News » 
The following section combines some of the best News feeds related to field of information security.
The current state of the crimeware threat - Q&A
What's the current state of the crimeware threat? Just how vibrant is the underground marketplace when it comes to crimeware? What are ISPs doing, and should ISPs be doing to solve the problem? Does taking down a cybecrime-friendly ISP has any long term effects?
comScore Media Metrix Ranks Top-Growing Properties and Site Categories for February 2010
STMicroelectronics Extends High-Side Current-Sensing Portfolio with Accurate, Rugged, Low-Power Amplifiers Targeting Automotive, Industrial and Computer Applications
VirnetX Patent Claims Confirmed Valid in Dispute With Microsoft
CA CTO Don Ferguson to Speak at CloudSlam'10 Conference On Managing Cloud-Connected Applications
ISC West: German Quality Drives Growth in Security Segment
Unique Garden Plants Launches New Online Plant Store
Facebook Password Spam Hides Malware Targeting Windows PCs
An attack campaign this week has sought to lure Facebook users into downloading new variants of the Bredolab malware targeting their Windows machines. - Attackers are spamming out malware hidden within e-mails targeting Facebook issues. The scam starts with an e-mail claiming to contain a password…
EMC Named CRN Channel Champion for 2010
Chairman and CEO of China Information Security Technology Elected Deputy Chairman of Newly Founded China Overseas Listed Corporations Association (COLCA)
Blogs »
Blogs are important as they represent an independant view of the information security landscape. The following section combines some of the best Blog feeds related to field of information security.
Responding To The Unexpected, (Sun, Mar 21st)
We all know that having an Incident Response plan in place helps to minimize the damage caused by a ...(more)...
BitDefender 2010 Update Problem, (Sat, Mar 20th)
We have started to receive reports this morning concerning a popular consumer antivirus product has ...(more)...
Skipfish - Web Application Security Tool, (Sun, Mar 21st)
Michal Zalewski (lcamtuf), a Polish security researcher and author of many tools and books, is at i ...(more)...
Firefox 3.6.2 to be released March 30, (Sat, Mar 20th)
In the past month, there has been lots of discussions involving an unpatched security vulnerability ...(more)...
Friday Squid Blogging: Preserving Your Giant Squid
Plastination : For several years von Hagens and his team experimented using smaller squid, and found that the fragility of the skin needed a slower replacement process than other animal specimens. Some 1500 litres of silicone later, the plastination of the giant cephalopods was completed in January.
Bringing Lots of Liquids on a Plane at Schiphol
This would worry me, if the liquid ban weren't already useless. The reporter found the security flaw in the airport's duty-free shopping system. At Schiphol airport, passengers flying to countries outside the Schengan Agreement Area can buy bottles of alcohol at duty-free shops before going…
I Know What Your Office Equipment Did Last Summer..., (Fri, Mar 19th)
Yesterday there was a great article in the Toronto Star that discusses a potential security risk t ...(more)...
Security Trade-Offs and Sacred Values
Interesting research : Psychologist Jeremy Ginges and his colleagues identified this backfire effect in studies of the Israeli-Palestinian conflict in 2007. They interviewed both Israelis and Palestinians who possessed sacred values toward key issues such as ownership over disputed territories like…
New Google Chrome (v4.1.249.1036) released, fixes multiple security vulnerabilities. More information at http://googlechromereleases.blogspot.com/2010/03/stable-channel-update.html, (Thu, Mar 18th)
...(more)...
Dangers of copy&paste, (Thu, Mar 18th)
One of our readers, Bill, wrote in to let us know about a pretty dangerous batch script that was pos ...(more)...
Research »
This is the research section. It currently lists feeds from organizations and individuals who are actively performing information security research.
The Latest Adobe Exploit and Session Upgrading
On March 12th and 13th, a researcher named "villy" posted a couple of blogs relating to an exploit for CVE-2010-0188. On the 15th, I ported that exploit (python) over to Metasploit (ruby), which you can find here , in the module browser . Doing so is often rather straight forward, and in…
vsftpd HTTP lunacy!
