Last updated:
Fri Nov 28 23:23:30 2014 GMT
  2014 FIRST Annual Conference in Boston - Register now


Blogroll
Errata Security
Freedom to Tinker
Page Not Found - ASP.NET Weblogs
Cybercrime
SecuriTeam Blogs
Page Not Found - ASP.NET Weblogs
Internet Security News and Analysis
Michael Howard's Web Log
-- Sleeve notes of a sysadmin --
Fermats Security Alerts
CERIAS Weblogs
ThreatFire Research Blog
trimMail's Email Battles
New Directions in Security (Comments)
Educated Guesswork
RedTeam
Matasano Chargen
The Microsoft Security Response Center Blog
Esphion
CGISecurity.com: Your Web Site and Application Security Resource
Security Blog
Infosec Writers Latest Security Papers
::PepperTech:: Security Management News Blog
Sorry! We couldn't find your document
Sergey Simakov blog
CyberCrime & Doing Time
Security Watch
Daemon on Security
www.rootkit.com
Arun Perinkolam's Weblog
Small Business Server
Rick Kingslan - Will Hack 4 Food
Internet Security with Kirk
mcwresearch.com
Infothought
cybercrime/-security sightings
Andrew Carpenter
blackhat for life
GPL
Panda Research Blog
Page Not Found - ASP.NET Weblogs
ADD / XOR / ROL
Schneier on Security
-- Sleeve notes of a sysadmin --
Vastly Important Notes
Information Manager Journal
Latest Blog Entires From WebSense Security Labs
Casper Dik's Weblog
C.I.S.R.T.
Mal-Aware.org
Adobe Product Security Incident Response Team (PSIRT)
National Cyber Security - Blogs
Bill Sommerfeld's Weblog
Bkis Blog
ADD / XOR / ROL
Spire Security Viewpoint
OpenPacket Blog
Dana Epp's ramblings at the Sanctuary
Phil Windley's Technometria
An Information Security Place
turnipsecurity
Lauren Weinstein's Blog
DoxPara Research
The X Dot Com Inc. - 404 Wrong Page
infosec « WordPress.com Tag Feed
darren_moffat@blog$ cat /dev/mem | grep /dev/urandom
Krebs on Security
Xavier's Security Post
Tenable Network Security
Nth world commentaries
Information Research
Service Provider Journal
Windows Incident Response
Fixing Email Weblog
Latest Blog Entires From WebSense Security Labs
Larry Seltzer's Security Weblog
BufferOverrun : Security
Napsterization
Carnal0wnage Blog
Page Not Found - ASP.NET Weblogs
Security and Technology for SMB's and SOHO's
Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
Technology Review Feed - TR Editors' Blog
The Evil Empire
Infosec Events
Network Security
Network Security Blog
Crypto-World - news
The WiFi Zone
Anti-Malware Engineering Team
ModSecurity Blog
Page Not Found - ASP.NET Weblogs
When {Puffy} Meets ^RedDevil^
Security Notes
Volatility
Security Curve Weblog
MZL & Novatech Traffic & Bandwidth Statistics News
Michael Howard's Web Log : Security
taint.org: Justin Mason's Weblog
F-Secure Antivirus Research Weblog
Inliniac
Sorry! We couldn't find your document
Draft Security Blog
Errata Security
.NET Security Blog
eEye Digital Security - Research Blog
Norwegian Honeynet Project
CyberSpeak's Podcast
The Security Skeptic
Windows Security Logging and Other Esoterica
Bowulf Infosec & Network Admin Blog
Information Security News Desk
StillSecure, After All These Years
Greyhat of the World Unite...
InfoWorld Gripe Line | Ed Foster
Fred Avolio's Musings
The Security Skeptic
Anti Rootkit Blog
Emergent Chaos
@CyberForge
Wendy's Blog: Legal Tags
TheSecure.Net
fes' WebLog
Robert Hensing's Blog
Mark's Blog
1 Raindrop
Larry Osterman's WebLog : Security
chandanlog(3C)
Security Fix
John Palfrey
Security Fix
netstat -a
A Bro Blog
Security
1 Raindrop
Fabulous Adventures In Coding : Security
BenEdelman.org
Mark O'Neill's Radio Weblog
Security Response Weblog
George Ou
whattheflex
Realtime Community | IT Compliance
OSVDB Blog
Liudvikas Bukys
Alert Logic
Latests Alerts From Websense Security Labs
Roger's Information Security Blog
Financial Cryptography
Andreas Sterbenz's Blog
Jim's Bloggyness
invulnerableit.com Blog
Security to the Core | Arbor Networks Security Blog
SYN|ACK
The ICSI Networking Group Blog
LuFG Summerschool Applied IT Security
Lasipalatsi
Eugene Bobukh's WebLog
Windows Shell/User (MSN & OneCare Too)
Volatile Systems
MVP Jubo Security Blog
Solution Accelerators - Security & Compliance
Larry's Insecurity Blog
Glenn Brunette's Security Weblog
Thomas Shinder Blog
websecurityblog
Page Not Found - ASP.NET Weblogs
The Importance of...
Burton Group Page Not Found
Martin Englund's Weblog
The Security Development Lifecycle
Internet Insecurity
-- Sleeve notes of a sysadmin --
Usable Security
Error!
DISOG
Sorry! We couldn't find your document
MSDN: Security
Casper Dik's Weblog
Wifi Security Project
Caffeinated Security
Logblog
Federated Infrastructure : Security
Essential Computer Security
Security Soapbox
Cynical Security
Static in the Ether
Aaron Margosis' "Non-Admin" WebLog
Tim Rains' WebLog
darren_moffat@blog$ cat /dev/mem | grep /dev/urandom
The Security Blanket
The Security Mentor
disLEXia 3000 blog
antlab
Sunbelt Blog
CERIAS Blog
Wired: Threat Level
BlogInfoSec.com
torsten's .NET blog - Security
Verizonbusiness.com
Information Security News Desk
Abner Stories
Security Garden
Vitalsecurity.org - A Revolution is the Solution
Kimberly L. Tripp: Improving *my* SQL skills through your questions! - Security
Ivan
TrendLabs | Malware Blog - by Trend Micro
Roger Thompson
OSSEC Blog
Dan Anderson's Weblog
Security Sauce
Hex blog
Security Manifest
The Dark Visitor
McAfee Avert Labs
Anil John - Security
Speaking of Security, the RSA Blog and Podcast
e-Government@large
nzight
Security Blanket
You Know What's Stupid? Everything I Don't Understand
Vodun.org
In-Security : Exploring Internet, Information and Infrastructure Security
Anton Chuvakin, O'Reilly Network
Page Not Found - ASP.NET Weblogs
worm blog
REblog
Stupid Security
Deb Shinder's MVP Blog
Network Security Blog
bIPlog
SophosLabs blog
securosis.com
A Day in the Life of an Information Security Investigator
malwarecrawler.com
Sam Gentile
Pinpoint Labs Blog
IBM Internet Security Systems Frequency X Blog
Infosec Potpourri
Latest Analysis for All Threats
b l o g _ m a x i m u m
GnuPG.org
KyleM.xwell
Vulnerability Analysis Blog
Spam Filtering Techniques
weblog.cemper.com - Technology, Software Development, Project Management, Marketing News
Kim Cameron's Identity Weblog
MoMusings@Arachnid.homeip.net
The Antivirus Guy Blog
Politically Motivated Computer Crime and Hacktivism
404 - Not Found
About Internet / Network Security
Harry Waldron - Microsoft MVP Blog
: 404 Not Found
Kasun's Weblog
Steve Lamb's Blog : How to Articles
PandaLabs
Attack Research
NetSec
Cheap Hack
Open-Node.net Security Weblog
honeyblog
Paul's Down-Home Page: Exchange, messaging, collaboration, security, and more
The Day Before Zero
NI3
Computing Research Policy Blog
Solution Accelerators - Security & Compliance
Glenn Brunette's Security Weblog
TaoSecurity
Digital ID World Editors Corner
Compendium
HD DVD / Randomness... : Security
Kaspersky Lab Weblog
The Security Mentor
Will Cox: Security
APB Infosec blog
November 28, 2014


