The Security Daily

Technology

Facebook hunts for compromised passwords to protect its users

Shared by
Avast Software

thenextdigit.com - The stolen passwords are being looked for by the social media giant, Facebook. When it comes to security, Facebook has gone leaps and bounds ahead these days when it comes to privacy and account se...

New Microsoft Garage site invites public to test a wide range of app ideas | VentureBeat | Business

Shared by
Microsoft

venturebeat.com - Microsoft today launched a new section on its website: The Microsoft Garage is designed to give the public early access to various projects the company is testing right now. The team is kicking off...

Malware directs stolen documents to Google Drive

Shared by
Help Net Security

net-security.org - Researchers have uncovered a new type of information-stealing malware that is apparently used in campaigns targeting government agencies and can syphon files from compromised computers to Google Dr...

Microsoft employees helped raise $112 million for nonprofits last fiscal year; total company giving topped $1 billion | Microsoft Pri0

Shared by
Microsoft

blogs.seattletimes.com - Microsoft employees, with the help of the company match program, donated $112.2  million to 18,832 nonprofits worldwide in fiscal year 2014. That’s up from $100.9 million in fiscal 2013 and $99.4 m...

Microsoft releases Kinect SDK 2.0 and new adapter kit - The Official Microsoft Blog

Shared by
Microsoft

blogs.microsoft.com - Today, we have some exciting news to share about the next chapter for Kinect. Our Windows SDK 2.0 is now available for the Kinect v2 sensors, and developers can commercially deploy Kinect apps in t...

Microsoft attempts to improve Android with new 'Garage' apps

Shared by
Microsoft

theverge.com - Google might not be interested in building apps for Windows Phone, but Microsoft isn’t holding any grudges. Starting today, the software giant is expanding its Garage project to give outsiders a ch...

Google Adds Hardware Security Key For Account Protection | Threatpost

Shared by
Kaspersky Lab

threatpost.com - Google is introducing an improved two-factor authentication system for Gmail and its other services that uses a tiny hardware token that will only work on legitimate Google sites. The new Security ...

McAfee Delivers New Product Portfolio For Small and Medium-Sized Businesses

Shared by
McAfee Inc.

mcafee.com - New Security Suites Help Provide Cost-Effective, Customized Protection Against New Malware and Exploits SANTA CLARA, California.  — October 21, 2014 — McAfee, part of Intel Security, today announce...

Microsoft Music Deals app brings hit music albums to your Windows PC, Tablet or Phone for only $.99-$1.99

Shared by
Microsoft

blogs.windows.com - Do you love music as much as I do (which is a lot)? Then you’re going to want to grab the Microsoft Music Deals app. Every Tuesday, 101 top albums can be yours for under $2 each with the Microsoft ...

Sylvania 100W Replacement Ultra LED review - CNET

Shared by
CNET

cnet.com - Two years ago, Sylvania was one of the first lighting manufacturers to bring a 100W replacement LED to market. The price? A mere $50. Since then, the field has expanded, and prices have fallen sign...

Thank You - SumAll

Shared by
Thom VanHorn

sumall.com - We noticed there’s already an account for . Please provide the password for it so we can link it to your account and make your future logins faster.

Google unveils Gmail alternative: 'Inbox' - CNET

Shared by
CNET

cnet.com - If you've been feeling overwhelmed by a mountain of email in Gmail, you may be glad to know that Google wants to help. But there's a twist: the help will come from Inbox, a free email app now avail...

I'm Matthew Dornquast, CEO of Code42, and This Is How I Work

Shared by
Lifehacker

lifehacker.com - It may be our most repeated and most ignored advice: always back up your files. Just do it! All drives and discs eventually fail, and backup service CrashPlan is specifically designed with that in ...

Almost half of adults on the Net have experienced online harassment -- survey - CNET

Shared by
CNET

cnet.com - It's ugly out there. A new study from Pew Research reports that 73 percent of adult Internet users say they've witnessed someone harassed online, and 40 percent have experienced that harassment per...

Apps to manage your phone's battery life - CNET

Shared by
CNET

cnet.com - It might seem counterintuitive to run an app on your phone or tablet that pinpoints which other apps are hogging all the battery power. But that's the easiest and most efficient way to find out. Ba...

Microsoft Security Advisory 3010060

Shared by
Thomas ZuckerScharff

technet.microsoft.com - Microsoft is aware of a vulnerability affecting all supported releases of Microsoft Windows, excluding Windows Server 2003. The vulnerability could allow remote code execution if a user opens a spe...

How do you promote cybersecurity across your or...