Ok, so I was bored and I added very very basic HTTP support to vsftpd. vsftpd is now perhaps the only FTP server to have an option ftp_enable=NO . Basically none of the HTTP protocol is implemented, but it might suffice for someone who is super-paranoid and needs to serve some static files over the…
MOBOTS: WeatherFist Exposed
Posted by Daniel Tijerina Last week, San Francisco was kind enough to play host to the annual RSA Security Conference. As you may remember from Jason Avery's last post, several TippingPointers were on-hand for the festivities. My colleague Derek Brown and I were fortunate to be granted an…
Locate and Exploit the Energizer Trojan
The newsophere was abuzz this morning with the discovery that Energizer's "DUO" USB Battery Charger included a malicious backdoor in the accompanying software. This backdoor was only discovered after the product was discontinued, leading some to believe that it went through its entire…
Help keypress vulnerability in VBScript enabling Remote Code Execution
The MSRC Engineering team has been investigating reports of a vulnerability involving the use of VBScript and Windows Help files. What is the impact and affected platforms? Our investigation has determined that Windows 7, Windows Server 2008, and Windows Vista are not impacted. Only Windows…
Assured Exploitation Training
This year, Alex Sotirov and I will be teaching our first Assured Exploitation training class at CanSecWest. This training class is focused on various topics in advanced exploitation of memory corruption vulnerabilities. This includes a thorough understanding of exploitation mitigations (where…
Using code coverage to improve fuzzing results
Hi all, Im Lars Opstad, an engineering manager in the MSEC Science group supporting the SDL within Microsoft. I wanted to share with you some of the ways that we are improving our internal security practices, specifically in the area of file fuzzing. Many fuzzers take a good file (template) as a…
Hacking Linksys IP Cameras (pt 6)
This article is a continuation of the following GNUCITIZEN articles: here, here, here, here and here. As we know, there are several ways one could go about hunting for IP cameras on the net. The slowest way would be to portscan random IP addresses for certain ports and programmatically detect if the…
RSA Conference 2010 Talks
Posted by Jason Avery Hey all! Jason here giving this year's RSA participates a heads up on talks to not miss. This year, TippingPoint is presenting five talks and panels, with three sessions by members of the DVLabs team. If you're going to be at the show, be sure not to miss these talks. …
dnsmap v0.30 is now out!
After working on dnsmap for a few months whenever time allowed, I decided there were enough additional goodies to make version 0.30 a new public release. Let me just say that a lot of the bugs that have been fixed, and features that have been added to this version would not be possible without the…
Advisories »
This section contains a list of recent advisories automatically collected from various sources.
No Results
Exploits »
This section contains aggregated feeds of recent exploits published by some of the best resources online.
No Results
Podcasts »
This section contains aggregated feeds of recent security podcasts.
Sophos Security Week - March 15, 2010
Sophos Senior Security Advisor Chester Wisniewski and Head of Global Sales Engineering Michael Argast discuss the biggest security stories for the week of March 15, 2010.
Windows 7 - Security updates and features, part 2
In this second half of a two-part podcast, Sophos experts Chester Wisniewski and Michael Argast continue their conversation on the updates and changes made to Windows 7 security.
Windows 7 - Security updates and features
Sophos experts Chester Wisniewski and Michael Argast of Sophos Canada discuss the latest security updates and features of Windows 7.
Security threat report: 2010
Carole Theriault interviews Chester Wisniewski, senior security advisor at Sophos Canada, about the latest findings in the 2010 Sophos security threat report, discussing the latest trends in malware as well as exploring topical issues such as security on Windows 7 and Apple Mac threats.
Operation Aurora: The attack on Google
Chester Wisniewski of Sophos Canada and James Lyne from the Office of the CTO discuss Operation Aurora: The attack on Google, what it means to businesses, and what we should be doing to better protect our networks.
Facebook, identity theft and the plastic duck
Sean Richmond of Sophos Australia talks to Paul Ducklin, head of technology for APAC, about the results of Sophos's latest Facebook experiment, revealing that users are still failing to take adequate security steps on the popular social network.
Kanye West, SEO and scareware
Senior technology consultant Graham Cluley explains how hackers have been taking advantage of the hoax news stories about the death of Kanye West, using search optimisation techniques to infect computer users with scareware.
