Welcome to the Hostsplus Security Information Center
Welcome to the HostsPlus Security Information Center.
This is a portal site created by HostsPlus to enable our clients and other interested parties to learn more about Information Security.
>rss version="2.0">
>channel>
>title>Bugtraq>/title>
>link>http://seclists.org/#bugtraq>/link>
>description>The premier general security mailing list. Vulnerabilities are often announced here first, so check frequently!>/description>
>item>
>title>ZDI-10-025: Microsoft Office Excel XLSX File Parsing Remote Code Execution Vulnerability>/title>
>link>http://seclists.org/bugtraq/2010/Mar/79>/link>
>description><p>Posted by ZDI Disclosures on Mar 09</p>ZDI-10-025: Microsoft Office Excel XLSX File Parsing Remote Code Execution Vulnerability<br>
required to...<br>>/description>
>/item>
>item>
>title>[security bulletin] HPSBMA02489 SSRT090065 rev.1 - HP Performance Insight , Remote Execution of Arbitrary Commands>/title>
>link>http://seclists.org/bugtraq/2010/Mar/78>/link>
>description><p>Posted by security-alert on Mar 09</p>SUPPORT COMMUNICATION - SECURITY BULLETIN<br>
Source: Hewlett-Packard Company, HP Software Security Response...<br>>/description>
>/item>
>item>
>title>[SECURITY] [DSA 2008-1] New typo3-src packages fix several vulnerabilities>/title>
>link>http://seclists.org/bugtraq/2010/Mar/77>/link>
>description><p>Posted by Moritz Muehlenhoff on Mar 09</p>------------------------------------------------------------------------<br>
Problem type : local/remote...<br>>/description>
>/item>
>item>
>title>IBM ENOVIA SmarTeam v5 Cross Site Scripting Vulnerability>/title>
>link>http://seclists.org/bugtraq/2010/Mar/76>/link>
>description><p>Posted by lament on Mar 09</p>=========================================<br>
driving...<br>>/description>
>/item>
>item>
>title>Re: Apple Airport Wireless Products: Promiscuous FTP PORT Allowed in FTP Proxy Provides Security Bypass>/title>
>link>http://seclists.org/bugtraq/2010/Mar/75>/link>
>description><p>Posted by Sabahattin Gucukoglu on Mar 09</p>Do you have firmware information on which products it affects.<br>
think was true for Airport...<br>>/description>
>/item>
>item>
>title>SQL injection vulnerability in wILD CMS>/title>
>link>http://seclists.org/bugtraq/2010/Mar/74>/link>
>description><p>Posted by Maciej Gojny on Mar 09</p># Title: [SQL injection vulnerability in wILD CMS]<br>
# Name: wILD CMS...<br>>/description>
>/item>
>item>
>title>Croogo CMS 1.2 Cross Site Scripting Vulnerabilities>/title>
>link>http://seclists.org/bugtraq/2010/Mar/73>/link>
>description><p>Posted by Paulino Calderon on Mar 09</p>Croogo CMS 1.2 Cross Site Scripting Vulnerabilities<br>
BACKGROUND...<br>>/description>
>/item>
>item>
>title>[ MDVSA-2010:057 ] apache>/title>
>link>http://seclists.org/bugtraq/2010/Mar/72>/link>
>description><p>Posted by security on Mar 08</p> _______________________________________________________________________<br>
Enterprise Server 5.0...<br>>/description>
>/item>
>item>
>title>Re: phpinfo() XSS Vulnerability>/title>
>link>http://seclists.org/bugtraq/2010/Mar/71>/link>
>description><p>Posted by Salvatore Fresta aka Drosophila on Mar 08</p>I tested it with php 5.1.6 and 5.2.6 and seems not work. The<br>
/phpinfo.php?+%3CScRipT%3Ealert(0111001101100101011000110111010101110010011010010111010001111001);%3C/sCrIpT%3E+<br>>/description>
>/item>
>item>
>title>[USN-907-1] gnome-screensaver vulnerabilities>/title>
>link>http://seclists.org/bugtraq/2010/Mar/70>/link>
>description><p>Posted by Marc Deslauriers on Mar 08</p>===========================================================<br>
The problem can be...<br>>/description>
>/item>
>item>
>title>rPSA-2010-0014-1 mysql mysql-bench mysql-server>/title>
>link>http://seclists.org/bugtraq/2010/Mar/69>/link>
>description><p>Posted by rPath Update Announcements on Mar 08</p>rPath Security Advisory: 2010-0014-1<br>
mysql-bench=conary.rpath.com...<br>>/description>
>/item>
>item>
>title>rPSA-2010-0013-1 gzip>/title>
>link>http://seclists.org/bugtraq/2010/Mar/68>/link>
>description><p>Posted by rPath Update Announcements on Mar 08</p>rPath Security Advisory: 2010-0013-1<br>
rPath Issue Tracking System:...<br>>/description>
>/item>
>item>
>title>rPSA-2010-0012-1 postgresql postgresql-contrib postgresql-server>/title>
>link>http://seclists.org/bugtraq/2010/Mar/67>/link>
>description><p>Posted by rPath Update Announcements on Mar 08</p>rPath Security Advisory: 2010-0012-1<br>
postgresql=conary.rpath.com () rpl:2/8.3.9-0.1-1...<br>>/description>
>/item>
>item>
>title>rPSA-2010-0011-1 gnome-ssh-askpass openssh openssh-client openssh-server>/title>
>link>http://seclists.org/bugtraq/2010/Mar/66>/link>
>description><p>Posted by rPath Update Announcements on Mar 08</p>rPath Security Advisory: 2010-0011-1<br>
openssh=conary.rpath.com () rpl:1/5.3p1-0.3-1...<br>>/description>
>/item>
>item>
>title>ZoneAlarm Security Circumvention>/title>
>link>http://seclists.org/bugtraq/2010/Mar/65>/link>
>description><p>Posted by Andrew Barkley on Mar 08</p>Hi,<br>
Certain vendors (including ZoneAlarm) implement...<br>>/description>
>/item>
>/channel>
>/rss>
>rss version="2.0">
>channel>
>title>Daily Dave>/title>
>link>http://seclists.org/#dailydave>/link>
>description>This technical discussion list covers vulnerability research, exploit development, and security events/gossip. It was started by <a href="http://www.immunitysec.com/">ImmunitySec</a> founder Dave Aitel and many security luminaries participate. Many posts simply advertise Immunity products, but you can't really fault Dave for being self-promotional on a list named DailyDave.>/description>
>item>
>title>Re: Mike Bailey's Flash presentation is good.>/title>
>link>http://seclists.org/dailydave/2010/q1/80>/link>
>description><p>Posted by Florian Weimer on Mar 09</p>Bugs in web application frameworks are typically not fixed in the<br>
that makes scanners not entirely useless.<br>>/description>
>/item>
>item>
>title>Mike Bailey's Flash presentation is good.>/title>
>link>http://seclists.org/dailydave/2010/q1/79>/link>
>description><p>Posted by dave on Mar 09</p>People in the web application security space are often more into<br>
But web application hacking can be as complex as a CLOUDBURST style...<br>>/description>
>/item>
>item>
>title>Re: Does anyone have video of this?>/title>
>link>http://seclists.org/dailydave/2010/q1/78>/link>
>description><p>Posted by Nate Lawson on Mar 04</p>I'm not sure why you're so excited about this. This panel is up every<br>
As for the NSA, crypto is such...<br>>/description>
>/item>
>item>
>title>Perforce>/title>
>link>http://seclists.org/dailydave/2010/q1/77>/link>
>description><p>Posted by Intevydis on Mar 04</p>Hi,<br>
to trigger send the following data to port "...<br>>/description>
>/item>
>item>
>title>Re: Does anyone have video of this?>/title>
>link>http://seclists.org/dailydave/2010/q1/76>/link>
>description><p>Posted by Dave Aitel on Mar 04</p>Btw, for those who missed it:<br>
-dave<br>>/description>
>/item>
>item>
>title>Does anyone have video of this?>/title>
>link>http://seclists.org/dailydave/2010/q1/75>/link>
>description><p>Posted by Dave Aitel on Mar 02</p>NSA, cryptoexperts jab at RSA Conference Cryptographers' Panel<br>
<a rel="nofollow" href="http://searchsecurity.techtarget.com/news/article/0,289142,sid14_gci1407881,00.html">http://searchsecurity.techtarget.com/news/article/0,289142,sid14_gci1407881,00.html</a><br>>/description>
>/item>
>item>
>title>FIRST 2010!>/title>
>link>http://seclists.org/dailydave/2010/q1/74>/link>
>description><p>Posted by dave on Mar 02</p>I'm giving a keynote at FIRST 2010. As you might imagine, FIRST is an<br>
Incident response happens when your secure...<br>>/description>
>/item>
>item>
>title>Month of PHP Security 2010 - CALL FOR PAPERS>/title>
>link>http://seclists.org/dailydave/2010/q1/73>/link>
>description><p>Posted by Stefan Esser on Feb 27</p>Month of PHP Security 2010 - CALL FOR PAPERS<br>
The intention of...<br>>/description>
>/item>
>item>
>title>dnsmap v0.30 + embedded devices discovery trick>/title>
>link>http://seclists.org/dailydave/2010/q1/72>/link>
>description><p>Posted by Adrian P. on Feb 25</p>Hello folks,<br>
ranges,...<br>>/description>
>/item>
>item>
>title>Re: XSS in viewstate>/title>
>link>http://seclists.org/dailydave/2010/q1/71>/link>
>description><p>Posted by Nicolas RUFF on Feb 21</p> Hello,<br>
serialization logic (but it...<br>>/description>
>/item>
>item>
>title>Re: XSS in viewstate>/title>
>link>http://seclists.org/dailydave/2010/q1/70>/link>
>description><p>Posted by David Byrne on Feb 19</p>We usually see MAC protection turned off on at least one page during an<br>
Chris Weber wrote:<br>>/description>
>/item>
>item>
>title>Re: XSS in viewstate>/title>
>link>http://seclists.org/dailydave/2010/q1/69>/link>
>description><p>Posted by David Byrne on Feb 19</p>In our original advisory, we did comment that Microsoft hinted at this vulnerability in a rather buried document <br>
first time (as far as we know) that the .Net framework was demonstrated to be vulnerable to XSS through the...<br>>/description>
>/item>
>item>
>title>Re: XSS in viewstate>/title>
>link>http://seclists.org/dailydave/2010/q1/68>/link>
>description><p>Posted by dave on Feb 19</p>We usually see MAC protection turned off on at least one page during an<br>
Chris Weber wrote:<br>>/description>
>/item>
>item>
>title>Re: XSS in viewstate>/title>
>link>http://seclists.org/dailydave/2010/q1/67>/link>
>description><p>Posted by David Byrne on Feb 19</p><a rel="nofollow" href="http://www.hacking-lab.com/misc/downloads/ViewState_Afames.pdf">http://www.hacking-lab.com/misc/downloads/ViewState_Afames.pdf</a><br>
-dave<br>>/description>
>/item>
>item>
>title>Re: XSS in viewstate>/title>
>link>http://seclists.org/dailydave/2010/q1/66>/link>
>description><p>Posted by Raw Data on Feb 19</p>Hi Dave,<br>
MAC is managed internally...<br>>/description>
>/item>
>/channel>
>/rss>
>rss version="2.0">
>channel>
>title>Firewall Wizards>/title>
>link>http://seclists.org/#firewall-wizards>/link>
>description>Tips and tricks for firewall administrators>/description>
>item>
>title>Call for papers: ISP-10, Orlando, USA, July 2010>/title>
>link>http://seclists.org/firewall-wizards/2010/Feb/6>/link>
>description><p>Posted by James Heralds on Feb 22</p>It would be highly appreciated if you could share this announcement with<br>
be held during 12-14 of July 2010...<br>>/description>
>/item>
>item>
>title>Re: Inline 2 port POE Firewall>/title>
>link>http://seclists.org/firewall-wizards/2010/Feb/5>/link>
>description><p>Posted by bruces on Feb 16</p>What about the RouterBoard 433 series boards. Three NICs and POE, <br>
Quoting Kerry Milestone <km4 () sanger ac uk>:<br>>/description>
>/item>
>item>
>title>Inline 2 port POE Firewall>/title>
>link>http://seclists.org/firewall-wizards/2010/Feb/4>/link>
>description><p>Posted by Kerry Milestone on Feb 16</p>Hello,<br>
fairly cheap price - rather than have to...<br>>/description>
>/item>
>item>
>title>Re: Login straight to priv mode in PIX with TACACS server>/title>
>link>http://seclists.org/firewall-wizards/2010/Feb/3>/link>
>description><p>Posted by John Morrison on Feb 12</p>Michel,<br>
cannot contact the TACACS+ server is to remove the network cables.<br>>/description>
>/item>
>item>
>title>Login straight to priv mode in PIX with TACACS server>/title>
>link>http://seclists.org/firewall-wizards/2010/Feb/2>/link>
>description><p>Posted by Michel Ferreira on Feb 11</p>Hi,<br>
command if I need console access I still will be...<br>>/description>
>/item>
>item>
>title>Draft paper submission deadline is extended: ISP-10>/title>
>link>http://seclists.org/firewall-wizards/2010/Feb/1>/link>
>description><p>Posted by James Heralds on Feb 05</p>Draft paper submission deadline is extended: ISP-10<br>
The conference will be held at the same time and location where...<br>>/description>
>/item>
>item>
>title>Hackito Ergo Sum 2010 - Call For Paper - HES2010 CFP>/title>
>link>http://seclists.org/firewall-wizards/2010/Feb/0>/link>
>description><p>Posted by endrazine on Feb 04</p>Hackito Ergo Sum 2010 - Call For Paper - HES2010 CFP<br>
The goal of this...<br>>/description>
>/item>
>item>
>title>Re: Is it possible to control access between clients on same LAN with a firewall?>/title>
>link>http://seclists.org/firewall-wizards/2010/Jan/37>/link>
>description><p>Posted by pkc_mls on Jan 28</p>William Fitzgerald a écrit :<br>
on the LAN.<br>>/description>
>/item>
>item>
>title>Re: Is it possible to control access between clients on same LAN with a firewall?>/title>
>link>http://seclists.org/firewall-wizards/2010/Jan/36>/link>
>description><p>Posted by Paul D. Robertson on Jan 27</p>I'm going to give you the non-firewall, imperfect but quick and easy <br>
the "internal" network on the router....<br>>/description>
>/item>
>item>
>title>Re: Is it possible to control access between clients on same LAN with a firewall?>/title>
>link>http://seclists.org/firewall-wizards/2010/Jan/35>/link>
>description><p>Posted by William Fitzgerald on Jan 27</p>Hi everyone,<br>
Pete.LeMay wrote:<br>>/description>
>/item>
>item>
>title>Re: Is it possible to control access between clients on same LAN with a firewall?>/title>
>link>http://seclists.org/firewall-wizards/2010/Jan/34>/link>
>description><p>Posted by Will Brickles on Jan 27</p>Using DD-WRT, what comes to mind immediately is to put your devices into separate VLANs and then use iptables to <br>
Using other (much more...<br>>/description>
>/item>
>item>
>title>Re: Is it possible to control access between clients on same LAN with a firewall?>/title>
>link>http://seclists.org/firewall-wizards/2010/Jan/33>/link>
>description><p>Posted by K K on Jan 27</p>Yes.<br>
Kevin<br>>/description>
>/item>
>item>
>title>Re: Is it possible to control access between clients on same LAN with a firewall?>/title>
>link>http://seclists.org/firewall-wizards/2010/Jan/32>/link>
>description><p>Posted by Paul Melson on Jan 26</p>With DD-WRT you can assign a different VLAN to each interface of the<br>
connected to that switch from each...<br>>/description>
>/item>
>item>
>title>Re: Is it possible to control access between clients on same LAN with a firewall?>/title>
>link>http://seclists.org/firewall-wizards/2010/Jan/31>/link>
>description><p>Posted by Mark on Jan 26</p>Will:<br>
firewall filter the traffic, in essence you would be creating a...<br>>/description>
>/item>
>item>
>title>Re: Is it possible to control access between clients on same LAN with a firewall?>/title>
>link>http://seclists.org/firewall-wizards/2010/Jan/30>/link>
>description><p>Posted by Eric Gearhart on Jan 26</p>You sound like you might already know this, but I may as well<br>
separate...<br>>/description>
>/item>
>/channel>
>/rss>
>rss version="2.0">
>channel>
>title>IDS Focus>/title>
>link>http://seclists.org/#focus-ids>/link>
>description>Technical discussion about Intrusion Detection Systems. You can also read the archives of a <A HREF="http://seclists.org/ids/">previous IDS list</A>>/description>
>item>
>title>Call for Papers: EC2ND 2010>/title>
>link>http://seclists.org/focus-ids/2010/Mar/0>/link>
>description><p>Posted by Konrad Rieck on Mar 08</p>Dear Colleagues,<br>
6th European Conference on Computer...<br>>/description>
>/item>
>item>
>title>Announcing xtractr (on pcapr)>/title>
>link>http://seclists.org/focus-ids/2010/Feb/1>/link>
>description><p>Posted by kowsik on Feb 22</p>We are happy to announce xtractr, a collaborative cloud app for<br>
<a rel="nofollow" href="http://www.pcapr.net/">http://www.pcapr.net/</a>...<br>>/description>
>/item>
>item>
>title>CFP: Workshop on the Analysis of System Logs>/title>
>link>http://seclists.org/focus-ids/2010/Feb/0>/link>
>description><p>Posted by Kathryn Mohror on Feb 05</p> Workshop on the Analysis of System Logs (WASL) 2010<br>
AUTHOR...<br>>/description>
>/item>
>/channel>
>/rss>
>rss version="2.0">
>channel>
>title>Full Disclosure>/title>
>link>http://seclists.org/#fulldisclosure>/link>
>description>An unmoderated high-traffic forum for disclosure of security information. Fresh vulnerabilities sometimes hit this list many hours before they pass through the Bugtraq moderation queue. The relaxed atmosphere of this quirky list provides some comic relief and certain industry gossip. Unfortunately 80% of the posts are worthless drivel, so finding the gems takes patience.>/description>
>item>
>title>[SECURITY] [DSA 2009-1] New tdiary packages fix cross-site scripting>/title>
>link>http://seclists.org/fulldisclosure/2010/Mar/182>/link>
>description><p>Posted by Steffen Joeris on Mar 10</p>------------------------------------------------------------------------<br>
Problem type...<br>>/description>
>/item>
>item>
>title>Vulnerabilities in Hydra Engine>/title>
>link>http://seclists.org/fulldisclosure/2010/Mar/181>/link>
>description><p>Posted by MustLive on Mar 10</p>Hello Full-Disclosure!<br>
30.01.2010 - disclosed at my site....<br>>/description>
>/item>
>item>
