Last updated:
Tue Jul 28 19:23:30 2015 GMT
  2014 FIRST Annual Conference in Boston - Register now


Blogroll
Page Not Found - ASP.NET Weblogs
Fabulous Adventures In Coding : Security
Security Response Weblog
Bill Sommerfeld's Weblog
Larry's Insecurity Blog
Security Sauce
Draft Security Blog
Schneier on Security
Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
bIPlog
Windows Security Logging and Other Esoterica
Steve Lamb's Blog : How to Articles
Computing Research Policy Blog
Panda Research Blog
Information Research
Volatility
Security to the Core | Arbor Networks Security Blog
Educated Guesswork
Carnal0wnage Blog
turnipsecurity
Norwegian Honeynet Project
Roger's Information Security Blog
The Evil Empire
Essential Computer Security
The Importance of...
Andreas Sterbenz's Blog
Usable Security
Mark's Blog
BlogInfoSec.com
Thomas Shinder Blog
Solution Accelerators - Security & Compliance
KyleM.xwell
SYN|ACK
SecuriTeam Blogs
darren_moffat@blog$ cat /dev/mem | grep /dev/urandom
In-Security : Exploring Internet, Information and Infrastructure Security
The Security Mentor
Realtime Community | IT Compliance
John Palfrey
Politically Motivated Computer Crime and Hacktivism
Network Security
CGISecurity.com: Your Web Site and Application Security Resource
securosis.com
Pinpoint Labs Blog
Rick Kingslan - Will Hack 4 Food
Internet Security News and Analysis
CERIAS Weblogs
Financial Cryptography
Bowulf Infosec & Network Admin Blog
Security Blanket
Roger Thompson
Windows Shell/User (MSN & OneCare Too)
Error!
PandaLabs
Errata Security
Fixing Email Weblog
NetSec
Bkis Blog
blackhat for life
Crypto-World - news
The Antivirus Guy Blog
Cynical Security
The Security Blanket
mcwresearch.com
Page Not Found - ASP.NET Weblogs
honeyblog
About Internet / Network Security
Security Garden
APB Infosec blog
Infosec Events
Deb Shinder's MVP Blog
eEye Digital Security - Research Blog
BufferOverrun : Security
F-Secure Antivirus Research Weblog
ThreatFire Research Blog
Dan Anderson's Weblog
Sergey Simakov blog
Vulnerability Analysis Blog
Page Not Found - ASP.NET Weblogs
NI3
Information Manager Journal
LuFG Summerschool Applied IT Security
Martin Englund's Weblog
Open-Node.net Security Weblog
whattheflex
You Know What's Stupid? Everything I Don't Understand
Sunbelt Blog
.NET Security Blog
Security Curve Weblog
The Security Skeptic
Jim's Bloggyness
Nth world commentaries
Glenn Brunette's Security Weblog
The Microsoft Security Response Center Blog
Lasipalatsi
Larry Osterman's WebLog : Security
1 Raindrop
An Information Security Place
The ICSI Networking Group Blog
Infothought
Napsterization
StillSecure, After All These Years
Cybercrime
Casper Dik's Weblog
Cheap Hack
Freedom to Tinker
Solution Accelerators - Security & Compliance
antlab
Technology Review Feed - TR Editors' Blog
weblog.cemper.com - Technology, Software Development, Project Management, Marketing News
Latest Analysis for All Threats
Emergent Chaos
Security Notes
BenEdelman.org
Vastly Important Notes
: 404 Not Found
Logblog
Kaspersky Lab Weblog
Inliniac
Sorry! We couldn't find your document
Spire Security Viewpoint
OSVDB Blog
Fermats Security Alerts
darren_moffat@blog$ cat /dev/mem | grep /dev/urandom
Aaron Margosis' "Non-Admin" WebLog
DISOG
Infosec Writers Latest Security Papers
Security
Information Security News Desk
TheSecure.Net
websecurityblog
Internet Insecurity
Ivan
Robert Hensing's Blog
CyberCrime & Doing Time
Vodun.org
Page Not Found - ASP.NET Weblogs
