PDA

View Full Version : Security News

  1. Schnucks wants federal court to handle data breach lawsuit
  2. UDP port 1434 directed attack to AS13489 IP ranges, (Fri, May 24th)
  3. Researchers find unusual malware targeting Tibetan users in cyberespionage operation
  4. Layered defenses largely fail to block exploits, says NSS
  5. Researchers warn of increased Zeus malware activity this year
  6. Twitter's 2FA: SMS Double-Duty
  7. Scanner identifies malware strains, could be future of AV
  8. Killer apps: The performance of networked applications
  9. Twitter's two-step authentication a good start, experts say
  10. U.S. urged to let companies 'hack-back' at IP cyber thieves
  11. Twitter's two-step authentication a good start, experts say
  12. Could the Bitcoin network be used as an ultrasecure notary service?
  13. Microsoft brushes off claim Xbox Live accounts were compromised
  14. Google to lengthen SSL encryption keys from August
  15. Mac Spyware Bait: Lebenslauf für Praktitkum
  16. Zeus variants are back with a vengeance
  17. Fighting cybercrime is on the right track
  18. Google set to upgrade its SSL certs
  19. IT security pros have trouble communicating with executives
  20. Facebook phishers target Fan Pages owners
  21. ISC StormCast for Thursday, May 23rd 2013 http://isc.sans.edu/podcastdetail.html?id=3326, (Thu, May 23rd)
  22. IT security vendors seen as clueless on industrial control systems
  23. Google engineer bashes Microsoft's handling of security researchers, discloses Windows zero-day
  24. Nation's power grid under constant cyberattack, but Congress lax
  25. Google researcher reveals another Windows 0-day
  26. DHS employees' info possibly compromised due to system flaw
  27. MoVP II, (Thu, May 23rd)
  28. Twitter aims to become safer with two-step sign-in
  29. SoftBank said to be in talks with US to allay national security fears
  30. ****s are into online sharing, but are also more privacy-aware
  31. Mac Spyware Bait: Lebenslauf für Praktitkum
  32. The dangers of downloading software from unofficial sites
  33. Twitter finally offers 2-factor authentication
  34. Mac Spyware Bait: Lebenslauf für Praktitkum
  35. Is it time to professionalize information security?
  36. A spotlight on grid insecurity
  37. Microsoft decrypts Skype comms to detect malicious links
  38. Wireshark 1.10.0rc2 is now available http://www.wireshark.org/download.html, (Thu, May 23rd)
  39. Apple QuickTime 7.7.4 for Windows updated, MANY security vulnerabilities: http://support.apple.com/kb/HT1222, (Wed, May 22nd)
  40. Chrome 24.0.1312.52 has been updated for Windows, Mac, Linux, and Chrome Frame, (Wed, May 22nd)
  41. Wireshark 1.8.7 and 1.6.15 Released http://www.wireshark.org/news/20130517.html, (Wed, May 22nd)
  42. Growing mobile malware threat swirls (mostly) around Android
  43. Event: Cloud Security Alliance EMEA Congress 2013
  44. New Citadel malware variant targets Payza online payment platform
  45. Blue Coat Systems to acquire security analytics firm Solera Networks
  46. Privilege escalation, why should I care?, (Wed, May 22nd)
  47. Review: Logging and Log Management
  48. Commission wants to minimize U.S. IP theft economic impact
  49. Mac Spyware: OSX/KitM (Kumar in the Mac)
  50. Digital strongboxes won't solve whistleblower problem for journalists
  51. Opinion varies on action against Chinese cyberattacks
  52. U.S. power companies under frequent cyberattack
  53. Microsoft may be scanning your Skype messages
  54. Researchers find critical vulnerabilities in popular game engines
  55. Guantanamo cuts off Wi-Fi access due to OpGTMO
  56. NYPD detective accused of hiring email hackers
  57. Experts highlight top data breach vulnerabilities
  58. Why BYOx is the next big concern of CISOs
  59. IT pros focus on cloud security, not hype
  60. Free tool repairs critical Windows configuration vulnerabilities
  61. Blue Coat to acquire Solera Networks
  62. ISC StormCast for Wednesday, May 22nd 2013 http://isc.sans.edu/podcastdetail.html?id=3323, (Wed, May 22nd)
  63. APT1 is back, attacks many of the initial U.S. corporate targets
  64. Chrome 27 stable released http://googlechromereleases.blogspot.ca/ some security fixes, (Tue, May 21st)
  65. Moore, Oklahoma tornado charitable organization scams, malware, and phishing, (Tue, May 21st)
  66. U.S. DOJ accuses journalist of espionage
  67. A closer look at Mega cloud storage
  68. Big Hangover
  69. Pressure mounts for building in security during application development
  70. IntegriCell's Aaron Turner: Security managers still don't get mobile security
  71. Successful companies embrace shadow IT
  72. Senate report: Apple claims subsidiaries with no taxing jurisdiction
  73. Aurora attackers were looking for Google's surveillance database
  74. "NATO vacancies" phishing email also leads to malware
  75. Sourcefire goes beyond the sandbox
  76. Wi-Fi client security weaknesses still prevalent
  77. Find TrueCrypt and BitLocker encrypted containers and images
  78. CISOs need to engage with the board
  79. ISC StormCast for Tuesday, May 21st 2013 http://isc.sans.edu/podcastdetail.html?id=3320, (Tue, May 21st)
  80. Safe - Tools, Tactics and Techniques, (Mon, May 20th)
  81. Ubuntu Package available to submit firewall logs to DShield, (Mon, May 20th)
  82. Researchers uncover new global cyberespionage operation dubbed Safe
  83. U.S. Congress has questions about Google Glass and privacy
  84. Sysinternals Updates for Accesschk, Procdump, RAMMap and Strings http://blogs.technet.com/b/sysinternals/archive/2013/05/17/updates-accesschk-v5-11-procdump-v6-0-rammap-v1-22-strings-v2-51.aspx, (Mon, May 20th)
  85. Jailed hacker designs device to thwart ATM card skimming
  86. Yahoo Japan says 22 million user IDs may have been stolen
  87. Chinese hackers master art of lying low
  88. Security Manager's Journal: NAC deployment means better access control at last
  89. Digital Government Strategy progress and challenges
  90. Cyber espionage campaign uses professionally-made malware
  91. Over 45% of IT pros snitch on their colleagues
  92. Form-grabbing rootkit sold on underground forums
  93. U.S. DOD decides iPhones and iPads can connect to its networks
  94. The CSO perspective on healthcare security and compliance
  95. Large cyber espionage emanating from India
  96. Week in review: Human sensors, IT security jobs, and hacking car charge stations
  97. ISC StormCast for Monday, May 20th 2013 http://isc.sans.edu/podcastdetail.html?id=3317, (Mon, May 20th)
  98. Port 51616 - Got Packets?, (Sun, May 19th)
  99. Alleged tech support scammers settle FTC charges
  100. Researchers uncover new global cyberespionage operation dubbed SafeNet
  101. Experts ding DHS vulnerability sharing plan as too limited
  102. Police arrest Anonymous suspects in Italy
  103. SSL: Another reason not to ignore IPv6, (Fri, May 17th)
  104. "Get free followers" scam targets Instagram users
  105. New Mac spyware signed with legitimate Apple Developer ID
  106. BBC News: LulzSec Hacker Interview
  107. LulzSec Sentencing in UK
  108. New Mac spyware found on Angolan activist's computer
  109. DMARC email standards help prevent brand abuse in phishing campaigns
  110. In a sea of malware, viruses make a small comeback
  111. Four former LulzSec members sentenced to prison in the UK
  112. Ransomware adds password stealing to its arsenal
  113. Targeted data stealing attacks using fake attachments
  114. A look into the EC Council hack
  115. ISC StormCast for Friday, May 17th 2013 http://isc.sans.edu/podcastdetail.html?id=3314, (Fri, May 17th)
  116. e-netprotections.su ?, (Fri, May 17th)
