Wings Aggregator
Security RSS Feed Aggregator
We aggregate RSS feeds from a number of security related sites.
Bugtraq: [security bulletin] HPSBMA02674 SSRT100487 rev.2 - HP Service Manager and HP Service Center, Unauthorized Remote Access, Unsecured Local Access, Remote Disclosure of Privileged Information, HTTP Session Credential Re-use, Cross Site Scripting (XS  |
|---|
| SecurityFocus Vulnerabilities -- (added 2011-07-08 11:45:03) |
[security bulletin] HPSBMA02674 SSRT100487 rev.2 - HP Service Manager and HP Service Center, Unauthorized Remote Access, Unsecured Local Access, Remote Disclosure of Privileged Information, HTTP Session Credential Re-use, Cross Site Scripting (XSS) and Re |
| Washington Post email breach affects more than a million job seekers |
|---|
| Security Wire Daily News -- (added 2011-07-08 10:45:03) |
A breach of the newspaperâs job site exposed 1.27 million usernames and email addresses. 
|
| Microsoft to repair 22 vulnerabilities across Windows, Office |
|---|
| Security Wire Daily News -- (added 2011-07-08 10:45:03) |
The software giant plans to issue four bulletins, one rated âcriticalâ as part of its Patch Tuesday scheduled security updates.
|
| Marcus Ranum on cyberwar, critical infrastructure protection |
|---|
| Security Wire Daily News -- (added 2011-07-08 10:45:03) |
Network security expert Marcus Ranum explains why he believes cyberwarfare is only a tool for powerful nation states and discusses how Stuxnet supports his premise.
|
| Vuln: ISC BIND 9 Unspecified Packet Processing Remote Denial of Service Vulnerability |
|---|
| SecurityFocus Vulnerabilities -- (added 2011-07-08 10:05:04) |
ISC BIND 9 Unspecified Packet Processing Remote Denial of Service Vulnerability |
| Anonymous Attacks Turkish Websites Again |
|---|
| CSO Online -- (added 2011-07-08 08:45:04) |
Hacker group Anonymous said late Wednesday that its Antisec movement hacked and defaced Turkish government websites, in protest against new Internet filtering rules that come into force in the country in August. |
| Fox Hackers Exploit Slow Twitter Response |
|---|
| CSO Online -- (added 2011-07-08 08:45:04) |
The recent hijacking and misuse of a Fox News Twitter account by unknown attackers highlights some of the risks enterprises run when using services such as those offered by the popular microblogging site. |
| Square Enix Sues Hacker Group |
|---|
| CSO Online -- (added 2011-07-08 08:45:04) |
A group of Italian hackers leaked out a preview build of Square Enix's upcoming espionage-action-RPG hybrid Deus Ex: Human Revolution. Now the group of 15 hackers is facing litigation and may have to pay "damages in excess of $5000," according to an article on GamesIndustry.biz. |
| Facebook Video Calling: Get Started, Adjust Privacy Settings |
|---|
| CSO Online -- (added 2011-07-08 08:45:04) |
Today Facebook announced three new features: group chat, which lets you message with multiple people in one window; an updated chat interface that takes into account your browser size; and its most anticipated feature, video calling. All three will be rolling out to users over the next several weeks. |
| Jailbreak Artists Exploit Unpatched Apple IPhone, IPad Bugs |
|---|
| CSO Online -- (added 2011-07-08 08:45:04) |
Developers today said they used a pair of unpatched vulnerabilities in Apple's iOS to "jailbreak" the iPhone and iPad, including the first-ever hack of the iPad 2. |
| Second DOE Lab is Likely Victim of Spear-Phishing Attack |
|---|
| CSO Online -- (added 2011-07-08 08:45:04) |
The Department of Energy's Pacific Northwest National Laboratory is working on restoring Internet connectivity and email services after being hit by a "sophisticated cyberattack" five days ago. |
| Microsoft: No Botnet is Indestructible |
|---|
| CSO Online -- (added 2011-07-08 08:45:04) |
No botnet is invulnerable, a Microsoft lawyer involved with the Rustock take-down said, countering claims that another botnet was "practically indestructible." |
| Businesses Refusing Data Audits, Warns Information Commissioner |
|---|
| CSO Online -- (added 2011-07-08 08:45:04) |
The Information Commissioner's Office has criticised businesses for refusing data protection audits. |
| Morgan Stanley Warns 34,000 Customers of Data Breach |
|---|
| CSO Online -- (added 2011-07-08 08:45:04) |
