber

[0xA] Wapiti 2.2.1

US-CERT Technical Cyber Security Alerts

US-CERT Technical Cyber Security Alerts provide timely information about current security issues, vulnerabilities, and exploits.

[0x1] TA10-021A: Microsoft Internet Explorer Vulnerabilities

[0x2] TA10-013A: Adobe Reader and Acrobat Vulnerabilities

[0x3] TA10-012B: Microsoft Windows EOT Font and Adobe Flash Player 6 Vulnerabilities

[0x4] TA10-012A: Oracle Updates for Multiple Vulnerabilities

[0x5] TA09-343A: Adobe Flash Vulnerabilities Affect Flash Player and Adobe AIR

[0x6] TA09-342A: Microsoft Updates for Multiple Vulnerabilities

[0x7] TA09-314A: Microsoft Updates for Multiple Vulnerabilities

[0x8] TA09-294A: Oracle Updates for Multiple Vulnerabilities

[0x9] TA09-286B: Adobe Reader and Acrobat Vulnerabilities

[0xA] TA09-286A: Microsoft Updates for Multiple Vulnerabilities

Suspekt...

A Blog About Code, Information Security, PHP And More

[0x1] Advisory 03/2009: Piwik Cookie unserialize() Vulnerability

[0x2] SektionEins PHP Security Poster

[0x3] RSS09: Web Application Firewall Bypasses and PHP Exploits

[0x4] Shocking News in PHP Exploitation

[0x5] CGNSec October 2009

[0x6] Speaking at POC 2009

[0x7] CGNSec September 2009

[0x8] Suhosin Patch 0.9.8 for PHP 5.3.0 *BETA* - Please Test

[0x9] State of the Art Post Exploitation in Hardened PHP Environments

[0xA] Dutch PHP Conference: The Slides

SecDocs Feed

Latest security documents RSS feed

[0x1] [Video] I, Internet

[0x2] [Slides] I, Internet

[0x3] [Video] “Yes We Can’t!” - on kleptography and cryptovirology

[0x4] [Video] Using OpenBSC for fuzzing of GSM handsets

[0x5] [Slides] Using OpenBSC for fuzzing of GSM handsets

[0x6] [Paper] Optimised to fail

[0x7] [Slides] Optimised to fail

[0x8] [Slides] Playing with the GSM RF Interface

[0x9] [Video] DDoS/botnet mitigation & hosting online communities

[0xA] [Video] The Lost Cosmonauts

Shon Harris' Amazon Blog

Shon Harris' Amazon Blog

[0x1] You don't need to meet any requirements to sit the exam - you can gain them as time goes on.

[0x2] Economical Uncertainities

[0x3] New Material on the CISSP Exam in 2009?

[0x4] Connecting with Shon Harris

[0x5] Part 5 of 5 - Having the Right Perspective on the World of Security

[0x6] Part 4 of 5 - Learning Security through the View of CISSP versus Reality

[0x7] Part 3 of 5 - Is It Really A Waste Of Time To Learn About The Wide Spectrum Of Topics Covering Security?

[0x8] Part 2 of 5 -Training For CISSP – The Early Days

[0x9] Busting through the Myths of the CISSP Exam

[0xA] What do CISSPs Really Know?

Network World on Intrustion Detection and Prevention

The latest intrusion detection and prevention news and analysis from NetworkWorld.com.

[0x1] Consolidate your security services infrastructure onto one scalable virtual platform

[0x2] Experts: US gov't needs to prepare for cyberwar

[0x3] TOR issues updated software after server breach

[0x4] Security researcher IDs China link in Google hack

[0x5] Hackers hit Network Solutions customers

[0x6] Juniper, Symantec investigating after Google attack

[0x7] UK defendants await sentencing in carding scheme

[0x8] Hacking risks persist even if companies withdraw from China

[0x9] Group behind Twitter hack takes down Baidu.com

[0xA] FBI investigating online school district theft

Black Hat Forum

Blackhat Forum dedicated to learning black hat seo, cloaking, doorway pages, blogging, automatic content generators and more. Master the ART of "BlackHat"!

