DNS researcher convinces skeptics that bug is serious
"I broke a huge rule: I didn't bring in anyone else from the research community," said Kaminsky in explaining why he felt he needed to deviate from his plan to withhold technical details until early next month, when he presents at the Black Hat security conference. "I forgot that, no, you don't get to make a whole bunch of noise without some technical details to back it up," Kaminsky said. "[As] security researchers, we need the ability to call 'bullshit' on people."
Essentially, that's what Ptacek, Dai Zovi and others did. After the conference call, however, both Ptacek and Dai Zovi said they were convinced the DNS flaw was as significant as Kaminsky had promised.
"Dan's got the goods," said Ptacek in an entry on the Matasano blog Wednesday.
Former VP at HP faces 10 years for IBM trade-secret theft
Microsoft confirms WSUS patch problem
July 11, 2008 (Computerworld) Microsoft Corp. yesterday acknowledged that it may have to re-release a recent fix for a flaw that stymied some users' ability to grab security patches through Windows Server Update Services (WSUS).
Tennessee's sinking data center gets help
July 11, 2008 (Computerworld) A data center in Tennessee that may be located in the worse spot in America for a data center -- on an unstable landfill, next to a railroad and a river and downstream from a large dam that the U.S. Army Corps of Engineers says has a risk of failing -- is getting relocated, at least partially...
Chip maker sues to quash research on RFID smart card security flaws
NXP Semiconductors filed suit in Court Arnhem in The Netherlands against Radboud University Nijmegen. The company is pushing the courts to keep university researchers from publishing a paper about reported security flaws in the MiFare Classic, an RFID chip manufactured by NXP Semiconductors.
The paper is slated to be presented at the Esorics security conference in Malaga, Spain, this October, according to Karsten Nohl, a graduate student who was part of a research group that originally broke the encryption last year. Nohl told Computerworld on Thursday that he gave his research to the Dutch university so it could build on what he had done, and he has been closely following its progress.
Criminal prosecutions eyed for passport snoopers
Developer fixes 33-year-old Unix bug
Texas Bank Dumps Antivirus for Whitelisting - 7/11/2008 1:10:00 PM Tired of AV and malware, First National Bank of Bosque County adopts application whitelisting instead
Chinese Cyber Attacks
The popular media conception is that there is a coordinated attempt by the Chinese government to hack into U.S. computers -- military, government corporate -- and steal secrets. The truth is a lot more complicated.
http://www.schneier.com/blog/
Posted at 03:20 PM ET, 07/11/2008
A Baker's Dozen of Security Updates for iPhone 2.0
As expected, the 2.0 version of iPhone released today includes a number of security updates, patching more than a dozen holes in the slimmed-down OS X operating system that powers the devices.
That means for those who already own Apple's mobile device, it's time to update.
http://blog.washingtonpost.com/securityfix/2008/07/a_bakers_dozen_security_update.html
NY attorney general gets more ISPs to block alt.* newsgroups
New York's Attorney General has turned his initial efforts against online sharing of child porn into a campaign, complete with its own website and a form letter to send to ISPs. The site's announcement coincides with AOL and AT&T reaching an agreement to block newsgroups where such porn appears.
July 11, 2008 - 02:28PM CT - by John Timmer
Kaspersky to Simulate Successful Hacking Attack on Intel CPUKris Kaspersky, co-founder of the security software company Kaspersky Lab, will demon... [read >>]
Berlin subway ticket machines go down
Michael Krigsman: Ticket dispensers in the Berlin subway system stopped working on July 1 after a faulty update from central HQ.
Turns Out Viacom Is Really Interested In What Google Employees Are Uploading/Viewing On YouTube
Lawyer's Lack of Brevity Not an Aberration
By MATTHEW HELLER
A Vancouver, Wash., attorney who was ordered last month to rewrite a 465-page complaint has a history of incurring judicial displeasure by filing lengthy pleadings. more
New trojan in the wild targeting multimedia files
Negar Salek July 14, 2008
A new trojan in the wild is infecting multimedia files on a victim's hard disk.
http://blogs.technet.com/swi/:
You should always set up your SQL server with best security practices as outlined in http://technet.microsoft.com/en-us/library/ms144228.aspx and http://www.microsoft.com/technet/prodtechnol/sql/2005/sql2005secbestpract.mspx
More-Searchable Flash
By Kate Greene 07/03/2008 0 Comments
Information from millions of Web pages that use the animation software is now available to search engines.
NY: 50 Percent of Sequoia Voting Machines Flawed
Trojans Over 60% Of New Malware Infections Says Panda Labs By Grey McKenzie 07/11/2008
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment