Last updated:
Wed Jan 28 17:24:14 2015 GMT
  2014 FIRST Annual Conference in Boston - Register now

InfoWorld Gripe Line | Ed Foster
Caffeinated Security
Mark's Blog
Latest Blog Entires From WebSense Security Labs
Liudvikas Bukys
MVP Jubo Security Blog
Carnal0wnage Blog
The Microsoft Security Response Center Blog
In-Security : Exploring Internet, Information and Infrastructure Security
Windows Incident Response
Fred Avolio's Musings
The Security Mentor
Krebs on Security
Steve Lamb's Blog : How to Articles
Deb Shinder's MVP Blog Security Weblog
ThreatFire Research Blog
Andrew Carpenter
blackhat for life
Page Not Found - ASP.NET Weblogs
Service Provider Journal
MZL & Novatech Traffic & Bandwidth Statistics News
George Ou
A Bro Blog
CERIAS Weblogs
LuFG Summerschool Applied IT Security
Vastly Important Notes
Bowulf Infosec & Network Admin Blog
Norwegian Honeynet Project
IBM Internet Security Systems Frequency X Blog
SecuriTeam Blogs
Infosec Events
Anton Chuvakin, O'Reilly Network
Anti Rootkit Blog
Network Security Blog
The Day Before Zero
-- Sleeve notes of a sysadmin --
Internet Security with Kirk
Internet Insecurity
Pinpoint Labs Blog
The Dark Visitor
Kasun's Weblog
Anti-Malware Engineering Team
Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
BufferOverrun : Security
fes' WebLog
McAfee Avert Labs
1 Raindrop
Xavier's Security Post
An Information Security Place
Speaking of Security, the RSA Blog and Podcast
Alert Logic
Sunbelt Blog
Casper Dik's Weblog
New Directions in Security (Comments)
Internet Security News and Analysis
Windows Security Logging and Other Esoterica
Roger's Information Security Blog
Fixing Email Weblog
Kaspersky Lab Weblog
Fabulous Adventures In Coding : Security
Technology Review Feed - TR Editors' Blog
Security Sauce
Computing Research Policy Blog
DoxPara Research
MSDN: Security Your Web Site and Application Security Resource
ModSecurity Blog
Spire Security Viewpoint
Security Curve Weblog
Security and Technology for SMB's and SOHO's
Dana Epp's ramblings at the Sanctuary
You Know What's Stupid? Everything I Don't Understand
Sergey Simakov blog
Attack Research
HD DVD / Randomness... : Security
Solution Accelerators - Security & Compliance
Tim Rains' WebLog
Security Manifest
Greyhat of the World Unite...
Information Research
The Security Skeptic
Emergent Chaos
The Evil Empire
Digital ID World Editors Corner
Hex blog
Will Cox: Security
Crypto-World - news
Infosec Writers Latest Security Papers
disLEXia 3000 blog
Kimberly L. Tripp: Improving *my* SQL skills through your questions! - Security
Information Security News Desk
Glenn Brunette's Security Weblog
Anil John - Security
Vulnerability Analysis Blog
The Importance of...
Network Security
darren_moffat@blog$ cat /dev/mem | grep /dev/urandom
Rick Kingslan - Will Hack 4 Food
-- Sleeve notes of a sysadmin --
Wifi Security Project
Abner Stories
Latest Blog Entires From WebSense Security Labs
cybercrime/-security sightings
Security Garden
Politically Motivated Computer Crime and Hacktivism
The Security Mentor
Sorry! We couldn't find your document
Page Not Found - ASP.NET Weblogs
Infosec Potpourri
Latests Alerts From Websense Security Labs
Aaron Margosis' "Non-Admin" WebLog
Federated Infrastructure : Security
The X Dot Com Inc. - 404 Wrong Page
Page Not Found - ASP.NET Weblogs
Wired: Threat Level
Sam Gentile
Cynical Security
Tenable Network Security
Security Soapbox
Burton Group Page Not Found
Sorry! We couldn't find your document
Mark O'Neill's Radio Weblog
TrendLabs | Malware Blog - by Trend Micro
CyberSpeak's Podcast
When {Puffy} Meets ^RedDevil^
Financial Cryptography
Larry Osterman's WebLog : Security
Page Not Found - ASP.NET Weblogs
Page Not Found - ASP.NET Weblogs
Solution Accelerators - Security & Compliance Justin Mason's Weblog
OpenPacket Blog
SophosLabs blog - A Revolution is the Solution
eEye Digital Security - Research Blog
Stupid Security
Security Notes
Cheap Hack
Fermats Security Alerts
The Security Skeptic
About Internet / Network Security
Michael Howard's Web Log
Panda Research Blog
Paul's Down-Home Page: Exchange, messaging, collaboration, security, and more
Spam Filtering Techniques
Sorry! We couldn't find your document
Small Business Server
Bkis Blog
infosec « Tag Feed
netstat -a
Windows Shell/User (MSN & OneCare Too)
CyberCrime & Doing Time
The Security Blanket
Casper Dik's Weblog
F-Secure Antivirus Research Weblog
Security Fix
The Antivirus Guy Blog
Realtime Community | IT Compliance
Nth world commentaries
b l o g _ m a x i m u m
darren_moffat@blog$ cat /dev/mem | grep /dev/urandom
Bill Sommerfeld's Weblog
APB Infosec blog
Security Fix
Errata Security
Security Watch
Glenn Brunette's Security Weblog Blog
Security Blanket
Jim's Bloggyness
Roger Thompson
-- Sleeve notes of a sysadmin --
Freedom to Tinker
worm blog
torsten's .NET blog - Security
trimMail's Email Battles
Educated Guesswork
Thomas Shinder Blog
Matasano Chargen
Martin Englund's Weblog
Page Not Found - ASP.NET Weblogs
The Security Development Lifecycle
Arun Perinkolam's Weblog
::PepperTech:: Security Management News Blog
Usable Security
Security Blog
Lauren Weinstein's Blog - Technology, Software Development, Project Management, Marketing News
Essential Computer Security
Schneier on Security
A Day in the Life of an Information Security Investigator
Dan Anderson's Weblog
Robert Hensing's Blog
Eugene Bobukh's WebLog
1 Raindrop
Page Not Found - ASP.NET Weblogs
404 - Not Found
Volatile Systems
The WiFi Zone
The ICSI Networking Group Blog
.NET Security Blog
Static in the Ether
Security to the Core | Arbor Networks Security Blog
Larry's Insecurity Blog
Harry Waldron - Microsoft MVP Blog
Larry Seltzer's Security Weblog
National Cyber Security - Blogs
Adobe Product Security Incident Response Team (PSIRT)
: 404 Not Found
Errata Security
Kim Cameron's Identity Weblog
Michael Howard's Web Log : Security
Security Response Weblog
Information Security News Desk
Draft Security Blog
Information Manager Journal
Wendy's Blog: Legal Tags
Phil Windley's Technometria
Latest Analysis for All Threats
Andreas Sterbenz's Blog
Daemon on Security
John Palfrey
Network Security Blog
StillSecure, After All These Years
January 28, 2015

