Hackin9

Defence appoints new infosec chief
iT News
The Federal Government's information security and foreign intelligence authority has named a new director following the retirement of former head Ian McKenzie. Dr Paul Taloni will join the Australian Signals Directorate (formerly the Defence Signals ...

and more »
 

Govt hires new federal infosec director
SC Magazine Australia
The Federal Government's information security and foreign intelligence authority has named a new director following the retirement of former head Ian McKenzie. Dr Paul Taloni will join the Australian Signals Directorate (formerly the Defence Signals ...

and more »
 
In a rare move, a federal court in Idaho ordered a software developer's computer seized and its contents copied without prior notice because the developer described himself as a 'hacker' on his website.
 
I aquired a lot of these just last year, plus they're coming back out in the open as it would be starting out to secure amazing once more ,. I actually want to appreciate any of them, they might be a little bit realistic, but associated with pension transfer buy wow gold us I'm not against the help delivering all of these while it is raining unless you possess cleaning product. The trend is in fact tremendously attractive, the limited control key happens to be lovable, and it's really completely new facial skin to a old and unwanted vintage.The chief difficulty in regards to these types might be a component which will owns on your calf for your back once again for this banc is constructed from a good leaner far better elements, and consequently over the years, seems to lose it really is stabilize. The back once again half will fail out therefore it appears to be like undoubtedly negative. I'm always for almost any have a look at to verify individuals have not at all creased / folded well over, otherwise are typically not bowing in an outward direction this is because will look nasty.Furthermore, on a shade framework POV, May our saying distinct a person's, and I'd like to possess beach sand dyed device (that might more effectively complement big among the sheepskin) as opposed to the subsidiary black/chocolate tab on the side.Efficient, similarly to buy wow gold us merchandise, it is just a caliber tool. Like That i claimed, can differ the down sides mentioned, ours are nevertheless around flawlessly understandable point out and i offer individuals typically. Good associated with skinnies as well as fleece tunic.
 
Microsoft's head of communications took shots today at Apple's decision to give away its iWork productivity software, calling the move "an attempt to catch up."
 
Yahoo has acquired LookFlow, an image recognition company, as part of a plan to improve photo discovery on Flickr, Yahoo announced Wednesday.
 
AT&T posted gains in revenue and net income for the third quarter of 2013, with gains in mobile phone and U-verse TV subscribers driving the growth.
 

Re: Mozilla Thunderbird: a pointless upgrade

by canada goose expedition parka size

How to Put the Brighton Charm Slides on a BraceletThe popular Brighton jewelry collection offers a basic charm bracelet and an assortment of spacers and charms. The design of the ABC slide bracelet provides a quick and secure way to insert spacer beads, dangling charms and decorative rings on the chain to personalize jewelry. The rings on the charms and openings in the spacers fit over the rings on the bracelet. The slide bracelet includes a built-in terminal bead to manage slider charms and a two-clasp attachment to secure the bracelet ends. canada goose expedition parka size
 
Cisco Security Advisory: Cisco IOS XR Software Route Processor Denial of Service Vulnerability
 
Joomla! Maian15 Component 'name' Parameter Arbitrary Shell Upload Vulnerability
 
Linux Kernel CVE-2013-4299 Information Disclosure Vulnerability
 
ESA-2013-067: RSA® Authentication Agent for Web for Internet Information Services (IIS) Security Controls Bypass Vulnerability
 
A Taiwan-based research institute announced a set of glasses that project a virtual heads-up display that offers users fingertip control.
 
Communications chip maker Broadcom is cutting approximately 1,150 jobs, nearly one-tenth of its workforce, as part of a global restructuring.
 
In a rare move, a federal court in Idaho ordered a software developer's computer seized and its contents copied without prior notice because the developer described himself as a 'hacker' on his website.
 
RETIRED: pwgen CVE-2013-4443 Insecure Password Generation Weakness
 
Cisco Security Advisory: Multiple Vulnerabilities in Cisco Identity Services Engine
 
Cisco Security Advisory: Apache Struts 2 Command Execution Vulnerability in Multiple Cisco Products
 
New patent reform legislation introduced in the U.S. House of Representatives Wednesday aims to make it more difficult for patent trolls to file infringement lawsuits.
 