[0x1] webtraffic2night.com, is this a scam ?!

[0x2] Text Mailers

[0x3] My Journal to $100/day

[0x4] Facebook Landing Page

[0x5] New Way Of Adsense Earning

[0x6] [WTF] What an asshole this guy is!

[0x7] Judge a book by the cover:

[0x8] My Personal Journal: Earning $2000 Every 30 Days

[0x9] How To Block Unwelcome Visitors By IP

[0xA] Who listens to Kid Cudi?

[ISN] InfoSec News Mailing List

InfoSecNews

[0x1] BlackBerry has spyware risk too, researcher says

[0x2] IDF considers using BlackBerry

[0x3] Why CSOs Should Care About ShmooCon

[0x4] Biggest hacker training site shut down

[0x5] CSIIRW Sixth Cyber Security and Information Intelligence Research Workshop

[0x6] GAO Report: NASA Still Facing Weaknesses In IT Security

[0x7] Secunia Weekly Summary - Issue: 2010-05

[0x8] Fugitive VoIP hacker admits 10 million minute spree

[0x9] Military Intelligence: IDF is prepared for Cyberwarfare

[0xA] Report Details Hacks Targeting Google, Others

Government Technology Security News

Government Technology: News: Security

[0x1] Federal Office Offers $50,000 Reward for Missing External Drive

[0x2] What Happens When a Public Record is Actually Public? (Opinion)

[0x3] Report: China Suspected Origin of Hacked Iowa Agency

[0x4] Malware Record Set in 2009, Says PandaLabs

[0x5] Virginia Strengthens IT Security From Data Center to Desktop

[0x6] Big Data Center Migration Saves California Cash

[0x7] Is the Policy Window on Cyber-Security Closing? (Opinion)

[0x8] Incomplete Data Breach Reporting Makes Tracking Hacks Tough, Organization Says

[0x9] Cyber-Security Response on the Rise from Google, Maryland and Obama

[0xA] Government Must Attract More Cyber-Security Talent (Opinion)

MacRumors : Mac News and Rumors

the mac news you care about

[0x1] Apple Job Posting Suggests Video Recording Coming to Future iPad Models

[0x2] Current MacBook Pro Models Deleted From Best Buy's Inventory System? Updates Imminent?

[0x3] Claimed Fourth-Generation iPhone Parts Surface Revealing Taller Form Factor

[0x4] Apple Open to iPad Price Cuts if Demand Lags?

[0x5] Austrian Wireless Carrier Preparing to Offer Subsidized iPad

[0x6] Macworld San Francisco 2010 Kicks Off This Week

[0x7] Intrinsity (Formerly Exponential Technology) Now Speeding Up ARM CPUs

[0x8] Make Your Own (Paper) iPad and iPad Sighting at NYC Starbucks

[0x9] Unreleased Core i7 MacBook Pro 6,1 Benchmarked? Supplies Constrained

[0xA] Apple Seeds Mac OS X 10.6.3 (Build 10D548)

Kismet/Wireless

Kismet and Wireless Stuff ... Extended development logs, up and coming features, and general wireless link-whorery.

[0x1] Blackhat & Shmoo

[0x2] SVN commit 3011

[0x3] Quahogcon this spring

[0x4] SVN commit 3010

[0x5] SVN commit 3009

[0x6] SVN commit 3008

[0x7] SVN commit 3007

[0x8] Release 2010-01-R1

[0x9] SVN commit 3006

[0xA] SVN commit 3005

F-Secure Antivirus Research Weblog

Weblog of F-Secure Antivirus Research Team

[0x1] Watch out for flower-show.org

[0x2] worldrofwarcraft.com

[0x3] Gmail Phish

[0x4] New Facebook Home Page, Important New Privacy Setting

[0x5] Microsoft Updates and Vulnerabilities

[0x6] Using Google Images to Investigate Fraud

[0x7] An Apple a Day

[0x8] Texaco Offers You a Job For £8500 a Month

[0x9] Twittering Widgets

[0xA] Is the lack of iPad Flash support for security?

