Secu.be

Feeds

3776 items (144 unread) in 63 feeds

• defaced belgian sites (5 unread) [xml|www]
• Hack In The Box (14 unread) [xml|www]
• SANS Internet Storm Center, InfoCON: green (2 unread) [xml]
• F-Secure Antivirus Research Weblog [xml|www]
• TaoSecurity [xml|www]
• Schneier on Security [xml|www]
• Kaspersky Lab Weblog (1 unread) [xml|www]
• Linux Exposed [xml|www]
• Infosec Writers Latest Security Papers [xml|www]
• SecurityFocus News [xml|www]
• Help Net Security - Vulnerabilities [xml|www]
• Computerworld Security News (4 unread) [xml|www]
• Network World on Security [xml|www]
• InfoWorld RSS Feed [xml|www]
• silicon.com : [xml|www]
• Security - RSS Feeds [xml|www]
• SecurityTracker Vulnerability Headlines [xml|www]
• milw0rm.com [xml|www]
• Moreover Technologies - Computer security news (55 unread) [xml|www]
• The Register - Security (1 unread) [xml|www]
• Matasano Chargen [xml|www]
• bugtraq at insecure.org [xml|www]
• FullDisclosure at insecure.org [xml|www]
• Penetration Testing at insecure.org [xml|www]
• Firewall Wizards at insecure.org [xml|www]
• IDS Focus at insecure.org [xml|www]
• All Virus Alerts [xml|www]
• Help Net Security - News (2 unread) [xml|www]
• Black Hat Announcements [xml|www]
• CircleID [xml|www]
• Security advisories [xml|www]
• Latest OSVDB Vulnerabilities (20 unread) [xml|www]
• 2600: The Hacker Quarterly (1 unread) [xml|www]
• Full Disclosure [xml|www]
• TSCM [xml|www]
• Darknet - The Darkside [xml|www]
• IBM Internet Security Systems Internet Threat Information (1 unread) [xml|www]
• hackademix.net [xml|www]
• ha.ckers.org web application security lab [xml|www]
• Ivan Ristić [xml|www]
• SecurityVibes France [xml|www]
• Security Advisories [xml|www]
• SecuObs.com [xml|www]
• VirusTraQ - Communiqué [xml|www]
• ZATAZ News (30 unread) [xml|www]
• Zone-H Advisories [xml|www]
• Top 10 malware (1 unread) [xml|www]
• Top 10 malware (1 unread) [xml|www]
• insecure servers and services [xml|www]
• Zone-H Defaces [xml|www]
• Russian Business Network (RBN) [xml|www]
• SecureWorks Info Feed [xml|www]
• SourceSec Security Research [xml|www]
• SearchSecurity: Threat Monitor [xml|www]
• USA.gov Updates: News and Features [xml|www]
• Database servers + Mail clients + Java + Software + Network gear + Operating Systems + Apple + Linux + Debian + Ubuntu + Fedora + Red Hat + SuSE + Microsoft Windows + FreeBSD + Solaris + Other UNIX-flavors + Anti-virus software + Mail servers + Other ser (4 unread) [xml|www]
• Google Online Security Blog [xml|www]
• Dr.Dobb's Security Articles [xml|www]
• Social Media Security [xml|www]
• spylogic.net [xml|www]
• Social Hacking [xml|www]
• Neohaxor.org [xml|www]
• eff timeline (2 unread) [xml|www]

Unread items (100)

