Liquidmatrix Security DigestLiquidmatrix Security DigestYour Source For Network and Information Security News Articles
Gartner IT Security Summit - Pre-Show
2008-06-02 12:26:00 I’ve arrived at the Gartner IT Security Summit in lovely Washington, DC. The flight was uneventful (after the intensive security screening and additional measures taken at the gate when departing for Washington National). This year, we’re being hosted at the Gaylord National Resort - it’s like a casino-less piece of Vegas right here on ... More About: Show , Conventions
Satellite Hacker Tells All
2008-05-31 19:45:00 From Wired… SAN DIEGO — Christopher Tarnovsky feels vindicated. The software engineer and former satellite-TV pirate has been on the hot seat for five years, accused of helping his former employer, a Rupert Murdoch company, sabotage a rival to gain the top spot in the global pay-TV wars. But two weeks ago a jury in the civil ... More About: News , Satellite , Hacker , Tells
Event Planner: Gartner IT Security Summit
2008-05-30 16:53:00 In case there are any readers who might recognize me, you’ll be able to find me at the Gartner IT Security Summit next week (June 2 -3). I’m hoping to learn something quadranty. The Next Ten Years in Information Security Despite rapidly advancing threats and new technology solutions, it’s relatively easy planning for the next year or ... More About: Event , Conventions
Security Briefing: May 30th
2008-05-30 16:29:00 What a week - it’s like I’m swimming uphill both ways and it’s snowing. An extra large helping of news to make up for being late this morning. And hey - thanks to all of our new subscribers that joined us yesterday. Welcome! Click here to subscribe to Liquidmatrix Security Digest! And now, the news… The Attack ... More About: News
Keynote Speakers for The Last Hope Announced
2008-05-30 03:46:00 Just a heads up — Liquidmatrix Security Digest will be at The Last Hope . There may even be some shwag available. For Immediate Release The very first of the speaker slots for The Last HOPE have been announced with many more to come next week. We have had more submissions than ever and will need ... More About: News , Keynote , Speakers
Security Brieflet (the late edition): May 29th
2008-05-30 01:57:00 A couple of interesting stories over the course of the day… Comcast Defaced (for a short while) I can’t say that I’m all that saddened… it is Comcast after all. Banks don’t disclose all breaches I’d love to argue this one, but I’ve known too many bankers. Back with more Liquidmatrix Love in the morning folks, the night is young ... More About: News , Security , Late , Edition , Late Edition
Security Briefing: May 29th
2008-05-29 16:19:00 Wheeeeee… I’d like to take this moment to again bitch and moan about how much work this is — I don’t know how Dave finds the time and I’m not a morning person and I feel really bad and I’ve been busy and I don’t have enough coffee and… yeah. I got nothin. Have a ... More About: News , Security
Advisory: CiscoWorks Arbitrary Code Execution Vulnerability
2008-05-29 03:56:00 Summary Name: CiscoWorks Arbitrary Code Execution Vulnerability Release Date: 28 May 2008 Reference: LSD003-2008 Discover: Dave Lewis CVE Number: CVE-2008-2054 Vendor: Cisco Systems Systems Affected: CiscoWorks Common Services (various versions): Cisco Unified Operations Manager (CUOM), Cisco Unified Service Monitor (CUSM), CiscoWorks QoS Policy Manager (QPM), CiscoWorks LAN Management Solution (LMS), Cisco Security Manager (CSM), Cisco TelePresence Readiness Assessment Manager (CTRAM) Risk: High Status: ... More About: Disclosure
Magic Security Bunnies
2008-05-29 01:53:00 Primarily because Brooks asked, but also because there are a whole lot of days where I face the “Magic Bunny” problem. Simply put, in any complex system - say, an application stack which has a backend database, some application servers, some presentation servers and the connecting security stuff and network stuff - there are a number ... More About: Security , Education , Humour
Security Briefing: May 28th
2008-05-28 14:49:00 Insert pithy note about how much fun I’m having and how I enjoy the struggle of reading/collating/loving the links at 0-early-thirty in the frakkin morning. Thanks to all of our new subscribers that joined us yesterday. Welcome! And bunnies. Magic Bunnies! Click here to subscribe to Liquidmatrix Security Digest! And now, the news… Man Allegedly takes a penny ... More About: News
Switch Networks - DEFCON Field Trip?