  117. Extracting signatures from Apple .apps, (Thu, May 16th)
  118. Pushdo botnet is evolving, becomes more resilient to takedown attempts
  119. Booming mobile industry spawning global criminal marketplace
  120. Four LulzSec hackers handed prison sentences
  121. Application vulnerabilities still a top security concern
  122. Thoughts on the need for anonymity
  123. LulzSec sentencing in UK
  124. Mac Spyware Found at Oslo Freedom Forum
  125. Syrian Internet service comes back online
  126. Testing firm: Internet Explorer tops browsers for malware protection
  127. Researchers develop industrial systems that watch for security breaches
  128. Google allowing Android app vendors to illegally collect user data, lawsuit alleges
  129. How to keep the feds from snooping on your cloud data
  130. Oracle renumbers Java patch updates, confuses users even more
  131. The New Yorker launches anonymous dead-drop tool
  132. Cisco TelePresence Supervisor MSE 8050 Denial of Service Vulnerability, (Thu, May 16th)
  133. Researchers reveal OpUSA attackers' MO
  134. Info-stealing Dorkbot worm spreading on Facebook
  135. Review: The Hacker's Guide to OS X: Exploiting OS X from the Root Up
  136. Intelligent vulnerability management from CORE Security
  137. ISC StormCast for Thursday, May 16th 2013 http://isc.sans.edu/podcastdetail.html?id=3311, (Thu, May 16th)
  138. Call for Papers - 4th annual Forensics and Incident Response Summit EU, (Wed, May 15th)
  139. Researchers uncover large cyberfraud operation targeting Australian bank customers
  140. Health care breach victims plummet
  141. FBI briefs US bank executives on wave of cyberattacks
  142. Mobile adware networks given 45 days to stop misbehaving by security firm
  143. Private messages of Bloomberg clients end up online
  144. Is Microsoft reading your Skype communications?
  145. Is Microsoft is reading your Skype communications?
  146. Download: Mobile Threat Report Q1 2013
  147. State social media privacy laws a mixed bag for businesses
  148. First California lawsuit over mobile privacy issues crashes
  149. Mobile crimeware and the global criminal marketplace
  150. IT security jobs: What's in demand and how to meet it
  151. Microsoft rushes Explorer 8 patch release
  152. Adobe releases critical security updates for Reader, Flash Player and ColdFusion
  153. Facebook attacked with credential-harvesting malware
  154. Android threats growing in number and complexity, report says
  155. Password meters actually work
  156. Internet scams that dominated in 2012
  157. Hacking charge stations for electric cars
  158. New 2-factor authentication for the finance industry
  159. Belkin releases secure switch for government agencies
  160. Tips for validating DDoS defenses
  161. ISC StormCast for Wednesday, May 15th 2013 http://isc.sans.edu/podcastdetail.html?id=3308, (Wed, May 15th)
  162. CVE-2013-2094: Linux privilege escalation, (Tue, May 14th)
  163. Microsoft Security Advisory 2846338, (Tue, May 14th)
  164. Microsoft fixes 33 vulnerabilities
  165. Adobe May 2013 Black Tuesday Overview, (Tue, May 14th)
  166. Microsoft May 2013 Black Tuesday Overview, (Tue, May 14th)
  167. Firefox & Thunderbird released, (Tue, May 14th)
  168. View from inside Verizon's security SWAT team
  169. Online gaming company recounts fighting for survival vs. DDoS attacks
  170. Companies, government unprepared for new wave of cybersabotage
  171. China still safe for IT outsourcing, despite US security concerns, says vendor
  172. Feds' offensive fueling hacker underground, report says
  173. Researcher refuses to help Saudi telco to spy on people
  174. Fraudster who hired hackers to manipulate stock prices goes to prison
  175. Internet Explorer best at blocking malware
  176. U.S. govt secretly obtains AP phone records
  177. McAfee launches security service with facial and voice recognition
  178. Phishing gang jailed for plundering woman's £1 million life savings
  179. It's better to call ahead before sending malware, Symantec finds
  180. Using security skills for charitable cause
  181. Verizon Enterprise chief: We're headed for cloud computing's A-list
  182. Intel's McAfee brings biometric authentication to cloud storage
  183. Human sensors: How encouraging user reporting strengthens security
  184. GFI MailArchiver 2013 released
  185. Should the G20 forum discuss Internet security?
