Monday, November 23, 2009

Monday 11/23/09

http://www.ietf.org/id/draft-ietf-tls-renegotiation-00.txt
http://www.cisco.com/warp/public/707/cisco-sa-20091109-tls.shtml
http://securitytracker.com/id?1023148
http://www.unleashnetworks.com/blog/?p=134
http://extendedsubset.com/

SSL/TLS Renegotiation bug. Many patches coming.

----------

REASON TO UPGRADE TO IE8:

http://www.csoonline.com/article/508525/New_Attack_Fells_Internet_Explorer
The code was posted Friday to the Bugtraq mailing list by an unidentified hacker. According to security vendor Symantec, the code does not always work properly, but it could be used to install unauthorized software on a victim's computer.

"Symantec has conducted further tests and confirmed that it affects Internet Explorer versions 6 and 7," the company wrote on its Web site Saturday. "We expect that a fully-functional reliable exploit will be available in the near future."

Security consultancy Vupen Security has also confirmed that the attack works, saying it worked on a Windows XP Service Pack 3 system running IE 6 or IE7. Neither company was able to confirm that the attack worked on Microsoft's latest browser, IE 8.

----------

Cisco's Free IPhone App Grabs Security Feeds

----------

NSA Helped with Windows 7 Development
The National Security Agency (NSA) worked with Microsoft on the development of Windows 7, an agency official acknowledged yesterday during testimony before Congress.

----------

New Olive Planting Method Prompts California Oil Boom
An oil boom is under way in California's agricultural heartland, as evolving tastes and a trend toward healthy fare have transformed a profession as old as civilization: olive production for the extra virgin market....

----------

Latest jailbroken iPhone worm tries filching bank passwords
41 minutes ago - by Jacqui Cheng Posted in: Infinite Loop
Users who have jailbroken their iPhones just can't catch a break—another malicious worm is making its way around the Internet and tries to steal bank passwords for users in the Netherlands, Portugal, Hungary, and Australia. Users with locked-down iPhones are still safe.

----------

Creepy insurance company pulls coverage due to Facebook pics
about 14 hours ago - by Jacqui Cheng Posted in: The Web
Can people diagnosed with depression go to a party and look like they're having fun? Most of us would say yes, but one insurance company thinks not. A woman in Canada got her sick leave coverage pulled after she posted photos of her birthday party to her private, locked-down Facebook account.

----------

Queen: We sank the Armada, we can sink some P2P pirates!
3 days ago - by Nate Anderson Posted in: Law & Disorder
The Queen opened the UK parliamentary session yesterday and announced that an Internet disconnection bill would be coming soon. But will it actually be legal?

----------

Nation's School Districts are Failing to Protect Children's Privacy
A Fordham Law School study found that state educational databases across the country ignore key privacy protections for the nation’s school children.
.

----------

Al Qaeda Secret Code Broken
I would sure like to know more about this:

Top code-breakers at the Government Communications Headquarters in the United Kingdom have succeeded in breaking the secret language that has allowed imprisoned leaders of al-Qaida to keep in touch with other extremists in U.K. jails as well as 10,000 "sleeper agents" across the islands....
...
The code the terrorists devised consists of words chosen from no fewer than 20 dialects from Afghanistan, Iran, Pakistan, Yemen and Sudan.

----------

Fedora 12 allows users install privilege - Update 2
Fedora 12 has changed its security policy to allow unprivileged users to install software without requiring the root password more…

----------

Report: Cyberattacks against the U.S. "rising sharply"
Angela Moscaritolo November 20, 2009
During just the first half 2009, there were 43, 785 cyberattack incidents against the DoD, a new report states. If this volume is maintained for the rest of the year, it will represent a 60 percent increase over 2008.

----------

Prosecutors Ending Lawsuit Against Lori Drew

----------

Thousands of web sites redirected
Dancho Danchev: Security researchers have detected a massive blackhat SEO campaign consisting of over 200,000 compromised web sites, all redirecting to fake security software.

----------

Microsoft: 'TaterF' Worm Top Malware Threat So Far This Month
Nov 23,2009
Software giant reveals November stats from Malicious Software Removal Tool

----------

No comments: