Internet Storm Center
Training
Certification
Cyber Security Graduate School
Security Awareness Training
Computer Forensics
Penetration Testing
IT Audit
Software Security
We also offer the following RSS Feeds:
- ISC Diaries (headline + first sentence)
- ISC Diaries with content (headline + full content)
- Security News Feeds (same as the 'Last 20' list here)
We do collect a number of security related news feeds in this page. To suggest additional news sources or suggest other changes, use our contact form. We try hard to keep the feeds RSS, XML, CSS, RFC, IETF, ISO, DIN, TüV, ANSI compliant, but may fail occasionally. Let us know if things don't work for you and we may fix it.
Last 20
InternetStormCenter
- ISC StormCast for Wednesday, May 16th 2012 http://isc.sans.edu/podcastdetail.html?id=2536, (Wed, May 16th)
- Odd DNS replies from 10 nets and RFC1323 impacting firewalls, (Tue, May 15th)
- Got packets? Interested in TCP/8909, TCP/6666, TCP/9415, TCP/27977 and UDP/7, (Mon, May 14th)
- ISC StormCast for Tuesday, May 15th 2012 http://isc.sans.edu/podcastdetail.html?id=2533, (Tue, May 15th)
- Laptops at Security Conferences, (Mon, May 14th)
- ISC StormCast for Monday, May 14th 2012 http://isc.sans.edu/podcastdetail.html?id=2530, (Mon, May 14th)
- Adobe Update to Vulnerabilities, (Sat, May 12th)
- Exploit Kits are a mess, (Sun, May 13th)
- ISC Feature of the Week: Link List, (Fri, May 11th)
- ISC StormCast for Friday, May 11th 2012 http://isc.sans.edu/podcastdetail.html?id=2527, (Fri, May 11th)
- Safari 5.1.7 - an interesting feature, (Thu, May 10th)
- APPLE-SA-2012-05-09-1 OS X Lion v10.7.4 and Security Update 2012-002 are now available, (Thu, May 10th)
- APPLE-SA-2012-05-09-2 Safari 5.1.7 is now available, (Thu, May 10th)
- Bogus emails: Amazon.com - Your Cancellation, (Wed, May 9th)
- ISC StormCast for Thursday, May 10th 2012 http://isc.sans.edu/podcastdetail.html?id=2524, (Thu, May 10th)
- The day after patch Tuesday; sometimes called Wednesday, (Wed, May 9th)
- ISC StormCast for Wednesday, May 9th 2012 http://isc.sans.edu/podcastdetail.html?id=2521, (Wed, May 9th)
- May Adobe Security Bulletins, (Tue, May 8th)
- Microsoft May 2012 Black Tuesday Update - Overview, (Tue, May 8th)
- PHP 5.4.3 and PHP 5.3.13 Released, (Tue, May 8th)
SANS Newsbites
- 47 Arrested in Carding Ring (11th May 2012)
- Adobe Changes Mind on Handling Vulnerabilities After User Backlash (12th May 2012)
- Amnesty International UK Hijacked to Share Malware (11th May 2012)
- Dutch ISPs Ordered by Court To Block Pirate Bay (11th May 2012)
- Israeli Authorities Charge 6 People for Massive Data Theft (13th May 2012)
- Man Pleads Guilty to US $1.3 Million Phishing Scam (8th May 2012)
- New Secure TLD Proposed (11th May 2012)
- Payroll Data for 700,000 People Goes Missing in Mail (12th May 2012)
- Pentagon To Share Cyber Security Information with Defense Contractors (14th May 2012)
- Undercover Investigation in UK Uncovers Trading in Personal Data (12th May 2012)
- ACTA Unlikely to be Ratified in Europe (8th May 2012)
- Apple Release Patches To Address Multiple Security Issues (10th May 2012)
- Business Travelers Warned of hotel Wi-Fi malware scam (9th May 2012)
