security

Friday Squid Blogging: Build a Squid

Schneier on Security - Fri, 2014-07-25 16:04
An interactive animation from the Museum of New Zealand Te Papa Tongarewa. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered....
Categories: security

European Central Bank Breach (July 24, 2014)

SANS NewsBites - Fri, 2014-07-25 15:00

An attacker broke into the network of the European Central Bank (ECB) and took personal information belonging to people who had registered for conferences and visits, which was held for ransom.......

Categories: security

Six Charged in Connection with StubHub Fraud (July 23 & 24, 2014)

SANS NewsBites - Fri, 2014-07-25 15:00

US authorities have charged six people in connection with a fraud scheme that targeted eBay's StubHub ticket reselling service.......

Categories: security

Is the Internet of Things Getting Too Big? (July 24, 2014)

SANS NewsBites - Fri, 2014-07-25 15:00

US presidential policy advisers are concerned that the Internet of Things is simply too large.......

Categories: security

Wisconsin Supreme Court Allows Stingray Use in Murder Case (July 24, 2014)

SANS NewsBites - Fri, 2014-07-25 15:00

In a narrow decision, the Supreme Court of Wisconsin upheld a lower court decision permitting the warrantless use of devices known as stingrays, which can track cell phone locations.......

Categories: security

UK Travel Agency Fined for Violating Data Protection Act (July 24, 2014)

SANS NewsBites - Fri, 2014-07-25 15:00

The UK Information Commissioner's Office (ICO) has fined a travel company GBP 150,000 (US $255,000) for failing to adequately protect customer data.......

Categories: security

WordPress MailPoet Plug-in Flaw is Being Actively Exploited (July 23 & 24, 2014)

SANS NewsBites - Fri, 2014-07-25 15:00

Attackers have been exploiting a known vulnerability in a WordPress plug-in to compromise websites.......

Categories: security

Mozilla Releases Firefox 31 (July 24, 2014)

SANS NewsBites - Fri, 2014-07-25 15:00

Mozilla has released an update for Firefox to version 31.......

Categories: security

Microsoft to "Unify" Windows Development (July 23, 2014)

SANS NewsBites - Fri, 2014-07-25 15:00

Microsoft CEO Satya Nadella says the company is working on unifying portions of different Windows operating systems.......

Categories: security

Wall Street Journal Acknowledges Breach (July 23, 2014)

SANS NewsBites - Fri, 2014-07-25 15:00

The Wall Street Journal has acknowledged that someone was able to access at least one of the newspaper's databases by exploiting a vulnerability in a web-based graphics system using an SDQL injection attack.......

Categories: security

Swiss Bank Accounts Targeted in DNS and Malware Attacks (July 22 & 23, 2014)

SANS NewsBites - Fri, 2014-07-25 15:00

Attackers have been targeting Swiss bank accounts by intercepting SMS tokens and changing domain name system (DNS) settings.......

Categories: security

US-CERT Warns of Flaw in Huawei Routers (July 22, 2014)

SANS NewsBites - Fri, 2014-07-25 15:00

According to a warning from the US Computer Emergency Response Team (US-CERT), a vulnerability in the Huawei E355 wireless broadband modem could be exploited to launch cross-site scripting attacks.......

Categories: security

Possible Breach of Goodwill Systems (July 21 & 23, 2014)

SANS NewsBites - Fri, 2014-07-25 15:00

Financial institutions in the US have noticed activity suggesting that Goodwill Industries network was breached and customers' payment cards compromised.......

Categories: security

Building a Legal Botnet in the Cloud

Schneier on Security - Fri, 2014-07-25 10:33
Two researchers have built a botnet using free anonymous accounts. They only collected 1,000 accounts, but there's no reason this can't scale to much larger numbers....
Categories: security

What I Learned from Edward Snowden at the Hacker Conference

LinuxSecurity.com - Fri, 2014-07-25 03:26
LinuxSecurity.com: It was 1 PM last Saturday and Edward Snowden was about to be televised. His audience was the crowd at the Hackers On Planet Earth conference, a group of people no one would ever mistake for attendees at a political convention. Amid the sea of black clothing were many unconventional fashion statements: purple bandanas and balloon pants, and tartan kilts, and white robes, and green hair.
Categories: linux, news, security

The Barnaby Jack Few Knew: Celebrated Hacker Saw Spotlight as 'Necessary Evil'

LinuxSecurity.com - Fri, 2014-07-25 03:25
LinuxSecurity.com: When celebrated computer hacker Barnaby Jack died suddenly a year ago at the age of 35, headlines around the world touted the Steve Jobs-style pizazz he brought to cyber-security conferences and his show-stopping stunts such as breaking into ATMs and pacemakers. In hacker circles, he was known as the life of the party.
Categories: linux, news, security

Mozilla fixes CRITICAL security holes in Firefox, urges v31 upgrade

LinuxSecurity.com - Fri, 2014-07-25 03:23
LinuxSecurity.com: Mozilla has released a bug-and-security update for Firefox, with 11 security fixes, three of them critical. Chief among the security patches is a use-after-free bug the organisation says was discovered by one James Kitchener.
Categories: linux, news, security

Four fake Google haxbots hit YOUR WEBSITE every day

LinuxSecurity.com - Fri, 2014-07-25 03:23
LinuxSecurity.com: One in every 24 Googlebots is a imitation spam-flinging denial of service villain that masquerades as Mountain View to sneak past web perimeter defences, according to security chaps at Incapsula. Villains spawn the "evil twins" to hack and crack legitimate websites and form what amounted to the third most-popular type of DDoS attack to scourge the internet.
Categories: linux, news, security

Debian: 2989-1: apache2: Summary

LinuxSecurity.com - Thu, 2014-07-24 13:20
LinuxSecurity.com: Security Report Summary
Categories: linux, news, security

Red Hat: 2014:0888-01: qemu-kvm-rhev: Moderate Advisory

LinuxSecurity.com - Thu, 2014-07-24 11:57
LinuxSecurity.com: Updated qemu-kvm-rhev packages that fix several security issues are now available for Red Hat Enterprise Linux OpenStack Platform 3.0 and 4.0. The Red Hat Security Response Team has rated this update as having Moderate [More...]
Categories: linux, news, security