Last updated:
Wed Sep 17 22:24:28 2014 GMT
  2014 FIRST Annual Conference in Boston - Register now


Blogroll
Page Not Found - ASP.NET Weblogs
Information Manager Journal
Martin Englund's Weblog
Windows Shell/User (MSN & OneCare Too)
Infosec Events
Cybercrime
securosis.com
Infosec Potpourri
Essential Computer Security
Crypto-World - news
Kim Cameron's Identity Weblog
Information Security News Desk
The Evil Empire
Casper Dik's Weblog
Technology Review Feed - TR Editors' Blog
Casper Dik's Weblog
torsten's .NET blog - Security
Emergent Chaos
Spam Filtering Techniques
Kaspersky Lab Weblog
Greyhat of the World Unite...
Errata Security
Deb Shinder's MVP Blog
Will Cox: Security
Michael Howard's Web Log : Security
Infosec Writers Latest Security Papers
Bowulf Infosec & Network Admin Blog
antlab
Daemon on Security
Latest Analysis for All Threats
HD DVD / Randomness... : Security
In-Security : Exploring Internet, Information and Infrastructure Security
Norwegian Honeynet Project
nzight
The Antivirus Guy Blog
Sorry! We couldn't find your document
Sorry! We couldn't find your document
chandanlog(3C)
Security Notes
Wendy's Blog: Legal Tags
KyleM.xwell
Robert Hensing's Blog
Mark O'Neill's Radio Weblog
blackhat for life
Financial Cryptography
The Security Skeptic
Andrew Carpenter
Attack Research
Liudvikas Bukys
CERIAS Weblogs
Security Soapbox
RedTeam
OpenPacket Blog
The Day Before Zero
GnuPG.org
TaoSecurity
Anti-Malware Engineering Team
fes' WebLog
Security Fix
MVP Jubo Security Blog
Vulnerability Analysis Blog
Anil John - Security
Network Security Blog
Page Not Found - ASP.NET Weblogs
Computing Research Policy Blog
Michael Howard's Web Log
honeyblog
The Security Blanket
Carnal0wnage Blog
SecuriTeam Blogs
malwarecrawler.com
Security to the Core | Arbor Networks Security Blog
weblog.cemper.com - Technology, Software Development, Project Management, Marketing News
Anton Chuvakin, O'Reilly Network
The WiFi Zone
Steve Lamb's Blog : How to Articles
LuFG Summerschool Applied IT Security
-- Sleeve notes of a sysadmin --
Volatility
The Security Mentor
Wired: Threat Level
CyberCrime & Doing Time
National Cyber Security - Blogs
Security Blanket
Page Not Found - ASP.NET Weblogs
The X Dot Com Inc. - 404 Wrong Page
The ICSI Networking Group Blog
cybercrime/-security sightings
Harry Waldron - Microsoft MVP Blog
BlogInfoSec.com
Larry Seltzer's Security Weblog
trimMail's Email Battles
Esphion
.NET Security Blog
Speaking of Security, the RSA Blog and Podcast
Tim Rains' WebLog
Page Not Found - ASP.NET Weblogs
Sam Gentile
Cynical Security
Security Watch
MoMusings@Arachnid.homeip.net
Security
CyberSpeak's Podcast
Latest Blog Entires From WebSense Security Labs
John Palfrey
Fermats Security Alerts
Bkis Blog
Stupid Security
F-Secure Antivirus Research Weblog
A Day in the Life of an Information Security Investigator
@CyberForge
DISOG
Vastly Important Notes
Sorry! We couldn't find your document
Information Research
NI3
An Information Security Place
Open-Node.net Security Weblog
Logblog
www.rootkit.com
Arun Perinkolam's Weblog
CGISecurity.com: Your Web Site and Application Security Resource
Inliniac
Page Not Found - ASP.NET Weblogs
The Dark Visitor
New Directions in Security (Comments)
Roger's Information Security Blog
GPL
APB Infosec blog
Krebs on Security
Hex blog
CERIAS Blog
MZL & Novatech Traffic & Bandwidth Statistics News
mcwresearch.com
The Security Skeptic
Matasano Chargen
George Ou
Solution Accelerators - Security & Compliance