CSO Blogs - Physical Security

[0x1] CyberTerror - the Arms Race We're Losing

[0x2] High Tech Firms Who Outsource Software Development to China - The Dirty Little Secret

[0x3] Good riddance!

[0x4] $200 Discount for RSA

[0x5] Strategic guidance for applying PCI-DSS tactics.

[0x6] Last Minute Gift Ideas for the Security Professional in Your Life

[0x7] It Is Not A Hack If There is Nothing To Hack

[0x8] Low Quality - Just in Time for the Holidays

[0x9] Cybergeddon: Game of Bullets or Game of Dollars?

[0xA] Without Historical Precedent - Without Religious Support

Microsoft Security Bulletins

Microsoft Security Bulletins

[0x1] MS10-002 - Critical: Cumulative Security Update for Internet Explorer (978207)

[0x2] MS10-001 - Critical: Vulnerability in the Embedded OpenType Font Engine Could Allow Remote Code Execution (972270)

[0x3] MS09-074 - Critical: Vulnerability in Microsoft Office Project Could Allow Remote Code Execution (967183)

[0x4] MS09-073 - Important: Vulnerability in WordPad and Office Text Converters Could Allow Remote Code Execution (975539)

[0x5] MS09-072 - Critical: Cumulative Security Update for Internet Explorer (976325)

[0x6] MS09-071 - Critical: Vulnerabilities in Internet Authentication Service Could Allow Remote Code Execution (974318)

[0x7] MS09-070 - Important: Vulnerabilities in Active Directory Federation Services Could Allow Remote Code Execution (971726)

[0x8] MS09-069 - Important: Vulnerability in Local Security Authority Subsystem Service Could Allow Denial of Service (974392)

[0x9] MS09-068 - Important: Vulnerability in Microsoft Office Word Could Allow Remote Code Execution (976307)

[0xA] MS09-067 - Important: Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (972652)

CSOONLINE.com - Exec. Communication

[0x1] Excerpt: Conducting a Protective Security Advance

[0x2] 7 Ways to Stay Happy in a Miserable Profession

[0x3] A Day In The Life of Two IT Security Curmudgeons

[0x4] Report: Business Risk of Fraud, Corruption Up Amid Economic Crisis

[0x5] 5 Ways To Survive a Data Breach Investigation

[0x6] 5 Steps to Communicate Security's Value to Non-security People

[0x7] Security Geeks: From Isolation to Rock Stars

[0x8] 5 Must-Do Cyber Security Steps for Obama

[0x9] Jeff Spivey on Enterprise Risk Management

[0xA] PCI's Post-Audit Pain Points

ZDI: Published Advisories

Published Advisories

[0x1] ZDI-10-014: Microsoft Internet Explorer item Object Memory Corruption Remote Code Execution Vulnerability

[0x2] ZDI-10-013: Microsoft Internet Explorer Table Layout Reuse Remote Code Execution Vulnerability

[0x3] ZDI-10-012: Microsoft Internet Explorer Baseline Tag Rendering Remote Code Execution Vulnerability

[0x4] ZDI-10-011: Microsoft Internet Explorer Table Layout Col Tag Cache Update Remote Code Execution Vulnerability

[0x5] ZDI-10-010: RealNetworks RealPlayer Skin Parsing Remote Code Execution Vulnerability

[0x6] ZDI-10-009: RealNetworks RealPlayer IVR Format Remote Code Execution Vulnerability

[0x7] ZDI-10-008: RealNetworks RealPlayer SIPR Codec Remote Code Execution Vulnerability

[0x8] ZDI-10-007: RealNetworks RealPlayer SMIL getAtom Remote Code Execution Vulnerability

[0x9] ZDI-10-006: RealNetworks RealPlayer GIF Handling Remote Code Execution Vulnerability

[0xA] ZDI-10-005: RealNetworks RealPlayer ASMRulebook Remote Code Execution Vulnerability

CERIAS Combined Feed

News and Blog posts from CERIAS. This feed does not include our events calendar (http://www.cerias.purdue.edu/feeds/events)

[0x1] Is it ‘High Noon’ for Google, China?