Adobe Begins Auto-Update Patching of Second Flash Player Zero Day
infosec « Tag Feed

Adobe on Saturday began patching a zero-day vulnerability in Flash Player for auto-update users, exp

Some notes on GHOST
Errata Security

I haven't seen anybody compile a list of key points about the GHOST bug, so I thought I'd write up some things. I get this from reading the code, but mostly from the advisory.

Facebook vs 25,000 users - privacy class action lawsuit has initial hearing date set
SophosLabs blog

An Austrian court has given the go ahead to a class action lawsuit brought against Facebook for alleged privacy violations across Europe.

Seven Reasons the New GOP Bill Will Not Give Us Net Neutrality
You Know What's Stupid? Everything I Don't Understand

FBI: Businesses Lost $215M to Email Scams
Krebs on Security

Its time once again to update my Value of a Hacked Email Account graphic: According to a recent alert from the FBI, cyber thieves stole nearly $215million from businesses in the last 14 months usinga scam that starts when business executives or emp

Upcoming update in sqlcutie 1.8.1
infosec « Tag Feed

Admittedly I havent touched this project for a while. However there is going to be quite an u

No, Department of Justice, 80 Percent of Tor Traffic Is Not Child Porn
Wired: Threat Level

The debate over online anonymity, andall the whistleblowers

The "Dirty Dozen" SPAMPIONSHIP: Who's the biggest? Who's the worst?
SophosLabs blog

We take our quarterly dive into the SophosLabs spamtrap logs to find out who sends the most spam. Six countries made it onto our "worst per person" chart for the first time in a year...find out if you were one of them.

Ubisoft yanks keys for online games purchased via unauthorised parties
SophosLabs blog

Far Cry 4 and other games disappeared over the weekend, leaving a trail of ex-Ubisoft fans in their wake, stripped of games Ubisoft thinks were "fraudulently" bought on third-party sites.

Bughunter cracks "absolute privacy" Blackphone - by sending it a text message
SophosLabs blog

Serial bughunter Mark Dowd found a hole where it *really* wasn't wanted. In the text messaging software on the "absolute privacy" Blackphone...

Subconscious Keys
Schneier on Security

Open source software for quantum information
infosec « Tag Feed

NIST has partnered with the private sector to develop the next-generation open source control softwa

Not So Spooky: Linux Ghost Vulnerability
TrendLabs | Malware Blog - by Trend Micro

Researchers at Qualys have found a vulnerability in the GNU C Library (alternately known as glibc), which can be used to run arbitrary code on systems running various Linux operating systems. The vulnerability (assigned as CVE-2015-0235) has been dubbed G

ISC StormCast for Monday, January 26th 2015, (Mon, Jan 26th)
infosec « Tag Feed

(more) from SANS Internet Storm Center, InfoCON: yellow via IFTT

CVE-2015-0016: Escaping the Internet Explorer Sandbox
TrendLabs | Malware Blog - by Trend Micro

Part of this Januarys Patch Tuesday releases was MS15-004, which fixed a vulnerability that could be used in escalation of privilege attacks. I analyzed this vulnerability (designated as CVE-2015-0016) because it may be the first vulnerability in t

Adobe gets second Flash zero-day patch ready 2 days early!
infosec « Tag Feed

Good news from Adobe about CVE-2015-0311, the unpatched zero-day in Flash. The patch is now ready vi

Taylor Swift's Twitter and Instagram accounts hacked
SophosLabs blog

Hackers briefly got control of the Twitter and Instagram accounts of Taylor Swift, the Grammy-winning American pop-star, creating a stir on social media. Here's how to make sure your accounts are safe!

Seminar on the Law of the Newly Possible
You Know What's Stupid? Everything I Don't Understand

January 27, 2015

A note about this 'cyber' thing...
infosec « Tag Feed

I know quite a few people – hackers mostly – who get quite snarky and condescending over

Spanish Copyright Reform Enters into Force: Special Focus on Online Intermediaries
You Know What's Stupid? Everything I Don't Understand

You shouldn't be using gethostbyname() anyway
Errata Security

Today's GHOST vulnerability is in gethostbyname(), a Sockets API function from the early 1980s. That function has been obsolete for a decade. What you should be using is getaddrinfo() instead, a new function that can also handle IPv6.

Mouse-Box An Entire Computer inside a Mouse
infosec « Tag Feed

Smartphones in our pockets are exponentially smaller and more powerful that they don’t realize

Apple fixes Thunderstrike and 3 Project Zero bugs in OS X 10.10.2 Yosemite
SophosLabs blog

The latest OS X beta, version 10.10.2, is in the hands of developers and hints that users will soon be getting fixes for the devilish Thunderstrike vulnerability and 3 Project Zero bugs.Police Using Radar that Sees Through Walls
Schneier on Security

Low Hanging Fruit: Flash Player
F-Secure Antivirus Research Weblog

Flash Player version is now available.


<span class=Infocon change to yellow for Adobe Flash issues, (Fri, Jan 23rd)
infosec « Tag Feed

We have decided to change the Infocon 1to yellow in order to bring attention to the mu …(more)

Yet Another Emergency Flash Player Patch
Krebs on Security

For the second time in a week, Adobe has issued an emergency update to fix critical security flaws that crooks are actively exploiting in its Flash Player software. Updates are available for Flash Player on Windows and Mac OS X. Last week, Adobe released

How the Obamacare website leaks private data
infosec « Tag Feed, the US insurance exchange website that is a central component of Obamacare (the Affo

Pale Moon Minor Update to Version 25.2.1
Security Garden

Google asked to muzzle Waze 'police-stalking' app
SophosLabs blog

US police are typically the ones to surveil, not the other way around, as Google's crowd-sourced, police-mapping traffic app is doing. Now sheriffs are asking Google to pull the plug on it. Lizard Squad took down Facebook and Instagram! Believe it! Or not...
SophosLabs blog

The hacking-and-cracking crew known as Lizard Squad tweeted that Facebook and Instagram were down. Before you could say, "But we don't crash EVER," that had turned into "Lizard Squad did it"...Italian Court Decides an Important Case on Liability of Video-sharing Platforms
You Know What's Stupid? Everything I Don't Understand

The IDEA Encryption Algorithm with a 128-bit Block Length
Schneier on Security

Why Russia Hacks
infosec « Tag Feed

Conventional wisdom holds that Russia hacks primarily for financial gain. But equally credible is th

Silicon Valley Has Lost Its Way. Can Skateboarding Legend Rodney Mullen Help It?
Wired: Threat Level

Silicon Valley Has Lost Its Way. Can Skateboarding Legend Rodney Mullen Help It?

More than 30 years after he invented most o

Pinterest to sell ads based on what you're thinking of buying
SophosLabs blog

Been pinning pictures of fancy kitchens? Well, isn't that interesting, says every appliance maker on the planet.Are Social Media Bots Good?

I found it really eye-opening to read Nick Biltons article Phony Friends, Real Profit which appeared on page E2 of The New York Times of November 20, 2014, and seems to be in favor of using bots to represent fakes. Either Bilton was writing with his tongu

DMARC: The time is right for email authentication
infosec « Tag Feed

It is a rare thing to be given the opportunity to right a historic wrong. The root of essentially ev

Why leaving a shared device unprotected is dangerous
infosec « Tag Feed

According to a survey jointly executed by B2B International and Kaspersky Lab, 32 per cent of respon

all content is copyright its respective owner or owners.

the technology behind infosec daily is partially copyright © 2003-2008 jose nazario.