Eugene Bobukh's WebLog
Andreas Sterbenz's Blog
Windows Incident Response
Xavier's Security Post
Jim's Bloggyness
About Internet / Network Security
Security Fix
McAfee Avert Labs
b l o g _ m a x i m u m
Fabulous Adventures In Coding : Security
Roger Thompson
Educated Guesswork
Wifi Security Project
InfoWorld Gripe Line | Ed Foster
IBM Internet Security Systems Frequency X Blog
Internet Insecurity
Ivan
::PepperTech:: Security Management News Blog
TrendLabs | Malware Blog - by Trend Micro
Sergey Simakov blog
ModSecurity Blog
BufferOverrun : Security
TheSecure.Net
Errata Security
Page Not Found - ASP.NET Weblogs
Alert Logic
Latests Alerts From Websense Security Labs
Security Blog
bIPlog
SophosLabs blog
404 - Not Found
ThreatFire Research Blog
Politically Motivated Computer Crime and Hacktivism
Network Security
Panda Research Blog
Dan Anderson's Weblog
The Importance of...
Network Security Blog
Solution Accelerators - Security & Compliance
: 404 Not Found
Glenn Brunette's Security Weblog
turnipsecurity
darren_moffat@blog$ cat /dev/mem | grep /dev/urandom
OSSEC Blog
Security Garden
Adobe Product Security Incident Response Team (PSIRT)
Spire Security Viewpoint
Vitalsecurity.org - A Revolution is the Solution
Pinpoint Labs Blog
ADD / XOR / ROL
Vodun.org
Internet Security with Kirk
Rick Kingslan - Will Hack 4 Food
Aaron Margosis' "Non-Admin" WebLog
Caffeinated Security
Latest Blog Entires From WebSense Security Labs
-- Sleeve notes of a sysadmin --
Bill Sommerfeld's Weblog
Cheap Hack
taint.org: Justin Mason's Weblog
When {Puffy} Meets ^RedDevil^
Verizonbusiness.com
Small Business Server
infosec « WordPress.com Tag Feed
DoxPara Research
Error!
Kasun's Weblog
Information Security News Desk
A Bro Blog
e-Government@large
Page Not Found - ASP.NET Weblogs
Security Response Weblog
Nth world commentaries
Thomas Shinder Blog
Realtime Community | IT Compliance
Fred Avolio's Musings
-- Sleeve notes of a sysadmin --
Schneier on Security
Federated Infrastructure : Security
StillSecure, After All These Years
netstat -a
Dana Epp's ramblings at the Sanctuary
Mal-Aware.org
REblog
websecurityblog
1 Raindrop
invulnerableit.com Blog
Fixing Email Weblog
Larry's Insecurity Blog
Tenable Network Security
Security Sauce
Mark's Blog
Infothought
Freedom to Tinker
Abner Stories
Internet Security News and Analysis
Larry Osterman's WebLog : Security
Phil Windley's Technometria
Lasipalatsi
C.I.S.R.T.
Draft Security Blog
The Security Mentor
Security Manifest
Usable Security
Service Provider Journal
Compendium
Anti Rootkit Blog
disLEXia 3000 blog
Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
worm blog
Digital ID World Editors Corner
Security and Technology for SMB's and SOHO's
Windows Security Logging and Other Esoterica
Lauren Weinstein's Blog
Security Curve Weblog
darren_moffat@blog$ cat /dev/mem | grep /dev/urandom
ADD / XOR / ROL
OSVDB Blog
You Know What's Stupid? Everything I Don't Understand
PandaLabs
The Security Development Lifecycle
SYN|ACK
Burton Group Page Not Found
whattheflex
1 Raindrop
Volatile Systems
Sunbelt Blog
The Microsoft Security Response Center Blog
Kimberly L. Tripp: Improving *my* SQL skills through your questions! - Security
BenEdelman.org
eEye Digital Security - Research Blog
Napsterization
Glenn Brunette's Security Weblog
NetSec
MSDN: Security
Paul's Down-Home Page: Exchange, messaging, collaboration, security, and more
Static in the Ether
September 17, 2014