Moreover Technologies - Computer security news

• 

  Anti Virus Software? - Sponsored Link

  Fetched: March 10th, 2010, 6:11am CET

  Ad - pc-protection.org Mar 10 2010 3:17AM GMT
• 

  China rejects claims it is behind cyber attacks

  Fetched: March 10th, 2010, 6:11am CET

  Times Online Mar 10 2010 3:17AM GMT
• 

  Hackers exploit Oscars to spread scareware attack: Sophos

  Fetched: March 10th, 2010, 6:11am CET

  DQ Channels Mar 10 2010 3:07AM GMT
• 

  Mega Precious Metals Announces Release of Escrowed Shares

  Fetched: March 10th, 2010, 6:11am CET

  Yahoo! Canada Mar 10 2010 3:01AM GMT
• 

  Hackers exploit older versions of Internet Explorer

  Fetched: March 10th, 2010, 6:11am CET

  MIS Financial Review Mar 10 2010 2:58AM GMT
• 

  Cryptographers Warn About Security Dangers in the Cloud at RSA

  Fetched: March 10th, 2010, 6:11am CET

  Redmond Magazine Mar 10 2010 2:55AM GMT
• 

  Limewire Hooks Up with AVG, Promises Virus Free P2P

  Fetched: March 10th, 2010, 6:11am CET

  Maximum PC Mar 10 2010 2:53AM GMT
• 

  Theoretical Breakthrough For Quantum Cryptography

  Fetched: March 10th, 2010, 6:11am CET

  Nanotechnology News Mar 10 2010 2:50AM GMT
• 

  Twitter takes action on spammers and scammers

  Fetched: March 10th, 2010, 6:11am CET

  Computing.co.uk Mar 10 2010 2:45AM GMT
• 

  Cyber attacks worry Indian firms more than terror: study

  Fetched: March 10th, 2010, 6:11am CET

  NewKerala.com Mar 10 2010 2:40AM GMT
• 

  Oscars the new vehicle for hackers to spread attacks

  Fetched: March 10th, 2010, 6:11am CET

  Network Computing India Mar 10 2010 2:21AM GMT
• 

  Cryptographers Warn About Security Dangers in the Cloud at RSA

  Fetched: March 10th, 2010, 6:11am CET

  Application Development Trends Mar 10 2010 2:08AM GMT
• 

  McAfee warns of scareware plague

  Fetched: March 10th, 2010, 6:11am CET

  PC Authority Mar 10 2010 1:55AM GMT
• 

  Energizer Device Opens Door For Hackers

  Fetched: March 10th, 2010, 6:11am CET

  Red Orbit Mar 10 2010 1:32AM GMT
• 

  Twitter targets phishing scams by screening links

  Fetched: March 10th, 2010, 6:11am CET

  Los Angeles Times Mar 10 2010 1:27AM GMT
• 

  Twitter Takes on Phishing with New Security Features

  Fetched: March 10th, 2010, 6:11am CET

  Mashable Mar 10 2010 1:22AM GMT
• 

  Hackers target freshly uncovered Internet Explorer hole

  Fetched: March 10th, 2010, 6:11am CET

  ABS-CBN News Mar 10 2010 1:11AM GMT
• 

  Hackers target freshly uncovered Internet Explorer hole

  Fetched: March 10th, 2010, 6:11am CET

  PhysOrg.com Mar 10 2010 12:51AM GMT
• 

  iPhone - iPod Security ... Finally! Mobile Active Defense Protects Smartphone Email From Phishing, Malware, Viruses and Spam

  Fetched: March 10th, 2010, 6:11am CET

  St Louis Business Journal Mar 10 2010 12:40AM GMT
• 

  Hackers target new IE hole

  Fetched: March 10th, 2010, 6:11am CET

  Straits Times Mar 10 2010 12:37AM GMT
• 

  Hackers target freshly uncovered Internet Explorer hole

  Fetched: March 10th, 2010, 6:11am CET

  Yahoo! Singapore Mar 10 2010 12:37AM GMT
• 

  Homeland Security wants you to know your cybersecurity ABCs

  Fetched: March 10th, 2010, 6:11am CET

  Nextgov.com Mar 10 2010 12:35AM GMT
• 

  Watchdog suggests clearer delineation of cybersecurity roles

  Fetched: March 10th, 2010, 6:11am CET

  Nextgov.com Mar 10 2010 12:34AM GMT
• 

  iPhone - iPod Security ... Finally! Mobile Active Defense Protects Smartphone Email From Phishing, Malware, Viruses and Spam