- China and United States To Work Together to Avoid a Cyber Cold War (8th May 2012)
- Microsoft Releases 23 Fixes for May Patch Tuesday (8th May 2012)
- Norwegian Teens Arrested for Allegedly Attacking UK SOCA Website (9th May 2012)
- Team Poison hacking inquiry: UK teenager arrested (10th May 2012)
- The Pirate Bay Criticizes Anonymous DDoS Attack Against Virgin Media (9th May 2012)
- Twitter Reassures Users After Details of 55,000 Accounts Published (9th May 2012)
- UK Government Outlines Internet Surveillance Plans (9th May 2012)
SANS @Risk
- (1) HIGH: Google Chrome Sandbox Escapes
- (2) HIGH: Microsoft Remote Desktop Protocol Vulnerability
- (3) HIGH: Mozilla Firefox Use-After-Free Vulnerability
- (2) MEDIUM: Google Chrome Multiple Vulnerabilities
- (1) HIGH: Samba Remote Code Execution Vulnerability
- (2) HIGH: Mozilla Firefox png_decompress_chunk Integer Overflow
- (3) HIGH: Adobe Flash Player Multiple Security Vulnerabilities
- (4) MEDIUM: Google Chrome Multiple Security Vulnerabilities
- (1) HIGH: Microsoft Patch Tuesday Vulnerabilities
- (2) HIGH: Mozilla Firefox Use-After-Free Vulnerability
- (3) HIGH: Adobe Shockwave Player Multiple Vulnerabilities
- (4) HIGH: Horde Groupware Webmail Edition Unauthenticated PHP Execution
- (5) MEDIUM: Google Chrome Multiple Security Vulnerabilities
- (2) MEDIUM: Novell iPrint Server Buffer Overflow
- (1) MEDIUM: Mozilla Firefox Multiple Security Vulnerabilities
- (2) MEDIUM: Symantec PCAnywhere Buffer Overflow
- (1) MEDIUM: Google Chrome Stable Channel Updates
- (3) HIGH: HP Easy Printer Care Multiple ActiveX Vulnerabilities
- (2) HIGH: McAfee Security-as-a-Service ActiveX Control
- (1) HIGH: HP Insight Diagnostics Buffer Overflow
SANS Reading Room
- In-house Penetration Testing for PCI DSS
- A Regular Expression Search Primer for Forensic Analysts
- Detailed Analysis Of Sykipot (Smartcard Proxy Variant)
- Diskless Cluster Computing: Security Benefit of oneSIS and Git
- Remote Access Point/IDS
- Post Exploitation using Metasploit pivot & port forward
- A Complete Guide on IPv6 Attack and Defense
- What's in a Name: Uncover the Meaning behind Windows Files and Processes
- Incident Handler's Handbook
- iPhone Backup Files. A Penetration Tester's Treasure
- Incident Handler's Handbook
- A Preamble Into Aligning Systems Engineering and Information Security Risk
- Defense in Depth: An Impractical Strategy for a Cyber World
- Quick and Effective Windows System Baselining and Comparative Analysis for Troubleshooting and Incident Response
- Securing Windows 20003 with ADAM and MIIS Feature Packs
- The Jester Dynamic: A Lesson in Asymmetric Unmanaged Cyber Warfare
- What's in a Name: Uncover the Meaning behind Windows Files and Processes
- Auditing Windows Environments PowerShell XML output, windows security, ossams
- iPhone Backup Files. A Penetration Tester's Treasure
- Auditing ASP.NET applications for PCI DSS compliance
Application Security Streetfighter Blog
- Ask the Expert – Chenxi Wang
- Ask the Expert – Jeremiah Grossman
- Forms Authentication: Remember Me? Its Hard Not Too!
- What’s the point of application pen testing?