Just how much information can be squeezed from one week of your metadata?
infosec « WordPress.com Tag Feed

Thanks to a Dutch man who volunteered to let researchers snoop on his mobile phone, we now have a gl


From the Labs: VBA is definitely not dead in fact, its undergoing a resurgence
SophosLabs blog

Our most recent detection statistics show that using Visual Basic code in malicious documents is a trend on the rise. So why have malware authors turned to Visual Basic to do their bidding?


Apple adds two-step verification for iCloud, effective immediately
SophosLabs blog

Apple has listened, and extended its two-step verification system to iCloud. It's a great start...but does it go far enough?


California passes landmark bill to protect students personal data
SophosLabs blog

There's a lot at stake: think student records that cover attendance, grades, discipline, health, academics, intimate details about family members, parent and student contact information, biometrics, and sometimes even a child's geolocation.


Apple questioned on Watch privacy by state attorney general
SophosLabs blog

Apple calls the gadget its "most personal device ever". Attorney General George Jepsen would like to know how Apple's planning to protect all that data, which will include things as intimate as our heartbeats.


New Google transparency report details hike in government user data requests
SophosLabs blog

Governments around the world are demanding increasingly larger amounts of user data from search giant Google, according to the companys latest Transparency Report.


Top 10 Security Issues for REST APIs
1 Raindrop

Mark O'Neill and I are doing this webinar talk tomorrow and Monday. Monday will be at an AsiaPac friendly time. We will focus on Ways to architect and design security for RESTful APIs Develop patterns for Cloud and Mobile security Understand and define th


Identifying Dread Pirate Roberts
Schneier on Security


Critical Update for Adobe Reader & Acrobat
Krebs on Security

Adobe has released a security update for its Acrobat and PDF Reader products that fixes at least eight critical vulnerabilities in Mac and Windows versions of the software. If you use either of these programs, please take a minute to update now.


Irishwoman shortlisted for Cartier Women's Initiative Awards - Siliconrepublic.com
infosec « WordPress.com Tag Feed

Irishwoman shortlisted for Cartier Womens Initiative AwardsSiliconrepublic.comSkip Navigation


detecting: malloc(-1) or malloc(0xffffffff)
Inliniac

In Suricata were often not printing malloc errors. The reason is that were not willing to print such errors based on (attacker controlled) traffic. So often such cases are silently handled. We came across a bug though, where a integer …


http://www.symantec.com/connect/blogs/snifula-banking-trojan-battles-local-japanese-security-product
None


Look Inside: An insight into working at Dropbox's new Dublin base (video) - Siliconrepublic.com
infosec « WordPress.com Tag Feed

Look Inside: An insight into working at Dropboxs new Dublin base (video)Siliconrepublic.comsi


New Google transparency report details hike in government user data requests
SophosLabs blog

Governments around the world are demanding increasingly larger amounts of user data from search giant Google, according to the companys latest Transparency Report.


Internet Of Things Devices Are Doomed
infosec « WordPress.com Tag Feed

Security researchers hack Canon printer firmware to run the classic 90s video game Doom as well as t


Middle-School Dropout Codes Clever Chat Program That Foils NSA Spying
Wired: Threat Level

The best hope of shielding your metadata from the NSA was invented


California passes "landmark bill" to protect students' personal data
SophosLabs blog

There's a lot at stake: think student records that cover attendance, grades, discipline, health, academics, intimate details about family members, parent and student contact information, biometrics, and sometimes even a child's geolocation.


Apple questioned on Watch privacy by state attorney general
SophosLabs blog

Apple calls the gadget its "most personal device ever". Attorney General George Jepsen would like to know how Apple's planning to protect all that data, which will include things as intimate as our heartbeats.


Tracking People From their Cellphones with an SS7 Vulnerability
Schneier on Security


The Prevalence of Crypto-Ransomware
TrendLabs | Malware Blog - by Trend Micro

Cryptolocker, a refinement ofRansomwarewith file-encryption capabilities emerged in the wild last October 2013. It continuously evolves as seen in the inclusion of new tactics and methods to avoid early detection and convinces unsuspecting users to pay th


StegExpose Steganalysis Tool For Detecting Steganography In Images
infosec « WordPress.com Tag Feed

from Darknet The Darkside http://bit.ly/XpOu3H via IFTTT


From the Labs: VBA is definitely not dead - in fact, it's undergoing a resurgence
SophosLabs blog

Our most recent detection statistics show that using Visual Basic code in malicious documents is a trend on the rise. So why have malware authors turned to Visual Basic to do their bidding?


Apple adds two-step verification for iCloud, effective immediately
SophosLabs blog

Apple has listened, and extended its two-step verification system to iCloud. It's a great start...but does it go far enough?


