Welcome to the Hostsplus Security Information Center
Welcome to the HostsPlus Security Information Center.
This is a portal site created by HostsPlus to enable our clients and other interested parties to learn more about Information Security.
>rss version="2.0">
>channel>
>title>Bugtraq>/title>
>link>http://seclists.org/#bugtraq>/link>
>description>The premier general security mailing list. Vulnerabilities are often announced here first, so check frequently!>/description>
>item>
>title>Re: Samba Remote Zero-Day Exploit>/title>
>link>http://seclists.org/bugtraq/2010/Feb/86>/link>
>description><p>Posted by Kingcope on Feb 08</p>Hello Paul,<br>
only allow...<br>>/description>
>/item>
>item>
>title>RE: Samba Remote Zero-Day Exploit>/title>
>link>http://seclists.org/bugtraq/2010/Feb/85>/link>
>description><p>Posted by Michael Wojcik on Feb 08</p>symlinks<br>
can see some of the differences...<br>>/description>
>/item>
>item>
>title>Re: Samba Remote Zero-Day Exploit>/title>
>link>http://seclists.org/bugtraq/2010/Feb/84>/link>
>description><p>Posted by paul . szabo on Feb 08</p>Dear Kingcope,<br>
The "problem" at your installation seems a...<br>>/description>
>/item>
>item>
>title>[security bulletin] HPSBUX02503 SSRT100019 rev.1 - HP-UX Running Java, Remote Increase in Privilege, Denial of Service and Other>/title>
>link>http://seclists.org/bugtraq/2010/Feb/83>/link>
>description><p>Posted by security-alert on Feb 08</p>SUPPORT COMMUNICATION - SECURITY BULLETIN<br>
Potential Security Impact: Remote Increase in privilege, Denial of Service and other vulnerabilities...<br>>/description>
>/item>
>item>
>title>[security bulletin] HPSBMA02487 SSRT100024 rev.1 - HP Operations Agent Running on Solaris 10, Remote Unauthorized Access>/title>
>link>http://seclists.org/bugtraq/2010/Feb/82>/link>
>description><p>Posted by security-alert on Feb 08</p>SUPPORT COMMUNICATION - SECURITY BULLETIN<br>
Source: Hewlett-Packard Company, HP Software Security Response Team...<br>>/description>
>/item>
>item>
>title>[ MDVSA-2010:034 ] kernel>/title>
>link>http://seclists.org/bugtraq/2010/Feb/81>/link>
>description><p>Posted by security on Feb 08</p> _______________________________________________________________________<br>
Some...<br>>/description>
>/item>
>item>
>title>Re: [Full-disclosure] Samba Remote Zero-Day Exploit>/title>
>link>http://seclists.org/bugtraq/2010/Feb/80>/link>
>description><p>Posted by Thierry Zoller on Feb 08</p><a rel="nofollow" href="http://blog.metasploit.com/2010/02/exploiting-samba-symlink-traversal.html">http://blog.metasploit.com/2010/02/exploiting-samba-symlink-traversal.html</a><br>>/description>
>/item>
>item>
>title>Re: [Full-disclosure] Samba Remote Zero-Day Exploit>/title>
>link>http://seclists.org/bugtraq/2010/Feb/79>/link>
>description><p>Posted by Thierry Zoller on Feb 08</p>Hi Paul,<br>
will you scream "misconfiguration!" ? Of course you could disable...<br>>/description>
>/item>
>item>
>title>Re: Samba Remote Zero-Day Exploit>/title>
>link>http://seclists.org/bugtraq/2010/Feb/78>/link>
>description><p>Posted by Dan Kaminsky on Feb 08</p>On Feb 6, 2010, at 5:26 PM, "Stefan Kanthak" <stefan.kanthak () nexgo de> <br>
Really? Try. Especially remotely over SMB w/o remote interactive.<br>>/description>
>/item>
>item>
>title>Re: Samba Remote Zero-Day Exploit>/title>
>link>http://seclists.org/bugtraq/2010/Feb/77>/link>
>description><p>Posted by paul . szabo on Feb 08</p>Dear Kingcope,<br>
Paul Szabo psz () maths usyd edu au...<br>>/description>
>/item>
>item>
>title>[MajorSecurity Advisory #65]Motorola Milestone Smartphone Denial of Service>/title>
>link>http://seclists.org/bugtraq/2010/Feb/76>/link>
>description><p>Posted by david on Feb 08</p>[MajorSecurity Advisory #65]Motorola Milestone Smartphone Denial of Service<br>
Motorola Milestone(Droid) smartphone Browser...<br>>/description>
>/item>
>item>
>title>mongoose Space Character Remote File Disclosure Vulnerability>/title>
>link>http://seclists.org/bugtraq/2010/Feb/75>/link>
>description><p>Posted by info on Feb 08</p>#################################################################<br>
# Risk: Medium...<br>>/description>
>/item>
>item>
>title>LDF (Default.asp) Sql Injection Vulnerability>/title>
>link>http://seclists.org/bugtraq/2010/Feb/74>/link>
>description><p>Posted by Arash . Setayeshi on Feb 08</p>Product : LDF <br>
<a rel="nofollow" href="http://www.example.com/[ldf">http://www.example.com/[ldf</a> path]/default.asp?page=[SQL COMMAND]<br>>/description>
>/item>
>item>
>title>Re: Samba Remote Zero-Day Exploit>/title>
>link>http://seclists.org/bugtraq/2010/Feb/73>/link>
>description><p>Posted by Stefan Kanthak on Feb 08</p>Dan Kaminsky wrote:<br>
arbitrary local directory...<br>>/description>
>/item>
>item>
>title>Re: [Full-disclosure] Samba Remote Zero-Day Exploit>/title>
>link>http://seclists.org/bugtraq/2010/Feb/72>/link>
>description><p>Posted by paul . szabo on Feb 08</p>Dear Thierry,<br>
School of Mathematics and Statistics University of...<br>>/description>
>/item>
>/channel>
>/rss>
>rss version="2.0">
>channel>
>title>Daily Dave>/title>
>link>http://seclists.org/#dailydave>/link>
>description>This technical discussion list covers vulnerability research, exploit development, and security events/gossip. It was started by <a href="http://www.immunitysec.com/">ImmunitySec</a> founder Dave Aitel and many security luminaries participate. Many posts simply advertise Immunity products, but you can't really fault Dave for being self-promotional on a list named DailyDave.>/description>
>item>
>title>Kernel bugs!>/title>
>link>http://seclists.org/dailydave/2010/q1/54>/link>
>description><p>Posted by dave on Feb 05</p>So I remember when one of the major kernel remote in Windows came out,<br>
any time soon. In light of that,...<br>>/description>
>/item>
>item>
>title>Re: ASLR+DEP = no problem. :>>/title>
>link>http://seclists.org/dailydave/2010/q1/53>/link>
>description><p>Posted by Michal Zalewski on Feb 05</p>I propose antivirus scanning.<br>
/mz<br>>/description>
>/item>
>item>
>title>Re: ASLR+DEP = no problem. :>>/title>
>link>http://seclists.org/dailydave/2010/q1/52>/link>
>description><p>Posted by Larry Seltzer on Feb 05</p>First, it looks like insulting others is common, if not mandatory<br>
My...<br>>/description>
>/item>
>item>
>title>Re: ASLR+DEP = no problem. :>>/title>
>link>http://seclists.org/dailydave/2010/q1/51>/link>
>description><p>Posted by Berend-Jan Wever on Feb 05</p>The way I see it DEP+ASLR tries to take the executability of controllable<br>
a large number of executable bytes with predictable...<br>>/description>
>/item>
>item>
>title>Re: ASLR+DEP = no problem. :>>/title>
>link>http://seclists.org/dailydave/2010/q1/50>/link>
>description><p>Posted by Nate Lawson on Feb 05</p>Alexander Sotirov wrote:<br>
code with embedded self-checks, now it starts getting harder to...<br>>/description>
>/item>
>item>
>title>Recon Call for Papers - July 9-11 2010>/title>
>link>http://seclists.org/dailydave/2010/q1/49>/link>
>description><p>Posted by Hugo Fortier on Feb 05</p>/*<br>
_=. .:. /=\ _|===|_...<br>>/description>
>/item>
>item>
>title>Re: ASLR+DEP = no problem. :>>/title>
>link>http://seclists.org/dailydave/2010/q1/48>/link>
>description><p>Posted by pageexec on Feb 04</p>it is a bug to enter a generated insn stream at a non-insn boundary.<br>
it's also fixable (SFI/CFI et al.).<br>>/description>
>/item>
>item>
>title>Re: ASLR+DEP = no problem. :>>/title>
>link>http://seclists.org/dailydave/2010/q1/47>/link>
>description><p>Posted by Sergio 'shadown' Alvarez on Feb 04</p>Thierry,<br>
on your interpretation...<br>>/description>
>/item>
>item>
>title>Re: ASLR+DEP = no problem. :>>/title>
>link>http://seclists.org/dailydave/2010/q1/46>/link>
>description><p>Posted by Alexander Sotirov on Feb 04</p>Are you making the claim that JIT spraying can be stopped by redesigning the<br>
Alex<br>>/description>
>/item>
>item>
>title>Re: ASLR+DEP = no problem. :>>/title>
>link>http://seclists.org/dailydave/2010/q1/45>/link>
>description><p>Posted by Matthew Wollenweber on Feb 04</p>I saw the talk and I'm not sure how exactly you easily fix the problem. The<br>
The most common attack vectors (IMO) appear to be PDFs and IE. Adobe...<br>>/description>
>/item>
>item>
>title>Re: ASLR+DEP = no problem. :>>/title>
>link>http://seclists.org/dailydave/2010/q1/44>/link>
>description><p>Posted by dave on Feb 04</p>I know I'm annoying Spender by even replying, but this sort of thing is<br>
At that point you basically have "Determina" and you take a...<br>>/description>
>/item>
>item>
>title>Re: ASLR+DEP = no problem. :>>/title>
>link>http://seclists.org/dailydave/2010/q1/43>/link>
>description><p>Posted by Thierry Zoller on Feb 04</p>Hi,<br>
JIT.<br>>/description>
>/item>
>item>
>title>Re: ASLR+DEP = no problem. :>>/title>
>link>http://seclists.org/dailydave/2010/q1/42>/link>
>description><p>Posted by Moshe Ben Abu on Feb 04</p>Yep, I agree with Thierry, once the technique will be fixed - ASLR+DEP = big<br>
got DEP and ASLR enabled too...<br>>/description>
>/item>
>item>
>title>Re: ASLR+DEP = no problem. :>>/title>
>link>http://seclists.org/dailydave/2010/q1/41>/link>
>description><p>Posted by Thierry Zoller on Feb 04</p>Hi,<br>
the oddities and ASLR/DEP are back again.<br>>/description>
>/item>
>item>
>title>ASLR+DEP = no problem. :>>/title>
>link>http://seclists.org/dailydave/2010/q1/40>/link>
>description><p>Posted by dave on Feb 03</p>Not so long ago, ASLR and DEP were gaining wide acceptance. Execshield<br>
interfaces between components, not the...<br>>/description>
>/item>
>/channel>
>/rss>
>rss version="2.0">
>channel>
>title>Firewall Wizards>/title>
>link>http://seclists.org/#firewall-wizards>/link>
>description>Tips and tricks for firewall administrators>/description>
>item>
>title>Draft paper submission deadline is extended: ISP-10>/title>
>link>http://seclists.org/firewall-wizards/2010/Feb/1>/link>
>description><p>Posted by James Heralds on Feb 05</p>Draft paper submission deadline is extended: ISP-10<br>
The conference will be held at the same time and location where...<br>>/description>
>/item>
>item>
>title>Hackito Ergo Sum 2010 - Call For Paper - HES2010 CFP>/title>
>link>http://seclists.org/firewall-wizards/2010/Feb/0>/link>
>description><p>Posted by endrazine on Feb 04</p>Hackito Ergo Sum 2010 - Call For Paper - HES2010 CFP<br>
The goal of this...<br>>/description>
>/item>
>item>
>title>Re: Is it possible to control access between clients on same LAN with a firewall?>/title>
>link>http://seclists.org/firewall-wizards/2010/Jan/37>/link>
>description><p>Posted by pkc_mls on Jan 28</p>William Fitzgerald a écrit :<br>
on the LAN.<br>>/description>
>/item>
>item>
>title>Re: Is it possible to control access between clients on same LAN with a firewall?>/title>
>link>http://seclists.org/firewall-wizards/2010/Jan/36>/link>
>description><p>Posted by Paul D. Robertson on Jan 27</p>I'm going to give you the non-firewall, imperfect but quick and easy <br>
the "internal" network on the router....<br>>/description>
>/item>
>item>
>title>Re: Is it possible to control access between clients on same LAN with a firewall?>/title>
>link>http://seclists.org/firewall-wizards/2010/Jan/35>/link>
>description><p>Posted by William Fitzgerald on Jan 27</p>Hi everyone,<br>
Pete.LeMay wrote:<br>>/description>
>/item>
>item>
>title>Re: Is it possible to control access between clients on same LAN with a firewall?>/title>
>link>http://seclists.org/firewall-wizards/2010/Jan/34>/link>
>description><p>Posted by Will Brickles on Jan 27</p>Using DD-WRT, what comes to mind immediately is to put your devices into separate VLANs and then use iptables to <br>
Using other (much more...<br>>/description>
>/item>
>item>
>title>Re: Is it possible to control access between clients on same LAN with a firewall?>/title>
>link>http://seclists.org/firewall-wizards/2010/Jan/33>/link>
>description><p>Posted by K K on Jan 27</p>Yes.<br>
Kevin<br>>/description>
>/item>
>item>
>title>Re: Is it possible to control access between clients on same LAN with a firewall?>/title>
>link>http://seclists.org/firewall-wizards/2010/Jan/32>/link>
>description><p>Posted by Paul Melson on Jan 26</p>With DD-WRT you can assign a different VLAN to each interface of the<br>
connected to that switch from each...<br>>/description>
>/item>
>item>
>title>Re: Is it possible to control access between clients on same LAN with a firewall?>/title>
>link>http://seclists.org/firewall-wizards/2010/Jan/31>/link>
>description><p>Posted by Mark on Jan 26</p>Will:<br>
firewall filter the traffic, in essence you would be creating a...<br>>/description>
>/item>
>item>
>title>Re: Is it possible to control access between clients on same LAN with a firewall?>/title>
>link>http://seclists.org/firewall-wizards/2010/Jan/30>/link>
>description><p>Posted by Eric Gearhart on Jan 26</p>You sound like you might already know this, but I may as well<br>
separate...<br>>/description>
>/item>
>item>
>title>Re: Is it possible to control access between clients on same LAN with a firewall?>/title>
>link>http://seclists.org/firewall-wizards/2010/Jan/29>/link>
>description><p>Posted by arvind doraiswamy on Jan 26</p>VLAN's on L3 switches is what instantly springs to mind. Alternatively<br>
firewall which can be on another network (172.16.3.1) - one port...<br>>/description>
>/item>
>item>
>title>Is it possible to control access between clients on same LAN with a firewall?>/title>
>link>http://seclists.org/firewall-wizards/2010/Jan/28>/link>
>description><p>Posted by William Fitzgerald on Jan 25</p>Dear all,<br>
network, the firewall will not protect machines behind the...<br>>/description>
>/item>
>item>
>title>Re: Juniper NSM and secure log forwarding>/title>
>link>http://seclists.org/firewall-wizards/2010/Jan/27>/link>
>description><p>Posted by Trey Darley on Jan 20</p>Thanks, Jon. I'll just pipe it via stunnel.<br>
--Trey<br>>/description>
>/item>
>item>
>title>Re: Juniper NSM and secure log forwarding>/title>
>link>http://seclists.org/firewall-wizards/2010/Jan/26>/link>
>description><p>Posted by Jon on Jan 20</p>Trey,<br>
Jon<br>>/description>
>/item>
>item>
>title>Re: Juniper NSM and secure log forwarding>/title>
>link>http://seclists.org/firewall-wizards/2010/Jan/25>/link>
>description><p>Posted by Trey Darley on Jan 19</p>Hi, Jon -<br>
missed somewhere along the way or do I need to roll my own...<br>>/description>
>/item>
>/channel>
>/rss>
>rss version="2.0">
>channel>
>title>IDS Focus>/title>
>link>http://seclists.org/#focus-ids>/link>
>description>Technical discussion about Intrusion Detection Systems. You can also read the archives of a <A HREF="http://seclists.org/ids/">previous IDS list</A>>/description>
>item>
>title>CFP: Workshop on the Analysis of System Logs>/title>
>link>http://seclists.org/focus-ids/2010/Feb/0>/link>
>description><p>Posted by Kathryn Mohror on Feb 05</p> Workshop on the Analysis of System Logs (WASL) 2010<br>
AUTHOR...<br>>/description>
>/item>
>item>
>title>CfP DIMVA 2010 - Detection of Intrusions and Malware & Vulnerability Assessment (2 Week Notice)>/title>
>link>http://seclists.org/focus-ids/2010/Jan/0>/link>
>description><p>Posted by Sebastian Schmerl on Jan 22</p>Hello List-Member,<br>
Sebastian Schmerl<br>>/description>
>/item>
>/channel>
>/rss>
>rss version="2.0">
>channel>
>title>Full Disclosure>/title>
>link>http://seclists.org/#fulldisclosure>/link>
>description>An unmoderated high-traffic forum for disclosure of security information. Fresh vulnerabilities sometimes hit this list many hours before they pass through the Bugtraq moderation queue. The relaxed atmosphere of this quirky list provides some comic relief and certain industry gossip. Unfortunately 80% of the posts are worthless drivel, so finding the gems takes patience.>/description>
>item>
>title>[ MDVSA-2010:034 ] kernel>/title>
>link>http://seclists.org/fulldisclosure/2010/Feb/135>/link>
>description><p>Posted by security on Feb 08</p> _______________________________________________________________________<br>
Some...<br>>/description>
>/item>
>item>
>title>Re: about jit and dep+aslr>/title>
>link>http://seclists.org/fulldisclosure/2010/Feb/134>/link>
>description><p>Posted by Christian Sciberras on Feb 08</p>That's a Google feature!! (remembering the Google<->China issue ;) )<br>
2010/2/8 Thor (Hammer of God) <Thor () hammerofgod com>:<br>>/description>
>/item>
>item>
>title>Re: about jit and dep+aslr>/title>
>link>http://seclists.org/fulldisclosure/2010/Feb/133>/link>
>description><p>Posted by Thor (Hammer of God) on Feb 08</p>Well, *I* made the mistake of trying to be witty with one of those "google translate" Chinese tags and it didn't go so <br>
t<br>>/description>
>/item>
>item>
>title>Re: about jit and dep+aslr>/title>
>link>http://seclists.org/fulldisclosure/2010/Feb/132>/link>
>description><p>Posted by Christian Sciberras on Feb 08</p>Is it so difficult to do some translation prior, just as Larry did?<br>
2010/2/8 Larry Seltzer <larry () larryseltzer com>:<br>>/description>
>/item>
>item>
>title>Re: about jit and dep+aslr>/title>
>link>http://seclists.org/fulldisclosure/2010/Feb/131>/link>
>description><p>Posted by Larry Seltzer on Feb 08</p>Google translates this as “Sun your mother!”<br>
Subject: Re: [Full-disclosure]...<br>>/description>
>/item>
>item>
>title>Re: about jit and dep+aslr>/title>
>link>http://seclists.org/fulldisclosure/2010/Feb/130>/link>
>description><p>Posted by yuange on Feb 08</p> 太阳你妈妈!<br>
My native language is not...<br>>/description>
>/item>
>item>
>title>[Hacking Event] Night Da Hack 2010 : Call For Proposals>/title>
>link>http://seclists.org/fulldisclosure/2010/Feb/129>/link>
>description><p>Posted by m . mahdjoub on Feb 08</p>- Night Da Hack 2010<br>
Around computer security related talks, workshops and contests, Night da Hack aims at bringing...<br>>/description>
>/item>
>item>
>title>CORELAN-10-010 - GeFest Web HomeServer v1.0 Remote Directory Traversal Vulnerability>/title>
>link>http://seclists.org/fulldisclosure/2010/Feb/128>/link>
>description><p>Posted by Security on Feb 08</p>|------------------------------------------------------------------|<br>
|...<br>>/description>
>/item>
>item>
>title>Re: Samba Remote Zero-Day Exploit>/title>
>link>http://seclists.org/fulldisclosure/2010/Feb/127>/link>
>description><p>Posted by Stefan Kanthak on Feb 08</p>Dan Kaminsky wrote on February 06, 2010 6:43 PM:<br>
Stefan<br>>/description>
>/item>
>item>
>title>The true power of cache>/title>
>link>http://seclists.org/fulldisclosure/2010/Feb/126>/link>
>description><p>Posted by MustLive on Feb 08</p>Hello participants of Full-Disclosure!<br>
2. Search for vulnerabilities of the site in snippet....<br>>/description>
>/item>
>item>
>title>Vulnerability in Tagcloud for DataLife Engine>/title>
>link>http://seclists.org/fulldisclosure/2010/Feb/125>/link>
>description><p>Posted by MustLive on Feb 08</p>Hello Full-Disclosure!<br>
(...<br>>/description>
>/item>
>item>
>title>XSS vulnerability in NEW orkut.>/title>
>link>http://seclists.org/fulldisclosure/2010/Feb/124>/link>
>description><p>Posted by sachin shinde on Feb 08</p>hi,<br>
regards,<br>>/description>
>/item>
>item>
>title>JDownloader Remote Code Execution>/title>
>link>http://seclists.org/fulldisclosure/2010/Feb/123>/link>
>description><p>Posted by Matthias -apoc- Hecker on Feb 08</p>-- Product<br>
localhost port 9666 (default port,...<br>>/description>
>/item>
>item>
>title>Re: about jit and dep+aslr>/title>
>link>http://seclists.org/fulldisclosure/2010/Feb/122>/link>
>description><p>Posted by Jubei Trippataka on Feb 07</p>No u.<br>
2010/2/5 Charles Skoglund <charles.skoglund () bitsec se><br>>/description>
>/item>
>item>
>title>Re: anybody know good service for cracking>/title>
>link>http://seclists.org/fulldisclosure/2010/Feb/121>/link>
>description><p>Posted by Beatyou Man on Feb 06</p>hi,<br>
Hosted and sponsored by Secunia - <a rel="nofollow" href="http://secunia.com/">http://secunia.com/</a><br>>/description>
>/item>
>/channel>
>/rss>
>rss version="2.0">
>channel>
>title>Honeypots>/title>
>link>http://seclists.org/#honeypots>/link>
>description>Discussions about tracking attackers by setting up decoy honeypots or entire <A HREF="http://www.honeynet.org">honeynet</A> networks.>/description>
>/channel>
>/rss>
>rss version="2.0">
>channel>
>title>Incidents>/title>
>link>http://seclists.org/#incidents>/link>
>description>Lightly moderated list for dicussing actual security incidents (unexplained probes, breakins, etc). Topics include information about new rootkits, backdoors, trojans, virii, and worms.>/description>
>/channel>
>/rss>
>rss version="2.0">
>channel>
>title>[ISN] InfoSec News Mailing List>/title>
>link>http://www.infosecnews.org/mailman/listinfo/isn>/link>
>description>InfoSecNews>/description>
>item>
>title>BlackBerry has spyware risk too, researcher says>/title>
>link>http://www.infosecnews.org/pipermail/isn/2010-February/018747.html>/link>
>description>InfoSec News: BlackBerry has spyware risk too, researcher says: http://news.cnet.com/8301-27080_3-10448545-245.html
>/description>
>/item>
>item>
>title>IDF considers using BlackBerry>/title>
>link>http://www.infosecnews.org/pipermail/isn/2010-February/018746.html>/link>
>description>InfoSec News: IDF considers using BlackBerry: http://www.jpost.com/Israel/Article.aspx?id=167988
as it is not secure. [...]>/description>
>/item>
>item>
>title>Why CSOs Should Care About ShmooCon>/title>
>link>http://www.infosecnews.org/pipermail/isn/2010-February/018745.html>/link>
>description>InfoSec News: Why CSOs Should Care About ShmooCon: http://www.csoonline.com/article/533363/Why_CSOs_Should_Care_About_ShmooCon_
importance. You don't see the suits and ties that are on display at RSA. [...]>/description>
>/item>
>item>
>title>Biggest hacker training site shut down>/title>
>link>http://www.infosecnews.org/pipermail/isn/2010-February/018744.html>/link>
>description>InfoSec News: Biggest hacker training site shut down: http://www.chinadaily.com.cn/china/2010-02/08/content_9440667.htm
Three people were also arrested, local media reported yesterday. [...]>/description>
>/item>
>item>
>title>CSIIRW Sixth Cyber Security and Information Intelligence Research Workshop>/title>
>link>http://www.infosecnews.org/pipermail/isn/2010-February/018743.html>/link>
>description>InfoSec News: CSIIRW Sixth Cyber Security and Information Intelligence Research Workshop: Forwarded from: Frederick Sheldon <sheldonft (at) ornl.gov>
*My Apology for multiple postings; [...]>/description>
>/item>
>item>
>title>GAO Report: NASA Still Facing Weaknesses In IT Security>/title>
>link>http://www.infosecnews.org/pipermail/isn/2010-February/018742.html>/link>
>description>InfoSec News: GAO Report: NASA Still Facing Weaknesses In IT Security: http://www.darkreading.com/vulnerability_management/security/management/showArticle.jhtml?articleID=222700163
Pluto. Here on Earth, however, it's the space agency's IT systems and [...]>/description>
>/item>
>item>
>title>Secunia Weekly Summary - Issue: 2010-05>/title>
>link>http://www.infosecnews.org/pipermail/isn/2010-February/018741.html>/link>
>description>InfoSec News: Secunia Weekly Summary - Issue: 2010-05: ========================================================================
[...]>/description>
>/item>
>item>
>title>Fugitive VoIP hacker admits 10 million minute spree>/title>
>link>http://www.infosecnews.org/pipermail/isn/2010-February/018740.html>/link>
>description>InfoSec News: Fugitive VoIP hacker admits 10 million minute spree: http://www.theregister.co.uk/2010/02/03/voip_hacker_guilty/
millions of minutes of voice over IP calls and surreptitiously routing [...]>/description>
>/item>
>item>
>title>Military Intelligence: IDF is prepared for Cyberwarfare>/title>
>link>http://www.infosecnews.org/pipermail/isn/2010-February/018739.html>/link>
>description>InfoSec News: Military Intelligence: IDF is prepared for Cyberwarfare: http://dover.idf.il/IDF/English/News/today/10/02/0304.htm
Directorate, Major General Amos Yadlin, in the Intelligence Research [...]>/description>
>/item>
>item>
>title>Report Details Hacks Targeting Google, Others>/title>
>link>http://www.infosecnews.org/pipermail/isn/2010-February/018738.html>/link>
>description>InfoSec News: Report Details Hacks Targeting Google, Others: http://www.wired.com/threatlevel/2010/02/apt-hacks/
>/description>
>/item>
>item>
>title>Black Hat: Microsoft Enhances SDL Offerings>/title>
>link>http://www.infosecnews.org/pipermail/isn/2010-February/018737.html>/link>
>description>InfoSec News: Black Hat: Microsoft Enhances SDL Offerings: http://www.informationweek.com/news/security/client/showArticle.jhtml?articleID=222601024
Microsoft introduced new software, a new membership program, and [...]>/description>
>/item>
>item>
>title>Hackers Try to Steal $150,000 from United Way>/title>
>link>http://www.infosecnews.org/pipermail/isn/2010-February/018736.html>/link>
>description>InfoSec News: Hackers Try to Steal $150,000 from United Way: http://www.krebsonsecurity.com/2010/02/hackers-try-to-steal-150000-from-united-way/
United Way last month and attempted to make off with more than $150,000 [...]>/description>
>/item>
>item>
>title>Phishing Scam Cripples European Emissions Trading>/title>
>link>http://www.infosecnews.org/pipermail/isn/2010-February/018735.html>/link>
>description>InfoSec News: Phishing Scam Cripples European Emissions Trading: http://www.spiegel.de/international/europe/0,1518,675725,00.html
>/description>
>/item>
>item>
>title>PACAF stands up Information Protection Directorate>/title>
>link>http://www.infosecnews.org/pipermail/isn/2010-February/018734.html>/link>
>description>InfoSec News: PACAF stands up Information Protection Directorate: http://www.pacaf.af.mil/news/story.asp?id=123188985
>/description>
>/item>
>item>
>title>ITL BULLETIN FOR JANUARY 2010>/title>
>link>http://www.infosecnews.org/pipermail/isn/2010-February/018733.html>/link>
>description>InfoSec News: ITL BULLETIN FOR JANUARY 2010: Forwarded from Lennon, Elizabeth B. <elizabeth.lennon (at) nist.gov>
Information Technology Laboratory [...]>/description>
>/item>
>item>
>title>Swiss Banks Achilles Heel Is Workers Selling Data>/title>
>link>http://www.infosecnews.org/pipermail/isn/2010-February/018732.html>/link>
>description>InfoSec News: Swiss Banks Achilles Heel Is Workers Selling Data: http://www.bloomberg.com/apps/news?pid=20601109&sid=akmcfUr7TqHs&pos=11
German Chancellor Angela Merkel said yesterday her government may buy [...]>/description>
>/item>
>item>
>title>Researchers Uncover Security Vulnerabilities in Femtocell Technology>/title>
>link>http://www.infosecnews.org/pipermail/isn/2010-February/018731.html>/link>
>description>InfoSec News: Researchers Uncover Security Vulnerabilities in Femtocell Technology: http://www.eweek.com/c/a/Security/Researchers-Uncover-Security-Vulnerabilities-in-Femtocell-Technology-760682/
and software vulnerabilities in femtocell devices that can be used to [...]>/description>
>/item>
>item>
>title>Oracle Hacker Gets The Last Word>/title>
>link>http://www.infosecnews.org/pipermail/isn/2010-February/018730.html>/link>
>description>InfoSec News: Oracle Hacker Gets The Last Word: http://www.forbes.com/2010/02/02/hacker-litchfield-ellison-technology-security-oracle.html
"unbreakable. [...]>/description>
>/item>
>item>
>title>At Black Hat, a search for the best response to China>/title>
>link>http://www.infosecnews.org/pipermail/isn/2010-February/018729.html>/link>
>description>InfoSec News: At Black Hat, a search for the best response to China: http://www.computerworld.com/s/article/9151018/At_Black_Hat_a_search_for_the_best_response_to_China_?taxonomyId=17
>/description>
>/item>
>item>
>title>Accusations Fly Over Voice Encryption Hack>/title>
>link>http://www.infosecnews.org/pipermail/isn/2010-February/018728.html>/link>
>description>InfoSec News: Accusations Fly Over Voice Encryption Hack: http://www.csoonline.com/article/528418/Accusations_Fly_Over_Voice_Encryption_Hack
apparently independent test of voice encryption products that found many [...]>/description>
>/item>
>item>
>title>Hacking for Fun and Profit in China's Underworld>/title>
>link>http://www.infosecnews.org/pipermail/isn/2010-February/018727.html>/link>
>description>InfoSec News: Hacking for Fun and Profit in China's Underworld: http://www.nytimes.com/2010/02/02/business/global/02hacker.html
victims. [...]>/description>
>/item>
>item>
>title>Cyber threat growing at unprecedented rate, intell chief says>/title>
>link>http://www.infosecnews.org/pipermail/isn/2010-February/018726.html>/link>
>description>InfoSec News: Cyber threat growing at unprecedented rate, intell chief says: http://fcw.com/articles/2010/02/02/web--dni-cyber-threat-annual-assessment.aspx
threatening the nation's public and private information infrastructure, [...]>/description>
>/item>
>item>
>title>Homeland Security Plans Cybersecurity, Data Center Investments>/title>
>link>http://www.infosecnews.org/pipermail/isn/2010-February/018725.html>/link>
>description>InfoSec News: Homeland Security Plans Cybersecurity, Data Center Investments: http://www.informationweek.com/news/government/security/showArticle.jhtml?articleID=222600862
million in fiscal 2011 on technology projects that include bolstering [...]>/description>
>/item>
>item>
>title>Most consumers reuse banking passwords on other sites>/title>
>link>http://www.infosecnews.org/pipermail/isn/2010-February/018724.html>/link>
>description>InfoSec News: Most consumers reuse banking passwords on other sites: http://www.theregister.co.uk/2010/02/02/e_banking_password_fail_survey/
password insecurity. [...]>/description>
>/item>
>item>
>title>THOTCON 0x1 - Chicago's Hacking Conference - Speakers/Talks/Tickets>/title>
>link>http://www.infosecnews.org/pipermail/isn/2010-February/018723.html>/link>
>description>InfoSec News: THOTCON 0x1 - Chicago's Hacking Conference - Speakers/Talks/Tickets: Forwarded from: c7five <c7five (at) thotcon.org>
non-profit, non-commercial event. [...]>/description>
>/item>
>/channel>
>/rss>
>rss version="2.0">
>channel>
>title>MS Sec Notification>/title>
>link>http://seclists.org/#microsoft>/link>
>description>Beware that MS often uses these security bulletins as marketing propaganda to downplay serious vulnerabilities in their products -- note how most have a prominent and often-misleading "mitigating factors" section.>/description>
>item>
>title>Microsoft Security Bulletin Summary for January 2010>/title>
>link>http://seclists.org/microsoft/2010/q1/3>/link>
>description><p>Posted by Microsoft on Jan 21</p>********************************************************************<br>
January 2010 can be found at...<br>>/description>
>/item>
>item>
>title>Microsoft Security Bulletin Major Revision>/title>
>link>http://seclists.org/microsoft/2010/q1/2>/link>
>description><p>Posted by Microsoft on Jan 14</p>********************************************************************<br>
-...<br>>/description>
>/item>
>item>
>title>Microsoft Security Bulletin Summary for January 2010>/title>
>link>http://seclists.org/microsoft/2010/q1/1>/link>
>description><p>Posted by Microsoft on Jan 12</p>********************************************************************<br>
<a rel="nofollow" href="http://www.microsoft.com/technet/security/bulletin/ms10-jan.mspx">http://www.microsoft.com/technet/security/bulletin/ms10-jan.mspx</a>....<br>>/description>
>/item>
>item>
>title>Microsoft Security Bulletin Re-Release>/title>
>link>http://seclists.org/microsoft/2010/q1/0>/link>
>description><p>Posted by Microsoft on Jan 12</p>********************************************************************<br>
-...<br>>/description>
>/item>
>item>
>title>Microsoft Security Bulletin Major Revisions>/title>
>link>http://seclists.org/microsoft/2009/q4/9>/link>
>description><p>Posted by Microsoft on Dec 08</p>********************************************************************<br>
* MS08-037 - Important...<br>>/description>
>/item>
>item>
>title>Microsoft Security Bulletin Summary for December 2009>/title>
>link>http://seclists.org/microsoft/2009/q4/8>/link>
>description><p>Posted by Microsoft on Dec 08</p>********************************************************************<br>
December 2009 can be found at...<br>>/description>
>/item>
>item>
>title>Microsoft Security Bulletin Major Revisions>/title>
>link>http://seclists.org/microsoft/2009/q4/7>/link>
>description><p>Posted by Microsoft on Nov 24</p>********************************************************************<br>
* MS08-076 - Important...<br>>/description>
>/item>
>item>
>title>Microsoft Security Bulletin Major Revisions>/title>
>link>http://seclists.org/microsoft/2009/q4/6>/link>
>description><p>Posted by Microsoft on Nov 10</p>********************************************************************<br>
*...<br>>/description>
>/item>
>item>
>title>Microsoft Security Bulletin Summary for November 2009>/title>
>link>http://seclists.org/microsoft/2009/q4/5>/link>
>description><p>Posted by Microsoft on Nov 10</p>********************************************************************<br>
November 2009 can be found at...<br>>/description>
>/item>
>item>
>title>Microsoft Security Bulletin Advance Notification for November 2009>/title>
>link>http://seclists.org/microsoft/2009/q4/4>/link>
>description><p>Posted by Microsoft on Nov 05</p>********************************************************************<br>
Notification for November 2009 can be found...<br>>/description>
>/item>
>item>
>title>Microsoft Security Bulletin Major Revisions>/title>
>link>http://seclists.org/microsoft/2009/q4/3>/link>
>description><p>Posted by Microsoft on Nov 03</p>********************************************************************<br>
-...<br>>/description>
>/item>
>item>
>title>Microsoft Security Bulletin Major Revisions>/title>
>link>http://seclists.org/microsoft/2009/q4/2>/link>
>description><p>Posted by Microsoft on Oct 28</p>********************************************************************<br>
-...<br>>/description>
>/item>
>item>
>title>Microsoft Security Bulletin Major Revisions>/title>
>link>http://seclists.org/microsoft/2009/q4/1>/link>
>description><p>Posted by Microsoft on Oct 27</p>********************************************************************<br>
-...<br>>/description>
>/item>
>item>
>title>Microsoft Security Bulletin Summary for October 2009>/title>
>link>http://seclists.org/microsoft/2009/q4/0>/link>
>description><p>Posted by Microsoft on Oct 13</p>********************************************************************<br>
<a rel="nofollow" href="http://www.microsoft.com/technet/security/bulletin/ms09-oct.mspx">http://www.microsoft.com/technet/security/bulletin/ms09-oct.mspx</a>....<br>>/description>
>/item>
>/channel>
>/rss>
>rss version="2.0">
>channel>
>title>NANOG@merit.edu>/title>
>link>http://www.merit.edu/mail.archives/nanog/index.html>/link>
>description>Latest posts to NANOG Mailing List>/description>
>item>
>title>Re: lawful intercept/IOS at BlackHat DC,>/title>
>link>http://www.merit.edu/mail.archives/nanog/msg05038.html>/link>
>description>andrew.wallace (02/08/10)>/description>
>/item>
>item>
>title>=?UTF-8?B?UmU6IEFkb3B04oCQYW7igJBIYWl0aW>/title>
>link>http://www.merit.edu/mail.archives/nanog/msg05037.html>/link>
>description>Jorge Amodio (02/08/10)>/description>
>/item>
>item>
>title>Re: =?UTF-8?B?QWRvcHTigJBhbuKAkEhhaXRpYW>/title>
>link>http://www.merit.edu/mail.archives/nanog/msg05036.html>/link>
>description>JC Dill (02/08/10)>/description>
>/item>
>item>
>title>Re: =?UTF-8?B?QWRvcHTigJBhbuKAkEhhaXRpYW>/title>
>link>http://www.merit.edu/mail.archives/nanog/msg05035.html>/link>
>description>Larry Sheldon (02/08/10)>/description>
>/item>
>item>
>title>Wireshark Developer and User Conference>/title>
>link>http://www.merit.edu/mail.archives/nanog/msg05034.html>/link>
>description>Janice Spampinato (02/08/10)>/description>
>/item>
>item>
>title>=?UTF-8?Q?Re=3A_Adopt=E2=80=90an=E2=80=9>/title>
>link>http://www.merit.edu/mail.archives/nanog/msg05033.html>/link>
>description>Sean Donelan (02/08/10)>/description>
>/item>
>item>
>title>=?utf-8?Q?Re:_Adopt=E2=80=90an=E2=80=90H>/title>
>link>http://www.merit.edu/mail.archives/nanog/msg05032.html>/link>
>description>David Conrad (02/08/10)>/description>
>/item>
>item>
>title>Re: =?UTF-8?B?QWRvcHTigJBhbuKAkEhhaXRpYW>/title>
>link>http://www.merit.edu/mail.archives/nanog/msg05031.html>/link>
>description>Eric Brunner-Williams (02/08/10)>/description>
>/item>
>item>
>title>Re: lawful intercept/IOS at BlackHat DC,>/title>
>link>http://www.merit.edu/mail.archives/nanog/msg05030.html>/link>
>description>Valdis.Kletnieks (02/08/10)>/description>
>/item>
>item>
>title>=?utf-8?Q?Re:_Adopt=E2=80=90an=E2=80=90H>/title>
>link>http://www.merit.edu/mail.archives/nanog/msg05029.html>/link>
>description>David Conrad (02/08/10)>/description>
>/item>
>item>
>title>Re: =?UTF-8?B?QWRvcHTigJBhbuKAkEhhaXRpYW>/title>
>link>http://www.merit.edu/mail.archives/nanog/msg05028.html>/link>
>description>Eric Brunner-Williams (02/08/10)>/description>
>/item>
>item>
>title>Re:=?UTF-8?Q?Adopt=E2=80=90an=E2=80=90Ha>/title>
>link>http://www.merit.edu/mail.archives/nanog/msg05027.html>/link>
>description>gordon b slater (02/08/10)>/description>
>/item>
>item>
>title>Re: =?UTF-8?B?QWRvcHTigJBhbuKAkEhhaXRpYW>/title>
>link>http://www.merit.edu/mail.archives/nanog/msg05026.html>/link>
>description>a.harrowell (02/08/10)>/description>
>/item>
>item>
>title>=?UTF-8?B?UmU6IEFkb3B04oCQYW7igJBIYWl0aW>/title>
>link>http://www.merit.edu/mail.archives/nanog/msg05025.html>/link>
>description>Reynold Guerrier (02/08/10)>/description>
>/item>
>item>
>title>=?utf-8?Q?Re:_Adopt=E2=80=90an=E2=80=90H>/title>
>link>http://www.merit.edu/mail.archives/nanog/msg05024.html>/link>
>description>Steven Bellovin (02/08/10)>/description>
>/item>
>/channel>
>/rss>
>rss version="2.0">
>channel>
>title>netsec@merit.edu>/title>
>link>http://www.merit.edu/mail.archives/netsec/index.html>/link>
>description>Latest posts to netsec mailing list>/description>
>item>
>title>Cloud Computing Security Considerations>/title>
>link>http://www.merit.edu/mail.archives/netsec/msg03485.html>/link>
>description>Howell, Paul (02/08/10)>/description>
>/item>
>item>
>title>FW: [ISN] Fugitive VoIP hacker admits 10>/title>
>link>http://www.merit.edu/mail.archives/netsec/msg03484.html>/link>
>description>Howell, Paul (02/08/10)>/description>
>/item>
>item>
>title>SANS NewsBites Vol. 12 Num. 10 : Google>/title>
>link>http://www.merit.edu/mail.archives/netsec/msg03483.html>/link>
>description>The SANS Institute (02/05/10)>/description>
>/item>
>item>
>title>FW: [ISN] Hackers Try to Steal $150,000>/title>
>link>http://www.merit.edu/mail.archives/netsec/msg03482.html>/link>
>description>Howell, Paul (02/05/10)>/description>
>/item>
>item>
>title>Google Asks NSA to Help Secure Its Netwo>/title>
>link>http://www.merit.edu/mail.archives/netsec/msg03481.html>/link>
>description>Howell, Paul (02/05/10)>/description>
>/item>
>item>
>title>Verizon MiFi Device Hacked>/title>
>link>http://www.merit.edu/mail.archives/netsec/msg03480.html>/link>
>description>Howell, Paul (02/03/10)>/description>
>/item>
>item>
>title>SANS NewsBites Vol. 12 Num. 9 : Cyber At>/title>
>link>http://www.merit.edu/mail.archives/netsec/msg03479.html>/link>
>description>The SANS Institute (02/02/10)>/description>
>/item>
>item>
>title>SANS NewsBites Vol. 12 Num. 8 : APT Atta>/title>
>link>http://www.merit.edu/mail.archives/netsec/msg03478.html>/link>
>description>The SANS Institute (01/29/10)>/description>
>/item>
>item>
>title>Anatomy Of A Targeted, Persistent Attack>/title>
>link>http://www.merit.edu/mail.archives/netsec/msg03477.html>/link>
>description>Howell, Paul (01/28/10)>/description>
>/item>
>item>
>title>Online Classes Enable Looting of Student>/title>
>link>http://www.merit.edu/mail.archives/netsec/msg03476.html>/link>
>description>Howell, Paul (01/27/10)>/description>
>/item>
>item>
>title>SANS NewsBites Vol. 12 Num. 7 : Major US>/title>
>link>http://www.merit.edu/mail.archives/netsec/msg03475.html>/link>
>description>The SANS Institute (01/26/10)>/description>
>/item>
>item>
>title>FW: [ISN] Report: Attackers sent Google>/title>
>link>http://www.merit.edu/mail.archives/netsec/msg03474.html>/link>
>description>Howell, Paul (01/26/10)>/description>
>/item>
>item>
>title>Data breach costs increase>/title>
>link>http://www.merit.edu/mail.archives/netsec/msg03473.html>/link>
>description>Howell, Paul (01/26/10)>/description>
>/item>
>item>
>title>SANS NewsBites Vol. 12 Num. 6 : Secretar>/title>
>link>http://www.merit.edu/mail.archives/netsec/msg03472.html>/link>
>description>The SANS Institute (01/22/10)>/description>
>/item>
>item>
>title>New Proxy Promises To Shield Users From>/title>
>link>http://www.merit.edu/mail.archives/netsec/msg03471.html>/link>
>description>Howell, Paul (01/21/10)>/description>
>/item>
>/channel>
>/rss>
>rss version="2.0">
>channel>
>title> SANS ISC SecNewsFeed>/title>
>link> http://isc.sans.org>/link>
>description>>![CDATA[]]>>/description>
>image>
>title>SANS ISC SecNewsFeed>/title>
>url>http://isc.sans.org/images/status.gif>/url>
>link>http://isc.sans.org>/link>
>/image>
>item>
>title>Microscope-wielding boffins crack cordless phone crypto (The Register)>/title>
>link>http://go.theregister.com/feed/www.theregister.co.uk/2010/02/08/dect_phone_encryption_cracked/>/link>
>/item>
>item>
>title>Larry Suto Web Application Security Scanner Comparison Report Inaccurate Vendors Say (CGISecurity.com)>/title>
>link>http://www.cgisecurity.com/2010/02/larry-suto-web-scanner-comparison-report-inaccurate-vendors-say.html>/link>
>/item>
>item>
>title>US faces 'serious' cyberspace threats: advisor (AFP) (Yahoo Security)>/title>
>link>http://us.rd.yahoo.com/dailynews/rss/security/*http://news.yahoo.com/s/afp/20100207/pl_afp/usitcomputersecurityinternet>/link>
>/item>
>item>
>title>Vuln: CounterPath X-Lite '.wav' File Buffer Overflow Vulnerability (SecurityFocus Vulnerabilities)>/title>
>link>http://www.securityfocus.com/bid/38130>/link>
>/item>
>item>
>title>New Attack on Threefish (Schneier blog)>/title>
>link>http://www.schneier.com/blog/archives/2010/02/new_attack_on_t.html>/link>
>/item>
>item>
>title>China Closes Hacker Training School, Arrests 3 (E-Week Security)>/title>
>link>http://feeds.ziffdavisenterprise.com/~r/RSS/eweeksecurity/~3/5scZcUN5lZs/>/link>
>/item>
>item>
>title>Chinese man gets 30 months for fake Cisco sales (NetworkWorld Security)>/title>
>link>http://www.networkworld.com/news/2010/020610-chinese-man-gets-30-months.html>/link>
>/item>
>item>
>title>LANDesk Management Gateway Vulnerability, (Sat, Feb 6th) (InternetStormCenter)>/title>
>link>http://isc.sans.org/diary.html?storyid=8179&rss>/link>
>/item>
>item>
>title>JoelEsler: So, uh.. in case you guys didn't know, it's snowing out. (Handler Twitter)>/title>
>link>http://twitter.com/JoelEsler/statuses/8706537654>/link>
>/item>
>item>
>title>CVE-2009-4016 (ircd-hybrid, ircd-ratbox, oftc-hybrid) (Natl. Vulnerability Database)>/title>
>link>http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4016>/link>
>/item>
>/channel>
>/rss>
>rss version="2.0">
>channel>
>title>SecurityFocus News>/title>
>link>http://www.securityfocus.com>/link>
>description>
>/description>
>image>
>title>SecurityFocus>/title>
>url>http://www.securityfocus.com/rss/SFLogo_v1.gif>/url>
>link>http://www.securityfocus.com>/link>
>/image>
>item>
>title>News: Twitter attacker had proper credentials>/title>
>link>http://www.securityfocus.com/news/11569?ref=rss>/link>
>description>Twitter attacker had proper credentials>/description>
>/item>
>item>
>title>News: PhotoDNA scans images for child abuse>/title>
>link>http://www.securityfocus.com/news/11570?ref=rss>/link>
>description>PhotoDNA scans images for child abuse>/description>
>/item>
>item>
>title>News: Conficker data highlights infected networks>/title>
>link>http://www.securityfocus.com/news/11568?ref=rss>/link>
>description>>![CDATA[ Conficker data highlights infected networks>br/>>br/>
]]>>/description>
>/item>
>item>
>title>News: Popular apps need better patching, says report>/title>
>link>http://www.securityfocus.com/news/11560?ref=rss>/link>
>description>Popular apps need better patching, says report>/description>
>/item>
>item>
>title>Brief: Google offers bounty on browser bugs>/title>
>link>http://www.securityfocus.com/brief/1067?ref=rss>/link>
>description>Google offers bounty on browser bugs>/description>
>/item>
>item>
>title>Brief: Cyberattacks from U.S. "greatest concern">/title>
>link>http://www.securityfocus.com/brief/1066?ref=rss>/link>
>description>>![CDATA[ Cyberattacks from U.S. "greatest concern">br/>>br/>
]]>>/description>
>/item>
>item>
>title>Brief: Microsoft patches as fraudsters target IE flaw>/title>
>link>http://www.securityfocus.com/brief/1065?ref=rss>/link>
>description>Microsoft patches as fraudsters target IE flaw>/description>
>/item>
>item>
>title>Brief: Attack on IE 0-day refined by researchers>/title>
>link>http://www.securityfocus.com/brief/1064?ref=rss>/link>
>description>Attack on IE 0-day refined by researchers>/description>
>/item>
>item>
>title>News: Most consumers reuse banking passwords>/title>
>link>http://www.securityfocus.com/news/11573?ref=rss>/link>
>description>>![CDATA[ Most consumers reuse banking passwords>br/>>br/>
]]>>/description>
>/item>
>item>
>title>News: CIA, PayPal under bizarre SSL assault>/title>
>link>http://www.securityfocus.com/news/11572?ref=rss>/link>
>description>CIA, PayPal under bizarre SSL assault>/description>
>/item>
>item>
>title>News: Malicious traffic can crash routers, Juniper warns>/title>
>link>http://www.securityfocus.com/news/11571?ref=rss>/link>
>description>Malicious traffic can crash routers, Juniper warns>/description>
>/item>
>item>
>title>News: Scammers scrape RAM for bank card data>/title>
>link>http://www.securityfocus.com/news/11567?ref=rss>/link>
>description>>![CDATA[ Scammers scrape RAM for bank card data>br/>>br/>
]]>>/description>
>/item>
>item>
>title>Infocus: Enterprise Intrusion Analysis, Part One>/title>
>link>http://www.securityfocus.com/infocus/1904?ref=rss>/link>
>description>Enterprise Intrusion Analysis, Part One>/description>
>/item>
>item>
>title>Infocus: Responding to a Brute Force SSH Attack>/title>
>link>http://www.securityfocus.com/infocus/1903?ref=rss>/link>
>description>Responding to a Brute Force SSH Attack>/description>
>/item>
>item>
>title>Infocus: Data Recovery on Linux and <i>ext3</i>>/title>
>link>http://www.securityfocus.com/infocus/1902?ref=rss>/link>
>description>>![CDATA[ Data Recovery on Linux and <i>ext3</i>>br/>>br/>
]]>>/description>
>/item>
>item>
>title>Infocus: WiMax: Just Another Security Challenge?>/title>
>link>http://www.securityfocus.com/infocus/1901?ref=rss>/link>
>description>WiMax: Just Another Security Challenge?>/description>
>/item>
>item>
>title>Gunter Ollmann: Time to Squish SQL Injection>/title>
>link>http://www.securityfocus.com/columnists/505?ref=rss>/link>
>description>Time to Squish SQL Injection>/description>
>/item>
>item>
>title>Mark Rasch: Lazy Workers May Be Deemed Hackers>/title>
>link>http://www.securityfocus.com/columnists/504?ref=rss>/link>
>description>>![CDATA[ Lazy Workers May Be Deemed Hackers>br/>>br/>
]]>>/description>
>/item>
>item>
>title>Adam O'Donnell: The Scale of Security>/title>
>link>http://www.securityfocus.com/columnists/503?ref=rss>/link>
>description>The Scale of Security>/description>
>/item>
>item>
>title>Mark Rasch: Hacker-Tool Law Still Does Little>/title>
>link>http://www.securityfocus.com/columnists/502?ref=rss>/link>
>description>Hacker-Tool Law Still Does Little>/description>
>/item>
>item>
>title>More rss feeds from SecurityFocus>/title>
>link>http://www.securityfocus.com/rss/index.shtml>/link>
>description>News, Infocus, Columns, Vulnerabilities, Bugtraq ...>/description>
>/item>
>/channel>
>/rss>
>rss version="2.0">
>channel>
>title>Nmap Development>/title>
>link>http://seclists.org/#nmap-dev>/link>
>description>Unmoderated technical development forum for debating ideas, patches, and suggestions regarding proposed changes to <A HREF="http://nmap.org">Nmap</A> and related projects.>/description>
>item>
>title>Re: [NSE] More library global problems>/title>
>link>http://seclists.org/nmap-dev/2010/q1/462>/link>
>description><p>Posted by Patrick Donnelly on Feb 08</p>Well, if the script needs to start over for some reason, then it can.<br>
state table and create a new one (from the script writer perspective).<br>>/description>
>/item>
>item>
>title>Re: [NSE] More library global problems>/title>
>link>http://seclists.org/nmap-dev/2010/q1/461>/link>
>description><p>Posted by Patrick Donnelly on Feb 08</p>Hi Patrik,<br>
sort of state (a table you...<br>>/description>
>/item>
>item>
>title>Re: [NSE] More library global problems>/title>
>link>http://seclists.org/nmap-dev/2010/q1/460>/link>
>description><p>Posted by Patrik Karlsson on Feb 08</p>Thanks! I've attached a proposed patch that uses a fully weak local table to store the request id's. I would appreciate <br>
//Patrik<br>>/description>
>/item>
>item>
>title>Re: [NSE] More library global problems>/title>
>link>http://seclists.org/nmap-dev/2010/q1/459>/link>
>description><p>Posted by Martin Holst Swende on Feb 07</p>Patrick Donnelly wrote:<br>
dynamic - and they are obviously not using that kind of...<br>>/description>
>/item>
>item>
>title>[NSE] More library global problems>/title>
>link>http://seclists.org/nmap-dev/2010/q1/458>/link>
>description><p>Posted by Patrick Donnelly on Feb 07</p>So we have some more global access problems (See [1] for history):<br>
Checking nselib/datafiles.lua...<br>>/description>
>/item>
>item>
>title>Re: ncat http proxy server and SSL>/title>
>link>http://seclists.org/nmap-dev/2010/q1/457>/link>
>description><p>Posted by Markus Klinik on Feb 07</p>As ncat_listen_stream already uses SSL, I'd like to reuse as much of<br>
- make...<br>>/description>
>/item>
>item>
>title>PostgreSQL match lines>/title>
>link>http://seclists.org/nmap-dev/2010/q1/456>/link>
>description><p>Posted by Patrik Karlsson on Feb 07</p>I went through the source code for all PostgreSQL versions found here and updated the match lines:<br>
where the line returning the error was identical. In...<br>>/description>
>/item>
>item>
>title>pgsql-brute and PostgreSQL match lines>/title>
>link>http://seclists.org/nmap-dev/2010/q1/455>/link>
>description><p>Posted by Patrik Karlsson on Feb 06</p>Hi all,<br>
the SMBProgNeg...<br>>/description>
>/item>
>item>
>title>Re: [NSE] Raw ethernet frame questions and NSE library questions>/title>
>link>http://seclists.org/nmap-dev/2010/q1/454>/link>
>description><p>Posted by Kris Katterjohn on Feb 05</p>That's great to hear!<br>
Kris Katterjohn<br>>/description>
>/item>
>item>
>title>Re: [NSE] Raw ethernet frame questions and NSE library questions>/title>
>link>http://seclists.org/nmap-dev/2010/q1/453>/link>
>description><p>Posted by kx on Feb 05</p>Of course, I was just about to reply and send you the same on the<br>
simplicity...<br>>/description>
>/item>
>item>
>title>Re: [NSE] Raw ethernet frame questions and NSE library questions>/title>
>link>http://seclists.org/nmap-dev/2010/q1/452>/link>
>description><p>Posted by Kris Katterjohn on Feb 05</p>I have now tested on both Linux and Windows XP, and it works nicely. I<br>
Kris Katterjohn<br>>/description>
>/item>
>item>
>title>Re: More nsock socket_count_write_dec assert() failures>/title>
>link>http://seclists.org/nmap-dev/2010/q1/451>/link>
>description><p>Posted by Brandon Enright on Feb 05</p>[...snip...]<br>
NSE: Starting http-enum against...<br>>/description>
>/item>
>item>
>title>Re: configure error under solaris 8, nmap-5.21>/title>
>link>http://seclists.org/nmap-dev/2010/q1/450>/link>
>description><p>Posted by Brandon Enright on Feb 05</p>Well not everybody has a Solaris 8 box but I confirmed the build error<br>
Compiling...<br>>/description>
>/item>
>item>
>title>Re: [NSE] Raw ethernet frame questions and NSE library questions>/title>
>link>http://seclists.org/nmap-dev/2010/q1/449>/link>
>description><p>Posted by Kris Katterjohn on Feb 05</p>I've added support for this:<br>
handy stuff in it! I remember going through...<br>>/description>
>/item>
>item>
>title>Re: make install error on nmap 5.21 -- partially solved>/title>
>link>http://seclists.org/nmap-dev/2010/q1/448>/link>
>description><p>Posted by rilian4 rilian4 on Feb 05</p>I ran ./configure and make again, this time both as root.(First time was as<br>
Aaron<br>>/description>
>/item>
>/channel>
>/rss>
>rss version="2.0">
>channel>
>title>Nmap Hackers>/title>
>link>http://seclists.org/#nmap-hackers>/link>
>description>Moderated list for the most important new releases and announcements regarding the <A HREF="http://nmap.org">Nmap Security Scanner</A> and related projects. We recommend that all Nmap users <a href="http://cgi.insecure.org/mailman/listinfo/nmap-hackers">subscribe</a>.>/description>
>item>
>title>Nmap 5.21 released>/title>
>link>http://seclists.org/nmap-hackers/2010/2>/link>
>description><p>Posted by Fyodor on Jan 27</p>Hello everyone. I'm pleased to release Nmap 5.21, which contains zero<br>
development projects. If you want to know...<br>>/description>
>/item>
>item>
>title>Lots of Nmap News>/title>
>link>http://seclists.org/nmap-hackers/2010/1>/link>
>description><p>Posted by Fyodor on Jan 22</p>Hi folks. I'm happy to report that the 5.20 release went well. But<br>
If you're running from a build of the latest SVN checkout, you...<br>>/description>
>/item>
>item>
>title>Nmap 5.20 Released>/title>
>link>http://seclists.org/nmap-hackers/2010/0>/link>
>description><p>Posted by Fyodor on Jan 20</p>Happy new year, everyone. I'm happy to announce Nmap 5.20--our first<br>
The...<br>>/description>
>/item>
>item>
>title>Nmap 5.00 Released!>/title>
>link>http://seclists.org/nmap-hackers/2009/3>/link>
>description><p>Posted by Fyodor on Jul 16</p>Hello everyone. I'm delighted to announce the release of Nmap 5.00!<br>
1) The new Ncat tool aims to be your Swiss Army Knife...<br>>/description>
>/item>
>item>
>title>Nmap news: stable release candidate 4.90RC1, SoC team, and new translations>/title>
>link>http://seclists.org/nmap-hackers/2009/2>/link>
>description><p>Posted by Fyodor on Jun 26</p>Hi Folks. I'm pleased to announce some exciting Nmap news:<br>
Please test it out, and let us know if you find any problems...<br>>/description>
>/item>
>item>
>title>Nmap 4.85BETA6 now avail w/Conficker detection>/title>
>link>http://seclists.org/nmap-hackers/2009/1>/link>
>description><p>Posted by Fyodor on Apr 01</p>Hi Folks! In case you missed all the news reports yesterday, a couple<br>
millions of infections, and this massive botnet...<br>>/description>
>/item>
>item>
>title>Nmap News: 4.84BETA4 release, Nmap book news, Summer of Code, Twitter, etc.>/title>
>link>http://seclists.org/nmap-hackers/2009/0>/link>
>description><p>Posted by Fyodor on Mar 27</p>Hello everyone. We've seen 848 messages on nmap-dev this year, but<br>
4.85BETA4 release,...<br>>/description>
>/item>
>/channel>
>/rss>
>rss version="2.0">
>channel>
>/channel>
>/rss>
>rss version="2.0">
>channel>
>link href="/default.css?5" rel="STYLESHEET" type="text/css">
>LINK REL="SHORTCUT ICON" href="/favicon.ico">
>TITLE>Secunia.com>/TITLE>
>/channel>
>/rss>
>rss version="2.0">
>channel>
>link href="/default.css?5" rel="STYLESHEET" type="text/css">
>LINK REL="SHORTCUT ICON" href="/favicon.ico">
>TITLE>Secunia.com>/TITLE>
>/channel>
>/rss>
>rss version="2.0">
>channel>
>title>Penetration Testing>/title>
>link>http://seclists.org/#pen-test>/link>
>description>While this list is intended for "professionals", participants frequenly disclose techniques and strategies that would be useful to anyone with a practical interest in security and network auditing.>/description>
>item>
>title>RE: SMS Banking>/title>
>link>http://seclists.org/pen-test/2010/Feb/35>/link>
>description><p>Posted by Craig S. Wright on Feb 07</p>The solution needs to be based on risk.<br>
The user can...<br>>/description>
>/item>
>item>
>title>Tools Update - Fist week of February 2010>/title>
>link>http://seclists.org/pen-test/2010/Feb/34>/link>
>description><p>Posted by SD List on Feb 07</p>Hello<br>
security testing tool that...<br>>/description>
>/item>
>item>
>title>NEMESIS linux packet injection command line tool - IP options file as input argument>/title>
>link>http://seclists.org/pen-test/2010/Feb/33>/link>
>description><p>Posted by woman on Feb 07</p>Hi,<br>
woman...<br>>/description>
>/item>
>item>
>title>Re: pentesting voip network-please help>/title>
>link>http://seclists.org/pen-test/2010/Feb/32>/link>
>description><p>Posted by Yiannis Koukouras on Feb 07</p>Unfortunately not. Cain is basic in this category.<br>
and others authorized to receive...<br>>/description>
>/item>
>item>
>title>Re: SMS Banking>/title>
>link>http://seclists.org/pen-test/2010/Feb/31>/link>
>description><p>Posted by Markus Matiaschek on Feb 07</p>Hi,<br>
transaction numbers, TANs. German banks send mobileTANs to...<br>>/description>
>/item>
>item>
>title>Dradis Framework v2.5 is out!>/title>
>link>http://seclists.org/pen-test/2010/Feb/30>/link>
>description><p>Posted by etd on Feb 07</p>Hi all,<br>
o New Burp Upload plugin so you can use Burp Scanner output....<br>>/description>
>/item>
>item>
>title>RE: SMS Banking>/title>
>link>http://seclists.org/pen-test/2010/Feb/29>/link>
>description><p>Posted by Thor (Hammer of God) on Feb 07</p>SMS based solutions are inherently insecure; not just from the application level, but from the carrier level. You're <br>
build security into the application itself, use SSL, etc for client-to-server inquiries and...<br>>/description>
>/item>
>item>
>title>Re: pentesting voip network-please help>/title>
>link>http://seclists.org/pen-test/2010/Feb/28>/link>
>description><p>Posted by Todd Haverkos on Feb 07</p>Yiannis Koukouras <ikoukouras () gmail com> writes:<br>
dot he CDP dissection to find the VLAN and create the virtual...<br>>/description>
>/item>
>item>
>title>RE: Flash Web Application>/title>
>link>http://seclists.org/pen-test/2010/Feb/27>/link>
>description><p>Posted by PortSwigger on Feb 07</p>With Burp, you can get rid of the browser certificate warnings if you wish,<br>
From:...<br>>/description>
>/item>
>item>
>title>Re: Nessus, Harmful?>/title>
>link>http://seclists.org/pen-test/2010/Feb/26>/link>
>description><p>Posted by Kevin Shaw on Feb 05</p>I'm likely preaching to the choir here; but something I would advise <br>
small office worth of...<br>>/description>
>/item>
>item>
>title>Re: SMS Banking>/title>
>link>http://seclists.org/pen-test/2010/Feb/25>/link>
>description><p>Posted by Doug Farre on Feb 05</p>Mobile phone numbers can be spoofed. My piece of advice is that all<br>
compromised as the sms msgs are all stored in plain text.<br>>/description>
>/item>
>item>
>title>Re: SMS Banking>/title>
>link>http://seclists.org/pen-test/2010/Feb/24>/link>
>description><p>Posted by Budi wibowo on Feb 05</p>instead of using sms for putting the pin, please use flash sms.<br>
Im designing an SMS baking application but i need to research on the...<br>>/description>
>/item>
>item>
>title>Re: Flash Web Application>/title>
>link>http://seclists.org/pen-test/2010/Feb/23>/link>
>description><p>Posted by Zaki Akhmad on Feb 05</p>There's no problem on the certificate. After I use webscarab as proxy,<br>
I can't click the flash application :( So I can't proceed.<br>>/description>
>/item>
>item>
>title>Re: pentesting voip network-please help>/title>
>link>http://seclists.org/pen-test/2010/Feb/22>/link>
>description><p>Posted by YGN Ethical Hacker Group on Feb 05</p><a rel="nofollow" href="http://www.tacticalvoip.com/tools.html">http://www.tacticalvoip.com/tools.html</a><br>
and CEPT certs require a full practical examination in order to become certified....<br>>/description>
>/item>
>item>
>title>SMS Banking>/title>
>link>http://seclists.org/pen-test/2010/Feb/21>/link>
>description><p>Posted by M.D.Mufambisi on Feb 05</p>Hi All,<br>
want to be able to...<br>>/description>
>/item>
>/channel>
>/rss>
>rss version="2.0">
>channel>
>title>digg.com: Stories / Popular>/title>
>description>digg.com: Stories / Popular>/description>
>link>http://digg.com/>/link>
>title>7 Weird Political Ads {Videos}>/title>
>link>http://feeds.digg.com/~r/digg/popular/~3/ZTAiOafdoa4/7_Weird_Political_Ads_Videos>/link>
>description>It's a humdinger. But is it the worst political ad of our time? Thanks in part to the dream-enabling power of the stupid internet, there are at least seven other candidates among current and recent political ads for that dubious title. Take a look at them and judge for yourself.
<a href="http://feedads.g.doubleclick.net/~at/WTwIdq2tgnP24Ah1CnSMkYk24uk/1/da"><img src="http://feedads.g.doubleclick.net/~at/WTwIdq2tgnP24Ah1CnSMkYk24uk/1/di" border="0" ismap="true"></img></a></p><img src="http://feeds.feedburner.com/~r/digg/popular/~4/ZTAiOafdoa4" height="1" width="1"/>>/description>
>item>
>title>170 Tons of Tainted Milk from 2008 Now Being Sold in China>/title>
>link>http://feeds.digg.com/~r/digg/popular/~3/QOapZYXn6yc/170_Tons_of_Tainted_Milk_from_2008_Now_Being_Sold_in_China>/link>
>description>China has found another 170 tons of tainted milk powder in an emergency crackdown that has made it increasingly clear many products discovered in the country's 2008 milk scandal were repackaged for sale instead of destroyed.
<a href="http://feedads.g.doubleclick.net/~at/MS7MCVA3M0I6V1Rmtezj_Gm-SHY/1/da"><img src="http://feedads.g.doubleclick.net/~at/MS7MCVA3M0I6V1Rmtezj_Gm-SHY/1/di" border="0" ismap="true"></img></a></p><img src="http://feeds.feedburner.com/~r/digg/popular/~4/QOapZYXn6yc" height="1" width="1"/>>/description>
>item>
>title>Flame Retardants Linked to Fertility, Development Problems >/title>
>link>http://feeds.digg.com/~r/digg/popular/~3/yyEs0PHj_Mc/Flame_Retardants_Linked_to_Fertility_Development_Problems>/link>
>description>Women with high levels of flame retardants in their blood took longer to become pregnant, and children scored lower on development tests.
<a href="http://feedads.g.doubleclick.net/~at/dBaKqzA8DBOXJpaCmUcWy7bnYfg/1/da"><img src="http://feedads.g.doubleclick.net/~at/dBaKqzA8DBOXJpaCmUcWy7bnYfg/1/di" border="0" ismap="true"></img></a></p><img src="http://feeds.feedburner.com/~r/digg/popular/~4/yyEs0PHj_Mc" height="1" width="1"/>>/description>
>item>
>title>A Cheating Heart = A Narcissist>/title>
>link>http://feeds.digg.com/~r/digg/popular/~3/opHvAqaWrjQ/A_Cheating_Heart_A_Narcissist>/link>
>description>Most people believe that when partners cheat, it's a symptom of a bad relationship. They ask, "What was he or she not getting at home?" You can even find experts urging scorned women to snap men out of their doldrums by surprising them with something sexy . . . so their tomcats are less likely to prowl. What a bunch of sexist hooey!
<a href="http://feedads.g.doubleclick.net/~at/_Ihz9JarVkEL2qdxwW2an-LU58o/1/da"><img src="http://feedads.g.doubleclick.net/~at/_Ihz9JarVkEL2qdxwW2an-LU58o/1/di" border="0" ismap="true"></img></a></p><img src="http://feeds.feedburner.com/~r/digg/popular/~4/opHvAqaWrjQ" height="1" width="1"/>>/description>
>item>
>title>New iPhone App keeps track of MP >/title>
>link>http://feeds.digg.com/~r/digg/popular/~3/CBGb2FROKYU/New_iPhone_App_keeps_track_of_MP>/link>
>description>Want to know what your local MP is doing? There's an app for that. Labour MP Derek Wyatt has become the world's first serving politician to launch an iPhone app which he said makes him more accountable to constituents.The free MyMP app shows users what their MP is doing, where they are and lets the public send messages to them directly!
<a href="http://feedads.g.doubleclick.net/~at/KazkLCmK-L02bd-XmLreHz08hsc/1/da"><img src="http://feedads.g.doubleclick.net/~at/KazkLCmK-L02bd-XmLreHz08hsc/1/di" border="0" ismap="true"></img></a></p><img src="http://feeds.feedburner.com/~r/digg/popular/~4/CBGb2FROKYU" height="1" width="1"/>>/description>
>item>
>title>The Most Awe-Inspiring Natural Wonders in America>/title>
>link>http://feeds.digg.com/~r/digg/popular/~3/ZygVm4Pfkwk/The_Most_Awe_Inspiring_Natural_Wonders_in_America_2>/link>
>description>If Earth is giant natural art gallery, the United States is among its most impressive geologic installations. Here are 10 of the most awe inspiring, both for their raw beauty and for the forces that went into their creation.
<a href="http://feedads.g.doubleclick.net/~at/2PrSoHXbj965nCkNzO_tx5KWTfI/1/da"><img src="http://feedads.g.doubleclick.net/~at/2PrSoHXbj965nCkNzO_tx5KWTfI/1/di" border="0" ismap="true"></img></a></p><img src="http://feeds.feedburner.com/~r/digg/popular/~4/ZygVm4Pfkwk" height="1" width="1"/>>/description>
>item>
>title>Google Creating Twitter Clone for Gmail>/title>
>link>http://feeds.digg.com/~r/digg/popular/~3/EoaTO3PYdYI/Google_Creating_Twitter_Clone_for_Gmail>/link>
>description>Gmail users can currently broadcast status messages via the Google Talk feature. The main difference between the current offering and the new feature is that status messages aren't available in a timeline format.
<a href="http://feedads.g.doubleclick.net/~at/pWqo1CfqXi7xL36Rz__3Jp5rDu8/1/da"><img src="http://feedads.g.doubleclick.net/~at/pWqo1CfqXi7xL36Rz__3Jp5rDu8/1/di" border="0" ismap="true"></img></a></p><img src="http://feeds.feedburner.com/~r/digg/popular/~4/EoaTO3PYdYI" height="1" width="1"/>>/description>
>item>
>title>Sweet Breesus! The Greatest Image from Super Bowl 44>/title>
>link>http://feeds.digg.com/~r/digg/popular/~3/TNzB7a1wXtk/Sweet_Breesus_The_Greatest_Image_from_Super_Bowl_44>/link>
>description>The genuine, feel-good story of Drew Brees, encapsulated in this photo and the video of Brees with his son, helped to make Super Bowl XLIV a memorable one, even for fans with no rooting interest in the game.
<a href="http://feedads.g.doubleclick.net/~at/d2QsPglSCnJHsPqLFD2_Fz5AnvI/1/da"><img src="http://feedads.g.doubleclick.net/~at/d2QsPglSCnJHsPqLFD2_Fz5AnvI/1/di" border="0" ismap="true"></img></a></p><img src="http://feeds.feedburner.com/~r/digg/popular/~4/TNzB7a1wXtk" height="1" width="1"/>>/description>
>item>
>title>California Lays Claim to 100 Objects on the Moon>/title>
>link>http://feeds.digg.com/~r/digg/popular/~3/bBgZC4ABIh8/California_Lays_Claim_to_100_Objects_on_the_Moon>/link>
>description>California laid a historical claim to over 100 objects left behind on the moon when the State Historical Resources Commission voted unanimously to name the objects a state historical resource. The action draws attention to California's role in the development of space exploration.
<a href="http://feedads.g.doubleclick.net/~at/PljWrXnrXsk5c1jS7kusdlquS4U/1/da"><img src="http://feedads.g.doubleclick.net/~at/PljWrXnrXsk5c1jS7kusdlquS4U/1/di" border="0" ismap="true"></img></a></p><img src="http://feeds.feedburner.com/~r/digg/popular/~4/bBgZC4ABIh8" height="1" width="1"/>>/description>
>item>
>title>The Everyday Lives of Stormtroopers >/title>
>link>http://feeds.digg.com/~r/digg/popular/~3/XRy7FdQoBb4/The_Everyday_Lives_of_Stormtroopers>/link>
>description>Switch celebrities with stormtroopers, though, and then I’m interested. I don’t know what it is, but there’s something about seeing a stormtrooper taking a break from serving the Emperor and going about his day-to-day activities. After the jump, enjoy a gallery of stormtroopers behaving just like us.
<a href="http://feedads.g.doubleclick.net/~at/LrixVtb-pcRugyBz-K8Y-GrQen8/1/da"><img src="http://feedads.g.doubleclick.net/~at/LrixVtb-pcRugyBz-K8Y-GrQen8/1/di" border="0" ismap="true"></img></a></p><img src="http://feeds.feedburner.com/~r/digg/popular/~4/XRy7FdQoBb4" height="1" width="1"/>>/description>
>item>
>title>10 Ways to a Geeky Girl's Heart>/title>
>link>http://feeds.digg.com/~r/digg/popular/~3/6UA87MZFKyU/10_Ways_to_a_Geeky_Girl_s_Heart>/link>
>description>If you’re a geeky guy looking to romance a geeky girl, it doesn’t matter if you’ve been with her forever or if she’s a new interest; realize that conventional romantic overtures won’t always work.
<a href="http://feedads.g.doubleclick.net/~at/7jefs7Hl65B4dLqF20xnx1psVuo/1/da"><img src="http://feedads.g.doubleclick.net/~at/7jefs7Hl65B4dLqF20xnx1psVuo/1/di" border="0" ismap="true"></img></a></p><img src="http://feeds.feedburner.com/~r/digg/popular/~4/6UA87MZFKyU" height="1" width="1"/>>/description>
>item>
>title>Winter Olympics Go for Environmental Gold, Settle for Bronze>/title>
>link>http://feeds.digg.com/~r/digg/popular/~3/XEDiE0i55No/Winter_Olympics_Go_for_Environmental_Gold_Settle_for_Bronze>/link>
>description>Environmentalists have praised Olympic organizers for building energy-efficient venues, using clean-energy sources, relying on public transit during the Games, and offsetting part of the event's emissions. But a report released this week from the David Suzuki Foundation highlights 'missed opportunities' and areas where the Games 'fell short.'
<a href="http://feedads.g.doubleclick.net/~at/cmw7acc7iMmghMai8TqBmTPHOEA/1/da"><img src="http://feedads.g.doubleclick.net/~at/cmw7acc7iMmghMai8TqBmTPHOEA/1/di" border="0" ismap="true"></img></a></p><img src="http://feeds.feedburner.com/~r/digg/popular/~4/XEDiE0i55No" height="1" width="1"/>>/description>
>item>
>title>Jackson's doctor charged with manslaughter>/title>
>link>http://feeds.digg.com/~r/digg/popular/~3/9AmMORvJZhs/Jackson_s_doctor_charged_with_manslaughter>/link>
>description>Dr. Conrad Murray, personal physician to Michael Jackson, has been charged with a single count of involuntary manslaughter, prosecutors said.
<a href="http://feedads.g.doubleclick.net/~at/Lc_OdsyGuHdGXXaxyL0qZsI1ZrM/1/da"><img src="http://feedads.g.doubleclick.net/~at/Lc_OdsyGuHdGXXaxyL0qZsI1ZrM/1/di" border="0" ismap="true"></img></a></p><img src="http://feeds.feedburner.com/~r/digg/popular/~4/9AmMORvJZhs" height="1" width="1"/>>/description>
>item>
>title>Woman Sues McDonald's.....again???>/title>
>link>http://feeds.digg.com/~r/digg/popular/~3/J342GUZtlAc/Woman_Sues_McDonald_s_again>/link>
>description>When people decry lawyers and frivolous lawsuits, the first thing they point to is the 1994 “hot coffee being spilled on an old lady’s lap” suit that ended up settling for about $600,000. But people continue to be incompetent, so finally, we can relive the excitement: An Oregon woman is suing McDonald’s for the exact same thing.
<a href="http://feedads.g.doubleclick.net/~at/rpda0Nk8dfjOZmKRy_-5Djn7vx0/1/da"><img src="http://feedads.g.doubleclick.net/~at/rpda0Nk8dfjOZmKRy_-5Djn7vx0/1/di" border="0" ismap="true"></img></a></p><img src="http://feeds.feedburner.com/~r/digg/popular/~4/J342GUZtlAc" height="1" width="1"/>>/description>
>item>
>title>Can a veterans court help former GIs find justice at home?>/title>
>link>http://feeds.digg.com/~r/digg/popular/~3/QI-SbKFrWJU/Can_a_veterans_court_help_former_GIs_find_justice_at_home>/link>
>description>More and more veterans are showing the catastrophic impact of their psychological scars from battle. The government doesn't currently employ resources to specifically give soldiers the support they need when they come home; but are specialized courts a catalyst to turn this whole mess around?
<a href="http://feedads.g.doubleclick.net/~at/yNbpQGBiRllx9KFIb6J-ocmvAD0/1/da"><img src="http://feedads.g.doubleclick.net/~at/yNbpQGBiRllx9KFIb6J-ocmvAD0/1/di" border="0" ismap="true"></img></a></p><img src="http://feeds.feedburner.com/~r/digg/popular/~4/QI-SbKFrWJU" height="1" width="1"/>>/description>
>item>
>title>-6C temperatures..snow's on the way as the big freeze return>/title>
>link>http://feeds.digg.com/~r/digg/popular/~3/I4c7KIV9FUA/6C_temperatures_snow_s_on_the_way_as_the_big_freeze_return>/link>
>description>Some parts of Britain will have up to six inches of snow, with ice expected to cause major disruptions on the roads. Eastern parts will be most at risk of snow showers but western areas could have the coldest temperatures because of a lack of cloud cover.
<a href="http://feedads.g.doubleclick.net/~at/mJSb4Q89dCgJlpN6YWCSSb2KtNs/1/da"><img src="http://feedads.g.doubleclick.net/~at/mJSb4Q89dCgJlpN6YWCSSb2KtNs/1/di" border="0" ismap="true"></img></a></p><img src="http://feeds.feedburner.com/~r/digg/popular/~4/I4c7KIV9FUA" height="1" width="1"/>>/description>
>item>
>title>Windy City 1st To Use Wind To Charge Electric Vehicles>/title>
>link>http://feeds.digg.com/~r/digg/popular/~3/DBFrDV6qtF4/Windy_City_1st_To_Use_Wind_To_Charge_Electric_Vehicles>/link>
>description>As we get ready for the Chicago Auto Show next week, a note about what is apparently the first wind-powered electric vehicle charger in the continental U.S.
<a href="http://feedads.g.doubleclick.net/~at/56j8kKC2_tB0qE9X9LPLi7wV2Ik/1/da"><img src="http://feedads.g.doubleclick.net/~at/56j8kKC2_tB0qE9X9LPLi7wV2Ik/1/di" border="0" ismap="true"></img></a></p><img src="http://feeds.feedburner.com/~r/digg/popular/~4/DBFrDV6qtF4" height="1" width="1"/>>/description>
>item>
>title>Virus-Free Technique Enables To Make Stem-Cell Pluripotent>/title>
>link>http://feeds.digg.com/~r/digg/popular/~3/bnTOJSmDSVM/Virus_Free_Technique_Enables_To_Make_Stem_Cell_Pluripotent>/link>
>description>Tiny circles of DNA are the key to a new and easier way to transform stem cells from human fat into induced pluripotent stem cells for use in regenerative medicine, say scientists at the Stanford University School of Medicine. Unlike other commonly used techniques, the method, which is based on standard ...
<a href="http://feedads.g.doubleclick.net/~at/v4neGCnSM2zrCCG-rCYRMZmtMuo/1/da"><img src="http://feedads.g.doubleclick.net/~at/v4neGCnSM2zrCCG-rCYRMZmtMuo/1/di" border="0" ismap="true"></img></a></p><img src="http://feeds.feedburner.com/~r/digg/popular/~4/bnTOJSmDSVM" height="1" width="1"/>>/description>
>item>
>title>Adobe Claims They Don't Ship Flash With Known Crash Bugs>/title>
>link>http://feeds.digg.com/~r/digg/popular/~3/ljUF3rq_Xs4/Adobe_Claims_They_Don_t_Ship_Flash_With_Known_Crash_Bugs>/link>
>description>Adobe's comment is what you'd expect any company to say publicly; realistically, what else could they say? It's just very unfortunate for them that someone was able to prove the inaccuracy of this statement in a very compelling way.
<a href="http://feedads.g.doubleclick.net/~at/VwrCqBwK22wda-WW9oCDZfUVdm8/1/da"><img src="http://feedads.g.doubleclick.net/~at/VwrCqBwK22wda-WW9oCDZfUVdm8/1/di" border="0" ismap="true"></img></a></p><img src="http://feeds.feedburner.com/~r/digg/popular/~4/ljUF3rq_Xs4" height="1" width="1"/>>/description>
>item>
>title>BREAKING - Rep. John Murtha Dead at 77>/title>
>link>http://feeds.digg.com/~r/digg/popular/~3/LnNIQotUXq0/BREAKING_Rep_John_Murtha_Dead_at_77>/link>
>description>Pennsylvania Democratic Rep. John Murtha, the first veteran of the Vietnam war and one of the most powerful lawmakers in Congress, died Wednesday morning at Virginia Hospital Center in Arlington, VA, after complications from gallbladder surgery. Murtha was 77.
<a href="http://feedads.g.doubleclick.net/~at/1IsveIC_dg1k5TdDijUewjvyKpI/1/da"><img src="http://feedads.g.doubleclick.net/~at/1IsveIC_dg1k5TdDijUewjvyKpI/1/di" border="0" ismap="true"></img></a></p><img src="http://feeds.feedburner.com/~r/digg/popular/~4/LnNIQotUXq0" height="1" width="1"/>>/description>
>item>
>title>25 Ironic Signs (PICS)>/title>
>link>http://feeds.digg.com/~r/digg/popular/~3/gJWp315iEes/25_Ironic_Signs_PICS>/link>
>description>It's like rain on your wedding day, or tape on a sign that says don't use tape.
<a href="http://feedads.g.doubleclick.net/~at/Nr6YWbWs7mM9Xxrd6ZoVWAH76wo/1/da"><img src="http://feedads.g.doubleclick.net/~at/Nr6YWbWs7mM9Xxrd6ZoVWAH76wo/1/di" border="0" ismap="true"></img></a></p><img src="http://feeds.feedburner.com/~r/digg/popular/~4/gJWp315iEes" height="1" width="1"/>>/description>
>item>
>title>Hello Botox, Bye-Bye Sadness>/title>
>link>http://feeds.digg.com/~r/digg/popular/~3/vIl6w0SyLmI/Hello_Botox_Bye_Bye_Sadness>/link>
>description>Paralyzing the frown muscles also inhibits the ability to understand anger and sadness.
<a href="http://feedads.g.doubleclick.net/~at/eHuY65aBDvczg1ZyJzoAqVBIxrs/1/da"><img src="http://feedads.g.doubleclick.net/~at/eHuY65aBDvczg1ZyJzoAqVBIxrs/1/di" border="0" ismap="true"></img></a></p><img src="http://feeds.feedburner.com/~r/digg/popular/~4/vIl6w0SyLmI" height="1" width="1"/>>/description>
>item>
>title>Canon bows Rebel T2i with 18-megapixel sensor, 1080p30 video>/title>
>link>http://feeds.digg.com/~r/digg/popular/~3/6L6AIdunFi0/Canon_bows_Rebel_T2i_with_18_megapixel_sensor_1080p30_video>/link>
>description>Canon this morning launched a slew of camera updates headlined by the Rebel T2i. The successor to Canon's entry DSLR shoots at the same 18 megapixels as the EOS 7D and also inherits its video recording features: it now shoots at a full 30 frames per second at 1080p.
<a href="http://feedads.g.doubleclick.net/~at/BiU7LBO51VQpGP85S8fzu9YX6j4/1/da"><img src="http://feedads.g.doubleclick.net/~at/BiU7LBO51VQpGP85S8fzu9YX6j4/1/di" border="0" ismap="true"></img></a></p><img src="http://feeds.feedburner.com/~r/digg/popular/~4/6L6AIdunFi0" height="1" width="1"/>>/description>
>item>
>title>Whatever happened to the "Gotta Digg" girl?>/title>
>link>http://feeds.digg.com/~r/digg/popular/~3/NNmq9I_mNpo/Whatever_happened_to_the_Gotta_Digg_girl>/link>
>description>Kina Grannis, the girl behind that "Gotta Digg" video two years ago got signed to Interscope but left the major label scene prematurely. She has brought her fans with her and will be releasing an independent album beginning with the launch of this music video.
<a href="http://feedads.g.doubleclick.net/~at/PXZSF-TFGkrYAhqnSP1n_lfzFnQ/1/da"><img src="http://feedads.g.doubleclick.net/~at/PXZSF-TFGkrYAhqnSP1n_lfzFnQ/1/di" border="0" ismap="true"></img></a></p><img src="http://feeds.feedburner.com/~r/digg/popular/~4/NNmq9I_mNpo" height="1" width="1"/>>/description>
>item>
>title>Will Tapulous's Riddim Ribbon Be as Popular as TTR?>/title>
>link>http://feeds.digg.com/~r/digg/popular/~3/v7LAhWAunEo/Will_Tapulous_s_Riddim_Ribbon_Be_as_Popular_as_TTR>/link>
>description>Tapulous, the company who brought us Tap Tap Revenge (TTR) is ready to release an entirely new music-focused gaming series: Riddim Ribbon, featuring the Black Eyed Peas. Riddim Ribbon is a fusion between racing, popular songs, and to some extent, remixing music.
<a href="http://feedads.g.doubleclick.net/~at/V7rx8FOfYAo3v7ha6yevoloFmv8/1/da"><img src="http://feedads.g.doubleclick.net/~at/V7rx8FOfYAo3v7ha6yevoloFmv8/1/di" border="0" ismap="true"></img></a></p><img src="http://feeds.feedburner.com/~r/digg/popular/~4/v7LAhWAunEo" height="1" width="1"/>>/description>
>item>
>title>Obama Invites GOP Leaders to Health Care Talk>/title>
>link>http://feeds.digg.com/~r/digg/popular/~3/7lFOQXYc2lQ/Obama_Invites_GOP_Leaders_to_Health_Care_Talk_3>/link>
>description>In the first major step to revive his health care agenda after his party's loss of a filibuster-proof Senate majority, President Barack Obama on Sunday invited Republican and Democratic leaders to discuss possible compromises in a televised gathering later this month.
