Software
From the Web
Senate Panel Clears Data Breach Bills
November 05, 2009 from: Office of Inadequate Security
The Senate Judiciary Committee Thursday approved two companion bills that would require businesses and government agencies to notify individuals of security breaches involving sensitive personally identifiable information. Both bills go to the Senate for consideration.
Comments (0)
From the Web
Man charged with developing and distributing cable network hacking tools
November 02, 2009 from: Office of Inadequate Security
Charges were unsealed in federal court in Massachusetts against an Oregon man and the company he founded, TCNISO, alleging that they developed and distributed products that allowed users to modify their cable modems and obtain internet access without paying for it.
Comments (0)
From the Web
Whitehouse Drupal and The Open Source Security Model
October 25, 2009 from: Rsnake's blog at ha.ckers.org
Have you heard the news? The Whitehouse has decided to go open source. They have decided to switch from their own proprietary in-house CMS system to Drupal. You heard me right, Drupal. The same Drupal with 12 pages of vulnerabilities at OSVDB since it’s inception. I’m sure this made the Open Source community jump for joy, but I see this as a big mistake if you take it on face value and...
Comments (0)
From the Web
Website exposes sensitive details on military personnel
September 08, 2009 from: Office of Inadequate Security
Programming errors on a website that helps commuters carpool to work are exposing sensitive information of workers for hundreds of employers in Southern California, including at least one military installation.
Comments (1)
From the Web
Email Obfuscation and Spam Robots
September 08, 2009 from: Rsnake's blog at ha.ckers.org
I’ve long been interested in spam and robots that scrape for email addresses. I’ve done tons of work in the space, although I’ve never published any of it. Call it more of a side hobby than anything I really want to go public with - as it is with a lot of my research
Comments (0)
From the Web
Digital Direct reports breach
September 05, 2009 from: Office of Inadequate Security
Chris Cooper of Bloomberg.com reports that Digital Direct, Inc., a unit of Mitsubishi Corp., had a breach of their e-commerce web site that resulted in the compromise of 52,000 customers’ credit card numbers.
Comments (0)
From the Web
Helping users keep plugins updated
September 04, 2009 from: Mozilla Security Blog
Starting with the upcoming releases of Firefox 3.5.3 and Firefox 3.0.14, Mozilla will warn users if their version of the popular Adobe Flash Player plugin is out of date. Old versions of plugins can cause crashes and other stability problems, and can also be a significant security risk.
Comments (0)
From the Web
Best of Application Security (Friday, Sep. 4)
September 04, 2009 from: Jeremiah Grossman's Blog
Ten of Application Security industry's coolest, most interesting, important, and entertaining links from the past week -- in no particular order. Regularly released until year end. Then the Best of Application Security 2009 will be selected!
Comments (0)
From the Web
Announcement Regarding The October 2009 Critical Patch Update
September 03, 2009 from: The Oracle Global Product Security Blog
Because many Oracle customers with responsibility for deploying the Critical Patch Update within their respective organizations will be attending Oracle OpenWorld on October 11-15, 2009; the October 2009 Critical Patch Update originally scheduled to be published on Tuesday, October 13th 2009, will be released on October 20th 2009.
Comments (0)
From the Web
McAfee keeps leaked details to itself
July 31, 2009 from: Office of Inadequate Security
McAfee is yet to confirm with delegates to its recent Strategic Security Conference that their details were leaked in a bulk email, as reported on iTnews yesterday.
Comments (0)
- Brand Damage Through Information Access
- Identity & Access Management: Give Me a REST
- Over-Sharing Riskier than Government Snooping
- 20 Critical Security Controls: Control 13 – Boundary Defense
- Redefining Social Networking
- Creating Your Own Privacy & ROI
- Security Intelligence for the Enterprise - Part 1
- Why are Cybercrimes NOT Always White-collar Crimes?
- From the SMB to Security Guru: Five Ways IT Pros Can Manage Security on a Budget
- Balancing Act Between Privacy and Security