An attack that exploits a known flaw in Microsoft Office has been detected on machines around the world.......

Italian police have arrested four people believed to be active members of the Anonymous hacking collective.......

In an attempt to block a website believed to be associated with a financial scam, the Australian government shut down 1,200 other sites that were unrelated to the targeted site expect for the fact that they were hosted on the same IP address.......

Federal contractors are asking the US General Services Administration (GSA) to temporarily suspend cybersecurity rulemaking until the government issues national guidelines later this year.......

David Strickland, Administrator of the US's National Highway Traffic Safety Administration (NHTSA) told the Senate Committee on Commerce, Science, and Transportation that he intends to look carefully at what security requirements need to be in place for automated cars and proposed vehicle-to-vehicle (V2V) networks.......

Malware that targets Mac OS X has been found on the laptop of an Angolan human rights activist attending the Oslo Freedom Forum.......

A Romanian man currently serving a five-year prison sentence for his role in an ATM skimming operation, has developed a device that he says can prevent ATMs from succumbing to skimming devices.......

The US Defense Department has approved Apple iOS for use to connect to DOD networks.......

A future stable version of Firefox will block mixed active content by default.......

Four US legislators have introduced a bill that would require federal agencies to obtain a court order prior to obtaining phone records.......

Sites that use proxies to allow access via IPv6 may find themselves dealing with two different certificates, both of which must be valid.......

SANSFIRE 2011

LinuxSecurity.com: Ilja van Sprundel of IOActive discovered several security issues in multiple components of the X.org graphics stack and the related libraries: Various integer overflows, sign handling errors in integer conversions, buffer overflows, memory corruption and missing input [More...]

This post by Aleatha Parker-Wood is very applicable to the things I wrote in Liars & Outliers: A lot of fundamental social problems can be modeled as a disconnection between people who believe (correctly or incorrectly) that they are playing a non-iterated game (in the game theory sense of the word), and people who believe that (correctly or incorrectly) that...

LinuxSecurity.com: The Red Hat Enterprise Linux 6.4 KVM Guest Image for cloud instances had an empty root password by default. The Red Hat Security Response Team has rated this update as having [More...]

LinuxSecurity.com: The bane of the computer security world is how long it takes to recognize and respond to new attack paradigms. Name a major threat -- the boot virus, macro virus, email attachment, or Web JavaScript redirect -- and it seems to take years to respond adequately.

LinuxSecurity.com: Call it security through absurdity: a pair of telecom firms have branded reporters for Scripps News as "hackers" after they discovered the personal data of over 170,000 customers -- including social security numbers and other identifying data that could be used for identity theft -- sitting on a publicly accessible server.

This 127-page report was just published by the UK Defence Academy. I have not read it yet, but it looks really interesting. Executive Summary: This report presents a systematic way of thinking about cyberpower and its use by a variety of global players. The urgency of addressing cyberpower in this way is a consequence of the very high value of...

LinuxSecurity.com: Adam Nowacki discovered that the new FreeBSD NFS implementation processes a crafted READDIR request which instructs to operate a file system on a file node as if it were a directory node, leading to a kernel crash or potentially arbitrary code execution. [More...]

LinuxSecurity.com: Multiple vulnerabilities have been discovered in Request Tracker, an extensible trouble-ticket tracking system. The Common Vulnerabilities and Exposures project identifies the following problems: [More...]