  186. The top three threats facing enterprises
  187. Event: VB2013 - 23rd Virus Bulletin International Conference
  188. Android malware continues to rise
  189. How employees use business email
  190. So what passwords are those ssh scanners trying?, (Tue, May 14th)
  191. ISC StormCast for Tuesday, May 14th 2013 http://isc.sans.edu/podcastdetail.html?id=3305, (Tue, May 14th)
  192. U.S. government tops list of malware buyers
  193. Lookout will intercept privacy-invading mobile ad networks, apps
  194. Webinar: Embedded
  195. Malicious browser extensions are hijacking Facebook accounts
  196. In legal fog, Kim Dotcom removes 3D gun design
  197. Font apps on Google Play deliver spyware
  198. Police unable to decrypt iPhones, asks Apple to do it
  199. Scammers combine fake AV and bogus support calls
  200. Can mobile devices be more secure than PCs?
  201. Car and electronics shoppers at risk of escrow fraud
  202. Open source NAC PacketFence 4.0 released
  203. Week in review: Malware you can "live with", but should't, and backdoor targeting popular web servers
  204. ISC StormCast for Monday, May 13th 2013 http://isc.sans.edu/podcastdetail.html?id=3302, (Mon, May 13th)
  205. Bank security weaknesses led to cyber looting of $45M from ATMs
  206. BYOD Policy: Employee Right to Social Media Privacy Is Paramount
  207. Microsoft and Adobe Patch Tuesday Pre-Release, (Fri, May 10th)
  208. Webinar: Monday, May 13th
  209. Academic institutions urged to take steps to prevent DNS amplification attacks
  210. What's old is new again: Spammers revived old schemes in March quarter
  211. Google's five-year plan for authentication: It's complicated
  212. Payment card processors hacked in $45 million fraud
  213. Hacking back: Digital revenge is sweet but risky
  214. The Onion explains how its Twitter account was hacked
  215. US lawmakers introduce apps privacy bill
  216. Microsoft Patch Tuesday targets multitude of Internet Explorer faults
  217. PayPal Says It's Time to Ditch Passwords and PINs
  218. Academic institutions urged to improve network and DNS configurations
  219. 10 great technologies to secretly install on Mom's PC
  220. Bill would put mobile app vendors on the hook for privacy
  221. Eight indicted in $45M cybercrime campaign
  222. Hijacking Facebook accounts via expired Hotmail accounts
  223. Bringing networking and security together through network automation
  224. India has a new National Cyber Security Policy
  225. Microsoft to release 10 bulletins
  226. ISC StormCast for Friday, May 10th 2013 http://isc.sans.edu/podcastdetail.html?id=3299, (Fri, May 10th)
  227. Name.com forces customers to reset passwords following security breach
  228. Researchers find hundreds of insecure building control systems
  229. Microsoft releases fix-it for Internet Explorer 8 vulnerability
  230. Security practices wanting in virtual machine world, survey finds
  231. Lesson from the Google office hack: Do not trust third-parties
  232. Encrypt and secure data in the Amazon big data cloud service
  233. Adobe warns customers of unpatched critical flaw in ColdFusion
  234. Windows XP migration worries exaggerated by 'dead' applications
  235. Adobe Releases 0-day Security Advisory for Coldfusion, Exploit Code Available. Advisory here: http://www.adobe.com/support/security/advisories/apsa13-03.html, (Thu, May 9th)
  236. Spamhaus DDoS suspect extradited to his home country
  237. Name.com breach just one of many executed by HTP hackers?
  238. Senators want sanctions against countries supporting cyberattacks
  239. Spamhaus DDoS suspect extradited to the Netherlands
  240. Hacker leaks part of Candace Bushnell's unpublished book
  241. The CSO perspective on risk management
  242. Phishers taking over accounts of telecommunication customers
  243. Healthcare leaders streamline third party assessment process
  244. ISC StormCast for Thursday, May 9th 2013 http://isc.sans.edu/podcastdetail.html?id=3296, (Thu, May 9th)
  245. "De Flashing" the ISC Web Site and Flash XSS issues, (Wed, May 8th)
  246. Welcome sign for hijackers on 24-7 for 30% of social networkers
  247. Use of 'honeywords' can expose password crackers
  248. Experts wary of Pentagon cybersecurity report fingering China
  249. Passwords: You're doing it wrong. Here's how to make them uncrackable.
  250. Highly critical vulnerability fixed in Nginx Web server software