  Fetched: March 10th, 2010, 6:11am CET

  Houston Business Journal Mar 10 2010 12:31AM GMT
• 

  Phishers widen their net to target new businesses

  Fetched: March 10th, 2010, 6:11am CET

  Computerworld New Zealand Mar 10 2010 12:31AM GMT

Latest OSVDB Vulnerabilities

• 

  Microsoft Office Excel XLS File DbOrParamQry Record Parsing Overflow

  Fetched: March 10th, 2010, 4:38am CET

  Microsoft Office Excel XLS File DbOrParamQry Record Parsing Overflow
• 

  Microsoft Office Excel XLSX File ZIP Header Processing Memory Corruption

  Fetched: March 10th, 2010, 4:38am CET

  Microsoft Office Excel XLSX File ZIP Header Processing Memory Corruption
• 

  Microsoft Office Excel FNGROUPNAME Record Handling Memory Corruption

  Fetched: March 10th, 2010, 4:38am CET

  Microsoft Office Excel FNGROUPNAME Record Handling Memory Corruption
• 

  Microsoft Office Excel MDXSET Record Handling Overflow

  Fetched: March 10th, 2010, 4:38am CET

  Microsoft Office Excel MDXSET Record Handling Overflow
• 

  Microsoft Office Excel MDXTUPLE Record Handling Overflow

  Fetched: March 10th, 2010, 4:38am CET

  Microsoft Office Excel MDXTUPLE Record Handling Overflow
• 

  Microsoft Office Excel Sheet Object Type Confusion Unspecified Arbitrary Code Execution

  Fetched: March 10th, 2010, 4:38am CET

  Microsoft Office Excel Sheet Object Type Confusion Unspecified Arbitrary Code Execution
• 

  Microsoft Office Excel File Record Handling Unspecified Memory Corruption

  Fetched: March 10th, 2010, 4:38am CET

  Microsoft Office Excel File Record Handling Unspecified Memory Corruption
• 

  Linux Kernel proc/acpi/ibm/video Output Device Status Access Local DoS

  Fetched: March 10th, 2010, 4:38am CET

  Linux Kernel proc/acpi/ibm/video Output Device Status Access Local DoS
• 

  eclime Admin Section Crafted Link Session Hijack

  Fetched: March 10th, 2010, 4:38am CET

  eclime Admin Section Crafted Link Session Hijack
• 

  eclime admin/includes/version.php ex Parameter XSS

  Fetched: March 10th, 2010, 4:38am CET

  eclime admin/includes/version.php ex Parameter XSS

defaced belgian sites

• 

  Somebody has to do the Dirty work

  Fetched: March 10th, 2010, 4:38am CET

  Somebody has to do the Dirty wor [www.zone-h.org]
• 

  Zone-H.org - Unrestricted information | Special Defacements archive

  Fetched: March 10th, 2010, 4:38am CET

  Zone-H.org - Unrestricted information | Special Defacements archiv [www.zone-h.org]
• 

  Zone-H.org - Unrestricted information | Special Defacements archive

  Fetched: March 10th, 2010, 4:38am CET

  Zone-H.org - Unrestricted information | Special Defacements archiv [www.zone-h.org]
• 

  Zone-H.org - Unrestricted information | Special Defacements archive

  Fetched: March 10th, 2010, 4:38am CET

  Zone-H.org - Unrestricted information | Special Defacements archiv [zone-h.org]
• 

  Zone-H.org - Unrestricted information | Special Defacements archive

  Fetched: March 10th, 2010, 4:38am CET

  Zone-H.org - Unrestricted information | Special Defacements archiv [www.zone-h.org]

SANS Internet Storm Center, InfoCON: green

• 

  What's My Firewall Telling Me? (Part 4), (Wed, Mar 10th)

  Posted: March 10th, 2010, 4:37am CET

  Theres been a lot of discussion about the recent stories on parsing firewall logs - Mar ...(more)...
• 

  Microsoft Security Advisory 981374 - Remote Code Execution Vulnerability for IE6 and IE7, (Wed, Mar 10th)

  Posted: March 10th, 2010, 4:36am CET

  Several readers have pointed us towards this advisory. This Microsoft advisory outlines a vuln ...(more)...

Computerworld Security News

• 

  Twitter to begin screening some links for phishing

  Posted: March 10th, 2010, 4:09am CET

  Twitter launched a new link-screening service on Tuesday aimed at preventing phishing and other malicious attacks against users of the popular microblogging service.