<a href="http://feedads.g.doubleclick.net/~at/A1T4OeNBG3popcaxJ7vznq5owS8/1/da"><img src="http://feedads.g.doubleclick.net/~at/A1T4OeNBG3popcaxJ7vznq5owS8/1/di" border="0" ismap="true"></img></a></p><img src="http://feeds.feedburner.com/~r/digg/popular/~4/7lFOQXYc2lQ" height="1" width="1"/>>/description>
>item>
>title>Imgur: Stolen Content and Social Media's Double Standard>/title>
>link>http://feeds.digg.com/~r/digg/popular/~3/GF_7IegIbh4/Imgur_Stolen_Content_and_Social_Media_s_Double_Standard>/link>
>description>The majority of the images uploaded to Imgur are stolen from elsewhere. There is zero policing and all uploads are anonymous, which means that great pictures from across the web are scraped and uploaded as ‘genuine’ content all the time.
<a href="http://feedads.g.doubleclick.net/~at/IoUkXZ2IRJ_7-STm-Nd-C3vO0-Y/1/da"><img src="http://feedads.g.doubleclick.net/~at/IoUkXZ2IRJ_7-STm-Nd-C3vO0-Y/1/di" border="0" ismap="true"></img></a></p><img src="http://feeds.feedburner.com/~r/digg/popular/~4/GF_7IegIbh4" height="1" width="1"/>>/description>
>item>
>title>21st-Century Shooters Are No Country for Old Men>/title>
>link>http://feeds.digg.com/~r/digg/popular/~3/ygrnotOvT34/21st_Century_Shooters_Are_No_Country_for_Old_Men>/link>
>description>We’re breaking into an elevated enemy base surrounded by jungle. We have the benefit of cover, lush overgrowth and ancient ruins. But the enemy has the advantage. The approach to their base becomes Hamburger Hill. I die over and over, sniped by a hundred unseen gunmen, trying to push my way toward the goal. The fight starts feeling pointless.
<a href="http://feedads.g.doubleclick.net/~at/lQ1emdleLOiLt5123k0pTh2MfMo/1/da"><img src="http://feedads.g.doubleclick.net/~at/lQ1emdleLOiLt5123k0pTh2MfMo/1/di" border="0" ismap="true"></img></a></p><img src="http://feeds.feedburner.com/~r/digg/popular/~4/ygrnotOvT34" height="1" width="1"/>>/description>
>item>
>title>Super Bowl XLIV: Every Commercial (In Case You Missed Them)>/title>
>link>http://feeds.digg.com/~r/digg/popular/~3/0so7mdocpIE/Super_Bowl_XLIV_Every_Commercial_In_Case_You_Missed_Them>/link>
>description>See the 2010 Ads after the quarter in which they air, and vote for your favorite or least favorite.
<a href="http://feedads.g.doubleclick.net/~at/3zuUboqTqZwTO15SH5d8B_sDo5w/1/da"><img src="http://feedads.g.doubleclick.net/~at/3zuUboqTqZwTO15SH5d8B_sDo5w/1/di" border="0" ismap="true"></img></a></p><img src="http://feeds.feedburner.com/~r/digg/popular/~4/0so7mdocpIE" height="1" width="1"/>>/description>
>item>
>title>School secretary axed for speaking Spanish >/title>
>link>http://feeds.digg.com/~r/digg/popular/~3/PqwQmUORi2w/School_secretary_axed_for_speaking_Spanish>/link>
>description>A former North Carolina school secretary, fired for speaking Spanish in violation of the school's no-Spanish rule, has sued the school district, records show.
<a href="http://feedads.g.doubleclick.net/~at/iqlF_enboY_nZmZjOLVeFjy_-zo/1/da"><img src="http://feedads.g.doubleclick.net/~at/iqlF_enboY_nZmZjOLVeFjy_-zo/1/di" border="0" ismap="true"></img></a></p><img src="http://feeds.feedburner.com/~r/digg/popular/~4/PqwQmUORi2w" height="1" width="1"/>>/description>
>item>
>title>Super-Size Equipment Helps EMTs Move The Obese>/title>
>link>http://feeds.digg.com/~r/digg/popular/~3/6CdI51hbFFU/Super_Size_Equipment_Helps_EMTs_Move_The_Obese>/link>
>description>Paramedics and firefighters don't need to follow television shows about a half-ton teen or biggest losers to track the obesity trend. They carry that knowledge with them.
<a href="http://feedads.g.doubleclick.net/~at/D2rt6DSXPMQ1ouzoxf0ZjRDEjos/1/da"><img src="http://feedads.g.doubleclick.net/~at/D2rt6DSXPMQ1ouzoxf0ZjRDEjos/1/di" border="0" ismap="true"></img></a></p><img src="http://feeds.feedburner.com/~r/digg/popular/~4/6CdI51hbFFU" height="1" width="1"/>>/description>
>item>
>title>Google Ocean Showcase: Dive into Your Desktop>/title>
>link>http://feeds.digg.com/~r/digg/popular/~3/kGHgsGLDRWE/Google_Ocean_Showcase_Dive_into_Your_Desktop>/link>
>description>New multimedia tours feature some of the Earth's hottest surf and dive spots, important shipwrecks, large underwater mountains and vast canyon systems running along the seafloor.
<a href="http://feedads.g.doubleclick.net/~at/H232KboDh0nCCXzQ3Oo1HqDI7nk/1/da"><img src="http://feedads.g.doubleclick.net/~at/H232KboDh0nCCXzQ3Oo1HqDI7nk/1/di" border="0" ismap="true"></img></a></p><img src="http://feeds.feedburner.com/~r/digg/popular/~4/kGHgsGLDRWE" height="1" width="1"/>>/description>
>item>
>title>A Caterpillar with a 'Fake' Head (pic)>/title>
>link>http://feeds.digg.com/~r/digg/popular/~3/SFoIViNOTtE/A_Caterpillar_with_a_Fake_Head_pic>/link>
>description>The head with the antennae is actually not a head at all -- but a ruse to confuse predators...taking survival adaptation to a fascinating level.
<a href="http://feedads.g.doubleclick.net/~at/xRuWaZPSzHoSeCQDS4gMGCcpr5I/1/da"><img src="http://feedads.g.doubleclick.net/~at/xRuWaZPSzHoSeCQDS4gMGCcpr5I/1/di" border="0" ismap="true"></img></a></p><img src="http://feeds.feedburner.com/~r/digg/popular/~4/SFoIViNOTtE" height="1" width="1"/>>/description>
>item>
>title>Are cat owners really top dogs for brains?>/title>
>link>http://feeds.digg.com/~r/digg/popular/~3/oVEXMjWNMyY/Are_cat_owners_really_top_dogs_for_brains>/link>
>description>It is a claim calculated to have rival pet lovers fighting like cat and dog.According to a scientific study, cat owners tend to be cleverer than their dog-loving counterparts.
<a href="http://feedads.g.doubleclick.net/~at/pOrkdHixwdEvraDUP_i-im_O7ho/1/da"><img src="http://feedads.g.doubleclick.net/~at/pOrkdHixwdEvraDUP_i-im_O7ho/1/di" border="0" ismap="true"></img></a></p><img src="http://feeds.feedburner.com/~r/digg/popular/~4/oVEXMjWNMyY" height="1" width="1"/>>/description>
>item>
>title>How They Train: Biathlon (Video)>/title>
>link>http://feeds.digg.com/~r/digg/popular/~3/Wy2lwe5AaZM/How_They_Train_Biathlon_Video>/link>
>description>TIME's Sean Gregory gets a shooting lesson from U.S. Olympic favorite Tim Burke as he trains for the games in Vancouver
<a href="http://feedads.g.doubleclick.net/~at/Om_tp6pCuOL00EFx0WmQxx8ncfo/1/da"><img src="http://feedads.g.doubleclick.net/~at/Om_tp6pCuOL00EFx0WmQxx8ncfo/1/di" border="0" ismap="true"></img></a></p><img src="http://feeds.feedburner.com/~r/digg/popular/~4/Wy2lwe5AaZM" height="1" width="1"/>>/description>
>item>
>title>Real Time Voice Translation is On the Way, Thanks to Google>/title>
>link>http://feeds.digg.com/~r/digg/popular/~3/4gkX366IZ9M/Real_Time_Voice_Translation_is_On_the_Way_Thanks_to_Google>/link>
>description>Real time voice translation is on the way and Google aims to pioneer it. The Internet giant wants to develop its smartphone technology to translate speech in real time.
<a href="http://feedads.g.doubleclick.net/~at/OwTCWWJkIVvv0B_RysRjmJH4Pac/1/da"><img src="http://feedads.g.doubleclick.net/~at/OwTCWWJkIVvv0B_RysRjmJH4Pac/1/di" border="0" ismap="true"></img></a></p><img src="http://feeds.feedburner.com/~r/digg/popular/~4/4gkX366IZ9M" height="1" width="1"/>>/description>
>item>
>title>Toxic coal-tar cleanup to cost New York $3 billion >/title>
>link>http://feeds.digg.com/~r/digg/popular/~3/_kFsRnvriHY/Toxic_coal_tar_cleanup_to_cost_New_York_3_billion>/link>
>description>A toxic liquid has been creeping through the soil of cities in the mid-Hudson Valley for more than a century. From the 1800s to the 1950s, manufactured gas plants provided light and heat to thousands who walked city streets and lived in city homes. But an industrial byproduct from those plants, coal tar, has been leaking into the ground since then.
<a href="http://feedads.g.doubleclick.net/~at/YU7czvvkVKe1rIeqkvDu7Wcz52M/1/da"><img src="http://feedads.g.doubleclick.net/~at/YU7czvvkVKe1rIeqkvDu7Wcz52M/1/di" border="0" ismap="true"></img></a></p><img src="http://feeds.feedburner.com/~r/digg/popular/~4/_kFsRnvriHY" height="1" width="1"/>>/description>
>item>
>title>Political Correctness Gone Mad>/title>
>link>http://feeds.digg.com/~r/digg/popular/~3/7oOBvyepCjA/Political_Correctness_Gone_Mad_10>/link>
>description>Rahm Emanuel is facing a political correctness crisis, and as a noted American once said, we should never let a crisis go to waste.
<a href="http://feedads.g.doubleclick.net/~at/71F77mmRC8-K8TRd_94eIiojmWQ/1/da"><img src="http://feedads.g.doubleclick.net/~at/71F77mmRC8-K8TRd_94eIiojmWQ/1/di" border="0" ismap="true"></img></a></p><img src="http://feeds.feedburner.com/~r/digg/popular/~4/7oOBvyepCjA" height="1" width="1"/>>/description>
>item>
>title>Costa Rica elects Chinchilla first woman president>/title>
>link>http://feeds.digg.com/~r/digg/popular/~3/mcSUQmJgqc0/Costa_Rica_elects_Chinchilla_first_woman_president>/link>
>description>Laura Chinchilla, a protege of Nobel peace laureate President Oscar Arias, won a landslide election victory in Costa Rica on Sunday to become the country's first woman elected.
<a href="http://feedads.g.doubleclick.net/~at/UTS58AkQS3cDBFpq5-NPRxc3JEc/1/da"><img src="http://feedads.g.doubleclick.net/~at/UTS58AkQS3cDBFpq5-NPRxc3JEc/1/di" border="0" ismap="true"></img></a></p><img src="http://feeds.feedburner.com/~r/digg/popular/~4/mcSUQmJgqc0" height="1" width="1"/>>/description>
>item>
>title>TOUCHDOWN: Google Runs Super Bowl Ad>/title>
>link>http://feeds.digg.com/~r/digg/popular/~3/HOaLktXq5nk/TOUCHDOWN_Google_Runs_Super_Bowl_Ad>/link>
>description>The rumors were correct: Google took the bold step of running a Super Bowl ad in the 3rd quarter of the game today, marking its first major push into TV advertising and a new frontier of marketing for the company that has triumphed online ads above all else.
<a href="http://feedads.g.doubleclick.net/~at/XDBKw0uMwjRblfZeu5wop_bzOAw/1/da"><img src="http://feedads.g.doubleclick.net/~at/XDBKw0uMwjRblfZeu5wop_bzOAw/1/di" border="0" ismap="true"></img></a></p><img src="http://feeds.feedburner.com/~r/digg/popular/~4/HOaLktXq5nk" height="1" width="1"/>>/description>
>/channel>
>/rss>
>rss version="2.0">
>channel>
>title>The RISKS Forum>/title>
>link>http://seclists.org/#risks>/link>
>description>Peter G. Neumann moderates this regular digest of current events which demonstrate risks to the public in computers and related systems. Security risks are often discussed.>/description>
>item>
>title>Risks Digest 25.93>/title>
>link>http://seclists.org/risks/2010/q1/4>/link>
>description><p>Posted by RISKS List Owner on Jan 29</p>RISKS-LIST: Risks-Forum Digest Friday 29 January 2010 Volume 25 : Issue 93<br>
The current issue can be...<br>>/description>
>/item>
>item>
>title>Risks Digest 25.92>/title>
>link>http://seclists.org/risks/2010/q1/3>/link>
>description><p>Posted by RISKS List Owner on Jan 26</p>RISKS-LIST: Risks-Forum Digest Tuesday 26 January 2010 Volume 25 : Issue 92<br>
The current issue can be...<br>>/description>
>/item>
>item>
>title>Risks Digest 25.91>/title>
>link>http://seclists.org/risks/2010/q1/2>/link>
>description><p>Posted by RISKS List Owner on Jan 19</p>RISKS-LIST: Risks-Forum Digest Tuesday 19 January 2010 Volume 25 : Issue 91<br>
The current issue can be...<br>>/description>
>/item>
>item>
>title>Risks Digest 25.90>/title>
>link>http://seclists.org/risks/2010/q1/1>/link>
>description><p>Posted by RISKS List Owner on Jan 08</p>RISKS-LIST: Risks-Forum Digest Friday 8 January 2010 Volume 25 : Issue 90<br>
The current issue can be...<br>>/description>
>/item>
>item>
>title>Risks Digest 25.89>/title>
>link>http://seclists.org/risks/2010/q1/0>/link>
>description><p>Posted by RISKS List Owner on Jan 07</p>RISKS-LIST: Risks-Forum Digest Thursday 7 January 2010 Volume 25 : Issue 89<br>
The current issue can be...<br>>/description>
>/item>
>item>
>title>Risks Digest 25.88>/title>
>link>http://seclists.org/risks/2009/q4/8>/link>
>description><p>Posted by RISKS List Owner on Dec 26</p>RISKS-LIST: Risks-Forum Digest Saturday 26 December 2009 Volume 25 : Issue 88<br>
The current issue can...<br>>/description>
>/item>
>item>
>title>Risks Digest 25.87>/title>
>link>http://seclists.org/risks/2009/q4/7>/link>
>description><p>Posted by RISKS List Owner on Dec 15</p>RISKS-LIST: Risks-Forum Digest Tuesday 15 December 2009 Volume 25 : Issue 87<br>
The current issue can...<br>>/description>
>/item>
>item>
>title>Risks Digest 25.86>/title>
>link>http://seclists.org/risks/2009/q4/6>/link>
>description><p>Posted by RISKS List Owner on Dec 14</p>RISKS-LIST: Risks-Forum Digest Monday 14 December 2009 Volume 25 : Issue 86<br>
The current issue can be...<br>>/description>
>/item>
>item>
>title>Risks Digest 25.85>/title>
>link>http://seclists.org/risks/2009/q4/5>/link>
>description><p>Posted by RISKS List Owner on Nov 28</p>RISKS-LIST: Risks-Forum Digest Saturday 28 November 2009 Volume 25 : Issue 85<br>
The current issue can...<br>>/description>
>/item>
>item>
>title>Risks Digest 25.84>/title>
>link>http://seclists.org/risks/2009/q4/4>/link>
>description><p>Posted by RISKS List Owner on Nov 25</p>RISKS-LIST: Risks-Forum Digest Weds 25 November 2009 Volume 25 : Issue 84<br>
The current issue can be...<br>>/description>
>/item>
>item>
>title>Risks Digest 25.83>/title>
>link>http://seclists.org/risks/2009/q4/3>/link>
>description><p>Posted by RISKS List Owner on Nov 06</p>RISKS-LIST: Risks-Forum Digest Friday 6 November 2009 Volume 25 : Issue 83<br>
The current issue can be...<br>>/description>
>/item>
>item>
>title>Risks Digest 25.82>/title>
>link>http://seclists.org/risks/2009/q4/2>/link>
>description><p>Posted by RISKS List Owner on Oct 20</p>RISKS-LIST: Risks-Forum Digest Tuesday 20 October 2009 Volume 25 : Issue 82<br>
The current issue can be...<br>>/description>
>/item>
>item>
>title>Risks Digest 25.81>/title>
>link>http://seclists.org/risks/2009/q4/1>/link>
>description><p>Posted by RISKS List Owner on Oct 12</p>RISKS-LIST: Risks-Forum Digest Monday 12 October 2009 Volume 25 : Issue 81<br>
The current issue can be...<br>>/description>
>/item>
>item>
>title>Risks Digest 25.80>/title>
>link>http://seclists.org/risks/2009/q4/0>/link>
>description><p>Posted by RISKS List Owner on Oct 09</p>RISKS-LIST: Risks-Forum Digest Friday 9 October 2009 Volume 25 : Issue 80<br>
The current issue can be...<br>>/description>
>/item>
>/channel>
>/rss>
>rss version="2.0">
>channel>
>title> SANS Internet Storm Center, InfoCON: green>/title>
>link> http://isc.sans.org>/link>
>description>>![CDATA[]]>>/description>
>image>
>title>SANS Internet Storm Center, InfoCON: green>/title>
>url>http://isc.sans.org/images/status.gif>/url>
>link>http://isc.sans.org>/link>
>/image>
>item>
>title>Infocon: green>/title>
>link>http://isc.sans.org/diary.html?rss>/link>
>description>>![CDATA[When is a 0day not a 0day? Fake OpenSSh exploit, again. ]]>>/description>
>/item>
>item>
>title>When is a 0day not a 0day? Fake OpenSSh exploit, again. , (Mon, Feb 8th)>/title>
>link>http://isc.sans.org/diary.html?storyid=8185&rss>/link>
>description>>![CDATA[When is a 0day in OpenSSH not a 0day? When it's local exploit code. Not the kind that exploits a vul ...(more)... ]]>>/description>
>/item>
>item>
>title>
Mandiant Mtrends Report, (Sun, Feb 7th)>/title>
>link>http://isc.sans.org/diary.html?storyid=8182&rss>/link>
>description>>![CDATA[Once again a lazy weekend to catch up on some reading. One of the items that came across my em ...(more)... ]]>>/description>
>/item>
>item>
>title>
LANDesk Management Gateway Vulnerability, (Sat, Feb 6th)>/title>
>link>http://isc.sans.org/diary.html?storyid=8179&rss>/link>
>description>>![CDATA[LANDesk has released a security fix for a vulnerability reported for the LANDesk Management Gateway ...(more)... ]]>>/description>
>/item>
>item>
>title>
tweaked ISC layout. Please submit screen shot and browser details if things don't look right., (Sat, Feb 6th)>/title>
>link>http://isc.sans.org/diary.html?storyid=8176&rss>/link>
>description>>![CDATA[------
Johannes B. Ullrich, Ph ...(more)... ]]>>/description>
>/item>
>item>
>title>
Oracle WebLogic Server Security Alert, (Sat, Feb 6th)>/title>
>link>http://isc.sans.org/diary.html?storyid=8173&rss>/link>
>description>>![CDATA[Oracle issued a Security Alert that address a vulnerability in the Node Manager component of Oracle ...(more)... ]]>>/description>
>/item>
>item>
>title>
New version of Andreas Schuster's Evtx Parser released http://computer.forensikblog.de/en/2010/02/evtx_parser_1_0_2.html, (Sat, Feb 6th)>/title>
>link>http://isc.sans.org/diary.html?storyid=8170&rss>/link>
>description>>![CDATA[ ...(more)... ]]>>/description>
>/item>
>item>
>title>
Memory Analysis - time to move beyond XP, (Fri, Feb 5th)>/title>
>link>http://isc.sans.org/diary.html?storyid=8167&rss>/link>
>description>>![CDATA[One of my interests for the last couple of years has been memory analysis especially for use in malw ...(more)... ]]>>/description>
>/item>
>item>
>title>
WordPress iframe injection?, (Fri, Feb 5th)>/title>
>link>http://isc.sans.org/diary.html?storyid=8164&rss>/link>
>description>>![CDATA[One of the things we seem to harp on here at the SANSInternet Storm Center is monitoring your ...(more)... ]]>>/description>
>/item>
>item>
>title>
More MiFi Fun. Consistent Authentication Matters! http://appsecstreetfighter.com, (Fri, Feb 5th)>/title>
>link>http://isc.sans.org/diary.html?storyid=8161&rss>/link>
>description>>![CDATA[------
Johannes B. Ullrich, Ph ...(more)... ]]>>/description>
>/item>
>/channel>
>/rss>
>rss version="2.0">
>channel>
>title>Nessus.org Plugins>/title>
>link>http://www.nessus.org/scripts.php>/link>
>description>All the newest security checks for the Nessus scanner>/description>
>image about="http://www.nessus.org/images/RssLogo.jpg">
>title>Nessus Plugins>/title>
>url>http://www.nessus.org/images/RssLogo.jpg>/url>
>link>http://www.nessus.org/>/link>
>/image>
>item about="http://www.nessus.org/plugins/index.php?view=single&id=44406">
>title>Samba Symlink Traversal Arbitrary File Access>/title>
>description>>![CDATA[Synopsis :>br />
]]>>/description>
>link>http://www.nessus.org/plugins/index.php?view=single&id=44406>/link>
>/item>
>item about="http://www.nessus.org/plugins/index.php?view=single&id=44405">
>title>HP-UX Security patch : PHSS_40230>/title>
>description>>![CDATA[Synopsis :>br />
]]>>/description>
>link>http://www.nessus.org/plugins/index.php?view=single&id=44405>/link>
>/item>
>item about="http://www.nessus.org/plugins/index.php?view=single&id=44404">
>title>HP-UX Security patch : PHSS_40229>/title>
>description>>![CDATA[Synopsis :>br />
]]>>/description>
>link>http://www.nessus.org/plugins/index.php?view=single&id=44404>/link>
>/item>
>item about="http://www.nessus.org/plugins/index.php?view=single&id=44403">
>title>SuSE 11.2 Security Update: libsnmp15 (2010-02-04)>/title>
>description>>![CDATA[Synopsis :>br />
]]>>/description>
>link>http://www.nessus.org/plugins/index.php?view=single&id=44403>/link>
>/item>
>item about="http://www.nessus.org/plugins/index.php?view=single&id=44402">
>title>MDVSA-2010:033: squid>/title>
>description>>![CDATA[Synopsis :>br />
]]>>/description>
>link>http://www.nessus.org/plugins/index.php?view=single&id=44402>/link>
>/item>
>item about="http://www.nessus.org/plugins/index.php?view=single&id=44401">
>title>SMB Service Config Enumeration>/title>
>description>>![CDATA[Synopsis :>br />
]]>>/description>
>link>http://www.nessus.org/plugins/index.php?view=single&id=44401>/link>
>/item>
>item about="http://www.nessus.org/plugins/index.php?view=single&id=44400">
>title>Squid < 3.0.STABLE19 / 3.1.0.14 / 2.6.STABLE23 strListGetItem Function Remote DoS>/title>
>description>>![CDATA[Synopsis :>br />
]]>>/description>
>link>http://www.nessus.org/plugins/index.php?view=single&id=44400>/link>
>/item>
>item about="http://www.nessus.org/plugins/index.php?view=single&id=44399">
>title>USN894-1 : linux, linux-source-2.6.15 vulnerabilities>/title>
>description>>![CDATA[Synopsis :>br />
]]>>/description>
>link>http://www.nessus.org/plugins/index.php?view=single&id=44399>/link>
>/item>
>item about="http://www.nessus.org/plugins/index.php?view=single&id=44398">
>title>SuSE Security Update: Security update for Linux kernel (kernel-6806)>/title>
>description>>![CDATA[Synopsis :>br />
]]>>/description>
>link>http://www.nessus.org/plugins/index.php?view=single&id=44398>/link>
>/item>
>item about="http://www.nessus.org/plugins/index.php?view=single&id=44397">
>title>Solaris Unbundled (sparc) : 138195-03>/title>
>description>>![CDATA[Synopsis :>br />
]]>>/description>
>link>http://www.nessus.org/plugins/index.php?view=single&id=44397>/link>
>/item>
>item about="http://www.nessus.org/plugins/index.php?view=single&id=44396">
>title>MDVSA-2010:032: rootcerts>/title>
>description>>![CDATA[Synopsis :>br />
]]>>/description>
>link>http://www.nessus.org/plugins/index.php?view=single&id=44396>/link>
>/item>
>item about="http://www.nessus.org/plugins/index.php?view=single&id=44395">
>title>CentOS : RHSA-2010-0076>/title>
>description>>![CDATA[Synopsis :>br />
]]>>/description>
>link>http://www.nessus.org/plugins/index.php?view=single&id=44395>/link>
>/item>
>item about="http://www.nessus.org/plugins/index.php?view=single&id=44394">
>title>IBM Tivoli Monitoring Service Console Detection>/title>
>description>>![CDATA[Synopsis :>br />
]]>>/description>
>link>http://www.nessus.org/plugins/index.php?view=single&id=44394>/link>
>/item>
>item about="http://www.nessus.org/plugins/index.php?view=single&id=44393">
>title>OCS Inventory NG Server Administration Console header.php login Parameter SQL Injection>/title>
>description>>![CDATA[Synopsis :>br />
]]>>/description>
>link>http://www.nessus.org/plugins/index.php?view=single&id=44393>/link>
>/item>
>item about="http://www.nessus.org/plugins/index.php?view=single&id=44392">
>title>OCS Inventory NG Server Administration Console Detection>/title>
>description>>![CDATA[Synopsis :>br />
]]>>/description>
>link>http://www.nessus.org/plugins/index.php?view=single&id=44392>/link>
>/item>
>item about="http://www.nessus.org/plugins/index.php?view=single&id=44391">
>title>Linksys Router Detection>/title>
>description>>![CDATA[Synopsis :>br />
]]>>/description>
>link>http://www.nessus.org/plugins/index.php?view=single&id=44391>/link>
>/item>
>item about="http://www.nessus.org/plugins/index.php?view=single&id=44390">
>title>FreeBSD : apache -- Prevent chunk-size integer overflow on platforms where sizeof(int) < sizeof(long) (5219)>/title>
>description>>![CDATA[Synopsis :>br />
]]>>/description>
>link>http://www.nessus.org/plugins/index.php?view=single&id=44390>/link>
>/item>
>item about="http://www.nessus.org/plugins/index.php?view=single&id=44389">
>title>SuSE Security Update: fuse (2010-01-26)>/title>
>description>>![CDATA[Synopsis :>br />
]]>>/description>
>link>http://www.nessus.org/plugins/index.php?view=single&id=44389>/link>
>/item>
>item about="http://www.nessus.org/plugins/index.php?view=single&id=44388">
>title>Solaris 10 (x86) : 140160-02>/title>
>description>>![CDATA[Synopsis :>br />
]]>>/description>
>link>http://www.nessus.org/plugins/index.php?view=single&id=44388>/link>
>/item>
>item about="http://www.nessus.org/plugins/index.php?view=single&id=44387">
>title>Solaris 10 (sparc) : 140159-02>/title>
>description>>![CDATA[Synopsis :>br />
]]>>/description>
>link>http://www.nessus.org/plugins/index.php?view=single&id=44387>/link>
>/item>
>/channel>
>/rss>
>rss version="2.0">
>channel>
>title>SecuriTeam>/title>
>link>http://www.securiteam.com>/link>
>description>Welcome to the SecuriTeam RSS Feed - sponsored by Beyond Security. Know Your Vulnerabilities! Visit BeyondSecurity.com for your web site, network and code security audit and scanning needs.>/description>
>image>
>title>SecuriTeam.com>/title>
>url>http://www.securiteam.com/beyond-logo-small.png>/url>
>link>http://www.securiteam.com>/link>
>/image>
>item>
>title>LedgerSMB Multiple Vulnerabilities>/title>
>link>http://www.securiteam.com/securitynews/5EP3H1P0AU.html>/link>
>description>>![CDATA[It has been brought to our attention that a number of security vulnerabilities have been noted in SQL-Ledger. Several of these affect earlier versions of LedgerSMB, and three hotfixes have been released for problems that continue to affect the LedgerSMB codebase.]]>>/description>
>/item>
>item>
>title>Kaspersky Lab Multiple Products Local Privilege Escalation Vulnerability>/title>
>link>http://www.securiteam.com/securitynews/5RP2W150AC.html>/link>
>description>>![CDATA[Insecure permissions have been detected in the multiple Kaspersky Lab antivirus products.]]>>/description>
>/item>
>item>
>title>Piwik Cookie Unserialize Vulnerability>/title>
>link>http://www.securiteam.com/securitynews/6H00B0AQAS.html>/link>
>description>>![CDATA[Piwik unserializes() user input which allows an attacker to send a carefully crafted cookie that when unserialized utilizes Piwik's classes to upload arbitrary files or execute arbitrary PHP code.]]>>/description>
>/item>
>item>
>title>Invision Power Board SQL PHP File Inclusion and SQL Injection>/title>
>link>http://www.securiteam.com/securitynews/6T0022AQAC.html>/link>
>description>>![CDATA[Invision Power Board has a PHP file inclusion vulnerability that is trivial to exploit with a web browser and a known location of a php file residing on the target system. Authorisation is not required. The SQL injection vulnerability is somewhat tricky to exploit as there are quite a few restrictions that make creating a successful sql attack vector difficult. Nevertheless a crafty attacker might issue a series of requests that might allow him to gain some information about the target system or even read files from the disk depending on permissions granted to the db account that is used by the forum.]]>>/description>
>/item>
>item>
>title>U.S. Defense Information Systems Agency (DISA) Unix Security Readiness Review (SRR) Vulnerability>/title>
>link>http://www.securiteam.com/securitynews/6E00420QAS.html>/link>
>description>>![CDATA[The U.S. Defense Information Systems Agency (DISA) publishes Security Readiness Review scripts (SRRs) to ensure systems and software meet security baselines required by the Department of Defense. Unprivileged local users can obtain root access on Unix systems where the DISA SRR scripts are run.]]>>/description>
>/item>
>item>
>title>Netifera - Modular Open Source Platform for Security Tools>/title>
>link>http://www.securiteam.com/tools/5QP0B0KQUE.html>/link>
>description>>![CDATA[]]>>/description>
>/item>
>item>
>title>WarVOX - Tools for Exploring, Classifying, and Auditing Telephone Systems>/title>
>link>http://www.securiteam.com/tools/5RP012KQKA.html>/link>
>description>>![CDATA[]]>>/description>
>/item>
>item>
>title>Webshag - Web Server Audit Tool>/title>
>link>http://www.securiteam.com/tools/5QP0L0UQAI.html>/link>
>description>>![CDATA[]]>>/description>
>/item>
>item>
>title>Browser Fuzzer>/title>
>link>http://www.securiteam.com/tools/5OP0L00Q0Y.html>/link>
>description>>![CDATA[]]>>/description>
>/item>
>item>
>title>FSpy - Linux Filesystem Activity Monitoring>/title>
>link>http://www.securiteam.com/tools/6D00V0ANFY.html>/link>
>description>>![CDATA[]]>>/description>
>/item>
>item>
>title>Publique! CMS and SQL Injection Vulnerabilities>/title>
>link>http://www.securiteam.com/unixfocus/5FP3I1P0AO.html>/link>
>description>>![CDATA[A remotely exploitable vulnerability was found in the framework core component. Exploitation of this bug does not require authentication and will lead to remotely exposed potentially sensitive information from the Publique! database. Particularly, an attacker can extract usernames and passwords needed to authenticate to the administrative interface and gain full control of the web site and (depending on certain conditions) the server itself.]]>>/description>
>/item>
>item>
>title>Files2Links F2L-3000 SQL Injection Vulnerability>/title>
>link>http://www.securiteam.com/unixfocus/5DP3G1P0AA.html>/link>
>description>>![CDATA[The login page of the F2L-3000 version 4.0.0 is vulnerable to SQL Injection. Exploitation of the vulnerability may allow attackers to bypass authentication and access sensitive information stored on the device.]]>>/description>
>/item>
>item>
>title>HP-UX Running Apache Data Injection and DoS Vulnerability>/title>
>link>http://www.securiteam.com/unixfocus/5QP2V150AO.html>/link>
>description>>![CDATA[A potential security vulnerability has been identified with HP-UX running Apache v2.0.59.12 and earlier. The vulnerability could be exploited remotely to inject unauthorized data or to create a Denial of Service (DoS).]]>>/description>
>/item>
>item>
>title>MIT krb5 KDC denial of service in cross-realm referral processing>/title>
>link>http://www.securiteam.com/unixfocus/5MP2W0K0AK.html>/link>
>description>>![CDATA[An unauthenticated remote attacker could cause the KDC to crash due to a null pointer dereference. Legitimate requests can also cause this crash to occur.]]>>/description>
>/item>
>item>
>title>AproxEngine Multiple Vulnerabilities>/title>
>link>http://www.securiteam.com/unixfocus/5BP2V0A0AG.html>/link>
>description>>![CDATA[Vulnerabilities have been discovered in AproxEngine, which can be exploited by malicious users to manipulate certain data, conduct spoofing, SQL injection, and script insertion attacks and by malicious people to conduct SQL injection and script insertion attacks.]]>>/description>
>/item>
>item>
>title>Microsoft Indeo Codec Memory Corruption Vulnerability>/title>
>link>http://www.securiteam.com/windowsntfocus/6S00D00QAW.html>/link>
>description>>![CDATA[The Indeo codec on systems running Microsoft Windows 2000, Windows XP, and Windows Server 2003 could allow code to run on users systems when opening specially crafted content.]]>>/description>
>/item>
>item>
>title>HP DDMI Execution of Arbitrary Code>/title>
>link>http://www.securiteam.com/windowsntfocus/6T00C2AQ0Y.html>/link>
>description>>![CDATA[A potential security vulnerability has been identified with HP Discovery & Dependency Mapping Inventory (DDMI) running on Windows. The vulnerability could be exploited remotely by an authorized user to execute arbitrary code.]]>>/description>
>/item>
>item>
>title>Microsoft Windows License Logging Service Heap Corruption Vulnerability>/title>
>link>http://www.securiteam.com/windowsntfocus/6M00D0UQ0W.html>/link>
>description>>![CDATA[This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. Authentication is not required on certain configurations to exploit this vulnerability.]]>>/description>
>/item>
>item>
>title>Microsoft Office Excel Code Execution Vulnerabilities>/title>
>link>http://www.securiteam.com/windowsntfocus/6K00B0UQ0K.html>/link>
>description>>![CDATA[Attackers using specially crafted XLS files can execute arbitrary code via memory corruptions, invalid index, and invalid pointer errors.]]>>/description>
>/item>
>item>
>title>Microsoft SharePoint 2007 ASP.NET Source Code Disclosure>/title>
>link>http://www.securiteam.com/windowsntfocus/6W0040UQ0W.html>/link>
>description>>![CDATA[It was found that the download facility of Microsoft SharePoint Team Services can be abused to reveal the source code of ASP.NET files.]]>>/description>
>/item>
>item>
>title>Trango Broadband Wireless Rogue SU Authentication Bug>/title>
>link>http://www.securiteam.com/exploits/5LP2V0K0AG.html>/link>
>description>>![CDATA[Currently there is a flaw in the authentication mechanism of these radios which, if an attacker knows some details, can allow interception of ethernet packets broadcast from the Access Point to the Subscriber Unit and potentially allows injection into the communication from the Subscriber Unit to the Access Point.]]>>/description>
>/item>
>item>
>title>Exposing HMS HICP Protocol and Intellicom NetBiterConfig.exe Remote Buffer Overflow>/title>
>link>http://www.securiteam.com/exploits/5CP2W0A0AU.html>/link>
>description>>![CDATA[SCADA weaknesses created by HICP Protocol and NetBiter WebSCADA.]]>>/description>
>/item>
>item>
>title>Family Connections Multiple Remote Vulnerabilities>/title>
>link>http://www.securiteam.com/exploits/6U00D20QAQ.html>/link>
>description>>![CDATA[Many fields are not properly sanitised and some checks can be bypassed.]]>>/description>
>/item>
>item>
>title>VideoCache vccleaner Root Vulnerability>/title>
>link>http://www.securiteam.com/exploits/6T00C20QAY.html>/link>
>description>>![CDATA[VideoCache is a Squid URL rewriter plugin written in Python for bandwidth optimization while browsing video sharing websites. Version 1.9.2 allows a user with the privileges of the Squid proxy server to append semi-arbitrary data to arbitrary files with root privileges, upon the administrator's execution of the 'vccleaner' utility.]]>>/description>
