Date: 06/24/05 (IT Professionals)    Keywords: security

theSummit 2005 - Thursday July 28, 2005 - Las Vegas


At the end of Black Hat and the beginning of DEFCON this year is theSummit 2005 - bringing together DEFCON & Black Hat speakers from past/present, as well as well known names in the computer security world. We all come together in a small, private venue for the evening summit to meet and discuss the important topics and socialize.

Note that there will be no more than 200 tickets sold (including featured guests), and all proceeds go to the Electronic Frontier Foundation [http://www.eff.org] with the sponsor covering event overhead.

theSummit is our gathering of BlackHat / DefCon speakers and big thinkers in the Information Security realm. Anyone interested in supporting the EFF, are highly encouraged to attend; meet with fellow Information security professionals, and talk with big thinkers from the Information security world in a more private and informal setting. Too many times people want to ask questions, or have ideas that cannot make it to the big thinkers. This is either because of time conflicts or they are nervous to come up and talk. This event plans to pull out the stops, and allow the free form of conversation to flow.

The Electronic Frontier Foundation [http://www.eff.org] is a nonprofit group of passionate people — lawyers, technologists, volunteers, and visionaries — working to protect our digital rights.

Where: Ice House Lounge, 650 S. Main Street, Las Vegas, Nevada
When: Thursday July 28, 2005, 9:00PM - 12:00AM
Tickets: $30 (pre-sale) $40 (at the door, if available)
All Ages welcomed!

For more information, and to purchase tickets for the event:
http://www.dc702summit.org/home/

Event is sponsored by the Hackajar Foundation, and by the members of DEFCON 702.

We all hope to see you there!

Source: http://www.livejournal.com/community/itprofessionals/14486.html

Date: 06/24/05 (Security)    Keywords: security

Vote paves the way to the $13.5 billion purchase of the storage maker by the security giant.

Source: http://news.zdnet.com/Symantec+investors+give+OK+to+Veritas+deal/2100-1009_22-5760932.html?part=rss&tag=feed&subj=zdnn

Date: 06/29/05 (Security)    Keywords: software, security

New pest, which poses as a breaking news alert about the death of John Paul II among other guises, can disable security software.

Source: http://news.zdnet.com/Worm+baits+hook+with+hints+of+Pope+plot/2100-1009_22-5767058.html?part=rss&tag=feed&subj=zdnn

Date: 06/29/05 (Security)    Keywords: security

The Indian prime minister has asked for changes in cybersecurity laws, after allegations of a call center data breach.

Source: http://news.zdnet.com/India+to+tighten+data+protection+laws/2100-1009_22-5768412.html?part=rss&tag=feed&subj=zdnn

Date: 06/30/05 (Java Web)    Keywords: php, security

WordPress developers have posted yet another "security" upgrade. Again, as always, you have to delete everything (except wp-content/ and config.php) and re-install from scratch. If you are, like me, tired of these frequent upgrades (after having finally upgraded to 1.5.1.2) then this patch is for you. With this little patch (24K zipped) (assuming you are [...]

Source: http://blog.taragana.com/index.php/archive/wordpress-patch-upgrade-from-1512-to-1512-made-available/

Date: 06/30/05 (Security)    Keywords: security

Far-reaching bill would hit corporate data-security practices with an avalanche of new rules and stiff penalties for information burglars.

Source: http://news.zdnet.com/Senators+propose+sweeping+data-security+bill/2100-1009_22-5769156.html?part=rss&tag=feed&subj=zdnn

Date: 07/01/05 (Security)    Keywords: software, security

Software giant issues security advisory after a research firm publishes a working exploit of the vulnerability.

Source: http://news.zdnet.com/Microsoft+warns+of+unpatched+IE+flaw/2100-1009_22-5771759.html?part=rss&tag=feed&subj=zdnn

Date: 07/01/05 (Computer Geeks)    Keywords: security, microsoft

Get Windows XP Service Pack 2 on a CD.

http://www.microsoft.com/athome/security/protect/windowsxp/choose.mspx

1/2 way down the page is a link to "order a CD"
good to update off line or w a 56K modem box.
.

Source: http://www.livejournal.com/community/computergeeks/715247.html

Date: 07/05/05 (Java Web)    Keywords: cms, blogging, security, web

WordPress is a very popular personal publishing platform aka blogging platform (with a primitive CMS) in use all over the web. There are a number of serious security vulnerabilities in WordPress that may allow an attacker to ultimately run arbitrary code on the vulnerable system. Unfortunately the authors believe in security-by-obscurity. Here are the [...]

Source: http://blog.taragana.com/index.php/archive/serious-security-vulnerabilities-of-wordpress-1512-and-below/

Date: 07/07/05 (Security)    Keywords: browser, security, web

Code that takes advantage of a security hole in older versions of the open-source Web browser could help an attacker take control of PCs.

Source: http://news.zdnet.com/Exploit+heightens+risk+from+old+Firefox+flaw/2100-1009_22-5776978.html?part=rss&tag=feed&subj=zdnn

Date: 07/07/05 (Security)    Keywords: security

Updated complaint also says MasterCard, Visa should have known that payment processor CardSystems had failed security audits.

Source: http://news.zdnet.com/Credit+card+suit+now+seeks+damages/2100-1009_22-5777818.html?part=rss&tag=feed&subj=zdnn

Date: 07/08/05 (Security)    Keywords: security

Thousands of copies of two new Trojans have been detected trying to enter networks worldwide, a security company warns.

Source: http://news.zdnet.com/Trojan+horses+gallop+into+networks/2100-1009_22-5778716.html?part=rss&tag=feed&subj=zdnn

Date: 07/07/05 (Security)    Keywords: security, microsoft

Microsoft plans to issue three security alerts next week, two for its operating system and one for its Office productivity suite.

Source: http://news.zdnet.com/Critical+fixes+for+Windows%2C+Office+coming/2100-1009_22-5778406.html?part=rss&tag=feed&subj=zdnn

Date: 07/08/05 (Java Web)    Keywords: php, software, java, security

After recent reports of several critical security vulnerabilities of PHP based software. I decided to take a closer look at the current state of security with PHP based products. A casual search at Secunia revealed 1599 Secunia Security Advisories. In contrast Java has 225 security vulnerabilities and much younger .NET platform has 827. PHP based products has [...]

Source: http://blog.taragana.com/index.php/archive/is-php-secure/

Date: 07/11/05 (Security)    Keywords: security

Security group says law may lead to a "compliance-based approach rather than a risk-based approach," compromising information security.

Source: http://news.zdnet.com/Report%3A+Sarbanes-Oxley+could+threaten+security/2100-1009_22-5783472.html?part=rss&tag=feed&subj=zdnn

Date: 07/11/05 (Security)    Keywords: security

But some security firms aren't celebrating--for 20 years, Phrack gave them an insight into how hackers' minds were working.

Source: http://news.zdnet.com/Long-lived+hacker+mag+shuts+down/2100-1009_22-5783383.html?part=rss&tag=feed&subj=zdnn

Date: 07/13/05 (Security)    Keywords: browser, security

Mozilla fixes several security flaws in the open-source browser, but is still mum on what some of the problems are.

Source: http://news.zdnet.com/Firefox+update+squashes+security+bugs/2100-1009_22-5785672.html?part=rss&tag=feed&subj=zdnn

Date: 07/13/05 (Security)    Keywords: security, microsoft

Microsoft issues three "critical" security alerts and warns that miscreants are already exploiting two holes in Windows.

Source: http://news.zdnet.com/PCs+falling+victim+to+Windows+flaws/2100-1009_22-5785181.html?part=rss&tag=feed&subj=zdnn

Date: 07/12/05 (Security)    Keywords: security

Commentary--Workshare CEO Joe Fantuzzi says a run of security leaks around e-documents is part of a worrisome trend.

Source: http://news.zdnet.com/Document+security%3F+It%27s+a+joke/2100-1009_22-5785187.html?part=rss&tag=feed&subj=zdnn

Date: 07/13/05 (Security)    Keywords: security

New official in the Department of Homeland Security will lead the fight against "cyber and telecommunications attacks."

Source: http://news.zdnet.com/Feds+create+new+post+of+cybersecurity+czar/2100-1009_22-5787086.html?part=rss&tag=feed&subj=zdnn