[0x2] Scammers target givers after Haiti earthquake

[0x3] Drone “Flaw” Known Since 1990s Was a Vulnerability

[0x4] An old canard reappears (sort of)

[0x5] Talking to the Police All the Time

[0x6] CERIAS partners with industry, academic leaders to address nation’s cybersecurity threats

[0x7] “Verified by VISA”: Still Using SSNs Online, Dropped by PEFCU

[0x8] Firefox Vulnerabilities: Souvenirs of Windows 95

[0x9] Computer Researcher Named Distinguished Fellow of Information Security Group

[0xA] Are We All Aware Yet?

IT.com.mk

IT.com.mk - RSS Feed

[0x1] Google размислува за преведување во реално време

[0x2] Ќе се продадат 50 мил. таблет PC во 2014

[0x3] Неделен преглед 06.02.10: Скопје 2014, Symbian, Facebook, Aвстралија...

[0x4] Како да си ги избришете профилите?

[0x5] Онлајн бунт против Скопје 2014

[0x6] Facebook со нов дизајн и 400 милиони корисници

[0x7] Видео разговори со аугментирана реалност

[0x8] Приказната за Nexus One

[0x9] Македонските медиуми на друштвените мрежи

[0xA] Symbian сега е слободен софтвер

The InfoSec Blog

System Integrity: Without Integrity you don't have Security

[0x1] About Social Networking policy

[0x2] Text vs HTML: what is more secure?

[0x3] Arrogant? Who? Us?

[0x4] Throwing in the towel

[0x5] The wedge gets thicker

[0x6] Why don’t companies apply more risk analysis?

[0x7] How much would you give up your laptop for?

[0x8] The Cost of patching

[0x9] Speil Chequers

[0xA] How Many Deaths?

Techworld.com Operating Systems

Latest IT articles from Techworld's Operating Systems channel

[0x1] Four in five IT managers do not use cloud technologies

[0x2] Microsoft Office 2010 RC released

[0x3] Microsoft plans massive Windows patch next week

[0x4] Microsoft and science foundation collaborate on cloud computing

[0x5] Microsoft investigate Windows 7 battery problems

[0x6] The best security features in Windows 7

[0x7] Sick of the iPad? Google Chrome OS tablet idea revealed

[0x8] Microsoft to shut down Windows 7 previews

[0x9] Microsoft Windows 7 steams ahead, XP drops share

[0xA] Microsoft makes Windows Azure cloud platform public

The Register - Security

Biting the hand that feeds IT

[0x1] Adobe apologizes for festering Flash crash bug

[0x2] Conficker outbreak infects Leeds hospital servers

[0x3] Oracle issues emergency security patch for WebLogic

[0x4] Sweden to prosecute alleged Cisco, NASA hacker

[0x5] Cheeky French hackers hijack Tata website

[0x6] Leaky anti-virus defences letting malware through

[0x7] China stomps cybercrook training outfit

[0x8] Microscope-wielding boffins crack cordless phone crypto

[0x9] City supe slaps bank for account compromise

[0xA] Mozilla overlooked malware-laced Firefox add-ons

Google Online Security Blog

The latest news and insights from Google on security and safety on the Internet.

[0x1] More Information about Malware Details

[0x2] Do machines dream of electric malware?

