- Schnucks wants federal court to handle data breach lawsuit
- UDP port 1434 directed attack to AS13489 IP ranges, (Fri, May 24th)
- Researchers find unusual malware targeting Tibetan users in cyberespionage operation
- Layered defenses largely fail to block exploits, says NSS
- Researchers warn of increased Zeus malware activity this year
- Twitter's 2FA: SMS Double-Duty
- Scanner identifies malware strains, could be future of AV
- Killer apps: The performance of networked applications
- Twitter's two-step authentication a good start, experts say
- U.S. urged to let companies 'hack-back' at IP cyber thieves
- Twitter's two-step authentication a good start, experts say
- Could the Bitcoin network be used as an ultrasecure notary service?
- Microsoft brushes off claim Xbox Live accounts were compromised
- Google to lengthen SSL encryption keys from August
- Mac Spyware Bait: Lebenslauf für Praktitkum
- Zeus variants are back with a vengeance
- Fighting cybercrime is on the right track
- Google set to upgrade its SSL certs
- IT security pros have trouble communicating with executives
- Facebook phishers target Fan Pages owners
- ISC StormCast for Thursday, May 23rd 2013 http://isc.sans.edu/podcastdetail.html?id=3326, (Thu, May 23rd)
- IT security vendors seen as clueless on industrial control systems
- Google engineer bashes Microsoft's handling of security researchers, discloses Windows zero-day
- Nation's power grid under constant cyberattack, but Congress lax
- Google researcher reveals another Windows 0-day
- DHS employees' info possibly compromised due to system flaw
- MoVP II, (Thu, May 23rd)
- Twitter aims to become safer with two-step sign-in
- SoftBank said to be in talks with US to allay national security fears
- ****s are into online sharing, but are also more privacy-aware
- Mac Spyware Bait: Lebenslauf für Praktitkum
- The dangers of downloading software from unofficial sites
- Twitter finally offers 2-factor authentication
- Mac Spyware Bait: Lebenslauf für Praktitkum
- Is it time to professionalize information security?
- A spotlight on grid insecurity
- Microsoft decrypts Skype comms to detect malicious links
- Wireshark 1.10.0rc2 is now available http://www.wireshark.org/download.html, (Thu, May 23rd)
- Apple QuickTime 7.7.4 for Windows updated, MANY security vulnerabilities: http://support.apple.com/kb/HT1222, (Wed, May 22nd)
- Chrome 24.0.1312.52 has been updated for Windows, Mac, Linux, and Chrome Frame, (Wed, May 22nd)
- Wireshark 1.8.7 and 1.6.15 Released http://www.wireshark.org/news/20130517.html, (Wed, May 22nd)
- Growing mobile malware threat swirls (mostly) around Android
- Event: Cloud Security Alliance EMEA Congress 2013
- New Citadel malware variant targets Payza online payment platform
- Blue Coat Systems to acquire security analytics firm Solera Networks
- Privilege escalation, why should I care?, (Wed, May 22nd)
- Review: Logging and Log Management
- Commission wants to minimize U.S. IP theft economic impact
- Mac Spyware: OSX/KitM (Kumar in the Mac)
- Digital strongboxes won't solve whistleblower problem for journalists
- Opinion varies on action against Chinese cyberattacks
- U.S. power companies under frequent cyberattack
- Microsoft may be scanning your Skype messages
- Researchers find critical vulnerabilities in popular game engines
- Guantanamo cuts off Wi-Fi access due to OpGTMO
- NYPD detective accused of hiring email hackers
- Experts highlight top data breach vulnerabilities
- Why BYOx is the next big concern of CISOs
- IT pros focus on cloud security, not hype
- Free tool repairs critical Windows configuration vulnerabilities
- Blue Coat to acquire Solera Networks
- ISC StormCast for Wednesday, May 22nd 2013 http://isc.sans.edu/podcastdetail.html?id=3323, (Wed, May 22nd)
