Info Sec
SANS Internet Storm Center, InfoCON: green
(C) SANS Institute 2010
What's not to Like about "Like?", (Sat, Sep 4th)
Investigating Malicious Website Reports, (Sat, Sep 4th)
Apple Releases Two Security Updates (One for OSX, One for iTunes) : http://support.apple.com/kb/HT4312 and http://support.apple.com/kb/HT4328, (Fri, Sep 3rd)
Microsoft EMETv2 released, (Thu, Sep 2nd)
SDF, please!, (Thu, Sep 2nd)
Month of Undisclosed 0-day Bugs, (Wed, Sep 1st)
Microsoft issues updates to sysinternals ProcDump and Process Monitor: http://blogs.technet.com/b/sysinternals/archive/2010/08/30/updates-procdump-process-monitor-and-a-new-mark-s-blog-post.aspx, (Wed, Sep 1st)
VMWARE releases 2 security advisories for ESX Service Console: http://lists.vmware.com/pipermail/security-announce/2010/000103.html and http://lists.vmware.com/pipermail/security-announce/2010/000104.html, (Wed, Sep 1st)
Interesting PHP injection, (Tue, Aug 31st)
Abandoned free email accounts, (Sun, Aug 29th)
SecurityFocus News
Copyright @ 1999-2006 SecurityFocus
News: Change in Focus
News: Twitter attacker had proper credentials
News: PhotoDNA scans images for child abuse
News: Conficker data highlights infected networks
Brief: Google offers bounty on browser bugs
Brief: Cyberattacks from U.S. "greatest concern"
Brief: Microsoft patches as fraudsters target IE flaw
Brief: Attack on IE 0-day refined by researchers
News: Monster botnet held 800,000 people's details
News: Google: 'no timetable' on China talks
News: Latvian hacker tweets hard on banking whistle
News: MS uses court order to take out Waledac botnet
Infocus: Enterprise Intrusion Analysis, Part One
Infocus: Responding to a Brute Force SSH Attack
Infocus: Data Recovery on Linux and <i>ext3</i>
Infocus: WiMax: Just Another Security Challenge?
Gunter Ollmann: Time to Squish SQL Injection
Mark Rasch: Lazy Workers May Be Deemed Hackers
Adam O'Donnell: The Scale of Security
Mark Rasch: Hacker-Tool Law Still Does Little
More rss feeds from SecurityFocus
SecurityFocus Vulnerabilities
Copyright @ 1999-2006 SecurityFocus
Vuln: KSP '.m3u' File Buffer Overflow Vulnerability
Vuln: Icarus 'PGN' File Remote Stack Buffer Overflow Vulnerability
Vuln: HP-UX Software Distributor Unspecified Local Privilege Escalation Vulnerability
Vuln: Trend Micro Internet Security Pro ActiveX Control Remote Code Execution Vulnerability
Bugtraq: Re: Re: IIS5.1 Directory Authentication Bypass by using ?:$I30:$Index_Allocation?
Bugtraq: VUPEN Security Research - Google Chrome Focus Processing Memory Corruption Vulnerability (VUPEN-SR-2010-249)
Bugtraq: [SECURITY] [DSA-2102-1] New barnowl packages fix arbitrary code execution
Bugtraq: [ MDVSA-2010:170 ] wget
More rss feeds from SecurityFocus
Department of Homeland Security News
Secretary Napolitano Announces Expansion of "If You See Something, Say Something" Campaign and New Information Sharing Partnership in Tennessee
Statement by Deputy Press Secretary Matt Chandler on Pew Hispanic Center Report on Unauthorized Immigration Flows
Secretary Napolitano's Remarks to the Air Line Pilots Association
Progress in Implementing New Security Measures Along the Southwest Border
Readout of Secretary Napolitano’s Visit to Mississippi
Readout Of Secretary Napolitano's Visit To Chicago
Readout of Secretary Napolitano's Visit to Montana
Secretary Napolitano Announces Over $25 Million in Additional Gulf Coast Rebuilding Projects
Statement on Secretary Napolitano's Upcoming Visit to Montana and Chicago
Secretary Napolitano Announces Secure Communities Deployment to All Southwest Border Counties, Facilitating Identification and Removal of Convicted Criminal Aliens
Secretary Napolitano Announces $23 Million in Recovery Act Funding For Security Technology at Orlando International Airport
Statement by Secretary Napolitano on Passage of Southwest Border Bill in the U.S. Senate
Secretary Napolitano Applauds President Obama's Intent to Appoint Warren Stern as Director of DHS' Domestic Nuclear Detection Office
Secretary Napolitano Announces New Community-Based Law Enforcement Initiatives in Conjunction with National Night Out
Readout of Secretary Napolitano’s Visit to New Orleans
Department of Homeland Security and the Pascua Yaqui Tribe Announce a Historic Enhanced Tribal Card
Statement by Deputy Press Secretary Matt Chandler
Remarks by Deputy Secretary Jane Holl Lute at the Black Hat Conference
Secretary Napolitano, TSA Administrator Pistole Launch "If You See Something, Say Something" Campaign for General Aviation
Readout of Secretary Napolitano’s Call to Iowa Governor Chet Culver
Latest Security Advisories
© 2005 Microsoft Corporation. All rights reserved.
Microsoft Security Advisory (2269637): Insecure Library Loading Could Allow Remote Code Execution - 8/31/2010
Microsoft Security Advisory (977377): Vulnerability in TLS/SSL Could Allow Spoofing - 8/10/2010
Microsoft Security Advisory (2264072): Elevation of Privilege Using Windows Service Isolation Bypass - 8/10/2010
Microsoft Security Advisory (2286198): Vulnerability in Windows Shell Could Allow Remote Code Execution - 8/2/2010
Microsoft Security Advisory (2219475): Vulnerability in Windows Help and Support Center Could Allow Remote Code Execution - 7/13/2010
Microsoft Security Advisory (2028859): Vulnerability in Canonical Display Driver Could Allow Remote Code Execution - 7/13/2010
Microsoft Security Advisory (980088): Vulnerability in Internet Explorer Could Allow Information Disclosure - 6/9/2010
Microsoft Security Advisory (983438): Vulnerability in Microsoft SharePoint Could Allow Elevation of Privilege - 6/8/2010
Microsoft Security Advisory (973811): Extended Protection for Authentication - 6/8/2010
Microsoft Security Advisory (981169): Vulnerability in VBScript Could Allow Remote Code Execution - 4/13/2010
Microsoft Security Advisory (977544): Vulnerability in SMB Could Allow Denial of Service - 4/13/2010
Microsoft Security Advisory (981374): Vulnerability in Internet Explorer Could Allow Remote Code Execution - 3/30/2010
Microsoft Security Advisory (979682): Vulnerability in Windows Kernel Could Allow Elevation of Privilege - 2/9/2010
Microsoft Security Advisory (979352): Vulnerability in Internet Explorer Could Allow Remote Code Execution - 1/21/2010
Microsoft Security Advisory (979267): Vulnerabilities in Adobe Flash Player 6 Provided in Windows XP Could Allow Remote Code Execution - 1/12/2010
Microsoft Security Advisory (977981): Vulnerability in Internet Explorer Could Allow Remote Code Execution - 12/8/2009
Microsoft Security Advisory (974926): Credential Relaying Attacks on Integrated Windows Authentication - 12/8/2009
Microsoft Security Advisory (954157): Security Enhancements for the Indeo Codec - 12/8/2009