[0x3] Best Practices for Verifying and Cleaning up a Compromised Site

[0x4] Protecting Users and Ads from Malware

[0x5] Show Me the Malware!

[0x6] The Malware Warning Review Process

[0x7] Malware Statistics Update

[0x8] Ask the Google Anti-Malware Team

[0x9] Improving web browser security

[0xA] Password strength and account recovery options

Security - RSS Feeds

Security - RSS Feeds

[0x1] China Closes Hacker Training School, Arrests 3

[0x2] Researchers Present Web Application Attack Targeting Database Connection

[0x3] Microsoft Plans Massive Patch Tuesday Security Update

[0x4] Report: Google to Partner with NSA for Cyber-Security

[0x5] Microsoft Warns of IE Security Vulnerability

[0x6] Google, China and the Anatomy of the Aurora Attack

[0x7] Twitter Details Phishing Attacks Behind Password Reset

[0x8] Older IE Versions Maintain Sizable Market Share Despite Security Concerns

[0x9] PGP to Acquire TC TrustCenter for Cloud-Based Identity Management

[0xA] Researchers Uncover Security Vulnerabilities in Femtocell Technology

lkml.org

lkml.org - the realtime linux kernel mailinglist archive

[0x1] Re: [RFC perf,x86] P4 PMU early draft

[0x2] [PATCH] Remove reference to kthread_create_on_cpu

[0x3] [PATCH] perf: Fix hypervisor sample reporting

[0x4] Re: 2.6.33-rc6 crashes on resume

[0x5] Re: linux-next: manual merge of the net tree with the wireless-cur ...

[0x6] Re: [PATCH] security/smack/smack.h: Fix smk_known length

[0x7] Re: [Patch 2/2] block: add sysfs lockdep class for iosched

[0x8] [PATCH] w6692: remove unused code

[0x9] Re: [CFT] MM: Pass a PTE pointer to update_mmu_cache() rather than ...

[0xA] Re: [PATCH 1/2] printk delay for each line break instead of callback

US-CERT Cyber Security Bulletins

US-CERT Cyber Security Bulletins provide bi-weekly summaries of security issues and new vulnerabilities. They also provide patches, workarounds, and other actions to help mitigate risk.

[0x1] SB10-018: Vulnerability Summary for the Week of January 11, 2010

[0x2] SB10-011: Vulnerability Summary for the Week of January 4, 2010

[0x3] SB10-004: Vulnerability Summary for the Week of December 28, 2009

[0x4] SB09-362: Vulnerability Summary for the Week of December 21, 2009

[0x5] SB09-355: Vulnerability Summary for the Week of December 14, 2009

[0x6] SB09-348: Vulnerability Summary for the Week of December 7, 2009

[0x7] SB09-341: Vulnerability Summary for the Week of November 30, 2009

[0x8] SB09-334: Vulnerability Summary for the Week of November 23, 2009

[0x9] SB09-327: Vulnerability Summary for the Week of November 16, 2009

[0xA] SB09-320: Vulnerability Summary for the Week of November 9, 2009

Managing Intellectual Property & IT Security

New methods of communications are changing the way that we do business, from hiring people, to designing scalable systems, to breaking down silos across organizations, how we manage information and systems in the Web 2.0 world is going to determine how well we compete as people and as companies in the future.

[0x1] Facebook Cyber Stalking

[0x2] Bring on the Snake Oil Sales person and Mr Know it ALL

[0x3] Lessons Learned from Cloud Camp Seattle 2010

[0x4] This is where I get to disagree with Louis Gray about leadership

[0x5] Security issues with the IPad dot Com domain

[0x6] Cloud Connect Launchpad Contest

[0x7] How HP could give IBM a run for its money in Cloud Computing Security

[0x8] Can regulators keep up with Cloud Computing?

[0x9] Live FriendFeeding your event has payoffs

[0xA] Starting a New Series on Entrepreneurialism

M86 Security Labs News

News and commentary about Internet-borne security threats from the Security Labs team at M86 Security.

