News Summary
We also offer the following RSS Feeds:
To suggest additional news sources or suggest other changes, use our
contact form. We try hard to keep the feeds RSS, XML, CSS, RFC, IETF, ISO, DIN, TüV, ANSI complaint, but may fail occasionally. Validate your inputs. If it fails your validator: You probably picked the wrong standard.
InternetStormCenter
- New version of OpenSSL released - OpenSSL 0.9.8l, (Fri, Nov 6th)
- A new version of Firefox (3.5.5) just became available. According to the release notes they are stability improvements., (Fri, Nov 6th)
- RIM fixes random code execution vulnerability, (Thu, Nov 5th)
- Insider threat: The snapnames case, (Thu, Nov 5th)
- TLS Man-in-the-middle on renegotiation vulnerability made public, (Thu, Nov 5th)
- Legacy systems, (Thu, Nov 5th)
- Sun Java 6 Update 17 out, fixes lots of security vulnerabilities (thanks Toby&Roseman), (Tue, Nov 3rd)
- Adobe released Shockwave Player 11.5.2.602 which fixes several critical security vulnerabilities, (Tue, Nov 3rd)
- Opachki, from (and to) Russia with love, (Tue, Nov 3rd)
- SURBL now posting abuse statistics for TLD's, (Tue, Nov 3rd)
- Microsoft releases v1.02 of Enhanced Mitigation Evaluation Toolkit (EMET), (Mon, Nov 2nd)
- Microsft releases v1.02 of Enhanced Mitigation Evaluation Toolkit (EMET), (Mon, Nov 2nd)
- Password rules: Change them every 25 years, (Mon, Nov 2nd)
- IDN ccTLDs, (Mon, Nov 2nd)
- Cyber Security Awareness Month 2009 - Summary and Links, (Sun, Nov 1st)
- Cyber Security Awareness Month - Day 31, ident, (Sat, Oct 31st)
- New version of NIST 800-41, Firewalls and Firewall Policy Guidelines, (Fri, Oct 30th)
- ICANN Strategic Planning (2010-2013) Consultation, (Fri, Oct 30th)
- Cyber Security Awareness Month - Day 30 - The "Common" IPSEC VPN Protocols - IKE / ISAKMP (500/udp), ESP (IP Protocol 50), NAT-T-IKE (500/udp, 4500/udp), PPTP (tcp/1723), GRE (IP Protocol 47), (Fri, Oct 30th)
- Help me assemble a list of "days of doom" as a followup to the ntp diary. http://jbu.me/25, (Thu, Oct 29th)
SANS Newsbites
- EU Legislators Reach Agreement on Internet Access Rights and Illegal Downloading (November 5, 2009)
- FBI Warns More Than US 0 Million Stolen Through Automated Clearing House System Fraud (November 3 & 4, 2009)
- Senate Judiciary Committee Approves Two Breach Notification Bills (November 5 & 6, 2009)
- Judge Punishes Attorney for Disregarding Privacy Practices (November 5, 2009)
- Zero-Day Flaw in SSL and TLS Protocols (November 5, 2009)
- Cookie Issue Allows Attackers to target Main Domain From Subdomain (November 4 & 5, 2009)
- Microsoft to Issue Six Bulletins on November 10 (November 5, 2009)
- Two Indicted for Unauthorized Computer Access (November 4 & 5, 2009)
- Adobe Issues Shockwave Security Update (November 3, 4 & 6, 2009)
- Corporate Data Compromise Leads to Increased Risk of Identity Fraud (November 4, 2009)
- Microsoft Report Says Worms Top Threat List in Enterprise Environments (November 2, 2009)
- European Commission Wants UK to Beef Up Privacy (November 2, 2009)
- House Ethics Committee Report Accidentally Leaked Through P2P Network (October 30, 31 & November 2, 2009)
- Global Information Security Report Sees Security Spending Stabilizing (November 2 & October 30 & 14, 2009)
- Facebook Awarded US 1 Million in Damages in Spam Case (October 30 & November 2, 2009)
- Former YouSendIt CTO Indicted on Charges Related to DoS Attacks Against Company (October 30, 2009)
- Former Bank of New York Mellon Employee Indicted on Identity Theft Charges (October 28 & 30, 2009)
- IP Address Indicates North Korean Involvement in July Cyber Attacks (October 30 & November 2, 2009)
- National Cybersecurity and Communications Integration Center Opens (October 30 & 31, 2009)
- Automated Tools Will Help Reduce Costs of FISMA Compliance (October 30, 2009)
Network Computing Security
SecurityFocus Vulnerabilities
US-Cert Bulletins
- SB09-306: Vulnerability Summary for the Week of October 26, 2009
- SB09-299: Vulnerability Summary for the Week of October 19, 2009
- SB09-292: Vulnerability Summary for the Week of October 12, 2009
- SB09-285: Vulnerability Summary for the Week of October 5, 2009
- SB09-278: Vulnerability Summary for the Week of September 28, 2009
- SB09-271: Vulnerability Summary for the Week of September 21, 2009
- SB09-264: Vulnerability Summary for the Week of September 14, 2009
- SB09-257: Vulnerability Summary for the Week of September 7, 2009
- SB09-251: Vulnerability Summary for the Week of August 31, 2009
- SB09-243: Vulnerability Summary for the Week of August 24, 2009
- SB09-236: Vulnerability Summary for the Week of August 17, 2009
- SB09-229: Vulnerability Summary for the Week of August 10, 2009
- SB09-222: Vulnerability Summary for the Week of August 3, 2009
- SB09-215: Vulnerability Summary for the Week of July 27, 2009
- SB09-208: Vulnerability Summary for the Week of July 20, 2009
- SB09-201: Vulnerability Summary for the Week of July 13, 2009
- SB09-194: Vulnerability Summary for the Week of July 6, 2009
- SB09-187: Vulnerability Summary for the Week of June 29, 2009
- SB09-180: Vulnerability Summary for the Week of June 22, 2009
- SB09-173: Vulnerability Summary for the Week of June 15, 2009