- APT1 is back, attacks many of the initial U.S. corporate targets
- Chrome 27 stable released http://googlechromereleases.blogspot.ca/ some security fixes, (Tue, May 21st)
- Moore, Oklahoma tornado charitable organization scams, malware, and phishing, (Tue, May 21st)
- U.S. DOJ accuses journalist of espionage
- A closer look at Mega cloud storage
- Big Hangover
- Pressure mounts for building in security during application development
- IntegriCell's Aaron Turner: Security managers still don't get mobile security
- Successful companies embrace shadow IT
- Senate report: Apple claims subsidiaries with no taxing jurisdiction
- Aurora attackers were looking for Google's surveillance database
- "NATO vacancies" phishing email also leads to malware
- Sourcefire goes beyond the sandbox
- Wi-Fi client security weaknesses still prevalent
- Find TrueCrypt and BitLocker encrypted containers and images
- CISOs need to engage with the board
- ISC StormCast for Tuesday, May 21st 2013 http://isc.sans.edu/podcastdetail.html?id=3320, (Tue, May 21st)
- Safe - Tools, Tactics and Techniques, (Mon, May 20th)
- Ubuntu Package available to submit firewall logs to DShield, (Mon, May 20th)
- Researchers uncover new global cyberespionage operation dubbed Safe
- U.S. Congress has questions about Google Glass and privacy
- Sysinternals Updates for Accesschk, Procdump, RAMMap and Strings http://blogs.technet.com/b/sysinternals/archive/2013/05/17/updates-accesschk-v5-11-procdump-v6-0-rammap-v1-22-strings-v2-51.aspx, (Mon, May 20th)
- Jailed hacker designs device to thwart ATM card skimming
- Yahoo Japan says 22 million user IDs may have been stolen
- Chinese hackers master art of lying low
- Security Manager's Journal: NAC deployment means better access control at last
- Digital Government Strategy progress and challenges
- Cyber espionage campaign uses professionally-made malware
- Over 45% of IT pros snitch on their colleagues
- Form-grabbing rootkit sold on underground forums
- U.S. DOD decides iPhones and iPads can connect to its networks
- The CSO perspective on healthcare security and compliance
- Large cyber espionage emanating from India
- Week in review: Human sensors, IT security jobs, and hacking car charge stations
- ISC StormCast for Monday, May 20th 2013 http://isc.sans.edu/podcastdetail.html?id=3317, (Mon, May 20th)
- Port 51616 - Got Packets?, (Sun, May 19th)
- Alleged tech support scammers settle FTC charges
- Researchers uncover new global cyberespionage operation dubbed SafeNet
- Experts ding DHS vulnerability sharing plan as too limited
- Police arrest Anonymous suspects in Italy
- SSL: Another reason not to ignore IPv6, (Fri, May 17th)
- "Get free followers" scam targets Instagram users
- New Mac spyware signed with legitimate Apple Developer ID
- BBC News: LulzSec Hacker Interview
- LulzSec Sentencing in UK
- New Mac spyware found on Angolan activist's computer
- DMARC email standards help prevent brand abuse in phishing campaigns
- In a sea of malware, viruses make a small comeback
- Four former LulzSec members sentenced to prison in the UK
- Ransomware adds password stealing to its arsenal
- Targeted data stealing attacks using fake attachments
- A look into the EC Council hack
- ISC StormCast for Friday, May 17th 2013 http://isc.sans.edu/podcastdetail.html?id=3314, (Fri, May 17th)
- e-netprotections.su ?, (Fri, May 17th)
- Extracting signatures from Apple .apps, (Thu, May 16th)
- Pushdo botnet is evolving, becomes more resilient to takedown attempts
- Booming mobile industry spawning global criminal marketplace
- Four LulzSec hackers handed prison sentences
- Application vulnerabilities still a top security concern
- Thoughts on the need for anonymity