- AppSec at RSA 2012 Conference
- Agile Development Teams CAN build secure software
- Dealing with security vulnerabilities … er… bugs
- Software Security starts with Software Quality
- ASP.Net Forms Authentication Bypass
- ASP.Net Insecure Redirect
- Seven Tips for Picking a Static Analysis Tool
- Apple’s iCloud: Thoughts on Security and the Storage APIs
- Real and useful security help for software developers
- Bypassing ValidateRequest in ASP.NET
- Commenting Server Controls in ASP.Net
- Dealing with security vulnerabilies … er… bugs
- Password Tracking in Malicious iOS Apps
- Spot the Vuln – Boundaries
- Spot the Vuln – Boundaries – SQL Injection
- Spot the Vuln – Floods
CGISecurity.com
- Secure Application Development on Facebook Platform
- TJX Hacker Gets Pwned, 20 Years In Prison
- Random FireFox URL handling Behavior
- Cryptography experts bicker with former NSA director at RSA panel
- Watcher 1.3.0 passive Web-vulnerability testing tool released
- Web Security Dojo v1.0 release
- XSS, SQL Injection and Fuzzing Barcode Cheat Sheet
- Multiple Adobe products vulnerable to XML External Entity Injection And XML Injection
- Post on Abusing Windows Communication Foundation to Perform Remote Port Scans
- 2010 SANS Top 25 Most Dangerous Programming Errors Released
- Larry Suto Web Application Security Scanner Comparison Report Inaccurate Vendors Say
- R.I.P. Apache 1.x: Apache 1.3.42 marks of end life
- Nikto version 2.1.1 released
- Weaning the Web off of Session Cookies Making Digest Authentication Viable
- WASC RSA Meet-Up 2010!
- Facebook security pretty much what you'd expect?
- Hacker Messes With Student's Schedule
- WASC Threat Classification to OWASP Top Ten RC1 Mapping
- Announcement: WASC Threat Classification v2 is Out!
- Stephen Watt sentenced to 2 years in prison for role in TJX
E-Week Security
- Apple Protects OS X 10.5 Leopard From Flashback Malware
- Apple Security Updates Targets Mac OS X Leopard, Flashback Trojan
- California Woman Gets 5-Year Prison Term in Phishing Conviction
- Cloud Storage Security Isn't as Solid as Vendors Want You to Believe
- SMB Confidence in Cloud Security Grows, Surveys Say
- Americans Rate Cyber-Security as Hot Issue in Presidential Election: Survey
- Mac OS X Security to Be Vetted by Kaspersky Labs
- SMB Confidence In Cloud Security Grows, Surveys Say
- iPhone, iPad Popularity Could Threaten Enterprise Security: Zscaler
- U.S. Senator Takes Wrong Turn on DOJ's GPS Tracking Requests
- Dutch Party Barred From Helping People Skirt Pirate Bay Web Blockade
- Pentagon Sharing More Cyber-Security Intelligence With Industries
- Senator Questions DOJ on GPS-Tracking Requests to Carriers
- Twitter Tries to Quash Subpoena for Occupy Protester's Data
- FBI Warns of Malware Attacks Through Hotel Internet Services
- Symantec Discusses Cloud, Mobile Security Plans at Vision 2012
- Twitter Denial of Alleged Site Hack Leaves More Questions Than Answers
- Twitter Denies Site Hack in Reputed Account Credential Dump
- iOS 5 Gadgets: Fun Toys That Can Mess With Enterprise Security
- Microsoft Patch Tuesday Swats 23 Security Bugs, Including Duqu Exploit
Network Computing Security
- Amazon Speeds Content Delivery Network
- AMD Trinity: Intel Ivy Bridge's New Rival
- HP ProLiant Serves Up Entry-Level, Vendor-Ecosystem News
- Laserfiche Mobile Brings Enterprise Content Management to iDevices
- Oracle Positioned to Succeed in the Cloud Computing Market
- Private, Public and Hybrid Clouds Will All Need an IT Service Culture
- Akamai and Riverbed's Cure for Pokey SaaS Apps
- Cisco Acquires Data Analytics Company Truviso: Can It Execute?
- Hybrid Memory Cube Takes RAM to the Third Dimension
- Oracle Embraces Cloud Computing, the New Consumption Model
- BYOD vs. Network Bandwidth: How Blue Coat Tackles Selfish Apps
- Enterprise IPv6 Deployment Stories at Summit a Refreshing Change
- Interop Las Vegas 2012: A Big Thanks to the Speakers
- Napa County Bottles Up BYOD Phenomenon
- Panzura Cloud Storage Gateway Refresh Delivers More Control
- Gnodal's New Switch, the Ultra-Fast GS0072: 6 Tb in 2U
- Virsto Citrix Storage Hypervisor Addresses VDI Performance, Costs
- Searching for an SDN Definition: What Is Software-Defined Networking?
