Home > Latest News
 
  Astalavista.com Security News  
  • XMAS Offer for astalavista.NET
  • Nokia, Others Deal Major Blow To Android
  • Mass SQL injection
  • Wanted: 10 IT skills employers need today
  • Crimeware in the Middle - Zeus (crimeware kit)
  • Mass Attack JavaScript injection - UN and UK Government websites compromised
  • Wired.com Readers' Brain-Enhancing Drug Regimens
  • ASTALAVISTA launched the own Blog
  • Google to open suspect Orkut albums to Brazil police
  • Database Trojan infests pro-Tibet websites
  • Red Hat`s Challenge
  • Microsoft wants online ad companies to protect user privacy
  • Asus G35 Motherboards with onboard DirectX 10 - A World's first
  • Will Linux Dominate Ultra-Portable Market?
  • Kavli Prizes to honor top scientists
  • Asus M70 1TB Blu-ray full HD Notebook
  • AMD shoves delayed Barcelona chip out of the door
  • Update: Adobe fixes seven flaws in Flash Player
  • Microsoft jumps into European health-care market
  • For Marriott, Green IT is Reality, Not Hype
    		•

      CERT Announcements  
  • New Podcast Released
  • New Podcast Released
  • CERT Resiliency Engineering Framework (REF) Outline Published
  • New Podcast Released
  • New Podcast Released
  • The CERT C Secure Coding Standard Published
  • CERT Statistics Updated
  • New Podcast Released
  • New Podcast Released
  • Interactive Vulnerability Reporting Form Released
  • New Podcast Released
  • Java Secure Coding Standard Released
  • New Technical Note Released
  • New Podcast Released
  • New Podcast Released
  • New Podcast Released
  • CERT Statistics Updated
  • New Podcast Released
  • New Podcast Released
  • CERT Autoresponder Disabled
  • New Podcast Released
  • Winners of Best Practices Security Awards Announced
  • New Podcast Released
  • Evaluation of CERT Secure Coding Rules through Integration with Source Code Analysis Tools Published
  • New Podcast Released
  • New Podcast Released
  • New CERT PGP Public Key
  • Making the Business Case for Software Assurance
  • New Podcast Released
  • New Podcast Released
  • Vulnerability Analysis Blog Published
  • New Podcast Released
  • CERT Statistics Updated
  • CERT Authors Publish Book About Building Security into Software Products
  • Reminder: Entries for Security Awards Due April 30
  • New Podcast Released
  • Incident Management Mission Diagnostic Method, Version 1.0 Published
  • CERT Sponsors FIRST Conference
  • New Podcast Released
  • CERT Resiliency Engineering Framework, v0.95R Available
  • 2007 CERT Research Annual Report Published
  • New Podcast Released
  • FIRST and Carnegie Mellon Software Enginnering Institute CERT Coordination Center Unveil New Security Awards
  • New Podcast Released
  • CERT to Participate in Second Annual Counter eCrime Operations Summit
  • New Podcast Released
  • New Podcast Released
  • SQUARE Instructional Materials Released
  • New Podcast Released
  • CERT Statistics Updated
  • Insider Threat Studies Released
  • New Podcast Released
  • New Podcast Released
  • FloCon 2008 Schedule Available
  • FBI Announces Results of Operation Bot Roast II
  • New Podcast Released
  • New Podcast Released
  • CERT NetSA Group Participates in Anti-Phishing Working Group eCrime Research Summit
  • New Podcast Released
  • CERT Statistics Updated
  • New Podcast Released
  • Vodcast - Secure Coding Initiative: Project
  • New Podcast Released
  • FloCon 2008 Call for Presentations
  • New Podcast Released
  • Ranged Integers for the C Programming Language
  • Resiliency Engineering Framework and Service Oriented Architecture Information Sessions
  • 2007 E-Crime Watch Survey
  • Vodcast: Secure Coding Standards Work
  • New Podcast Released
  • New Podcast Released
  • Vodcast: Training Provided through CERT's Secure Coding Initiative
  • New Podcast Released
  • Beta Implementation of Managed String Library Released
  • Microsoft Recognizes CERT Analyst
  • CERT Statistics Updated
  • New Podcast Released
  • CERT Secure Coding Tutorial at SANS Network Security 2007
  • The Use of Malware Analysis in Support of Law Enforcement
  • New Podcast Released
  • CERT Secure Coding Tutorial at SANSFIRE 2007
  • New PGP Key
  • New Podcast Released
  • FBI Charges "Bot-Herders"
  • New Podcast Released
  • Incident Management Capability Metrics Version 0.1
  • New Podcast Released
  • New Podcast Released
  • Resiliency Engineering
  • New Podcast Released
  • CERT Statistics Updated
  • New Podcast Released
  • New Podcast Released
  • Podcast series ranks #10
  • New PGP Key
  • Article 2: Defining an Effective Enterprise Security Program (ESP)
  • Article 3: Enterprise Security Governance Activities
  • New Podcast Released
  • New Podcast Released
  • Governing for Enterprise Security
    		•