[0x1] Inside a Pushdo/Zeus Campaign

[0x2] Spam Using Social Networking Sites

[0x3] Malicious Fake ABA Websites

[0x4] Possible Earthquake in Haiti Scams

[0x5] Lethic botnet - The Takedown

[0x6] Don't Update Your Email Settings

[0x7] Lethic spambot

[0x8] MP3 Spam Returns

[0x9] Pushdo Distrubuting Malicious VISA Statements

[0xA] Mega-D botnet takes a hit

Twitter / DojoSec

Twitter updates from DojoSec / DojoSec.

[0x1] DojoSec: DojoCon 2009 Cloud Security Panel http://vimeo.com/7517519 http://bit.ly/8ZusJh

[0x2] DojoSec: I posted 14 photos on Facebook in the album "DojoSec" http://bit.ly/6VZb1j

[0x3] DojoSec: DojoSec Facebook Page up http://bit.ly/53AyB8 Become a Fan :)

[0x4] DojoSec: DojoSec Canceled due to inclement weather. :(

[0x5] DojoSec: DojoSec Sessions Ep. 1 - Jeremy Brown - Finding Vulnerabilities with Static Analysis - http://bit.ly/8hcOVL

[0x6] DojoSec: @securabit Congrats on your new partnership

[0x7] DojoSec: Next DojoSec Talks will be January 7, 2010.

[0x8] DojoSec: RT @marcusjcarey: FREE Security Event - Mobile Communications Security Symposium http://bit.ly/67gZBL

[0x9] DojoSec: DojoSec streaming http://live.saecur.com/dojocon/

[0xA] DojoSec: DojoSec tonight @kpyke AKA Matt Olney of Sourcefire VRT - Custom Intrusion Detection Techniques for Monitoring Web Apps

Security Database Tools Watch

[0x1] Dradis v2.5.0 released

[0x2] Acunetix WVS v6.5 build 20100203 released

[0x3] Nikto v2.1.1 released

[0x4] (IN)SECURE Magazine Issue 24 released

[0x5] PenTBox v1.3 Beta released

[0x6] ProcNetMonitor v2.5 – Process Network Port Monitoring Tool - released

[0x7] Unhide Processes Forensics v20100201 released

[0x8] Security-Database Vulnerability Dashboard v2.0 beta released

[0x9] log2timeline v0.41 released - Logs Forensics

[0xA] ISO/IEC 31010:2009 published

OSF Data Loss - Latest Incidents

This feed contains the latest incidents approved for inclusion in OSF Data Loss.

[0x1] Stolen laptops expose 208,000 names, addresses, Social Security numbers and health details

[0x2] Names, birthdays, Social Security numbers, addresses and phone numbers of about 9,000 children accessible on web

[0x3] Mailing error exposes15,000 students Social Security numbers in envelope window

[0x4] Mailed envelope arrives damaged missing pages, 3700 names, policy numbers and Social Security numbers exposed

[0x5] Mailing error exposes 243 landlord tax forms and Social Security numbers

[0x6] Hacked payroll system exposes 27,000 employee names, dates of birth and Social Security numbers

[0x7] Technical error exposes 53 students Social Security numbers, tax forms posted on a website

[0x8] Three stolen laptops contained Social Security numbers of 1400 students and staff

[0x9] Virus-infected computer may have exposed the personal information of 3,500

[0xA] Hacked server exposes 80,000 employees names, birth dates and Social Security numbers

CSOONLINE.com - Physical Security

[0x1] Disaster in Haiti: Advice for Employees and Operations on the Ground

[0x2] Debate Rages Over Converging Physical and IT Security

[0x3] Security and Building Design: What Changed in This Decade

[0x4] Take a Walking Tour of Your Company's Security

[0x5] China Blames Online Games for Drugs, Murder, Teen Pregnancy

[0x6] Expecting Common Sense At the TSA Defies Common Sense

[0x7] DHS: Counterfeit Goods Still Rampant in U.S.

