Last updated:
Thu Oct 30 16:23:52 2014 GMT
  2014 FIRST Annual Conference in Boston - Register now

Errata Security
F-Secure Antivirus Research Weblog
Eugene Bobukh's WebLog
Kim Cameron's Identity Weblog
Technology Review Feed - TR Editors' Blog
Roger's Information Security Blog
Kaspersky Lab Weblog Security Weblog
The Security Mentor
TrendLabs | Malware Blog - by Trend Micro
Mark O'Neill's Radio Weblog
Speaking of Security, the RSA Blog and Podcast Blog
Security Response Weblog
Anti Rootkit Blog
blackhat for life
Bowulf Infosec & Network Admin Blog
Solution Accelerators - Security & Compliance
fes' WebLog
404 - Not Found
Casper Dik's Weblog - A Revolution is the Solution
Security Curve Weblog
Page Not Found - ASP.NET Weblogs
IBM Internet Security Systems Frequency X Blog
Glenn Brunette's Security Weblog
trimMail's Email Battles
The Evil Empire
Latests Alerts From Websense Security Labs
Security Blog
George Ou
OpenPacket Blog
Financial Cryptography
Internet Insecurity
In-Security : Exploring Internet, Information and Infrastructure Security
New Directions in Security (Comments)
Wendy's Blog: Legal Tags
Page Not Found - ASP.NET Weblogs
Michael Howard's Web Log
ModSecurity Blog
Harry Waldron - Microsoft MVP Blog
Internet Security News and Analysis
-- Sleeve notes of a sysadmin --
Federated Infrastructure : Security
Usable Security
Infosec Writers Latest Security Papers
: 404 Not Found
Cheap Hack
Windows Incident Response
Lauren Weinstein's Blog
Anton Chuvakin, O'Reilly Network
Page Not Found - ASP.NET Weblogs
The Security Skeptic
LuFG Summerschool Applied IT Security
Wired: Threat Level
Fermats Security Alerts
Adobe Product Security Incident Response Team (PSIRT)
Sam Gentile
Aaron Margosis' "Non-Admin" WebLog
Latest Blog Entires From WebSense Security Labs
Emergent Chaos
Xavier's Security Post
The ICSI Networking Group Blog
Page Not Found - ASP.NET Weblogs
Andrew Carpenter
Rick Kingslan - Will Hack 4 Food
StillSecure, After All These Years
Kimberly L. Tripp: Improving *my* SQL skills through your questions! - Security
Security and Technology for SMB's and SOHO's
Fabulous Adventures In Coding : Security
Crypto-World - news Justin Mason's Weblog
Sorry! We couldn't find your document
Anti-Malware Engineering Team
Deb Shinder's MVP Blog
Internet Security with Kirk
Arun Perinkolam's Weblog
MZL & Novatech Traffic & Bandwidth Statistics News
Information Security News Desk
Security Soapbox
Page Not Found - ASP.NET Weblogs
Martin Englund's Weblog
Greyhat of the World Unite...
Security Sauce
::PepperTech:: Security Management News Blog
Infosec Potpourri
The Importance of...
SophosLabs blog
.NET Security Blog
InfoWorld Gripe Line | Ed Foster
Information Security News Desk
Security Fix
Michael Howard's Web Log : Security
Dana Epp's ramblings at the Sanctuary
Network Security Blog
A Bro Blog
Schneier on Security
Hex blog
cybercrime/-security sightings
Security Notes
Security Garden
-- Sleeve notes of a sysadmin --
Security Fix
Small Business Server
The Dark Visitor
Larry Osterman's WebLog : Security
The WiFi Zone
Errata Security
Digital ID World Editors Corner
Tim Rains' WebLog
National Cyber Security - Blogs
Sergey Simakov blog
Network Security
The Security Development Lifecycle
Sunbelt Blog
Latest Blog Entires From WebSense Security Labs
infosec « Tag Feed
ThreatFire Research Blog
MSDN: Security
Paul's Down-Home Page: Exchange, messaging, collaboration, security, and more
Burton Group Page Not Found
When {Puffy} Meets ^RedDevil^
Computing Research Policy Blog
Norwegian Honeynet Project
Dancho Danchev's Blog - Mind Streams of Information Security Knowledge - Technology, Software Development, Project Management, Marketing News
Alert Logic
DoxPara Research
Vastly Important Notes
Essential Computer Security
Draft Security Blog
darren_moffat@blog$ cat /dev/mem | grep /dev/urandom
Information Manager Journal
Anil John - Security
Network Security Blog
Security to the Core | Arbor Networks Security Blog
Robert Hensing's Blog
Latest Analysis for All Threats
Abner Stories
Matasano Chargen
Volatile Systems
Spam Filtering Techniques
Kasun's Weblog
Page Not Found - ASP.NET Weblogs
Cynical Security
Infosec Events
The Microsoft Security Response Center Blog
MVP Jubo Security Blog
Freedom to Tinker
Carnal0wnage Blog
Windows Shell/User (MSN & OneCare Too)
Wifi Security Project
Bill Sommerfeld's Weblog
Panda Research Blog
Static in the Ether
The Antivirus Guy Blog
Politically Motivated Computer Crime and Hacktivism
Liudvikas Bukys
Fixing Email Weblog
Sorry! We couldn't find your document
-- Sleeve notes of a sysadmin --
CERIAS Weblogs
1 Raindrop
Security Blanket
Bkis Blog
Larry Seltzer's Security Weblog
The X Dot Com Inc. - 404 Wrong Page
netstat -a
Jim's Bloggyness
You Know What's Stupid? Everything I Don't Understand
Windows Security Logging and Other Esoterica
Educated Guesswork
Information Research
Solution Accelerators - Security & Compliance
BufferOverrun : Security
disLEXia 3000 blog
HD DVD / Randomness... : Security
Spire Security Viewpoint
An Information Security Place
A Day in the Life of an Information Security Investigator
CyberSpeak's Podcast
Nth world commentaries
Thomas Shinder Blog
Service Provider Journal
CyberCrime & Doing Time Your Web Site and Application Security Resource
Tenable Network Security
darren_moffat@blog$ cat /dev/mem | grep /dev/urandom
torsten's .NET blog - Security
Andreas Sterbenz's Blog
Dan Anderson's Weblog
The Day Before Zero
John Palfrey
eEye Digital Security - Research Blog
worm blog
Page Not Found - ASP.NET Weblogs
McAfee Avert Labs
Phil Windley's Technometria
Vulnerability Analysis Blog
Realtime Community | IT Compliance
Security Watch
Roger Thompson
Security Manifest
Pinpoint Labs Blog
About Internet / Network Security
Will Cox: Security
The Security Mentor
Fred Avolio's Musings
Caffeinated Security
Casper Dik's Weblog
Daemon on Security
Attack Research
The Security Skeptic
The Security Blanket
Sorry! We couldn't find your document
Stupid Security
SecuriTeam Blogs
b l o g _ m a x i m u m
Steve Lamb's Blog : How to Articles
1 Raindrop
APB Infosec blog
Mark's Blog
Larry's Insecurity Blog
Glenn Brunette's Security Weblog
Krebs on Security
October 30, 2014