- Whiptail Reinvents Performance Flash
- WildPackets Adds IPv6, Timeline Dashboard
Microsoft
- MS11-100 - Critical : Vulnerabilities in .NET Framework Could Allow Elevation of Privilege (2638420) - Version: 1.4
- MS12-035 - Critical : Vulnerabilities in .NET Framework Could Allow Remote Code Execution (2693777) - Version: 2.0
- MS12-029 - Critical : Vulnerability in Microsoft Word Could Allow Remote Code Execution (2680352) - Version: 1.1
- MS12-030 - Important : Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2663830) - Version: 1.1
- MS12-032 - Important : Vulnerability in TCP/IP Could Allow Elevation of Privilege (2688338) - Version: 1.1
- MS12-029 - Critical : Vulnerability in Microsoft Word Could Allow Remote Code Execution (2680352) - Version: 1.0
- MS12-030 - Important : Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2663830) - Version: 1.0
- MS12-031 - Important : Vulnerability in Microsoft Visio Viewer 2010 Could Allow Remote Code Execution (2597981) - Version: 1.0
- MS12-032 - Important : Vulnerability in TCP/IP Could Allow Elevation of Privilege (2688338) - Version: 1.0
- MS12-033 - Important : Vulnerability in Windows Partition Manager Could Allow Elevation of Privilege (2690533) - Version: 1.0
- MS12-034 - Critical : Combined Security Update for Microsoft Office, Windows, .NET Framework, and Silverlight (2681578) - Version: 1.0
- MS12-035 - Critical : Vulnerabilities in .NET Framework Could Allow Remote Code Execution (2693777) - Version: 1.0
- MS12-027 - Critical : Vulnerability in Windows Common Controls Could Allow Remote Code Execution (2664258) - Version: 2.0
- MS12-028 - Important : Vulnerability in Microsoft Office Could Allow Remote Code Execution (2639185) - Version: 1.1
- MS12-017 - Important : Vulnerability in DNS Server Could Allow Denial of Service (2647170) - Version: 1.1
- MS12-026 - Important : Vulnerabilities in Forefront Unified Access Gateway (UAG) Could Allow Information Disclosure (2663860) - Version: 1.1
- MS12-025 - Critical : Vulnerability in .NET Framework Could Allow Remote Code Execution (2671605) - Version: 1.1
- MS12-023 - Critical : Cumulative Security Update for Internet Explorer (2675157) - Version: 1.0
- MS12-024 - Critical : Vulnerability in Windows Could Allow Remote Code Execution (2653956) - Version: 1.0
- MS12-025 - Critical : Vulnerability in .NET Framework Could Allow Remote Code Execution (2671605) - Version: 1.0
NetworkWorld Virus/Worms
- Apple releases security update, Flashback removal tool for Leopard
- 'Smishing' Attacks Are on the Rise
- NotCompatible Android Trojan: What You Need to Know
- Free Antivirus You Can Trust
- Who is threatening the security of your network?
- Flashback Malware Still Affects 140,000 Macs
- How to detect and remove the SabPub Mac Trojan
- Kaspersky fixes Flashback-fighting tool; Norton joins the fray
- New Java update from Apple removes Flashback malware
- Free Flashback Checker finds out if your Mac is infected
- Kaspersky launches free Flashback removal tool and website to check for infections
- Security firm offers more Flashback details, free tools
- McAfee brings antivirus support to VMware's vShield
- Computer viruses could cross frontier into biological realm, researchers say
- Avast Free Antivirus 7 adds cloud updates, file reputation and remote assistance
- Shylock financial malware back 'with a vengeance'
- Download InfoWorld's Malware Deep Dive report
- First look: Norton's 2012 desktop, smartphone security push
- When 'Viagra' Comments on Your Blog, and Other Spam Red Flags
- Intego: 2011 offered bumper crop of Mac malware
NetworkWorld Security
- Apple ships first Leopard security update in nearly a year
