Last updated:
Sun Dec 21 23:23:09 2014 GMT
  2014 FIRST Annual Conference in Boston - Register now

Wifi Security Project
Crypto-World - news
Infosec Potpourri
Security Curve Weblog
Volatile Systems
Glenn Brunette's Security Weblog
Casper Dik's Weblog
The Security Mentor
Internet Security News and Analysis
Andreas Sterbenz's Blog
Static in the Ether
eEye Digital Security - Research Blog
Security to the Core | Arbor Networks Security Blog
Robert Hensing's Blog
When {Puffy} Meets ^RedDevil^
Glenn Brunette's Security Weblog
Cheap Hack
Aaron Margosis' "Non-Admin" WebLog
Infosec Events
Nth world commentaries
Infosec Writers Latest Security Papers
A Day in the Life of an Information Security Investigator
The Security Blanket
Internet Insecurity
disLEXia 3000 blog
Norwegian Honeynet Project
Windows Security Logging and Other Esoterica
Politically Motivated Computer Crime and Hacktivism
Matasano Chargen - Technology, Software Development, Project Management, Marketing News
Information Security News Desk
Security Blanket
1 Raindrop
Roger Thompson
Xavier's Security Post
You Know What's Stupid? Everything I Don't Understand
Sam Gentile
Freedom to Tinker
Internet Security with Kirk
worm blog
Sorry! We couldn't find your document
John Palfrey
HD DVD / Randomness... : Security
An Information Security Place
Security Fix
Tim Rains' WebLog
Security Response Weblog
Jim's Bloggyness
Page Not Found - ASP.NET Weblogs
Bill Sommerfeld's Weblog
Hex blog
trimMail's Email Battles
Lauren Weinstein's Blog
Information Security News Desk
Kasun's Weblog
Windows Shell/User (MSN & OneCare Too)
CyberCrime & Doing Time
SophosLabs blog
Fixing Email Weblog
Michael Howard's Web Log : Security
Harry Waldron - Microsoft MVP Blog
Educated Guesswork
Security Garden
Thomas Shinder Blog
Solution Accelerators - Security & Compliance
Anti Rootkit Blog
Anton Chuvakin, O'Reilly Network
Page Not Found - ASP.NET Weblogs
netstat -a
-- Sleeve notes of a sysadmin --
Page Not Found - ASP.NET Weblogs
fes' WebLog
Will Cox: Security
Computing Research Policy Blog
In-Security : Exploring Internet, Information and Infrastructure Security
The ICSI Networking Group Blog
b l o g _ m a x i m u m
Security Fix
Spire Security Viewpoint
Mark O'Neill's Radio Weblog
Kaspersky Lab Weblog
Pinpoint Labs Blog
McAfee Avert Labs
The WiFi Zone
Service Provider Journal
Wendy's Blog: Legal Tags
The Security Skeptic
Michael Howard's Web Log
Burton Group Page Not Found
Latest Blog Entires From WebSense Security Labs
darren_moffat@blog$ cat /dev/mem | grep /dev/urandom
Federated Infrastructure : Security
Stupid Security
Alert Logic
Mark's Blog
Abner Stories
Latests Alerts From Websense Security Labs
Kim Cameron's Identity Weblog
blackhat for life
Attack Research
Sunbelt Blog
MVP Jubo Security Blog
TrendLabs | Malware Blog - by Trend Micro
IBM Internet Security Systems Frequency X Blog
Errata Security
Rick Kingslan - Will Hack 4 Food
Dan Anderson's Weblog
Wired: Threat Level
Fred Avolio's Musings
-- Sleeve notes of a sysadmin --
Schneier on Security
CyberSpeak's Podcast
National Cyber Security - Blogs
Phil Windley's Technometria
APB Infosec blog
Krebs on Security
OpenPacket Blog
darren_moffat@blog$ cat /dev/mem | grep /dev/urandom
Technology Review Feed - TR Editors' Blog
Page Not Found - ASP.NET Weblogs
Paul's Down-Home Page: Exchange, messaging, collaboration, security, and more
infosec « Tag Feed
Spam Filtering Techniques
Security Watch
CERIAS Weblogs
The Evil Empire
Vulnerability Analysis Blog
Roger's Information Security Blog
The Day Before Zero
The X Dot Com Inc. - 404 Wrong Page
ModSecurity Blog
Fermats Security Alerts
Financial Cryptography
Security Manifest
The Security Development Lifecycle
::PepperTech:: Security Management News Blog
Information Manager Journal
Sorry! We couldn't find your document
Essential Computer Security
Errata Security
Speaking of Security, the RSA Blog and Podcast
Casper Dik's Weblog
SecuriTeam Blogs
: 404 Not Found
Security Soapbox
404 - Not Found
Windows Incident Response
Arun Perinkolam's Weblog
The Security Skeptic
Caffeinated Security
Network Security
Small Business Server
.NET Security Blog Blog
ThreatFire Research Blog Justin Mason's Weblog
Adobe Product Security Incident Response Team (PSIRT)
Anti-Malware Engineering Team
Anil John - Security
Eugene Bobukh's WebLog
Draft Security Blog
Security Blog
MSDN: Security
StillSecure, After All These Years
New Directions in Security (Comments)
The Security Mentor
Dana Epp's ramblings at the Sanctuary
Greyhat of the World Unite...
Latest Analysis for All Threats
Page Not Found - ASP.NET Weblogs
Emergent Chaos
The Antivirus Guy Blog
Fabulous Adventures In Coding : Security
Daemon on Security
LuFG Summerschool Applied IT Security
torsten's .NET blog - Security
Tenable Network Security
cybercrime/-security sightings
Carnal0wnage Blog
Latest Blog Entires From WebSense Security Labs
BufferOverrun : Security
Steve Lamb's Blog : How to Articles
Security and Technology for SMB's and SOHO's Your Web Site and Application Security Resource
F-Secure Antivirus Research Weblog
Martin Englund's Weblog
Sergey Simakov blog
Security Sauce
MZL & Novatech Traffic & Bandwidth Statistics News
Larry Seltzer's Security Weblog
The Importance of...
Panda Research Blog
SYN|ACK - A Revolution is the Solution
Information Research
Network Security Blog
Digital ID World Editors Corner
Larry's Insecurity Blog
A Bro Blog
Larry Osterman's WebLog : Security
Bowulf Infosec & Network Admin Blog
Cynical Security
Security Notes
Realtime Community | IT Compliance
About Internet / Network Security
InfoWorld Gripe Line | Ed Foster
Sorry! We couldn't find your document
Andrew Carpenter
Usable Security
Bkis Blog
Page Not Found - ASP.NET Weblogs
Liudvikas Bukys
Volatility Security Weblog
Kimberly L. Tripp: Improving *my* SQL skills through your questions! - Security
The Dark Visitor
The Microsoft Security Response Center Blog
1 Raindrop
DoxPara Research
Vastly Important Notes
Solution Accelerators - Security & Compliance
George Ou
Network Security Blog
-- Sleeve notes of a sysadmin --
Page Not Found - ASP.NET Weblogs
Deb Shinder's MVP Blog
Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
December 21, 2014