>title>iDefense Security Advisory 03.09.10: Microsoft Excel MDXTUPLE Record Heap Overflow Vulnerability>/title>
>link>http://seclists.org/fulldisclosure/2010/Mar/180>/link>
>description><p>Posted by iDefense Labs on Mar 10</p>iDefense Security Advisory 03.09.10<br>
Corp.'s Excel could allow an attacker to execute...<br>>/description>
>/item>
>item>
>title>iDefense Security Advisory 03.09.10: Microsoft Excel MDXSET Record Heap Overflow Vulnerability>/title>
>link>http://seclists.org/fulldisclosure/2010/Mar/179>/link>
>description><p>Posted by iDefense Labs on Mar 10</p>iDefense Security Advisory 03.09.10<br>
Corp.'s Excel could allow an attacker to execute...<br>>/description>
>/item>
>item>
>title>iDefense Security Advisory 03.09.10: Microsoft Excel FNGROUPNAME Record Uninitialized Memory Vulnerability>/title>
>link>http://seclists.org/fulldisclosure/2010/Mar/178>/link>
>description><p>Posted by iDefense Labs on Mar 09</p>iDefense Security Advisory 03.09.10<br>
Microsoft Corp.'s Excel could allow an attacker to...<br>>/description>
>/item>
>item>
>title>iDefense Security Advisory 03.09.10: Microsoft Excel Sheet Object Type Confusion Vulnerability>/title>
>link>http://seclists.org/fulldisclosure/2010/Mar/177>/link>
>description><p>Posted by iDefense Labs on Mar 09</p>iDefense Security Advisory 03.09.10<br>
Corp.'s Excel could allow an attacker to execute...<br>>/description>
>/item>
>item>
>title>Re: Ubisoft DDoS>/title>
>link>http://seclists.org/fulldisclosure/2010/Mar/176>/link>
>description><p>Posted by Rohit Patnaik on Mar 09</p>Well, we don't know exactly how the servers were configured. There might<br>
millions...<br>>/description>
>/item>
>item>
>title>Re: Ubisoft DDoS>/title>
>link>http://seclists.org/fulldisclosure/2010/Mar/175>/link>
>description><p>Posted by Jan Schejbal on Mar 09</p>Am 09.03.2010 21:11, schrieb James Matthews:<br>
Jan<br>>/description>
>/item>
>item>
>title>CORE-2009-1103: Microsoft Office Excel DbOrParamQry Record Parsing Vulnerability>/title>
>link>http://seclists.org/fulldisclosure/2010/Mar/174>/link>
>description><p>Posted by CORE Security Technologies Advisories on Mar 09</p> Core Security Technologies - CoreLabs Advisory<br>
Vendors contacted: Microsoft...<br>>/description>
>/item>
>item>
>title>CORE-2009-0813: Windows Movie Maker and Microsoft Producer IsValidWMToolsStream() Heap Overflow>/title>
>link>http://seclists.org/fulldisclosure/2010/Mar/173>/link>
>description><p>Posted by CORE Security Technologies Advisories on Mar 09</p> Core Security Technologies - CoreLabs Advisory<br>
Date of last update:...<br>>/description>
>/item>
>item>
>title>Re: Ubisoft DDoS>/title>
>link>http://seclists.org/fulldisclosure/2010/Mar/172>/link>
>description><p>Posted by Christian Sciberras on Mar 09</p>Perhaps Cisco xt 5650a?<br>
Cheers.<br>>/description>
>/item>
>item>
>title>[ MDVSA-2010:058 ] php>/title>
>link>http://seclists.org/fulldisclosure/2010/Mar/171>/link>
>description><p>Posted by security on Mar 09</p> _______________________________________________________________________<br>
Enterprise Server 5.0...<br>>/description>
>/item>
>item>
>title>Re: Ubisoft DDoS>/title>
>link>http://seclists.org/fulldisclosure/2010/Mar/170>/link>
>description><p>Posted by James Matthews on Mar 09</p>I don't see why they didn't just block the attack. It must be more then<br>
this.<br>>/description>
>/item>
>item>
>title>ZDI-10-026: Hewlett-Packard OVPI helpmanager Servlet Remote Code Execution Vulnerability>/title>
>link>http://seclists.org/fulldisclosure/2010/Mar/169>/link>
>description><p>Posted by ZDI Disclosures on Mar 09</p>ZDI-10-026: Hewlett-Packard OVPI helpmanager Servlet Remote Code Execution Vulnerability<br>
vulnerability by Digital Vaccine protection filter ID...<br>>/description>
>/item>
>item>
>title>ZDI-10-025: Microsoft Office Excel XLSX File Parsing Remote Code Execution Vulnerability>/title>
>link>http://seclists.org/fulldisclosure/2010/Mar/168>/link>
>description><p>Posted by ZDI Disclosures on Mar 09</p>ZDI-10-025: Microsoft Office Excel XLSX File Parsing Remote Code Execution Vulnerability<br>
required to...<br>>/description>
>/item>
>/channel>
>/rss>
>rss version="2.0">
>channel>
>title>Honeypots>/title>
>link>http://seclists.org/#honeypots>/link>
>description>Discussions about tracking attackers by setting up decoy honeypots or entire <A HREF="http://www.honeynet.org">honeynet</A> networks.>/description>
>item>
>title>Re: DNS honeypots?>/title>
>link>http://seclists.org/honeypots/2010/q1/13>/link>
>description><p>Posted by Jason Ross on Mar 03</p>But it would have the advantage of allowing you to capture further<br>
traffic for analysis through whatever tools you choose.<br>>/description>
>/item>
>item>
>title>Re: DNS honeypots?>/title>
>link>http://seclists.org/honeypots/2010/q1/12>/link>
>description><p>Posted by Alexandre Dulaunoy on Mar 03</p>We have used various techniques to make DNS honeypots. But there is<br>
information by doing and...<br>>/description>
>/item>
>item>
>title>Re: DNS honeypots?>/title>
>link>http://seclists.org/honeypots/2010/q1/11>/link>
>description><p>Posted by Brent Huston on Mar 03</p>Likely nothing today, most malware isn't smart enough to figure that out.<br>>/description>
>/item>
>item>
>title>Re: DNS honeypots?>/title>
>link>http://seclists.org/honeypots/2010/q1/10>/link>
>description><p>Posted by Jason Lewis on Mar 03</p>Slightly related, I was wondering what might happen if I made every<br>
query to the honeypot resolve back to the honeypot?<br>>/description>
>/item>
>item>
>title>Re: DNS honeypots?>/title>
>link>http://seclists.org/honeypots/2010/q1/9>/link>
>description><p>Posted by Brent Huston on Mar 03</p>One of the tactics our clients use is that they stand up one of our HoneyPoint Agents on a decoy box and then send all <br>
Let me know if that helps!<br>>/description>
>/item>
>item>
>title>Re: DNS honeypots?>/title>
>link>http://seclists.org/honeypots/2010/q1/8>/link>
>description><p>Posted by chr1x on Mar 02</p>This post looks pretty interesting!<br>
open possible...<br>>/description>
>/item>
>item>
>title>Re: DNS honeypots?>/title>
>link>http://seclists.org/honeypots/2010/q1/7>/link>
>description><p>Posted by Jason Lewis on Mar 02</p>I just figured I'd setup something to log access and see what shows<br>
up. I wasn't planning on directing traffic to the system.<br>>/description>
>/item>
>item>
>title>Re: DNS honeypots?>/title>
>link>http://seclists.org/honeypots/2010/q1/6>/link>
>description><p>Posted by Jason Lewis on Mar 02</p>Cool, this is the kind of thing I was thinking of doing. I was hoping<br>
Thanks.<br>>/description>
>/item>
>item>
>title>Re: DNS honeypots?>/title>
>link>http://seclists.org/honeypots/2010/q1/5>/link>
>description><p>Posted by Jason Ross on Mar 02</p>There's quite a lot of (bad and good) bots "out there" looking for DNS<br>
will collect a fair amount of queries.<br>>/description>
>/item>
>item>
>title>Re: DNS honeypots?>/title>
>link>http://seclists.org/honeypots/2010/q1/4>/link>
>description><p>Posted by Valdis . Kletnieks on Mar 02</p>On Tue, 02 Mar 2010 15:00:43 EST, Jason Lewis said:<br>
and hope that works?<br>>/description>
>/item>
>item>
>title>Re: DNS honeypots?>/title>
>link>http://seclists.org/honeypots/2010/q1/3>/link>
>description><p>Posted by Jason Ross on Mar 02</p>Below is how I've got BIND set up in Debian Linux for a similar purpose.<br>
Cheers,<br>>/description>
>/item>
>item>
>title>Re: DNS honeypots?>/title>
>link>http://seclists.org/honeypots/2010/q1/2>/link>
>description><p>Posted by Tillmann Werner on Mar 02</p>Jason,<br>
Tillmann<br>>/description>
>/item>
>item>
>title>DNS honeypots?>/title>
>link>http://seclists.org/honeypots/2010/q1/1>/link>
>description><p>Posted by Jason Lewis on Mar 02</p>Anyone have any pointers to dns honeypots or maybe just BIND<br>
actually executing them?<br>>/description>
>/item>
>item>
>title>Honeynet Project Forensic Challenge 2010/2 - browsers under attack>/title>
>link>http://seclists.org/honeypots/2010/q1/0>/link>
>description><p>Posted by christian . seifert on Feb 27</p>The Honeynet Project has revived an successful program from the past: The Honeynet Project Forensic Challenge 2010. The <br>
individuals and organizations not only learn about threats, but also learn how to...<br>>/description>
>/item>
>/channel>
>/rss>
>rss version="2.0">
>channel>
>title>Incidents>/title>
>link>http://seclists.org/#incidents>/link>
>description>Lightly moderated list for dicussing actual security incidents (unexplained probes, breakins, etc). Topics include information about new rootkits, backdoors, trojans, virii, and worms.>/description>
>/channel>
>/rss>
>rss version="2.0">
>channel>
>title>[ISN] InfoSec News Mailing List>/title>
>link>http://www.infosecnews.org/mailman/listinfo/isn>/link>
>description>InfoSecNews>/description>
>item>
>title>Thailand approves extradition of credit card hack suspect>/title>
>link>http://www.infosecnews.org/pipermail/isn/2010-March/018851.html>/link>
>description>InfoSec News: Thailand approves extradition of credit card hack suspect: http://www.theregister.co.uk/2010/03/08/thailand_extradites_hacking_suspect/
Malaysian man suspected of participating in credit card thefts of more [...]>/description>
>/item>
>item>
>title>RSA: Cybersecurity A Joint Fed, Industry Effort>/title>
>link>http://www.infosecnews.org/pipermail/isn/2010-March/018850.html>/link>
>description>InfoSec News: RSA: Cybersecurity A Joint Fed, Industry Effort: http://www.informationweek.com/news/government/security/showArticle.jhtml?articleID=223200125
last week, laying out their plans for government cybersecurity, [...]>/description>
>/item>
>item>
>title>Cybersecurity program has serious defects, GAO says>/title>
>link>http://www.infosecnews.org/pipermail/isn/2010-March/018849.html>/link>
>description>InfoSec News: Cybersecurity program has serious defects, GAO says: http://gcn.com/articles/2010/03/08/cnci-assessment-030810.aspx
>/description>
>/item>
>item>
>title>Ford Motor Rolls Out New Security Features To Prevent Car-Hacking>/title>
>link>http://www.infosecnews.org/pipermail/isn/2010-March/018848.html>/link>
>description>InfoSec News: Ford Motor Rolls Out New Security Features To Prevent Car-Hacking: http://www.darkreading.com/vulnerability_management/security/client/showArticle.jhtml?articleID=223200163
>/description>
>/item>
>item>
>title>Backdoor found in Energizer Duo USB battery charger>/title>
>link>http://www.infosecnews.org/pipermail/isn/2010-March/018847.html>/link>
>description>InfoSec News: Backdoor found in Energizer Duo USB battery charger: http://news.cnet.com/8301-27080_3-10465429-245.html
>/description>
>/item>
>item>
>title>FDIC: Hackers took more than $120M in three months>/title>
>link>http://www.infosecnews.org/pipermail/isn/2010-March/018846.html>/link>
>description>InfoSec News: FDIC: Hackers took more than $120M in three months: http://www.computerworld.com/s/article/9167598/FDIC_Hackers_took_more_than_120M_in_three_months?taxonomyId=17
$25 million in the third quarter of 2009, according to the U.S. [...]>/description>
>/item>
>item>
>title>Tokyo's Cyber Emergency Centre at the vanguard of hacking defence>/title>
>link>http://www.infosecnews.org/pipermail/isn/2010-March/018845.html>/link>
>description>InfoSec News: Tokyo's Cyber Emergency Centre at the vanguard of hacking defence: http://technology.timesonline.co.uk/tol/news/tech_and_web/article7053320.ece
world keeps a running log of global cyber-attacks. Bloodcurdling names [...]>/description>
>/item>
>item>
>title>The Corporate Side of Snooping>/title>
>link>http://www.infosecnews.org/pipermail/isn/2010-March/018844.html>/link>
>description>InfoSec News: The Corporate Side of Snooping: http://www.nytimes.com/2010/03/07/business/07shelf.html
are constantly being spun by the same gang of politicians and lobbyists [...]>/description>
>/item>
>item>
>title>Microsoft's tax-for-hacks 'horrible' idea, say security experts>/title>
>link>http://www.infosecnews.org/pipermail/isn/2010-March/018843.html>/link>
>description>InfoSec News: Microsoft's tax-for-hacks 'horrible' idea, say security experts: http://www.computerworld.com/s/article/9166458/Microsoft_s_tax_for_hacks_horrible_idea_say_security_experts?taxonomyId=17
>/description>
>/item>
>item>
>title>Facebook founder Mark Zuckerberg 'hacked into emails of rivals and journalists'>/title>
>link>http://www.infosecnews.org/pipermail/isn/2010-March/018842.html>/link>
>description>InfoSec News: Facebook founder Mark Zuckerberg 'hacked into emails of rivals and journalists': http://www.dailymail.co.uk/news/worldnews/article-1255888/Facebook-founder-Mark-Zuckerberg-hacked-emails-rivals-journalists.html
email accounts of rivals and journalists. [...]>/description>
>/item>
>item>
>title>Westin Bonaventure Los Angeles latest victim of hotel hackers>/title>
>link>http://www.infosecnews.org/pipermail/isn/2010-March/018841.html>/link>
>description>InfoSec News: Westin Bonaventure Los Angeles latest victim of hotel hackers: http://content.usatoday.com/communities/hotelcheckin/post/2010/03/hackers-breach-westin-bonaventure-los-angeles-networks-cybercriminal/1
You may have to monitor your credit card statements - and even place a [...]>/description>
>/item>
>item>
>title>Linux Advisory Watch: March 6th, 2010>/title>
>link>http://www.infosecnews.org/pipermail/isn/2010-March/018840.html>/link>
>description>InfoSec News: Linux Advisory Watch: March 6th, 2010: +----------------------------------------------------------------------+
| | [...]>/description>
>/item>
>item>
>title>At RSA, Some Security Pros Don't Practice What They Preach>/title>
>link>http://www.infosecnews.org/pipermail/isn/2010-March/018839.html>/link>
>description>InfoSec News: At RSA, Some Security Pros Don't Practice What They Preach: http://www.darkreading.com/vulnerability_management/security/encryption/showArticle.jhtml?articleID=223101624
wireless users at one of the industry's biggest security conferences [...]>/description>
>/item>
>item>
>title>Iowa Homeland Security Web site "compromised">/title>
>link>http://www.infosecnews.org/pipermail/isn/2010-March/018838.html>/link>
>description>InfoSec News: Iowa Homeland Security Web site "compromised": http://www.desmoinesregister.com/article/20100304/NEWS/100304002/1001/Iowa-Homeland-Security-Web-site-compromised
has been "compromised," a state official said today. [...]>/description>
>/item>
>item>
>title>Nation's cybersecurity suffers from a lack of information sharing>/title>
>link>http://www.infosecnews.org/pipermail/isn/2010-March/018837.html>/link>
>description>InfoSec News: Nation's cybersecurity suffers from a lack of information sharing: Forwarded from: Richard Forno <rforno (at) infowarrior.org>
>/description>
>/item>
>item>
>title>New BlackEnergy Trojan Targeting Russian, Ukrainian Banks>/title>
>link>http://www.infosecnews.org/pipermail/isn/2010-March/018836.html>/link>
>description>InfoSec News: New BlackEnergy Trojan Targeting Russian, Ukrainian Banks: http://www.darkreading.com/security/vulnerabilities/showArticle.jhtml?articleID=223101487
more sophisticated version of the infamous BlackEnergy Trojan associated [...]>/description>
>/item>
>item>
>title>White House Cyber Czar: 'There Is No Cyberwar'>/title>
>link>http://www.infosecnews.org/pipermail/isn/2010-March/018835.html>/link>
>description>InfoSec News: White House Cyber Czar: 'There Is No Cyberwar': http://www.wired.com/threatlevel/2010/03/schmidt-cyberwar/
has a short answer for the drumbeat of rhetoric claiming the United [...]>/description>
>/item>
>item>
>title>Heartland Aftershocks: Still at Risk?>/title>
>link>http://www.infosecnews.org/pipermail/isn/2010-March/018834.html>/link>
>description>InfoSec News: Heartland Aftershocks: Still at Risk?: http://www.bankinfosecurity.com/articles.php?art_id=2264
reveal that as many as 5,000 of its customers were at risk because of [...]>/description>
>/item>
>item>
>title>Secunia Weekly Summary - Issue: 2010-09>/title>
>link>http://www.infosecnews.org/pipermail/isn/2010-March/018833.html>/link>
>description>InfoSec News: Secunia Weekly Summary - Issue: 2010-09: ========================================================================
[...]>/description>
>/item>
>item>
>title>FBI Director: Hackers have corrupted valuable data>/title>
>link>http://www.infosecnews.org/pipermail/isn/2010-March/018832.html>/link>
>description>InfoSec News: FBI Director: Hackers have corrupted valuable data: http://www.computerworld.com/s/article/9166378/FBI_Director_Hackers_have_corrupted_valuable_data?taxonomyId=17
>/description>
>/item>
>item>
>title>'Severe' OpenSSL vuln busts public key crypto>/title>
>link>http://www.infosecnews.org/pipermail/isn/2010-March/018831.html>/link>
>description>InfoSec News: 'Severe' OpenSSL vuln busts public key crypto: http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/
the world's most widely used software encryption package that allows [...]>/description>
>/item>
>item>
>title>Heartland Breach: Colorado Bank Reports New Fraud>/title>