Shared by
Cisco Security

communities.cisco.com - Legal Disclaimer Some of the individuals posting to this site, including the moderators, work for Cisco Systems. Opinions expressed here and in any corresponding comments are the personal opinions ...

x86/64 Assembly and Shellcoding on Linux « SecurityTube Trainings

Shared by
Security Tube

securitytube-training.com - The SecurityTube Linux Assembly64 Expert (SLAE64) aims to teach the basics of x86_64 assembly language on the Linux platform from a security perspective and its application to writing shellcode, en...

Google Nexus 6 Preview - CNET

Shared by
CNET

cnet.com - Editors' Note: This piece has been updated on October 21, 2014, with additional hands-on impressions. Google's latest flagship phone is finally here. But instead of holding a press event like years...

Chinese Government Accused Of Staging ‘Malicious Attack’ On Apple’s iCloud Service

Shared by
عبدالله العلي

techcrunch.com - China’s government is being accused of trying to wiretap Apple customers in the country. Great Fire, a reputed non-profit organization that monitors Internet censorship in China, claimed today that...

Early payment glitches mar Apple Pay launch - CNET

Shared by
CNET

cnet.com - Apple Pay is now here, but the release hasn't exactly been flawless. While many people seem to be using the service without a hitch, there have been some reports of users being double charged for p...

iOS vs Android - Which camp are you?

Shared by
Avast Software

businessspectator.com.au - If you ask a group of people whether they belong to the Android or iOS camp, you’ll find it’s a sure fire way to draw a line in the sand. The type of phone and computer we choose to use every day i...

Form a new political party, fight zombies with the CraveCast crew - CNET

Shared by
CNET

cnet.com - Halloween and elections are approaching, and sometimes it's tough to tell which is scarier. Join the CraveCast cabal Wednesday at noon Pacific when we'll talk about remaking democracy in our own im...

Javascript for Pentesters « SecurityTube Trainings

Shared by
Security Tube

securitytube-training.com - Javascript for Pentesters will take you beyond alert(‘XSS’) and equip you to demonstrate advanced attacks such as Hijacking Forms, Logging Keystrokes, DOM manipulation etc. This course is Beginner ...

How an ill-designed data access policy can interfere with cybersecurity

Shared by
Eugene Kaspersky

business.kaspersky.com - A data access policy becomes an issue for any company as soon as it accumulates a considerable amount of valuable and sensitive data. That doesn’t mean the policy is always in place when it should ...

Black Hat Trainings 2014 | Nation-State Sponsored Targeted Attacks

Shared by
Black Hat

blackhat.com - RSA, Google, The New York Times, The Wall Street Journal, the list goes on and on of companies that have been recently infiltrated via Advanced Persistent Threats (APTs). Nation-state adversaries a...

Hackers make companies' phones call premium-rate numbers, cost them billions

Shared by
McAfee Labs

net-security.org - Hackers make companies' phones call premium-rate numbers, cost them billions Attackers hacking into companies' phone network, using it to place mass phone calls to premium-rate telephone numbers is...

Android 5.0 Lollipop to launch November 3 -- report - CNET

Shared by
CNET

cnet.com - Android Lollipop 5.0 will reportedly start rolling out on November 3. The launch date for the latest version of Google's mobile operating system was apparently revealed in a note to app developers ...

Cisco supply chain CSO talks cradle to grave security - SC Magazine

Shared by
SCMagazine

scmagazine.com - Edna Conway, Cisco's CSO for its Global Supply Chain, talked up an operations management approach where security is enforced from product R&D to its end of life stage. Conway, who spoke at SC Congr...

Hacker Redirects Traffic From 19 Internet Providers to Steal Bitcoins

Shared by
Jeremiah Grossman

wired.com - Among all the scams and thievery in the bitcoin economy, one recent hack sets a new bar for brazenness: Stealing an entire chunk of raw internet traffic from more than a dozen internet service prov...

Watch That Windows Update: FTDI Drivers Are Killing Fake Chips

Shared by
Dan Kaminsky

hackaday.com - The FTDI FT232 chip is found in thousands of electronic baubles, from Arduinos to test equipment, and more than a few bits of consumer electronics. It’s a simple chip, converting USB to a serial po...

Android NFC hack allow users to have free rides in public transportation - Securelist

Shared by
S.J. Moore

securelist.com - "Tarjeta BIP!" is the electronic payment system used in Chile to pay for public transportation via NFC incorporated in the user's smartphone. Numerous projects enabling mobile NFC ticketing for pub...

Google updates piracy-fighting report - SC Magazine

Shared by
SCMagazine

scmagazine.com - Google updated its “How Google Fights Piracy” report late last week to account for the 2013 numbers and expand on recent piracy control efforts. The company wrote in a blog post that it's experimen...