Once considered a likely candidate for Intel's CEO job, Dadi Perlmutter, executive vice president and general manager of the Intel Architecture Group, is leaving the company.
 
U.S. intelligence agencies may have spied on German Chancellor Angela Merkel's mobile phone, which would be a "grave breach of trust," the German government said late Wednesday.
 
Cisco Identity Services Engine CVE-2013-5530 Remote Arbitrary Command Execution Vulnerability
 
T-Mobile on Wednesday announced it will give away 200 MB of tablet data per month over its 4G LTE network to customers who sign up for a Mobile Internet account.
 
Gartner this week downgraded its Windows device shipment forecast for the second time this year, saying that while Microsoft's platform is still expected to rebound in 2014, its climb out of the PC slump will take longer.
 
WordPress Landing Pages Plugin 'post' Parameter SQL Injection Vulnerability
 
Cisco Secure Access Control System CVE-2013-5536 Remote Denial of Service Vulnerability
 
Multiple Cisco Appliances CVE-2013-5537 Denial of Service Vulnerability
 

BankInfoSecurity.com

Essential Skills for InfoSec Pros
BankInfoSecurity.com
In a recent presentation at the ISC² Congress in Chicago, information security specialist J.J. Thompson, CEO of Rook Consulting, painted a portrait of the "renaissance security professional," spelling out the the growing number of skills that security ...

 
A new ARM architecture for embedded chips could boost the power and precision of systems used in a variety of products, including car brakes, medical devices and factory systems.
 
While EMC and VMware spinoff Pivotal prepares to launch its business intelligence platform-as-a-service, the new company has also been busy building its portfolio of data mining and analysis software.
 
IBM Rational Policy Tester CVE-2013-4062 SSL Certificate Validation Spoofing Vulnerability
 
IBM Rational Policy Tester CVE-2013-4061 Remote Security Bypass Vulnerability
 
Samsung Electronics has signed a 10-year supply agreement with Corning, the maker of Gorilla Glass, to ensure access to all of Corning's existing and future technologies.
 
Vulnerabilities in the management interfaces of some wireless router and network-attached storage products from Netgear expose the devices to remote attacks that could result in their complete compromise, researchers warn.
 
Juniper Networks is cutting its workforce by 280, or 3%, this quarter as it realigns resources in high growth opportunities.
 
LG Electronics' new smartphone based on Firefox OS, the Fireweb, offers slightly better hardware specs than competing products.
 
Nitesh Dhanjani

There's a reason Internet-connected thermostats, televisions, and other everyday appliances are growing increasingly popular. In an age when smartphones are nearly ubiquitous, people can crank up the heat, record TV programs, and check home-security systems without getting off the couch or leaving the little league game that's gone into extra innings.

But there's a flip side to the convenience. Just as Internet connections give new capabilities to the people using the devices, they also create new opportunities for stalkers, thieves, and hackers. A case in point: in August, Ars described how smartphone-controlled lighting systems from Philips could be commandeered by malicious websites to cause persistent blackouts. Now, the same researcher behind that hack has devised a new proof-of-concept attack. It turns a wireless baby monitor made by Belkin into a stealthy bugging device that can be accessed by someone in your front yard... or halfway around the world.

The WeMo brand monitor is simple to use. Connect it to a home Wi-Fi network and access it just once over the same network with an iPhone or iPad app Belkin makes available for free. The device will then have unfettered access to all audio picked up by the pint-sized device. Access to your home Wi-Fi network isn't necessary for the app to work after initial setup; all conversations within earshot of the monitor can be tapped as long as the iPhone or iPad has an Internet connection. The ease of connecting is no doubt intended to be one of the selling points of the WeMo monitor. But its lack of password authentication can just as easily be viewed as a liability since it exposes users to surreptitious monitoring by baby sitters, former spouses, or anyone else who even once manages to get on the home network. The only way to be sure that the device is locked down is to continually check the monitor's settings panel to ensure no unrecognized devices are connected to it.

Read 9 remaining paragraphs | Comments


    






 
T-Mobile's "Un-carrier" initiative to shake up the wireless industry continues Wednesday with a press event via Twitter related in some way to how tablets are sold and serviced.
 
Toshiba has unveiled its first 7mm (9/32-in) hard drive with two disk platters that offers up to 1TB of storage capacity.
 