>link>http://www.infosecnews.org/pipermail/isn/2010-March/018830.html>/link>
>description>InfoSec News: Heartland Breach: Colorado Bank Reports New Fraud: http://www.bankinfosecurity.com/articles.php?art_id=2259
customers were at risk because of new fraudulent transactions tied to [...]>/description>
>/item>
>item>
>title>Shands notifies 12,500 patients that data at risk>/title>
>link>http://www.infosecnews.org/pipermail/isn/2010-March/018829.html>/link>
>description>InfoSec News: Shands notifies 12,500 patients that data at risk: http://www.gainesville.com/article/20100302/ARTICLES/3021003/1002
containing their medical information was stolen in January. [...]>/description>
>/item>
>item>
>title>Nation's cybersecurity suffers from a lack of information sharing>/title>
>link>http://www.infosecnews.org/pipermail/isn/2010-March/018828.html>/link>
>description>InfoSec News: Nation's cybersecurity suffers from a lack of information sharing: http://fcw.com/articles/2010/03/03/cybersecurity-policy.aspx
>/description>
>/item>
>item>
>title>Tracing attack source key to cybersecurity strategy, Chertoff says>/title>
>link>http://www.infosecnews.org/pipermail/isn/2010-March/018827.html>/link>
>description>InfoSec News: Tracing attack source key to cybersecurity strategy, Chertoff says: http://www.computerworld.com/s/article/9165638/Tracing_attack_source_key_to_cybersecurity_strategy_Chertoff_says?taxonomyId=17
>/description>
>/item>
>/channel>
>/rss>
>rss version="2.0">
>channel>
>title>MS Sec Notification>/title>
>link>http://seclists.org/#microsoft>/link>
>description>Beware that MS often uses these security bulletins as marketing propaganda to downplay serious vulnerabilities in their products -- note how most have a prominent and often-misleading "mitigating factors" section.>/description>
>item>
>title>Microsoft Security Bulletin Major Revisions>/title>
>link>http://seclists.org/microsoft/2010/q1/6>/link>
>description><p>Posted by Microsoft on Mar 09</p>********************************************************************<br>
-...<br>>/description>
>/item>
>item>
>title>Microsoft Security Bulletin Summary for March 2010>/title>
>link>http://seclists.org/microsoft/2010/q1/5>/link>
>description><p>Posted by Microsoft on Mar 09</p>********************************************************************<br>
With...<br>>/description>
>/item>
>item>
>title>Microsoft Security Bulletin Summary for February 2010>/title>
>link>http://seclists.org/microsoft/2010/q1/4>/link>
>description><p>Posted by Microsoft on Feb 09</p>********************************************************************<br>
February 2010 can be found at...<br>>/description>
>/item>
>item>
>title>Microsoft Security Bulletin Summary for January 2010>/title>
>link>http://seclists.org/microsoft/2010/q1/3>/link>
>description><p>Posted by Microsoft on Jan 21</p>********************************************************************<br>
January 2010 can be found at...<br>>/description>
>/item>
>item>
>title>Microsoft Security Bulletin Major Revision>/title>
>link>http://seclists.org/microsoft/2010/q1/2>/link>
>description><p>Posted by Microsoft on Jan 14</p>********************************************************************<br>
-...<br>>/description>
>/item>
>item>
>title>Microsoft Security Bulletin Summary for January 2010>/title>
>link>http://seclists.org/microsoft/2010/q1/1>/link>
>description><p>Posted by Microsoft on Jan 12</p>********************************************************************<br>
<a rel="nofollow" href="http://www.microsoft.com/technet/security/bulletin/ms10-jan.mspx">http://www.microsoft.com/technet/security/bulletin/ms10-jan.mspx</a>....<br>>/description>
>/item>
>item>
>title>Microsoft Security Bulletin Re-Release>/title>
>link>http://seclists.org/microsoft/2010/q1/0>/link>
>description><p>Posted by Microsoft on Jan 12</p>********************************************************************<br>
-...<br>>/description>
>/item>
>item>
>title>Microsoft Security Bulletin Major Revisions>/title>
>link>http://seclists.org/microsoft/2009/q4/9>/link>
>description><p>Posted by Microsoft on Dec 08</p>********************************************************************<br>
* MS08-037 - Important...<br>>/description>
>/item>
>item>
>title>Microsoft Security Bulletin Summary for December 2009>/title>
>link>http://seclists.org/microsoft/2009/q4/8>/link>
>description><p>Posted by Microsoft on Dec 08</p>********************************************************************<br>
December 2009 can be found at...<br>>/description>
>/item>
>item>
>title>Microsoft Security Bulletin Major Revisions>/title>
>link>http://seclists.org/microsoft/2009/q4/7>/link>
>description><p>Posted by Microsoft on Nov 24</p>********************************************************************<br>
* MS08-076 - Important...<br>>/description>
>/item>
>item>
>title>Microsoft Security Bulletin Major Revisions>/title>
>link>http://seclists.org/microsoft/2009/q4/6>/link>
>description><p>Posted by Microsoft on Nov 10</p>********************************************************************<br>
*...<br>>/description>
>/item>
>item>
>title>Microsoft Security Bulletin Summary for November 2009>/title>
>link>http://seclists.org/microsoft/2009/q4/5>/link>
>description><p>Posted by Microsoft on Nov 10</p>********************************************************************<br>
November 2009 can be found at...<br>>/description>
>/item>
>item>
>title>Microsoft Security Bulletin Advance Notification for November 2009>/title>
>link>http://seclists.org/microsoft/2009/q4/4>/link>
>description><p>Posted by Microsoft on Nov 05</p>********************************************************************<br>
Notification for November 2009 can be found...<br>>/description>
>/item>
>item>
>title>Microsoft Security Bulletin Major Revisions>/title>
>link>http://seclists.org/microsoft/2009/q4/3>/link>
>description><p>Posted by Microsoft on Nov 03</p>********************************************************************<br>
-...<br>>/description>
>/item>
>item>
>title>Microsoft Security Bulletin Major Revisions>/title>
>link>http://seclists.org/microsoft/2009/q4/2>/link>
>description><p>Posted by Microsoft on Oct 28</p>********************************************************************<br>
-...<br>>/description>
>/item>
>/channel>
>/rss>
>rss version="2.0">
>channel>
>title>NANOG@merit.edu>/title>
>link>http://www.merit.edu/mail.archives/nanog/index.html>/link>
>description>Latest posts to NANOG Mailing List>/description>
>item>
>title>Re: CRS-3>/title>
>link>http://www.merit.edu/mail.archives/nanog/msg06295.html>/link>
>description>Gregory Hicks (03/10/10)>/description>
>/item>
>item>
>title>Re: CRS-3>/title>
>link>http://www.merit.edu/mail.archives/nanog/msg06294.html>/link>
>description>Mikael Abrahamsson (03/10/10)>/description>
>/item>
>item>
>title>Re: CRS-3>/title>
>link>http://www.merit.edu/mail.archives/nanog/msg06293.html>/link>
>description>David Conrad (03/10/10)>/description>
>/item>
>item>
>title>RE: CRS-3>/title>
>link>http://www.merit.edu/mail.archives/nanog/msg06292.html>/link>
>description>Arjan van der Oest (03/10/10)>/description>
>/item>
>item>
>title>Re: CRS-3>/title>
>link>http://www.merit.edu/mail.archives/nanog/msg06291.html>/link>
>description>Paul Ferguson (03/10/10)>/description>
>/item>
>item>
>title>Re: CRS-3>/title>
>link>http://www.merit.edu/mail.archives/nanog/msg06290.html>/link>
>description>David Conrad (03/10/10)>/description>
>/item>
>item>
>title>Re: CRS-3>/title>
>link>http://www.merit.edu/mail.archives/nanog/msg06289.html>/link>
>description>Robert Enger - NANOG (03/10/10)>/description>
>/item>
>item>
>title>Re: CRS-3>/title>
>link>http://www.merit.edu/mail.archives/nanog/msg06288.html>/link>
>description>Mark (03/10/10)>/description>
>/item>
>item>
>title>Re: CRS-3>/title>
>link>http://www.merit.edu/mail.archives/nanog/msg06287.html>/link>
>description>Rubens Kuhl (03/10/10)>/description>
>/item>
>item>
>title>Re: CRS-3>/title>
>link>http://www.merit.edu/mail.archives/nanog/msg06286.html>/link>
>description>Mikael Abrahamsson (03/10/10)>/description>
>/item>
>item>
>title>RE: CRS-3>/title>
>link>http://www.merit.edu/mail.archives/nanog/msg06285.html>/link>
>description>Crooks, Sam (03/09/10)>/description>
>/item>
>item>
>title>Re: T1 aggregation and data center gatew>/title>
>link>http://www.merit.edu/mail.archives/nanog/msg06284.html>/link>
>description>Larry Sheldon (03/09/10)>/description>
>/item>
>item>
>title>Re: T1 aggregation and data center gatew>/title>
>link>http://www.merit.edu/mail.archives/nanog/msg06283.html>/link>
>description>Michael K. Smith (03/09/10)>/description>
>/item>
>item>
>title>Re: T1 aggregation and data center gatew>/title>
>link>http://www.merit.edu/mail.archives/nanog/msg06282.html>/link>
>description>John Peach (03/09/10)>/description>
>/item>
>item>
>title>RE: CRS-3>/title>
>link>http://www.merit.edu/mail.archives/nanog/msg06281.html>/link>
>description>George Bonser (03/09/10)>/description>
>/item>
>/channel>
>/rss>
>rss version="2.0">
>channel>
>title>netsec@merit.edu>/title>
>link>http://www.merit.edu/mail.archives/netsec/index.html>/link>
>description>Latest posts to netsec mailing list>/description>
>item>
>title>SANS NewsBites Vol. 12 Num. 19 : $120 Mi>/title>
>link>http://www.merit.edu/mail.archives/netsec/msg03525.html>/link>
>description>The SANS Institute (03/09/10)>/description>
>/item>
>item>
>title>FW: [ISN] FDIC: Hackers took more than $>/title>
>link>http://www.merit.edu/mail.archives/netsec/msg03524.html>/link>
>description>Howell, Paul (03/09/10)>/description>
>/item>
>item>
>title>HTC Phones Pre-installed With Mariposa B>/title>
>link>http://www.merit.edu/mail.archives/netsec/msg03523.html>/link>
>description>Howell, Paul (03/09/10)>/description>
>/item>
>item>
>title>Ford Motor Rolls Out New Security Featur>/title>
>link>http://www.merit.edu/mail.archives/netsec/msg03522.html>/link>
>description>Howell, Paul (03/09/10)>/description>
>/item>
>item>
>title>What's in a Name?>/title>
>link>http://www.merit.edu/mail.archives/netsec/msg03521.html>/link>
>description>Howell, Paul (03/09/10)>/description>
>/item>
>item>
>title>FW: US-CERT Cyber Security Bulletin SB10>/title>
>link>http://www.merit.edu/mail.archives/netsec/msg03520.html>/link>
>description>Howell, Paul (03/08/10)>/description>
>/item>
>item>
>title>SANS NewsBites Vol. 12 Num. 18 : Source>/title>
>link>http://www.merit.edu/mail.archives/netsec/msg03519.html>/link>
>description>The SANS Institute (03/05/10)>/description>
>/item>
>item>
>title>The Myth of iPhone App Piracy>/title>
>link>http://www.merit.edu/mail.archives/netsec/msg03518.html>/link>
>description>Howell, Paul (03/03/10)>/description>
>/item>
>item>
>title>The Comprehensive National Cybersecurity>/title>
>link>http://www.merit.edu/mail.archives/netsec/msg03517.html>/link>
>description>Howell, Paul (03/03/10)>/description>
>/item>
>item>
>title>SANS NewsBites Vol. 12 Num. 17 : Obama A>/title>
>link>http://www.merit.edu/mail.archives/netsec/msg03516.html>/link>
>description>The SANS Institute (03/02/10)>/description>
>/item>
>item>
>title>Microsoft Windows 7/Vista Advanced Foren>/title>
>link>http://www.merit.edu/mail.archives/netsec/msg03515.html>/link>
>description>Howell, Paul (03/02/10)>/description>
>/item>
>item>
>title>Good Practices Guide for Deploying DNSSE>/title>
>link>http://www.merit.edu/mail.archives/netsec/msg03514.html>/link>
>description>Howell, Paul (03/02/10)>/description>
>/item>
>item>
>title>FW: US-CERT Cyber Security Bulletin SB10>/title>
>link>http://www.merit.edu/mail.archives/netsec/msg03513.html>/link>
>description>Howell, Paul (03/02/10)>/description>
>/item>
>item>
>title>FW: [ISN] United Airlines Caught in Twit>/title>
>link>http://www.merit.edu/mail.archives/netsec/msg03512.html>/link>
>description>Howell, Paul (02/28/10)>/description>
>/item>
>item>
>title>SANS NewsBites Vol. 12 Num. 16 : State o>/title>
>link>http://www.merit.edu/mail.archives/netsec/msg03511.html>/link>
>description>The SANS Institute (02/26/10)>/description>
>/item>
>/channel>
>/rss>
>rss version="2.0">
>channel>
>title> SANS ISC SecNewsFeed>/title>
>link> http://isc.sans.org>/link>
>description>>![CDATA[]]>>/description>
>image>
>title>SANS ISC SecNewsFeed>/title>
>url>http://isc.sans.org/images/status.gif>/url>
>link>http://isc.sans.org>/link>
>/image>
>item>
>title>Update for Apache 2.2 web server closes various security holes (Heise Security News)>/title>
>link>http://rss.feedsportal.com/c/32569/f/491736/s/96d2e1a/l/0L0Sh0Eonline0N0Csecurity0Cnews0Citem0CUpdate0Efor0EApache0E20E20Eweb0Eserver0Ecloses0Evarious0Esecurity0Eholes0E949780A0Bhtml0Cfrom0Crss/story01.htm>/link>
>/item>
>item>
>title>Travelers file complaints over TSA body scanners (NetworkWorld Security)>/title>
>link>http://www.networkworld.com/news/2010/030910-travelers-file-complaints-over-tsa.html>/link>
>/item>
>item>
>title>Vodafone ships Mariposa-infected HTC Magic (The Register)>/title>
>link>http://go.theregister.com/feed/www.theregister.co.uk/2010/03/09/vodafone_mariposa/>/link>
>/item>
>item>
>title>Energizer Malware, (Tue, Mar 9th) (InternetStormCenter)>/title>
>link>http://isc.sans.org/diary.html?storyid=8386&rss>/link>
>/item>
>item>
>title>CVE-2010-0433 (openssl) (Natl. Vulnerability Database)>/title>
>link>http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0433>/link>
>/item>
>item>
>title>Vuln: TYPO3 Core Multiple Remote Security Vulnerabilities (SecurityFocus Vulnerabilities)>/title>
>link>http://www.securityfocus.com/bid/38366>/link>
>/item>
>item>
>title>Panda Discovers Malware on HTC Magic Phone (PC World) (Yahoo Security)>/title>
>link>http://us.rd.yahoo.com/dailynews/rss/security/*http://news.yahoo.com/s/pcworld/20100309/tc_pcworld/pandadiscoversmalwareonhtcmagicphone>/link>
>/item>
>item>
>title>SA10-068A: Microsoft Updates for Multiple Vulnerabilities (US-Cert Alerts)>/title>
>link>http://www.us-cert.gov/cas/alerts/SA10-068A.html>/link>
>/item>
>item>
>title>TA10-068A: Microsoft Updates for Multiple Vulnerabilities (US-CERT Techalerts)>/title>
>link>http://www.us-cert.gov/cas/techalerts/TA10-068A.html>/link>
>/item>
>item>
>title>Guide to Microsoft Police Forensic Services (Schneier blog)>/title>
>link>http://www.schneier.com/blog/archives/2010/03/guide_to_micros.html>/link>
>/item>
>item>
>title>MS10-017 - Important: Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (980150) (Microsoft)>/title>
>link>http://www.microsoft.com/technet/security/bulletin/ms10-017.mspx?pubDate=2010-03-09>/link>
>/item>
>item>
>title>Identifying Load Balancers in Penetration Testing (SANS Reading Room)>/title>
>link>http://www.sans.org/reading_room/whitepapers/testing/rss/identifying_load_balancers_in_penetration_testing_33313>/link>
>/item>
>item>
>title>Botnets, malware and capturing cybercriminals (SearchSecurity.com) (Yahoo News)>/title>
>link>http://us.rd.yahoo.com/dailynews/rss/search/%22Internet+Storm+Center%22/SIG=12srf5fl4/*http%3A//searchsecurity.techtarget.com/video/0,297151,sid14_gci1415235,00.html?track=sy160>/link>
>/item>
>/channel>
>/rss>
>rss version="2.0">
>channel>
>title>SecurityFocus News>/title>
>link>http://www.securityfocus.com>/link>
>description>
>/description>
>image>
>title>SecurityFocus>/title>
>url>http://www.securityfocus.com/rss/SFLogo_v1.gif>/url>
>link>http://www.securityfocus.com>/link>
>/image>
>item>
>title>News: Twitter attacker had proper credentials>/title>
>link>http://www.securityfocus.com/news/11569?ref=rss>/link>
>description>Twitter attacker had proper credentials>/description>
>/item>
>item>
>title>News: PhotoDNA scans images for child abuse>/title>
>link>http://www.securityfocus.com/news/11570?ref=rss>/link>
>description>PhotoDNA scans images for child abuse>/description>
>/item>
>item>
>title>News: Conficker data highlights infected networks>/title>
>link>http://www.securityfocus.com/news/11568?ref=rss>/link>
>description>>![CDATA[ Conficker data highlights infected networks>br/>>br/>
]]>>/description>
>/item>
>item>
>title>News: Popular apps need better patching, says report>/title>
>link>http://www.securityfocus.com/news/11560?ref=rss>/link>
>description>Popular apps need better patching, says report>/description>
>/item>
>item>
>title>Brief: Google offers bounty on browser bugs>/title>
>link>http://www.securityfocus.com/brief/1067?ref=rss>/link>
>description>Google offers bounty on browser bugs>/description>
>/item>
>item>
>title>Brief: Cyberattacks from U.S. "greatest concern">/title>
>link>http://www.securityfocus.com/brief/1066?ref=rss>/link>
>description>>![CDATA[ Cyberattacks from U.S. "greatest concern">br/>>br/>
]]>>/description>
>/item>
>item>
>title>Brief: Microsoft patches as fraudsters target IE flaw>/title>
>link>http://www.securityfocus.com/brief/1065?ref=rss>/link>
>description>Microsoft patches as fraudsters target IE flaw>/description>
>/item>
>item>
>title>Brief: Attack on IE 0-day refined by researchers>/title>
>link>http://www.securityfocus.com/brief/1064?ref=rss>/link>