>/item>
>item>
>title>QuickHeal Antivirus 2010 Local Privilege Escalation>/title>
>link>http://www.securiteam.com/exploits/6S00B20QAQ.html>/link>
>description>>![CDATA[All files under the install folder have Full control for BUILTIN\users and can be replace with malicious files.]]>>/description>
>/item>
>item>
>title>Why Silent Updates Boost Security>/title>
>link>http://www.securiteam.com/securityreviews/5NP0E00R5A.html>/link>
>description>>![CDATA[Thomas Duebendorfer Google Switzerland GmbH and Stefan Frei Communication Systems Group, ETH Zurich, Switzerland looked into the performance of Web browser update mechanisms. The analysis of anonymized Google Web server logs allowed us to compare and rank the update strategies deployed by Google Chrome, Mozilla Firefox, Apple Safari, and Opera.]]>>/description>
>/item>
>item>
>title>PDF Silent HTTP Form Repurposing Attacks>/title>
>link>http://www.securiteam.com/securityreviews/5MP0D00R5G.html>/link>
>description>>![CDATA[This paper sheds light on a modified approach to triggering web attacks through JavaScript protocol handler in the context of opening a PDF in a browser.]]>>/description>
>/item>
>item>
>title>Frame Pointer Overwrite Demonstration (Linux)>/title>
>link>http://www.securiteam.com/securityreviews/6M0010UNFQ.html>/link>
>description>>![CDATA[This paper assumes you have read the proper background information and/or technical details about the above subject. If not, please do so, because this read does not include key concepts but instead technical exploitation examples. That being said, enjoy. Knowledge is power.]]>>/description>
>/item>
>item>
>title>Format String Exploitation Demonstration (Linux)>/title>
>link>http://www.securiteam.com/securityreviews/6E0030KNFO.html>/link>
>description>>![CDATA[This paper assumes you have read the proper background information and/or technical details about the above subject. If not, please do so, because this read does not include key concepts but instead technical exploitation examples. That being said, enjoy. Knowledge is power.]]>>/description>
>/item>
>item>
>title>Hacking SOHO Routers>/title>
>link>http://www.securiteam.com/securityreviews/6D00C0KN5S.html>/link>
>description>>![CDATA[The purpose of this paper is to outline the security measures being taken by vendors to prevent such attacks in their home routing products, what those security measures accomplish, and where they fall short. We will use existing network tools to examine common vulnerabilities in a range of popular devices and demonstrate weaknesses in the security of those devices; additionally, we will examine common trends in security measures that have been duplicated across vendors, and examine how those trends help and hinder the security of their devices. In particular, we will examine the following home routers, which are some of the latest offerings from their respective vendors at the time of this writing: * Linksys WRT160N]]>>/description>
>/item>
>/channel>
>/rss>
>rss version="2.0">
>channel>
>title>Security Basics>/title>
>link>http://seclists.org/#basics>/link>
>description>A high-volume list which permits people to ask "stupid questions" without being derided as "n00bs". I recommend this list to network security newbies, but be sure to read Bugtraq and other lists as well.>/description>
>item>
>title>Re: SMS Banking>/title>
>link>http://seclists.org/basics/2010/Feb/60>/link>
>description><p>Posted by Menerick, John on Feb 08</p>Comments inline<br>
few pointers and case...<br>>/description>
>/item>
>item>
>title>RE: SMS Banking>/title>
>link>http://seclists.org/basics/2010/Feb/59>/link>
>description><p>Posted by Thor (Hammer of God) on Feb 08</p>And just how do you come up with the probability of compromising the SMS function and the user authentication method?<br>
Regarding GSM, what...<br>>/description>
>/item>
>item>
>title>RE: SMS Banking>/title>
>link>http://seclists.org/basics/2010/Feb/58>/link>
>description><p>Posted by Craig S. Wright on Feb 08</p>The solution needs to be based on risk.<br>
The user can...<br>>/description>
>/item>
>item>
>title>Re: Transparent vs Routed Firewall>/title>
>link>http://seclists.org/basics/2010/Feb/57>/link>
>description><p>Posted by John Morrison on Feb 08</p>Chris has the right idea. Transparent does make it easier if you have<br>
As Chris points out transparent mode avoids having to rejig your IP...<br>>/description>
>/item>
>item>
>title>Managed Security Services>/title>
>link>http://seclists.org/basics/2010/Feb/56>/link>
>description><p>Posted by mohannad . alkhalash on Feb 08</p>Dear,<br>
become more proactive. Furthermore the functions of MSS include round-the-clock monitoring and...<br>>/description>
>/item>
>item>
>title>Re: SMS Banking>/title>
>link>http://seclists.org/basics/2010/Feb/55>/link>
>description><p>Posted by Dennis Li on Feb 08</p>------------------------------------------------------------------------<br>
install and use a thawte Digital Certificate on your Apache web server....<br>>/description>
>/item>
>item>
>title>Re: [OT ish] Router vs Firewall - corporate environment>/title>
>link>http://seclists.org/basics/2010/Feb/54>/link>
>description><p>Posted by John Morrison on Feb 08</p>Martin,<br>
as any Cisco dedicated device. As all the routing will be done in the...<br>>/description>
>/item>
>item>
>title>Re: SMS Banking>/title>
>link>http://seclists.org/basics/2010/Feb/53>/link>
>description><p>Posted by Markus Matiaschek on Feb 05</p>Hi,<br>
transaction numbers, TANs. German banks send mobileTANs to...<br>>/description>
>/item>
>item>
>title>Re: SMS Banking>/title>
>link>http://seclists.org/basics/2010/Feb/52>/link>
>description><p>Posted by Agus 'Bosen' Supriadhie on Feb 05</p>How about putting a random PIN sequense?<br>
To: M.D.Mufambisi<mufambisi () gmail com>; <listbounce () securityfocus com>; <pen-test () securityfocus com>;...<br>>/description>
>/item>
>item>
>title>Re: SMS Banking>/title>
>link>http://seclists.org/basics/2010/Feb/51>/link>
>description><p>Posted by NetEvil on Feb 05</p>Hi,<br>
However in...<br>>/description>
>/item>
>item>
>title>Re: Re: MSN virus>/title>
>link>http://seclists.org/basics/2010/Feb/50>/link>
>description><p>Posted by taser3000 on Feb 05</p>Actually I have heard of things like this going on in the increase. In fact I wound up talking with a guy the other day <br>
accounts. This just so happens to match what...<br>>/description>
>/item>
>item>
>title>Re: SMS Banking>/title>
>link>http://seclists.org/basics/2010/Feb/49>/link>
>description><p>Posted by Brad Reaves on Feb 05</p>One of the biggest problems will be a static pin.<br>
The attacker wouldn't necessarily have to be the one to receive...<br>>/description>
>/item>
>item>
>title>Re: MSN virus>/title>
>link>http://seclists.org/basics/2010/Feb/48>/link>
>description><p>Posted by Ramki B Ramakrishnan on Feb 05</p>These things happen always and you don't have a silver bullet for<br>
HTH, Ramki<br>>/description>
>/item>
>item>
>title>Re: SMS Banking>/title>
>link>http://seclists.org/basics/2010/Feb/47>/link>
>description><p>Posted by Doug Farre on Feb 05</p>Mobile phone numbers can be spoofed. My piece of advice is that all<br>
compromised as the sms msgs are all stored in plain text.<br>>/description>
>/item>
>item>
>title>Re: SMS Banking>/title>
>link>http://seclists.org/basics/2010/Feb/46>/link>
>description><p>Posted by Budi wibowo on Feb 05</p>instead of using sms for putting the pin, please use flash sms.<br>
Im designing an SMS baking application but i need to research on the...<br>>/description>
>/item>
>/channel>
>/rss>
>rss version="2.0">
>channel>
>link>http://seclists.org/#jobs>/link>
>description>A popular list for advertising or finding jobs in the security field. Employers post openings and job seekers post resumes (run by SecurityFocus). For privacy reasons, only the current year is archived.>/description>
>/channel>
>/rss>
>rss version="2.0">
>channel>
>link>http://seclists.org/#vuln-dev>/link>
>description>A moderated list for discussing possible security issues and devising exploits for them.>/description>
>/channel>
>/rss>
>rss version="2.0">
>channel>
>title>SecurityFocus Vulnerabilities>/title>
>link>http://www.securityfocus.com>/link>
>description>
>/description>
>image>
>title>SecurityFocus>/title>
>url>http://www.securityfocus.com/rss/SFLogo_v1.gif>/url>
>link>http://www.securityfocus.com>/link>
>/image>
>item>
>title>Vuln: Linux Kernel 'drivers/scsi/gdth.c' Local Privilege Escalation Vulnerability>/title>
>link>http://www.securityfocus.com/bid/37068>/link>
>description>>![CDATA[ Linux Kernel 'drivers/scsi/gdth.c' Local Privilege Escalation Vulnerability ]]>>/description>
>/item>
>item>
>title>Vuln: Linux Kernel 'hfc_usb.c' Local Privilege Escalation Vulnerability>/title>
>link>http://www.securityfocus.com/bid/37036>/link>
>description>>![CDATA[ Linux Kernel 'hfc_usb.c' Local Privilege Escalation Vulnerability ]]>>/description>
>/item>
>item>
>title>Vuln: Joomla! 'com_photoblog' Component 'blog' Parameter SQL Injection Vulnerability>/title>
>link>http://www.securityfocus.com/bid/38136>/link>
>description>>![CDATA[ Joomla! 'com_photoblog' Component 'blog' Parameter SQL Injection Vulnerability ]]>>/description>
>/item>
>item>
>title>Vuln: OpenBB Multiple SQL Injection Vulnerabilities>/title>
>link>http://www.securityfocus.com/bid/38134>/link>
>description>>![CDATA[ OpenBB Multiple SQL Injection Vulnerabilities ]]>>/description>
>/item>
>item>
>title>Bugtraq: [security bulletin] HPSBUX02503 SSRT100019 rev.1 - HP-UX Running Java, Remote Increase in Privilege, Denial of Service and Other>/title>
>link>http://www.securityfocus.com/archive/1/509446>/link>
>description>>![CDATA[ [security bulletin] HPSBUX02503 SSRT100019 rev.1 - HP-UX Running Java, Remote Increase in Privilege, Denial of Service and Other ]]>>/description>
>/item>
>item>
>title>Bugtraq: RE: Samba Remote Zero-Day Exploit>/title>
>link>http://www.securityfocus.com/archive/1/509445>/link>
>description>>![CDATA[ RE: Samba Remote Zero-Day Exploit ]]>>/description>
>/item>
>item>
>title>Bugtraq: [ MDVSA-2010:034 ] kernel>/title>
>link>http://www.securityfocus.com/archive/1/509444>/link>
>description>>![CDATA[ [ MDVSA-2010:034 ] kernel ]]>>/description>
>/item>
>item>
>title>Bugtraq: [security bulletin] HPSBMA02487 SSRT100024 rev.1 - HP Operations Agent Running on Solaris 10, Remote Unauthorized Access>/title>
>link>http://www.securityfocus.com/archive/1/509443>/link>
>description>>![CDATA[ [security bulletin] HPSBMA02487 SSRT100024 rev.1 - HP Operations Agent Running on Solaris 10, Remote Unauthorized Access ]]>>/description>
>/item>
>item>
>title>More rss feeds from SecurityFocus>/title>
>link>http://www.securityfocus.com/rss/index.shtml>/link>
>description>News, Infocus, Columns, Vulnerabilities, Bugtraq ...>/description>
>/item>
>/channel>
>/rss>
>rss version="2.0">
>channel>
>title>VulnWatch>/title>
>link>http://seclists.org/#vulnwatch>/link>
>description>A non-discussion, non-patch, all-vulnerability annoucement list supported and run by a community of volunteer moderators distributed around the world.>/description>
>/channel>
>/rss>
>rss version="2.0">
>channel>
>title>Web App Security>/title>
>link>http://seclists.org/#webappsec>/link>
>description>Provides insights on the unique challenges which make web applications notoriously hard to secure, as well as attack methods including SQL injection, cross-site scripting (XSS), cross-site request forgery, and more.>/description>
>item>
>title>winAUTOPWN 2.1 - Now you can sleep>/title>
>link>http://seclists.org/webappsec/2010/q1/14>/link>
>description><p>Posted by QUAKER DOOMER on Jan 30</p>Dear all,<br>
- winAUTOPWN or WINDOWS AUTOPWN version 2.1 now attempts to...<br>>/description>
>/item>
>item>
>title>Dasient mod_antimalware_lite v0.2>/title>
>link>http://seclists.org/webappsec/2010/q1/13>/link>
>description><p>Posted by Neil Daswani on Jan 21</p>Overview<br>
networks,...<br>>/description>
>/item>
>item>
>title>OWASP for Charities: Haiti relief effort>/title>
>link>http://seclists.org/webappsec/2010/q1/12>/link>
>description><p>Posted by Dinis Cruz on Jan 21</p>Hi, there are days that I am really proud of being part of the OWASP<br>
looks like we...<br>>/description>
>/item>
>item>
>title>Invitation: nullcon Goa 2010 International Security & Hacking Conference>/title>
>link>http://seclists.org/webappsec/2010/q1/11>/link>
>description><p>Posted by nullcon on Jan 12</p>Hi all,<br>
particular the major security threats...<br>>/description>
>/item>
>item>
>title>RE: Burp Suite v1.3 released>/title>
>link>http://seclists.org/webappsec/2010/q1/10>/link>
>description><p>Posted by PortSwigger on Jan 11</p>Burp v1.3 already handles viewing and editing of AMF-encoded messages in the<br>
Sent: 08 January...<br>>/description>
>/item>
>item>
>title>HITB Ezine 'Reloaded' - Issue #001>/title>
>link>http://seclists.org/webappsec/2010/q1/9>/link>
>description><p>Posted by Hafez Kamal on Jan 11</p>Welcome to 2010! We are proud to announce the immediate availability of<br>
As with our conference series,...<br>>/description>
>/item>
>item>
>title>Re: Burp Suite v1.3 released>/title>
>link>http://seclists.org/webappsec/2010/q1/8>/link>
>description><p>Posted by Michele Orru on Jan 08</p>Hi Dafydd,<br>
anyway...<br>>/description>
>/item>
>item>
>title>Burp Suite v1.3 released>/title>
>link>http://seclists.org/webappsec/2010/q1/7>/link>
>description><p>Posted by PortSwigger on Jan 08</p>Burp Suite v1.3 is now available for free download at<br>
- Improved...<br>>/description>
>/item>
>item>
>title>Re: Context App Tool - New Web Application Testing Tool Released>/title>
>link>http://seclists.org/webappsec/2010/q1/6>/link>
>description><p>Posted by Andrew van der Stock on Jan 08</p>Hi there,<br>
• Any vendor or project - closed. commercial or open...<br>>/description>
>/item>
>item>
>title>RE: Context App Tool - New Web Application Testing Tool Released>/title>
>link>http://seclists.org/webappsec/2010/q1/5>/link>
>description><p>Posted by Context IS - Disclosure on Jan 07</p>CAT is closed source. There is a EULA that is part of the installer which details the terms of use. This can be read <br>
Michael<br>>/description>
>/item>
>item>
>title>Re: Context App Tool - New Web Application Testing Tool Released>/title>
>link>http://seclists.org/webappsec/2010/q1/4>/link>
>description><p>Posted by The Security Community on Jan 07</p>Anyone care to cut&paste the EULA here?<br>
--------------------------------------<br>>/description>
>/item>
>item>
>title>Re: Context App Tool - New Web Application Testing Tool Released>/title>
>link>http://seclists.org/webappsec/2010/q1/3>/link>
>description><p>Posted by The Security Community on Jan 05</p>It doesn't appear to be Open Source. What is the license?<br>
--------------------------------------<br>>/description>
>/item>
>item>
>title>Context App Tool - New Web Application Testing Tool Released>/title>
>link>http://seclists.org/webappsec/2010/q1/2>/link>
>description><p>Posted by Context IS - Disclosure on Jan 05</p>CAT is an application to facilitate manual web application penetration testing. It was designed to cope with a more <br>
Conceptually it is similar to other proxies available both commercially and open source. CAT...<br>>/description>
>/item>
>item>
>title>RE: WASC Announcement: WASC Threat Classification v2.0 Published>/title>
>link>http://seclists.org/webappsec/2010/q1/1>/link>
>description><p>Posted by Vincent Chao on Jan 03</p>Thanks very much for WASC's work, it really help me ;)<br>
The Web Application Security...<br>>/description>
>/item>
>item>
>title>WASC Announcement: WASC Threat Classification v2.0 Published>/title>
>link>http://seclists.org/webappsec/2010/q1/0>/link>
>description><p>Posted by announcements on Jan 03</p>The Web Application Security Consortium (WASC) is pleased to announce the long awaited release of the WASC <br>
- Refine document scope, terminology, and purpose...<br>>/description>
>/item>
>/channel>
>/rss>
>rss version="2.0">
>channel>
>/channel>
>/rss>