Android Malware Use SSL for Evasion
TrendLabs | Malware Blog - by Trend Micro

Secure Sockets Layer (SSL) and its successor, Transport Layer Security (TLS), are designed to provide a secure, encrypted connection between a client and a server online. For further authentication and encryption, the server is required to provide certifi


Google Apps scripts can be easily misused by scammers
infosec « WordPress.com Tag Feed

Andrew Cantino, VP of Engineering at Mavenlink but also a bug hunter in his free time, has discovere

September 16, 2014


Shocking Android browser bug could be a privacy disaster: heres how to fix it
SophosLabs blog

The Metasploit crew is calling this Android Browser bug a "privacy disaster. Here's what you can do to avoid trouble...Apple relents, lets you depurchase that U2 album you never bought in the first place
SophosLabs blog

Apple has listened! The company has come up with a free Album Removal Tool that allows you to "unbuy" the U2 album that recently showed up in your iTunes account...Breach at Goodwill Vendor Lasted 18 Months
Krebs on Security

C&K Systems Inc., a third-party payment vendor blamed for a credit and debit card breach at more than 330 Goodwill locations nationwide, disclosed this week that the intrusion lasted more than 18 months and has impacted at least two other organizatio


Policeman cleared of data protection breaches - Aberdeen Evening Express
infosec « WordPress.com Tag Feed

Aberdeen Evening Express Policeman cleared of data protection breachesAberdeen Evening ExpressA POLI


Adobe Reader Critical Security Update
Security Garden


Apple relents, lets you "depurchase" that U2 album you never bought in the first place
SophosLabs blog

Apple has listened! The company has come up with a free Album Removal Tool that allows you to "unbuy" the U2 album that recently showed up in your iTunes account...Did IBM use "Face Capture" to Surveil Boston Calling? What is "Face Capture"?
infosec « WordPress.com Tag Feed

A large element of what was troubling to readers with whom I spoke about our disclosures at DigBosto


Man buys old servers, accuses Ernst & Young of data breach
SophosLabs blog

Mark Morris claims he picked up some old servers for $300 and recently found out they're full of customer data. Ernst & Young wants the data deleted or just to get the servers back, but Morris says whoa, not so fast - time is money!


Just how much information can be squeezed from one week of your metadata?
SophosLabs blog

Thanks to a Dutch man who volunteered to let researchers snoop on his mobile phone, we now have a glimpse of the type of information that can be squeezed from what officials would have us believe is "just" metadata. Toss in a list of exposed passwords hin


"Shocking" Android browser bug could be a "privacy disaster": here's how to fix it
SophosLabs blog

The Metasploit crew is calling this Android Browser bug a "privacy disaster. Here's what you can do to avoid trouble...Windows 9 Preview Announcement set for September 30th
Harry Waldron - Microsoft MVP Blog

[…]


Why do Apple's security questions still suck?
F-Secure Antivirus Research Weblog

It's been two weeks, so why do Apple's security questions still suck?

Here's an example of questions you'll be asked when you Event: International Conference on Information Systems Security and Privacy
infosec « WordPress.com Tag Feed

The International Conference on Information Systems Security and Privacy aims at creating a meeting


Man buys old servers, accuses Ernst & Young of data breach
SophosLabs blog

Mark Morris claims he picked up some old servers for $300 and recently found out they're full of customer data. Ernst & Young wants the data deleted or just to get the servers back, but Morris says whoa, not so fast - time is money!


Just how much information can be squeezed from one week of your metadata?
SophosLabs blog

Thanks to a Dutch man who volunteered to let researchers snoop on his mobile phone, we now have a glimpse of the type of information that can be squeezed from what officials would have us believe is "just" metadata. Toss in a list of exposed passwords hin


AppLock Vulnerability Leaves Configuration Files Open for Exploit
TrendLabs | Malware Blog - by Trend Micro

We have previously discussed about certain file locker apps that fail to do hide files properly. We recently came across yet another file locker app, AppLock, which has the same issue. However, the vulnerability concerning this app goes beyond improperly


Why Email Is Worth Saving
infosec « WordPress.com Tag Feed

What if an Internet-scale, federated policy, authentication, and enforcement framework for trusted e


Four Vulnerabilities Patched in IntegraXor SCADA Server
infosec « WordPress.com Tag Feed

Four different remotely exploitable vulnerabilities were recently discovered and patched in a popula


Google DID NOT Leak 5 Million E-mail Account Passwords
infosec « WordPress.com Tag Feed

from Darknet – The Darkside http://bit.ly/WU80on via IFTTT


all content is copyright its respective owner or owners.

the technology behind infosec daily is partially copyright © 2003-2008 jose nazario.