AGGREGATOR

Just another WordPress site

  • No categories

  • Digg Top Security N

  • Dark Net

    • WinAppDbg – Python Instrumentation Scripting/Debugging Tool For Windows
    • Windows Binary Planting DLL Preloading/Hijacking Bug
    • DotDotPwn v1.0 – Directory Traversal Checker/Scanning Tool
    • Intel Acquires Security Specialist McAfee For $7.68bn
    • Tshark – Network Protocol Analyzer & Traffic Dumper

  • The Register

    • Once-prolific Pushdo botnet crippled
    • Police extend detention of e-voting critic
    • Pro-Palestine hackers spraypaint gov training quango
    • Apple kills Jailbreakme Mac bug
    • Wikileaks publishes secret CIA memo

  • CNet News Security

    • 'LOL is this you?' spam spreading via Facebook chat
    • Google working on Gmail spam issue
    • RIM extends olive branch to Indian government
    • Bad flash drive caused worst U.S. military breach
    • Be cautious of Internet access at airports

  • Kaspersky News

    • Kaspersky Lab detects new IM worms capable of spreading via almost all instant messengers
    • Q2 2010: more than half a billion infection attempts
    • Kaspersky Lab and Axigen Partner to Deliver Premium Email Security
    • Kaspersky Internet Security 2011 and Kaspersky Anti-Virus 6.0 for Windows Workstations win VB100 awards for protection on Windows Vista Business Edition
    • Kaspersky Internet Security 2011 and Kaspersky Anti-Virus 6.0 for Windows Workstations win VB100 awards for protection on Windows Vista Business Edition

  • RootSecure

    • Renesys: House of Cards "What do you think would happen if another large and unusual routing announcement was made on the Internet?"
    • Sophos: Did Gmail make you look like a spammer this week?
    • Security-Shell: Ebay XSS
    • ZDNet AU: Hackers accidentally give Microsoft their code "When hackers crash their systems while developing viruses, the code is often sent directly to Microsoft,"
    • The Register: RIM proposes crypto forum to dodge India BlackBerry ban

  • ZDNet Security

    • RIM proposes India cryptography forum
    • Apple issues security update for Mac OS X
    • NHS Trust and building society guilty of data breaches
    • Hacker crash reports send code to Microsoft
    • Hacker crash reports sends code to Microsoft

  • SANS Forensics

    • Why Teaching Matters – A Letter About FORENSICS 508 – Computer Forensic Investigations and Incident Response
    • Digital Forensics Case Leads: An OS X based Live CD, a Free Forensics App for Windows, Spying, and High Performance Password Cracking
    • SANS Institute Fall Events 2010
    • Intro to Report Writing for Digital Forensics
    • Computer Forensics: Armor For Your Feet

  • Infowar

    • FAA computers still vulnerable to cyberattack
    • Black Hat and Defcon Founder Jeff Moss: What Is the ‘Hacker Mindset?’
    • Hackers Target Power Plants and Physical Systems
    • Citi Alerts Customers to Security Flaw with iPhone Banking App
    • Power grid upgrades could pose security risks, experts says

  • Hack in the Box (HiTB)

    • Viruses Might Help Make Better Batteries
    • Garmin issues recall for nuvi GPS devices
    • China policy could force foreign security firms out
    • Intel eyed McAfee for years, Gelsinger says
    • UK bank loses unencrypted laptop

  • CSO Online

    • 3 areas where FUD needs to stop
    • Sticks and stones: Picking on users AND security pros
    • Free tool from Team Cymru aims to help fight malware
    • Symantec: A mid-year status check on security predictions
    • How Your Business Can Avoid Being Collateral Damage In A Cyber War

  • TaoSecurity

    • Bejtlich on Silver Bullet Podcast
    • Review of Least Privilege Security Posted
    • Bejtlich Teaching at Black Hat Abu Dhabi 2010
    • Review of IT Security Metrics Posted
    • Review of Practical Lock Picking Posted