Latest OSVDB Vulnerabilities

• 

  OpenSSL RSA Authentication Fault-Based Attack Key Disclosure Weakness

  Fetched: March 10th, 2010, 3:07am CET

  OpenSSL RSA Authentication Fault-Based Attack Key Disclosure Weakness
• 

  lshell Path Restriction Bypass Local Command Execution

  Fetched: March 10th, 2010, 3:07am CET

  lshell Path Restriction Bypass Local Command Execution
• 

  Opera Malformed Content-Length Header Overflow

  Fetched: March 10th, 2010, 3:07am CET

  Opera Malformed Content-Length Header Overflow
• 

  eGroupWare spellchecker.php spellchecker_lang Parameter Arbitrary Shell Command Execution

  Fetched: March 10th, 2010, 3:07am CET

  eGroupWare spellchecker.php spellchecker_lang Parameter Arbitrary Shell Command Execution
• 

  eGroupWare login.php lang Parameter XSS

  Fetched: March 10th, 2010, 3:07am CET

  eGroupWare login.php lang Parameter XSS
• 

  Samba CAP_DAC_OVERRIDE Capability Flag File Permission Restriction Bypass

  Fetched: March 10th, 2010, 3:07am CET

  Samba CAP_DAC_OVERRIDE Capability Flag File Permission Restriction Bypass
• 

  Eshbel Priority marketgate/PriHtml.dll URI XSS

  Fetched: March 10th, 2010, 3:07am CET

  Eshbel Priority marketgate/PriHtml.dll URI XSS
• 

  TikiWiki CMS/Groupware Persistent Login Standard Remember Method Unspecified Issue

  Fetched: March 10th, 2010, 3:07am CET

  TikiWiki CMS/Groupware Persistent Login Standard Remember Method Unspecified Issue
• 

  TikiWiki CMS/Groupware Unspecified SQL Injection

  Fetched: March 10th, 2010, 3:07am CET

  TikiWiki CMS/Groupware Unspecified SQL Injection
• 

  MediaWiki thumb.php Permission Check Weakness Restricted Image Disclosure

  Fetched: March 10th, 2010, 3:07am CET

  MediaWiki thumb.php Permission Check Weakness Restricted Image Disclosure

Moreover Technologies - Computer security news

• 

  iPhone - iPod Security ... Finally! Mobile Active Defense Protects Smartphone Email From Phishing, Malware, Viruses and Spam

  Fetched: March 10th, 2010, 3:07am CET

  Business First of Buffalo Mar 10 2010 12:06AM GMT
• 

  Hackers target freshly uncovered Internet Explorer hole

  Fetched: March 10th, 2010, 3:07am CET

  Philippine Daily Inquirer Mar 10 2010 12:03AM GMT
• 

  Hackers eye new IE hole

  Fetched: March 10th, 2010, 3:07am CET

  NEWS.com.au Mar 10 2010 12:02AM GMT
• 

  McAfee: A million 'scareware' victims a day

  Fetched: March 10th, 2010, 3:07am CET

  CNET News.com Mar 9 2010 11:53PM GMT
• 

  Hackers target freshly uncovered Internet Explorer hole

  Fetched: March 10th, 2010, 3:07am CET

  Yahoo! Canada Mar 9 2010 11:49PM GMT
• 

  Hackers target freshly uncovered Internet Explorer hole

  Fetched: March 10th, 2010, 3:07am CET

  InSing.com Mar 9 2010 11:36PM GMT
• 

  iPhone - iPod Security ... Finally! Mobile Active Defense Protects Smartphone Email From Phishing, Malware, Viruses and Spam

  Fetched: March 10th, 2010, 3:07am CET

  Pacific Business News Mar 9 2010 11:36PM GMT
• 

  iPhone - iPod Security ... Finally! Mobile Active Defense Protects Smartphone Email From Phishing, Malware, Viruses and Spam

  Fetched: March 10th, 2010, 3:07am CET

  Business Journal of Tampa Bay Mar 9 2010 11:34PM GMT
• 

  iPhone - iPod Security ... Finally! Mobile Active Defense Protects Smartphone Email From Phishing, Malware, Viruses and Spam

