Last updated:
Tue Mar 31 19:23:32 2015 GMT
  2014 FIRST Annual Conference in Boston - Register now

Martin Englund's Weblog
disLEXia 3000 blog
The Evil Empire
Usable Security
The Dark Visitor
A Day in the Life of an Information Security Investigator
MZL & Novatech Traffic & Bandwidth Statistics News
Page Not Found - ASP.NET Weblogs
Norwegian Honeynet Project
McAfee Avert Labs
Security Response Weblog
Kaspersky Lab Weblog
Computing Research Policy Blog
b l o g _ m a x i m u m
Eugene Bobukh's WebLog
Sorry! We couldn't find your document
Sam Gentile
Infosec Events
Carnal0wnage Blog
Glenn Brunette's Security Weblog
Xavier's Security Post
Rick Kingslan - Will Hack 4 Food
DoxPara Research
::PepperTech:: Security Management News Blog
Static in the Ether
Dan Anderson's Weblog
Glenn Brunette's Security Weblog
The Security Skeptic
Security Garden
Financial Cryptography
Service Provider Journal
fes' WebLog
John Palfrey
torsten's .NET blog - Security
BufferOverrun : Security Your Web Site and Application Security Resource
When {Puffy} Meets ^RedDevil^
Mark's Blog
Lauren Weinstein's Blog
Sunbelt Blog
Errata Security
Robert Hensing's Blog
Roger Thompson
You Know What's Stupid? Everything I Don't Understand
Anton Chuvakin, O'Reilly Network
Digital ID World Editors Corner
CyberCrime & Doing Time
The Microsoft Security Response Center Blog
MSDN: Security
ModSecurity Blog
Spam Filtering Techniques
.NET Security Blog
Alert Logic
Security Notes
Emergent Chaos
Draft Security Blog
An Information Security Place
StillSecure, After All These Years
Schneier on Security
Information Security News Desk
LuFG Summerschool Applied IT Security
Sergey Simakov blog
Wendy's Blog: Legal Tags
Solution Accelerators - Security & Compliance
SecuriTeam Blogs
worm blog
Larry's Insecurity Blog
cybercrime/-security sightings
Vulnerability Analysis Blog
Information Research
Burton Group Page Not Found
Technology Review Feed - TR Editors' Blog
The Day Before Zero
infosec « Tag Feed
Deb Shinder's MVP Blog
Network Security Blog
Errata Security
The Security Mentor
Will Cox: Security
Larry Seltzer's Security Weblog
Attack Research
trimMail's Email Battles
Page Not Found - ASP.NET Weblogs
The Importance of...
Security to the Core | Arbor Networks Security Blog
Latests Alerts From Websense Security Labs
Latest Blog Entires From WebSense Security Labs
Sorry! We couldn't find your document
Wifi Security Project Justin Mason's Weblog
Windows Incident Response
Latest Analysis for All Threats
Harry Waldron - Microsoft MVP Blog
George Ou
Tim Rains' WebLog
Infosec Writers Latest Security Papers
Abner Stories
Anti Rootkit Blog
The WiFi Zone
Steve Lamb's Blog : How to Articles
Windows Shell/User (MSN & OneCare Too)
Matasano Chargen
Infosec Potpourri
Security Sauce
Andreas Sterbenz's Blog
HD DVD / Randomness... : Security
CyberSpeak's Podcast
Cheap Hack
Internet Security with Kirk
Page Not Found - ASP.NET Weblogs
The X Dot Com Inc. - 404 Wrong Page
Fabulous Adventures In Coding : Security
TrendLabs | Malware Blog - by Trend Micro
Security Curve Weblog
Liudvikas Bukys
Speaking of Security, the RSA Blog and Podcast
1 Raindrop
The Security Blanket
Small Business Server
Network Security Blog
F-Secure Antivirus Research Weblog
Federated Infrastructure : Security
Security Manifest
Realtime Community | IT Compliance
Page Not Found - ASP.NET Weblogs
Larry Osterman's WebLog : Security
Casper Dik's Weblog
1 Raindrop
Dana Epp's ramblings at the Sanctuary
Pinpoint Labs Blog
Volatile Systems
Page Not Found - ASP.NET Weblogs
Security Fix
Freedom to Tinker
The ICSI Networking Group Blog
Cynical Security
Page Not Found - ASP.NET Weblogs
Essential Computer Security
Kasun's Weblog
eEye Digital Security - Research Blog
Anti-Malware Engineering Team
darren_moffat@blog$ cat /dev/mem | grep /dev/urandom
APB Infosec blog
Mark O'Neill's Radio Weblog
Network Security
Paul's Down-Home Page: Exchange, messaging, collaboration, security, and more
-- Sleeve notes of a sysadmin --
Latest Blog Entires From WebSense Security Labs
Fred Avolio's Musings
Bowulf Infosec & Network Admin Blog Blog
404 - Not Found
Daemon on Security
blackhat for life
Politically Motivated Computer Crime and Hacktivism
Windows Security Logging and Other Esoterica
Andrew Carpenter
Caffeinated Security
-- Sleeve notes of a sysadmin --
Crypto-World - news
Information Manager Journal
Casper Dik's Weblog
Kimberly L. Tripp: Improving *my* SQL skills through your questions! - Security
Kim Cameron's Identity Weblog
Phil Windley's Technometria
Thomas Shinder Blog
Stupid Security
Page Not Found - ASP.NET Weblogs
Fixing Email Weblog
Adobe Product Security Incident Response Team (PSIRT)
The Security Skeptic
Security and Technology for SMB's and SOHO's
netstat -a
Sorry! We couldn't find your document
Nth world commentaries
Fermats Security Alerts
darren_moffat@blog$ cat /dev/mem | grep /dev/urandom
Michael Howard's Web Log : Security
A Bro Blog
Bill Sommerfeld's Weblog
In-Security : Exploring Internet, Information and Infrastructure Security
Internet Security News and Analysis
Jim's Bloggyness
Vastly Important Notes
InfoWorld Gripe Line | Ed Foster
The Security Mentor
Bkis Blog
Spire Security Viewpoint Security Weblog
Wired: Threat Level
CERIAS Weblogs
Aaron Margosis' "Non-Admin" WebLog
The Security Development Lifecycle
Solution Accelerators - Security & Compliance
Internet Insecurity
Security Watch
Security Soapbox
Roger's Information Security Blog
Hex blog - A Revolution is the Solution
Information Security News Desk
The Antivirus Guy Blog
IBM Internet Security Systems Frequency X Blog
MVP Jubo Security Blog
Security Fix
Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
: 404 Not Found
SophosLabs blog
Panda Research Blog
OpenPacket Blog
Educated Guesswork - Technology, Software Development, Project Management, Marketing News
Security Blanket
Arun Perinkolam's Weblog
About Internet / Network Security
Security Blog
New Directions in Security (Comments)
Tenable Network Security
Michael Howard's Web Log
-- Sleeve notes of a sysadmin --
Anil John - Security
ThreatFire Research Blog
Greyhat of the World Unite...
National Cyber Security - Blogs
Krebs on Security
March 31, 2015