- Cloud computing tools: Improving security through visibility and automation
- FTC shuts down website marketing business
- Hackers break into bitcoin exchange site Bitcoinica, steal $90,000 in bitcoins
- Kaspersky denies it's working with Apple on Mac security
- Microsoft cloud survey: Security, cost both a deterrent and an attraction
- Thwarted by security at enterprises, cyber criminals target SMBs
- Companies slow to react to mobile security threat
- Public vs. private cyberattack responsibility debate heats up
- Adobe backpedals, will now patch software for free
- Adobe: Pay upgrade price to patch critical bugs
- Amnesty International's UK website compromised to infect visitors with cyberspying malware
- Cloud, BYOD Increases Need for Automated IAM Systems
- Facebook proposes more changes to privacy policy
- Adobe's security chief praises Apple for Flash-crippling move
- Apple patches 36 bugs in OS X, fixes encryption password goof
- BlackBerry 7 smartphones approved for DOD use
- California moves to stop employers demanding Facebook passwords
- How to Control Your Facebook Privacy Settings
- New York City agency pushes plan to prevent cyberattacks on elevators, boilers
NWC Security
- Anti-Spam Server Fits The Job
- Rolling Review: Patch Up Your Windows
- Rolling Review: LANDesk Patch Manager
- StillSecure Steps Up
- Rolling Review: BigFix Enterprise Suite 7.0.7.96
- 7 Whole-Disk Encryption Apps Put A Lock On Data
- Rolling Review Kickoff: Network Behavior Analysis Systems
- Rollout: Mazu Profiler 8
- From The Labs: Palo Alto's Firewall Appliance
- Nevis Nails In-Band NAC
- Rolling Review: Shavlik Technologies NetChk Protect 5.9
- In-Band NAC: Three Products You Should Know About
- Log Management Gets SLIM
- Rolling Review: Host-Based NAC
- Vernier's In-Band NAC Product Takes Work
- Rollout: Vernier Networks' Control Server and EdgeWall 8800
- Analysis: PC Control
- PatchLink's Sanctuary
- RippleTech's Informant
- Identity Theft Has Gone to the Dogs
The Register
- Apple scrubs old Leopards of Flashback Trojan infections
- Bitcoin bank Bitcoinica still titsup after cyberheist
- Scammers exploit wannabe demon-slayers hyped by Diablo III
- Adobe backs down, patches critical Photoshop CS5 hole
- Russian upstart claims BitTorrent-killer
- Russian start-up claims BitTorrent-killer
- Amnesty International UK site flung Gh0st RAT at surfers after hack
- Megacorps accuse Chinese fab workers of pilfering designs
- Third teen TeamPoison hack suspect quizzed by cyber-cops
- Multinationals in China fear IP theft by local staff
- Norwegian teens arrested over SOCA DDoS attack
- Anonymous takes the Kremlin offline in Putin protest
- Jetting off abroad? Pack protection ... for your Wi-Fi
- Leaked Twitter accounts 'mostly banned spammers'
- PHP devs lob second patch at super-critical CGI bug
- Scandal ad slingers cough up $100k in 'Facebook clickjack' case
- Microsoft makes good with a 23-fix Patch Tuesday
- Zombie PCs exploit hookup site in 4Square-for-malware scam
- Apple logging passwords in plain text
- Cybercrims dump email for irresistible Twitter, Facebook spam
SecurityFocus News
- News: Change in Focus
- News: Google: 'no timetable' on China talks
- News: 'Severe' OpenSSL vuln busts public key crypto
- News: Monster botnet held 800,000 people's details
- News: Latvian hacker tweets hard on banking whistle
- News: MS uses court order to take out Waledac botnet
- News: Almost 2,500 firms breached in ongoing hack attack
- News: Two Chinese schools implicated in Google Aurora attacks
- News: Adobe pushes out Flash security fix
- Brief: Google offers bounty on browser bugs
- News: CIA, PayPal under bizarre SSL assault
- News: Most consumers reuse banking passwords
- Brief: Cyberattacks from U.S. "greatest concern"
