Clik here to view.
Stratfor Taps CSID To Protect Identities Breached In Cyberattack
Attacks resulted in the unauthorized disclosure of personal information
View ArticleClik here to view.
Attack Tool Released for WPS PIN Vulnerability
Just a day after security researcher Stefan Viehbock released details of a vulnerability in the WiFi Protected Setup (WPS) standard that enables attackers to recover the router PIN, a security firm...
View ArticleClik here to view.
Microsoft releases MS11-100 for ASP.NET DOS Attack
Today Microsoft released a security bulletin addressing a flaw in ASP.NET that was disclosed early morning yesterday at the Chaos Communication Congress (CCC) in Berlin. Microsoft tested and finished...
View ArticleClik here to view.
Beware of password-protected documents carrying malware
Passwords for document files are commonly used to prevent unauthorized access to the files by encrypting them with passwords. However, attackers are misusing the password feature to encrypt files,...
View ArticleClik here to view.
SBN Sponsor Post
View the RSA Conference August webcast: There.s an App for That: What the Mobile App Explosion Means for Security.http://bit.ly/pZVz0l
View ArticleClik here to view.
Microsoft Releases Emergency Fix for ASP.NET DoS Flaw
A vulnerability in ASP.NET that could allow an attacker to consume all of the resources on a vulnerable server with a single specially designed HTTP request. The vulnerability affects a wide range of...
View ArticleClik here to view.
Stratfor hack – lessons learned
Recently we noted that unencrypted credit card storage was on the rise in 2011, and also highlighted the expense involved to the company in the event of a credit card breach. Now we see personal data –...
View ArticleClik here to view.
In this edition of “Security Spot” Is Your Phone Talking About You?
By Sean Steadman, StillSecure SOC Analyst Currently there is a lot of talk buzzing about smart phones giving away sensitive data without their users consent. Several cell phone carriers have been...
View ArticleClik here to view.
Data-stealing Android Trojan masquerades as greeting-sending app
Text messages have largely replaced seasonal (and non) greeting cards, and there are mobile apps out there that let you send prewritten witty/sweet messages to friends and family. But there are also...
View ArticleClik here to view.
Microsoft releases patch for hash collision DoS
Microsoft and several other platform developers have either addressed, or are currently working to resolve, a hash collision problem, which if exploited can trigger a denial-of-service condition. On...
View ArticleClik here to view.
Network-based Malware Detection: Identifying Today’s Malware
As we discussed in the Introduction post to the Network-based Malware Detection series, traditional approaches to detecting malware cannot not protect us anymore. With rapidly morphing executables,...
View ArticleClik here to view.
New Tools Bypass Wireless Router Security
Security researchers have released new tools that can bypass the encryption used to protect many types of wireless routers. Ironically, the tools take advantage of design flaws in a technology pushed...
View ArticleClik here to view.
Facebook launches new features
Timeline A while back, we blogged about some upcoming changes on Facebook. The new Timeline layout is now ready for release. All Facebook accounts will be updated to the new Timeline layout on...
View ArticleClik here to view.
Happy New Year!
Hope you all have a great year ahead of you and despite how bad things may seem, you can always tap into your inner child and have some fun!
View ArticleClik here to view.
Terrified
Over my career I’ve given exactly 295 public presentations, to audiences as small as a table full and up to many thousands. Audience members have said countless times that they really enjoy my...
View ArticleClik here to view.
Stopping The Insider Threat: The Case for SIEM in Government IT (Part 3 –...
We are discussing technology’s role in reducing the insider threats using a SIEM solution. In the previous installments of this blog series we have established the need for a SIEM solution and...
View ArticleClik here to view.
HMRC phishing scam promises end of year refund
It is the season once again for phishers to try and lure in their victims with bogus tax rebates, income tax mistakes and other nonsense. Read on for the latest tax related scam targeting citizens of...
View ArticleClik here to view.
Are Bachelor Infosec Degrees Worthless?
Ira Winkler posted an interesting article a month or so ago (yes, I’ve had this post in the hopper for a while) over at Computer World entitled “Let’s scuttle cybersecurity bachelor’s degree...
View ArticleClik here to view.
Why RFI Gets No Respect
Vendors like WhiteHat (registration required) and Veracode (registration required) release extremely useful and informative reports on vulnerabilities: how many are out there as well as what kinds....
View ArticleClik here to view.
LAPD Terminates Move To Google Mail, Apps
Cites lack of Google Inc.’s (NasdaqGS: GOOG) adherence to Criminal Justice Information Services Security Policies. Bad news [if you’re a cloud aficionado…], apparently Google Inc.’s (NasdaqGS: GOOG)...
View Article