Onapsis Bizploit v1.50 SAP Penetration Testing Framework
infosec « Tag Feed

from Darknet The Darkside via IFTTT

Mozilla Firefox Versin 37.0 Released
Security Garden

Chinese CA Issuing Fraudulent Certificates
Schneier on Security

GitHub Hit With DDoS Attack
infosec « Tag Feed

A large-scale DDoS attack, apparently emanating from China, has been hammering the servers at GitHub

Federal agents charged over alleged Silk Road Bitcoin theft
SophosLabs blog

Two federal agents have been charged with stealing digital currency during the FBI's take-down of the Silk Road marketplace.

An Evening with Valarie Kaur
You Know What's Stupid? Everything I Don't Understand

Lunch Timer with Peter Asaro and Sarah Tang Non-Military Drones: What Laws and Ethics Do We Need?
You Know What's Stupid? Everything I Don't Understand

For more information visit:

(C) More Entertainment for Broadcasters: The European Court of Justice on Linking to Live Streams of Sport Events
You Know What's Stupid? Everything I Don't Understand

Windows 10 Key improvements from Windows 8
Harry Waldron - Microsoft MVP Blog


FBI International Corruption squads established
Harry Waldron - Microsoft MVP Blog


Schneider Electric Patches Easily Exploitable Bugs in HMI Products
infosec « Tag Feed

There are a series ofvulnerabilities related to credentials and authentication in two of Schneider

Man escapes from jail after sending fake bail email
SophosLabs blog

An imprisoned fraudster cooked up a bogus set of bail instructions and emailed it to prison officials who then let him walk out. He granted himself a 3-day furlough, then turned himself back in.

G20 delegates' personal data breached in autofill email glitch
SophosLabs blog

The Australian immigration department sent an email to the wrong person, and so passport and visa details for the world's head honchos got disclosed - a mistake the department decided didn't warrant disclosure.

Australia Outlaws Warrant Canaries
Schneier on Security

Securing The IT Supply Chain
TrendLabs | Malware Blog - by Trend Micro

The security of an enterprise is not only dependent on the organization itself, but also on the security of their IT supply chain and contractors. These represent potential weak points into the security of any organization. Third-party contractors and sup

"Free $20 Steam codes" offer leads to online surveys
infosec « Tag Feed

Users of Steam, Valve Corporations popular gaming platform, are the targets of a new survey s

The Bankers and the Lawmen Should be Cyber Friends

When I read Matthew Goldsteins February 24, 2015 article Wall St. and Law Firms Plan Cooperative Body to Bolster Online Security, in the DealB%k section of The New York Times, I was reminded of the song from Rogers and Hammersteins Oklahoma about how farm

The multiple benefits of IT auditing
infosec « Tag Feed

Regulatory compliance requirements provide instructions for organizations on how to protect the data

World Backup Day - is your data safe enough?
SophosLabs blog

Ransomware has made us all aware of the value of backups - but there are many other reasons to have a copy of your vital data in reserve!

