Last updated:
Tue Jul 29 16:23:17 2014 GMT
  2014 FIRST Annual Conference in Boston - Register now


Blogroll
Fixing Email Weblog
Panda Research Blog
Larry Seltzer's Security Weblog
DISOG
Fermats Security Alerts
NI3
Bkis Blog
Kaspersky Lab Weblog
Latest Blog Entires From WebSense Security Labs
The Security Mentor
malwarecrawler.com
TrendLabs | Malware Blog - by Trend Micro
Latest Analysis for All Threats
Service Provider Journal
Schneier on Security
Realtime Community | IT Compliance
torsten's .NET blog - Security
Vulnerability Analysis Blog
Network Security
IBM Internet Security Systems Frequency X Blog
LuFG Summerschool Applied IT Security
REblog
Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
OSSEC Blog
Static in the Ether
Security Fix
F-Secure Antivirus Research Weblog
A Bro Blog
Norwegian Honeynet Project
Compendium
MZL & Novatech Traffic & Bandwidth Statistics News
Roger Thompson
Xavier's Security Post
A Day in the Life of an Information Security Investigator
Anton Chuvakin, O'Reilly Network
Security Response Weblog
GnuPG.org
Alert Logic
Vastly Important Notes
Mark's Blog
ThreatFire Research Blog
Emergent Chaos
The Dark Visitor
Casper Dik's Weblog
-- Sleeve notes of a sysadmin --
ADD / XOR / ROL
invulnerableit.com Blog
Page Not Found - ASP.NET Weblogs
CGISecurity.com: Your Web Site and Application Security Resource
Daemon on Security
The Security Skeptic
C.I.S.R.T.
infosec « WordPress.com Tag Feed
Security Notes
Internet Security with Kirk
Anti-Malware Engineering Team
Spam Filtering Techniques
Lauren Weinstein's Blog
chandanlog(3C)
Michael Howard's Web Log
Fabulous Adventures In Coding : Security
Glenn Brunette's Security Weblog
The ICSI Networking Group Blog
Caffeinated Security
The Microsoft Security Response Center Blog
Deb Shinder's MVP Blog
The X Dot Com Inc. - 404 Wrong Page
Information Research
SophosLabs blog
Rick Kingslan - Will Hack 4 Food
Paul's Down-Home Page: Exchange, messaging, collaboration, security, and more
Hex blog
honeyblog
Napsterization
Adobe Product Security Incident Response Team (PSIRT)
Usable Security
PandaLabs
Information Security News Desk
The Security Mentor
::PepperTech:: Security Management News Blog
Burton Group Page Not Found
Latest Blog Entires From WebSense Security Labs
Error!
RedTeam
Larry Osterman's WebLog : Security
Draft Security Blog
Windows Incident Response
Lasipalatsi
Network Security Blog
CyberSpeak's Podcast
When {Puffy} Meets ^RedDevil^
Technology Review Feed - TR Editors' Blog
1 Raindrop
Information Security News Desk
SecuriTeam Blogs
Vodun.org
: 404 Not Found
Krebs on Security
Information Manager Journal
Solution Accelerators - Security & Compliance
Steve Lamb's Blog : How to Articles
Computing Research Policy Blog
Nth world commentaries
MoMusings@Arachnid.homeip.net
Tim Rains' WebLog
ModSecurity Blog
disLEXia 3000 blog
nzight
Michael Howard's Web Log : Security
.NET Security Blog
OpenPacket Blog
404 - Not Found
BufferOverrun : Security
Esphion
BenEdelman.org
The WiFi Zone
Infosec Writers Latest Security Papers
Page Not Found - ASP.NET Weblogs
cybercrime/-security sightings
Jim's Bloggyness
Wifi Security Project
SYN|ACK
Cynical Security
1 Raindrop
CERIAS Weblogs
DoxPara Research
Windows Security Logging and Other Esoterica
Security Watch
Fred Avolio's Musings
MSDN: Security
taint.org: Justin Mason's Weblog
websecurityblog
worm blog
MVP Jubo Security Blog
Eugene Bobukh's WebLog
Sorry! We couldn't find your document
Cheap Hack
Sunbelt Blog