      Help Net Security - News  
  • VeriSign transitions all new RapidSSL certificates to SHA-1 algorithm
  • Off the wire: Whitepaper - 4 key steps to automate IT security compliance
  • Conference: SANS WhatWorks in Virtualization Security Summit 2009
  • Off the wire: 14% of SSL certificates signed using vulnerable MD5 algorithm
  • Off the wire: Addressing the challenges of identification and authentication in American society
  • Off the wire: On the ‘09 infrastructure security radar
  • Off the wire: Private firm may track all email and calls
  • Off the wire: Futuristic security checkpoint predicts your actions
  • Off the wire: Information gathering with GPG/PGP keytrusts
  • Off the wire: Tales from the support crypt
  • Malware Center: Tales from the support crypt: infected DVD drives, antiviruses that blow fuses and more
  • Article: Security Trends of 2008 and Predictions for 2009
  • Malware Center: Rogue antivirus applications related to Continental Flight 1404 and other current news
  • ESET launches Remote Administrator 3.0
  • Vulnerability in SQL Server could allow remote code execution
  • Check Point to acquire Nokia’s security appliance business
  • Malware Center: Zero-day Web malware blocks surpass yearly average
  • Linux-Based virtual desktop from IBM and co.
  • Malware Center: New password-stealing application disguised as a Firefox plugin
  • Low power unmanaged switches from Allied Telesis
  • Article: The Rise and Rise of Rogue Security Software
  • Juniper positioned among the leaders of SSL VPN Magic Quadrant
  • Malware Center: Malware week: Antivirus360 antivirus and Sinowal.VXR banker trojan
  • Microsoft releases Intelligent Application Gateway SP2
  • Data center transformation a top priority in 2009 for CIOs
  • Documenting requirements for RFID data center asset tracking standard
  • LaCie Ethernet Disk: up to 6TB in a rack-mounted backup appliance
  • Conference: ShmooCon 2009
  • Conference: 25th Chaos Communication Congress (25C3)
  • Backup and recovery with DriveClone Version 6
    		•

      SANS Information Security Reading Room  
  • SANS 2009
  • CURRENT ISSUES IN DNS
  • Security Considerations for Avaya ESS Implementation
  • Security Incident Handling in Small Organizations
  • Transparent (Layer 2) Firewalls: A look at 2 Vendor Offerings: Juniper and Cisco
  • Document Metadata, the Silent Killer...
  • Data Carving Concepts
  • IOSMap: TCP and UDP Port Scanning on Cisco IOS Platforms
  • Mining for Malware - There's Gold in Them Thar Proxy Logs!
  • .NET Framework Rootkits: Backdoors inside your Framework
  • EVTX and Windows Event Logging
  • Auditing Mac OS X Compliance with the Center for Internet Security Benchmark Using Nessus
  • Detecting and Preventing Anonymous Proxy Usage
  • Intrusion Detection Likelihood: A Risk-Based Approach
  • Cleaning Up the Back Yard - A discussion on your mother's home network security.
  • Era of Spybots - A Secure Design Solution Using Intrusion Prevention Systems
  • OS and Application Fingerprinting Techniques
  • Intel IXP Network Processor Based Intrusion Detection
  • Skype: A Practical Security Analysis
  • Social Engineering: Manipulating the Source
  • Fibre Channel Storage Area Networks: An Analysis From A Security Perspective
  • Tips for Making Security Intelligence More Useful
  • Expanding Response: Deeper Analysis for Incident Handlers
  • Securing the K-12 School Network through Effective Internet Access Control, Network Traffic Monitoring, and Data Analysis.
  • Google Desktop Search as an Analysis Tool
  • Mobile Device Forensics
    		•