- LulzSec sentencing in UK
- Mac Spyware Found at Oslo Freedom Forum
- Syrian Internet service comes back online
- Testing firm: Internet Explorer tops browsers for malware protection
- Researchers develop industrial systems that watch for security breaches
- Google allowing Android app vendors to illegally collect user data, lawsuit alleges
- How to keep the feds from snooping on your cloud data
- Oracle renumbers Java patch updates, confuses users even more
- The New Yorker launches anonymous dead-drop tool
- Cisco TelePresence Supervisor MSE 8050 Denial of Service Vulnerability, (Thu, May 16th)
- Researchers reveal OpUSA attackers' MO
- Info-stealing Dorkbot worm spreading on Facebook
- Review: The Hacker's Guide to OS X: Exploiting OS X from the Root Up
- Intelligent vulnerability management from CORE Security
- ISC StormCast for Thursday, May 16th 2013 http://isc.sans.edu/podcastdetail.html?id=3311, (Thu, May 16th)
- Call for Papers - 4th annual Forensics and Incident Response Summit EU, (Wed, May 15th)
- Researchers uncover large cyberfraud operation targeting Australian bank customers
- Health care breach victims plummet
- FBI briefs US bank executives on wave of cyberattacks
- Mobile adware networks given 45 days to stop misbehaving by security firm
- Private messages of Bloomberg clients end up online
- Is Microsoft reading your Skype communications?
- Is Microsoft is reading your Skype communications?
- Download: Mobile Threat Report Q1 2013
- State social media privacy laws a mixed bag for businesses
- First California lawsuit over mobile privacy issues crashes
- Mobile crimeware and the global criminal marketplace
- IT security jobs: What's in demand and how to meet it
- Microsoft rushes Explorer 8 patch release
- Adobe releases critical security updates for Reader, Flash Player and ColdFusion
- Facebook attacked with credential-harvesting malware
- Android threats growing in number and complexity, report says
- Password meters actually work
- Internet scams that dominated in 2012
- Hacking charge stations for electric cars
- New 2-factor authentication for the finance industry
- Belkin releases secure switch for government agencies
- Tips for validating DDoS defenses
- ISC StormCast for Wednesday, May 15th 2013 http://isc.sans.edu/podcastdetail.html?id=3308, (Wed, May 15th)
- CVE-2013-2094: Linux privilege escalation, (Tue, May 14th)
- Microsoft Security Advisory 2846338, (Tue, May 14th)
- Microsoft fixes 33 vulnerabilities
- Adobe May 2013 Black Tuesday Overview, (Tue, May 14th)
- Microsoft May 2013 Black Tuesday Overview, (Tue, May 14th)
- Firefox & Thunderbird released, (Tue, May 14th)
- View from inside Verizon's security SWAT team
- Online gaming company recounts fighting for survival vs. DDoS attacks
- Companies, government unprepared for new wave of cybersabotage
- China still safe for IT outsourcing, despite US security concerns, says vendor
- Feds' offensive fueling hacker underground, report says
- Researcher refuses to help Saudi telco to spy on people
- Fraudster who hired hackers to manipulate stock prices goes to prison
- Internet Explorer best at blocking malware
- U.S. govt secretly obtains AP phone records
- McAfee launches security service with facial and voice recognition
- Phishing gang jailed for plundering woman's £1 million life savings
- It's better to call ahead before sending malware, Symantec finds
- Using security skills for charitable cause
- Verizon Enterprise chief: We're headed for cloud computing's A-list
- Intel's McAfee brings biometric authentication to cloud storage
- Human sensors: How encouraging user reporting strengthens security
- GFI MailArchiver 2013 released
- Should the G20 forum discuss Internet security?