Tim Rains' WebLog
Daemon on Security
MZL & Novatech Traffic & Bandwidth Statistics News
b l o g _ m a x i m u m
Security Manifest
::PepperTech:: Security Management News Blog
Attack Research
Digital ID World Editors Corner
chandanlog(3C)
Security and Technology for SMB's and SOHO's
The Security Development Lifecycle
netstat -a
Page Not Found - ASP.NET Weblogs
Casper Dik's Weblog
Matasano Chargen
Security Soapbox
Liudvikas Bukys
Network Security Blog
Anton Chuvakin, O'Reilly Network
Lauren Weinstein's Blog
Kimberly L. Tripp: Improving *my* SQL skills through your questions! - Security
Page Not Found - ASP.NET Weblogs
Mal-Aware.org
Service Provider Journal
Wendy's Blog: Legal Tags
Paul's Down-Home Page: Exchange, messaging, collaboration, security, and more
Hex blog
1 Raindrop
worm blog
Kasun's Weblog
The Dark Visitor
IBM Internet Security Systems Frequency X Blog
invulnerableit.com Blog
Alert Logic
New Directions in Security (Comments)
Latest Blog Entires From WebSense Security Labs
Sam Gentile
Dana Epp's ramblings at the Sanctuary
The Security Skeptic
Harry Waldron - Microsoft MVP Blog
Security Watch
Internet Security with Kirk
The Security Mentor
Information Security News Desk
REblog
Latest Blog Entires From WebSense Security Labs
GPL
Volatile Systems
Anil John - Security
OSSEC Blog
Stupid Security
404 - Not Found
fes' WebLog
HD DVD / Randomness... : Security
Spam Filtering Techniques
InfoWorld Gripe Line | Ed Foster
Greyhat of the World Unite...
Abner Stories
torsten's .NET blog - Security
CERIAS Blog
e-Government@large
CyberSpeak's Podcast
Security Fix
Wired: Threat Level
A Day in the Life of an Information Security Investigator
Larry Seltzer's Security Weblog
Will Cox: Security
Verizonbusiness.com
Eugene Bobukh's WebLog
Sorry! We couldn't find your document
nzight
Xavier's Security Post
Static in the Ether
@CyberForge
disLEXia 3000 blog
Page Not Found - ASP.NET Weblogs
RedTeam
The Day Before Zero
Infosec Potpourri
Security Blog
trimMail's Email Battles
taint.org: Justin Mason's Weblog
DoxPara Research
Michael Howard's Web Log
George Ou
Fred Avolio's Musings
Anti Rootkit Blog
Burton Group Page Not Found
TrendLabs | Malware Blog - by Trend Micro
McAfee Avert Labs
SophosLabs blog
Caffeinated Security
Network Security Blog
cybercrime/-security sightings
Andrew Carpenter
GnuPG.org
ModSecurity Blog
TaoSecurity
Phil Windley's Technometria
Kim Cameron's Identity Weblog
infosec « WordPress.com Tag Feed
MoMusings@Arachnid.homeip.net
Errata Security
Windows Incident Response
Mark O'Neill's Radio Weblog
Small Business Server
Glenn Brunette's Security Weblog
When {Puffy} Meets ^RedDevil^
-- Sleeve notes of a sysadmin --
National Cyber Security - Blogs
-- Sleeve notes of a sysadmin --
A Bro Blog
Latests Alerts From Websense Security Labs
-- Sleeve notes of a sysadmin --
www.rootkit.com
Vitalsecurity.org - A Revolution is the Solution
Anti-Malware Engineering Team
malwarecrawler.com
The X Dot Com Inc. - 404 Wrong Page
Compendium
Tenable Network Security
Federated Infrastructure : Security
C.I.S.R.T.
Adobe Product Security Incident Response Team (PSIRT)
Speaking of Security, the RSA Blog and Podcast
ADD / XOR / ROL
MVP Jubo Security Blog
OpenPacket Blog
MSDN: Security
Arun Perinkolam's Weblog
Security Fix
ADD / XOR / ROL
Wifi Security Project
Esphion
The WiFi Zone
Michael Howard's Web Log : Security
Sorry! We couldn't find your document
Krebs on Security
July 28, 2015


