NIST Site Search
Search NIST.GOV
Custom Search
[Official NIST.GOV TIME]
Product Research

Advertise on this site
Headlines

»NIST to Fund Pilot Projects that Advance Trusted Identities in Cyberspacenbsp Proposers' Conference Set for Feb. 15
»NIST Publishes Draft Implementation Guidance for Continuously Monitoring an Organizations IT System Security
»NIST Issues Cloud Computing Guidelines for Managing Security and Privacy
»International Community Gathers at NIST in March to Discuss Biometric Performance and Testing
»March Workshop to Support Trusted IDs in Cyberspace
»NIST SBIR Program Soliciting Proposals to Solve Manufacturing and IT Challenges
»Text Retrieval Conference 2012 Seeks Information Retrieval Experts for Data Digging
»Protecting Computers at Start-Up: New NIST Guidelines
»NIST Special Publication Expands Government Authentication Options
»New NIST Biometric Data Standard Adds DNA, Footmarks and Enhanced Fingerprint Descriptions
»NIST Improves Tool for Hardening Software Against Cyber Attack
»New HIPAA Tool Helps Organizations Meet Security Requirements
»Romine Named Director of NISTs Information Technology Laboratory
»NICE Issues Cybersecurity Workforce Framework for Public Comment
»Draft Roadmap for Cloud Computing Technology

Date published: not known
Details

»Apple Releases Multiple Security Updates
»Mozilla Releases Firefox 10 and 3.6.26
»Denial-of-Service Malware Campaign
»Google Releases Chrome 16.0.912.77
»Symantec pcAnywhere Hotfix
»Best Practices for Recovery from the Malicious Erasure of Files
»Oracle Releases Critical Patch Update for January 2012
»Phishing Campaign Using Spoofed US-CERT Email Addresses
»Microsoft Releases January Security Bulletin
»Adobe Releases Security Advisory for Adobe Reader and Acrobat

Date published: not known
Details

»U-095: HP Data Protector Media Operations Lets Remote Users Execute Arbitrary Code
HP Data Protector Media Operations Lets Remote Users Execute Arbitrary Code
»U-094: EMC Documentum Content Server Lets Local Administrative Users Gain Elevated Privileges
EMC Documentum Content Server Lets Local Administrative Users Gain Elevated Privileges
»U-093: Mozilla Firefox Multiple Flaws Permit Remote Code Execution, Information Disclosure, and Cross-Site Scripting Attacks
Mozilla Firefox Multiple Flaws Permit Remote Code Execution, Information Disclosure, and Cross-Site ...
»U-092: Sudo Format String Bug Lets Local Users Gain Elevated Privileges
Sudo Format String Bug Lets Local Users Gain Elevated Privileges
»U-091: cURL Lets Remote Users Decrypt SSL/TLS Traffic
cURL Lets Remote Users Decrypt SSL/TLS Traffic
»U-090: RSA enVision Discloses Environment Variable Information to Remote Users
RSA enVision Discloses Environment Variable Information to Remote Users
»U-089: U-089:Apache Struts ParameterInterceptor() Flaw Lets Remote Users Execute Arbitrary Commands
U-089:Apache Struts ParameterInterceptor() Flaw Lets Remote Users Execute Arbitrary Commands
»U-088: Symantec pcAnywhere Bugs Let Remote Users Execute Arbitrary Code
Symantec pcAnywhere Bugs Let Remote Users Execute Arbitrary Code
»U-087: HP-UX update for Java
HP-UX update for Java
»U-086: Linux Kernel /proc//mem Privilege Escalation Vulnerability
Linux Kernel /proc//mem Privilege Escalation Vulnerability
»U-085: OpenSSL DTLS Bug Lets Remote Users Deny Service
OpenSSL DTLS Bug Lets Remote Users Deny Service
»U-084: Cisco Digital Media Manager Lets Remote Authenticated Users Gain Elevated Privileges
Cisco Digital Media Manager Lets Remote Authenticated Users Gain Elevated Privileges
»U-083: Oracle Critical Patch Update Advisory - January 2012
Oracle Critical Patch Update Advisory - January 2012
»U-082: PHP Null Pointer Dereference in zend_strndup() Lets Local Users Deny Service
PHP Null Pointer Dereference in zend_strndup() Lets Local Users Deny Service
»U-081: McAfee SaaS 'myCIOScn.dll' ActiveX Control Lets Remote Users Execute Arbitrary Code
McAfee SaaS 'myCIOScn.dll' ActiveX Control Lets Remote Users Execute Arbitrary Code

Date published: not known
Details

»February issue of VB published
The February issue of Virus Bulletin is now available for subscribers to download.
»Hacktivists hijack DNS of popular websites
Security at registrars may be weak link.
»New RFC describes best practices for running DNS-based lists
DNSBL users advised to avoid those lists that charge for delisting.
»Vulnerability turns McAfee's anti-malware solution into open relay
Flaw allows for spam to be sent through customers' PCs.
»AV-Test releases latest results
Business and consumer products achieve high pass rate.
»Sykipot trojan used to target smart cards
Defence companies among small number of targets.
»Spammers link to site containing QR code
Curious users may scan URL and end up on pharma websites.
»January issue of VB published
The January issue of Virus Bulletin is now available for subscribers to download.
»Spammers using Google open redirect
Vulnerability 'not worthy of bug bounty program'.

Date published: not known
Details

»INTERPOL Set To Open Global Cybercrime Center In 2014
Director of cybersecurity at INTERPOL working on secure online presence for police worldwide to work ...
»Passive Network Fingerprinting; p0f Gets Fresh Rewrite
Passive network analysis can reveal OS, service, and even vulnerabilities--just by sniffing the netw ...
»Can Glass Box Scanning Find Your Real Bugs?
When it works, hybrid -- or "glass box" scanning -- combines dynamic, black-box analysis with static ...
»Slide Show: Technologies That Are Changing The Sports Security Game
Digital technology is increasingly playing a major role in sports security operations
»How To Spot A Fake Facebook Profile
Barracuda Networks gathers telltale characteristics of the phony Facebook "Friend"
»Adobe Calls For Defensive Approach In Security Research
Mitigation methods the emphasis at Adobe
»Poisoning The Data Well
A Q&A with Forrester's John Kindervag about how encryption makes data worthless to the criminals
»FDIC Warns Of 'High Risk' Payment Processors
Some third-party payment processing services may not be secure, commission says
»Attackers Divert Bank Phone Calls to Cover Tracks
Researchers at Trusteer uncover banking malware that steals telephone information to help attackers ...

Date published: not known
Details
NIST.org Forums
Vulnerabilities & Threats ( Restricted Access )
Forum Threads Replies Last Post
Anonymous Posts
Have something to report but don't want your name associated with it? Post it here. We still reserve the right to remove objectable or slanderous material (or anything else we don't like). If you're a member logout before posting to remain anonymous. Minimal logs but they're subject to legal requests.		 9 32 Sat Dec 03 2011, 09:56AM
mffi
IT Security Issues
Generally what ever doesn't fit else where that concerns IT Security goes here. If discussions warrant then new forums will be created and topics moved.		 8 29 Tue Dec 27 2011, 12:04AM
Pacewicz
The Non-Encrypted Hall of Shame
In today's world not protecting other people's personal information that has been entrusted to you is a shameful act. Too bad there isn't a law called “negligent theft”, until such time we give you “The Non-Encrypted Hall of Shame”.		 3 9 Sat Dec 03 2011, 09:43AM
mffi
Social Engineering
Social Engineering war stories		 2 16 Sat Dec 03 2011, 09:48AM
mffi
Viruses, Trojans and Worms
Have a problem and need help? Post your question here and someone will send help your way.		 0 0 -
Spyware
Spyware and spyware removal. Also adware and general malware.		 0 0 -
Microsoft Vulnerabilities
Anything having to do with Microsoft vulnerabilities and their fixes.		 4 31 Sat Dec 03 2011, 10:01AM
mffi
Certification and Training ( Restricted Access )
Forum Threads Replies Last Post
Security Certifications
Discussions regarding CISSP, GSEC, Security+, etc. certifications.		 5 26 Sat Dec 03 2011, 09:56AM
mffi
Federal Government Compliance - IT Security ( Restricted Access )
Forum Threads Replies Last Post
Anonymous Posts
Have something to get off your chest but don't really want everyone in your office to know its you? Post it here. We still reserve the right to remove objectable or slanderous material (or anything else we don't like). If you're a member logout before posting to remain anonymous.		 4 18 Sat Dec 03 2011, 09:57AM
mffi
FISMA
Federal Information Security Management Act (FISMA) was enacted in the U.S. in 2002. The act is meant to bolster computer and network security within the Federal Government and government contractors.		 0 0 -
NIST FIPS
NIST - FIPS Publications - Federal Information Processing Standards (NIST = National Institute of Standards and Technology)		 0 0 -
NIST SP 800 Documents
Discussions related to the NIST Special Publication 800 series documents.		 9 55 Sat Dec 03 2011, 09:55AM
mffi
OMB Circular A-130
This Circular establishes policy for the management of Federal information resources. OMB includes procedural and analytic guidelines for implementing specific aspects of these policies as appendices.		 0 0 -
POA&M Reporting
Plan of Action and Milestones (POA&M) - Reporting required under the Security Reform Act. OMB has developed the POA&M reporting guidance.		 2 12 Sat Dec 03 2011, 09:52AM
mffi
HSPD-12 : Personal Identity Verification (PIV) Project
Another big mandate with the clock ticking. Lots of Smartcard and Biometrics associated with this project.		 0 0 -
Information
Top Posters | Most Active Threads
Welcome guest
These forums can only be posted to by registered and logged in members, please click here to go to the registration page.
The users of this forum have made a total of 274 posts (46 threads, 228 replies).
Who's Online:
View detailed list. (Will open a new window.)
New Posts New posts No New Posts No new posts Closed Thread Closed forum

You cannot start new threads - You cannot post replies - You cannot edit your posts
Powered by e107 Forum System
Translate to: French German Italian Spanish Portuguese GTM_LAN_DUTCH Russian Chinese Arabic Korean English
Latest NIST.org news and comments
Google Ads




Main Menu
· Home

NIST Security Books
NIST IT Security Books

Training / Books

»Security Certifications -
» CISSP, SSCP, Security+, etc.