A lesson in cloud computing and software as a service
Paul Ducklin, head of technology for Sophos APAC, defines cloud computing and SaaS, explaining the associated security risks and gives his opinion on whether cloud and SaaS mean the end of desktop security software.
Windows 7 in the security spotlight
Sophos senior technologist James Lyne discusses Windows 7 from the security point of view, looking at the Action Centre, enhancements in the Windows firewall, Direct Access and the controversy surrounding XP mode.
Virtualization and encryption: the security facts
More organizations are looking to virtualize their servers, but few are considering the associated security concerns. James Lyne, senior technologist at Sophos, explains why encrypting virtualized servers will avoid costly leaks.
Culture »
This section contains a list of cultural hacker blogs.
Jerry Rice on Success
There is a nice story about Jerry Rice, american football player, running in the Sunday, February 9, 2010 print edition of the San Francisco Chronicles. The story is about the secrets of success. [...]
Time Blocking
This is an interesting video which discusses why you should avoid distractions while working in order to stay as much productive as possible. ---gnucitizen information security gigs part of the cutting-edge network:No active items found!GNUCITIZEN NETWORK ---recent posts from the gnucitizen…
Leadership Lessons from Dancing Guy
What lessons can we learn from the crazy dancing guy? ---gnucitizen information security gigs part of the cutting-edge network:No active items found!GNUCITIZEN NETWORK ---recent posts from the gnucitizen cutting-edge network:Jerry Rice on SuccessTime Blocking0.5 is up for grabsWebsecurify 0.5RC1 Is…
Augmented-reality Maps
Well, augmented-reality is pretty much one of the hot topics these days. Here is a video of Blaise Aguera y Arcas demoing the new feature that come in MS Bing Maps. [...]
Ed Catmull on Keep Your Crises Small
I stumbled upon the following video by browsing twitter. I find it interesting and quite enlightening. Pixar is truly remarkable company and there is a lot one can learn from them.---gnucitizen information security gigs part of the cutting-edge network:No active items found!GNUCITIZEN NETWORK…
Was Huxley right?
I stumbled upon the following cartoon on twitter. I have read 1984 but not Brave New World. Will be visiting the local library soon. Some interesting stuff!---gnucitizen information security gigs part of the cutting-edge network:No active items found!GNUCITIZEN NETWORK ---recent posts…
Working Hard is Overrated?
I often hear about success stories where the direct cause for the success is someones hard work and persistence. Although in my mind persistence is important, it seems that hard work is seriously overrated according to the founders of Flickr and a bunch of neuroscientists, as reported here and…
How Derren Brown Predicted the Lottery Numbers
Last Wednesday (09/09/2009) Derren Brown predicted, or at least he made us to believe that he did, five numbers from the lottery draw aired on BBC. For those of you who have no clue what I am talking about, here is a video footage from the show. How did he do it? I was eager to find out but since he…
Simple and Obvious
When we see something that is simple and obvious we automatically assume that we can reach the same idea because after all it is simple and obvious. However, simple and obvious concepts are hard to come up with. Do not ignore the simple and the obvious. [...]
Micro Communities
I think that we are at the verge of another online change. We are going from hyper global communities, to ultra local and even micro communities. Global communities are places such as Facebook, Twitter, MySpace and all other social networks which sole purpose is to get as many users on board as…
Follow Securls on Twitter!
Related Services
 |
Secapps serves as an application directory of all online tools which the GNUCITIZEN team has built over the years. |
Visit the GNUCITIZEN Network for a complete listing of all GNUCITIZEN initiatives, products and partnering organizations.
Iteration
10
The next update will be in 10 minutes. Stay tuned!
Feeds
- Phreedom
- ha.ckers
- GNUCITIZEN
- DarkReading Security News
- ZDNet Zero Day
- CGISecurity
- Spin Hunters
- Security Vulnerability Research & Defense
- Schneier on Security
- Trail of Bits
- Milw0rm
- DVLabs
- Hakiri
- Scary Beast Security
- eWeek Security
- Doxpara Research
- Metasploit
- Secunia Advisories
- SANS Internet Storm Center
- Bugtraq
- Packet Storm Exploits
- House of Hackers
- Sophos Podcast
Try our dedicated information security search engine hosted by Google!
Join Securls! We can burn your security feeds for you. Just let us know from our contact page.