Morgan Stanley has warned 34,000 investment clients that their personal data may have been stolen while in transit to a government tax office. |
| Civil Servants Concerned About Consumer Device Security |
|---|
| CSO Online -- (added 2011-07-08 08:45:04) |
Seven in 10 senior civil servants think the use of personal laptops in the workplace increases data security risks, and 80 percent also believe smartphones worsen the potential problem. |
| Financial services firms get enhanced authentication guidance |
|---|
| CSO Online -- (added 2011-07-08 08:45:04) |
This month's update is designed to reinforce risk-based authentication for customers and covers layered security and other controls designed to mitigate transaction risk. Expert reaction to the guidance's efficacy is mixed. |
| Apple Developing Fixes for Dangerous IOS Vulnerabilities |
|---|
| CSO Online -- (added 2011-07-08 08:45:04) |
Apple said on Thursday that it is developing a fix for vulnerabilities that affect its iPhone, iPad and some iPod touch models, a problem that the German government warned could be used to steal confidential data. |
| UK's News of the World Closes After Phone Hacking Scandal |
|---|
| CSO Online -- (added 2011-07-08 08:45:04) |
The U.K.'s News of the World is closing admit allegations of staff members hacking into the mobile voice mail of celebrities and crime victims. |
| Microsoft Plans 22 Patches for Windows, Office Next Week |
|---|
| CSO Online -- (added 2011-07-08 08:45:04) |
Microsoft today said it will issue four security updates next week, only one of which is pegged as critical, to patch 22 vulnerabilities in Windows and Visio 2003. |
| The Latest Security Tool for Your Arsenal: Whitelisting |
|---|
| CSO Online -- (added 2011-07-08 08:45:04) |
Phishing, spear phishing, trojan horse and other attacks are growing in number and sophistication, seemingly by the day. There can be little disputing that notion after RSA, Sony, Lockheed and Citicorp were embarrassed by breaches this year. |
| Vuln: Wireshark Versions Prior to 1.4.5/1.2.16 Multiple Remote Vulnerabilities |
|---|
| SecurityFocus Vulnerabilities -- (added 2011-07-08 08:05:04) |
Wireshark Versions Prior to 1.4.5/1.2.16 Multiple Remote Vulnerabilities |
| Vuln: Wireshark Versions Prior to 1.4.7/1.2.17 Multiple Denial of Service Vulnerabilities |
|---|
| SecurityFocus Vulnerabilities -- (added 2011-07-08 08:05:04) |
Wireshark Versions Prior to 1.4.7/1.2.17 Multiple Denial of Service Vulnerabilities |
| Bugtraq: Security Advisory: CVE-2011-2516 |
|---|
| SecurityFocus Vulnerabilities -- (added 2011-07-08 03:05:05) |
Security Advisory: CVE-2011-2516 |
| Bugtraq: Re: Re: Multiple Cross-Site Scripting vulnerabilities in WebCalendar |
|---|
| SecurityFocus Vulnerabilities -- (added 2011-07-08 03:05:05) |
Re: Re: Multiple Cross-Site Scripting vulnerabilities in WebCalendar |
| Bugtraq: Re: [Full-disclosure] Ubuntu: reseed(8), random.org, and HTTP request |
|---|
| SecurityFocus Vulnerabilities -- (added 2011-07-07 04:05:04) |
Re: [Full-disclosure] Ubuntu: reseed(8), random.org, and HTTP request |
| Data reduction software accelerates computer forensic investigations |
|---|
| Security Wire Daily News -- (added 2011-07-06 05:35:03) |
Data reduction software is an essential part of any computer forensics process. Expert Richard W. Walker looks at data reduction software tools and processes and the role they play.
|
| Vuln: Drupal Secure Password Hashes Module Security Bypass Vulnerability |
|---|
| SecurityFocus Vulnerabilities -- (added 2011-07-02 10:05:04) |
Drupal Secure Password Hashes Module Security Bypass Vulnerability |
| Cisco: Targeted phishing helped hackers earn $150 million last month |
|---|
| Security Wire Daily News -- (added 2011-07-02 07:35:03) |
Cybercriminals made an estimated $150 million from targeted phishing attacks in June, according to researchers at Cisco Systems Inc.
|
| Gartner: Dodd-Frank regulations demand compliance bureau |
|---|
| Security Wire Daily News -- (added 2011-07-01 06:20:04) |
All companies, not just financials, must comply with the Dodd-Frank Act; Gartner recommends having a compliance bureau monitor the implications.
|
| Cloud computing contracts and securityâs role |
|---|
| Security Wire Daily News -- (added 2011-06-30 01:20:04) |
Security teams need to be involved in the contract process to ensure data security provisions are included.