>description>Attack on IE 0-day refined by researchers>/description>
>/item>
>item>
>title>News: Monster botnet held 800,000 people's details>/title>
>link>http://www.securityfocus.com/news/11580?ref=rss>/link>
>description>>![CDATA[ Monster botnet held 800,000 people's details>br/>>br/>
]]>>/description>
>/item>
>item>
>title>News: Google: 'no timetable' on China talks>/title>
>link>http://www.securityfocus.com/news/11581?ref=rss>/link>
>description>Google: 'no timetable' on China talks>/description>
>/item>
>item>
>title>News: Latvian hacker tweets hard on banking whistle>/title>
>link>http://www.securityfocus.com/news/11577?ref=rss>/link>
>description>Latvian hacker tweets hard on banking whistle>/description>
>/item>
>item>
>title>News: MS uses court order to take out Waledac botnet>/title>
>link>http://www.securityfocus.com/news/11578?ref=rss>/link>
>description>>![CDATA[ MS uses court order to take out Waledac botnet>br/>>br/>
]]>>/description>
>/item>
>item>
>title>Infocus: Enterprise Intrusion Analysis, Part One>/title>
>link>http://www.securityfocus.com/infocus/1904?ref=rss>/link>
>description>Enterprise Intrusion Analysis, Part One>/description>
>/item>
>item>
>title>Infocus: Responding to a Brute Force SSH Attack>/title>
>link>http://www.securityfocus.com/infocus/1903?ref=rss>/link>
>description>Responding to a Brute Force SSH Attack>/description>
>/item>
>item>
>title>Infocus: Data Recovery on Linux and <i>ext3</i>>/title>
>link>http://www.securityfocus.com/infocus/1902?ref=rss>/link>
>description>>![CDATA[ Data Recovery on Linux and <i>ext3</i>>br/>>br/>
]]>>/description>
>/item>
>item>
>title>Infocus: WiMax: Just Another Security Challenge?>/title>
>link>http://www.securityfocus.com/infocus/1901?ref=rss>/link>
>description>WiMax: Just Another Security Challenge?>/description>
>/item>
>item>
>title>Gunter Ollmann: Time to Squish SQL Injection>/title>
>link>http://www.securityfocus.com/columnists/505?ref=rss>/link>
>description>Time to Squish SQL Injection>/description>
>/item>
>item>
>title>Mark Rasch: Lazy Workers May Be Deemed Hackers>/title>
>link>http://www.securityfocus.com/columnists/504?ref=rss>/link>
>description>>![CDATA[ Lazy Workers May Be Deemed Hackers>br/>>br/>
]]>>/description>
>/item>
>item>
>title>Adam O'Donnell: The Scale of Security>/title>
>link>http://www.securityfocus.com/columnists/503?ref=rss>/link>
>description>The Scale of Security>/description>
>/item>
>item>
>title>Mark Rasch: Hacker-Tool Law Still Does Little>/title>
>link>http://www.securityfocus.com/columnists/502?ref=rss>/link>
>description>Hacker-Tool Law Still Does Little>/description>
>/item>
>item>
>title>More rss feeds from SecurityFocus>/title>
>link>http://www.securityfocus.com/rss/index.shtml>/link>
>description>News, Infocus, Columns, Vulnerabilities, Bugtraq ...>/description>
>/item>
>/channel>
>/rss>
>rss version="2.0">
>channel>
>title>Nmap Development>/title>
>link>http://seclists.org/#nmap-dev>/link>
>description>Unmoderated technical development forum for debating ideas, patches, and suggestions regarding proposed changes to <A HREF="http://nmap.org">Nmap</A> and related projects.>/description>
>item>
>title>Re: zenmap doesn't scan my user mode linux image>/title>
>link>http://seclists.org/nmap-dev/2010/q1/842>/link>
>description><p>Posted by Toralf Förster on Mar 10</p>David Fifield wrote at 17:41:12<br>
the protocols of sendmail, courier, apache, cups and friends).<br>>/description>
>/item>
>item>
>title>Re: More nsock socket_count_write_dec assert() failures>/title>
>link>http://seclists.org/nmap-dev/2010/q1/841>/link>
>description><p>Posted by David Fifield on Mar 09</p>I worked off-list with Brandon on this problem, and I think we have it<br>
However, when handle_write_result was called agains as a result of...<br>>/description>
>/item>
>item>
>title>Re: NMAP XML output too verbose>/title>
>link>http://seclists.org/nmap-dev/2010/q1/840>/link>
>description><p>Posted by Duarte Silva on Mar 09</p>Knowing that I'm fairly new in the area of contributing to nmap, but<br>
The problem of XML having hosts that...<br>>/description>
>/item>
>item>
>title>Re: NMAP XML output too verbose>/title>
>link>http://seclists.org/nmap-dev/2010/q1/839>/link>
>description><p>Posted by Ron on Mar 09</p>One of the most common questions we see in #nmap on Freenode is, "how an I find every host with port xx open?" -- I <br>
think your proposed modification to --open will make that a far easier question to answer. Sounds good to me!<br>>/description>
>/item>
>item>
>title>Re: New Nmap options for IDS interaction>/title>
>link>http://seclists.org/nmap-dev/2010/q1/838>/link>
>description><p>Posted by Theo Dzierzbicki on Mar 09</p>Hello again,<br>
the sendOK() function. This function happens to be a different...<br>>/description>
>/item>
>item>
>title>Re: NMAP XML output too verbose>/title>
>link>http://seclists.org/nmap-dev/2010/q1/837>/link>
>description><p>Posted by Fyodor on Mar 09</p>Hi Kevin. I talked this over with David Fifield today and we have a<br>
normally read the XML...<br>>/description>
>/item>
>item>
>title>Re: a few usability problems and how to scan very fast a large network>/title>
>link>http://seclists.org/nmap-dev/2010/q1/836>/link>
>description><p>Posted by Farkas Levente on Mar 09</p>local arp table usually don't contains all apr info on the lan:-(<br>
Nmap done: 65536 IP addresses...<br>>/description>
>/item>
>item>
>title>Re: a few usability problems and how to scan very fast a large network>/title>
>link>http://seclists.org/nmap-dev/2010/q1/835>/link>
>description><p>Posted by Brandon Enright on Mar 09</p>The best way would be to look at your ARP tables. With Nmap though,<br>
Well if you tell Nmap to scan an IP and it...<br>>/description>
>/item>
>item>
>title>RE: [BULK] Re: new Win install fails beyond localhost>/title>
>link>http://seclists.org/nmap-dev/2010/q1/834>/link>
>description><p>Posted by Norris Carden on Mar 09</p>BTW, the same install package is working fine on my XP desktop.<br>
--------------- Timing report...<br>>/description>
>/item>
>item>
>title>Re: new Win install fails beyond localhost>/title>
>link>http://seclists.org/nmap-dev/2010/q1/833>/link>
>description><p>Posted by David Fifield on Mar 09</p>Thanks, can you also do<br>
David Fifield<br>>/description>
>/item>
>item>
>title>RE: new Win install fails beyond localhost>/title>
>link>http://seclists.org/nmap-dev/2010/q1/832>/link>
>description><p>Posted by Norris Carden on Mar 09</p>Results as requested... thanks for pointing out these options.. <br>
lo0...<br>>/description>
>/item>
>item>
>title>a few usability problems and how to scan very fast a large network>/title>
>link>http://seclists.org/nmap-dev/2010/q1/831>/link>
>description><p>Posted by Farkas Levente on Mar 09</p>hi,<br>
- normal output is not very easy to parse....<br>>/description>
>/item>
>item>
>title>Re: zenmap doesn't scan my user mode linux image>/title>
>link>http://seclists.org/nmap-dev/2010/q1/830>/link>
>description><p>Posted by David Fifield on Mar 09</p>It would be very helpful if you could retest with version 5.00 to<br>
David Fifield<br>>/description>
>/item>
>item>
>title>Re: new Win install fails beyond localhost>/title>
>link>http://seclists.org/nmap-dev/2010/q1/829>/link>
>description><p>Posted by David Fifield on Mar 09</p>Can you scan hosts outside your local network, like scanme.nmap.org?<br>
David Fifield<br>>/description>
>/item>
>item>
>title>Re: zenmap doesn't scan my user mode linux image>/title>
>link>http://seclists.org/nmap-dev/2010/q1/828>/link>
>description><p>Posted by Toralf Förster on Mar 09</p>David Fifield wrote at 18:49:00<br>
Starting Nmap 5.21 (...<br>>/description>
>/item>
>/channel>
>/rss>
>rss version="2.0">
>channel>
>title>Nmap Hackers>/title>
>link>http://seclists.org/#nmap-hackers>/link>
>description>Moderated list for the most important new releases and announcements regarding the <A HREF="http://nmap.org">Nmap Security Scanner</A> and related projects. We recommend that all Nmap users <a href="http://cgi.insecure.org/mailman/listinfo/nmap-hackers">subscribe</a>.>/description>
>item>
>title>Nmap 5.21 released>/title>
>link>http://seclists.org/nmap-hackers/2010/2>/link>
>description><p>Posted by Fyodor on Jan 27</p>Hello everyone. I'm pleased to release Nmap 5.21, which contains zero<br>
development projects. If you want to know...<br>>/description>
>/item>
>item>
>title>Lots of Nmap News>/title>
>link>http://seclists.org/nmap-hackers/2010/1>/link>
>description><p>Posted by Fyodor on Jan 22</p>Hi folks. I'm happy to report that the 5.20 release went well. But<br>
If you're running from a build of the latest SVN checkout, you...<br>>/description>
>/item>
>item>
>title>Nmap 5.20 Released>/title>
>link>http://seclists.org/nmap-hackers/2010/0>/link>
>description><p>Posted by Fyodor on Jan 20</p>Happy new year, everyone. I'm happy to announce Nmap 5.20--our first<br>
The...<br>>/description>
>/item>
>item>
>title>Nmap 5.00 Released!>/title>
>link>http://seclists.org/nmap-hackers/2009/3>/link>
>description><p>Posted by Fyodor on Jul 16</p>Hello everyone. I'm delighted to announce the release of Nmap 5.00!<br>
1) The new Ncat tool aims to be your Swiss Army Knife...<br>>/description>
>/item>
>item>
>title>Nmap news: stable release candidate 4.90RC1, SoC team, and new translations>/title>
>link>http://seclists.org/nmap-hackers/2009/2>/link>
>description><p>Posted by Fyodor on Jun 26</p>Hi Folks. I'm pleased to announce some exciting Nmap news:<br>
Please test it out, and let us know if you find any problems...<br>>/description>
>/item>
>item>
>title>Nmap 4.85BETA6 now avail w/Conficker detection>/title>
>link>http://seclists.org/nmap-hackers/2009/1>/link>
>description><p>Posted by Fyodor on Apr 01</p>Hi Folks! In case you missed all the news reports yesterday, a couple<br>
millions of infections, and this massive botnet...<br>>/description>
>/item>
>item>
>title>Nmap News: 4.84BETA4 release, Nmap book news, Summer of Code, Twitter, etc.>/title>
>link>http://seclists.org/nmap-hackers/2009/0>/link>
>description><p>Posted by Fyodor on Mar 27</p>Hello everyone. We've seen 848 messages on nmap-dev this year, but<br>
4.85BETA4 release,...<br>>/description>
>/item>
>/channel>
>/rss>
>rss version="2.0">
>channel>
>/channel>
>/rss>
>rss version="2.0">
>channel>
>title>Penetration Testing>/title>
>link>http://seclists.org/#pen-test>/link>
>description>While this list is intended for "professionals", participants frequenly disclose techniques and strategies that would be useful to anyone with a practical interest in security and network auditing.>/description>
>item>
>title>Re: Case studies books>/title>
>link>http://seclists.org/pen-test/2010/Mar/45>/link>
>description><p>Posted by David Glosser on Mar 09</p>not a book, no idea how real, but fun to watch<br>
and CEPT certs require a full practical examination in order to become...<br>>/description>
>/item>
>item>
>title>Re: Evaluating pentesters>/title>
>link>http://seclists.org/pen-test/2010/Mar/44>/link>
>description><p>Posted by Shohn Trojacek on Mar 09</p>Tony,<br>
actual response at...<br>>/description>
>/item>
>item>
>title>Re: Professional Scrpt Kiddies vs Real Talent>/title>
>link>http://seclists.org/pen-test/2010/Mar/43>/link>
>description><p>Posted by Omar Herrera on Mar 09</p>Hi Adriel,<br>
We got scientists and experts that claim to know the...<br>>/description>
>/item>
>item>
>title>Re: Evaluating pentesters>/title>
>link>http://seclists.org/pen-test/2010/Mar/42>/link>
>description><p>Posted by Jason Ross on Mar 09</p>In theory, there is; see <a rel="nofollow" href="http://securityscoreboard.com">http://securityscoreboard.com</a><br>
a helpful resource IMO. Specifically, it provides a very nice...<br>>/description>
>/item>
>item>
>title>Re: Evaluating pentesters>/title>
>link>http://seclists.org/pen-test/2010/Mar/41>/link>
>description><p>Posted by aceinyaface on Mar 09</p>Hey Tony,<br>
Prove to peers and potential employers without a doubt that...<br>>/description>
>/item>
>item>
>title>Re: Professional Scrpt Kiddies vs Real Talent>/title>
>link>http://seclists.org/pen-test/2010/Mar/40>/link>
>description><p>Posted by Vikram Dhillon on Mar 09</p>Thanks for that awesome email, I suppose you are right that in most cases the script kiddies are just being an <br>
advent of linux however, things have changed a lot, the code is open so its harder to make it...<br>>/description>
>/item>
>item>
>title>Re: Professional Scrpt Kiddies vs Real Talent>/title>
>link>http://seclists.org/pen-test/2010/Mar/39>/link>
>description><p>Posted by Adriel T. Desautels on Mar 09</p>Comments embedded below:<br>
What does...<br>>/description>
>/item>
>item>
>title>Re: Professional Scrpt Kiddies vs Real Talent>/title>
>link>http://seclists.org/pen-test/2010/Mar/38>/link>
>description><p>Posted by Adriel T. Desautels on Mar 09</p>Hi Wim, my comments are embedded below.<br>
I love HD, so do the people on our team, but I'm not sure that I'd go so far as...<br>>/description>
>/item>
>item>
>title>Re: proposed pen-test>/title>
>link>http://seclists.org/pen-test/2010/Mar/37>/link>
>description><p>Posted by Shohn Trojacek on Mar 08</p>I haven't thought this very far through, but wanted to comment that<br>
I'd probably spend...<br>>/description>
>/item>
>item>
>title>Re: Professional Scrpt Kiddies vs Real Talent>/title>
>link>http://seclists.org/pen-test/2010/Mar/36>/link>
>description><p>Posted by Wim Remes on Mar 08</p>while I understand what triggered this post and/or e-mail, it is barely scratching the surface. Infosec is so much <br>
very open and interactive community (no, not by stepping in the...<br>>/description>
>/item>
>item>
>title>Re: proposed pen-test>/title>
>link>http://seclists.org/pen-test/2010/Mar/35>/link>
>description><p>Posted by Terry Cutler on Mar 08</p>Hey John, I'm actually reproducing the Hack that was done on Google<br>
Linkedin invitations....<br>>/description>
>/item>
>item>
>title>Re: Evaluating pentesters>/title>
>link>http://seclists.org/pen-test/2010/Mar/34>/link>
>description><p>Posted by Andre Gironda on Mar 08</p>Is there some kind of capital planning, budgeting, or decision-making<br>
Ok....<br>>/description>
>/item>
>item>
>title>Re: Evaluating pentesters>/title>
>link>http://seclists.org/pen-test/2010/Mar/33>/link>
>description><p>Posted by David Glosser on Mar 08</p>I would assume that a PCI Approved Scanning Vendor (ASV) would also<br>
Prove to...<br>>/description>
>/item>
>item>
>title>Re: proposed pen-test>/title>
>link>http://seclists.org/pen-test/2010/Mar/32>/link>
>description><p>Posted by krymson on Mar 08</p>If you have access to the mailboxes of the department, could you just slip them in with some prepared wear-and-tear on <br>
out, or give them to a student or friend or...<br>>/description>
>/item>
>item>
>title>Re: Evaluating pentesters>/title>
>link>http://seclists.org/pen-test/2010/Mar/31>/link>
>description><p>Posted by Tracy Reed on Mar 08</p>On Fri, Mar 05, 2010 at 07:01:33PM -0500, Tony Turner spake thusly:<br>
merchants who...<br>>/description>
>/item>
>/channel>
>/rss>
>rss version="2.0">
>channel>
>title>digg.com: Stories / Popular>/title>
>description>digg.com: Stories / Popular>/description>
>link>http://digg.com/>/link>
>title>You can't hurry love...>/title>
>link>http://feeds.digg.com/~r/digg/popular/~3/4QUJKWtSqWg/You_can_t_hurry_love_2>/link>
>description>You can't hurry love. No, you'll just have to wait. Just trust in a good time. No matter how long it takes. by Phil Collins
<a href="http://feedads.g.doubleclick.net/~at/R6Mhp_C-nFeKJatJ7d2JV2wbSAU/1/da"><img src="http://feedads.g.doubleclick.net/~at/R6Mhp_C-nFeKJatJ7d2JV2wbSAU/1/di" border="0" ismap="true"></img></a></p><img src="http://feeds.feedburner.com/~r/digg/popular/~4/4QUJKWtSqWg" height="1" width="1"/>>/description>
>item>
>title>Science Trips Out on Music in The Heart Is a Drum Machine>/title>
>link>http://feeds.digg.com/~r/digg/popular/~3/beYetHzMg70/Science_Trips_Out_on_Music_in_The_Heart_Is_a_Drum_Machine>/link>
>description>What is music? It’s a simple question, but it leads director Christopher Pomerenke in many complicated artistic and scientific directions in his documentary The Heart Is a Drum Machine, out Tuesday on DVD.
<a href="http://feedads.g.doubleclick.net/~at/LYbiKVB8A1PqmyzAg5Tldh60nqQ/1/da"><img src="http://feedads.g.doubleclick.net/~at/LYbiKVB8A1PqmyzAg5Tldh60nqQ/1/di" border="0" ismap="true"></img></a></p><img src="http://feeds.feedburner.com/~r/digg/popular/~4/beYetHzMg70" height="1" width="1"/>>/description>
>item>
>title>10 Forgotten Hollywood Stars who are Still Sexy>/title>
>link>http://feeds.digg.com/~r/digg/popular/~3/dGnrQ1y20jI/10_Forgotten_Hollywood_Stars_who_are_Still_Sexy>/link>
>description>Not only does the young brigade add to the sex appeal in the movie arena, there is a long list of forgotten Hollywood stars which still give competition to their younger counterparts.Beauty never goes out of fashion and same goes for some of the stars who have lost their glory but not their glamour!