[0x8] Security Awareness, According to Google Trends

[0x9] Chemical Spill Response: How Dow is Training Small Town America to Handle Hazmat Emergencies

[0xA] SLIDESHOW: Chemical Safety Training

WindowSecurity.com blogs

Welcome to our Network Security blogs. The blogs are updated on a regular basis with the latest news, information and insider gossip within the network security world and security related fields, such as cryptography.

[0x1] Cybersecurity bill passed by House

[0x2] Over half a million web sites infected

[0x3] iPhones on your corporate network: How secure?

[0x4] Don’t hang out the “Phishing Gone” sign just yet

[0x5] Good news for IT security pros: Forrester says network security spending will rise in 2010

[0x6] Google adds security features to Chrome browser

[0x7] Microsoft COFEE and other forensics tools targeted

[0x8] Facebook security bug on AT&T mobile network

[0x9] Jesper Johansson: How Delegation Privileges are Represented in AD

[0xA] Why you should implement password policy enforcement

security_watchdog

All the IT security issues that affect you and your business. Direct reports from all the security conferences throughout the year, including RSA conference and Infosec.

[0x1] Google: complete privacy 'does not exist'

[0x2] Kiwi hacker to work for police

[0x3] Data leaks worst security threat

[0x4] UK businesses still don’t ‘get’ security

[0x5] Storm worm fabricates news

[0x6] Road warriors leaking secrets

[0x7] Cyber-crooks sting South Africa for £13m

[0x8] Public wants data breach legislation

[0x9] Hong Kong becomes most dangerous domain

[0xA] Scammers targeting LinkedIn

Wired Top Stories

Top Stories

[0x1] Macworld Expo 2010 Caters to Apple Fans — Without Apple

[0x2] Video Gallery: Lightning Reveals Its Power in Slow Motion

[0x3] Stormy Weather Cannot Defeat Re-Engineered Umbrella

[0x4] Storyboard: Chris Anderson on Long Tail of Stuff

[0x5] Feb. 9, 1969:Boeing 747 Makes First Flight

[0x6] Audio: DIY Recordings of Awakening Sun

[0x7] JooJoo Tablet Faces Uphill Battle Against iPad

[0x8] Jurors Told to Stop Tweeting

[0x9] Google Making Gmail Into a Communications Hub

[0xA] Boeing's Biggest Bird Leaves the Nest

F5 Networks White Papers

F5 white papers provide information on critical technology areas and how F5 products help you improve upon or prepare for their deployment.

[0x1] Geolocation and Application Delivery

[0x2] Unified Access and Optimization with F5 BIG-IP Edge Gateway

[0x3] BIG-IP Version 10.1: An Integrated Application Delivery Architecture

[0x4] Manageable Application Security

[0x5] Managing BIG-IP Devices with HP and Microsoft Network Management Solutions

[0x6] DNSSEC: The Antidote to DNS Cache Poisoning and Other DNS Attacks

[0x7] The ROI of Application Delivery Controllers in Traditional and Virtualized Environments

[0x8] Create a Smarter Storage Strategy

[0x9] Connecting to the Cloud with F5 BIG-IP Solutions and VMware VMotion

[0xA] Global Distributed Service in the Cloud with F5 and VMware

Network World on Spam

The latest spam and anti-spam news and analysis from NetworkWorld.com

[0x1] Mozilla confirms infected Firefox add-ons slipped through security

[0x2] Versign fails to take action against malicious sites, researcher says

[0x3] Spam, e-mail threats high in the Asia Pacific in January

[0x4] Microsoft slates colossal Windows patch next week

[0x5] Old security flaws still a major cause of breaches, says report

[0x6] Netgear Announces ProSecure UTM For 5-User SMB Networks

[0x7] Spam? No thank you, m'am