|
| Gartner: Prepare today or face cloud computing security problems tomorrow |
|---|
| Security Wire Daily News -- (added 2011-06-30 01:20:04) |
Gartner analysts say infosec teams can avoid tomorrowâs cloud computing security problems by anticipating future usage and becoming facilitators.
|
| AWS cloud computing compliance paper details customer responsibilities |
|---|
| Security Wire Daily News -- (added 2011-06-30 01:20:04) |
Cloud giant makes it clear the onus is on customers when it comes to HIPAA, GLBA and other regulations.
|
| Fight mobile attacks, data loss risks by locking down devices |
|---|
| Security Wire Daily News -- (added 2011-06-29 06:20:04) |
Mobile malware has been minimal, but attackers are developing attacks that target smartphones to gain access to sensitive data, says security luminary Winn Schwartau.
|
| Security risks prompt retooling of enterprise mobile security strategy |
|---|
| Security Wire Daily News -- (added 2011-06-29 06:20:04) |
Cybercriminals will find ways to bypass native security restrictions on smartphones and other devices, says security luminary Winn Schwartau.
|
| High-profile attacks, inadequate defenses burden IT security programs |
|---|
| Security Wire Daily News -- (added 2011-06-28 06:20:05) |
Can CISOs turnaround IT security programs to be more proactive? Experts say many programs are frozen in a reactive mode.
|
| Gartnerâs Neil MacDonald on RSA, APT and the social engineering threat |
|---|
| Security Wire Daily News -- (added 2011-06-25 09:45:03) |
In this video, Gartner Vice President Neil MacDonald discusses the SecurID attack at RSA, APT realities and the growing enterprise social engineering threat.
|
| Gartnerâs Neil MacDonald on IE9 security, Apple security issues |
|---|
| Security Wire Daily News -- (added 2011-06-25 04:35:03) |
In this video, Gartnerâs Neil MacDonald discusses patch management, IE9 security, his Windows 8 security wish list and protecting Apple computers.
|
| Top five themes from Gartner Security Summit 2011 |
|---|
| Security Wire Daily News -- (added 2011-06-24 10:05:04) |
Eric B. Parizo discusses the top themes from the 2011 Gartner Security & Risk Management Summit, including the rediscovery of enterprise risk management.
|
| Gartnerâs Ramon Krikken on Web application security scanners |
|---|
| Security Wire Daily News -- (added 2011-06-24 05:35:04) |
In this video, learn how to get the most out of Web application security scanners, and the four key elements for a successful implementation.
|
| Ramon Krikken on tokenization vs. encryption, PCI tokenization |
|---|
| Security Wire Daily News -- (added 2011-06-24 05:35:04) |
The Gartner IT1 research director discusses tokenization vs. encryption, PCI tokenization to reduce audit scope and lagging tokenization standards.
|
| Computer forensics growing part of Fed cybersecurity strategy |
|---|
| Security Wire Daily News -- (added 2011-06-23 02:20:04) |
As the number of attacks on federal systems increases, more government agencies are realizing the importance of computer forensics.
|
| Verizon launches Incident Analytics Service to meld DBIR data with risk analysis |
|---|
| Security Wire Daily News -- (added 2011-06-22 08:35:04) |
New service aims to help businesses measure their security programs against Verizonâs Data Breach Investigations Report and the VERIS classification and reporting data.
|
| Attackers target Microsoft IE flaw in drive-by attacks |
|---|
| Security Wire Daily News -- (added 2011-06-21 02:35:04) |
Researchers detected a drive-by attack contained in malicious code hosted on a compromised restaurant website.