      SANS NewsBites  
  • SANS 2009
  • Maryland Seeks Reimbursement From Voting Machine Company for Fixing Security Holes (December 25, 2008)
  • Report Finds DHS Intelligence Fusion Centers Present Privacy Concerns (December 23 & 29, 2008)
  • Computer Engineer Will Stand Trial for Allegedly Holding City Network Hostage (December 27 & 28, 2008)
  • Software Company President Sentenced for Hacking and Proprietary Data Theft (December 19 & 23, 2008)
  • FEMA Investigating Evacuee Data Exposed on Internet (December 24, 2008)
  • Microsoft Warns of SQL Flaw (December 22, 23 & 24, 2008)
  • Samsung Digital Picture Frame Software Disk Infected with Keystroke Logging Malware (December 22 & 29, 2008)
  • RBS WorldPay Data Breach Affects More than 1 Million Customers (December 23, 24 & 29, 2008)
  • Cedars-Sinai Medical Center Notifies Patients of Data Theft (December 23, 2008)
  • CastleCops Raises the Drawbridge (December 29, 2008)
  • Microsoft Malicious Software Removal Tool Cleaned Phony Security Apps From 400,000 PCs (December 24, 2008)
  • Bank Info Security's Top 10 Security Breaches (December 22, 2008)
    		•

      SecuriTeam Blogs  
  • Snow and security
  • Joe-jobing in the real world
  • So you can fake your SSL Certificate. That don’t impress me much
  • Exploits of the Week #3
  • Disasters cost money?
  • All your (base) stations belong to us
  • Encoded message as an effective spam?
  • The “DesktopSmiley, Not A Spyware” ToolBar
  • CSIS Commission on Cybersecurity for the 44 Presidency
  • Agressive Anti-Spam Measures that Cause More Harm than Good
  • Cute awareness video (plus other resources)
  • Exploits of the Week #2
  • Snoop on Google Talk (Wiretap)
  • SPAMing as a Full Time Job?
  • SCTP fuzzing made easy
  • Metasploit’s Decloak, v2
    		•

      SecurityFocus News  
  • News: Group attacks flaw in browser crypto security
  • News: Commission calls for cybersecurity czar
  • News: Microsoft hopes free security means less malware
  • News: Researchers find more flaws in wireless security
  • Brief: Microsoft's music players die for a day
  • Brief: Zune music players crashing en masse
  • Brief: Chinese schools, search sites host malicious code
  • Brief: Digital picture frame viruses back for Christmas
  • News: Online payment site hijacked by crime gang
  • News: TJX employee fired for exposing shoddy security
  • News: Thoughts of a Teenage Bot Master
  • News: Radio Free Europe hit by DDoS attack
  • Infocus: Responding to a Brute Force SSH Attack
  • Infocus: Data Recovery on Linux and ext3
  • Infocus: WiMax: Just Another Security Challenge?
  • Infocus: Blocking Traffic by Country on Production Networks
  • Oliver Day: Time to Exclude Bad ISPs
  • Chris Wysopal: Standing on Other's Shoulders
  • Mark Rasch: Just EnCase It's Not a Search
  • Oliver Day: Microsoft's Stance on Piracy Affects Us All
  • More rss feeds from SecurityFocus
    		•