GuppY CVE-2013-5983 Multiple Cross Site Scripting Vulnerabilities
 
Cross-Site Scripting (XSS) in GuppY
 
Samsung announced a mini 4.3-in. version of the Galaxy S 4 will go on sale in November over four U.S. carriers.
 
Xen CVE-2013-4371 Use After Free Remote Denial of Service Vulnerability
 
[ MDVSA-2013:257 ] nss
 
[Article] The Audit DSOs of the rtld
 
European Union leaders will meet to discuss the digital economy for the first time on Thursday.
 
The European Parliament voted on Wednesday to suspend a major data sharing agreement with the United States following the ongoing scandal over alleged National Security Agency surveillance.
 
An alarming growth in malware signed with fraudulently obtained keys and code-signing certificates in order to trick users to download harmful code is prompting Microsoft and Symantec to push for tighter controls in the way the world's certificate authorities issue these keys used in code-signing.
 
Oracle is hoping to differentiate its CRM software from competitors with the acquisition of BigMachines, whose cloud-based system helps salespeople quickly put together and price complex orders.
 
Social media experts discuss the most common social networking business blunders and what companies can do to improve their social media IQ.
 
Cisco will boost its enterprise collaboration stack with products designed to simplify the way companies secure communications, interact with external parties and manage their collaboration tools.
 
LinuxSecurity.com: A vulnerability has been discovered and corrected in mozilla NSS: Mozilla Network Security Services (NSS) before 3.15.2 does not ensure that data structures are initialized before read operations, which allow remote attackers to cause a denial of service or possibly have [More...]
 
LinuxSecurity.com: Updated vino packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate [More...]
 
LinuxSecurity.com: Updated java-1.7.0-openjdk packages that fix various security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having critical [More...]
 
LinuxSecurity.com: Updated kernel packages that fix three security issues and several bugs are now available for Red Hat Enterprise Linux 6.3 Extended Update Support. The Red Hat Security Response Team has rated this update as having [More...]
 
LinuxSecurity.com: Updated kernel packages that fix multiple security issues and one bug are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate [More...]
 
LinuxSecurity.com: Pedro Ribeiro discovered a use-after-free in the handling of ImageText requests in the Xorg Xserver, which could result in denial of service or privilege escalation. [More...]
 
WebKit CVE-2013-5128 Unspecified Memory Corruption Vulnerability
 
WebKit CVE-2013-5125 Unspecified Memory Corruption Vulnerability
 
Apple's move to offer its latest desktop operating system, OS X Mavericks, for free isn't going to affect the Linux operating system at all, its creator Linus Torvalds said.
 
Samsung Electronics is updating products including the Galaxy S4 and Note II so they can communicate with the company's Galaxy Gear smartwatch.
 
A U.S. appeals court has ruled that police must obtain a warrant prior to using a GPS device to track a vehicle, deciding on an unaddressed issue in an earlier Supreme Court order.
 
The U.S. Foreign Intelligence Surveillance Court has allowed Yahoo's counsel to review declassified documents from a 2008 dispute over data disclosure, after the company said the public release of documents redacted by the government could lead to its role being misunderstood.
 
Goldman Sachs must pay the legal fees of a software engineer facing New York state charges that he allegedly stole the firm's proprietary source code, a federal judge ruled.
 
A gruesome video that was recently noticed on Facebook and allowed by the company was removed Tuesday, as the social network looks to strengthen its policies around the posting of graphic content.
 
Apple on Tuesday launched OS X 10.9, aka Mavericks, as a free upgrade for most Mac owners, including those with machines up to six years old.
 
Apple and Samsung Electronics exchanged heated words in court Tuesday over allegations that Samsung's lawyers leaked details of confidential Apple licensing agreements to Samsung executives.
 
Apple iPhone/iPad/iPod touch Prior to iOS 7 CVE-2013-5141 Denial of Service Vulnerability
 
Apple iPhone/iPad/iPod touch Prior to iOS 7 CVE-2013-5139 Remote Code Exexution Vulnerability
 
Apple iPhone/iPad/iPod touch Prior to iOS 7 CVE-2011-2391 Denial of Service Vulnerability
 
Two of the contractors involved in developing the Affordable Care Act healthcare exchanges have had fairly serious data security issues, a Computerworld review of publicly available information has found.
 