Friday Squid Blogging: Squid Bikes
Schneier on Security


Adobe Pushes Critical Flash Patch
infosec « WordPress.com Tag Feed

For the second time this month, Adobe has issued a security update for its Flash Player software. Ne


MALWARE: Regin advanced spyware threat
Harry Waldron - Microsoft MVP Blog

[]


MALWARE: Point-of-Sale attack threat high for 2014 holiday season
Harry Waldron - Microsoft MVP Blog

[]


Adobe Flash Player OOB Security Update NOV 2014
Harry Waldron - Microsoft MVP Blog

[]


Brain Science and Browser Warnings
infosec « WordPress.com Tag Feed

Computer users will click through browser warnings and security alerts in order to complete a task,


Syrian Electronic Army returns with Thanksgiving press hack
SophosLabs blog

Some visitors to sites including CBC, CNBC, Forbes, OK magazine, The Chicago Tribune, The Daily Telegraph, The Independent and The New York Times were met with a message saying "You've been hacked by the Syrian Electronic Army (SEA)."


Warning: State-Sponsored Attackers
F-Secure Antivirus Research Weblog

Updated our door today, just to be clear


6 Million+ Email Accounts Worldwide Exposed In Past 3 Months
infosec « WordPress.com Tag Feed

Spike in number of stolen accounts likely due to uptick in major data breaches, researchers say. fro


Hacker Lexicon: What Is the Computer Fraud and Abuse Act?
Wired: Threat Level

The Computer Fraud and Abuse Act, also known as the CFAA, is the


Should vapers fear malware-laced e-cigarettes?
SophosLabs blog

A humorous and very likely apocryphal online comment has spun itself up into a major news item. It's tempting to simply ignore the whole nonsense and carry on as normal. But maybe there is something to learn here...


