ACLU Privacy & Technology
Mon Nov 16 23:43:02 2009 GMT
  » FEED — SITE

ACLU Report Calls For Stronger U.S. Privacy Oversight Institutions

Privacy and Intelligence Experts Join Call for Oversight of Massachusetts Domestic Surveillance Oper...

NYCLU Urges Public Education and Voluntary Vaccine for H1N1 Flu, Warns Vaccine Mandate Violates Priv...

Department Of Homeland Security Inspector General Report Underscores Flaws In System For Settling Wa...

Senate Committee Passes Patriot Act Reauthorization Bill

ACLU Lawsuit Challenges California’s Mandatory DNA Collection at Arrest

NYCLU Calls on NYPD to Make Public Details on 'Ring of Steel' Expansion

TSA Body Scanning Technology Strips Away Privacy

Troubling Start For Patriot Act Reauthorization

Legislation To Be Introduced To Repeal Immunity For Telecommunications Companies

Data Loss Incidents
Thu Nov 19 14:48:04 2009 GMT
  » FEED — SITE

Missing hard drive exposes 1.5M customers names, Social Security numbers, and medical details

Post cards sent to 80,000 included names, addresses and Social Security numbers

Personal information of "probably a few thousand" on hacked server

E.On reveals customer bank details

Names and medical information of about 2,000 on stolen laptop

Lost hard drive may contain personal data of 60,000

Social Security numbers and home addresses of at least 300 disclosed online

Stolen laptop may contain Social Security numbers of 574

Undisclosed number of patient records possibly accessed by former employee

Customers' Social Security numbers and bank reference numbers taken by former employee

Personally identifiable data for 4,500 students accessible via web

Missing computer tapes expose 100,000 farmers personal details including bank account inforamtion

Unknown hack exposes more than 100 customers credit card details

Names, home addresses, dates of birth, and medical information of 68,000 on lost discs

Hacked computers expose 2920 student and faculty names and Social Security numbers

Email leaks 350 hospital employees names and Social Security numbers

Policy details of 641,000 on lost backup tape

Personal information for almost 16,000 on stolen data storage device

Emergent Chaos
Thu Nov 19 17:44:29 2009 GMT
  » FEED — SITE

UK Confused About Piracy

FTC Delays Red Flags Enforcement Yet Again

In the Proudest Traditions of the Royal Navy

Chaotic Thread

Visual Notetaking

"As far as I know, effective immediately"

Mini Metricon 4.5 Call for Participation

Pay for your own dog food

Detecting Malice

Tabletop Science

Seattle: Pete Holmes for City Attorney

Fordham report on Children's Privacy

Bob Blakley Gets Future Shock Dead Wrong

The Conch Republic

Prisoners in Iran

Privacy Digest
Thu Nov 19 20:48:22 2009 GMT
  » FEED — SITE

Verizon to forward RIAA warning letters (but that's all)

DNA Testing Firm Goes Bankrupt; Who Gets the Data?

Digital Video Recorders(DVR) is TV's New BFF

Copying as Search and Seizure

Senate Panel: 80 Percent of Cyber Attacks Preventable

New York’s Smoking Ban Is Extending Into Some Apartments

Setback for malicious prosecution lawsuit against RIAA

Swedish Retailer Pirates the Pirate Bay Logo

Uses of Medical Histories Are Curtailed Under a New Law

Handy Chart Tracks Proposed Amendments to Patriot Act

Google Books Settlement 2.0: Evaluating the Pros and Cons

Calling for Interns, law clerks, and a Google Policy Fellow!

Development of the Right to Privacy [ACS]