The U.S. House will begin drilling into the problems at Healthcare.gov on Thursday when a panel of project contractors face the the Energy and Commerce Committee. Fireworks are likely.
 
The HP Chromebook 14 with 4G is now available for a highly reasonable $349. Combining great performance with a spacious 14-in. display, is it the right Chromebook for you?
 
Apple iPhone/iPad/iPod touch CVE-2013-5129 Cross-Site Scripting Vulnerability
 
Apple iPhone/iPad/iPod touch CVE-2013-5131 Cross-Site Scripting Vulnerability
 
Apple iPhone/iPad/iPod touch Prior to iOS 7 CVE-2013-1036 Memory Corruption Vulnerability
 
When you are part of younger age group, selecting just astonished having the range of this futures for you to would probably receive. These include containing the top part excellent products in order that it may be sure to highest safeguard each towards high temperature plus cool. In addition to how the Barbour coat could additionally make sure you security in opposition to down pours along with severe climate. Michael Kors Outlet
 
GuppY Unspecified Cross Site Scripting Vulnerability
 

PR Web (press release)

Secure Digital Solutions LLC Prepares to Launch New Service - InfoSec Maturity ...
PR Web (press release)
SDS is pushing hard to promote new a service offering, “InfoSec Maturity Program Assessment” at the ISACA 2013 ISRM Conference in Las Vegas this November. Share on Twitter Share on Facebook Share on Google+ Share on LinkedIn Email a friend.

and more »
 

Posted by InfoSec News on Oct 23

http://healthitsecurity.com/2013/10/22/a-healthcare-ciso%E2%80%99s-primary-customer-the-clinician/

By Dom Nicastro
HealthITSecurity.com
October 22, 2013

It's clear by now CISOs should work closely with the CMIO and physician
leaders responsible for clinical care and clinical systems. They can start
by attending and presenting at medical staff meetings, department
meetings, grand rounds, etc. on topics of interest to the clinical staff....
 

Posted by InfoSec News on Oct 23

http://www.nydailynews.com/news/national/navy-commander-swaps-secrets-lady-gaga-tickets-feds-article-1.1492746

By Doyle Murphy
New York Daily News
October 22, 2013

A high-powered U.S. Navy officer faces charges he traded secrets for
prostitutes, luxury travel arrangements and tickets to a Lady Gaga
concert.

Commander Michael Vannak Khem Misiewicz is accused of running the alleged
pay-to-play scheme along with a Navy investigations special...
 

Posted by InfoSec News on Oct 23

http://www.computerworld.com/s/article/9243439/Network_Solutions_reports_more_DNS_problems

By Jeremy Kirk
IDG News Service
October 22, 2013

Network Solutions said Tuesday it was trying to restore services after
another DNS (Domain Name System) problem.

The latest issue comes two weeks after a pro-Palestinian hacking group
redirected websites belonging to several companies whose records were held
by Network Solutions, owned by the company...
 

Posted by InfoSec News on Oct 23

http://www.nextgov.com/cybersecurity/2013/10/your-last-chance-comment-cybersecurity-guidelines-industry/72398/

By Aliya Sternstein
Nextgov
October 22, 2013

The Obama administration has released a final draft of industry
cybersecurity guidelines aimed at protecting commercial networks integral
to daily living, after missing an Oct. 10 deadline due to the shutdown.

Required to be completed by mid-February, the voluntary strategy for
corporate...
 

Posted by InfoSec News on Oct 23

http://www.csoonline.com/article/741757/thinking-outside-the-it-audit-check-box

By George V. Hulme
CSO Online
October 21, 2013

After years of security teams reaching into the regulatory compliance
budget bucket to find the funding they need for their security efforts,
some organizations are noticing that while it won short-term capital, the
practice has come back to haunt them in the long run. And while it does
sound cliche to hear that...
 
Microsoft Silverlight CVE-2013-3896 Information Disclosure Vulnerability
 
Microsoft Silverlight Double Deference CVE-2013-0074 Remote Code Execution Vulnerability
 
AusCERT2014: Call for Presentations NOW OPEN
 
Internet Storm Center Infocon Status