|
Hacked E-Mails Fuel Global Warming Debate
Wired: Threat Level
An online debate over global warming science has broken out
after an unknown hacker broke into the email server at a
prominent, U.K. climate research center, stole more than a
thousand e-mails about global warming research and posted them
online. Global w
Alpha Software disclosure leads to confusion
Security Fix
A few days ago, Security Fix heard from a
reader who received a breach notification so casual in tone
that he asked me to verify whether it was for real.
Firefox Vulnerabilities: Souvenirs of Windows 95
CERIAS Weblogs
FailBlog on Security
Schneier on Security
Funny: career
fair fail.
Interview with Me
Schneier on Security
Yet another
interview with me. This one is audio, and was conducted in
Rotterdam in October.
Alpha Software disclosure leads to confusion
Security Fix
A few days ago, Security Fix heard from a reader who received a
breach notification so casual in tone that he asked me to
verify whether it was for real. Sure enough, Burlington,
Mass.-based database application company Alpha Software Inc.
recently told c
None
None
Forefront TMG RTM Overview Interview
Thomas Shinder Blog
With the RTM of Forefront Threat Management Gateway (TMG),
David Cross tells us about what's new and gives some real-world
examples of how Microsoft IT has benefited from TMG over ISA
2006. He also discusses the following: Why TMG only
utilizes Mi
BranchCache and TMG Interoperability
Thomas Shinder Blog
There are two main scenarios for the interoperability of
Forefront TMG and BranchCache: Forefront TMG and BranchCache
are deployed on the same host. For a description of this
scenario, see Forefront TMG and BranchCache Hosted Cache
deployed on the same h
Hex-Rays Plugin Contest
Hex blog
We are glad to announce the results of our first plugin
contest! For the contest rules, please check this page:
http://www.hex-rays.com/contest.shtml
Or you may directly go to the contes
Curiosity as a Malicious PDF
McAfee Avert Labs
What would you do if you saw in your inbox, an email with a PDF
named, U.S. ship thwarts second pirate attack November 18,
2009.pdf? Would the title pique your curiosity? Hopefully not
enough for you open the document! The PDF is the latest in the
ugly li
COFEE Break Turns Messy
McAfee Avert Labs
A common challenge of cybercrime investigations is the need to
conduct forensic analysis on a computer before it is powered
down and restarted. As some active system processes and network
data are volatile and may be lost after the computer is turning
off
Contrarianism on Sequoia's Disclosed Source Voting System
Educated Guesswork
Secure Audit Logging Class
1 Raindrop
Yesterday, I debuted a new software security training class on
Secure Audit Logging, this is a class aimed developers,
architects and security people. There are a lot of products out
there that help enterprises manage logs for PCI compliance and
such, but
Denial-of-Service Attack Against CALEA
Schneier on Security
Interesting:
The researchers say they've found a vulnerability in U.S. law
enforcement wiretaps, if only theoretical, that would allow a
surveillance target to thwart the aut
RedTeam@TV: Dangerous Online Banking
RedTeam
RedTeam is on TV again: Sunday, 22. November 2009, SAT1
Planetopia: Gefhrliches Onlinebanking (Dangerous Online
Banking) Online banking is still a hot topic, with all the new
systems cropping up after the traditional PIN/TAN and the more
recent PIN/iTAN (
Learn: Windows 7 Multi-Touch Overview
MSDN: Security
Watch Reed Townsend and Yochay Kiriaty as they explore
multi-touch in Windows 7. They will cover basic out-of-the-box
support for legacy applications, as well as for applications
optimized for multi-touch, and explain the "Good, Better, and
Best" programm
Get the SQL Server 2008 R2 November CTP
MSDN: Security
SQL Server 2008 R2 delivers several breakthrough capabilities
that will enable your organization to scale database operations
with confidence, improve IT and developer efficiency, and
enable highly scalable and well-managed business intelligence
on a self
Job Spam Uses Twitter
TrendLabs | Malware Blog - by Trend Micro
TrendLabs researchers were alerted to the discovery of spammed
messages thatcontained Twitter URLs.The spam uses subjects such
as N3 Earn Extra Income! 7L, C2 Exrtra Income Daily 4P, and Q0
$$$ Oppurtunity 6O. It informs users about supposed
work-from-hom
None
None
None
Introducing the InfoSec Assessment & Protection Suite
The Security Development Lifecycle
None
Feds Charge Three With Comcast.net Hijacking
Wired: Threat Level
Three alleged members of the hacker gang Kryogeniks were hit with a federal conspiracy charge Thursday for a 2008 stunt that replaced Comcast’s homepage with a shout-out to other hackers.