Madoff’s Coders Charged With Aiding Massive Ponzi Scheme

Swiss privacy commissioner miffed, taking Google to court

Beyond Security Theater

UK Police to continue to hold DNA of innocent people |Politics |The Guardian

Guardian (UK): Police to continue to hold DNA of innocent people

Register: Security
Fri Nov 20 23:46:31 2009 GMT
  » FEED — SITE

FDA takes aim at illegal net pharmacies

Hackers free Snow Leopard from Jobsian cage

Potty-mouths charged for Comcast hijack

Wrecking CRU: hackers cause massive climate data breach

QinetiQ mail virus patent attracts barbs

MS discovers flaw in Google plug-in for IE

Major IE8 flaw makes 'safe' sites unsafe

Users howl as Fedora 12 gives root to unwashed masses

Scareware tool dumps smut on Windows PCs

Spanish payment breach prompts huge German card recall

ISA report reveals email security lapse

Palin claims webmail hack disrupted GOP campaign

The Register's threat predictions for 2010

Crypto pioneer and security chief exits Sun

National Security Agency beefed Win 7 defenses

Stalker video peepholed ESPN bombshell

Second-hand ATM trade opens up fraud risk

UK cybercops cuff ZeuS Trojan suspect pair

Rootsecure.net
Fri Nov 20 23:46:35 2009 GMT
  » FEED — SITE

GCN: Locking down Windows with virtualization

SANS Forensics: Helix 3 Pro - First Impressions

Net Security: Linux Kernel "nfs4_proc_lock()" Local Denial of Service

Physorg: 'Fingerprinting' RFID Tags - Researchers Develop Anti-Counterfeiting Technology &qu...

Wired: Hacked E-Mails Fuel Global Warming Debate

Threat Post: Microsoft Finds Security Flaw in Google Chrome Frame

Ananova: Students Signing Up For Computer HackingThe threat "ethical hacking degree at Abertay ...

Net Security: Zero-day vulnerabilities in Firefox extensions discovered

Out Law: Database anonymity at risk, warns researcher

Network World: 3 Basic Steps to Avoid Joining a Botnet

H Security: Fedora 12 allows users install privilege

Bruce Schneier: A Taxonomy of Social Networking Data

Computer World: Microsoft denies it built 'backdoor' in Windows 7 "Don't worry, com...

BBC News: Google previews Chrome open source operating system "Internet search giant Google has...

PC World: Top 5 Social Engineering Exploit Techniques "Learn to pwn humans for fun and profit -...

Techcrunch: Mozillas Road To Camino 2.0 For Mac Users Is Complete

SANS: Fedora to allow the installation of packages, without root privileges?

Computer World: BlackBerry security exec warns of smartphone DDoS attacks

SANS Internet Storm Center
Fri Nov 20 14:51:01 2009 GMT
  » FEED — SITE

Infocon: green

Fedora to allow the installation of packages, without root privileges? , (Thu, Nov 19th)

PHP 5.3.1 is released. With many of the websites on the net relying on PHP and the number of attack...

Using a Cisco Router as a �Remote Collector� for tcpdump or Wireshark, (Wed, Nov 18th)

Metasploit Framework 3.3 Released, (Tue, Nov 17th)

OpenVPN Fixed OpenSSL Session Renegotiation Issue, (Tue, Nov 17th)

Reports of a successful exploit of the SSL Renegotiation Vulnerability?, (Mon, Nov 16th)

Microsoft advisory for Windows 7 / Windows Server 2008 R2 Remote SMB DoS Exploit released, (Sat, No...

Flash Origin Policy Attack, (Fri, Nov 13th)

SecurITeam.com
Wed Nov 18 20:50:12 2009 GMT
  » FEED — SITE

SecuriTeam.com

Avast aswRdr.sys Kernel Pool Corruption and Local Privilege Escalation

WordPress Unrestricted File Upload Arbitrary PHP Code Execution

Atheros Driver Reserved Frame DoS Vulnerability

McAfee Security Manager Authentication Bypass and Session Hijacking Vulnerability

Palm Pre WebOS Remote File Access Vulnerability

Netifera - Modular Open Source Platform for Security Tools

WarVOX - Tools for Exploring, Classifying, and Auditing Telephone Systems

Webshag - Web Server Audit Tool

Browser Fuzzer

FSpy - Linux Filesystem Activity Monitoring

HP-UX Running BIND DoS

Gimp PSD Image Parsing Integer Overflow Vulnerability

HP Power Manager Execution of Arbitrary Code

Novell eDirectory LDAP Null Base DN DoS Vulnerability

HP-UX Using libc DoS Vulnerability

HP DDMI Execution of Arbitrary Code

Microsoft Windows License Logging Service Heap Corruption Vulnerability

SecurityFocus News
Tue Nov 17 23:48:32 2009 GMT
  » FEED — SITE

News: Popular apps need better patching, says report

News: Hacker charged with Heartland, other breaches

News: Web attacks hit U.S., South Korean sites

News: FTC persuades court to shutter rogue ISP

Brief: No cyberwar yet, but soon, says firm

Brief: Survey: Majority of Web sites vulnerable

Brief: Microsoft fixes kernel, Office flaws

Brief: Point-and-click forensics tool leaks to Net

News: Security firm chokes sprawling spam botnet

News: FBI and SOCA plot cybercrime smackdown

News: Botnet boosts criminals' revenues from Google

Infocus: Enterprise Intrusion Analysis, Part One

Infocus: Responding to a Brute Force SSH Attack

Infocus: Data Recovery on Linux and ext3

Infocus: WiMax: Just Another Security Challenge?