  • Cybercrime & Doing Time

    • Major Fraud Ring Busted in Largest Chinese Cybercrime Operation
    • "(Famous person) died" spam
    • Viagra Spammers as Hackers?
    • Spam Campaign: Zeus's Greatest Hits spreads malware
    • PhacePhish: New Facebook Attack gives a One-Two Punch

  • BankInfoSecurity

    • Bank Takes Tough Stand on Fraud
    • Protecting Privacy: It Takes Two
    • ACH Fraud: Action Plan in Oct.
    • FDIC: Cayman Islands Monetary Authority Releases Revised List of Unregistered Entities
    • FDIC: Regulatory Relief, Guidance for Institutions in Areas of Illinois Affected by Severe Weather

  • Cisco Security Advisories

    • Cisco IOS XR Software Border Gateway Protocol Vulnerability
    • Cisco Unified Communications Manager Denial of Service Vulnerabilities
    • Cisco Unified Presence Denial of Service Vulnerabilities
    • Cisco IOS Software TCP Denial of Service Vulnerability
    • SQL Injection Vulnerability in Cisco Wireless Control System

  • Dancho Danchev

    • Dissecting a Scareware-Serving Black Hat SEO Campaign Using Compromised .NL/.CH Sites
    • Spamvertised Best Buy, Macy's, Evite and Target Themed Scareware/Exploits Serving Campaign
    • Summarizing Zero Day's Posts for July
    • ZeuS Crimeware Serving 123Greetings Ecard Themed Campaign in the Wild
    • Dissecting the Xerox WorkCentre Pro Scanned Document Themed Campaign

  • FAS Secrecy News

    • DNI Advisors Favor Non-Coercive “Intelligence Interviewing”
    • Rare Earth Elements: The Global Supply Chain (CRS)
    • The Twilight of the Bombs
    • DHS Plans to “Improve” National Emergency Exercises
    • New Order on State, Local Access to Classified Info

  • FireEye Labs

    • Chasing CnC Servers - Part 1
    • Musings on download_exec.rb
    • World's Top Malware
    • World's Smallest PDF
    • Mariposa Still Alive

  • F-Secure Antivirus Research Weblog

    • CPAlead Spam on YouTube
    • DLL Hijacking and Why Loading Libraries is Hard
    • Corporate Identity Theft Used to Obtain Code Signing Certificate
    • I May Never Text Again: More Facebook Spam
    • What's the success rate of Facebook spam?

  • GovInfoSecurity.com Articles

    • DoD Unveils New Cyber Defense Strategy
    • Lynn: Flash Drive Behind Major DoD Breach
    • Infosec Provisions Seen as Rider to Senate Defense Bill
    • California Eyes Stronger Privacy Law
    • Conn. A.G. Investigates Smaller Breach

  • GovInfoSecurity

    • Florida Police: 'Pay With Cash Only'
    • Anchors Aweigh: A CIO's Farewell
    • Memos Highlight Physical-Virtual Security
    • Helping Enthusiasts Profit from Their Hacking Skills
    • Spreadsheets Still Subject to Fraud Target

  • Graham Cluley Blog (Sophos)

    • Did Gmail make you look like a spammer this week?
    • Follow Cluley on the new Digg
    • Girl who had sex with 5000 men exploited by sleazy Facebook scammers
    • Outbreak: Fake Fedex Tracking Number emails carry malware
    • Malicious spammers launch major fake anti-virus attack

  • Infosec Daily Podcast

    • InfoSec Daily Podcast Episode 202
    • InfoSec Daily Podcast Episode 201
    • InfoSec Daily Podcast Episode 200
    • InfoSec Daily Podcast Episode 199
    • InfoSec Daily Podcast Episode 198

  • HelpNet Security Vulnerabilities

    • EMC Disk Library Communication Module Remote Denial of Service
    • nuBuilder "report.php" Remote File Include
    • PHPIDS "unserialize()" PHP Code Execution
    • SF ToutVirtual VirtualIQ Pro Multiple Remote Command Execution Issues
    • MultipleFileUpload Arbitrary File Upload Issue

  • Honeyblog

    • The Last Line of Defense - http://tllod.com
    • Call for Papers: EC2ND'10
    • Chaosradio Express #155
    • Challenge 4 of the Forensic Challenge 2010 - VoIP
    • "Is the Internet for Porn? An Insight Into the Online Adult Industry"

  • Information Warfare Monitor

    • Crime or Espionage?
    • Pentagon’s cybersecurity plans have a Cold War chill
    • Panel: U.S. lacks legal framework to fight in cyberspace
    • Microsoft can only do so much to fight cyber threats
    • The New Generation of Security Threats

  • Infosec Ramblings

    • Interesting Information Security Bits for 08/27/2010
    • Interesting Press Releases 8-20-2010 thru 8-25-2010
    • Interesting Information Security Bits for 08/25/2010
    • Interesting Information Security Bits for 08/23/2010
    • Interesting Information Security Bits for 08/19/2010

  • InfoWorld Security Central

    • No good can come of a malware convention
    • How to thwart the new DLL hijacks
    • Updated 'blue screen of death' rootkit now targeting 64-bit Windows
    • The Pentagon plays security catch-up
    • Microsoft boosts access to secure development guidelines

  • Jart Armin

    • New DNS Solution Could Help Us Regain Web Control
    • Top 50 Bad Hosts, Q2 2010
    • Router Hacking, Warkitting Take Stage at Black Hat
    • Security Lessons From the 'Adult' Web
    • BlackEnergy Exploit Kit Makes Off With the Loot

  • Jeremiah Grossman

    • Website Vulnerability Assessments: Good, Fast, or Cheap - Pick Two
    • Breaking Browsers: Hacking Auto-Complete (All Materials Available)
    • In Firefox we can’t read auto-complete, but we can write to it (a lot)!
    • Patching auto-complete vulnerabilities not enough, Cookie Eviction to the rescue
    • Stealing AutoComplete form data in Internet Explorer 6 & 7

  • Krebs on Security

    • Researchers Kneecap ‘Pushdo’ Spam Botnet
    • White House Calls Meeting on Rogue Online Pharmacies
    • Adobe, Apple Issue Security Updates
    • MalCon: A Call for ‘Ethical Malcoding’
    • Anti-virus Products Struggle Against Exploits

  • Malware Intelligence Blog

    • State of the art in Phoenix Exploit's Kit
    • Pirated Edition. Affiliate program Pay-per-Install
    • Pay-per-Install through VIVA INSTALLS / HAPPY INSTALLS in BKCNET “SIA” IZZI
    • Campaign infection through Phoenix Exploit's Pack
    • Circuit Koobface from 91.188.59.10 (BKCNET "SIA" IZZI)

  • McAfee Avert Blogs

    • Newegg Password Reset Scam: a Harbinger of Threats to Come?
    • Insecure Library Loading in OS and Applications
    • Three Strikes to Latest Phishing Scam
    • How Much Does My Identity Cost?
    • Fraud Strikes U.S. Travel Authorization Agency

  • Anton Chuvakin

    • CEE Architecture Overview FINALLY Out!
    • To Those Escaping from Sinking SIEM/Log Management Vendors
    • Silly Compliance Poll
    • CEE Update – Aug 2010
    • Log Math

  • McAfee Security Insights Blog » George Kurtz

    • Performance, Connectivity and Protection
    • I Have an iPad…I Admit it
    • McAfee and Citrix – Securing Virtualized Environments
    • Vietnamese Speakers Targeted In Cyberattack
    • Source Code Repositories Targeted In Operation Aurora

  • Metasploit

    • Better, Faster, Stronger: DLLHijackAuditKit v2
    • Exploiting DLL Hijacking Flaws
    • Redesigning the Credential Cracking Strategy
    • Shiny Old VxWorks Vulnerabilities
    • W3AF: An Open Source Success Story

