security

Lavabit Case Supports NSA's Assertion That They Did Not Have Heartbleed (April 16, 2014)

SANS NewsBites - Mon, 2014-04-21 11:00

Larry Seltzer observes that the Lavabit case supports the NSA's assertion that it did not know of or exploit the Heartbleed bug.......

Categories: security

German Space Research Center Finds Malware on Multiple Machines (April 16, 2014)

SANS NewsBites - Mon, 2014-04-21 11:00

According to a report in German news publication Der Spiegel, computers at a space research center in Cologne were breached in what is being called a state-sponsored attack.......

Categories: security

Microsoft Cuts Price of Windows XP Extended Support (April 16, 2014)

SANS NewsBites - Mon, 2014-04-21 11:00

Microsoft has reduced the price of custom extended support for Windows XP.......

Categories: security

Microsoft Extends Windows 8.1 Update Installation Deadline for Companies (April 16 & 17, 2014)

SANS NewsBites - Mon, 2014-04-21 11:00

Microsoft has extended the deadline for companies to install Windows 8.......

Categories: security

Oracle's Critical Patch Update Addresses 104 Flaws, 37 in Java (April 16, 2014)

SANS NewsBites - Mon, 2014-04-21 11:00

Oracle has released fixes for 104 vulnerabilities in a range of the company's products, as well as fixes for products vulnerable to Heartbleed.......

Categories: security

Canadian Man Arrested for Allegedly Stealing Taxpayer Data Through Heartbleed Bug (April 16 & 17, 2014)

SANS NewsBites - Mon, 2014-04-21 11:00

A 19-year-old Canadian man has been arrested in London, Ontario, and charged with unauthorized use of a computer and mischief in relation to data for allegedly exploiting the Heartbleed vulnerability to steal information from Canada's tax agency.......

Categories: security

Safety you can bank on: Chromebook, Linux, phone

LinuxSecurity.com - Mon, 2014-04-21 07:25
LinuxSecurity.com: Q: I'm nervous about keeping my online banking safe on my regular PC. Should I buy a Chromebook and use it just for that? A: Cheap laptops running Google's Chrome OS have a lot going for them as long as you don't need conventional, disk-based apps and rarely lack for bandwidth.
Categories: linux, news, security

Info on Russian Bulk Surveillance

Schneier on Security - Mon, 2014-04-21 05:55
Good information: Russian law gives Russia’s security service, the FSB, the authority to use SORM (“System for Operative Investigative Activities”) to collect, analyze and store all data that transmitted or received on Russian networks, including calls, email, website visits and credit card transactions. SORM has been in use since 1990 and collects both metadata and content. SORM-1 collects mobile and...
Categories: security

Debian: 2901-3: wordpress: Summary

LinuxSecurity.com - Sun, 2014-04-20 21:07
LinuxSecurity.com: Security Report Summary
Categories: linux, news, security

Debian: 2895-2: prosody: Summary

LinuxSecurity.com - Sun, 2014-04-20 14:43
LinuxSecurity.com: Security Report Summary
Categories: linux, news, security

Friday Squid Blogging: Squid Jigging

Schneier on Security - Fri, 2014-04-18 16:16
Good news from Malaysia: The Terengganu International Squid Jigging Festival (TISJF) will be continued and become an annual event as one of the state's main tourism products, said Menteri Besar Datuk Seri Ahmad Said. He said TISJF will become a signature event intended to enhance the branding of Terengganu as a leading tourism destination in the region. "Beside introducing squid...
Categories: security

Metaphors of Surveillance

Schneier on Security - Fri, 2014-04-18 14:21
There's a new study looking at the metaphors we use to describe surveillance. Over 62 days between December and February, we combed through 133 articles by 105 different authors and over 60 news outlets. We found that 91 percent of the articles contained metaphors about surveillance. There is rich thematic diversity in the types of metaphors that are used, but...
Categories: security

Open source trounces proprietary software for code defects, Coverity analysis finds

LinuxSecurity.com - Fri, 2014-04-18 08:17
LinuxSecurity.com: Forget bad headlines generated by the Heartbleed flaw, when it comes to code defects open source is still well ahead of proprietary software, generating fewer coding defects for every size of project, according to a new analysis by scanning service Coverity.
Categories: linux, news, security

Heartbleed: Security experts reality-check the 3 most hysterical fears

LinuxSecurity.com - Fri, 2014-04-18 08:16
LinuxSecurity.com: Heartbleed has dominated tech headlines for a week now. News outlets, citizen bloggers, and even late-night TV hosts have jumped on the story, each amping up the alarm a little more than the last one. But while it's true Heartbleed is a critical flaw with widespread implications, several security experts we've spoken with believe the sky-is-falling tone of the reporting is a bit melodramatic.
Categories: linux, news, security

Reverse Heartbleed

Schneier on Security - Fri, 2014-04-18 07:29
Heartbleed can affect clients as well as servers....
Categories: security

Debian: 2901-2: wordpress: Summary

LinuxSecurity.com - Fri, 2014-04-18 06:34
LinuxSecurity.com: Security Report Summary
Categories: linux, news, security

Overreacting to Risk

Schneier on Security - Fri, 2014-04-18 06:26
This is a crazy overreaction: A 19-year-old man was caught on camera urinating in a reservoir that holds Portland's drinking water Wednesday, according to city officials. Now the city must drain 38 million gallons of water from Reservoir 5 at Mount Tabor Park in southeast Portland. I understand the natural human disgust reaction, but do these people actually think that...
Categories: security

Debian: 2910-1: qemu-kvm: Summary

LinuxSecurity.com - Thu, 2014-04-17 21:43
LinuxSecurity.com: Security Report Summary
Categories: linux, news, security

Debian: 2909-1: qemu: Summary

LinuxSecurity.com - Thu, 2014-04-17 21:36
LinuxSecurity.com: Security Report Summary
Categories: linux, news, security

Tails

Schneier on Security - Thu, 2014-04-17 13:38
Nice article on the Tails stateless operating system. I use it. Initially I would boot my regular computer with Tails on a USB stick, but I went out and bought a remaindered computer from Best Buy for $250 and now use that....
Categories: security