  Fetched: March 10th, 2010, 3:07am CET

  Orlando Business Journal Mar 9 2010 11:29PM GMT
• 

  VeriSign's New Trust Index Results Pinpoint Who Trusts The Internet

  Fetched: March 10th, 2010, 3:07am CET

  Dark Reading Mar 9 2010 11:27PM GMT
• 

  Wombat's PhishGuru Expands Anti-Phishing Training

  Fetched: March 10th, 2010, 3:07am CET

  Dark Reading Mar 9 2010 11:27PM GMT
• 

  Hackers eye new IE hole

  Fetched: March 10th, 2010, 3:07am CET

  NEWS.com.au Mar 9 2010 11:25PM GMT
• 

  iPhone - iPod Security ... Finally! Mobile Active Defense Protects Smartphone Email From Phishing, Malware, Viruses and Spam

  Fetched: March 10th, 2010, 3:07am CET

  Denver Business Journal Mar 9 2010 11:24PM GMT
• 

  COMMUNICATIONS - CP/IP Stacks adds small footprint SSL/TLS capability for embedded apps

  Fetched: March 10th, 2010, 3:07am CET

  Embedded Systems Programming Mar 9 2010 11:23PM GMT
• 

  Hackers eye new IE hole

  Fetched: March 10th, 2010, 3:07am CET

  NEWS.com.au Mar 9 2010 11:23PM GMT
• 

  Hackers eye new IE hole

  Fetched: March 10th, 2010, 3:07am CET

  The Australian Mar 9 2010 11:19PM GMT
• 

  Hackers eye new IE hole

  Fetched: March 10th, 2010, 3:07am CET

  Australian IT Mar 9 2010 11:13PM GMT
• 

  LimeWire Adds AVG Anti-virus Protection to Premium Downloads

  Fetched: March 10th, 2010, 3:07am CET

  Digital Media Wire Mar 9 2010 11:09PM GMT
• 

  FDIC: Hackers Took More Than $120M in Three Months

  Fetched: March 10th, 2010, 3:07am CET

  Datamation Mar 9 2010 11:06PM GMT
• 

  Hackers target freshly uncovered Internet Explorer hole (AFP)

  Fetched: March 10th, 2010, 3:07am CET

  Yahoo! News Mar 9 2010 11:05PM GMT
• 

  Wyndham Hotels' Networks Hacked--Again

  Fetched: March 10th, 2010, 3:07am CET

  E-Security Planet Mar 9 2010 11:04PM GMT
• 

  Report: Federal cybersecurity plan facing barriers

  Fetched: March 10th, 2010, 3:07am CET

  SC Magazine US Mar 9 2010 11:02PM GMT
• 

  3 China Says Google Never Filed Complaint in Hacking Case

  Fetched: March 10th, 2010, 3:07am CET

  Datamation Mar 9 2010 11:02PM GMT
• 

  Hackers target freshly uncovered Internet Explorer hole

  Fetched: March 10th, 2010, 3:07am CET

  France24 Mar 9 2010 11:00PM GMT
• 

  Identity Theft Over The Internet: Phish Fry

  Fetched: March 10th, 2010, 3:07am CET

  Prudent Press Agency Mar 9 2010 10:52PM GMT
• 

  Hackers target freshly uncovered Internet Explorer hole

  Fetched: March 10th, 2010, 3:07am CET

  Brisbane Times Mar 9 2010 10:50PM GMT
• 

  McAfee Virus SuperDAT Definitions Update 5915

  Fetched: March 10th, 2010, 3:07am CET

  MajorGeeks.com Mar 9 2010 10:49PM GMT
• 

  Maryland Electrical Contractor Licensed Electrician Snapper Electric Launches New Website For Residents Of Baltimore And Harford County MD

  Fetched: March 10th, 2010, 3:07am CET

  Prudent Press Agency Mar 9 2010 10:48PM GMT
• 

  Hackers target freshly uncovered Internet Explorer hole

  Fetched: March 10th, 2010, 3:07am CET

  AFP via Yahoo! Mar 9 2010 10:47PM GMT
• 

  Hackers target freshly uncovered Internet Explorer hole

  Fetched: March 10th, 2010, 3:07am CET

  Yahoo! News Mar 9 2010 10:38PM GMT

Computerworld Security News

• 

  Ex-Sun chief dishes dirt on Gates, Jobs

  Posted: March 10th, 2010, 2:06am CET

  Don't expect Jonathan Schwartz to go quietly.