<a href="http://feedads.g.doubleclick.net/~at/FvLz0iCA-ebXXFmcWcxBraViXq8/1/da"><img src="http://feedads.g.doubleclick.net/~at/FvLz0iCA-ebXXFmcWcxBraViXq8/1/di" border="0" ismap="true"></img></a></p><img src="http://feeds.feedburner.com/~r/digg/popular/~4/dGnrQ1y20jI" height="1" width="1"/>>/description>
>item>
>title>The Machines Have Become Self-Aware (pic)>/title>
>link>http://feeds.digg.com/~r/digg/popular/~3/2rRXFN2j7mA/The_Machines_Have_Become_Self_Aware_pic>/link>
>description>*****
<a href="http://feedads.g.doubleclick.net/~at/Vca5bWL8QB_EyVXMJ6ayYUUhGzQ/1/da"><img src="http://feedads.g.doubleclick.net/~at/Vca5bWL8QB_EyVXMJ6ayYUUhGzQ/1/di" border="0" ismap="true"></img></a></p><img src="http://feeds.feedburner.com/~r/digg/popular/~4/2rRXFN2j7mA" height="1" width="1"/>>/description>
>item>
>title>Facing Pot Charges, Man Claims Marijuana is His Religion>/title>
>link>http://feeds.digg.com/~r/digg/popular/~3/DF_xI6HEVG8/Facing_Pot_Charges_Man_Claims_Marijuana_is_His_Religion>/link>
>description>More specifically, he's a member of both the Church of Universal Sacraments and The Hawaii Cannabis Ministry, aka the THC Ministry, and he uses marijuana in the practice of his religion.
<a href="http://feedads.g.doubleclick.net/~at/lzA4ZkKvXFlQ6_LOIy7F-se821k/1/da"><img src="http://feedads.g.doubleclick.net/~at/lzA4ZkKvXFlQ6_LOIy7F-se821k/1/di" border="0" ismap="true"></img></a></p><img src="http://feeds.feedburner.com/~r/digg/popular/~4/DF_xI6HEVG8" height="1" width="1"/>>/description>
>item>
>title>"Cove" Movie Assails Dolphin Hunt, Gets Oscar Boost>/title>
>link>http://feeds.digg.com/~r/digg/popular/~3/1bEL1UjWMq0/Cove_Movie_Assails_Dolphin_Hunt_Gets_Oscar_Boost>/link>
>description>National Geographic With its 2010 Oscar win for best documentary, the movie The Cove has reignited debate over annual dolphin hunts in Taiji, Japan. This now sheds a whole new story & light on the murderous Dolphin Hunt, it's not............................
<a href="http://feedads.g.doubleclick.net/~at/M5BoYMCHKsYeUGIM7yxkgfq68Xg/1/da"><img src="http://feedads.g.doubleclick.net/~at/M5BoYMCHKsYeUGIM7yxkgfq68Xg/1/di" border="0" ismap="true"></img></a></p><img src="http://feeds.feedburner.com/~r/digg/popular/~4/1bEL1UjWMq0" height="1" width="1"/>>/description>
>item>
>title>Did Microsoft Leave the Social Media Space?>/title>
>link>http://feeds.digg.com/~r/digg/popular/~3/jVJkOdyaX0s/Did_Microsoft_Leave_the_Social_Media_Space>/link>
>description>Microsoft on its part is not in talks. People feel the software giant has run away from this space and is a big time failure. But wait a min. If you think, MS has actually left the space you are wrong.
<a href="http://feedads.g.doubleclick.net/~at/Ng-Dk9HOzra7kgjo8ZNafzlFG_c/1/da"><img src="http://feedads.g.doubleclick.net/~at/Ng-Dk9HOzra7kgjo8ZNafzlFG_c/1/di" border="0" ismap="true"></img></a></p><img src="http://feeds.feedburner.com/~r/digg/popular/~4/jVJkOdyaX0s" height="1" width="1"/>>/description>
>item>
>title>Magical Street Graffiti – 35 Breathtaking Illusions!!>/title>
>link>http://feeds.digg.com/~r/digg/popular/~3/IoFqQ48acKg/Magical_Street_Graffiti_n_35_Breathtaking_Illusions>/link>
>description>Graffiti, by nature, is a very controversial subject as it represents a type of art which is mostly unauthorized and one that is in contrast to traditional forms of artwork. The ever growing street culture and graffiti are mostly provocative, appealing, bold and audacious.
<a href="http://feedads.g.doubleclick.net/~at/gnRUs3kBG37j8dAL_RBRd1sqZxU/1/da"><img src="http://feedads.g.doubleclick.net/~at/gnRUs3kBG37j8dAL_RBRd1sqZxU/1/di" border="0" ismap="true"></img></a></p><img src="http://feeds.feedburner.com/~r/digg/popular/~4/IoFqQ48acKg" height="1" width="1"/>>/description>
>item>
>title>Pot Meet Kettle: Greenpeace Data Centers Dirty as Facebook's>/title>
>link>http://feeds.digg.com/~r/digg/popular/~3/WxS81MoRxE8/Pot_Meet_Kettle_Greenpeace_Data_Centers_Dirty_as_Facebook_s>/link>
>description>After calling out the social network for using electricity generated with coal for its new green data center, it turns out that at least some of Greenpeace's servers are powered by coal as well as nuclear power.
<a href="http://feedads.g.doubleclick.net/~at/AmBFkL8WAXLXWemwbgr1OG7eqKA/1/da"><img src="http://feedads.g.doubleclick.net/~at/AmBFkL8WAXLXWemwbgr1OG7eqKA/1/di" border="0" ismap="true"></img></a></p><img src="http://feeds.feedburner.com/~r/digg/popular/~4/WxS81MoRxE8" height="1" width="1"/>>/description>
>item>
>title>Vitamin D Crucial To Activating Immune Defenses>/title>
>link>http://feeds.digg.com/~r/digg/popular/~3/senFJS9ar2E/Vitamin_D_Crucial_To_Activating_Immune_Defenses>/link>
>description>Scientists at the University of Copenhagen have discovered that Vitamin D is crucial to activating our immune defenses and that without sufficient intake of the vitamin, the killer cells of the immune system - T cells - will not be able to react to and fight off serious infections in the body.
<a href="http://feedads.g.doubleclick.net/~at/_2XovTRKu5WowIyCQ9RMZUXbmWs/1/da"><img src="http://feedads.g.doubleclick.net/~at/_2XovTRKu5WowIyCQ9RMZUXbmWs/1/di" border="0" ismap="true"></img></a></p><img src="http://feeds.feedburner.com/~r/digg/popular/~4/senFJS9ar2E" height="1" width="1"/>>/description>
>item>
>title>Greedo The Bounty Hunter - Intergalactic Loser (Videos)>/title>
>link>http://feeds.digg.com/~r/digg/popular/~3/_hY6X6yVlnw/Greedo_The_Bounty_Hunter_Intergalactic_Loser_Videos>/link>
>description>Greedo is everything a bounty hunter shouldn't be.
<a href="http://feedads.g.doubleclick.net/~at/6p9U3DWtwcvaT7HcPi3aHTyd5hU/1/da"><img src="http://feedads.g.doubleclick.net/~at/6p9U3DWtwcvaT7HcPi3aHTyd5hU/1/di" border="0" ismap="true"></img></a></p><img src="http://feeds.feedburner.com/~r/digg/popular/~4/_hY6X6yVlnw" height="1" width="1"/>>/description>
>item>
>title>Authorities Move Against Sushi Bar for Serving Whale Meat>/title>
>link>http://feeds.digg.com/~r/digg/popular/~3/xCGnNC3fOa0/Authorities_Move_Against_Sushi_Bar_for_Serving_Whale_Meat>/link>
>description>Investigation by The Cove filmmaker Charles Hambleton leads to allegations that a sushi hotspot has been serving whale meat.
<a href="http://feedads.g.doubleclick.net/~at/bTOWgXtlDGjaOqWz_Jr2KvLOXLE/1/da"><img src="http://feedads.g.doubleclick.net/~at/bTOWgXtlDGjaOqWz_Jr2KvLOXLE/1/di" border="0" ismap="true"></img></a></p><img src="http://feeds.feedburner.com/~r/digg/popular/~4/xCGnNC3fOa0" height="1" width="1"/>>/description>
>item>
>title>Swedes extend warm embrace to 'cuddle party' movement>/title>
>link>http://feeds.digg.com/~r/digg/popular/~3/ZbuApcFYZI4/Swedes_extend_warm_embrace_to_cuddle_party_movement>/link>
>description>Swedes are often partial to picking up on trends from "over there", with the latest offering a new way to socialize American-style - introducing... the "cuddle party".
<a href="http://feedads.g.doubleclick.net/~at/KK4J0Ir3lee76SZoJEqgCOL-rmY/1/da"><img src="http://feedads.g.doubleclick.net/~at/KK4J0Ir3lee76SZoJEqgCOL-rmY/1/di" border="0" ismap="true"></img></a></p><img src="http://feeds.feedburner.com/~r/digg/popular/~4/ZbuApcFYZI4" height="1" width="1"/>>/description>
>item>
>title>Insulators Made Into Conductors>/title>
>link>http://feeds.digg.com/~r/digg/popular/~3/mj2J1bYwGRE/Insulators_Made_Into_Conductors>/link>
>description>Most polymers -- materials made of long, chain-like molecules -- are very good insulators for both heat and electricity. But scientists have now found a way to transform the most widely used polymer, polyethylene, into a material that conducts heat just as well as most metals, yet remains an electrical insulator...
<a href="http://feedads.g.doubleclick.net/~at/2lMlYuaFqI0qv1P-aFQk8QGxGKs/1/da"><img src="http://feedads.g.doubleclick.net/~at/2lMlYuaFqI0qv1P-aFQk8QGxGKs/1/di" border="0" ismap="true"></img></a></p><img src="http://feeds.feedburner.com/~r/digg/popular/~4/mj2J1bYwGRE" height="1" width="1"/>>/description>
>item>
>title>Two-fingered push-ups world record attempt >/title>
>link>http://feeds.digg.com/~r/digg/popular/~3/HgC7H2i7V8I/Two_fingered_push_ups_world_record_attempt>/link>
>description>A judge watches Mohammed Ali Zinhom do 46 push-ups in 49 seconds on just two fingers.
<a href="http://feedads.g.doubleclick.net/~at/O3fHf-ptv2iRa5gqAxU9gQkdckw/1/da"><img src="http://feedads.g.doubleclick.net/~at/O3fHf-ptv2iRa5gqAxU9gQkdckw/1/di" border="0" ismap="true"></img></a></p><img src="http://feeds.feedburner.com/~r/digg/popular/~4/HgC7H2i7V8I" height="1" width="1"/>>/description>
>item>
>title>Five Alternative Uses for a Twinkie (Pics)>/title>
>link>http://feeds.digg.com/~r/digg/popular/~3/_UaoTB9F45I/Five_Alternative_Uses_for_a_Twinkie_Pics>/link>
>description>The original uses being, of course, the clogging of major arteries and the causing of orgasms in your mouth. There's the "Twinkie stuffed hot dog" and yes, the vegan Twinkie. Delicious.
<a href="http://feedads.g.doubleclick.net/~at/8Asyj9oUf8CYFlcxvDsYCacLESY/1/da"><img src="http://feedads.g.doubleclick.net/~at/8Asyj9oUf8CYFlcxvDsYCacLESY/1/di" border="0" ismap="true"></img></a></p><img src="http://feeds.feedburner.com/~r/digg/popular/~4/_UaoTB9F45I" height="1" width="1"/>>/description>
>item>
>title>7 Muslims arrested in Ireland over plot to kill cartoonist>/title>
>link>http://feeds.digg.com/~r/digg/popular/~3/R7MEVgm4ugA/7_Muslims_arrested_in_Ireland_over_plot_to_kill_cartoonist>/link>
>description>Seven Muslims were arrested in Ireland today over an alleged plot to assassinate a Swedish cartoonist who depicted the Prophet Mohammed with the body of a dog.
<a href="http://feedads.g.doubleclick.net/~at/ouPoYaolQ2GdY63ZaI2IdtzoBWg/1/da"><img src="http://feedads.g.doubleclick.net/~at/ouPoYaolQ2GdY63ZaI2IdtzoBWg/1/di" border="0" ismap="true"></img></a></p><img src="http://feeds.feedburner.com/~r/digg/popular/~4/R7MEVgm4ugA" height="1" width="1"/>>/description>
>item>
>title>Bottled Wind Could Be as Constant as Coal>/title>
>link>http://feeds.digg.com/~r/digg/popular/~3/Ou-mZnU0EJY/Bottled_Wind_Could_Be_as_Constant_as_Coal>/link>
>description>Wind power has made incredible inroads into the U.S. energy system thanks to big, efficient machines standing hundreds of feet tall. But the future of wind power may be underground.
<a href="http://feedads.g.doubleclick.net/~at/mjvSMNYhw5Dk4OZOvZHAgzndaMY/1/da"><img src="http://feedads.g.doubleclick.net/~at/mjvSMNYhw5Dk4OZOvZHAgzndaMY/1/di" border="0" ismap="true"></img></a></p><img src="http://feeds.feedburner.com/~r/digg/popular/~4/Ou-mZnU0EJY" height="1" width="1"/>>/description>
>item>
>title>Obama Using 'Bounty Hunters' for Health Care Fraud >/title>
>link>http://feeds.digg.com/~r/digg/popular/~3/LPySDrOQ8xM/Obama_Using_Bounty_Hunters_for_Health_Care_Fraud>/link>
>description>President Barack Obama said Tuesday he'll bring in high-tech bounty hunters to help root out health care fraud, grabbing a populist idea with bipartisan backing in his final push to overhaul the system.
<a href="http://feedads.g.doubleclick.net/~at/T0CWnecb8G7SxD-yW7U4OeJzTIY/1/da"><img src="http://feedads.g.doubleclick.net/~at/T0CWnecb8G7SxD-yW7U4OeJzTIY/1/di" border="0" ismap="true"></img></a></p><img src="http://feeds.feedburner.com/~r/digg/popular/~4/LPySDrOQ8xM" height="1" width="1"/>>/description>
>item>
>title>When Goods Get Traded, Who Pays for the CO2?>/title>
>link>http://feeds.digg.com/~r/digg/popular/~3/w0NmgCyZo2Y/When_Goods_Get_Traded_Who_Pays_for_the_CO2>/link>
>description>The carbon equation isn't as straightforward as we might think. Scientists find that rich nations are essentially outsourcing some of their carbon emissions to developing nations through global trade
<a href="http://feedads.g.doubleclick.net/~at/gUjp_nHbzxvQDwp6HIR_tWZP9Po/1/da"><img src="http://feedads.g.doubleclick.net/~at/gUjp_nHbzxvQDwp6HIR_tWZP9Po/1/di" border="0" ismap="true"></img></a></p><img src="http://feeds.feedburner.com/~r/digg/popular/~4/w0NmgCyZo2Y" height="1" width="1"/>>/description>
>item>
>title>"Valley of the Neptunes" Surprises Jimi Hendrix Skeptics>/title>
>link>http://feeds.digg.com/~r/digg/popular/~3/QamgfRNaS3M/Valley_of_the_Neptunes_Surprises_Jimi_Hendrix_Skeptics>/link>
>description>In the span of his brief career, Jimi Hendrix only produced three albums.Now comes Valleys of the Neptunes, a collection of recordings from the final days of The Jimi Hendrix Experience. Music critics have been reluctant to embrace the album because so many of his posthumous releases have been throwaways. However, this effort is turning heads.
<a href="http://feedads.g.doubleclick.net/~at/M-o4BhgQT6pQVZc3qxnTob3SaFA/1/da"><img src="http://feedads.g.doubleclick.net/~at/M-o4BhgQT6pQVZc3qxnTob3SaFA/1/di" border="0" ismap="true"></img></a></p><img src="http://feeds.feedburner.com/~r/digg/popular/~4/QamgfRNaS3M" height="1" width="1"/>>/description>
>item>
>title>The Secret Of A Long & Happy Sex Life? Be Healthy & Be A Man>/title>
>link>http://feeds.digg.com/~r/digg/popular/~3/TObVCdSxAG0/The_Secret_Of_A_Long_Happy_Sex_Life_Be_Healthy_Be_A_Man>/link>
>description>Men and women are living longer than ever before, but are they still having sex? Yes, say researchers in the US, but how often, and how enjoyable it is depends partly on their gender and partly on their state of health.
<a href="http://feedads.g.doubleclick.net/~at/SOKQsGNSMW6dVbDrC1DWa46Uw9g/1/da"><img src="http://feedads.g.doubleclick.net/~at/SOKQsGNSMW6dVbDrC1DWa46Uw9g/1/di" border="0" ismap="true"></img></a></p><img src="http://feeds.feedburner.com/~r/digg/popular/~4/TObVCdSxAG0" height="1" width="1"/>>/description>
>item>
>title>CBS Will Broadcast Men's Hoops Final Four Games in 3D>/title>
>link>http://feeds.digg.com/~r/digg/popular/~3/T32nFpq-1Co/CBS_Will_Broadcast_Men_s_Hoops_Final_Four_Games_in_3D>/link>
>description>CBS Sports will show the semifinals and championship game of the NCAA men's basketball tournament in 3D, marking the network's first foray into 3D TV. The network has struck a deal with Cinedigm Digital Cinema Corp. to show the Final Four games in 100 movie theaters nationwide, with pricing yet to be established.
<a href="http://feedads.g.doubleclick.net/~at/42LRhoswLjPbTtuRtbbgsLWSRCg/1/da"><img src="http://feedads.g.doubleclick.net/~at/42LRhoswLjPbTtuRtbbgsLWSRCg/1/di" border="0" ismap="true"></img></a></p><img src="http://feeds.feedburner.com/~r/digg/popular/~4/T32nFpq-1Co" height="1" width="1"/>>/description>
>item>
>title>Will Lunar Hole Become First Settlement on the Moon?>/title>
>link>http://feeds.digg.com/~r/digg/popular/~3/Quxi_89preM/Will_Lunar_Hole_Become_First_Settlement_on_the_Moon>/link>
>description>An international team of scientists has discovered an enormous hole that may well become the base for a moon colony. The lunar “lava tube” is not a new find, but the lava sheet that protects it and appears not to be prone to collapse, makes it different from all the others.