You Know What's Stupid? Everything I Don't Understand
The Security Skeptic
Andreas Sterbenz's Blog
HD DVD / Randomness... : Security
mcwresearch.com
The Security Blanket
darren_moffat@blog$ cat /dev/mem | grep /dev/urandom
Security Sauce
Abner Stories
Phil Windley's Technometria
Network Security Blog
National Cyber Security - Blogs
Errata Security
About Internet / Network Security
Educated Guesswork
Mal-Aware.org
trimMail's Email Battles
George Ou
Volatile Systems
Wendy's Blog: Legal Tags
TheSecure.Net
BlogInfoSec.com
Robert Hensing's Blog
Harry Waldron - Microsoft MVP Blog
Speaking of Security, the RSA Blog and Podcast
Roger's Information Security Blog
Page Not Found - ASP.NET Weblogs
-- Sleeve notes of a sysadmin --
Sorry! We couldn't find your document
Security Garden
e-Government@large
Logblog
NetSec
bIPlog
turnipsecurity
Stupid Security
Bill Sommerfeld's Weblog
The Day Before Zero
Federated Infrastructure : Security
Inliniac
Security Blanket
b l o g _ m a x i m u m
weblog.cemper.com - Technology, Software Development, Project Management, Marketing News
Arun Perinkolam's Weblog
Volatility
Tenable Network Security
Security Soapbox
Infosec Events
Security Curve Weblog
KyleM.xwell
Errata Security
Attack Research
Vitalsecurity.org - A Revolution is the Solution
fes' WebLog
Anil John - Security
Politically Motivated Computer Crime and Hacktivism
Larry's Insecurity Blog
Windows Shell/User (MSN & OneCare Too)
securosis.com
Security to the Core | Arbor Networks Security Blog
Anti Rootkit Blog
Internet Security News and Analysis
Security
CERIAS Blog
Matasano Chargen
@CyberForge
Wired: Threat Level
Dan Anderson's Weblog
whattheflex
Infothought
Solution Accelerators - Security & Compliance
Page Not Found - ASP.NET Weblogs
John Palfrey
Latests Alerts From Websense Security Labs
Small Business Server
Financial Cryptography
Bowulf Infosec & Network Admin Blog
Security and Technology for SMB's and SOHO's
Ivan
OSVDB Blog
The Security Development Lifecycle
Glenn Brunette's Security Weblog
ADD / XOR / ROL
Sorry! We couldn't find your document
Pinpoint Labs Blog
Digital ID World Editors Corner
Kasun's Weblog
TaoSecurity
Internet Insecurity
eEye Digital Security - Research Blog
InfoWorld Gripe Line | Ed Foster
Crypto-World - news
www.rootkit.com
Spire Security Viewpoint
-- Sleeve notes of a sysadmin --
netstat -a
Carnal0wnage Blog
darren_moffat@blog$ cat /dev/mem | grep /dev/urandom
New Directions in Security (Comments)
Aaron Margosis' "Non-Admin" WebLog
Kimberly L. Tripp: Improving *my* SQL skills through your questions! - Security
In-Security : Exploring Internet, Information and Infrastructure Security
GPL
Thomas Shinder Blog
Security Manifest
Essential Computer Security
Will Cox: Security
Greyhat of the World Unite...
StillSecure, After All These Years
Page Not Found - ASP.NET Weblogs
Open-Node.net Security Weblog
APB Infosec blog
Dana Epp's ramblings at the Sanctuary
Andrew Carpenter
Martin Englund's Weblog
Liudvikas Bukys
Freedom to Tinker
blackhat for life
Casper Dik's Weblog
Security Blog
The Antivirus Guy Blog
Page Not Found - ASP.NET Weblogs
Mark O'Neill's Radio Weblog
Kim Cameron's Identity Weblog
The Evil Empire
An Information Security Place
Cybercrime
Page Not Found - ASP.NET Weblogs
Sam Gentile
CyberCrime & Doing Time
Verizonbusiness.com
Infosec Potpourri
Sergey Simakov blog
Security Fix
McAfee Avert Labs
The Importance of...
antlab
July 29, 2014


Hacking, spamming, rogue SMSes and browsers - 60 Sec Security [VIDEO]
infosec « WordPress.com Tag Feed

