NIST Site Search
Search NIST.GOV
Custom Search
[Official NIST.GOV TIME]
Product Research

Advertise on this site
Available newsfeeds
NIST.GOV Information Technology NIST.GOV
Network World - Security Security News Roundup from Network World
eEye Vulnerability Tracker eEye Research Team's Zero-Day Tracker. Informational archive for zero-day vulnerabilities.
Security Phreak - NetworkWorld Blog Security Web Blog from NetworkWorld.com
PC Magazine Computer Security PC Magazine Computer Security - Virus Software, Spam Software, Spyware Software, Firewall Software
Help Net - Off the Wire Help Net News from various wire and services.
ComputerWorld Security News ComputerWorld.com Security News
InfoWorld - Security Network IT Security News from InfoWorld.com
US-CERT.GOV - Cyber Security Bulletins Cyber Security Bulletins provide weekly summaries of security issues and new vulnerabilities. They also provide patches, workarounds, and other actions to help mitigate risk.
SecurityTracker - Vulnerabilities Vulnerabilities for all popular platforms and applications.
SecurityPark.net The latest Security news, across the complete range of Security products, systems and services including access control, biometrics, IT and computer security.
Washington Post - Security Fix Blog Washington Post Brian Krebs's Blog on Computer Security
Security Focus - Vulnerabilities The latest security Vulnerabilities/Bugtraq from Security Focus
Ha.ckers.org Ha.ckers.org - Gray Hat site. If you thought you had problems sleeping before this certainly won't help.
Help Net Security Security articles from Help Net Security
GovExec.com E-Government News
US-CERT (DHS Cyber-Security Agency) Current Activity Regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT
DOE-CIRC Updates Department of Energy Cyber Incident Response Capability
Virus Bulletin Virus Bulletin is a leading specialist publication in the field of viruses and related malware.
DarkReading Large security news site.
NextGov Nextgov.com covers the technology and business of government.
Translate to: French German Italian Spanish Portuguese GTM_LAN_DUTCH Russian Chinese Arabic Korean English
Latest NIST.org news and comments
Google Ads




Curl error: 7, couldn't connect to host
Headlines

»NIST Posts Initial Analysis of RFI Comments on Cybersecurity Framework for Critical Infrastructure
»NIST Issues Major Revision of Core Computer Security Guide: SP 800-53
»Second Cybersecurity Infrastructure Framework Workshop Gathers May 29-31, 2013
»NIST Announces Plan to Sponsor First Cybersecurity FFRDC
»Eleven Companies Join as Partners in National Cybersecurity Center of Excellence
»Improving Critical Infrastructure Cybersecurity Workshop Video Available On Demand
»May Conference to Discuss Safeguarding Health Information Through HIPAA Security
»NIST to Host Symposium on Ontology Evaluation May 2-3
»Industry Partners Join the National Cybersecurity Center of Excellence
»Health IT Mobile Device Use Case Meeting
»NCCOE NCEP Signing Ceremony
»NFI Publishes White Paper on Trends, Challenges and Strategy in Forensic Science
»NIST Guides Seek Interoperability for Automated Fingerprint ID Systems
»National Cybersecurity Center of Excellence
»NIST Panel Expands Recommendations for Use of Electronic Health Records in Pediatrics

Date published: not known
Details

»Adobe Releases Security Updates for Adobe Flash Player
Original release date: May 16, 2013 Adobe has released security updates for Adobe Flash Playe ...
»Security Updates Available for Adobe Reader and Acrobat
Original release date: May 16, 2013 Adobe has released security updates for Adobe Reader and ...
»Mozilla Releases Multiple Updates
Original release date: May 16, 2013 The Mozilla Foundation has released updates for the follo ...
»Microsoft Releases May 2013 Security Bulletin
Original release date: May 09, 2013 | Last revised: May 14, 2013 Microsoft has released updat ...
»Adobe Releases Security Update for ColdFusion
Original release date: May 09, 2013 | Last revised: May 14, 2013 Adobe has released a securit ...
»Microsoft Releases Security Advisory for Internet Explorer
Original release date: May 07, 2013 Microsoft is investigating public reports of a remote cod ...
»Cisco Releases Security Advisories
Original release date: April 25, 2013 Cisco has released three security advisories to address ...
»Apple Releases Security Updates for Safari
Original release date: April 18, 2013 Apple has released security updates for Safari 6.0.4 We ...
»Scams Exploiting Boston Marathon Explosion
Original release date: April 17, 2013 | Last revised: April 18, 2013 Malicious actors are exp ...
»Oracle Releases April 2013 Security Advisory
Original release date: April 17, 2013 Oracle has released its Critical Patch Update for April ...