Adobe publishes out-of-band Flash update - provides "booster dose" for October's patches
SophosLabs blog

Adobe has published a Flash update, dubbed APSB14-26. The new patch offers additional protection against a vulnerability that was originally addressed in October 2014.


EU Data Protection Authority Adopts Guidelines on the Implementation of the Right to be Forgotten
You Know What's Stupid? Everything I Don't Understand


Economic Failures of HTTPS Encryption
Schneier on Security


Data Protection Act breaches cost businesses 2.17M in penalties - GrowthBusiness.co.uk
infosec « WordPress.com Tag Feed

GrowthBusiness.co.uk Data Protection Act breaches cost businesses 2.17M in penaltiesGrowthBusiness.


Google reaches settlement with troll victim
infosec « WordPress.com Tag Feed

Three years after first discovering some 3,600 abusive, defamatory postings online, a UK businessman


Google's Devices and Activity Dashboard A New Account Security Wizard
infosec « WordPress.com Tag Feed

We access our Google account from so many devices that we our self forget on how many devices our ac

November 27, 2014


Sony Pictures hacked, blackmailed
infosec « WordPress.com Tag Feed

Apparently, Sony Pictures was hacked. The breach has still not been confirmed by the company, whose


Mobile Data Protection Market Worth $3.54 Billion by 2019 - Hospitality Technology
infosec « WordPress.com Tag Feed

Mobile Data Protection Market Worth $3.54 Billion by 2019Hospitality TechnologyNew market research r


Leadership Thanksgiving reflections
Harry Waldron - Microsoft MVP Blog

[…]


Microsoft Security Updates NOVEMBER 2014
Harry Waldron - Microsoft MVP Blog

[…]


New PoS Malware Kicks off Holiday Shopping Weekend
TrendLabs | Malware Blog - by Trend Micro

We are currently looking into a new point-of-sale (PoS) malware family detected as TSPY_POSLOGR.K, which is making the rounds just in time for this year’s holiday shopping weekend. Around this time last year, the U.S. retailer Target suffered one of


Storyful to create 30 new research jobs in Dublin - Siliconrepublic.com
infosec « WordPress.com Tag Feed

Siliconrepublic.com Storyful to create 30 new research jobs in DublinSiliconrepublic.comsiliconrepub


Twitter to start snooping at which apps you have installed - here's how to opt out
SophosLabs blog

Twitter is set to start peeking on users' iPhones, iPads and Androids in order to see what apps they have downloaded. It's opt-in by default, so here's how to opt out."Cooperating with the Future"
Schneier on Security


ISC StormCast for Tuesday, November 25th 2014 http://bit.ly/1AKRWqM, (Tue, Nov 25th)
infosec « WordPress.com Tag Feed

…(more)… from SANS Internet Storm Center, InfoCON: green http://bit.ly/1AKRWqP via IFTTT


This Artists Images Integrate Code From Malware Like Stuxnet and Flame
Wired: Threat Level

This Artist’s Images Integrate Code From Malware Like Stuxnet and Flame

James Hoff's art glitches music and images with malware l


SSCC 175 - "My, what an ENORMOUS malware infection you have!" [PODCAST]
SophosLabs blog

Here's the latest episode of our weekly security podcast. For your listening pleasure - the news you can use!Spyware app StealthGenie's CEO fined $500K, forfeits source code
SophosLabs blog

In the first-ever criminal conviction concerning the federal criminal charges of advertising and selling a mobile phone spyware app, StealthGenie's CEO has been fined $500K for selling the spyware.How I Became A CISO: Mark Potter, Danya International
infosec « WordPress.com Tag Feed

Much like one of his favorite choose-your-own-adventure novels, Mark Potter’s path to the chie


Out-of-Band Flash Player Update for CVE-2014-8439
F-Secure Antivirus Research Weblog

Adobe has released an out-of-band update to fix a vulnerability in Flash Player which was reported by F-Secure.

We discovered the vulnerability while analyzing a


Don't Discount XSS Vulnerabilities
infosec « WordPress.com Tag Feed

XSS flaws are more serious than you’d think. from Dark Reading: http://ubm.io/15fTxIg via IFTT


Scammers used fake product listings to steal from Walmart
infosec « WordPress.com Tag Feed

On November 13, US retailer Walmart announced that they will officially start matching the price for


The Pando Tor conspiracy troll
Errata Security

Tor, also known as The Onion Router, bounces your traffic through several random Internet servers, thus hiding the source. It means you can surf a website without them knowing who you are. Your IP address may appear to be coming from Germany when in fact


all content is copyright its respective owner or owners.

the technology behind infosec daily is partially copyright © 2003-2008 jose nazario.