What 30 Classic Games Can Teach Us about Security
infosec « WordPress.com Tag Feed

Information security experts share their thoughts on how participating in games and sports helped ho


White House Says No Thanks to Snowden Pardon Petition
infosec « WordPress.com Tag Feed

Its been more than two years since Edward Snowden became a name as familiar to the millions of peop


New RC4 Attack
Schneier on Security


NSA Says It Will End Access to 215 Records in November
infosec « WordPress.com Tag Feed

The National Security Agency says that once its legal authority to conduct Section 215 bulk telephon


What Classic Games Can Teach Us about Security
infosec « WordPress.com Tag Feed

Information security experts share their thoughts on how participating in games and sports helped ho


Chrome extension thwarts user profiling based on typing behavior
infosec « WordPress.com Tag Feed

The problems with passwords have already been well documented, and the main problem with static biom


How To Put Data At The Heart Of Your Security Practice
infosec « WordPress.com Tag Feed

First step: A good set of questions that seek out objective, measurable answers. from Dark Reading:


Apple patches serious remotely exploitable iTunes and App Store flaw
infosec « WordPress.com Tag Feed

Security researcher Benjamin Kunz Mejri from Vulnerability Lab has discovered a serious vulnerabilit


New Phishing Campaign Targets Google Credentials
infosec « WordPress.com Tag Feed

Researchers have found a new phishing campaign leveraging Google Drive in order to steal credentials


Black Hat USA 2015: Let's Get Physical
infosec « WordPress.com Tag Feed

Its tempting to think of InfoSec purely in virtual terms, as electrons flowing through circui


Apple Patches Remote Invoice Vulnerability in iTunes, App Store
infosec « WordPress.com Tag Feed

Apple recently patched a serious issue in its App Store and iTunes Store web apps that could have le


Andriod Security Major StageFright MMS vulnerability
Harry Waldron - Microsoft MVP Blog

[]


The Russian UndergroundRevamped
TrendLabs | Malware Blog - by Trend Micro

When big breaches happen and hundreds of millions of credit card numbers and SSNs get stolen, they resurface in other places. The underground now offers a vast landscape of shops, where criminals can buy credit cards and other things at irresistible price


http://www.symantec.com/connect/blogs/black-vine-formidable-cyberespionage-group-targeted-aerospace-healthcare-2012
None


Dmail: A Chrome extension for sending self-destructing emails
infosec « WordPress.com Tag Feed

Social bookmarking web service Delicious has released a free beta version of Dmail, an extension for


Dmail promises self-destructing Gmail messages
infosec « WordPress.com Tag Feed

After an email has been destroyed (or, rather, encrypted), recipients will see a message


New Phishing Campaign Leverages Google Drive
infosec « WordPress.com Tag Feed

Researchers believe technique is geared to take over Google SSO accounts. from Dark Reading: http://


One in 600 websites exposes sensitive info via easily accessible .git folder
infosec « WordPress.com Tag Feed

Git is the most popular tool for software version control out there. Created by Linus Torvalds to fa


iTunes and AppStore remote exploit fixed by Apple
infosec « WordPress.com Tag Feed

The vulnerability posed a significant risk to buyers, sellers or Apple website managers/develo


The "Stagefright" hole in Android - what you need to know
infosec « WordPress.com Tag Feed

Heres what you can do to deal with the much-talked-up Stagefright messaging vulne


Brinks Super-Secure Smart Safes: Not So Secure
Wired: Threat Level

"Making these safes smart...has actually drastically reduced the se


Dmail promises self-destructing Gmail messages
SophosLabs blog

After an email has been "destroyed" (or, rather, encrypted), recipients will see a message that the email has been killed. Should we trust it will do what it says with personal data?


iTunes and AppStore remote exploit fixed by Apple
SophosLabs blog

The vulnerability posed "a significant risk to buyers, sellers or Apple website managers/developers".


The "Stagefright" hole in Android - what you need to know
SophosLabs blog

Here's what you can do to deal with the much-talked-up "Stagefright" messaging vulnerability on Android


Stagefright Vulnerability in Android Phones
Schneier on Security


Edward Snowden to discuss privacy at IP EXPO Europe 2015
infosec « WordPress.com Tag Feed

Edward Snowden will deliver a keynote at IP EXPO Europe 2015, taking place at Londons ExCel. Joinin


Internet of Things: Bracing for the data flood
infosec « WordPress.com Tag Feed

Theres a real opportunity now to incorporate the scaling and management (including security managem


The Purpose of Access Control
infosec « WordPress.com Tag Feed

The purpose of having access control is to strengthen the availability, confidentiality, and integri


Automated threat management: No signature required
infosec « WordPress.com Tag Feed

The industry approach to detecting threats is inherently reactive, ceding the first-mover advantage


If I Were To Train Professionals in Access Control and InfoSec...
infosec « WordPress.com Tag Feed

Practically speaking, time and resources for training would be defined by budget constraints. Within


Access Control Measures I Deploy...
infosec « WordPress.com Tag Feed

Even in an amateur setting, access controls play an important role in basic network security. Here a


Server Security Policies
infosec « WordPress.com Tag Feed

Servers tend to house multiple applications while acting as significant engines for network traffic.


