Hackin9
 
Four transmitting telescopes in the New Mexico desert, each just 6 inches in diameter, can give a satellite orbiting the moon faster Internet access than many U.S. homes get.
 
Adobe Flash Player and AIR CVE-2014-0520 Unspecified Remote Security Bypass Vulnerability
 

Okay, 

Disclaimer *and a blatent attempt to divert attention away from quality :)*, I am not a journalist, photographer etc etc etc.. This was done with my iPhone as a last minute idea. This is my first one, if the community likes these, I'll make more (and likely get better with practice).

 

 

Richard Porter

--- ISC Handler on Duty

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
Lenovo is taking orders for its first 4K monitor, the ThinkVision Pro2840m, but it's pricey at US$799.
 
Weddings. Job promotions. News articles. Facebook thinks it knows what the best stories are to drop in your news feed. But some users might want to see things their own way.
 
ESA-2014-021: RSA Archer® GRC Multiple Cross-Site Scripting Vulnerabilities
 
Microsoft today confirmed that it will give a new version of its OS, "Windows 8.1 with Bing," to tablet makers for free as it tries to boost the market and sales shares of its flagship OS.
 
The U.S.' escalating feud with China over hacking charges could end up hurting IT suppliers in both countries, as suspicions and eroding trust threaten to dampen the tech exchange between the two nations.
 

Microsoft plans to fix a vulnerability in version 8 of its Internet Explorer browser that allows attackers to remotely hijack computers that do nothing more than visit a booby-trapped website.

Details of the critical "use after free" security bug were published Wednesday by Zero Day Initiative (ZDI), the Hewlett-Packard owned group that sponsors the regularly occurring Pwn2Own hacking contest. The group, which buys vulnerabilities so it can protect customers from attacks that exploit them, has a policy of keeping bug details confidential until a patch is released or until 180 days after purchase, whichever happens first. ZDI notified Microsoft of the bug in October after acquiring it from whitehat researcher Peter "corelanc0d3r" Van Eeckhoutte of Corelan.

In a statement issued to media outlets, Microsoft said some patches take longer to develop than others and that "we must test every one against a huge number of programs, applications and different configurations," according to IDG News. "We continue working to address this issue and will release a security update when ready in order to help protect customers."

Read 2 remaining paragraphs | Comments

 
If you're looking for signs of our collective robotic future, it's either terrifyingly near or forever just around the corner.
 
Security researchers uncovered a global cybercriminal operation that infected with malware almost 1,500 point-of-sale (POS) terminals, accounting systems and other retail back-office platforms from businesses in 36 countries.
 
eBay on Friday put a notice on its home page urging users to change their passwords after security experts criticized it for failing to promptly alert customers about a massive break-in and data theft.
 
Bizagi BPM Suite 'Login.aspx' Cross Site Scripting Vulnerability
 
Officials from Cisco Systems and the Kansas City, Mo., municipal government are teaming up to launch a new network for smart city services.
 
Google has extended its guaranteed support for Chrome OS on vendors' Chromebooks to five years, adding a year of support to nearly every device.
 
LinuxSecurity.com: Security Report Summary
 
LinuxSecurity.com: A vulnerability in LibYAML could allow an attacker to execute arbitrary code or cause a Denial of Service condition.
 
LinuxSecurity.com: Updated mysql55-mysql packages that fix several security issues are now available for Red Hat Software Collections 1. The Red Hat Security Response Team has rated this update as having Moderate [More...]
 
LinuxSecurity.com: Updated mysql55-mysql packages that fix several security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Moderate [More...]
 
IBM WebSphere Application Server CVE-2014-0964 Denial of Service Vulnerability
 
Google, Apple, Intel and Adobe Systems have agreed to pay US$324.5 million to settle a class-action lawsuit that accused the companies of entering into secret agreements not to hire each others' workers, according to a filing seeking preliminary approval of the settlement.
 
CoreOS, a new lightweight Linux distribution customized for massive server deployments, has found a home on the Google Cloud Platform, giving organizations an easy way to test and use the software for their clusters and distributed computer programs.
 
[security bulletin] HPSBMU03025 rev.2 - HP Diagnostics running OpenSSL, Remote Disclosure of Information
 
[security bulletin] HPSBMU02995 rev.8 - HP Software HP Service Manager, Asset Manager, UCMDB Browser, UCMDB Configuration Manager, Executive Scorecard, Server Automation, Diagnostics, LoadRunner, and Performance Center, running OpenSSL, Remote Disclosure
 
ESA-2014-045: EMC Documentum D2 Arbitrary DQL Query Execution Vulnerability
 
[SECURITY] [DSA 2936-1] torque security update
 
Google is developing a new tablet with advanced vision capabilities that can be used to capture 3D images.
 
Google, Apple, Intel and Adobe Systems have agreed to pay US$324.5 million to settle a class-action lawsuit that accused the companies of entering into secret agreements not to hire each others' workers, according to a filing seeking preliminary approval of the settlement.
 
Microsoft claimed victory over an FBI bid to keep a request for customer data secret for national security reasons, but it appears the government gave up the fight after getting its way without the company.
 
TORQUE CVE-2014-0749 Stack Buffer Overflow Vulnerability
 
Targeted advertisements are headed to smart fridges, smart thermostats and other Internet-connected devices, raising potentially new privacy issues for consumers who use those products.
 

InfoSec Policies and Standards: Some strategic context for those just diving ...
SYS-CON Media (press release)
Organizations are giving more priority to development of information security policies, as protecting their assets is one of the prominent things that needs to be considered. Lack of clarity in InfoSec policies can lead to catastrophic damages which ...

 
Internet Storm Center Infocon Status