NEWS

LaCie 2big Quadra: two bays for performance and protection

First iPhone and iPod touch Internet filter

QNAP unveils enterprise-grade TS-639 Pro Turbo NAS

New book: "Programming in Objective-C 2.0, 2nd Edition"

The Identity Theft Resource Center’s 2008 breach report

ARTICLES

Security Trends of 2008 and Predictions for 2009

The Rise and Rise of Rogue Security Software

What To Do About Social Networking In Your Company

Protecting Corporate Brands: One Keystroke at a Time

Safe Computing During The Holiday Season

THE WIRE

Best practices for certificate expiration

Majority of companies spend ‘no time’ managing their security systems

Whitepaper - Good architecture and security

Whitepaper - 4 key steps to automate IT security compliance

14% of SSL certificates signed using vulnerable MD5 algorithm

The Vulnerability Economy

REVIEWS

iPhone security software - SplashKey

Voice over IP Security

Security Power Tools

Network Warrior

Google Apps Hacks

Crimeware: Understanding New Attacks and Defenses

Big Book of Windows Hacks

MALWARE

Tales from the support crypt: infected DVD drives, antiviruses that blow fuses and more

Rogue antivirus applications related to Continental Flight 1404 and other current news

Zero-day Web malware blocks surpass yearly average

New password-stealing application disguised as a Firefox plugin

Malware week: Antivirus360 antivirus and Sinowal.VXR banker trojan

ADVISORIES

Cisco Security Advisory - Cisco Global Site Selector Appliances DNS Vulnerability (cisco-sa-20090107-gss)

Ubuntu Security Notice - mozilla-thunderbird vulnerabilities (USN-701-2)

Ubuntu Security Notice - thunderbird vulnerabilitie (USN-701-1)

VULNERABILITIES

Acoustica Mixcraft ".mx4" Project File Buffer Overflow

bloofoxCMS "dialog.php" Local File Include

ILIAS "repository.php" SQL Injection

GFI: Automatic event log monitoring: Let GFI EventsManager do the dirty work!

Qualys: This free security guide describes the scanning requirements for PCI-DSS and provides a quick-reference requirements matrix for both Merchants and Service Providers of all levels.

SABSA Foundation Training: make sure you can manage the most successful Security Architecture Certification!

RSA Conference 2009

Vulnerability Scanning

Network Vulnerabilities

Event Log Security