- The top three threats facing enterprises
- Event: VB2013 - 23rd Virus Bulletin International Conference
- Android malware continues to rise
- How employees use business email
- So what passwords are those ssh scanners trying?, (Tue, May 14th)
- ISC StormCast for Tuesday, May 14th 2013 http://isc.sans.edu/podcastdetail.html?id=3305, (Tue, May 14th)
- U.S. government tops list of malware buyers
- Lookout will intercept privacy-invading mobile ad networks, apps
- Webinar: Embedded
- Malicious browser extensions are hijacking Facebook accounts
- In legal fog, Kim Dotcom removes 3D gun design
- Font apps on Google Play deliver spyware
- Police unable to decrypt iPhones, asks Apple to do it
- Scammers combine fake AV and bogus support calls
- Can mobile devices be more secure than PCs?
- Car and electronics shoppers at risk of escrow fraud
- Open source NAC PacketFence 4.0 released
- Week in review: Malware you can "live with", but should't, and backdoor targeting popular web servers
- ISC StormCast for Monday, May 13th 2013 http://isc.sans.edu/podcastdetail.html?id=3302, (Mon, May 13th)
- Bank security weaknesses led to cyber looting of $45M from ATMs
- BYOD Policy: Employee Right to Social Media Privacy Is Paramount
- Microsoft and Adobe Patch Tuesday Pre-Release, (Fri, May 10th)
- Webinar: Monday, May 13th
- Academic institutions urged to take steps to prevent DNS amplification attacks
- What's old is new again: Spammers revived old schemes in March quarter
- Google's five-year plan for authentication: It's complicated
- Payment card processors hacked in $45 million fraud
- Hacking back: Digital revenge is sweet but risky
- The Onion explains how its Twitter account was hacked
- US lawmakers introduce apps privacy bill
- Microsoft Patch Tuesday targets multitude of Internet Explorer faults
- PayPal Says It's Time to Ditch Passwords and PINs
- Academic institutions urged to improve network and DNS configurations
- 10 great technologies to secretly install on Mom's PC
- Bill would put mobile app vendors on the hook for privacy
- Eight indicted in $45M cybercrime campaign
- Hijacking Facebook accounts via expired Hotmail accounts
- Bringing networking and security together through network automation
- India has a new National Cyber Security Policy
- Microsoft to release 10 bulletins
- ISC StormCast for Friday, May 10th 2013 http://isc.sans.edu/podcastdetail.html?id=3299, (Fri, May 10th)
- Name.com forces customers to reset passwords following security breach
- Researchers find hundreds of insecure building control systems
- Microsoft releases fix-it for Internet Explorer 8 vulnerability
- Security practices wanting in virtual machine world, survey finds
- Lesson from the Google office hack: Do not trust third-parties
- Encrypt and secure data in the Amazon big data cloud service
- Adobe warns customers of unpatched critical flaw in ColdFusion
- Windows XP migration worries exaggerated by 'dead' applications
- Adobe Releases 0-day Security Advisory for Coldfusion, Exploit Code Available. Advisory here: http://www.adobe.com/support/security/advisories/apsa13-03.html, (Thu, May 9th)
- Spamhaus DDoS suspect extradited to his home country
- Name.com breach just one of many executed by HTP hackers?
- Senators want sanctions against countries supporting cyberattacks
- Spamhaus DDoS suspect extradited to the Netherlands
- Hacker leaks part of Candace Bushnell's unpublished book
- The CSO perspective on risk management
- Phishers taking over accounts of telecommunication customers
- Healthcare leaders streamline third party assessment process
- ISC StormCast for Thursday, May 9th 2013 http://isc.sans.edu/podcastdetail.html?id=3296, (Thu, May 9th)
- "De Flashing" the ISC Web Site and Flash XSS issues, (Wed, May 8th)
- Welcome sign for hijackers on 24-7 for 30% of social networkers
- Use of 'honeywords' can expose password crackers
- Experts wary of Pentagon cybersecurity report fingering China
- Passwords: You're doing it wrong. Here's how to make them uncrackable.
- Highly critical vulnerability fixed in Nginx Web server software