Cloud Storage Strategies
infosec « WordPress.com Tag Feed

Cloud more accurately refers to a marketable service than it refers to any specific te


Why Application Security is Absolutely Essential
infosec « WordPress.com Tag Feed

This article explains the significance of application security by rectifying questions about what th


New Google Drive phishing campaign exposed
infosec « WordPress.com Tag Feed

Elastica discovered a new Google Drive-based advanced phishing campaign initiated by unknown attacke


Dangers Lurking in the Dark Net
infosec « WordPress.com Tag Feed

On Dark Net Markets Like The RealDeal In the user manual for Pretty Good Privacy (PGP), Philip Zimme


Social Engineering: Con Artistry Through Technology
infosec « WordPress.com Tag Feed

Upon presenting the NASA Distinguished Service Medal to astronaut L. Gordon Cooper, President John F


How complex attacks drive the IT security innovation race
infosec « WordPress.com Tag Feed

Theres a need for organizations to reduce time to detection (TTD) in order to remediate again


50 Cent to pay $7 million for publishing woman's sex tape
infosec « WordPress.com Tag Feed

That works out to bit more than $1 per viewing by the millions whod seen the involuntary porn


50 Cent to pay $7 million for publishing woman's sex tape
SophosLabs blog

That works out to bit more than $1 per viewing by the millions who'd seen the involuntary porn as of January 2014.


Is Your Car Broadcasting Too Much Information?
TrendLabs | Malware Blog - by Trend Micro

Car hacking is a reality the general public will have to deal with. Nothing can be as intrusive and dangerous as strangers taking over your car while you are driving it. Last week, Valasek and Millers digital car-jacking stunt using 3G connectivity on a J


I Hate To Say I Told You So But....
infosec « WordPress.com Tag Feed

While I wasnt expecting the news to break in such an epic, scary fashion. If my post about au

July 27, 2015


Stagefright Android Bug: 'Heartbleed for Mobile' But Harder To Patch
infosec « WordPress.com Tag Feed

Critical vulnerability in Android’s multimedia playback engine is easy to exploit, requires no


Angler Exploit Kit Used to Find and Infect PoS Systems
TrendLabs | Malware Blog - by Trend Micro

An attack aiming to infect PoS systems was found using the Angler Exploit Kit to push a PoS reconnaissance Trojan,This Trojan, detected as TROJ_RECOLOAD.A, checks for multiple conditions in the infected system like if it is a PoS machine or part of a PoS


Phishing Attacks Drive Spike In DNS Threat
infosec « WordPress.com Tag Feed

Nearly 75% jump in phishing helped propel DNS abuse in the second quarter of this year. from Dark Re


NSA to Destroy Phone Records it Illegally Collected
Wired: Threat Level

The director of national intelligence said today that the spy agency would cease using the existing records by November 29, after which they would be destroyed once pending lawsuits have ended.

The post The Wheels of Justice Turn Slowly
infosec « WordPress.com Tag Feed

On the evening March 14, 2013, a heavily-armed police force surrounded my home in Annandale, Va., af


PHP File Manager Riddled With Vulnerabilities, Including Backdoor
infosec « WordPress.com Tag Feed

Multiple critical vulnerabilities have existed, some for nearly five years, in PHP File Manager, a w


Valve Patches Password Reset Vulnerability in Steam
infosec « WordPress.com Tag Feed

Valve Software has patched a vulnerability in the Steam gaming platform that enabled account hijacki


The First 24 Hours In The Wake Of A Data Breach
infosec « WordPress.com Tag Feed

There is a direct correlation between how quickly an organization can identify and contain a data br


Mimikatz Gather Windows Credentials
infosec « WordPress.com Tag Feed

from Darknet – The Darkside http://bit.ly/1ICFkHo via IFTTT


Google Plus Some services are being decoupled
Harry Waldron - Microsoft MVP Blog

[…]


Michael Chertoff Speaks Out Against Backdoors
Schneier on Security


Census Bureau Says Breach Didnt Compromise Sensitive Data
infosec « WordPress.com Tag Feed

Officials at the United States Census Bureau say that the attackers who compromised one of the burea


Android Stagefright Flaws Put 950 Million Devices at Risk
infosec « WordPress.com Tag Feed

Vulnerabilities in Stagefright, which processes media formats in Android, put 950 million devices at


Finally! A free, open source, on-premise virus scanner framework
infosec « WordPress.com Tag Feed

After having spoken about it for quite a while, security researcher Robert Simmons has finally begun


Pair of Bugs Open Honeywell Home Controllers Up to Easy Hacks
infosec « WordPress.com Tag Feed

The accumulation of automation and Internet-connected devices in many homes these days has led obser


Steam's account-stealing password reset exploit fixed
infosec « WordPress.com Tag Feed

Valve has plugged a vulnerability which saw a number of accounts on its Steam gaming platform hijack