Inbox From Google Adds Reminders, Snooze, and Smart Info to Your Email

Shared by
Lifehacker

lifehacker.com - Android/iOS/Web: Today, Google took the wraps off a big new email application. Now, you can view important information directly in your inbox, set reminders or snooze emails, and even bundle relate...

Hiding a malicious Android APK in images as evasion method

Shared by
Security Affairs

securityaffairs.co - Mobile devices are continuously under attacks, cyber criminals are improving their technique to attack mobile users and increase the profits.  A new technique recently disclosed, allows attackers t...

Assembly Language and Shellcoding on Linux « SecurityTube Trainings

Shared by
Security Tube

securitytube-training.com - The SecurityTube Linux Assembly Expert (SLAE) aims to teach the basics of assembly language on the Linux platform from a security perspective and its application to writing shellcode, encoders, dec...

FBI director demands access to private cell phone data - CNET

Shared by
securityninja

cnet.com - Cell phone encryption will prevent the federal government from stopping terrorists and child molesters unless the government is given special access, Federal Bureau of Investigation Director James ...

Information Security Training | Washington DC | Cybersecurity

Shared by
SANS DFIR

sans.org - Information security training in Washington DC from SANS Institute, the global leader in information security training. At SANS Cyber Defense Initiative 2014 (CDI), SANS offers hands-on, immersion-...

Microsoft Garage gives early look at emerging apps - CNET

Shared by
CNET

cnet.com - Microsoft Garage, a project hatched in 2009 for Microsoft employees to explore their new ideas without fear of the public catching wind of them, has now gone public. On Wednesday, the software gian...

Cyber Maturity: An Evolution Toward Enterprise and System Architectures Emphasizing Embedded Security

Shared by
SecurityWeek

securityweek.com - Adam Firestone is President and General Manager at Kaspersky Government Security Solutions, Inc. Prior to joining Kaspersky in 2013, Adam led the defense and federal subsidiary of a global middlewa...

Soundsquatting 101: How Homophones Can Lead to Risks - Security News - Trend Micro USA

Shared by
Trend Micro

trendmicro.com - With all the time that we spend on the Internet, whether we’re browsing for answers or information, reading the latest news, or simply connecting with our friends on our social networking sites, it...

Federal Trade Commission Appoints Ashkan Soltani as Chief Technologist

Shared by
S.J. Moore

ftc.gov - Federal Trade Commission Chairwoman Edith Ramirez has appointed Ashkan Soltani as the agency’s Chief Technologist, succeeding Dr. Latanya Sweeney, who is returning to Harvard University, where she ...

FOCUS 14 - Breakout Sessions

Shared by
McAfee Inc.

mcafeefocus.com - FOCUS 14 will feature a comprehensive agenda packed with targeted, highly technical breakouts. You’re guaranteed to gain valuable, tangible knowledge to help you maximize your security solutions an...

New Zero-day in Microsoft OLE exploited in targeted attacks

Shared by
Security Affairs

securityaffairs.co - Early this week,  Microsoft issued the security advisory 3010060 to warn its customer of a new Zero-Day vulnerability that affects all supported versions of Windows OS except, Windows Server 2003. ...

Apple Pay and wearable technology could pose next threats, experts say - SC Magazine

Shared by
SCMagazine

scmagazine.com - While future security threats could come in a variety of forms, members of an SC Congress New York's panel “Tomorrow's Threats” cited two of the most pressing concerns as wearable technology and ne...

Bark and Bite? The Essential Facts on the POODLE Vulnerability

Shared by
Trustwave

trustwave.com - Another high-profile vulnerability has been unearthed. Following the unwelcomed emergence of Heartbleed and Shellshock, this new flaw - known as POODLE - can lead to theft of data during supposedly...

Cyber-criminals quickly adopt critical flash player vulnerability

Shared by
Malwarebytes

blog.malwarebytes.org - Keeping your computer up-to-date is probably one of the best pieces of advice one can give when it comes to online security. Perhaps it should also be emphasized that patches ought to be applied in...

Core Security® Makes Core Impact® Pro Training and Certification Available Online

Shared by
Core Security

businesswire.com - BOSTON--(BUSINESS WIRE)--Core Security®, a leading provider of attack intelligence solutions, today announced its Core Impact Certified Professional (CICP) program is now available online and on-de...

Keep Your Business’s Data Safe in the Cloud -

Shared by
Trend Micro

blog.trendmicro.com - In the days before cloud was an enterprise thing, back when systems, networks and perimeters were much more clearly defined, information security teams of course still had concerns to address and d...

0wning Emmental

Shared by
Virus Bulletin

blog.fortinet.com - A long time ago, I posted a video showing how to control Zitmo (the mobile component of ZeuS). It turns out you can (nearly) do exactly the same with Emmental. If you are not aware of Operation Emm...