The weeks security news, turned into an entertaining lesson, turned into a 1-min video


SFR phish: the Gateway to all French banks
CyberCrime & Doing Time

Back in April, we wrote about the French power company, EDF, being used as a universal phishing target in our article, Multi-Brand French Phisher uses EDF Group for I


Pale Moon Version 24.7.0 Released
Security Garden


22 Jump Street, Transformers Are Top Movie Lures for Summer
TrendLabs | Malware Blog - by Trend Micro

Summertime has become synonymous with blockbuster movies. Unfortunately, these movies have become a go-to social engineering lure used by cybercriminals. Just like in previous years, Trend Micro engineers searched for possible threats related to movies re


A Sysmas Carol - singing the praises of sysadmins everywhere!
infosec « WordPress.com Tag Feed

Ever felt as though there should be a song for system administrators? Like a Sysmas Carol, perhaps,


Personal Privacy Is Only One of the Costs of NSA Surveillance
Wired: Threat Level

There is no doubt the integrity of our communications and the privacy of our online activities have been the biggest casualty of the NSAs unfettered surveillance of our digital lives. But the ongoing revelations of government eavesdropping has had


Conference on Deception
Schneier on Security


ESMO: Proposed EU General Data Protection Regulation may impact cancer ... - News-Medical.net
infosec « WordPress.com Tag Feed

Times Higher Education ESMO: Proposed EU General Data Protection Regulation may impact cancer


One hoax press release, one $300 million hole in mining company
SophosLabs blog

The fake press release was pretty convincing: it was sent from a domain that riffed on the ANZ Bank name, used the bank's logo, and included the name of a PR person, along with his (NOT!) phone number. It's yet another example of how easy it is to scam pe


Hacker turns ATM into 'Doom' arcade game
SophosLabs blog

Its screen now eschews balances and transfers in favor of the familiar sight of a hand wrapped around a gun, going around dark corners and blasting stuff. Where did scrap metal hacker "Aussie50" pick this thing up? Do we have to worry about threats to our


iOS Backdoor - WSWiR Episode 114
infosec « WordPress.com Tag Feed

Firefox 31, Tails 0day, andiOS Backdoor Are you curious about the latest network breaches, dangerou


A day in the life of a Sophos SysAdmin
infosec « WordPress.com Tag Feed

Today is SysAdmin Day. We have to have a day for SysAdmins because they often dont get the re


Clich: open-source is secure
Errata Security

Some in cybersec keep claiming that open-source is inherently more secure or trustworthy than closed-source. This is demonstrably false.Firstly, there is the problem of usability. Unusable crypto isn't a valid option for

July 28, 2014


1,000,000 lost credit cards = 150,000 fine
SophosLabs blog

A UK travel company has been fined 150,000 for putting an "internal only" parking database system on the internet without securing it first. The vulnerable system was used as a stepping stone for a crook to steal more than 1M e-commerce records.</span


Security Reviews: The Heuristics Zoo, Part 2/2
Eugene Bobukh's WebLog


Compulsory data protection audits for NHS bodies - Lexology (registration)
infosec « WordPress.com Tag Feed

Compulsory data protection audits for NHS bodiesLexology (registration)On 15th July 2014, the Minist


Cybercrime Exposed Part 1: The Security Risks of Phishing
TrendLabs | Malware Blog - by Trend Micro

While new threats are emerging that hit new avenues or targets like PoS systems and cryptocurrencies, old threats likephishingremains to be an effective means of gathering user data. A simple spam email that leverages holidays, online shopping,release of


http://www.symantec.com/connect/blogs/snifula-banking-trojan-back-target-japanese-regional-financial-institutions
None


The evolution of backup and disaster recovery
infosec « WordPress.com Tag Feed

In this interview, Amanda Strassle, IT Senior Director of Data Center Service Delivery at Seagate Te


Monday review the hot 27 stories of the week
SophosLabs blog

Get yourself up to date with everything we've written in the last seven days - it's weekly roundup time.How to break into peoples homes with your mobile phone
SophosLabs blog

Having a tough time breaking into your neighbor's house? Not terribly conversant with key gauges or making clay molds? Don't worry, there's an app for that!Panopticlick reveals the cookie you cant delete
SophosLabs blog