Microsoft Security Advisory (975497): Vulnerabilities in SMB Could Allow Remote Code Execution - 10/13/2009
Microsoft Security Advisory (975191): Vulnerabilities in the FTP Service in Internet Information Services - 10/13/2009
Microsoft Security Advisory (973882): Vulnerabilities in Microsoft Active Template Library (ATL) Could Allow Remote Code Execution - 10/13/2009
Microsoft Security Advisory (967940): Update for Windows Autorun - 8/25/2009
Microsoft Security Advisory (973472): Vulnerability in Microsoft Office Web Components Control Could Allow Remote Code Execution - 8/11/2009
Microsoft Security Advisory (972890): Vulnerability in Microsoft Video ActiveX Control Could Allow Remote Code Execution - 7/14/2009
Microsoft Security Advisory (971778): Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution - 7/14/2009
Microsoft Security Advisory (969898): Update Rollup for ActiveX Kill Bits - 6/17/2009
Microsoft Security Advisory (960715): Update Rollup for ActiveX Kill Bits - 6/17/2009
Microsoft Security Advisory (956391): Update Rollup for ActiveX Kill Bits - 6/17/2009
Microsoft Security Advisory (971888): Update for DNS Devolution - 6/9/2009
Microsoft Security Advisory (971492): Vulnerability in Internet Information Services Could Allow Elevation of Privilege - 6/9/2009
Microsoft Security Advisory (945713): Vulnerability in Web Proxy Auto-Discovery (WPAD) Could Allow Information Disclosure - 6/9/2009
Microsoft Security Advisory (969136): Vulnerability in Microsoft Office PowerPoint Could Allow Remote Code Execution - 5/12/2009
Microsoft Security Advisory (968272): Vulnerability in Microsoft Office Excel Could Allow Remote Code Execution - 4/14/2009
Microsoft Security Advisory (960906): Vulnerability in WordPad Text Converter Could Allow Remote Code Execution - 4/14/2009
Microsoft Security Advisory (953818): Blended Threat from Combined Attack Using Apple’s Safari on the Windows Platform - 4/14/2009
Microsoft Security Advisory (951306): Vulnerability in Windows Could Allow Elevation of Privilege - 4/14/2009
Microsoft Security Advisory (953839): Update Rollup for ActiveX Kill Bits - 3/11/2009
Microsoft Security Advisory (961040): Vulnerability in SQL Server Could Allow Remote Code Execution - 2/10/2009
Microsoft Security Advisory (961509): Research proves feasibility of collision attacks against MD5 - 12/30/2008
Microsoft Security Advisory (961051): Vulnerability in Internet Explorer Could Allow Remote Code Execution - 12/17/2008
Microsoft Security Advisory (958963): Exploit Code Published Affecting the Server Service - 10/27/2008
Microsoft Security Advisory (955179): Vulnerability in the ActiveX Control for the Snapshot Viewer for Microsoft Access Could Allow Remote Code Execution - 8/12/2008
Microsoft Security Advisory (954960): Microsoft Windows Server Update Services (WSUS) Blocked from Deploying Security Updates - 8/12/2008
Microsoft Security Advisory (953635): Vulnerability in Microsoft Word Could Allow Remote Code Execution - 8/12/2008
Microsoft Security Advisory (956187): Increased Threat for DNS Spoofing Vulnerability - 7/25/2008
Microsoft Security Advisory (954462): Rise in SQL Injection Attacks Exploiting Unverified User Data Input - 6/25/2008
Microsoft Security Advisory (954474): System Center Configuration Manager 2007 Blocked from Deploying Security Updates - 6/17/2008
Microsoft Security Advisory (950627): Vulnerability in Microsoft Jet Database Engine Could Allow Remote Code Execution - 5/13/2008
Microsoft Security Advisory (932596): Update to Improve Kernel Patch Protection - 4/23/2008
Microsoft Security Advisory (947563): Vulnerability in Microsoft Excel Could Allow Remote Code Execution - 3/12/2008
PCMag.com Security Coverage [Feed]
Copyright 2010 Ziff Davis Media Inc. All Rights Reserved.
CrankyGeeks: Big Brother Knows Your Password
PCMag.com Introduces New Security Watch Blog
Microsoft Patches Critical Flaws in Windows, Outlook Express, IE and Elsewhere
Security Watch Story Feed: June 11, 2007
Update Your QuickBooks Database Server Manager
Porn Ads In Your RSS Feed!
Targeted IRS/BBB E-mail Attacks Continue
Microsoft to Issue Four Critical Updates
Revenge of the File Infectors
OS X Still Open to Samba Vulnerabilities
Powered by firstRSS
Powered by FireStats