|
| More rss feeds from SecurityFocus |
|---|
| SecurityFocus Vulnerabilities -- (added 2010-06-19 12:35:04) |
News, Infocus, Columns, Vulnerabilities, Bugtraq ... |
| Netcraft News feed has moved |
|---|
| -- (added 2010-05-22 00:45:03) |
The location of the Netcraft News feed has been changed. The RSS feed is now available at: http://news.netcraft.com/feed The Atom feed is now available at: http://news.netcraft.com/feed/atom |
| News: Conficker data highlights infected networks |
|---|
| Security Focus News -- (added 2010-03-11 02:20:03) |
Conficker data highlights infected networks |
| News: PhotoDNA scans images for child abuse |
|---|
| Security Focus News -- (added 2010-03-11 02:20:03) |
PhotoDNA scans images for child abuse >> Advertisement << Can you answer the ERP quiz? These 10 questions determine if your Enterprise RP rollout gets an A+. http://www.findtechinfo.com/as/acs?pl=781&ca=909 |
| News: Change in Focus |
|---|
| Security Focus News -- (added 2010-03-11 02:20:03) |
Change in Focus |
| News: Google: 'no timetable' on China talks |
|---|
| Security Focus News -- (added 2010-03-05 11:20:02) |
Google: 'no timetable' on China talks |
| News: Monster botnet held 800,000 people's details |
|---|
| Security Focus News -- (added 2010-03-05 11:20:02) |
Monster botnet held 800,000 people's details >> Advertisement << Can you answer the ERP quiz? These 10 questions determine if your Enterprise RP rollout gets an A+. http://www.findtechinfo.com/as/acs?pl=781&ca=909 |
| News: MS uses court order to take out Waledac botnet |
|---|
| Security Focus News -- (added 2010-03-05 10:20:03) |
MS uses court order to take out Waledac botnet >> Advertisement << Can you answer the ERP quiz? These 10 questions determine if your Enterprise RP rollout gets an A+. http://www.findtechinfo.com/as/acs?pl=781&ca=909 |
| News: Latvian hacker tweets hard on banking whistle |
|---|
| Security Focus News -- (added 2010-03-05 10:20:03) |
Latvian hacker tweets hard on banking whistle |
| Brief: Microsoft patches as fraudsters target IE flaw |
|---|
| Security Focus News -- (added 2010-02-03 08:05:02) |
Microsoft patches as fraudsters target IE flaw |
| Brief: Cyberattacks from U.S. "greatest concern" |
|---|
| Security Focus News -- (added 2010-02-03 08:05:02) |
Cyberattacks from U.S. "greatest concern" >> Advertisement << Can you answer the ERP quiz? These 10 questions determine if your Enterprise RP rollout gets an A+. http://www.findtechinfo.com/as/acs?pl=781&ca=909 |
| Brief: Google offers bounty on browser bugs |
|---|
| Security Focus News -- (added 2010-02-03 08:05:02) |
Google offers bounty on browser bugs |
| Brief: Attack on IE 0-day refined by researchers |
|---|
| Security Focus News -- (added 2010-01-29 13:05:03) |
Attack on IE 0-day refined by researchers |
| News: Twitter attacker had proper credentials |
|---|
| Security Focus News -- (added 2009-12-19 09:20:02) |
Twitter attacker had proper credentials |
| Adam O'Donnell: The Scale of Security |
|---|
| Security Focus News -- (added 2009-10-24 04:05:03) |
The Scale of Security |
| Mark Rasch: Lazy Workers May Be Deemed Hackers |
|---|
| Security Focus News -- (added 2009-10-24 04:05:03) |
Lazy Workers May Be Deemed Hackers >> Advertisement << Can you answer the ERP quiz? These 10 questions determine if your Enterprise RP rollout gets an A+. http://www.findtechinfo.com/as/acs?pl=781&ca=909 |
| Gunter Ollmann: Time to Squish SQL Injection |
|---|
| Security Focus News -- (added 2009-10-24 04:05:03) |
Time to Squish SQL Injection |
| Code Fish Spam Watch Feed Now Defunct Please Remove |
|---|
| -- (added 2009-09-13 03:45:49) |
The Code Fish Spam Watch RSS Feed is now defunct - PLEASE REMOVE FROM YOUR RSS READER |
| Mark Rasch: Hacker-Tool Law Still Does Little |
|---|
| Security Focus News -- (added 2009-08-26 07:05:04) |
Hacker-Tool Law Still Does Little |
| Infocus: WiMax: Just Another Security Challenge? |
|---|
| Security Focus News -- (added 2009-04-02 10:05:04) |
WiMax: Just Another Security Challenge? |
| Infocus: Data Recovery on Linux and ext3 |
|---|
| Security Focus News -- (added 2009-04-02 10:05:04) |
Data Recovery on Linux and <i>ext3</i> >> Advertisement << Can you answer the ERP quiz? These 10 questions determine if your Enterprise RP rollout gets an A+. http://www.findtechinfo.com/as/acs?pl=781&ca=909 |
| Infocus: Enterprise Intrusion Analysis, Part One |
|---|
| Security Focus News -- (added 2009-04-02 10:05:04) |
Enterprise Intrusion Analysis, Part One |
| Infocus: Responding to a Brute Force SSH Attack |
|---|
| Security Focus News -- (added 2008-12-04 05:20:03) |
Responding to a Brute Force SSH Attack |
| More rss feeds from SecurityFocus |
|---|
| Security Focus News -- (added 2004-04-26 21:35:06) |
News, Infocus, Columns, Vulnerabilities, Bugtraq ... |