| | Vulnerabilities & Patche | Siemens SCADA vulnerabilities, the complete story, patch available next month | New Zero-Day Critical Vulnerability in Windows 7 64 bit | Firefox 9 released, fixing several vulnerabilities | Memory Corruption Vulnerability in Kaspersky 2011/2012 Products | FreeBSD patches 5 vulnerabilities, including critical remotely exploited telnet vulnerability, actively exploited in the wild | HP LaserJet Firmware Update Now Available | Multiple WatchGuard Log and Report Manager Vulnerabilities | Multiple XSS vulnerabilities in PhpMyadmin | | | | | | | | | Cyber Crime & Incidents | Stratfor, a global intelligence company, hacked by Anonymous, 200GB Of Emails, 90K credit cards stolen, and client list released | Anonymous takes down Egyptian Websites | Oracle Solaris 11 Kernel Source-Code Leaked | Romanian hacker managed to steel $3 million from 800K credit cards by hacking POS systems in small retailers including Subway restaurants | Russian Hackers Crash Site Promoting Putin's Election Web Cameras | China Software Developer Network (CSDN) 6 Million user data Leaked | Amnesty International‘s UK website hacked, serving malware | Philippines Ecosystems Research and Development Bureau hacked, database dump posted online | TRION Worlds, gaming company, hacked, personal information stolen | | | | | | | | | Threats | OpGodaddy started, Godaddy lost more than 21K domains in few days as a reaction of supporting US SOPA (Stop Online Piracy Act), a complete list of supporters released for boycott and hack | Using Facebook as a proxy | Time-Based Blind NoSQL Injection | Android Trojan Spreads Message of Revolution | Fortinet 2012 Threat Predections | No-permission Android App Gives Remote Shell | Abusing PHP setting to inject malicious code into websites | Dump Windows password hashes | post-XSS world | Bitcoin miner used with SEO Poisoning Campaign | A look at Scan4You. net: a VirusTotal for criminals | he Online Currency Wars are coming | | | | | | | | | Tools | Password Security Scanner, scans the passwords stored by popular Windows applications (Outlook, IE, Firefox, etc..) and displays security information about all these passwords | Data Breach Risk Calculator | MySQLPasswordAuditor, Free MySQL Audit/Password Recovery & Cracking Tool | Xplico, Network Forensics Tool, extract application data from network traffic | TestSecure, Open Source Secure SMS Application for Android | pfSense, open source customized FreeBSD tailored for use as a firewall and router | Ghost-phisher, GUI suite for phishing and penetration attacks | List of AJAX Crawling Tools | Honeymail, email forwarding service that tracks violation of email privacy from 3rd parties | | | | | | | | | Reports | Protecting Industrial Control Systems, recommendations for Europe and Member States, ENISA | Cyber Security Aspects in The Maritime Sector, ENISA | CERT Operational Gaps and Overlaps, ENISA | Security Suites, Dynamic Protection comparison Report | Economics of Security, ENISA | | | | | | | | | Papers | DDOS Basics | Industrial Automation Security in Fieldbus and Field Device Level | Computing On Encrypted Databases Without Ever Decrypting Them | Hardware Involved Software Attacks | TOR instead of IP | | | | | | | | | Books and Magazines | ClubHack Magazine, December issue | DRI Thrive Magazine | | | | | | | | | How To | How To Completely Wipe / Erase Hard Disk Drive | Visualizing Twitter data using twitter API | Hunting malware with volatility v2.0 | How To Avoid The Most Common And Dangerous Passwords, Infographic | Forensics, String Searching and File Carving using srch_strings_wrap | | | | | | |
|