- Brief: Microsoft patches as fraudsters target IE flaw
- Brief: MS readies patch, as fraudsters target IE flaw
- Brief: Attack on IE 0-day refined by researchers
- Brief: IE flaw gave attackers entry, says McAfee
- Brief: Law firm suing China suffers attack
- Brief: Microsoft, Oracle, Adobe issue patches
- Brief: Google, Adobe attacked through China
SecurityFocus Vulnerabilities
- Bugtraq: Re: rssh security announcement
- Bugtraq: Trigerring Java code from a SVG image
- Bugtraq: [ MDVSA-2012:075 ] ffmpeg
- Bugtraq: [ MDVSA-2012:076 ] ffmpeg
- Vuln: RETIRED: Serendipity SQL Injection and Cross Site Scripting Vulnerabilities
- Vuln: Serendipity SQL Injection and Cross Site Scripting Vulnerabilities
- Vuln: WordPress WP-FaceThumb 'pagination_wp_facethum' Parameter Cross Site Scripting Vulnerability
- Bugtraq: b2ePMS 1.0 Authentication Bypass Vulnerability
- Bugtraq: Liferay users can assign themselves to organizations, leading to possible privilege escalation
- Bugtraq: Universal Reader Filename Denial Of Service Vulnerability
- Bugtraq: [SECURITY] [DSA 2670-1] wordpress security update
- Vuln: Cisco IOS Network Address Translation Multiple Denial of Service Vulnerabilities
- Vuln: IBM WebSphere Application Server for z/OS JAX-RPC Unspecified Remote Security Vulnerability
- Bugtraq: Adobe Photoshop CS5.1 U3D.8BI Library Collada Asset Elements Stack Based Buffer Overflow Vulnerability
- Bugtraq: ESA-2012-019: EMC Documentum Information Rights Management Multiple Vulnerabilities
- Bugtraq: t2'12: Call for Papers 2012 (Helsinki / Finland)
- Bugtraq: [SECURITY] [DSA 2469-1] linux-2.6 security update
- Vuln: eZ Publish 'ezjscore' Module Cross Site Scripting Vulnerability
- Vuln: Galette 'picture.php' SQL Injection Vulnerability
- Vuln: SPIP Multiple Unspecified Cross Site Scripting Vulnerabilities
SecurityForest
- User talk:Sijialgc88
- User talk:Sijialgc89
- User talk:Sijialgc90
- User talk:Sijialgc91
- User talk:Sijialgc92
- User talk:Sijialgc93
- User talk:Sijialgc94
- User talk:Sijialgc95
- User talk:Sijialgc96
- User talk:Sijialgc97
- User talk:Sijialgc98
- User talk:Sijialgc99
- User talk:Fengliucaot49
- User talk:Fengliucaot50
- User talk:Sijialgc
- User talk:Sijialgc1
- User talk:Sijialgc2
- User talk:Sijialgc3
- User talk:Sijialgc4
- User talk:Sijialgc5
SecurityNewsPortal
- New release of Intellitactics Security Manager features security know how
- Ubuntu Security Notice - pptpd vulnerability (USN-459-1)
- Verizon Business to acquire Cybertrust and ICSA Labs
- Cisco Security Response - HTTP Full-Width and Half-Width Unicode Encoding Evasion
- Criminologists pwn AusCERT
- Former Oracle VP pays $198,000 in trading charge
- Google Warns of Web Malware Epidemic
- Microsoft desperate, says target OpenOffice.org
- Players in potential patent battle hunker down
- Re: What RedHat doesnt want you to know about ExecShield (without NX)
- Re: [Dailydave] What RedHat doesnt want you to know about ExecShield (without NX)
- RE: Apple Safari on MacOSX may reveal users saved passwords
- Researcher: Apple TV, iTunes video dead ends
- Some Windows users get system freeze with May patches
- U.S. piracy crackdown nets 50th conviction
- Windows Update used to download malware updates
- Wordpress Akismet XSS flaw
- [USN-459-1] pptpd vulnerability
- AGs Ask MySpace For Predator Data
- Exchange Server 2007 Webcast Series - Most Frequently Asked Follow Up Questions (1 - 6)
US-Cert Alerts
- SA12-010A: Microsoft Updates for Multiple Vulnerabilities
- SA12-006A: Wi-Fi Protected Setup (WPS) Vulnerable to Brute-Force Attack
- SA11-350A: Adobe Updates for Multiple Vulnerabilities
- SA11-347A: Microsoft Updates for Multiple Vulnerabilities