You know about cookies, and how to delete them, but what if there was a cookie you couldn't delete, and what if the steps you took to guard your privacy made you easier to track? The EFF's Panopticlick tool determines how easy you are to identify based on


Anatomy of an iTunes phish tips to avoid getting caught out
SophosLabs blog

Even if you'd back yourself to spot a phish every time, here's a step-by-step account that might help to save your friends and family in the future...British Columbia Court of Appeal Refuses to Stay Enforcement in Equustek Solutions v. Google
You Know What's Stupid? Everything I Don't Understand


Suricata Flow Logging
Inliniac

Pretty much from the start of the project, Suricata has been able to track flows. In Suricata the term ‘flow’ means the bidirectional flow of packets with the same 5 tuple. Or 7 tuple when vlan tags are counted as … Hackers Plundered Israeli Defense Firms that Built Iron Dome Missile Defense System
Krebs on Security

Three Israeli defense contractors responsible for building the "Iron Dome" missile shield currently protecting Israel from a barrage of rocket attacks were compromised by hackers and robbed of huge quantities of sensitive documents pertaining to the shiel


Gigglebit: spill-proof beer (video) - Siliconrepublic.com
infosec « WordPress.com Tag Feed

Gigglebit: spill-proof beer (video)Siliconrepublic.comGigglebit is Siliconrepublic’s daily dos


Rosetta satellite beams back comet images - Siliconrepublic.com
infosec « WordPress.com Tag Feed

Siliconrepublic.com Rosetta satellite beams back comet imagesSiliconrepublic.comThe images of Comet


Panopticlick reveals the cookie you can't delete
SophosLabs blog

You know about cookies, and how to delete them, but what if there was a cookie you couldn't delete, and what if the steps you took to guard your privacy made you easier to track? The EFF's Panopticlick tool determines how easy you are to identify based on


Anatomy of an iTunes phish - tips to avoid getting caught out
SophosLabs blog

Even if you'd back yourself to spot a phish every time, here's a step-by-step account that might help to save your friends and family in the future...Russia Paying for a Tor Break
Schneier on Security


Motorola offers 'digital tattoo' to unlock phones - Siliconrepublic.com
infosec « WordPress.com Tag Feed

Motorola offers ‘digital tattoo’ to unlock phonesSiliconrepublic.comsiliconrepublic.com.


Monday review - the hot 27 stories of the week
SophosLabs blog

Get yourself up to date with everything we've written in the last seven days - it's weekly roundup time.How to break into people's homes with your mobile phone
SophosLabs blog

Having a tough time breaking into your neighbor's house? Not terribly conversant with key gauges or making clay molds? Don't worry, there's an app for that!CISOs Are Like Sheep to the Slaughter
BlogInfoSec.com

It took almost 10 years, but my claim that the role of the CISO is to take the blame when something goes awry, even if only marginally attributable to information security, goes awry has at last been substantially validated. Lets scroll back to December 2


Bluelock Compiles Enterprise Go-To Disaster Recovery List - The VAR Guy
infosec « WordPress.com Tag Feed

The VAR Guy Bluelock Compiles Enterprise Go-To Disaster Recovery ListThe VAR GuyJoin Me Newsletter


Blackhat & DefCon Tips: 2014 Edition
A Day in the Life of an Information Security Investigator

[Edited for 2014]

 

It's that time of year folks! BlackHat and DefCon kick into high gear next week! Mandalay Bay is hosting BlackHat 2014, and DefCon will be at the Rio again. 



Blackhat 2014 & Def Con 22 Cheat Sheets!
A Day in the Life of an Information Security Investigator

For those of you going to BlackHat USA 2014 in Las Vegas on Aug 5th, be sure to download the cheat sheet!  Click below for a breakdown of speakers, bios, references, and talk summaries.  

 

It's hosted on Google Docs, so fe


Hacker claims breach of Wall Street Journal and Vice
infosec « WordPress.com Tag Feed

W0rm’s been quite busy and has already pulled this on CNET, and likewise is again offering to


all content is copyright its respective owner or owners.

the technology behind infosec daily is partially copyright © 2003-2008 jose nazario.