-
26.How Twitter spam steals from Google, Yahoo! (www.infosecisland.com)
Scammers have been devising ways to ride on someone else's coattails since the dawn of time. With every new technology they find another way to make money from nothing. Today I am going to highlight a method that involves Twitter, Yahoo!, and Google AdSense.
-
27.
Post mortem of FreeBSD stack overflow by exploit author.
-
28.Skull Security's Password Lists (www.skullsecurity.org)
Password lists based on real world passwords.
-
29.Top 20 Nginx WebServer Best Security Practices (www.cyberciti.biz)
Not the most popular, but one of the fastest HTTP servers gets a best practice guide.
-
30.Risk Based Enterprise Compliance Programs : Information Security Resources (information-security-resources.com)
A recent benchmarking survey of Third Party Codes of Conduct was conducted by the Society of Corporate Compliance and Ethics (SCCE) and reported on by Rebecca Walker. The findings indicated that a majority of companies with an otherwise robust compliance program do not extend this to third parties with which they conduct business. For those companies who now desire to evaluate their third party business partners for Foreign Corrupt Practices Act (FCPA) compliance, how and where do they begin?
-
31.United States Department of Defense Embraces Hacker Certification to Protect US Interests (www.infosecisland.com)
The U.S. Department of Defense (DoD) announces the official approval of the EC-Council Certified Ethical Hacker (CEH) certification program as a new baseline skills requirement for U.S.cyber defenders. Specifically, the new Certified Ethical Hacker program is required for the DoD's computer network ...
-
32.Data Loss Prevention Has Jumped the Shark : Information Security Resources (information-security-resources.com)
The FTC sending a warning to 100 companies and agencies that their employees are leaking client and sensitive data on the web via Peer to Peer file sharing (P2P) is the single most pathetic and embarrassing communication to come across the desk of an IT professional. It’s over, Johnny IT’S OVER…
-
33.How Nokia helped Iran "persecute and arrest" dissidents (arstechnica.com)
EU blames Nokia Siemens, Nokia Siemens points out that it's actions were no different to what they've provided within the EU.
-
34.Attacks on Google may have been work of amateurs (www.computerworld.com)
Not as sophisticated as Conficker, claims Damballa.
-
35.‘Google’ Hackers Had Ability to Alter Source Code (www.wired.com)
McAfee Aurora white paper bashes Perforce.
-
36.Daniel Houghton - caught in a counter-intelligence sting trying to sell MI6 and MI5 "intelligence gathering techniques" secrets stored on USB memory devices (p10.hostingprod.com)
Commentary and analysis courtesy of the Spy blog.
-
37.Argos exposes customers' credit-card numbers in email (www.pcpro.co.uk)
CVV and CC numbers in order confirmation HTML. Time to check your emails.
-
38.
Awesome presentation, an essential addition to anyone's web app reference documents.
-
39.
-
40.Advanced Spear Phishing - individually targeted (infoworld.com)
Interesting example of how advanced spear phishing has become.
-
41.Quarter Of Germans Happy To Have Chip Implants (www.eweekeurope.co.uk)
So says trade body head (and his body).
-
42.Leveraging Open Source for Business Intel : Information Security Resources (information-security-resources.com)
Open source intelligence (OSINT) is a form of intelligence collection management that involves finding, selecting, and acquiring information from publicly available sources and analyzing it to produce actionable intelligence…
-
43.Outsourcing Breach Response Lowers Costs : Information Security Resources (information-security-resources.com)
The Ponemon Institute last month released their 5th annual 2009 Annual Study: Cost of Data Breach. This year, the report explored several new areas and came up with some interesting and in some cases surprising conclusions…
-
44.
Praetorian Prefect | Press F1 for Help, pwned. (praetorianprefect.com)Microsoft published security advisory 981169 yesterday in response to the zero day vulnerability reported a few days prior. The vulnerability is in the help system and can be triggered by luring an Internet Explorer user into pressing the F1 key. Windows 2000, Windows XP SP2 & SP3, and Windows 2003 SP2 with Internet Explorer 7...
-
45.U.S. to Reveal Rules on Internet Security - NYTimes.com (www.nytimes.com)
-
46.Gartner Tells CIOs to Embrace Social Media : Information Security Resources (information-security-resources.com)
Has someone been putting strange substances in the drinking water at Gartner’s Greenwich, CT headquarters? Some of their analysts are beginning to sound like New Age gurus on a mission to bring peace, love and harmony to the corporate world. Consider these words of wisdom recently imparted by Gartner analysts to clients at an Orlando conference…
-
47.One Click Ownage (www.mavitunasecurity.com)
Mavituna Security strikes gold with Webraider.
-
48.Filling Adobe’s heap … (feliam.wordpress.com)
-
49.21 More Business Sector Breaches from 2009 (www.infosecisland.com)
Some of the breaches described in the notifications were reported in the media at the time, but we spotted a number from the business sector that had not been reported in the media or on this site at the time. So here is a brief roundup on another 21 breaches from the business sector last year...
-
50.19 more financial sector breaches from 2009 (www.infosecisland.com)
Maryland has updated its web site to provide breach notifications that it has received since its last update. The newly posted notifications are for the period ending December 31, 2009, so there will likely be more to come for 2010...
Powered by