2008-05-27 21:43:00 Ashlee Vance put together a well researched piece for El Reg on Switch Networks and their new Las Vegas datacentre. It seems that Switch picked up an ex-Enron property for a song and has 20+ large scale interconnects in a harmless little LVNV location. They’ve kept it quiet for the benefit of their military customers, ... More About: Conventions , Trip , Field
Blogtard or Hero ?
2008-05-27 17:30:00 In a recent The Register article, the firing of a TJX employee who blogged about security deficiencies was noted… TJX Companies, the mammoth US retailer whose substandard security led to the world’s biggest credit card heist, has fired an employee after he left posts in an online forum that made disturbing claims about security practices at ... More About: Education , Dumbass , Hero
Security Briefing: May 27th
2008-05-27 15:30:00 Sorry for the lack of content yesterday. Due to a PBCAK failure to pay attention I neglected to publish write yesterday’s article. So, they’ll trickle out over the next couple days I’ll try to do better while Dave takes some time off to work on a personal project. Thanks to all of our new subscribers ... More About: News , Security
Stopbadware Scolds Apple Over Safari ?Carpet Bomb?
2008-05-23 20:11:00 From Network World: An antimalware organization has called on Apple to beef up its Safari Web browser to protect users from exploits that could let attackers download malicious code to a Mac or Windows user’s desktop. Stopbadware.org, a group founded by Google, Chinese computer maker Lenovo Group and Sun, on Monday asked Apple to reconsider its refusal ... More About: Malware , Bomb , Carpet
Companies Admit To Reading Email
2008-05-23 16:40:00 No great shock here. I used to be one of “those guys” years ago who read employee email. And let me tell you, most non-spam email (try 90%) is trivial crap. From Tech Herald: So who reads your email at the office? Apparently more people than you think. Forty-four percent of the companies responding to the ... More About: Companies , Reading , Email , Monitoring
Trillian Hit With Security Bug
2008-05-23 15:23:00 From the Register: The discovery of a trio of security bugs means that users of the popular Trillian instant messaging client need to update their software. All three of the newly discovered bugs create a means for hackers to inject malware onto the PCs of surfers running vulnerable versions of the multi-protocol chat application from Cerulean Studios. ... More About: Security , Vulnerability
Security Briefing: May 23rd
2008-05-23 12:43:00 Sorry for the lack of content yesterday. Due to a PBCAK I neglected to publish yesterday’s articles. So, they’ll trickle out over the next couple days. Thanks to all of our new subscribers that joined us yesterday. Welcome! Click here to subscribe to Liquidmatrix Security Digest! And now, the news… Power Company Slammed For Weak Cyber Security ... More About: News
Cisco CSO, Antivirus is ?Completely Wasted Money?
2008-05-23 04:12:00 Part of me has a hard time disagreeing in principle. But, then again what is better to protect users from themselves as they savage Windows Vista? Yes, I’m being sarcastic. Who’d a thunk it. From ZDNet Australia: Companies are wasting money on security processes ? such as applying patches and using antivirus software ? which ... More About: Antivirus , Money , Malware , Cisco , Wasted
SANS Contributes To IMPACT
2008-05-22 01:02:00 SANS is ponying up coin for the “International Multi…” well, short form is IMPACT. It’s an interenational group for fighting cyber computer crime, terrorism and things that go bump in the night. From GCN: The SANS Institute has announced a $1 million contribution to the International Multilateral Partnership Against Cyber-Terrorism (IMPACT) and started sharing technical information with ...