2600: The Hacker Quarterly

• 

  Off The Wall show for March 9, 2010

  Posted: March 10th, 2010, 1:31am CET

  LBL_ENCLOSURE [LBL_DOWNLOAD]

  Off The Wall show for March 9, 2010

Hack In The Box

• 

  Building a Linux Incident Response / Forensic Disk

  Posted: March 10th, 2010, 1:28am CET

  There are many Linux distributions readily available. This however should not stop you creating your own version of a UNIX forensic tools disc. Whether you are on Solaris, HP-UX or any other variety of UNIX it is simple to create a forensic tools CD that can go between systems. The added benefit of this method is that the tools do not need to be left on the production server. This in itself could be a security risk and the ability to unmount the CD and take it with you increases security. The ability to create a customized CD for your individual system means that the analyst can have their tools available for any UNIX system that they need to work with. It may also be possible to create a universal forensic CD. Using statically linked binaries, a single DVD or CD could be created with separate directories for every UNIX variety in use in the organization that you are working on. For instance, the same CD could contain a directory called “/Solaris” which would act as the base directory for all Solaris tools. Similarly, base directories for Linux (/Linux), HP-UX (/HPUX10, /HPUX9) and any other variety of UNIX in use in your organization could be included on the same distribution allowing you to take one disk with you but leaving you ready at all times.
• 

  UK still lousy on electronic nosiness

  Posted: March 10th, 2010, 1:27am CET

  A new report highlights a depressingly consistent drift towards ever greater control of the population using new technologies. There are few surprises in the 2010 report, entitled The Electronic Police State, issued yesterday. It shows Russia and the United States within a couple of points of each other when it comes to electronic policing and surveillance, North Korea just overtaking China to gain top prize, and the United Kingdom leading the rest of the West – after the US. The report's authors at CryptoHippie do, of course, have a product to shift. It is a US-based company providing what it describes as "superior privacy enhancing technologies". However, it has also been putting a regular toe in the water to test the degree of electronic surveillance going on worldwide, and while it may not be the most unbiased of observers, it is at least producing a consistent data stream that allows the rest of us to debate the issues and monitor trends.
• 

  Five Best VPN Tools

  Posted: March 10th, 2010, 1:27am CET

  VPN software brings the security of a private network to an insecure network, and allows you to access private local networks from anywhere. As we've explained in the past, you can do things between computers on your local network you can't from out on the internet: like listen to a shared iTunes library or access files in shared folders. Virtual private network applications give you access to your computer from anywhere on the internet as if you were home on your local network. Earlier this week we asked you to share your favorite software for establishing and maintaining virtual private networks. We rounded up the votes, and now we're back with the five most popular VPN applications. If you're new to the idea of virtual private networks, you can read up on the technical nitty-gritty at the Wikipedia entry for VPNs. Note: This Hive Five contains both VPN server applications (the apps that create virtual private networks on your local network so it's accessible from the outside world) and VPN client applications (the apps that connect to virtual private networks from the outside world). In many instances companies produce VPN servers, VPN clients, VPN servers with accompanying clients, or VPN clients that are designed to work with a variety of servers.
• 

  Researchers dissect ZeuS botnet blueprint

  Posted: March 10th, 2010, 1:26am CET

  A little knowledge and a few thousand dollars is all it takes to build a fully functional botnet, according to security experts. Cisco researchers Patrick Peterson and Henry Stern told delegates at the 2010 RSA conference in San Francisco that a botnet running the infamous ZeuS malware could be built for US$2,500 ($2,753.50). ZeuS is primarily a data-gathering and botnet control tool, but has become particularly loathed in the security community because it directly injects content into pages and intercepts credentials before they are sent to legitimate sites. Making matters worse, the monetary and technical thresholds for running Zeus are particularly low. Peterson and Stern said that a current version of Zeus can be had for roughly US$700, while older versions can be obtained for free.
• 