Date published: not known
Details

»U-243: libvirt virTypedParameterArrayClear() Memory Access Error Lets Remote Users Deny Service
libvirt virTypedParameterArrayClear() Memory Access Error Lets Remote Users Deny Service
»U-242: Linux Kernel Netlink SCM_CREDENTIALS Processing Flaw Lets Local Users Gain Elevated Privileges
Linux Kernel Netlink SCM_CREDENTIALS Processing Flaw Lets Local Users Gain Elevated Privileges
»U-241: Adobe Flash Player Bugs Let Remote Users Execute Arbitrary Code and Obtain Information
Adobe Flash Player Bugs Let Remote Users Execute Arbitrary Code and Obtain Information
»U-240: Apple Remote Desktop Encryption Failure Lets Remote Users Obtain Potentially Sensitive Information
Apple Remote Desktop Encryption Failure Lets Remote Users Obtain Potentially Sensitive Information
»U-239: Apple iPhone SMS Processing Flaw Lets Remote Users Spoof SMS Source Addresses
Apple iPhone SMS Processing Flaw Lets Remote Users Spoof SMS Source Addresses
»U-238: HP Service Manager Input Validation Flaw Permits Cross-Site Scripting Attacks
HP Service Manager Input Validation Flaw Permits Cross-Site Scripting Attacks
»U-237: Mozilla Firefox CVE-2012-1950 Address Bar URI Spoofing Vulnerability
Mozilla Firefox CVE-2012-1950 Address Bar URI Spoofing Vulnerability
»U-236: Microsoft JScript and VBScript Engine Integer Overflow Lets Remote Users Execute Arbitrary Code
Microsoft JScript and VBScript Engine Integer Overflow Lets Remote Users Execute Arbitrary Code
»U-235: Microsoft Security Bulletin Advance Notification for August 2012
Microsoft Security Bulletin Advance Notification for August 2012
»U-234: Oracle MySQL User Login Security Bypass Vulnerability
Oracle MySQL User Login Security Bypass Vulnerability
»U-233: Oracle Database INDEXTYPE CTXSYS.CONTEXT Bug Lets Remote Authenticated Users Gain Elevated Privileges
Oracle Database INDEXTYPE CTXSYS.CONTEXT Bug Lets Remote Authenticated Users Gain Elevated Privileg ...
»U-232: Xen p2m_teardown() Bug Lets Local Guest OS Users Deny Service on the Host OS
Xen p2m_teardown() Bug Lets Local Guest OS Users Deny Service on the Host OS
»U-231: Cisco ASA SIP and WebVPN Bugs Let Remote Users Deny Service
Cisco ASA SIP and WebVPN Bugs Let Remote Users Deny Service
»U-230: Sudo on Red Hat Enterprise Linux %postun Symlink Flaw Lets Local Users Gain Elevated Privileges
Sudo on Red Hat Enterprise Linux %postun Symlink Flaw Lets Local Users Gain Elevated Privileges
»U-229: HP Network Node Manager i Input Validation Flaw Permits Cross-Site Scripting Attacks
HP Network Node Manager i Input Validation Flaw Permits Cross-Site Scripting Attacks

Date published: not known
Details

»India believed to be source of sophisticated surveillance campaigns
In-depth investigations find widespread worldwide snooping, Pakistan primary target.
»German anti-botnet advisory recommends the use of ad blockers for security
'If websites want to include ads, they must make sure they are secure.'
»Commoditization increasingly seen in mobile malware
Number of malicious samples and families increase, as Android remains most popular mobile platform.
»Microsoft 'found to make requests' to URLs shared via Skype
HEAD requests likely used to determine landing page.
»Program turns anti-analysis tools against the malware
Users cautioned to be wary of a false sense of security.
»Twitter, Facebook accounts used in watering hole campaign
USAID sympathizers targeted with links from 'like-minded people'.
»Microsoft offers fix-it for IE 8 zero-day
CVE-2013-1347 used in watering hole attacks.
»Vulnerabilities could trigger payload in emails upon receiving or opening
Flaws in IBM Notes and Exim/Dovecot easy to mitigate.
»May issue of VB published
The May issue of Virus Bulletin is now available for subscribers to download.

Date published: not known
Details

»Black Hat 2013 Showcases Home Security, Bootkits, Cellular OPSEC Failures
Black Hat announces three more featured talks
»IDs Of 22 Million At Risk Following Breach At Yahoo Japan
Yahoo Japan officials say they "can't deny the possibility" of epic data breach
»Even SMBs Should Look To Log Management For Security
A firewall, patch procedure, anti-malware and, possibly, an IDS are a good start. But to detect brea ...
»'Commercialized' Cyberespionage Attacks Out Of India Targeting U.S., Pakistan, China, And Others
Operation Hangover signals new franchise model in cyberespionage with cyberspying services for hire
»Lancope Enhances Forensics And Incident Response With New, User-Centric Monitoring Capabilities
New features bolster network protection against advanced attacks and insider threats
»Biometrics Firm CIC Secures Funding
Additional funding comes from a number of Phoenix Group affiliates and other investors
»Rethinking Identity Management
Secret identities are a good thing. Multiple identities? Not so much
»Websense Signs Definitive Agreement To Be Acquired By Vista Equity Partners
Shareholders to receive $24.75 per share in cash in transaction valued at approximately $1 billion
»The Future Of Web Authentication
After years of relying on passwords, technology vendors -- and enterprises -- are ready for new meth ...