Pale Moon Version 25.6.0 Released with Security Updates and Fixes
Security Garden


Steam's account-stealing password reset bug fixed
SophosLabs blog

Valve has plugged a vulnerability which saw a number of accounts on its Steam gaming platform hijacked last week.Police say sorry after Facebook tit-for-tat with "keyboard warrior"
infosec « WordPress.com Tag Feed

How should you respond when you’re representing an organisation on social media? from Naked Se


Deplorable Steam security flaw exploited to hijack prominent accounts
infosec « WordPress.com Tag Feed

A huge gaping hole that allowed attackers to hijack Steam accounts has been discovered, exploited la


Business Continuity and Disaster Recovery
infosec « WordPress.com Tag Feed

This article illustrates the key elements of business continuity and disaster recovery by addressing


You'll have to stop stealing jokes on Twitter now
infosec « WordPress.com Tag Feed

Ripping off other people’s stuff, even jokes, is no laughing matter! from Naked Security http:


Dark web drug dealer pleads guilty, gets 2 years to ponder "anonymity"
infosec « WordPress.com Tag Feed

He was an online dealer who made use of the so-called Dark Web, shielded by the apparent anonymity o


Over 5,000 mobile apps found performing in-app ad fraud
infosec « WordPress.com Tag Feed

Of the $20 billion projected to be spent by advertisers on mobile advertising in 2015, $1 billion wi


Researchers Hack Air-Gapped Computer With Simple Cell Phone
Wired: Threat Level

Researchers Hack Air-Gapped Computer With Simple Cell Phone

The most secure computers in the world may not be secure from this new i


Police say sorry after Facebook tit-for-tat with "keyboard warrior"
SophosLabs blog

How should you respond when you're representing an organisation on social media?


You'll have to stop stealing jokes on Twitter now
SophosLabs blog

Ripping off other people's stuff, even jokes, is no laughing matter!


Dark web drug dealer pleads guilty, gets 2 years to ponder "anonymity"
SophosLabs blog

He was an online dealer who made use of the so-called Dark Web, shielded by the apparent anonymity of Tor, or The Onion Router. He's not anonymous any more.Hacking Team's Purchasing of Zero-Day Vulnerabilities
Schneier on Security


A data security guy's musings on the OPM data breach train wreck
infosec « WordPress.com Tag Feed

Despite all the media attention to breaches, there is still way too much apathy when it comes to dat


Three steps to a successful cloud migration
infosec « WordPress.com Tag Feed

People are hoarders by nature. Year after year, we accumulate new things some that we need, and so


Monday review - the hot 20 stories of the week
infosec « WordPress.com Tag Feed

Get yourself up to date with everything we've written in the last seven days – it's


Monday review - the hot 19 stories of the week
infosec « WordPress.com Tag Feed

Get yourself up to date with everything we’ve written in the last seven days – it’


How (not) to pay yourself a $14m bonus - 60 Sec Security [VIDEO]
infosec « WordPress.com Tag Feed

Our weekly 1-minute security video…news with some fun in it! from Naked Security http://bit.ly


Most employees don't understand the value of data
infosec « WordPress.com Tag Feed

New research from Fujitsu has revealed that only 7% of employees rate their business data higher tha


How (not) to pay yourself a $14m bonus - 60 Sec Security [VIDEO]
SophosLabs blog

Our weekly 1-minute security video...news with some fun in it!Monday review - the hot 20 stories of the week
SophosLabs blog

Get yourself up to date with everything we've written in the last seven days - it's weekly roundup time.Jeep Hacked, Manufacturer Dismayed
BlogInfoSec.com

Dismayed? Is that as much emotion that Fiat Chrysler can muster when informed that their vehicles can be hacked remotely and many of the vehicle-control systems can be taken over by researchers Charlie Miller and Chris Valasek, including those systems tha


Week in review: Tools for detecting Hacking Team spyware, vulnerable Smart Home Hubs, and the most sophisticated Android malware ever exposed
infosec « WordPress.com Tag Feed

Week in review: Tools for detecting Hacking Team spyware, vulnerable Smart Home Hubs, and the most s


To Start My Own Cloud Storage Gig...
infosec « WordPress.com Tag Feed

In order to compete with popular cloud storage providers, prices for my cloud business would need to


The Pros and Cons of Single-Sign-On
infosec « WordPress.com Tag Feed

At first glance, SSO technologies look as though they completely sacrifice granular access control f


all content is copyright its respective owner or owners.

the technology behind infosec daily is partially copyright © 2003-2008 jose nazario.