Last updated:
Wed Apr 23 22:24:29 2014 GMT
  2014 FIRST Annual Conference in Boston - Register now


Blogroll
Liudvikas Bukys
Sorry! We couldn't find your document
Educated Guesswork
The Security Skeptic
ModSecurity Blog
The Microsoft Security Response Center Blog
weblog.cemper.com - Technology, Software Development, Project Management, Marketing News
Kimberly L. Tripp: Improving *my* SQL skills through your questions! - Security
Casper Dik's Weblog
Michael Howard's Web Log : Security
BufferOverrun : Security
chandanlog(3C)
Infosec Writers Latest Security Papers
nzight
GPL
Anton Chuvakin, O'Reilly Network
Larry Seltzer's Security Weblog
mcwresearch.com
NetSec
Infosec Events
blackhat for life
REblog
Solution Accelerators - Security & Compliance
Computing Research Policy Blog
Verizonbusiness.com
Anti-Malware Engineering Team
Service Provider Journal
Daemon on Security
Page Not Found - ASP.NET Weblogs
torsten's .NET blog - Security
Panda Research Blog
Draft Security Blog
New Directions in Security (Comments)
eEye Digital Security - Research Blog
Page Not Found - ASP.NET Weblogs
TaoSecurity
DISOG
Will Cox: Security
disLEXia 3000 blog
Latest Blog Entires From WebSense Security Labs
George Ou
.NET Security Blog
Small Business Server
Attack Research
turnipsecurity
Security Fix
-- Sleeve notes of a sysadmin --
Information Manager Journal
StillSecure, After All These Years
Mal-Aware.org
TrendLabs | Malware Blog - by Trend Micro
Security Sauce
The ICSI Networking Group Blog
Infosec Potpourri
Security Blog
The Importance of...
Anil John - Security
Vulnerability Analysis Blog
Network Security
Roger Thompson
cybercrime/-security sightings
Glenn Brunette's Security Weblog
Tim Rains' WebLog
Information Security News Desk
About Internet / Network Security
Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
Windows Shell/User (MSN & OneCare Too)
Security Garden
fes' WebLog
The Security Skeptic
SecuriTeam Blogs
www.rootkit.com
The Security Mentor
Norwegian Honeynet Project
Napsterization
Security and Technology for SMB's and SOHO's
NI3
Dan Anderson's Weblog
Aaron Margosis' "Non-Admin" WebLog
Errata Security
antlab
Lauren Weinstein's Blog
Cybercrime
Sorry! We couldn't find your document
Casper Dik's Weblog
Larry's Insecurity Blog
securosis.com
An Information Security Place
Cheap Hack
Windows Incident Response
websecurityblog
Security Manifest
The Day Before Zero
Xavier's Security Post
Glenn Brunette's Security Weblog
Federated Infrastructure : Security
HD DVD / Randomness... : Security
Digital ID World Editors Corner
Vastly Important Notes
CyberSpeak's Podcast
Sergey Simakov blog
1 Raindrop
DoxPara Research
SophosLabs blog
e-Government@large
infosec « WordPress.com Tag Feed
Freedom to Tinker
Larry Osterman's WebLog : Security
Technology Review Feed - TR Editors' Blog
Eugene Bobukh's WebLog
trimMail's Email Battles
C.I.S.R.T.
Cynical Security
McAfee Avert Labs
Page Not Found - ASP.NET Weblogs
invulnerableit.com Blog
Error!
Mark's Blog
Windows Security Logging and Other Esoterica
Arun Perinkolam's Weblog
A Bro Blog
National Cyber Security - Blogs
Page Not Found - ASP.NET Weblogs
Alert Logic
ADD / XOR / ROL
-- Sleeve notes of a sysadmin --
Stupid Security
Bowulf Infosec & Network Admin Blog
Security Soapbox
ADD / XOR / ROL
GnuPG.org
APB Infosec blog
Krebs on Security
Open-Node.net Security Weblog
Kaspersky Lab Weblog
Network Security Blog
Wired: Threat Level
Lasipalatsi
Realtime Community | IT Compliance