Gunter Ollmann: Time to Squish SQL Injection

Mark Rasch: Lazy Workers May Be Deemed Hackers

Adam O'Donnell: The Scale of Security

SecurityFocus Vulns
Fri Nov 20 23:46:39 2009 GMT
  » FEED — SITE

Vuln: Microsoft Internet Explorer 'Style' Object Remote Code Execution Vulnerability

Vuln: RhinoSoft Serv-U Remote Denial of Service Vulnerabilities

Vuln: RhinoSoft Serv-U FTP Server 'rnto' Command Directory Traversal Vulnerability

Vuln: RhinoSoft Serv-U 'SMNT' Command Remote Denial of Service Vulnerabilities

Bugtraq: VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple...

Bugtraq: IE7

Bugtraq: [security bulletin] HPSBMA02478 SSRT090251 rev.1 - HP Operations Manager for Windows, Remot...

Bugtraq: PHP "multipart/form-data" denial of service

More rss feeds from SecurityFocus

Stupid Security
Tue Nov 3 23:46:43 2009 GMT
  » FEED — SITE

Fake Card-readers In a Hotel Elevator

large yellow sign deemed security risk

Short person: good. Tall person: Terrorism suspect

Hospital CIO is a Jedi -- Really....

Bathroom Emergency On Flight Prompts Felony Charge

Dual-Booting Linux Can Get You Into Trouble...

Man Detained by TSA for Carrying Cash - Audio Recording

Minister Breaches Security

Only Able Bodied Manly Men Can "Attend" to Their Luggage

TSA Throws Out Toothpaste But Allows Syringes Through

US-CERT National Cyber Alert
Thu Nov 19 20:43:54 2009 GMT
  » FEED — SITE

ST04-016: Recognizing and Avoiding Spyware

SB09-320: Vulnerability Summary for the Week of November 9, 2009

SA09-314A: Microsoft Updates for Multiple Vulnerabilities

TA09-314A: Microsoft Updates for Multiple Vulnerabilities

SB09-313: Vulnerability Summary for the Week of November 2, 2009

ST04-015: Understanding Denial-of-Service Attacks

SB09-306: Vulnerability Summary for the Week of October 26, 2009

SB09-299: Vulnerability Summary for the Week of October 19, 2009

ST04-014: Avoiding Social Engineering and Phishing Attacks

TA09-294A: Oracle Updates for Multiple Vulnerabilities

Virus warnings
Fri Nov 20 23:47:57 2009 GMT
  » FEED — SITE

TROJ_DELPACK.A

PE_DELPACK.A

Packed.Generic.269

Trojan:W32/Vilsel

Sophos launches next generation of hardware security modules

Rogue:W32/SysGuard.D

Backdoor.Bapkri

Microsoft Windows SMB_PACKET Remote Kernel Denial-of-Service Vulnerability

Backdoor.Revird

Trojan.Avalanec

Bloodhound.Exploit.308

Bloodhound.Exploit.307

Bloodhound.Exploit.306

W32.SillyFDC.BDF

W32.SillyFDC.BDE

(MS09-065) Win32k EOT Parsing Vulnerability (969947)

(MS09-065) Win32k Insufficient Data Validation Vulnerability (969947)

(MS09-065) Win32k NULL Pointer Dereferencing Vulnerability (969947)

You Are Being Watched
Wed Mar 25 18:49:42 2009 GMT
  » FEED — SITE

Surveillance Camera Talking Points

An Evaluation of the Effectiveness of San Francisco's Community Safety Cameras

Expert Findings on Surveillance Cameras: What Criminologists and Others Studying Cameras Have Found

Preliminary Findings of the Statistical Evaluation of the Crime-Deterrent Effects of the San Francis...

Guidelines for Public Video Surveillance

Under the Watchful Eye: The Proliferation of Video Surveillance Systems in California

Surveillance Cameras and the Attempted London Attacks

Who's Watching? Video Camera Surveillance in New York City and the Need for Public Oversight

Public and Private Applications of Video Surveillance and Biometric Technologies

Home Office Research Study 292: Assessing the Impact of CCTV

Video Surveillance: Information on Law Enforcement’s Use of Closed-Circuit Television to Monit...

The Four Problems With Public Video Surveillance

How to find hidden cameras

The Appropriate and Effective Use of Security Technologies in U.S. Schools