News feed copy

UDP port 1434 directed attack to AS13489 IP ranges, (Fri, May 24th)

Fri, 24 May 2013 23:08:16 +0000

We have seen today a big rise of incoming packets of what appears to be a SQL Slammer attacks. ...(more)...

Scanner identifies malware strains, could be future of AV

Fri, 24 May 2013 14:12:56 +0000

When it comes to spotting malware, signature-based detection, heuristics and cloud-based recognition and information sharing used by many antivirus solutions today work well up a certain point, but th...

Killer apps: The performance of networked applications

Fri, 24 May 2013 14:05:29 +0000

Ipanema Technologies and Easynet Global Services unveiled the results of Killer Apps 2013, a major study into the performance of networked applications. Networking budgets are back on the rise: ...

Zeus variants are back with a vengeance

Fri, 24 May 2013 10:30:26 +0000

After analyzing the feedback from the company's Smart Protection Network, Trend Micro researchers have noted an upswing in attempted Zeus / Zbot Trojan infections. After being practically non-exi...

Google set to upgrade its SSL certs

Fri, 24 May 2013 09:54:02 +0000

As a fine example of proactive security, Google has announced that it will be upgrading its SSL certificates to 2048-bit keys by the end of 2013. "We will begin switching to the new 2048-bit certif...

Fighting cybercrime is on the right track

Fri, 24 May 2013 09:45:20 +0000

Despite the numerous security incidents that took place during the first quarter of the year, the fight against cyber-crime is on the right track, according to PandaLabs. Though there is still a ...

IT security pros have trouble communicating with executives

Fri, 24 May 2013 09:01:06 +0000

A Hanover Research survey of 131 information security professionals revealed key differences between the way executive and non-executive IT professionals communicate with senior leadership. Key s...

Facebook phishers target Fan Pages owners

Fri, 24 May 2013 08:44:03 +0000

Phishing emails claiming to come from "Facebook Security" are once again hitting users' inboxes, and this time they are aiming for the big fish: pages that are likely to have more followers than a ran...

ISC StormCast for Thursday, May 23rd 2013 http://isc.sans.edu/podcastdetail.html?id=3326, (Thu, May 23rd)

Thu, 23 May 2013 21:59:18 +0000

...(more)...

Google researcher reveals another Windows 0-day

Thu, 23 May 2013 15:12:31 +0000

Tavis Ormandy - the Google researcher known for discovering a slew of Windows, Java and Flash Player vulnerabilities and zero-days and his combative attitude regarding the "responsible disclosure" pol...

MoVP II, (Thu, May 23rd)

Thu, 23 May 2013 14:00:31 +0000

Volatility is a Python framework for performing memory forensics. If you haven't tried it ...(more)...

DHS employees' info possibly compromised due to system flaw

Thu, 23 May 2013 13:45:39 +0000

U.S. Department of Homeland Security employees have begun receiving notifications about a vulnerability that has inadvertently made their personal information potentially accessible to unauthorized pa...

Teens are into online sharing, but are also more privacy-aware

Thu, 23 May 2013 11:51:04 +0000

Teens are sharing more information about themselves on social media sites than they have in the past, but they are also taking a variety of technical and non-technical steps to manage the privacy of t...

The dangers of downloading software from unofficial sites

Thu, 23 May 2013 11:01:15 +0000

Because malware peddlers often bundle their malicious wares with legitimate software, downloading anything from unofficial download sites is a bit like playing Russian roulette: a click and the game i...

Twitter finally offers 2-factor authentication

Thu, 23 May 2013 10:18:51 +0000

Following a slew of high-profile compromises of accounts belonging to media outlets such as AP and satirical news site The Onion, Twitter has finally implemented two-factor authentication to help prev...

Is it time to professionalize information security?

Thu, 23 May 2013 09:00:27 +0000

The issue of whether or not information security professionals should be licensed to practice has already been the topic of many a passionate debate. I think it is time to examine the question again a...

Microsoft decrypts Skype comms to detect malicious links

Thu, 23 May 2013 07:10:32 +0000

The issue addresses last week by The H and their associates at heise Security of whether or not Microsoft checks links contained in encrypted Skype chat sessions and their claim that it did has raised...

A spotlight on grid insecurity

Thu, 23 May 2013 07:06:06 +0000

Drawing from responses from more than 100 utilities across America, a new report shows that the nations electric grid remains highly vulnerable to attacks from Iran and North Korea, or other threats ...

Wireshark 1.10.0rc2 is now available http://www.wireshark.org/download.html, (Thu, May 23rd)

Thu, 23 May 2013 00:34:45 +0000

...(more)...

Chrome 24.0.1312.52 has been updated for Windows, Mac, Linux, and Chrome Frame, (Wed, May 22nd)

Wed, 22 May 2013 23:52:43 +0000

...(more)...

Apple QuickTime 7.7.4 for Windows updated, MANY security vulnerabilities: http://support.apple.com/kb/HT1222, (Wed, May 22nd)

Wed, 22 May 2013 23:51:06 +0000

...(more)...

Wireshark 1.8.7 and 1.6.15 Released http://www.wireshark.org/news/20130517.html, (Wed, May 22nd)

Wed, 22 May 2013 20:01:35 +0000

...(more)...

Event: Cloud Security Alliance EMEA Congress 2013

Wed, 22 May 2013 16:58:17 +0000

Cloud security professionals from accross EMEA will once again come together to discuss the latest issues and industry trends. Not only will we be offering more practical solutions, but we will als...

Privilege escalation, why should I care?, (Wed, May 22nd)

Wed, 22 May 2013 16:10:59 +0000

In my day job I spend about 90% of my time on the red team, performing vulnerability assessmen ...(more)...

Review: Logging and Log Management

Wed, 22 May 2013 15:03:15 +0000

Authors: Anton Chuvakin and Kevin Schmidt Pages: 460 Publisher: Syngress ISBN: 1597496359 Introduction Every security practitioner should be aware of the overwhelming advantages of loggi...

Commission wants to minimize U.S. IP theft economic impact

Wed, 22 May 2013 13:20:59 +0000

As the long awaited first meeting between Chinas new president Xi Jinping and U.S. president Barack Obama draws near, the problem of cyber espionage and theft of intellectual propriety originating fr...

Guantanamo cuts off Wi-Fi access due to OpGTMO

Wed, 22 May 2013 11:13:11 +0000

The U.S. military, under whose command is the Guantanamo Bay Naval Base and the infamous prison of the same name that currently houses over 150 prisoners, has decided to shut down its wireless service...

NYPD detective accused of hiring email hackers

Wed, 22 May 2013 09:22:40 +0000

Edwin Vargas, a detective with the New York City Police Department, has been arrested on Tuesday for computer hacking crimes. According to the complaint unsealed in Manhattan federal court, between...

Experts highlight top data breach vulnerabilities

Wed, 22 May 2013 09:10:09 +0000

Hidden vulnerabilities lie in everyday activities that can expose personal information and lead to data breach, including buying gas with a credit card or wearing a pacemaker. Every transaction and...

Why BYOx is the next big concern of CISOs

Wed, 22 May 2013 09:09:36 +0000

Wisegate released new research from its members that demonstrate how CIOs and CISOs are working to achieve the right balance between employee productivity and information security as they face growing...

Free tool repairs critical Windows configuration vulnerabilities

Wed, 22 May 2013 09:09:07 +0000

Tripwire announced SecureCheq, a free configuration utility that helps evaluate and repair the most common, critical configuration vulnerabilities in Windows desktops and servers. Windows operati...

IT pros focus on cloud security, not hype

Wed, 22 May 2013 09:08:20 +0000

Cloud computing is exceeding expectations, according to a CA report. Respondents indicate the cloud has moved beyond adolescence and is on the path to maturity in the enterprise. Survey participa...

Blue Coat to acquire Solera Networks

Wed, 22 May 2013 08:29:45 +0000

Blue Coat Systems has entered into an agreement to acquire Solera Networks, a provider of big data security intelligence and analytics for threat protection. The Solera DeepSee platform will add ...

ISC StormCast for Wednesday, May 22nd 2013 http://isc.sans.edu/podcastdetail.html?id=3323, (Wed, May 22nd)

Wed, 22 May 2013 01:19:01 +0000

...(more)...

Moore, Oklahoma tornado charitable organization scams, malware, and phishing, (Tue, May 21st)

Tue, 21 May 2013 20:33:04 +0000

I find it sad that in times when people are facing disaster, many have died, others missing, a ...(more)...

APT1 is back, attacks many of the initial U.S. corporate targets

Tue, 21 May 2013 19:05:11 +0000

The APT1 hacker group is back to its old tricks, targeting a big number of organizations and businesses and, among them, many of those that they have previously breached, Mandiant has confirmed. ...

U.S. DOJ accuses journalist of espionage

Tue, 21 May 2013 16:00:30 +0000

Last week's revelation that the U.S. DOJ has successfully subpoenaed two months' worth of telephone toll records for phones of AP journalist has created quite an uproar in media circles. However, it w...

A closer look at Mega cloud storage

Tue, 21 May 2013 15:15:51 +0000

Once a novelty, nowadays many cloud storage services are fighting for their piece of the market in the virtual world. Today I'm taking a look at Mega, a service that received a massive amount of press...

Aurora attackers were looking for Google's surveillance database

Tue, 21 May 2013 11:51:42 +0000

When in early 2010 Google shared with the public that they had been breached in what became known as the Aurora attacks, they said that the attackers got their hands on some source code and were looki...

"NATO vacancies" phishing email also leads to malware

Tue, 21 May 2013 10:41:25 +0000

An interesting and very comprehensive phishing and malware-delivery campaign has been spotted by Webroot researchers. The attackers are posing as the chief of NATO's Human Resources Division, sen...

Infocon: green

UDP port 1434 directed attack to AS13489 IP ranges