 Info Security News Mailing List
Carries news items (generally from mainstream sources) that relate to security.
List Archives
Latest Posts
Microsoft warns of IE exploit code in the wild
InfoSec News (Nov 24)
http://news.cnet.com/8301-27080_3-10403756-245.html
By Elinor Mills
InSecurity Complex
CNet News
November 23, 2009
Microsoft on Monday said it is investigating a possible vulnerability in
Internet Explorer after exploit code that allegedly can be used to take
control of computers, if they visit a Web site hosting the code, was
posted to a security mailing list.
Microsoft confirmed that the exploit code affects IE 6 and IE 7, but not
IE 8,...
Inside the Ring - Chinese, Russian cyberwarfare
InfoSec News (Nov 24)
http://www.washingtontimes.com/news/2009/nov/19/inside-the-ring-37209361/
By Bill Gertz
INSIDE THE RING
November 19, 2009
[...]
Chinese, Russian cyberwarfare
The Pentagon's National Defense University recently published a
groundbreaking book that is one of the few U.S. government documents to
highlight the cyberwarfare capabilities of both China and Russia.
The book "Cyberpower and National Security" contains a chapter on the...
Symantec Japan website bamboozled by hacker
InfoSec News (Nov 24)
http://www.theregister.co.uk/2009/11/23/symantec_website_security_snafu/
By John Leyden
The Register
23rd November 2009
A Symantec-run website was vulnerable to Blind SQL Injection problems
that reportedly exposes a wealth of potentially sensitive information.
Romanian hacker Unu used off-the-shelf tools (Pangolin and sqlmap) to
steal a glimpse at the database behind Symantec's Japanese website. A
peek at the Symantec store revealed by the...
NIST Drafts Cybersecurity Guidance
InfoSec News (Nov 24)
http://www.informationweek.com/news/government/security/showArticle.jhtml?articleID=221900722
By J. Nicholas Hoover
InformationWeek
November 23, 2009
Draft guidance from the National Institute of Standards and Technology
issued last week, pushes government agencies to adopt a comprehensive,
continuous approach to cybersecurity, tackling criticism that federal
cybersecurity regulations have placed too much weight on periodic
compliance...
Hancock Fabrics Linked to Fraud in 3 States
InfoSec News (Nov 24)
http://www.bankinfosecurity.com/articles.php?art_id=1961
By Linda McGlasson
Managing Editor
Bank Info Security
November 23, 2009
Bank customers in California, Wisconsin and Missouri are reporting
fraudulent ATM withdrawals that police say are tied to transactions
conducted with the Hancock Fabrics retail chain.
In California, Napa Police Department spokesman Brian McGovern says 60
residents reported their cards being used by thieves. In one...
Recent Air Force Law Review discusses Cyberlaw
InfoSec News (Nov 22)
http://www.maxwell.af.mil/news/story.asp?id=123178704
By Carl Bergquist
Air University Public Affairs
11/20/2009
MAXWELL AIR FORCE BASE, Ala. -- Volume 64 of the Air Force Law Review is
now available in hardcopy and online. Published this year, it is
sub-titled the "Cyberlaw Edition."
Largely the result of a symposium held at the Judge Advocate General
School at Maxwell Air Force Base, the edition addresses many of the
issues...
Three Indicted For Comcast Site Hack
InfoSec News (Nov 22)
http://www.darkreading.com/security/attacks/showArticle.jhtml?articleID=221900520
By Tim Wilson
DarkReading
Nov 20, 2009
Three alleged hackers this week were indicted for a 2008 attack that
redirected traffic from the Comcast Website to a prank page.
Christopher Allen Lewis, 19, and James Robert Black Jr., 20, are accused
of being the hackers "EBK" and "Defiant," who hijacked the Comcast
domain in May of last year,...
Hackers steal electronic data from top climate research center
InfoSec News (Nov 22)
http://www.washingtonpost.com/wp-dyn/content/article/2009/11/20/AR2009112004093.html
By Juliet Eilperin
Washington Post Staff Writer
November 21, 2009
Hackers broke into the electronic files of one of the world's foremost
climate research centers this week and posted an array of e-mails in
which prominent scientists engaged in a blunt discussion of global
warming research and disparaged climate-change skeptics.
The skeptics have seized upon...
Secunia Weekly Summary - Issue: 2009-47
InfoSec News (Nov 22)
========================================================================
The Secunia Weekly Advisory Summary
2009-11-13 - 2009-11-20
This week: 72 advisories
========================================================================
Table of Contents:
1.....................................................Word From...
China Cyber Espionage Threatens U.S., Report Says
InfoSec News (Nov 22)
http://www.informationweek.com/news/government/security/showArticle.jhtml?articleID=221900505
By Thomas Claburn
InformationWeek
November 20, 2009
China has increased its cyber espionage efforts to acquire U.S. secrets
and technology, a Congressional advisory group warned in a report issued
on Thursday.
Echoing its 2008 and 2007 reports, which labeled China's espionage
efforts "the single greatest risk to the security of American...
FBI looking at UMC records leak
InfoSec News (Nov 22)
http://www.lasvegassun.com/news/2009/nov/21/fbi-looking-umc-records-leak/
By Marshall Allen
The Las Vegas Sun
Nov. 21, 2009
The FBI said Friday it may investigate a breach of patient privacy laws
at University Medical Center, where hospital officials are reeling with
the realization that at least one of their employees has leaked
confidential names, birth dates and Social Security numbers.
UMC officials spent Friday determining how they...
Microsoft denies it built 'backdoor' in Windows 7
InfoSec News (Nov 20)
http://www.computerworld.com/s/article/9141182/Microsoft_denies_it_built_backdoor_in_Windows_7
By Gregg Keizer
Computerworld
November 19, 2009
Microsoft today denied that it has built a backdoor into Windows 7, a
concern that surfaced yesterday after a senior National Security Agency
(NSA) official testified before Congress that the agency had worked on
the operating system.
"Microsoft has not and will not put 'backdoors' into...
Re: FBI Suspects Terrorists Are Exploring Cyber Attacks
InfoSec News (Nov 20)
Forwarded from: Richard Forno <rforno (at) infowarrior.org>
The second paragraph undermines the whole article, as such statements
tend to do in all articles warning of cyber or terrorist attacks, just
as any number of 'stories' citing some new DHS or FBI terror threat that
suddenly hits the airwaves periodically during the year.
This entire article simply says -er, repeats- that "terrorists may
consider cyber attacks."...
Bill Would Ban P2P Use By Federal Employees
InfoSec News (Nov 20)
http://www.informationweek.com/news/government/policy/showArticle.jhtml?articleID=221900107
By J. Nicholas Hoover
InformationWeek
November 18, 2009
Following a leaked document that disclosed ethics investigations of
members of Congress on a file sharing network, the chairman of the House
Oversight and Government Affairs Committee has introduced a bill that
would ban the use of public peer-to-peer networks by federal employees.
The Secure...
Crypto pioneer and security chief exits Sun
InfoSec News (Nov 20)
http://www.theregister.co.uk/2009/11/19/diffie_leaves_sun/
By Gavin Clarke in San Francisco
The Register
19th November 2009
Crypto pioneer and Sun Microsystems' veteran chief security officer
Whitfield Diffie has left the company, with database-giant Oracle's
acquisition still in the air.
According to Technology Review, Diffie is slated to be a visiting
professor at Royal Holloway, University of London, after 18 years at
Sun, latterly in...
More Lists
Dozens of other network security lists are archived at
SecLists.Org.
|