  • Most Popular White Papers and WebcastsSecurity Research

    • Introduction to Intel® Cloud Builder Program: Your Blueprints to Success
    • Podcast: An Expert Approach to PCI Programmes
    • Complex Managed Hosting: Market Survey and Vendor Feature Comparison
    • An Expert Approach to PCI Programmes
    • SQL Server Backup: Basic Methods for Protecting Your Most Valuable Data

  • Pandalabs Blog

    • How to Get Hacked on Facebook
    • Rogueware on the roll
    • Facebook clickjackers target victims using McDonald’s as bait
    • Blackhat SEO Attack Targeting Halloween and Thanksgiving
    • Moshi Monster under attack

  • PentestIT

    • DLLHijackAuditKit v2: Better, Faster, Stronger DLL Tests!
    • WebAppTools : Tools for web servers and web applications testing.
    • UPDATE: NetSecL 3.0!
    • UPDATE: FOCA v2.5.1!
    • UPDATE: VASTO 0.3!

  • RBNExploit

    • Hosting Ukraine Burnt Out | HostExploit
    • RBN – Real Host, Latvia and the Zeus Botnet
    • RBN - McColo R.I.P.
    • RBN - Farewell to EstDomains
    • RBN - Russian Cyberwar on Georgia: Report

  • Symantec Security Response Podcasts

    • Update from Symantec Security Technology & Response
    • Search Engine Poisoning
    • Symantec Security Response Profile: Zulfikar Ramzan
    • ISTR XIV - Phishing and Spam in the Economic Downturn
    • ISTR XIV - Financially Motivated Malicious Code Development

  • Wired Threat Level

    • Hackers Plant Tardis Atop MIT Building
    • Teachbook Vows Facebook Trademark Suit Fight
    • WikiLeaks Airs Classified CIA Memo, But Real Message Is No Secret
    • Facebook Lawsuit Throws the -book at Social Networking Site for Teachers
    • Touchscreen E-Voting Machine Reprogrammed to Play Pac-Man

  • US-CERT Technical Alerts and Bulletins

    • TA10-238A: Microsoft Windows Insecurely Loads Dynamic Libraries
    • SB10-235: Vulnerability Summary for the Week of August 16, 2010
    • TA10-231A: Adobe Reader and Acrobat Vulnerabilities
    • SB10-228: Vulnerability Summary for the Week of August 9, 2010
    • TA10-223A: Adobe Flash and AIR Vulnerabilities

  • US-CERT National Cyber Alert System

    • TA10-238A: Microsoft Windows Insecurely Loads Dynamic Libraries
    • ST05-014: Real-World Warnings Keep You Safe Online
    • SB10-235: Vulnerability Summary for the Week of August 16, 2010
    • SA10-231A: Adobe Reader and Acrobat Vulnerabilities
    • TA10-231A: Adobe Reader and Acrobat Vulnerabilities

  • US-CERT Cyber Security Tips

    • ST05-014: Real-World Warnings Keep You Safe Online
    • ST05-013: Guidelines for Publishing Information Online
    • ST05-012: Supplementing Passwords
    • ST05-011: Effectively Erasing Files
    • ST05-010: Understanding Web Site Certificates

  • US-CERT Cyber Security Alerts and Tips

    • ST05-014: Real-World Warnings Keep You Safe Online
    • SA10-231A: Adobe Reader and Acrobat Vulnerabilities
    • SA10-224A: Apple Updates iOS for Multiple Vulnerabilities
    • ST05-013: Guidelines for Publishing Information Online
    • SA10-223A: Adobe Flash and AIR Vulnerabilities

  • US-CERT Current Activity

    • Cisco Releases Advisories for Unified Communications Manager and Unified Presence
    • APWG Fax Back Phishing Education Program
    • Insecure Loading of Dynamic Link Libraries in Windows Applications
    • Adobe Releases Security Bulletin for Shockwave Player
    • Apple Releases Security Update 2010-005

  • TrendLabs Malware Blog

    • New DLL Vulnerability Exploited in the Wild
    • Blogspot Mail2Blogger Secret Email Address Used in Spam Attack
    • Fake Celebrity Deaths Used in Malicious Spam Run
    • ZeuS Variant Targets U.S. Military Personnel
    • Close Encounter with an Internet Scammer

  • Tenable Security

    • Tenable Network Security Podcast - Episode 47
    • Nessus Web Application Scanning - New plugins & Configuration
    • Tenable Network Security Podcast - Episode 46
    • San Francisco Security Showcase - Sept 15, 2010
    • Microsoft Patch Tuesday Roundup - August 2010 - "Geronimo!" Edition

  • Team Cymru

    • KSRTC website hacked during Onam days
    • Hack attack: ASIO warns of cyber-spying and web warfare
    • Research experiment disrupts Internet, for some
    • Two International Cyber Security Conferences in Nation's Capital-A First for Canada
    • Cloning scam tip of iceberg

  • Sophos Latest Viruses

    • Troj/FakeAV-BRF
    • Mal/Proxslap-A
    • Troj/Agent-OLF
    • W32/Glupzy-J
    • W32/Imaut-H

  • SearchSecurity: Security Wire Daily News

    • Intel-McAfee marriage could fuel renewed chip security interest
    • Adobe fixes bevy of critical Shockwave Player vulnerabilities
    • CEO must prioritize software development improvements, secure coding
    • LANDesk Software acquired by private equity firm
    • McAfee acquisitions: What could Intel get?

  • SearchSecurity: Network Security Tactics

    • Log management best practices: Five tips for success
    • Security policy for PDF use: How to secure PDF files for the enterprise
    • Fake antivirus pop-up scams: Forming a security awareness training plan
    • FTP security best practices for the enterprise
    • Using the Microsoft Sysinternals suite for a computer systems audit

  • Schneier on Security

    • Friday Squid Blogging: Jewel of the Sea
    • Me at the EastWest Institute
    • Is the Whole Country an Airport Security Zone?
    • Detecting Deception in Conference Calls
    • Social Steganography

  • SANS Internet Storm Center

    • FTP Brute Password guessing attacks, (Fri, Aug 27th)
    • DLL hijacking vulnerabilities, (Mon, Aug 23rd)
    • Adobe released security update for Shockwave player that fix several CVEs: APSB1020, (Wed, Aug 25th)
    • SCADA: A big challenge for information security professionals, (Sun, Aug 22nd)
    • Firefox plugins to perform penetration testing activities, (Mon, Aug 23rd)

  • SANS Information Security Reading Room

    • SANS Network Security 2010
    • Mastering the Super Timeline With log2timeline
    • The Afterglow effect and Peer 2 Peer networks
    • Packer Analysis Report-Debugging and unpacking the NsPack 3.4 and 3.7 packer.
    • Covert Channels

  • The Dark Visitor

    • CDT: ISP Level Gmail Phishing
    • F-U Tencent!
    • PRC based members of carders.cc
    • IWM and Shadow Server Project Report: Shadows in the Clouds
    • Shanghai Jiaotong named as a source in Google compromise

  • Microsoft Security Bulletins

    • MS10-053 - Critical: Cumulative Security Update for Internet Explorer (2183461)
    • MS10-059 - Important: Vulnerabilities in the Tracing Feature for Services Could Allow Elevation of Privilege (982799)
    • MS10-049 - Critical: Vulnerabilities in SChannel could allow Remote Code Execution (980436)
    • MS10-058 - Important: Vulnerabilities in TCP/IP Could Allow Elevation of Privilege (978886)
    • MS10-051 - Critical: Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution (2079403)

  • Cisco Cyber Risk Report

    • August 16-22, 2010
    • August 9-15, 2010
    • August 2-8, 2010
    • July 26-August 1, 2010
    • July 19-25, 2010

© Hacking News
Theme by

  • About
  • Message
    • Check the Twitter.learnhacking.org The hackers Twitter
  • Close Open