OneRNG -- open source design for your random numbers
Financial Cryptography

Paul of Moonbase has put a plea onto kickstarter to fund a run of open RNGs. As we all know, having good random numbers is one of those devilishly tricky open problems in crypto. I'd encourage one and all to click and contribute. For what it's worth, in m

Millions Of Android Phones In China Have Backdoor
infosec « Tag Feed

An Android backdoor is the topic of one of two advisories this week on mobile threats. from Dark Rea

Ask a nerd
Errata Security

One should probably consult a lawyer on legal questions. Likewise, lawyers should probably consult nerds on technical questions. I point this out because of this

December 20, 2014

Crossing the Streams in Suricata

At it’s core, Suricata is a packet processor. It reads packets and pushes them through a configurable pipeline. The 2nd most important processing unit in Suricata is the flow. In Suricata we use the term flow for the bidirectional flows …

'Grinch' Bug May Affect Most Linux Systems
infosec « Tag Feed

But newly discovered vulnerability not as urgent as previous open-source bug disclosures. from Dark

ICANN Hacked Including Root DNS Systems
infosec « Tag Feed

from Darknet – The Darkside via IFTTT

Yes, ICANN keep your data safe...oops, sorry, no I can't - 60 Sec Security [VIDEO]
SophosLabs blog

Time for the latest episode of our weekly 60 Second Security video! The news, in just one minute...enjoy.New Year's Resolution: Be better at blogging
You Know What's Stupid? Everything I Don't Understand

Manufacturers Backdoor Found on Popular Chinese Android Smartphone
infosec « Tag Feed

Chinese smartphones from Coolpad contain a backdoor, dubbed CoolReaper by Palo Alto researchers, is

Is the polkit Grinch Going to Steal your Christmas?, (Wed, Dec 17th)
infosec « Tag Feed

Alert Logic published a widely publizised blog outlining a common configuration problem with Polk

Sony hack was the work of SPECTRE
Errata Security

The problem with hacking is that people try to understand it through analogies with things they understand. They try to fit new information into old stories/tropes they are familiar with. This doesn't work -- hacking needs to be understood in its own term

all content is copyright its respective owner or owners.

the technology behind infosec daily is partially copyright © 2003-2008 jose nazario.