Prosecutors identified Christopher Allen Lewis, 19, and Ja
A Molecular Machine in Action
Technology Review Feed - TR Editors' Blog
X-ray imaging reveals a motor-like biological protein at work.
FDA targets rogue Internet pharmacies
Security Fix
The U.S. Food and Drug Administration is pressuring a number of Internet service providers to shut off nearly 12 dozen Web sites alleged to be selling counterfeit or unapproved prescription drugs.
FDA targets rogue Internet pharmacies
Security Fix
The U.S. Food and Drug Administration is pressuring a number of Internet service providers to shut off nearly 12 dozen Web sites alleged to be selling counterfeit or unapproved prescription drugs. The FDA's office of criminal investigations said it sent 2
Copyright Czar Vote Heads to Full Senate
Wired: Threat Level
The Senate Judiciary Committee unanimously approved Victoria Espinel’s nomination Thursday, paving the way for a full Senate vote to confirm the nation’s first copyright czar.
No Senate vote date was set immediately for a nominee who was appla
Health Insurer Loses 1.5 Million Patient Records
Wired: Threat Level
A health insurer lost 1.5 million patient records last May but waited six months to disclose the incident.
The data, which was stored on a portable disk drive that disappeared from the insurer’s office, was unencrypted and included patient Social Se
Judge Calls Bull on Psycho-Acoustic Beatles Covers
Wired: Threat Level
A federal judge dealt what may be a death blow to a Santa Cruz company marketing Beatles music and other tunes as 25-cent downloads, despite the company’s claim that the tracks were computer-generated cover versions produced by a process called R
Koobface, new promises?
SophosLabs blog
Koobface started life compromising Twitter accounts. It then diversified to attack various social networking sites including Facebook, MySpace, Bebo, hi5, GeoCities, Friendster among the prominent ones.
Recently I came across what could possibly be the ne
Chrome Browser Is Coming to Mac and Linux
Technology Review Feed - TR Editors' Blog
Google expects to make announcements before the end of the year.
A Taxonomy of Social Networking Data
Schneier on Security
At the Internet Governance Forum in Sharm El Sheikh this week, there was a conversation on social networking data. Someone made the point that there are several different types of data, and it would be useful to separate them. This is my taxonomy of
Computer Glitch Grounds Air Traffic
Wired: Threat Level
An unspecified computer glitch is being cited as the cause for commercial flights being canceled or temporarily delayed on Thursday.
The glitch was related to a key Federal Aviation Administration flight-processing system, according to ABC News. The probl
UK Confused About Piracy
Emergent Chaos
According to BoingBoing, "Leaked UK government plan to create "Pirate Finder General" with power to appoint militias, create laws:" What that means is that an unelected official would have the power to do anything without Parliamentary oversight or debate
Health Care Providers to Self-Police Themselves on Privacy Harm
Logblog
In an article that hit the web this week, a new DHHS rule is purported to allow health care providers to determine if their privacy breaches have caused any harm. While I understand the nature of assigning the reporti
Malicious Java Applet attack surfaces as Carrie PreJean video
McAfee Avert Labs
McAfee has observed various spam runs exploiting the sensational Carrie Prejean news. The Carrie Prejean video is rapidly becoming one of the most searched topics on the net ever since the existence of the tape became common knowledge.
Source: Google Tre
Stabbing People with Stuff You Can Get Through Airport Security
Schneier on Security
"Use of a pig model to demonstrate vulnerability of major neck vessels to inflicted trauma from common house
Call for Papers: CARO2010 Workshop
F-Secure Antivirus Research Weblog
F-Secure is organizing the next CARO Technical Workshop. It will be held in the end of May in Helsinki, Finland. Previous workshops have been in Iceland, The Netherlands and Hungary.
Call for Papers is open. We're looking for technical p
Sports Doping Drugs Available Online
Technology Review Feed - TR Editors' Blog
Drugs not yet approved for medical use are easily accessible online to cheating athletes.
Tomorrow's spam - today
Kaspersky Lab Weblog
None
Fake Blogs Lead to FAKEAV
TrendLabs | Malware Blog - by Trend Micro
Media reports have revealed the existence of fake blogs that were used to spread FAKEAV malware. The blogs do not actually contain any useful content. Instead, they have posts that contain nothing but images with post titles that use a wide variety of top
Deception in Post-Transaction Marketing
BenEdelman.org
Post-transaction marketers have attracted criticism for solicitations that tend to deceive consumers. Offers often promise a savings or discount while actually charging customers on an ongoing basis. Offers often appear while customers are finishing the
|