bIPlog
Ivan
darren_moffat@blog$ cat /dev/mem | grep /dev/urandom
Thomas Shinder Blog
The X Dot Com Inc. - 404 Wrong Page
CERIAS Weblogs
Schneier on Security
Static in the Ether
Financial Cryptography
Fabulous Adventures In Coding : Security
Kasun's Weblog
darren_moffat@blog$ cat /dev/mem | grep /dev/urandom
Greyhat of the World Unite...
Fred Avolio's Musings
::PepperTech:: Security Management News Blog
MSDN: Security
Security Notes
Security Watch
Phil Windley's Technometria
: 404 Not Found
BlogInfoSec.com
Jim's Bloggyness
Security Fix
Tenable Network Security
The Security Mentor
404 - Not Found
Volatile Systems
Fermats Security Alerts
honeyblog
Security Blanket
Compendium
Spam Filtering Techniques
Burton Group Page Not Found
netstat -a
MZL & Novatech Traffic & Bandwidth Statistics News
Security
Bkis Blog
Errata Security
When {Puffy} Meets ^RedDevil^
The Antivirus Guy Blog
Roger's Information Security Blog
Adobe Product Security Incident Response Team (PSIRT)
Solution Accelerators - Security & Compliance
CERIAS Blog
Fixing Email Weblog
Sorry! We couldn't find your document
CyberCrime & Doing Time
The Security Development Lifecycle
taint.org: Justin Mason's Weblog
Matasano Chargen
InfoWorld Gripe Line | Ed Foster
Usable Security
Internet Security News and Analysis
Latests Alerts From Websense Security Labs
Michael Howard's Web Log
OpenPacket Blog
Paul's Down-Home Page: Exchange, messaging, collaboration, security, and more
Sam Gentile
Emergent Chaos
Spire Security Viewpoint
CGISecurity.com: Your Web Site and Application Security Resource
Rick Kingslan - Will Hack 4 Food
MoMusings@Arachnid.homeip.net
whattheflex
Security Curve Weblog
Kim Cameron's Identity Weblog
IBM Internet Security Systems Frequency X Blog
Carnal0wnage Blog
Inliniac
Harry Waldron - Microsoft MVP Blog
Andreas Sterbenz's Blog
Sunbelt Blog
The Dark Visitor
Security to the Core | Arbor Networks Security Blog
Crypto-World - news
Esphion
ThreatFire Research Blog
John Palfrey
F-Secure Antivirus Research Weblog
Information Security News Desk
Wifi Security Project
Hex blog
Latest Analysis for All Threats
Mark O'Neill's Radio Weblog
Robert Hensing's Blog
Steve Lamb's Blog : How to Articles
Page Not Found - ASP.NET Weblogs
A Day in the Life of an Information Security Investigator
Latest Blog Entires From WebSense Security Labs
Network Security Blog
Wendy's Blog: Legal Tags
@CyberForge
Security Response Weblog
Information Research
Logblog
Nth world commentaries
OSSEC Blog
Internet Insecurity
The Evil Empire
Volatility
You Know What's Stupid? Everything I Don't Understand
Vitalsecurity.org - A Revolution is the Solution
Vodun.org
Caffeinated Security
MVP Jubo Security Blog
The WiFi Zone
Abner Stories
Anti Rootkit Blog
LuFG Summerschool Applied IT Security
-- Sleeve notes of a sysadmin --
RedTeam
Dana Epp's ramblings at the Sanctuary
Deb Shinder's MVP Blog
SYN|ACK
Speaking of Security, the RSA Blog and Podcast
In-Security : Exploring Internet, Information and Infrastructure Security
Bill Sommerfeld's Weblog
Page Not Found - ASP.NET Weblogs
Politically Motivated Computer Crime and Hacktivism
PandaLabs
worm blog
Martin Englund's Weblog
OSVDB Blog
1 Raindrop
The Security Blanket
malwarecrawler.com
Essential Computer Security
Pinpoint Labs Blog
b l o g _ m a x i m u m
Page Not Found - ASP.NET Weblogs
Internet Security with Kirk
BenEdelman.org
Infothought
TheSecure.Net
Andrew Carpenter
KyleM.xwell
April 23, 2014