Swedish Nuke Plant Sealed Off Due To Bomb Scare
2008-05-21 13:42:00 From the AP: Authorities sealed off a nuclear plant in southeastern Sweden after a welder arrived for work with a plastic bag containing traces of an explosive substance, police and plant officials said. Investigators were questioning the man, a welder who was scheduled to do work at the Oskarshamn plant on Wednesday, police spokesman Sven-Erik Karlsson said. Plant ... More About: Nuke , Bomb , Swedish
Security Briefing: May 21st
2008-05-21 13:12:00 Yesterday was the first day on the job with my new day job company. Let me tell you, it was a welcome experience. Very welcome. Click here to subscribe to Liquidmatrix Security Digest! And now, the news… Mass SQL injection hits English language websites Criticism for ‘UK database’ plan Mauritius Gets Computer Emergency Response Team TVA Power Plants Vulnerable to ... More About: News
Secret Data in FBI Wiretap Audit Revealed With Ctrl+C
2008-05-21 04:09:00 Of all the stoopid crap… From Wired: Once again, supposedly sensitive information blacked out from a government report turns out to be visible by computer experts armed with the Ctrl +C keys — and that information turns out to be not very sensitive after all. This time around, University of Pennsylvania professor Matt Blaze discovered that the Justice Department’s ... More About: Data Security , Data , Secret , Audit
Govt? Earns ?C? On Computer Security Report Card
2008-05-21 00:46:00 There was always that one kid in class. You know, the one that didn’t always get it. Or spent most of the day staring out the window. Daydreaming knuckle heads that were nowhere near inclined to excel. Well, it appears that they US gov’t is one of those kids. Well, on average anyway. From the Washington ... More About: Politics , Security , Card , Computer , Report
Eicar.pdf
2008-05-20 20:02:00 Didier Stevens has a quick post up about embedding eicar in PDF files. From his site: I like to embed the EICAR Anti-Virus test file in usual formats and less usual formats. Today, I?m publishing a PDF document with an embedded EICAR test file (eicar.txt). This PDF document has also an annotation with a JavaScript action linked ... More About: Forensics
Inside Lockheed Martin?s Wireless Security Lab
2008-05-20 17:00:00 I thought this was an interesting read. From Network World: Jason Crawford has learned that if you want to break into secure Wi-Fi networks, you don’t need to buy equipment from the black market. Instead, you can buy it from Toys “R” Us, he says. Crawford, who works as a principal investigator for R&D projects at Lockheed Martin’s ... More About: Security , Wireless , Inside , Lockheed Martin
Security Briefing: May 20th
2008-05-20 14:19:00 Back to work. It has been over six years since this last happened. Now it’s the first day of work at a new shop. Click here to subscribe to Liquidmatrix Security Digest! And now, the news… PayPal plugs cross-site scripting hole that sidestepped stronger security Firefox developers tinker with new security protections (finally) Internet scam collected data from thousands Open ... More About: News
Parliament, Spy Agency Contracts Exempted From Ombudsman?s Gaze
2008-05-20 04:54:00 From the Canadian Press: Prime Minister Stephen Harper and his cabinet have exempted contracts with Parliament and Canada’s spy agency from oversight by a new ombudsman’s post that was central to the 2006 Conservative election campaign. The government slipped the exemptions through last week in regulations that empower the contract procurement ombudsman under the Accountability Act - ... More About: Politics , Agency , Ombudsman , Contracts
Google Helps Arrest Man In India
2008-05-20 03:00:00 Google pulls a Yahoo in India . From TechCrunch: Today we?re hearing of another arrest, this time in India. 22-year-old IT professional Rahul Krishnakumar Vaid. His crime was writing in an orkut community named ?I hate Sonia Gandhi.? Sonia Gandhi is a prominent politician in India. Vaid was charged under section 292 of Indian Penal Code and section ... More About: Google , Arrest
Veracode Automates Software Testing Process
2008-05-20 01:32:00 Always a fan of Veracode I thought I would share this article on their automated testing process. From Computer Weekly UK: Testing software applications to minimise the risk of security vulnerabilities and compliance failings is a time-consuming and costly process, albeit an essential one. Security testing company Veracode has developed a automated tool that promises ... More About: Software , Process
Firefox 3 Release Candidate 1 Now Available
More articles from this author:2008-05-17 16:15:00 Well, in an unceremonious move the Mozilla folks have released the latest incarnation of Firefox . I thought thet might have some fanfare around the launch but, nope. You can download the one for your respective language via the following link. Download page: Firefox 3 rc1 Enjoy. More About: Tools , Release , Release Candidate 1, 2, 3, 4, 5, 6, 7 |
|
 |
|
 |