- SA11-312A: Microsoft Updates for Multiple Vulnerabilities
- SA11-286A: Apple Updates for Multiple Vulnerabilities
- SA11-284A: Microsoft Updates for Multiple Vulnerabilities
- SA11-256A: Microsoft Updates for Multiple Vulnerabilities
- SA11-222A: Adobe Updates for Multiple Vulnerabilities
- SA11-221A: Microsoft Updates for Multiple Vulnerabilities
- SA11-193A: Microsoft Updates for Multiple Vulnerabilities
- SA11-165A: Microsoft Updates for Multiple Vulnerabilities
- SA11-166A: Adobe Updates for Multiple Vulnerabilities
- SA11-130A: Microsoft Updates for Multiple Vulnerabilities
- SA11-102A: Microsoft Updates for Multiple Vulnerabilities
- SA11-067A: Microsoft Updates for Multiple Vulnerabilities
- SA11-039A: Microsoft Updates for Multiple Vulnerabilities
- SA11-011A: Microsoft Updates for Multiple Vulnerabilities
- SA10-348A: Microsoft Updates for Multiple Vulnerabilities
- SA10-313A: Microsoft Updates for Multiple Vulnerabilities
US-Cert Bulletins
- SB12-072: Vulnerability Summary for the Week of March 5, 2012
- SB12-065: Vulnerability Summary for the Week of February 27, 2012
- SB12-058: Vulnerability Summary for the Week of February 20, 2012
- SB12-051: Vulnerability Summary for the Week of February 13, 2012
- SB12-044: Vulnerability Summary for the Week of February 6, 2012
- SB12-037: Vulnerability Summary for the Week of January 30, 2012
- SB12-030: Vulnerability Summary for the Week of January 23, 2012
- SB12-023: Vulnerability Summary for the Week of January 16, 2012
- SB12-016: Vulnerability Summary for the Week of January 9, 2012
- SB12-009: Vulnerability Summary for the Week of January 2, 2012
- SB12-002: Vulnerability Summary for the Week of December 26, 2011
- SB11-360: Vulnerability Summary for the Week of December 19, 2011
- SB11-353: Vulnerability Summary for the Week of December 12, 2011
- SB11-346: Vulnerability Summary for the Week of December 5, 2011
- SB11-339: Vulnerability Summary for the Week of November 28, 2011
- SB11-332: Vulnerability Summary for the Week of November 21, 2011
- SB11-325: Vulnerability Summary for the Week of November 14, 2011
- SB11-318: Vulnerability Summary for the Week of November 7, 2011
- SB11-311: Vulnerability Summary for the Week of October 31, 2011
- SB11-304: Vulnerability Summary for the Week of October 24, 2011
US-CERT Techalerts
- TA12-073A: Microsoft Updates for Multiple Vulnerabilities
- TA12-045A: Microsoft Updates for Multiple Vulnerabilities
- TA12-024A: "Anonymous" DDoS Activity
- TA12-010A: Microsoft Updates for Multiple Vulnerabilities
- TA12-006A: Wi-Fi Protected Setup (WPS) Vulnerable to Brute-Force Attack
- TA11-350A: Adobe Updates for Multiple Vulnerabilities
- TA11-347A: Microsoft Updates for Multiple Vulnerabilities
- TA11-312A: Microsoft Updates for Multiple Vulnerabilities
- TA11-286A: Apple Updates for Multiple Vulnerabilities
- TA11-284A: Microsoft Updates for Multiple Vulnerabilities
- TA11-256A: Microsoft Updates for Multiple Vulnerabilities
- TA11-222A: Adobe Updates for Multiple Vulnerabilities
- TA11-221A: Microsoft Updates for Multiple Vulnerabilities
- TA11-201A: Oracle Updates for Multiple Vulnerabilities
- TA11-200A: Security Recommendations to Prevent Cyber Intrusions
- TA11-193A: Microsoft Updates for Multiple Vulnerabilities
- TA11-165A: Microsoft Updates for Multiple Vulnerabilities
- TA11-166A: Adobe Updates for Multiple Vulnerabilities
- TA11-130A: Microsoft Updates for Multiple Vulnerabilities
- TA11-102A: Microsoft Updates for Multiple Vulnerabilities
US-Cert Tips
- ST11-001: Holiday Traveling with Personal Internet-Enabled Devices
- ST04-014: Avoiding Social Engineering and Phishing Attacks
- ST08-001: Using Caution with USB Drives
- ST05-008: How Anonymous Are You?