  Feds Move to Break Voting-Machine Monopoly

  Posted: March 10th, 2010, 1:25am CET

  Citing anti-competitive concerns, the Justice Department sued Election Systems & Software in order to force the company to divest itself of the voting machine assets it obtained from Premier Election Solutions last year. The department’s antitrust division, along with nine state attorneys general, filed the civil antitrust lawsuit (.pdf) in U.S. District Court in Washington, D.C., charging that the acquisition threatened competition. The department proposed a settlement that, if accepted, would dissolve the merger and force ES&S to sell its Premier business to a buyer approved by the Justice Department.
• 

  1024-bit RSA encryption cracked by carefully starving CPU of electricity

  Posted: March 10th, 2010, 1:24am CET

  Since 1977, RSA public-key encryption has protected privacy and verified authenticity when using computers, gadgets and web browsers around the globe, with only the most brutish of brute force efforts (and 1,500 years of processing time) felling its 768-bit variety earlier this year. Now, three eggheads (or Wolverines, as it were) at the University of Michigan claim they can break it simply by tweaking a device's power supply. By fluctuating the voltage to the CPU such that it generated a single hardware error per clock cycle, they found that they could cause the server to flip single bits of the private key at a time, allowing them to slowly piece together the password. With a small cluster of 81 Pentium 4 chips and 104 hours of processing time, they were able to successfully hack 1024-bit encryption in OpenSSL on a SPARC-based system, without damaging the computer, leaving a single trace or ending human life as we know it. That's why they're presenting a paper at the Design, Automation and Test conference this week in Europe, and that's why -- until RSA hopefully fixes the flaw -- you should keep a close eye on your server room's power supply.
• 

  Limewire taps AVG for virus free torrents

  Posted: March 10th, 2010, 1:24am CET

  POPULAR P2P FILE SHARING SERVICE Limeware has enlisted the help of anti-virus outfit AVG to offer its Pro users with free file scanning. If the likes of the MPAA and the RIAA are to be believed, the only people who use Bittorrent sites are so called 'pirates' scouring the underbelly of cyberspace trying to get hold of the latest movies and music for free, robbing poor defenceless artists of their livelihoods in the process. With this in mind you might think that these downloaders deserve any form of malware their PCs get infected with in their pursuit of ill-gotten gains, but Limeware appears to disagree and has licensed the AVG Anti-Virus SDK engine and integrated the anti-virus and anti-spyware protection into LimeWire Pro.
• 

  Physicists Find Way to See Through Paint, Paper, and Other Opaque Materials

  Posted: March 10th, 2010, 1:23am CET

  Materials such as paper, paint, and biological tissue are opaque because the light that passes through them is scattered in complicated and seemingly random ways. A new experiment conducted by researchers at the City of Paris Industrial Physics and Chemistry Higher Educational Institution (ESPCI) has shown that it's possible to focus light through opaque materials and detect objects hidden behind them, provided you know enough about the material. The experiment is reported in the current issue of Physical Review Letters, and is the subject of Viewpoint in APS Physics by Elbert van Putten and Allard Mosk of the University of Twente. In order to demonstrate their approach to characterize opaque substances, the researchers first passed light through a layer of zinc oxide, which is a common component of white paints. By studying the way the light beam changed as it encountered the material, they were able to produce a numerical model called a transmission matrix, which included over 65,000 numbers describing the way that the zinc oxide layer affected light.
• 

  The Basics of SAN Security

  Posted: March 10th, 2010, 1:20am CET

  It’s important to protect your organization from malicious threat and from preventing hackers access to sensitive data. You also want to ensure that your organization is compliant with security regulations. When implementing infrastructure projects it’s necessary to ensure that all of the components of the implementation are secure. Storage Area Network, or SAN, is one of these components. In laymen’s terms, a SAN is a network that enables storage devices to communicate with other storage devices and computer systems. A SAN uses a high performance network, like fibre channel or Ethernet to communicate, and it typically connects disks and tape drives, RAID subsystems, robotic libraries, and file servers. As SAN technology becomes more popular, organizations are continuing to evolve their technologies and reap the benefits that SAN has to offer. We all know that computers are attached to some type of storage, but the benefit of a SAN is that it enables Universal Storage Connectivity; the ability to connect many computers to a lot of storage devices allowing computers to negotiate device ownership and share data.
• 