Win2003 EoL Danger - Daily Security Byte EP.53
infosec « Tag Feed

First Windows XP and now Server 2003. A number of articles this week reminded the IT community that

Fake Judicial Spam Leads to Backdoor with Fake Certificate Authority
TrendLabs | Malware Blog - by Trend Micro

Recently, weve come across an interesting spam campaign aimed at French users. The campaign itself uses a well-crafted lure that is likely to catch the attention of its would-be victims. In addition, the malware used the GootKit backdoor co

March 30, 2015

DARPA's plan to make software security "the domain of machines"
SophosLabs blog

Bugs like Heartbleed and Shellshock can sit unobserved in critically important software for years. The answer, according to DARPA, is intelligent software that fixes buggy programs while we sleep. Is it time to welcome our new robot guardians?

RadioShack to auction off customer data, violating own privacy policy
infosec « Tag Feed

Despite it’s privacy policy, bankrupt RadioShack is putting customer names, addresses, email a

Tech Support "pop-ups"
CyberCrime & Doing Time

There is a new trap on the Internet that seems to be growing in popularity in the form of a Tech Support pop-up Window.  The first of these I saw was last Tuesday, March 24, 2015.

Norton Scam

While reviewing some pharmaceutic

Slack gets hacked - rolls out two-factor authentication after user database breach
SophosLabs blog

Slack is the latest start-up to make a big media splash in one of the worst possible ways - by acknowledging a data breach that exposed its users to malicious hackers.NSA faces security scare, this time physical: 1 killed, 2 injured in HQ incident
SophosLabs blog

Security breaches at the US National Security Agency typically get a lot of publicity. This one is no exception, but it's not a network intrusion or a data leak...Cyber Hunting: 5 Tips To Bag Your Prey
infosec « Tag Feed

from Dark Reading: via IFTTT

Feds Demand Reddit Identify Users of a Dark-Web Drug Forum
Wired: Threat Level

Feds Demand Reddit Identify Users of a Dark-Web Drug Forum

Over the last year, Reddits dark net markets discussion forum

DEA Agent Charged With Acting as a Paid Mole for Silk Road
Wired: Threat Level

DEA Agent Charged With Acting as a Paid Mole for Silk Road

Nearly 18 months after the Silk Road online drug market was busted by la

The Provision of Means: Dual Use Goods & Corporate Liability
You Know What's Stupid? Everything I Don't Understand

GE Fixes Buffer Overflow Bug in DTM Library
infosec « Tag Feed

GE has released a fix for a vulnerability in a library thats used in severalof its products deploy

Stolen Uber login credentials for sale on the dark web
SophosLabs blog

At least two sellers on the dark net appear to be selling Uber customer logins for as little as $1, with one offering a discount for bulk purchases.Smart contracts are a centralising force - exactly the opposite effect to the one you hoped for?
Financial Cryptography

@gendal writes on smart contracts and as usual his words are prophetic and dangerous: Bitcoin as a currency might be to miss the point For me, it is a mistake to think about Bitcoin solely as a currency. Because the Bitcoin currency system is a masterclas

Banks and IT security: The elements of success
infosec « Tag Feed

In this interview, Nathan Horn-Mitchem, VP, Information Security Officer at Provident Bank, talks ab

US Used Zero-Day Exploits Before It Had Policies for Them
Wired: Threat Level

US Used Zero-Day Exploits Before It Had Policies for Them

A a new document sheds light on the backstory behind the development of

Hotel Wi-Fi router security hole: will this be the Ultimate Pwnie Award Winning Bug for 2015?
SophosLabs blog

If you were a cracker, and you could write your own specifications for a remote unauthenticated read/write hole... ...this is probably what you'd ask for.Belgian Court Says That ISPs Must Not Pay a Copyright Levy to Collective Societies
You Know What's Stupid? Everything I Don't Understand

Brute-Forcing iPhone PINs
Schneier on Security

Disregard Dangerous Documents - Daily Security Byte EP.52
infosec « Tag Feed

According to Trend Micro (and others), Office document macro malware is making a comeback. Watch tod

Monday review - the hot 26 stories of the week
SophosLabs blog

Get yourself up to date with everything we've written in the last seven days - it's weekly roundup time.Safari users win right to sue Google over secret cookies
SophosLabs blog

The landmark case could determine if Google can be held accountable in the UK. Safari users have formed a group to seek damages.Sign Up at Before Crooks Do It For You
Krebs on Security

If you’re an American and havent yet created an account at, you may want to take care of that before tax fraudsters create an accountin your name and steal your personal and tax data in the process. Recently, KrebsOnSecurity heard from Micha

India strikes down controversial "Section 66A" social media policing law
infosec « Tag Feed

India’s Supreme Court has repealed a controversial law that allowed police to arrest people ov

Nmap/Google Summer of Code, (Wed, Mar 25th)
infosec « Tag Feed

The Nmap security scanner project is participating again in its 11th Google Summer of Code. We of

all content is copyright its respective owner or owners.

the technology behind infosec daily is partially copyright © 2003-2008 jose nazario.