Feds Beg Supreme Court to Let Them Search Phones Without a Warrant
Wired: Threat Level

American law enforcement has long advocated for universal "kill switches" in cellphones to cut down on mobile device thefts. Now the Department of Justice argues that the same remote locking and data-wiping technology represents a threat to police investi


The SoHo router backdoor that was "fixed" by hiding it behind another backdoor
SophosLabs blog

How do you fix an "unauthenticated access" backdoor in your router firmware? Why, you hide it behind another "unauthenticated access" backdoor, of course. Two backdoors are obviously better than one!


LibreSSL aims to prevent the next Heartbleed
SophosLabs blog

Heartbleed may have been patched but the security gurus at OpenBSD aren't satisfied. They've lost confidence in the OpenSSL team and decided there's only one course of action...


Tokyo airport employee loses handwritten passcodes ahead of Obama visit
SophosLabs blog

An employee of Skymark Airlines at Tokyo's Haneda International Airport mislaid a printout containing key passcodes on Sunday, just days before President Obama's scheduled visit.


Conversnitch
Schneier on Security

Surveillance is getting cheaper and easier: Two artists have revealed Conversnitch, a device they built for less than $100 that resembles a lightbulb or lam


PCI DSS - Why it works
SophosLabs blog

John Shier takes a look at five ways he thinks the Payment Card Industry Data Security Standard (PCI DSS) works.


PCI DSS - Why it fails
SophosLabs blog

John Shier takes a look at five ways he thinks the Payment Card Industry Data Security Standard (PCI DSS) fails to meet its goals.


Search Me: Managing Unwanted Search Results On Your Name
You Know What's Stupid? Everything I Don't Understand


Cybercriminals Take Advantage Of Heartbleed With Spam
TrendLabs | Malware Blog - by Trend Micro

Since news about Heartbleedbroke out earlier this month, the Internet has been full of updates, opinions and details about the vulnerability, with personalities ranging from security experts to celebrities talking about it. Being as opportunistic as they


Phishers Divert Home Loan Earnest Money
Krebs on Security

It looks like it's time to update my Value of a Hacked Email Account graphic: Real estate and title agencies are being warned about a new fraud scheme in which email bandits target consumers who are in the process of purchasing a home.


http://www.symantec.com/connect/blogs/phishers-pump-out-heartbleed-attacks
None


Facebooks Sheryl Sandberg: targeted ads dont trample on privacy
SophosLabs blog

Facebook Bigwig Sheryl Sandberg wants us all to know that, targeted advertising or no, the Zuckerbergians are hovering over our private data like an anxious mother bird protecting her fluffy nestlings from voracious advertising raptors.


Apple pushes out critical security fixes for OS X, iOS and Apple TV
SophosLabs blog

You still can't tell when you're going to get your next update from Apple, but serious security fixes do seem to be coming more frequently these days. Like the latest round of patches, closing a raft of hackable holes in OS X, iOS and Apple TV...


Master Class with Chris Hughes, Phillips Academy 02 on Hannah Arendts Responsibility and Judgment
John Palfrey

We have the great privilege today of Chris Hughes visit to Andover. Chris graduated from Phillips Academy in 2002. He returns today to teach a master-class with me, to give the All School Meeting address, and to meet with various


Easter bunnies for all occasions
Kaspersky Lab Weblog


An Eavesdropping Lamp That Livetweets Private Conversations
Wired: Threat Level

Conversnitch, a device they built for less than $100 that resembles a lightbulb or lamp and surreptitiously listens in on nearby conversations and posts snippets of transcribed audio to Twitter.


An SMS Trojan with global ambitions
Kaspersky Lab Weblog


The Security of Various Programming Languages
Schneier on Security

Interesting research on the security of code written in different programming languages. We don't know whether the security is a result of inherent properties of the language, or the rela


http://www.symantec.com/connect/blogs/operation-francophoned-persistence-and-evolution-dual-pronged-social-engineering-attack
None


Facebook's Sheryl Sandberg: targeted ads don't trample on privacy
SophosLabs blog

Facebook Bigwig Sheryl Sandberg wants us all to know that, targeted advertising or no, the Zuckerbergians are hovering over our private data like an anxious mother bird protecting her fluffy nestlings from voracious advertising raptors.


Apple pushes out critical security fixes for OS X, iOS and Apple TV
SophosLabs blog

You still can't tell when you're going to get your next update from Apple, but serious security fixes do seem to be coming more frequently these days. Like the latest round of patches, closing a raft of hackable holes in OS X, iOS and Apple TV...