- ST05-006: Recovering from Viruses, Worms, and Trojan Horses
- ST05-003: Securing Wireless Networks
- ST05-002: Keeping Children Safe Online
- ST05-001: Evaluating Your Web Browser's Security Settings
- ST04-024: Understanding ISPs
- ST07-001: Shopping Safely Online
- ST04-023: Understanding Your Computer: Email Clients
- ST04-022: Understanding Your Computer: Web Browsers
- ST04-021: Understanding Your Computer: Operating Systems
- ST04-020: Protecting Portable Devices: Data Security
- ST04-019: Understanding Encryption
- ST04-018: Understanding Digital Signatures
- ST04-017: Protecting Portable Devices: Physical Security
- ST04-016: Recognizing and Avoiding Spyware
- ST04-015: Understanding Denial-of-Service Attacks
- ST04-013: Protecting Your Privacy
Windows IT Pro
- Bug Hunting in Greenborder Pro
- OS Haste Makes Waste
- Sam Spade on the Spam Case
- Who Is Connected To Your Systems?
- Security UPDATE--OS Haste Makes Waste--July 19, 2006
- Month of Browser Bugs
- Nmap Hackers Pick Top 100 Security Tools
- Seven Microsoft Security Patches Due In July
- Security UPDATE--Nmap Hackers Pick Top 100 Security Tools--July 5, 2006
- ADV: Get the facts about virtualization
- Security Diligence Is Overdue
- Security UPDATE--Security Diligence Is Overdue--June 28, 2006
- Singin' The Browser Blues?
- Voylent Encrypts Cell Phone Calls
- Is Vista's UAC Giving You The Blues?
- Biggest Known Targets
- Death of the Frog
- 8866 2288 6600 8800 9966 7700
- Crypto Class
- Security UPDATE--Death of the Frog--May 24, 2006
Yahoo Security
- Hackers booby-trap foreign policy group websites
- Utah tech director resigns in wake of data theft
- Cyberattacks Target Russian Broadcasters, Ustream CEO Responds
- 2 teens arrested in Norway for alleged cyber attacks against government, corporate sites
- 2 teens arrested in Norway in cyber attack case
- Activist hackers temporarily block Putin's website
- Interpol says organised gangs behind internet crime boom
- Interpol to crack down on cyber crime
- Twitter Debunks Reports of 55,000 Hacked Accounts
- McAfee founder claims persecution in Belize
- British crime agency website knocked out by attack
- Cyber-attack shuts crime body's website
- Crime agency SOCA's website hit by hackers
- Cyber-attack shuts UK crime body's website
- Lockheed wins contract to run U.S. cyber crime lab
- Hackers pick Google's pocket with Mac virus
- Religion riskier than porn for online viruses: study
- Spam Texts: 4.5 Billion Messages a Year and Counting [VIDEO]
- Microsoft says raid damaged cybercrime operation
- Taliban website hacked as Afghan cyber war heats up
IT Toolbox Blogs
- CIO and CFO Hunger Games: The Risks and Rewards of Rapid ERP Implementations
- Dancing MODEL Links: Part IV(a) - eXploring the Search Tree
- How to make Android faster, more productive and more secure than iPhone
- Integrity Matters
- Keep ePHI on Secure Networks, Not Mobile Devices, Recommends OCR
- Retailers use SOA, APIs and Mobility to Compete - Shouldn't you?
- What I and every network admin I know wants to do on Patch Tuesday!!
- Where have all the bloggers gone?
- Deprecated: Such a cool word yet a word so misunderstood
- Rising of Mobile Business Applications
- Why does ERP SaaS Technology Speak to Your Business?
- Apply for a New Job, Get a Project?
- ASP.NET Web Forms: Capturing Server-Control Values as Fields
- Collaboration and Culture in the Delivery of IT Services
- How far can reuse go?
- Microsoft’s MDT and the reality about ACT.
- One more Yahoo CEO is out! Should Yahoo have taken the $31 a share Microsoft offer?
- SOA and Legacy Modernization
- Tricare Scrambles to Restore Customer Goodwill after Data Breach
- Understanding and Managing Conflict in Projects