<a href="http://feedads.g.doubleclick.net/~at/hcd0n8BQaRIDfdlaRa8bkxgyqb4/1/da"><img src="http://feedads.g.doubleclick.net/~at/hcd0n8BQaRIDfdlaRa8bkxgyqb4/1/di" border="0" ismap="true"></img></a></p><img src="http://feeds.feedburner.com/~r/digg/popular/~4/Quxi_89preM" height="1" width="1"/>>/description>
>item>
>title>Sony Signs All 6 Major Studios for HD Movies on PlayStation>/title>
>link>http://feeds.digg.com/~r/digg/popular/~3/ZTbrBRtpRSY/Sony_Signs_All_6_Major_Studios_for_HD_Movies_on_PlayStation>/link>
>description>Well, it looks like Sony has a little treat for PS3 users now that they're able to turn their consoles back on -- it's just announced that it has signed up all six major studios to deliver HD movies on the PlayStation Network (the first company to do so, as Sony is happy to point out). That includes 20th Century Fox, Walt Disney Pictures... MORE!
<a href="http://feedads.g.doubleclick.net/~at/Ls_zQphMJwZ1rQ4iOlbcxJDKffo/1/da"><img src="http://feedads.g.doubleclick.net/~at/Ls_zQphMJwZ1rQ4iOlbcxJDKffo/1/di" border="0" ismap="true"></img></a></p><img src="http://feeds.feedburner.com/~r/digg/popular/~4/ZTbrBRtpRSY" height="1" width="1"/>>/description>
>item>
>title>Star Trek: The Next Generation of Fandom >/title>
>link>http://feeds.digg.com/~r/digg/popular/~3/DaJgLI9S1MU/Star_Trek_The_Next_Generation_of_Fandom>/link>
>description>From the fantastic to the ridiculous, here are 10 of the most interesting expressions of Star Trek fanaticism.
<a href="http://feedads.g.doubleclick.net/~at/OM9E62Qx4KNKH9Jr3Su14Ed6HAM/1/da"><img src="http://feedads.g.doubleclick.net/~at/OM9E62Qx4KNKH9Jr3Su14Ed6HAM/1/di" border="0" ismap="true"></img></a></p><img src="http://feeds.feedburner.com/~r/digg/popular/~4/DaJgLI9S1MU" height="1" width="1"/>>/description>
>item>
>title>Finally see an actual Giant Squid>/title>
>link>http://feeds.digg.com/~r/digg/popular/~3/1f7abxvlMLM/Finally_see_an_actual_Giant_Squid>/link>
>description>Controversial anatomist Gunther von Hagens has stuffed the monstrous pair of squid with silicone for preservation. A new technique preserves the squid in a life like form.
<a href="http://feedads.g.doubleclick.net/~at/09VuFZveL0wCEXkGU8KV-lbaZQY/1/da"><img src="http://feedads.g.doubleclick.net/~at/09VuFZveL0wCEXkGU8KV-lbaZQY/1/di" border="0" ismap="true"></img></a></p><img src="http://feeds.feedburner.com/~r/digg/popular/~4/1f7abxvlMLM" height="1" width="1"/>>/description>
>item>
>title>DR Congo ring may be giant 'impact crater'>/title>
>link>http://feeds.digg.com/~r/digg/popular/~3/52aRDZk5a2Y/DR_Congo_ring_may_be_giant_impact_crater>/link>
>description>Deforestation has revealed what could be a giant impact crater in Central Africa, scientists say. The 36-46km-wide feature, identified in DR Congo, may be one of the largest such structures discovered in the last decade.
<a href="http://feedads.g.doubleclick.net/~at/BzURkMBeX761LvEQKjMjJPfthRY/1/da"><img src="http://feedads.g.doubleclick.net/~at/BzURkMBeX761LvEQKjMjJPfthRY/1/di" border="0" ismap="true"></img></a></p><img src="http://feeds.feedburner.com/~r/digg/popular/~4/52aRDZk5a2Y" height="1" width="1"/>>/description>
>item>
>title>Physicists Find Way To See Through Opaque Materials>/title>
>link>http://feeds.digg.com/~r/digg/popular/~3/brHkz_HPGOI/Physicists_Find_Way_To_See_Through_Opaque_Materials>/link>
>description>New experiments show that it's possible to focus light through opaque materials and detect objects hidden behind them, provided you know enough about the material.
<a href="http://feedads.g.doubleclick.net/~at/xuRGEasA1y-DdIJSq1q7xOo4-44/1/da"><img src="http://feedads.g.doubleclick.net/~at/xuRGEasA1y-DdIJSq1q7xOo4-44/1/di" border="0" ismap="true"></img></a></p><img src="http://feeds.feedburner.com/~r/digg/popular/~4/brHkz_HPGOI" height="1" width="1"/>>/description>
>item>
>title>Real-life 'Bridezilla' starts crazy brawl inside bridal shop>/title>
>link>http://feeds.digg.com/~r/digg/popular/~3/eCxmAtLk6Gg/Real_life_Bridezilla_starts_crazy_brawl_inside_bridal_shop>/link>
>description>If the guy goes through with this marriage, they both deserve to be miserable for the rest of their lives....
<a href="http://feedads.g.doubleclick.net/~at/I0ZeOFF6xecd4xVkYNJMoEAb75k/1/da"><img src="http://feedads.g.doubleclick.net/~at/I0ZeOFF6xecd4xVkYNJMoEAb75k/1/di" border="0" ismap="true"></img></a></p><img src="http://feeds.feedburner.com/~r/digg/popular/~4/eCxmAtLk6Gg" height="1" width="1"/>>/description>
>item>
>title>Adderall Is Baseball's New Drug Problem, Says Doc>/title>
>link>http://feeds.digg.com/~r/digg/popular/~3/4DsCeYiaWZc/Adderall_Is_Baseball_s_New_Drug_Problem_Says_Doc>/link>
>description>A major league baseball player’s bitter divorce has lifted the lid on the sport’s new drug problem – players abusing the drug Adderall.
<a href="http://feedads.g.doubleclick.net/~at/BVKwUbVksZavs4dj-_J33eswyq4/1/da"><img src="http://feedads.g.doubleclick.net/~at/BVKwUbVksZavs4dj-_J33eswyq4/1/di" border="0" ismap="true"></img></a></p><img src="http://feeds.feedburner.com/~r/digg/popular/~4/4DsCeYiaWZc" height="1" width="1"/>>/description>
>item>
>title>2004-2008 Toyota Prius Recall Will Reshape Accelerator Pedal>/title>
>link>http://feeds.digg.com/~r/digg/popular/~3/29XnPMNTQ6M/2004_2008_Toyota_Prius_Recall_Will_Reshape_Accelerator_Pedal>/link>
>description>Owners of Toyota's iconic Prius hybrid model who thought they'd escaped the rash of Toyota recalls need to think again. The company is working on a fix to reshape accelerator pedals so that they cannot be trapped by floor mats, and will issue details within weeks.
<a href="http://feedads.g.doubleclick.net/~at/uH4uLs7T73BE8k6fvcdOlNiBb_Y/1/da"><img src="http://feedads.g.doubleclick.net/~at/uH4uLs7T73BE8k6fvcdOlNiBb_Y/1/di" border="0" ismap="true"></img></a></p><img src="http://feeds.feedburner.com/~r/digg/popular/~4/29XnPMNTQ6M" height="1" width="1"/>>/description>
>item>
>title>A gallery of the worst tattoos EVER.>/title>
>link>http://feeds.digg.com/~r/digg/popular/~3/cNTPV4Vrgbg/A_gallery_of_the_worst_tattoos_EVER>/link>
>description>The first thing that comes to mind is absolute stupidity.
<a href="http://feedads.g.doubleclick.net/~at/thgkLjSRuS4l8Cf4QiDsEET3-wQ/1/da"><img src="http://feedads.g.doubleclick.net/~at/thgkLjSRuS4l8Cf4QiDsEET3-wQ/1/di" border="0" ismap="true"></img></a></p><img src="http://feeds.feedburner.com/~r/digg/popular/~4/cNTPV4Vrgbg" height="1" width="1"/>>/description>
>item>
>title>America's Cheapest Hooker Charges $5 and a Jawbreaker >/title>
>link>http://feeds.digg.com/~r/digg/popular/~3/-sY6KxUB_20/America_s_Cheapest_Hooker_Charges_5_and_a_Jawbreaker>/link>
>description>Yes, she solicited an undercover Cincinnati cop, and all she wanted was5 bucks and a large clump of candy.
<a href="http://feedads.g.doubleclick.net/~at/sff3WYNpGXbKAZL8MPz0PgnM3Aw/1/da"><img src="http://feedads.g.doubleclick.net/~at/sff3WYNpGXbKAZL8MPz0PgnM3Aw/1/di" border="0" ismap="true"></img></a></p><img src="http://feeds.feedburner.com/~r/digg/popular/~4/-sY6KxUB_20" height="1" width="1"/>>/description>
>item>
>title>1969 LSD induced IHOP Commercial>/title>
>link>http://feeds.digg.com/~r/digg/popular/~3/uphooEACZJs/1969_LSD_induced_IHOP_Commercial>/link>
>description>Turn on, tune in, drop out. This commercial made me feel like I was tripping.
<a href="http://feedads.g.doubleclick.net/~at/kcNNHj24J26w2vUaOc1VQAHFa0A/1/da"><img src="http://feedads.g.doubleclick.net/~at/kcNNHj24J26w2vUaOc1VQAHFa0A/1/di" border="0" ismap="true"></img></a></p><img src="http://feeds.feedburner.com/~r/digg/popular/~4/uphooEACZJs" height="1" width="1"/>>/description>
>item>
>title>Nokia Files Patent for Self-Charging Phone>/title>
>link>http://feeds.digg.com/~r/digg/popular/~3/Me-2mrQ6gMo/Nokia_Files_Patent_for_Self_Charging_Phone>/link>
>description>Kinetically powered cell phones have been relegated to futuristic concepts..or have they? Nokia files a patent that could lead to the first real piezoelectric mobile phone.
<a href="http://feedads.g.doubleclick.net/~at/BYBg6ddULhnwqj17VHQaI7wk0oI/1/da"><img src="http://feedads.g.doubleclick.net/~at/BYBg6ddULhnwqj17VHQaI7wk0oI/1/di" border="0" ismap="true"></img></a></p><img src="http://feeds.feedburner.com/~r/digg/popular/~4/Me-2mrQ6gMo" height="1" width="1"/>>/description>
>item>
>title>Apple's Long History of Lousy First Reviews>/title>
>link>http://feeds.digg.com/~r/digg/popular/~3/XXDKQio1Gg8/Apple_s_Long_History_of_Lousy_First_Reviews>/link>
>description>Though the iPad has drawn some harsh reviews, it's hardly the first Apple product to get trashed (at first). A look back at 25 years of "flops"
<a href="http://feedads.g.doubleclick.net/~at/bC94IQa8Y7G7UHnmDc0UacogQu4/1/da"><img src="http://feedads.g.doubleclick.net/~at/bC94IQa8Y7G7UHnmDc0UacogQu4/1/di" border="0" ismap="true"></img></a></p><img src="http://feeds.feedburner.com/~r/digg/popular/~4/XXDKQio1Gg8" height="1" width="1"/>>/description>
>item>
>title>Moms Iron Daughters' Breasts in Mutilation Practice>/title>
>link>http://feeds.digg.com/~r/digg/popular/~3/h7_w2QO83Yo/Moms_Iron_Daughters_Breasts_in_Mutilation_Practice>/link>
>description>Though not publicly acknowledged, many pubescent girls in the West African country of Cameroon are subjected to the practice of breast ironing, which involves massaging a child's growing breasts with an object like a stone, hammer or spatula that has been heated over coals, until the breasts actually disappear. The practice of breast ironing is...
<a href="http://feedads.g.doubleclick.net/~at/n4HBNiK2Q6rE1X9hG4LWOjLQAFY/1/da"><img src="http://feedads.g.doubleclick.net/~at/n4HBNiK2Q6rE1X9hG4LWOjLQAFY/1/di" border="0" ismap="true"></img></a></p><img src="http://feeds.feedburner.com/~r/digg/popular/~4/h7_w2QO83Yo" height="1" width="1"/>>/description>
>item>
>title>Hourly Wage Earners Are Happier Than Salaried Workers>/title>
>link>http://feeds.digg.com/~r/digg/popular/~3/iblSRj0_Puc/Hourly_Wage_Earners_Are_Happier_Than_Salaried_Workers>/link>
>description>The relationship between money and happiness is stronger for people paid hourly because they're more often reminded of how much they earn, according to researchers at Stanford University and the University of Toronto. That lets workers more easily measure their value, which in turn increases happiness.
<a href="http://feedads.g.doubleclick.net/~at/14jLuKt7W0weGa477vMjf7ycuew/1/da"><img src="http://feedads.g.doubleclick.net/~at/14jLuKt7W0weGa477vMjf7ycuew/1/di" border="0" ismap="true"></img></a></p><img src="http://feeds.feedburner.com/~r/digg/popular/~4/iblSRj0_Puc" height="1" width="1"/>>/description>
>item>
>title>Cisco's New Router To Delivers 322 Terabits per Second>/title>
>link>http://feeds.digg.com/~r/digg/popular/~3/iaJ_IFwavNI/Cisco_s_New_Router_To_Delivers_322_Terabits_per_Second>/link>
>description>Cisco Systems, has announced the launch of a super-fast and effeciency-focused router technology which will be at the heart of "the next generation of the Internet".
<a href="http://feedads.g.doubleclick.net/~at/C9hvOWYqYhzsVf-tLTA3RSp12Q4/1/da"><img src="http://feedads.g.doubleclick.net/~at/C9hvOWYqYhzsVf-tLTA3RSp12Q4/1/di" border="0" ismap="true"></img></a></p><img src="http://feeds.feedburner.com/~r/digg/popular/~4/iaJ_IFwavNI" height="1" width="1"/>>/description>
>/channel>
>/rss>
>rss version="2.0">
>channel>
>title>The RISKS Forum>/title>
>link>http://seclists.org/#risks>/link>
>description>Peter G. Neumann moderates this regular digest of current events which demonstrate risks to the public in computers and related systems. Security risks are often discussed.>/description>
>item>
>title>Risks Digest 25.95>/title>
>link>http://seclists.org/risks/2010/q1/6>/link>
>description><p>Posted by RISKS List Owner on Feb 28</p>RISKS-LIST: Risks-Forum Digest Sunday 28 February 2010 Volume 25 : Issue 95<br>
The current issue can be...<br>>/description>
>/item>
>item>
>title>Risks Digest 25.94>/title>
>link>http://seclists.org/risks/2010/q1/5>/link>
>description><p>Posted by RISKS List Owner on Feb 14</p>RISKS-LIST: Risks-Forum Digest Sunday 14 February 2010 Volume 25 : Issue 94<br>
The current issue can be...<br>>/description>
>/item>
>item>
>title>Risks Digest 25.93>/title>
>link>http://seclists.org/risks/2010/q1/4>/link>
>description><p>Posted by RISKS List Owner on Jan 29</p>RISKS-LIST: Risks-Forum Digest Friday 29 January 2010 Volume 25 : Issue 93<br>
The current issue can be...<br>>/description>
>/item>
>item>
>title>Risks Digest 25.92>/title>
>link>http://seclists.org/risks/2010/q1/3>/link>
>description><p>Posted by RISKS List Owner on Jan 26</p>RISKS-LIST: Risks-Forum Digest Tuesday 26 January 2010 Volume 25 : Issue 92<br>
The current issue can be...<br>>/description>
>/item>
>item>
>title>Risks Digest 25.91>/title>
>link>http://seclists.org/risks/2010/q1/2>/link>
>description><p>Posted by RISKS List Owner on Jan 19</p>RISKS-LIST: Risks-Forum Digest Tuesday 19 January 2010 Volume 25 : Issue 91<br>
The current issue can be...<br>>/description>
>/item>
>item>
>title>Risks Digest 25.90>/title>
>link>http://seclists.org/risks/2010/q1/1>/link>
>description><p>Posted by RISKS List Owner on Jan 08</p>RISKS-LIST: Risks-Forum Digest Friday 8 January 2010 Volume 25 : Issue 90<br>
The current issue can be...<br>>/description>
>/item>
>item>
>title>Risks Digest 25.89>/title>
>link>http://seclists.org/risks/2010/q1/0>/link>
>description><p>Posted by RISKS List Owner on Jan 07</p>RISKS-LIST: Risks-Forum Digest Thursday 7 January 2010 Volume 25 : Issue 89<br>
The current issue can be...<br>>/description>
>/item>
>item>
>title>Risks Digest 25.88>/title>
>link>http://seclists.org/risks/2009/q4/8>/link>
>description><p>Posted by RISKS List Owner on Dec 26</p>RISKS-LIST: Risks-Forum Digest Saturday 26 December 2009 Volume 25 : Issue 88<br>
The current issue can...<br>>/description>
>/item>
>item>
>title>Risks Digest 25.87>/title>
>link>http://seclists.org/risks/2009/q4/7>/link>
>description><p>Posted by RISKS List Owner on Dec 15</p>RISKS-LIST: Risks-Forum Digest Tuesday 15 December 2009 Volume 25 : Issue 87<br>
The current issue can...<br>>/description>
>/item>
>item>
>title>Risks Digest 25.86>/title>
>link>http://seclists.org/risks/2009/q4/6>/link>
>description><p>Posted by RISKS List Owner on Dec 14</p>RISKS-LIST: Risks-Forum Digest Monday 14 December 2009 Volume 25 : Issue 86<br>
The current issue can be...<br>>/description>
>/item>
>item>
>title>Risks Digest 25.85>/title>
>link>http://seclists.org/risks/2009/q4/5>/link>
>description><p>Posted by RISKS List Owner on Nov 28</p>RISKS-LIST: Risks-Forum Digest Saturday 28 November 2009 Volume 25 : Issue 85<br>
The current issue can...<br>>/description>
>/item>
>item>
>title>Risks Digest 25.84>/title>
>link>http://seclists.org/risks/2009/q4/4>/link>
>description><p>Posted by RISKS List Owner on Nov 25</p>RISKS-LIST: Risks-Forum Digest Weds 25 November 2009 Volume 25 : Issue 84<br>
The current issue can be...<br>>/description>
>/item>
>item>
>title>Risks Digest 25.83>/title>
>link>http://seclists.org/risks/2009/q4/3>/link>
>description><p>Posted by RISKS List Owner on Nov 06</p>RISKS-LIST: Risks-Forum Digest Friday 6 November 2009 Volume 25 : Issue 83<br>
The current issue can be...<br>>/description>
>/item>
>item>
>title>Risks Digest 25.82>/title>
>link>http://seclists.org/risks/2009/q4/2>/link>
>description><p>Posted by RISKS List Owner on Oct 20</p>RISKS-LIST: Risks-Forum Digest Tuesday 20 October 2009 Volume 25 : Issue 82<br>
The current issue can be...<br>>/description>
>/item>
>item>
>title>Risks Digest 25.81>/title>
>link>http://seclists.org/risks/2009/q4/1>/link>
>description><p>Posted by RISKS List Owner on Oct 12</p>RISKS-LIST: Risks-Forum Digest Monday 12 October 2009 Volume 25 : Issue 81<br>
The current issue can be...<br>>/description>
>/item>
>/channel>
>/rss>
>rss version="2.0">
>channel>
>title> SANS Internet Storm Center, InfoCON: green>/title>
>link> http://isc.sans.org>/link>
>description>>![CDATA[]]>>/description>
>image>
>title>SANS Internet Storm Center, InfoCON: green>/title>
>url>http://isc.sans.org/images/status.gif>/url>
>link>http://isc.sans.org>/link>
>/image>
>item>
>title>Infocon: green>/title>
>link>http://isc.sans.org/diary.html?rss>/link>
>description>>![CDATA[What's My Firewall Telling Me? (Part 4)]]>>/description>
>/item>
>item>
>title>What's My Firewall Telling Me? (Part 4), (Wed, Mar 10th)>/title>
>link>http://isc.sans.org/diary.html?storyid=8395&rss>/link>
>description>>![CDATA[Theres been a lot of discussion about the recent stories on parsing firewall logs - Mar ...(more)... ]]>>/description>
>/item>
>item>
>title>
Microsoft Security Advisory 981374 - Remote Code Execution Vulnerability for IE6 and IE7, (Wed, Mar 10th)>/title>
>link>http://isc.sans.org/diary.html?storyid=8398&rss>/link>
>description>>![CDATA[Several readers have pointed us towards this advisory. This Microsoft advisory outlines a vuln ...(more)... ]]>>/description>
>/item>
>item>
>title>
March 2010 - Microsoft Patch Tuesday Diary, (Tue, Mar 9th)>/title>
>link>http://isc.sans.org/diary.html?storyid=8392&rss>/link>
>description>>![CDATA[
...(more)... ]]>>/description>
>/item>
>item>
>title>
Samurai WTF 0.8, (Mon, Mar 8th)>/title>
>link>http://isc.sans.org/diary.html?storyid=8377&rss>/link>
>description>>![CDATA[A new version of the Samurai WTF (Web Testing Framework) distribution, version 0.8, has been r ...(more)... ]]>>/description>
>/item>
>item>
>title>
Vodafone Android Phone: Complete with Mariposa Malware, (Tue, Mar 9th)>/title>
>link>http://isc.sans.org/diary.html?storyid=8389&rss>/link>
>description>>![CDATA[Panda Security has a post up on one of their employees buying a brand new Android phone from Vodafon ...(more)... ]]>>/description>
>/item>
>item>
>title>
Energizer Malware, (Tue, Mar 9th)>/title>
>link>http://isc.sans.org/diary.html?storyid=8386&rss>/link>
>description>>![CDATA[We received several emails today about the US-CERTanalysis of Trojan horse software found in a ...(more)... ]]>>/description>
>/item>
>item>
>title>
SEO poisoning on TV show, (Mon, Mar 8th)>/title>
>link>http://isc.sans.org/diary.html?storyid=8383&rss>/link>
>description>>![CDATA[An ISCreader, thanks Paul, notified us about a new SEO(Search Engine Optimization) ...(more)... ]]>>/description>
>/item>
>item>
>title>
Microsoft announced two important bulletins (fixing multiple vulns. affecting Windows and Office) for tomorrow: http://www.microsoft.com/technet/security/Bulletin/MS10-mar.mspx, (Mon, Mar 8th)>/title>
>link>http://isc.sans.org/diary.html?storyid=8380&rss>/link>
>description>>![CDATA[ ...(more)... ]]>>/description>
>/item>
>/channel>
>/rss>
>rss version="2.0">
>channel>
>title>Nessus.org Plugins>/title>
>link>http://www.nessus.org/scripts.php>/link>
>description>All the newest security checks for the Nessus scanner>/description>
>image about="http://www.nessus.org/images/RssLogo.jpg">
>title>Nessus Plugins>/title>
>url>http://www.nessus.org/images/RssLogo.jpg>/url>
>link>http://www.nessus.org/>/link>
>/image>
>item about="http://www.nessus.org/plugins/index.php?view=single&id=45021">
>title>MS10-017: Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (980150)>/title>
>description>>![CDATA[Synopsis :>br />
]]>>/description>
>link>http://www.nessus.org/plugins/index.php?view=single&id=45021>/link>
>/item>
>item about="http://www.nessus.org/plugins/index.php?view=single&id=45020">
>title>MS10-016: Vulnerability in Windows Movie Maker Could Allow Remote Code Execution (975561)>/title>
>description>>![CDATA[Synopsis :>br />
]]>>/description>
>link>http://www.nessus.org/plugins/index.php?view=single&id=45020>/link>
>/item>
>item about="http://www.nessus.org/plugins/index.php?view=single&id=45019">
>title>SpamAssassin Milter Plugin 'mlfi_envrcpt()' Remote Arbitrary Command Injection>/title>
>description>>![CDATA[Synopsis :>br />
]]>>/description>
>link>http://www.nessus.org/plugins/index.php?view=single&id=45019>/link>
>/item>
>item about="http://www.nessus.org/plugins/index.php?view=single&id=45018">
>title>Symantec IM Manager KeyView OLE Parsing Integer Overflow (SYM10-006)>/title>
>description>>![CDATA[Synopsis :>br />
]]>>/description>
>link>http://www.nessus.org/plugins/index.php?view=single&id=45018>/link>
>/item>
>item about="http://www.nessus.org/plugins/index.php?view=single&id=45017">
>title>Symantec IM Manager Detection>/title>
>description>>![CDATA[Synopsis :>br />
]]>>/description>
>link>http://www.nessus.org/plugins/index.php?view=single&id=45017>/link>
>/item>
>item about="http://www.nessus.org/plugins/index.php?view=single&id=45016">
>title>USN907-1 : gnome-screensaver vulnerabilities>/title>
>description>>![CDATA[Synopsis :>br />
]]>>/description>
>link>http://www.nessus.org/plugins/index.php?view=single&id=45016>/link>
>/item>
>item about="http://www.nessus.org/plugins/index.php?view=single&id=45015">
>title>SuSE Security Update: Security update for sudo (sudo-6891)>/title>
>description>>![CDATA[Synopsis :>br />
]]>>/description>
>link>http://www.nessus.org/plugins/index.php?view=single&id=45015>/link>
>/item>
>item about="http://www.nessus.org/plugins/index.php?view=single&id=45014">
>title>SuSE Security Update: sudo (2010-03-01)>/title>
>description>>![CDATA[Synopsis :>br />
]]>>/description>
>link>http://www.nessus.org/plugins/index.php?view=single&id=45014>/link>
>/item>
>item about="http://www.nessus.org/plugins/index.php?view=single&id=45013">
>title>SuSE 11.2 Security Update: sudo (2010-03-01)>/title>
>description>>![CDATA[Synopsis :>br />
]]>>/description>
>link>http://www.nessus.org/plugins/index.php?view=single&id=45013>/link>
>/item>
>item about="http://www.nessus.org/plugins/index.php?view=single&id=45012">
>title>SuSE 11.1 Security Update: sudo (2010-03-01)>/title>
>description>>![CDATA[Synopsis :>br />
]]>>/description>
>link>http://www.nessus.org/plugins/index.php?view=single&id=45012>/link>
>/item>
>item about="http://www.nessus.org/plugins/index.php?view=single&id=45011">
>title>SuSE 11.0 Security Update: sudo (2010-03-01)>/title>
>description>>![CDATA[Synopsis :>br />
]]>>/description>
>link>http://www.nessus.org/plugins/index.php?view=single&id=45011>/link>
>/item>
>item about="http://www.nessus.org/plugins/index.php?view=single&id=45010">
>title>SuSE 11.0 Security Update: kernel (2010-03-01)>/title>
>description>>![CDATA[Synopsis :>br />
]]>>/description>
>link>http://www.nessus.org/plugins/index.php?view=single&id=45010>/link>
>/item>
>item about="http://www.nessus.org/plugins/index.php?view=single&id=45009">
>title>FreeBSD : drupal -- multiple vulnerabilities (5230)>/title>
>description>>![CDATA[Synopsis :>br />
]]>>/description>
>link>http://www.nessus.org/plugins/index.php?view=single&id=45009>/link>
>/item>
>item about="http://www.nessus.org/plugins/index.php?view=single&id=45008">
>title>[DSA2008] DSA-2008-1 typo3-src>/title>
>description>>![CDATA[Synopsis :>br />
]]>>/description>
>link>http://www.nessus.org/plugins/index.php?view=single&id=45008>/link>
>/item>
>item about="http://www.nessus.org/plugins/index.php?view=single&id=45007">
>title>SSA-2010-067-01 httpd >/title>
>description>>![CDATA[Synopsis :>br />
]]>>/description>
>link>http://www.nessus.org/plugins/index.php?view=single&id=45007>/link>
>/item>
>item about="http://www.nessus.org/plugins/index.php?view=single&id=45006">
>title>Energizer DUO USB Battery Charger Software Backdoor (credentialed check)>/title>
>description>>![CDATA[Synopsis :>br />
]]>>/description>
>link>http://www.nessus.org/plugins/index.php?view=single&id=45006>/link>
>/item>
>item about="http://www.nessus.org/plugins/index.php?view=single&id=45005">
>title>Arugizer Backdoor>/title>
>description>>![CDATA[Synopsis :>br />
]]>>/description>
>link>http://www.nessus.org/plugins/index.php?view=single&id=45005>/link>
>/item>
>item about="http://www.nessus.org/plugins/index.php?view=single&id=45004">
>title>Apache 2.2 < 2.2.15 Multiple Vulnerabilities>/title>
>description>>![CDATA[Synopsis :>br />
]]>>/description>
>link>http://www.nessus.org/plugins/index.php?view=single&id=45004>/link>
>/item>
>item about="http://www.nessus.org/plugins/index.php?view=single&id=45003">
>title>SuSE Security Update: Security update for netpbm (libnetpbm-6851)>/title>
>description>>![CDATA[Synopsis :>br />
]]>>/description>
>link>http://www.nessus.org/plugins/index.php?view=single&id=45003>/link>
>/item>
>item about="http://www.nessus.org/plugins/index.php?view=single&id=45002">
>title>SuSE Security Update: libnetpbm-devel (2010-02-16)>/title>
>description>>![CDATA[Synopsis :>br />
]]>>/description>
>link>http://www.nessus.org/plugins/index.php?view=single&id=45002>/link>
>/item>
>/channel>
>/rss>
>rss version="2.0">
>channel>
>title>SecuriTeam>/title>
>link>http://www.securiteam.com>/link>
>description>Welcome to the SecuriTeam RSS Feed - sponsored by Beyond Security. Know Your Vulnerabilities! Visit BeyondSecurity.com for your web site, network and code security audit and scanning needs.>/description>
>image>
>title>SecuriTeam.com>/title>
>url>http://www.securiteam.com/beyond-logo-small.png>/url>
>link>http://www.securiteam.com>/link>
>/image>
>item>
>title>LedgerSMB Multiple Vulnerabilities>/title>
>link>http://www.securiteam.com/securitynews/5EP3H1P0AU.html>/link>
>description>>![CDATA[It has been brought to our attention that a number of security vulnerabilities have been noted in SQL-Ledger. Several of these affect earlier versions of LedgerSMB, and three hotfixes have been released for problems that continue to affect the LedgerSMB codebase.]]>>/description>
>/item>
>item>
>title>Kaspersky Lab Multiple Products Local Privilege Escalation Vulnerability>/title>
>link>http://www.securiteam.com/securitynews/5RP2W150AC.html>/link>
>description>>![CDATA[Insecure permissions have been detected in the multiple Kaspersky Lab antivirus products.]]>>/description>
>/item>
>item>
>title>Piwik Cookie Unserialize Vulnerability>/title>
>link>http://www.securiteam.com/securitynews/6H00B0AQAS.html>/link>
>description>>![CDATA[Piwik unserializes() user input which allows an attacker to send a carefully crafted cookie that when unserialized utilizes Piwik's classes to upload arbitrary files or execute arbitrary PHP code.]]>>/description>
>/item>
>item>
>title>Invision Power Board SQL PHP File Inclusion and SQL Injection>/title>
>link>http://www.securiteam.com/securitynews/6T0022AQAC.html>/link>
>description>>![CDATA[Invision Power Board has a PHP file inclusion vulnerability that is trivial to exploit with a web browser and a known location of a php file residing on the target system. Authorisation is not required. The SQL injection vulnerability is somewhat tricky to exploit as there are quite a few restrictions that make creating a successful sql attack vector difficult. Nevertheless a crafty attacker might issue a series of requests that might allow him to gain some information about the target system or even read files from the disk depending on permissions granted to the db account that is used by the forum.]]>>/description>
>/item>
>item>
>title>U.S. Defense Information Systems Agency (DISA) Unix Security Readiness Review (SRR) Vulnerability>/title>
>link>http://www.securiteam.com/securitynews/6E00420QAS.html>/link>
>description>>![CDATA[The U.S. Defense Information Systems Agency (DISA) publishes Security Readiness Review scripts (SRRs) to ensure systems and software meet security baselines required by the Department of Defense. Unprivileged local users can obtain root access on Unix systems where the DISA SRR scripts are run.]]>>/description>
>/item>
>item>
>title>Netifera - Modular Open Source Platform for Security Tools>/title>
>link>http://www.securiteam.com/tools/5QP0B0KQUE.html>/link>
>description>>![CDATA[]]>>/description>
>/item>
>item>
>title>WarVOX - Tools for Exploring, Classifying, and Auditing Telephone Systems>/title>
>link>http://www.securiteam.com/tools/5RP012KQKA.html>/link>
>description>>![CDATA[]]>>/description>
>/item>
>item>
>title>Webshag - Web Server Audit Tool>/title>
>link>http://www.securiteam.com/tools/5QP0L0UQAI.html>/link>
>description>>![CDATA[]]>>/description>
>/item>
>item>
>title>Browser Fuzzer>/title>
>link>http://www.securiteam.com/tools/5OP0L00Q0Y.html>/link>
>description>>![CDATA[]]>>/description>
>/item>
>item>
>title>FSpy - Linux Filesystem Activity Monitoring>/title>
>link>http://www.securiteam.com/tools/6D00V0ANFY.html>/link>
>description>>![CDATA[]]>>/description>
>/item>
>item>
>title>Publique! CMS and SQL Injection Vulnerabilities>/title>
>link>http://www.securiteam.com/unixfocus/5FP3I1P0AO.html>/link>
>description>>![CDATA[A remotely exploitable vulnerability was found in the framework core component. Exploitation of this bug does not require authentication and will lead to remotely exposed potentially sensitive information from the Publique! database. Particularly, an attacker can extract usernames and passwords needed to authenticate to the administrative interface and gain full control of the web site and (depending on certain conditions) the server itself.]]>>/description>
>/item>
>item>
>title>Files2Links F2L-3000 SQL Injection Vulnerability>/title>
>link>http://www.securiteam.com/unixfocus/5DP3G1P0AA.html>/link>
>description>>![CDATA[The login page of the F2L-3000 version 4.0.0 is vulnerable to SQL Injection. Exploitation of the vulnerability may allow attackers to bypass authentication and access sensitive information stored on the device.]]>>/description>
>/item>
>item>
>title>HP-UX Running Apache Data Injection and DoS Vulnerability>/title>
>link>http://www.securiteam.com/unixfocus/5QP2V150AO.html>/link>
>description>>![CDATA[A potential security vulnerability has been identified with HP-UX running Apache v2.0.59.12 and earlier. The vulnerability could be exploited remotely to inject unauthorized data or to create a Denial of Service (DoS).]]>>/description>
>/item>
>item>
>title>MIT krb5 KDC denial of service in cross-realm referral processing>/title>
>link>http://www.securiteam.com/unixfocus/5MP2W0K0AK.html>/link>
>description>>![CDATA[An unauthenticated remote attacker could cause the KDC to crash due to a null pointer dereference. Legitimate requests can also cause this crash to occur.]]>>/description>
>/item>
>item>
>title>AproxEngine Multiple Vulnerabilities>/title>
>link>http://www.securiteam.com/unixfocus/5BP2V0A0AG.html>/link>
>description>>![CDATA[Vulnerabilities have been discovered in AproxEngine, which can be exploited by malicious users to manipulate certain data, conduct spoofing, SQL injection, and script insertion attacks and by malicious people to conduct SQL injection and script insertion attacks.]]>>/description>