  Army plans enterprise email system

  Posted: March 10th, 2010, 1:19am CET

  The Army is planning to cut its $400 million-a-year email bill by consolidating its email systems and outsourcing the operation. In a draft solicitation request, the Army said it plans to build the entire system on Microsoft Exchange 2010. Lt. Gen Jeffery Sorenson, the Army's chief information officer who is spearheading the effort, said he'd like to see the entire Defense Department use the system. It's a massive undertaking for the Army which supports 950,000 accounts. When a soldier moves from one location to another, he or she currently has to get a new email address, and the old one has to be deleted. And these multiple accounts open many doors for cyber hackers. Warren Suss, president of Suss Consulting, a federal information technology consulting firm, estimates the Army could cut its $400 million operating bill in half with this new plan.
• 

  Microsoft skips patch for PowerPoint add-on

  Posted: March 10th, 2010, 1:19am CET

  Microsoft fixed eight flaws in Windows and Office today, but passed on patching one Windows component because it cannot be automatically updated. The eight bugs patched today were far from the near-record 26 that Microsoft fixed last month when it delivered 13 security updates. Both of today's bulletins were ranked "important," the second-highest rating in Microsoft's four-step severity scoring system, even though the company acknowledged that the eight vulnerabilities could be used to completely compromise a Windows PC. Although security experts recommended that users deploy the Office fix first, several argued today that the Windows update was more interesting because Microsoft declined to patch one of the two pieces of involved software.
• 

  Symantec Offers New Approach to Mobile Security

  Posted: March 10th, 2010, 1:18am CET

  Symantec showed off a new approach to mobile security here at company headquarters during a media event this week. Symantec Mobile Reputation Security (SMRS) is a prototype for what the company calls a next-generation solution to mobile security developed by its research labs. John Kelly, Symantec's (NASDAQ: SYMC) senior director of technology and business development, said mobile security requires a unique approach that both preserves open access to applications and provides assurance that those applications are safe to run. "Symantec believes the future of mobile operating systems is openness and open APIs," he said. "Today, the applications are pre-vetted by companies like Apple (NASDAQ: AAPL) for the iPhone, but in the future that will change with Android and others."
• 

  Top Five Tips for Securing your Business Reputation

  Posted: March 10th, 2010, 1:17am CET

  There have been recent reports of how a Twitter scam has affected some well known UK politicians, issuing embarrassing Tweets from their personal accounts. Whilst these headlines may seem amusing, Lloyd Borrett, the Marketing Manager at AVG (AU/NZ), says it is worth considering the potential impact of this type of scam on your business reputation. Reputation is everything in the world of a small business, often taking years to establish. Being targeted by a similar scam can have a detrimental effect on the reputation of your company. In a recent NCSA (National Cyber Security Alliance) study on small business security, 69% of small business owners said they would let their customers know if they suffered a security breach, whilst almost half agreed that their customers are concerned about the IT security of their business.
• 

  Hackers target freshly uncovered Internet Explorer hole

  Posted: March 10th, 2010, 1:16am CET

  Microsoft on Tuesday warned that hackers are targeting a freshly-uncovered weakness in some earlier versions of its Internet Explorer (IE) Web browser software. Microsoft said it is investigating a hole that cyber attackers are taking advantage of in IE 6 and IE 7. "At this time, we are aware of targeted attacks attempting to use this vulnerability," Microsoft said in an advisory posted along with a routine release of patches for Windows and Office software. "We will continue to monitor the threat environment and update this advisory if this situation changes." Hackers could use the flaw to remotely seize control of computers. The new IE 8 Web browser and an old IE 5 version are not affected, according to the US software colossus.

The Register - Security

• 

  Fraud-prevention service ponies up $12m for 'false' ads

  Posted: March 10th, 2010, 12:17am CET

  Agrees to safeguard customer data

  An Arizona company that sells services designed to prevent identity theft has agreed to pay $12m to settle charges it oversold their effectiveness and didn't adequately protect sensitive customer data.…