RAWR: Rapid Assessment of Web Resources
A Day in the Life of an Information Security Investigator

Here's another one for the toolkit folks! Anything that can make our lives easier when doing web assessments is a good thing. The more information one can extract in the early phases of an assessment, the better. And no


InBloom Wilts Amid Privacy Backlash
You Know What's Stupid? Everything I Don't Understand

April 22, 2014


Argus 3: Debug & Testing
When {Puffy} Meets ^RedDevil^


Teachers cyberbullied by students and their parents
SophosLabs blog

One in five UK teachers have been cyberbullied by students and/or their parents, according to a survey published by the teachers' union NASUWT. Heartbleed: Pointer-arithmetic considered harmful
Errata Security

Heartbleed has encouraged people to look at the OpenSSL source code. Many have called it "spaghetti code" -- tangled, fragile, and hard to maintain. While this characterization is accurate, it's unfair. OpenSSL is written according to standard programming


The Timely Tale of Tax-related Threat Troubles
TrendLabs | Malware Blog - by Trend Micro

Tax season in the US and Canada has always been popular among cybercriminals. After all, it’s one of the few reliable times in a year that a lot of money gets thrown around online, due to the convenience of filing (and) paying taxes over the Interne


Google refunds Android users who bought fake Virus Shield app
SophosLabs blog

Earlier this month a fake Android anti-virus app, named Virus Shield, managed to fool thousands of customers into buying it. Now Google is offering full refunds to anyone who bought Virus Shield long after the usual 15-minute refund window, and is also is


HeartBleed Open SSL vulnerability How to test using NMAP
Harry Waldron - Microsoft MVP Blog

The ISC shares techniques for testing vulnerable Open SSL sites using NMAP, which is an excellent free PENTEST tool used in network vulnerability testing

EMAIL 419 SCAM - Free World Cup 2014 tickets
Harry Waldron - Microsoft MVP Blog

A new variant of the 419 scam uses both monetary amounts and Free World Cup 2014 finals tickets to lure individuals in revealing bank account and other sensitive information.  These spammed emails should be deleted. 


States: Spike in Tax Fraud Against Doctors
Krebs on Security

An unusual number of physicians in several U.S. states are just finding out that they've been victimized by tax return fraud this year, KrebsOnSecurity has learned. An apparent spike in tax fraud cases against medical professionals is fueling speculation


Google refunds Android users who bought fake Virus Shield app
SophosLabs blog

Earlier this month a fake Android anti-virus app, named Virus Shield, managed to fool thousands of customers into buying it. Now Google is offering full refunds to anyone who bought Virus Shield long after the usual 15-minute refund window, and is also is


podcasts on pre-Bitcoin from Bitcoin UK
Financial Cryptography

Bitcoin UK has done two podcasts on the cryptocurrency history before Bitcoin: E-gold, E-cash & the Banking Crash, and Bitcoin & a Little Bit of History Repeating? These podcasts were done at the same time as my rant as posted on the blog a little while a


(C) The ABC of Making the Bitcoin Investment Decision - part C first - Currency, buy the Coin!
Financial Cryptography

Preamble. In the last recent months I've seen a lot of interest in the question of what makes a good Bitcoin investment. I may not be the best person to make this call, but as I'm a reluctant skeptic, I may not be the worst person either. Most of the peop


Dan Geer on Heartbleed and Software Monocultures
Schneier on Security

Good essay:

To repeat, Heartbleed is a common mode failure. We would not know about it were it not open source (Good). That it is open source has been shown to b


Cybercrime Made More Affordable The Implications
TrendLabs | Malware Blog - by Trend Micro

Before the end of the month, we will release a new paper in our Cybercriminal Underground Economy Series titledRussian Underground Revisited. This is a followup to our earlier paperRussian Underground 101;both papers examined the Russian Underground and l


F-Secure and David Hasselhoff
F-Secure Antivirus Research Weblog

We first blogged about David Hasselhoff in 2011 (see: Don't hassle the Hoff on F-Secure's watch).

The case from 2011 involved a remote access trojan which had a feature called


Dutch student sells online soul at auction for 350
SophosLabs blog

Shawn Buckles has sold bucket-loads of his online data in a Faustian bargain with the highest bidder, intended to prove a point about loss of privacy in the age of big data. But what about the privacy rights of everyone he's emailed in the past?
</span></p>
</p>

<p>
<br>
<span class=Dutch student sells online soul at auction for 350
SophosLabs blog

Shawn Buckles has sold bucket-loads of his online data in a Faustian bargain with the highest bidder, intended to prove a point about loss of privacy in the age of big data. But what about the privacy rights of everyone he's emailed in the past?
</span></p>
</p>


 </td>
 </tr>
 </table>

<hr size=

all content is copyright its respective owner or owners.

the technology behind infosec daily is partially copyright © 2003-2008 jose nazario.