>/item>
>item>
>title>Microsoft Indeo Codec Memory Corruption Vulnerability>/title>
>link>http://www.securiteam.com/windowsntfocus/6S00D00QAW.html>/link>
>description>>![CDATA[The Indeo codec on systems running Microsoft Windows 2000, Windows XP, and Windows Server 2003 could allow code to run on users systems when opening specially crafted content.]]>>/description>
>/item>
>item>
>title>HP DDMI Execution of Arbitrary Code>/title>
>link>http://www.securiteam.com/windowsntfocus/6T00C2AQ0Y.html>/link>
>description>>![CDATA[A potential security vulnerability has been identified with HP Discovery & Dependency Mapping Inventory (DDMI) running on Windows. The vulnerability could be exploited remotely by an authorized user to execute arbitrary code.]]>>/description>
>/item>
>item>
>title>Microsoft Windows License Logging Service Heap Corruption Vulnerability>/title>
>link>http://www.securiteam.com/windowsntfocus/6M00D0UQ0W.html>/link>
>description>>![CDATA[This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. Authentication is not required on certain configurations to exploit this vulnerability.]]>>/description>
>/item>
>item>
>title>Microsoft Office Excel Code Execution Vulnerabilities>/title>
>link>http://www.securiteam.com/windowsntfocus/6K00B0UQ0K.html>/link>
>description>>![CDATA[Attackers using specially crafted XLS files can execute arbitrary code via memory corruptions, invalid index, and invalid pointer errors.]]>>/description>
>/item>
>item>
>title>Microsoft SharePoint 2007 ASP.NET Source Code Disclosure>/title>
>link>http://www.securiteam.com/windowsntfocus/6W0040UQ0W.html>/link>
>description>>![CDATA[It was found that the download facility of Microsoft SharePoint Team Services can be abused to reveal the source code of ASP.NET files.]]>>/description>
>/item>
>item>
>title>Trango Broadband Wireless Rogue SU Authentication Bug>/title>
>link>http://www.securiteam.com/exploits/5LP2V0K0AG.html>/link>
>description>>![CDATA[Currently there is a flaw in the authentication mechanism of these radios which, if an attacker knows some details, can allow interception of ethernet packets broadcast from the Access Point to the Subscriber Unit and potentially allows injection into the communication from the Subscriber Unit to the Access Point.]]>>/description>
>/item>
>item>
>title>Exposing HMS HICP Protocol and Intellicom NetBiterConfig.exe Remote Buffer Overflow>/title>
>link>http://www.securiteam.com/exploits/5CP2W0A0AU.html>/link>
>description>>![CDATA[SCADA weaknesses created by HICP Protocol and NetBiter WebSCADA.]]>>/description>
>/item>
>item>
>title>Family Connections Multiple Remote Vulnerabilities>/title>
>link>http://www.securiteam.com/exploits/6U00D20QAQ.html>/link>
>description>>![CDATA[Many fields are not properly sanitised and some checks can be bypassed.]]>>/description>
>/item>
>item>
>title>VideoCache vccleaner Root Vulnerability>/title>
>link>http://www.securiteam.com/exploits/6T00C20QAY.html>/link>
>description>>![CDATA[VideoCache is a Squid URL rewriter plugin written in Python for bandwidth optimization while browsing video sharing websites. Version 1.9.2 allows a user with the privileges of the Squid proxy server to append semi-arbitrary data to arbitrary files with root privileges, upon the administrator's execution of the 'vccleaner' utility.]]>>/description>
>/item>
>item>
>title>QuickHeal Antivirus 2010 Local Privilege Escalation>/title>
>link>http://www.securiteam.com/exploits/6S00B20QAQ.html>/link>
>description>>![CDATA[All files under the install folder have Full control for BUILTIN\users and can be replace with malicious files.]]>>/description>
>/item>
>item>
>title>Why Silent Updates Boost Security>/title>
>link>http://www.securiteam.com/securityreviews/5NP0E00R5A.html>/link>
>description>>![CDATA[Thomas Duebendorfer Google Switzerland GmbH and Stefan Frei Communication Systems Group, ETH Zurich, Switzerland looked into the performance of Web browser update mechanisms. The analysis of anonymized Google Web server logs allowed us to compare and rank the update strategies deployed by Google Chrome, Mozilla Firefox, Apple Safari, and Opera.]]>>/description>
>/item>
>item>
>title>PDF Silent HTTP Form Repurposing Attacks>/title>
>link>http://www.securiteam.com/securityreviews/5MP0D00R5G.html>/link>
>description>>![CDATA[This paper sheds light on a modified approach to triggering web attacks through JavaScript protocol handler in the context of opening a PDF in a browser.]]>>/description>
>/item>
>item>
>title>Frame Pointer Overwrite Demonstration (Linux)>/title>
>link>http://www.securiteam.com/securityreviews/6M0010UNFQ.html>/link>
>description>>![CDATA[This paper assumes you have read the proper background information and/or technical details about the above subject. If not, please do so, because this read does not include key concepts but instead technical exploitation examples. That being said, enjoy. Knowledge is power.]]>>/description>
>/item>
>item>
>title>Format String Exploitation Demonstration (Linux)>/title>
>link>http://www.securiteam.com/securityreviews/6E0030KNFO.html>/link>
>description>>![CDATA[This paper assumes you have read the proper background information and/or technical details about the above subject. If not, please do so, because this read does not include key concepts but instead technical exploitation examples. That being said, enjoy. Knowledge is power.]]>>/description>
>/item>
>item>
>title>Hacking SOHO Routers>/title>
>link>http://www.securiteam.com/securityreviews/6D00C0KN5S.html>/link>
>description>>![CDATA[The purpose of this paper is to outline the security measures being taken by vendors to prevent such attacks in their home routing products, what those security measures accomplish, and where they fall short. We will use existing network tools to examine common vulnerabilities in a range of popular devices and demonstrate weaknesses in the security of those devices; additionally, we will examine common trends in security measures that have been duplicated across vendors, and examine how those trends help and hinder the security of their devices. In particular, we will examine the following home routers, which are some of the latest offerings from their respective vendors at the time of this writing: * Linksys WRT160N]]>>/description>
>/item>
>/channel>
>/rss>
>rss version="2.0">
>channel>
>title>Security Basics>/title>
>link>http://seclists.org/#basics>/link>
>description>A high-volume list which permits people to ask "stupid questions" without being derided as "n00bs". I recommend this list to network security newbies, but be sure to read Bugtraq and other lists as well.>/description>
>item>
>title>Reporting SSH abuse>/title>
>link>http://seclists.org/basics/2010/Mar/44>/link>
>description><p>Posted by Dan Pilcheck on Mar 09</p>Hello list,<br>
up with. I suppose there's not much else to...<br>>/description>
>/item>
>item>
>title>Re: Help hardening router>/title>
>link>http://seclists.org/basics/2010/Mar/43>/link>
>description><p>Posted by Mike Hale on Mar 09</p>Wouldn't you want to encrypt your passwords in 5? Level 7 can be<br>
cracked in seconds online.<br>>/description>
>/item>
>item>
>title>Re: Help hardening router>/title>
>link>http://seclists.org/basics/2010/Mar/42>/link>
>description><p>Posted by Curt Shaffer on Mar 09</p>Step one is to now change all of your passwords unless you put bogus hashes in there when you posted this. Otherwise, <br>
it benefits your...<br>>/description>
>/item>
>item>
>title>Re: Help hardening router>/title>
>link>http://seclists.org/basics/2010/Mar/41>/link>
>description><p>Posted by Alex on Mar 09</p>Hi you<br>
the...<br>>/description>
>/item>
>item>
>title>RE: Help hardening router>/title>
>link>http://seclists.org/basics/2010/Mar/40>/link>
>description><p>Posted by Jatmoko, Arif (ID - Jakarta) on Mar 09</p>If this is a Cisco Catalyst, that should be support SSH. Just enable SSH by entering the command :<br>
You should, at least learn some basic command or consults about configuring Catalyst IOS to someone has...<br>>/description>
>/item>
>item>
>title>Re: securing a segment of a network>/title>
>link>http://seclists.org/basics/2010/Mar/39>/link>
>description><p>Posted by krymson on Mar 09</p>Would that be a primary concern about the current state of audits and checklists? Basically, there is a *lot* of effort <br>
applicatiions, shares and/or privileges. Splitting the network does not address this in any way, at best it...<br>>/description>
>/item>
>item>
>title>FW: Help hardening router>/title>
>link>http://seclists.org/basics/2010/Mar/38>/link>
>description><p>Posted by Craig S. Wright on Mar 09</p>ARGGG!<br>
Nipper, (Network Infrastructure Parser)...<br>>/description>
>/item>
>item>
>title>Re: Help hardening router>/title>
>link>http://seclists.org/basics/2010/Mar/37>/link>
>description><p>Posted by John Morrison on Mar 09</p>Joe,<br>
Download and installed the latest...<br>>/description>
>/item>
>item>
>title>Re: Help hardening router>/title>
>link>http://seclists.org/basics/2010/Mar/36>/link>
>description><p>Posted by David Goldsmith on Mar 09</p>Did you change the various encrypted passwords before posting the<br>
be sure to fully...<br>>/description>
>/item>
>item>
>title>Re: securing a segment of a network>/title>
>link>http://seclists.org/basics/2010/Mar/35>/link>
>description><p>Posted by Adam Pal on Mar 08</p>Hi Roger,<br>
"Keep the same, maintain the...<br>>/description>
>/item>
>item>
>title>Help hardening router>/title>
>link>http://seclists.org/basics/2010/Mar/34>/link>
>description><p>Posted by mzcohen2682 on Mar 08</p>HI ALL !<br>
also in the endo of the access list they have a line saying:...<br>>/description>
>/item>
>item>
>title>Re: Re: securing a segment of a network>/title>
>link>http://seclists.org/basics/2010/Mar/33>/link>
>description><p>Posted by Bovril1a on Mar 08</p>Unless you are in a high security environment the requirement from your auditors is an excellent example of why <br>
Before you EVER accept an audit finding it needs to meet a basic "Rule of...<br>>/description>
>/item>
>item>
>title>Re: securing a segment of a network>/title>
>link>http://seclists.org/basics/2010/Mar/32>/link>
>description><p>Posted by Roger D Vargas on Mar 08</p>Adam Pal escribió:<br>
PCs in the network....<br>>/description>
>/item>
>item>
>title>Re: securing a segment of a network>/title>
>link>http://seclists.org/basics/2010/Mar/31>/link>
>description><p>Posted by Adam Pal on Mar 08</p>Hello Roger,<br>
RDV> ago I had physically split my network in 2, with 2 windows...<br>>/description>
>/item>
>item>
>title>Re: [cansecwest] Advanced PHP Hacking>/title>
>link>http://seclists.org/basics/2010/Mar/30>/link>
>description><p>Posted by Barbod Kiani on Mar 08</p>Laurent:<br>
would be to have one of your...<br>>/description>
>/item>
>/channel>
>/rss>
>rss version="2.0">
>channel>
>link>http://seclists.org/#jobs>/link>
>description>A popular list for advertising or finding jobs in the security field. Employers post openings and job seekers post resumes (run by SecurityFocus). For privacy reasons, only the current year is archived.>/description>
>/channel>
>/rss>
>rss version="2.0">
>channel>
>link>http://seclists.org/#vuln-dev>/link>
>description>A moderated list for discussing possible security issues and devising exploits for them.>/description>
>/channel>
>/rss>
>rss version="2.0">
>channel>
>title>SecurityFocus Vulnerabilities>/title>
>link>http://www.securityfocus.com>/link>
>description>
>/description>
>image>
>title>SecurityFocus>/title>
>url>http://www.securityfocus.com/rss/SFLogo_v1.gif>/url>
>link>http://www.securityfocus.com>/link>
>/image>
>item>
>title>Vuln: RETIRED: Microsoft March 2010 Advance Notification Multiple Vulnerabilities>/title>
>link>http://www.securityfocus.com/bid/38540>/link>
>description>>![CDATA[ RETIRED: Microsoft March 2010 Advance Notification Multiple Vulnerabilities ]]>>/description>
>/item>
>item>
>title>Vuln: Microsoft Excel DbOrParamQry Record Remote Code Execution Vulnerability>/title>
>link>http://www.securityfocus.com/bid/38555>/link>
>description>>![CDATA[ Microsoft Excel DbOrParamQry Record Remote Code Execution Vulnerability ]]>>/description>
>/item>
>item>
>title>Vuln: Microsoft Windows Movie Maker and Producer '.mswmm' Buffer Overflow Vulnerability>/title>
>link>http://www.securityfocus.com/bid/38515>/link>
>description>>![CDATA[ Microsoft Windows Movie Maker and Producer '.mswmm' Buffer Overflow Vulnerability ]]>>/description>
>/item>
>item>
>title>Vuln: Microsoft Internet Explorer 'iepeers.dll' Remote Code Execution Vulnerability>/title>
>link>http://www.securityfocus.com/bid/38615>/link>
>description>>![CDATA[ Microsoft Internet Explorer 'iepeers.dll' Remote Code Execution Vulnerability ]]>>/description>
>/item>
>item>
>title>Bugtraq: ZDI-10-025: Microsoft Office Excel XLSX File Parsing Remote Code Execution Vulnerability>/title>
>link>http://www.securityfocus.com/archive/1/509979>/link>
>description>>![CDATA[ ZDI-10-025: Microsoft Office Excel XLSX File Parsing Remote Code Execution Vulnerability ]]>>/description>
>/item>
>item>
>title>Bugtraq: SQL injection vulnerability in wILD CMS>/title>
>link>http://www.securityfocus.com/archive/1/509973>/link>
>description>>![CDATA[ SQL injection vulnerability in wILD CMS ]]>>/description>
>/item>
>item>
>title>Bugtraq: IBM ENOVIA SmarTeam v5 Cross Site Scripting Vulnerability>/title>
>link>http://www.securityfocus.com/archive/1/509975>/link>
>description>>![CDATA[ IBM ENOVIA SmarTeam v5 Cross Site Scripting Vulnerability ]]>>/description>
>/item>
>item>
>title>Bugtraq: [security bulletin] HPSBMA02489 SSRT090065 rev.1 - HP Performance Insight , Remote Execution of Arbitrary Commands>/title>
>link>http://www.securityfocus.com/archive/1/509977>/link>
>description>>![CDATA[ [security bulletin] HPSBMA02489 SSRT090065 rev.1 - HP Performance Insight , Remote Execution of Arbitrary Commands ]]>>/description>
>/item>
>item>
>title>More rss feeds from SecurityFocus>/title>
>link>http://www.securityfocus.com/rss/index.shtml>/link>
>description>News, Infocus, Columns, Vulnerabilities, Bugtraq ...>/description>
>/item>
>/channel>
>/rss>
>rss version="2.0">
>channel>
>title>VulnWatch>/title>
>link>http://seclists.org/#vulnwatch>/link>
>description>A non-discussion, non-patch, all-vulnerability annoucement list supported and run by a community of volunteer moderators distributed around the world.>/description>
>/channel>
>/rss>
>rss version="2.0">
>channel>
>title>Web App Security>/title>
>link>http://seclists.org/#webappsec>/link>
>description>Provides insights on the unique challenges which make web applications notoriously hard to secure, as well as attack methods including SQL injection, cross-site scripting (XSS), cross-site request forgery, and more.>/description>
>item>
>title>Re: Need a real Java web application with vulnerabilities>/title>
>link>http://seclists.org/webappsec/2010/q1/42>/link>
>description><p>Posted by Yu Qu on Mar 08</p>Hi, Peine and others:<br>
Ministry of Education Key Lab for Intelligent...<br>>/description>
>/item>
>item>
>title>RE: [WEB SECURITY] Re: Need a real Java web application with vulnerabilities>/title>
>link>http://seclists.org/webappsec/2010/q1/41>/link>
>description><p>Posted by Calderon, Juan Carlos (GE, Corporate, consultant) on Mar 08</p>Yeah, Steve's is just a nice approach, my experience is the same, you<br>
To:...<br>>/description>
>/item>
>item>
>title>Re: Need a real Java web application with vulnerabilities>/title>
>link>http://seclists.org/webappsec/2010/q1/40>/link>
>description><p>Posted by Morgan Reed on Mar 08</p>Sounds like the right approach, though I'm not aware of any Java based CMS.<br>
<a rel="nofollow" href="http://www.cenzic.com/2009HClaunch_Securityfocus">http://www.cenzic.com/2009HClaunch_Securityfocus</a>...<br>>/description>
>/item>
>item>
>title>Re: [WEB SECURITY] Re: Need a real Java web application with vulnerabilities>/title>
>link>http://seclists.org/webappsec/2010/q1/39>/link>
>description><p>Posted by Steve Pinkham on Mar 08</p>Rogan Dawes wrote:<br>
>...<br>>/description>
>/item>
>item>
>title>Security BSides Austin - sponsors needed!>/title>
>link>http://seclists.org/webappsec/2010/q1/38>/link>
>description><p>Posted by Benjamin Tomhave on Mar 08</p>Hi folks,<br>
become officially...<br>>/description>
>/item>
>item>
>title>Re: Need a real Java web application with vulnerabilities>/title>
>link>http://seclists.org/webappsec/2010/q1/37>/link>
>description><p>Posted by Marc-André Laverdière on Mar 08</p>You can have a try at Securibench. Some of the apps in there don't run without <br>
It's Finally Here - The Cenzic Website HealthCheck....<br>>/description>
>/item>
>item>
>title>Re: Need a real Java web application with vulnerabilities>/title>
>link>http://seclists.org/webappsec/2010/q1/36>/link>
>description><p>Posted by Federico Maggi on Mar 08</p> OWASP's WebGoat Project has designed a non-trivial web application in Java, exactly for this purpose.<br>
--------------------------------------<br>>/description>
>/item>
>item>
>title>Re: Need a real Java web application with vulnerabilities>/title>
>link>http://seclists.org/webappsec/2010/q1/35>/link>
>description><p>Posted by Kvetch on Mar 08</p>Check out Daffodil CRM - <a rel="nofollow" href="http://sourceforge.net/projects/daffodilcrm/">http://sourceforge.net/projects/daffodilcrm/</a><br>
--------------------------------------<br>>/description>
>/item>
>item>
>title>Re: Need a real Java web application with vulnerabilities>/title>
>link>http://seclists.org/webappsec/2010/q1/34>/link>
>description><p>Posted by Wagner Elias on Mar 08</p>OWASP Broken Web App Project contains WebGoat an app vulnerable in Java.<br>
2010/3/8 Holger Peine <Holger.Peine () fh-hannover de>:<br>>/description>
>/item>
>item>
>title>Need a real Java web application with vulnerabilities>/title>
>link>http://seclists.org/webappsec/2010/q1/33>/link>
>description><p>Posted by Holger Peine on Mar 08</p>Hello,<br>
-...<br>>/description>
>/item>
>item>
>title>SamuraiWTF 0.8 released>/title>
>link>http://seclists.org/webappsec/2010/q1/32>/link>
>description><p>Posted by Kevin Johnson on Mar 05</p>Hi all,<br>
cell: 904.403.8024<br>>/description>
>/item>
>item>
>title>removing version identifying attribution data>/title>
>link>http://seclists.org/webappsec/2010/q1/31>/link>
>description><p>Posted by Robin Wood on Mar 04</p>With a lot of open source web apps there is usually some kind of file<br>
rather not expose my clients to data leakage which I...<br>>/description>
>/item>
>item>
>title>Vulnerabilities Animated Clips>/title>
>link>http://seclists.org/webappsec/2010/q1/30>/link>
>description><p>Posted by Maty Siman on Mar 03</p>One of the biggest challenges of the security community is to build true<br>
help developers understand a...<br>>/description>
>/item>
>item>
>title>Advanced PHP Hacking>/title>
>link>http://seclists.org/webappsec/2010/q1/29>/link>
>description><p>Posted by Laurent OUDOT at TEHTRI-Security on Mar 03</p>Hi,<br>
deeper down to your...<br>>/description>
>/item>
>item>
>title>Re: Cookie Secure Attribute - Clarification>/title>
>link>http://seclists.org/webappsec/2010/q1/28>/link>
>description><p>Posted by 51l3n73y3s on Mar 01</p>I would make the attribute as Secure and then also set the requireSSL of the <br>
This list is...<br>>/description>
>/item>
>/channel>
>/rss>
>rss version="2.0">
>channel>
>/channel>
>/rss>