»Computer Forensics

»Ethical Hacking

»Malware, Spyware, Viruses

»FISMA Compliance, Policies, etc

»PKI, Encryption, Smartcards

»Windows Security Guides

»HIPAA, SOX, CISP, etc.

NIST.org Security Bookstore
Current Security News
 
SANS Internet Storm Center, InfoCON: green

» Infocon: green

» Apple Security Advisory 2012-001 v1.1, (Sat, Feb 4th)
[03 Feb 2012 05:58pm]

» Sophos 2012 Security Threat Report, (Fri, Feb 3rd)
[03 Feb 2012 03:34pm]

» ISC StormCast for Friday, February 3rd 2012 http://isc.sans.edu/podcastdetail.html?id=2302, (Fri, Feb 3rd)
[02 Feb 2012 11:25pm]

» Critical PHP bug patched, (Fri, Feb 3rd)
[02 Feb 2012 10:40pm]

» New Poll - What security issue concerns you the most this year?, (Fri, Feb 3rd)
[02 Feb 2012 06:19pm]

» PHP 5.3.10 Released, Fixes CVE-2012-0830 available for download http://www.php.net/archive/2012.php#id2012-02-02-1, (Fri, Feb 3rd)
[02 Feb 2012 05:56pm]

» ISC StormCast for Thursday, February 2nd 2012 http://isc.sans.edu/podcastdetail.html?id=2299, (Thu, Feb 2nd)
[01 Feb 2012 10:06pm]

» Apple and Apache security fixes and releases, (Wed, Feb 1st)
[01 Feb 2012 03:02pm]

» Oracle Security Alert: http://www.oracle.com/technetwork/topics/security/alert-cve-2011-5035-1506603.html, (Wed, Feb 1st)
[01 Feb 2012 02:40pm]
***
CNET News.com

» Anti-SOPA forces have ISP snooping bill in their crosshairs
[03 Feb 2012 03:18pm]

» EU officials want Google to suspend privacy policy change
[03 Feb 2012 01:51pm]

» Anonymous hacks lawyers for Marine accused of Iraq massacre
[03 Feb 2012 12:49pm]

» Facebook users polled 'unlike' new Timeline feature
[03 Feb 2012 10:30am]

» Google's response on new privacy policy ticks off congresswoman
[03 Feb 2012 09:29am]

» Google's response on new privacy policy ticks off Congress
[03 Feb 2012 09:29am]

» Anonymous claims to have snooped FBI cybercrime call
[03 Feb 2012 09:11am]

» Anonymous: We snooped an FBI cybercrime call
[03 Feb 2012 09:11am]

» Mystery and mayhem surrounding MegaUpload (roundup)
[03 Feb 2012 04:22am]

» Kelihos botnet makes a comeback
[02 Feb 2012 09:50pm]

» Feds seize illegal sports-streaming sites
[02 Feb 2012 08:22pm]

» Teen finds bugs in Google, Facebook, Apple, Microsoft code
[02 Feb 2012 03:53pm]

» How to identify fake Facebook accounts
[02 Feb 2012 03:41pm]

» Security concerns on Apple's FileVault decryption via FireWire
[02 Feb 2012 01:33pm]

» Google now scanning Android apps for malware
[02 Feb 2012 01:30pm]
***
Computerworld Security News

» Hungarian hacker gets 30 months for extortion plot on Marriott
[03 Feb 2012 02:02pm]

» Anonymous grabs email from firm that defended Marine in Haditha case
[03 Feb 2012 12:34pm]

» German gov't endorses Chrome as most secure browser
[03 Feb 2012 11:09am]

» PHP 5.3.10 fixes critical remote code execution vulnerability
[03 Feb 2012 08:19am]

» Google reveals Android malware 'Bouncer,' scans all apps
[03 Feb 2012 05:25am]

» Lawsuit raises questions about email privacy at work
[03 Feb 2012 05:08am]

» More Security News
***


***


More IT Security
News Feeds
More Sponsors

Advertise on this site
NIST - Books You Need

NIST Bookstore
RSS Feeds
Our news can be syndicated by using these rss feeds.
rss1.0
rss2.0
rdf
Symantec News
Welcome
Username:

Password:


Remember me

[ ]
[ ]
[ ]

NIST.org is in no way connected to the U.S. government site NIST.gov

This site is © John Herron, CISSP. All Rights Reserved.

Please visit daily to stay up to date on all your IT Security compliance issues.

http://www.nist.org -
Hosted by BlueHost. We've never had a better hosting company.
{THEMEDISCLAIMER}