Date published: not known
Details
Main Menu
· Home

NIST Security Books
NIST IT Security Books

Training / Books

»Security Certifications -
» CISSP, SSCP, Security+, etc.

»Computer Forensics

»Ethical Hacking

»Malware, Spyware, Viruses

»FISMA Compliance, Policies, etc

»PKI, Encryption, Smartcards

»Windows Security Guides

»HIPAA, SOX, CISP, etc.

NIST.org Security Bookstore
Current Security News
 
SANS Internet Storm Center, InfoCON: green

» Infocon: green

» ISC StormCast for Tuesday, May 21st 2013 http://isc.sans.edu/podcastdetail.html?id=3320, (Tue, May 21st)
[20 May 2013 08:00pm]

» Safe - Tools, Tactics and Techniques, (Mon, May 20th)
[20 May 2013 05:14pm]

» Port 51616 - Got Packets?, (Sun, May 19th)
[20 May 2013 04:43pm]

» Ubuntu Package available to submit firewall logs to DShield, (Mon, May 20th)
[20 May 2013 02:16pm]

» Sysinternals Updates for Accesschk, Procdump, RAMMap and Strings http://blogs.technet.com/b/sysinternals/archive/2013/05/17/updates-accesschk-v5-11-procdump-v6-0-rammap-v1-22-strings-v2-51.aspx, (Mon, May 20th)
[20 May 2013 10:36am]

» ISC StormCast for Monday, May 20th 2013 http://isc.sans.edu/podcastdetail.html?id=3317, (Mon, May 20th)
[19 May 2013 07:37pm]

» SSL: Another reason not to ignore IPv6, (Fri, May 17th)
[17 May 2013 11:09am]

» ISC StormCast for Friday, May 17th 2013 http://isc.sans.edu/podcastdetail.html?id=3314, (Fri, May 17th)
[16 May 2013 09:37pm]

» e-netprotections.su ?, (Fri, May 17th)
[16 May 2013 06:02pm]
***
CNET News.com

» Guantanamo Wi-Fi shuttered after Anonymous hacking threat
[20 May 2013 08:45pm]

» Google breach may have led to sensitive data leaks
[20 May 2013 06:52pm]

» Future Firefox takes tougher stance on mixed content
[17 May 2013 01:52pm]

» Google security: You (still) are the weakest link
[16 May 2013 08:00pm]

» Google Glass spurs privacy questions from Congress
[16 May 2013 03:53pm]

» New Mac spyware found in the Oslo Freedom Forum
[16 May 2013 09:34am]

» LulzSec case in U.K. brings sentences for 4 men
[16 May 2013 08:33am]

» Apple, Samsung, others urged to help thwart mobile phone thefts
[13 May 2013 09:54am]

» Bloomberg reporters had access to certain client data
[13 May 2013 07:39am]

» Bloomberg: Yes, reporters had access to client data
[13 May 2013 07:39am]

» Microsoft warns of new Trojan hijacking Facebook accounts
[12 May 2013 05:30pm]

» U.S. charges 8 in $45M global cybercrime scheme
[09 May 2013 05:43pm]

» Senators propose law to go after foreign cybercriminals
[07 May 2013 07:09pm]

» Apple ordered by German court to change its privacy rules
[07 May 2013 11:01am]

» How hackable is your password? McAfee offers password tips
[07 May 2013 09:03am]
***
Computerworld Security News

» Chinese hackers master art of lying low
[20 May 2013 04:00am]

» Security Manager's Journal: NAC deployment means better access control at last
[20 May 2013 04:00am]

» Texas drone bill sparks a battle
[17 May 2013 02:11pm]

» Police arrest Anonymous suspects in Italy
[17 May 2013 11:42am]

» Tech Titans Talk: The IDG Enterprise Interview Series
[17 May 2013 08:15am]

» Four former LulzSec members sentenced to prison in the UK
[16 May 2013 12:11pm]

» More Security News
***


***


More IT Security
News Feeds
More Sponsors

Advertise on this site
NIST - Books You Need

NIST Bookstore
RSS Feeds
Our news can be syndicated by using these rss feeds.
rss1.0
rss2.0
rdf
Symantec News
Welcome
Username:

Password:


Remember me

[ ]
[ ]
[ ]

NIST.org is in no way connected to the U.S. government site NIST.gov

This site is © John Herron, CISSP. All Rights Reserved.

Please visit daily to stay up to date on all your IT Security compliance issues.

http://www.nist.org -
Hosted by BlueHost. We've never had a better hosting company.
{THEMEDISCLAIMER}