ISC StormCast for Wednesday, October 29th 2014, (Wed, Oct 29th)
infosec « Tag Feed

(more) from SANS Internet Storm Center, InfoCON: green via IFTTT

3 ways to make your Gmail account safer
SophosLabs blog

Following on from our detailed guide to securing your webmail, here's a quick breakdown of how to make the most important fixes, for users of Google's Gmail.

3 ways to make your account safer
infosec « Tag Feed

Following up on our detailed guide to securing your webmail, heres a quick breakdown of how t

Snapchat escapes Australian cyberbullying crackdown, for now
SophosLabs blog

Australia's cyberbullying crackdown won't see the country putting any legal muscle into forcing "smaller" social media firms like Snapchat to take down harassing content, a Parliament spokesman said on Tuesday.

White House networks hacked
SophosLabs blog

Attackers broke into unclassified White House computer networks in the past 2-3 weeks. It's far from surprising, one unnamed official said, given that it's a "constant battle" between the government, trying to secure its sensitive systems, and bad actors

Crooks use stolen magnetic payment card info to make fraudulent chip-enabled transactions
infosec « Tag Feed

The chip and PIN payment card system or EMV is considered to be more secure than the

ShellshockRelated Attacks Continue, Targets SMTP Servers
TrendLabs | Malware Blog - by Trend Micro

A new Shellshock attack targeting SMTP servers was discovered by Trend Micro. Attackers used email to deliver the exploit. If the exploit code is executed successfully on a vulnerable SMTP server, an IRC bot known as JST Perl IrcBot will be downloaded and

Intel launches online data protection solution for retail -
infosec « Tag Feed

Intel launches online data protection solution for retailFibre2fashion.comThe Intel Data Protection

October 29, 2014

An In-Depth Look Into Malicious Browser Extensions
TrendLabs | Malware Blog - by Trend Micro

Malicious browser extensions bring about security risks as theseoften lead to system infection and unwanted spammingon Facebook. Based on our data, these attacks have notably affected users in Brazil. We have previously reported that cybercriminals are pu

Is Google Maps accurate? Ask the giant cat
infosec « Tag Feed

Someone edited Google Maps to add a giant cat. It was there one minute, then it was gone, leaping ba

Flash Pack Exploit Leads to New Family of Malware
TrendLabs | Malware Blog - by Trend Micro

We have been continuously monitoring the FlashPack exploit, especially with therecent attackwhich affected Japanese users. We recently looked at our Smart Protection Network feedback and found in a new development that majority of the infected systems of

Shellshock Exploits Targeting SMTP Servers at Webhosts
infosec « Tag Feed

SANS Internet Storm Center reports attacks against SMTP servers using Shellshock exploits to create

Facebook, Google, and the Rise of Open Source Security Software
Wired: Threat Level

Facebook, Google, and the Rise of Open Source Security Software

OSquery aims to identify attacks on the thousands of machines used

The "Dirty Dozen" SPAMPIONSHIP - who's got the biggest zombie problem?
SophosLabs blog

Our latest quarterly SPAMPIONSHIP charts are out, showing which countries have the most zombies, and therefore send the most spam. Take a look, and then ask yourself, "What can I do to help?" Simple: kill-a-zombie today!REMINDER: We Robot abstracts due Nov. 3
You Know What's Stupid? Everything I Don't Understand

Leadership Importance of research and probing questions
Harry Waldron - Microsoft MVP Blog


Insurance and Financial organizations Changing the Security Mindset
Harry Waldron - Microsoft MVP Blog


It's Not a Game - It's a Violation of Human Dignity
F-Secure Antivirus Research Weblog

Still don't set a passcode on your phone?

From Matthias Gafni and Malaika Fraley at the Contra Costa Times:

The California Highway Patrol officer accused of stealing nude photos from a DUI suspect's phone told investigators that h

How to Tell Data Leaks from Publicity Stunts
Krebs on Security

In an era when new consumer data breaches are disclosed daily, fake claims about data leaks are sadly becoming more common. These claims typically come from fame-seeking youngsters who enjoy trolling journalists and corporations, and otherwise wasting eve

A Simple Formula For Usable Risk Intelligence
infosec « Tag Feed

How infosec can cut through the noise and gain real value from cyberdata. from Dark Reading: http://

SSCC 171 - Are you SURE that "1234" is a bad password? [PODCAST]
SophosLabs blog

Here's the latest Chet Chat podcast for your listening pleasure... Enjoy.

TeamDigi7al US navy hacker sentenced to 2 years in jail
SophosLabs blog

One of the two leaders of the cyber criminal group known as Team Digi7al was last week sentenced to two years in federal prison for his role in breaking into the computer systems of a pretty random mix of targets. US Senate calls Whisper in for serious questioning on user tracking
infosec « Tag Feed

Following serious allegations brought up by the Guardian, the US Senate has a few privacy-related qu

Hackers Are Using Gmail Drafts to Update Their Malware and Steal Data
Wired: Threat Level

Hackers Are Using Gmail Drafts to Update Their Malware and Steal Data

In his career-ending extramarital affair that came to l

Placemeter monitors streets from apartment windows: time to don a mask?
SophosLabs blog

Placemeter wants window-owners to survey real-time traffic, while promising that all that data is aggregated and anonymized and won't be stored or shared. Should we relax?Arrests made after 'specialist malware' used in 1.6 million ATM heist
SophosLabs blog

"Specialist malware" allowed a gang of crooks to empty the cash machines of large amounts of money, averaging over 30,000 per machine. Now, the police have made three arrests in connection with the incidents.Phishers Improve Scheme With Spoofed Google Drive Site
TrendLabs | Malware Blog - by Trend Micro

Cybercriminals and attackers are leveraging Google Drive site and brand to go under the radar and avoid detection. Just last week, a targeted attack uses Google Drive as a means into getting information from its victims. This time, phishers are usingamodi

Explaining infosec magic to kids
infosec « Tag Feed

Magic! Its the basis for countless childrens stories filled with adventure and excitement. Its al

FTC takes down fake support scammers, upbeat about getting consumers money back [POLL]
infosec « Tag Feed

Just paying the money back isn’t really a punishment for fake support call scammers. So, what

Mozilla Firefox 32.0.2 Released with Critical Security Update
Security Garden

No evidence feds hacked Attkisson
Errata Security

Former CBS journalist Sharyl Attkisson is coming out with a book claiming the government hacked her computer in order to suppress reporting on Benghazi. None of her "evidence" is credible. Instead, it's bizarre technobabble. Maybe her book is better,

all content is copyright its respective owner or owners.

the technology behind infosec daily is partially copyright © 2003-2008 jose nazario.