Content Aware Protection for Mac by Endpoint Protector reports file transfers to removable devices, online applications, and to the cloud(author unknown)

Lookout Mobile Security app for Android will now flag ad networks that do not comply(author unknown)

Jonathan McIntosh

For the past two years, a tight-lipped and little talked about unit within the Metropolitan Police has been conducting blanket surveillance of British citizens' public social media conversations. Following an unintentional leak and a detailed investigation, we are finally able to see some of the capabilities of this 17-man team—some of which are truly alarming.

The PRISM scandal engulfing US and UK intelligence agencies has blown the debate wide open over what privacy means in the digital age and whether the Internet risks becoming a kind of Stasi 2.0. The extent of the UK's involvement in this type of mass surveillance—which already appears exhaustive—shows just what a potential intelligence goldmine social media data can be.

But the monitoring of our online trail goes beyond the eavesdroppers in GCHQ.

Read 26 remaining paragraphs | Comments

Today we released a new version of our Enhanced Mitigation Experience Toolkit (EMET 4.0).  EMET is a free mitigation tool designed to help IT Professionals and developers prevent vulnerabilities in software from being successfully exploited. The tool works by protecting applications via the latest security mitigation technologies built into Windows, even in cases where the developer of the noreply@blogger.com (Seguridad de la Información)

As an information security consulting firm, we’re often asked what kinds of web application penetration testing tools are available. For clarification, we’re not talking about ‘tools’ as in people. We understand the confusion, because there is a fair amount of web application testing ‘tools’ out there. But these are some of the web application penetration testing tools we like, along with noreply@blogger.com (Seguridad de la Información)

Vega is an open source platform to test the security of web applications. Vega can help you find and validate SQL Injections, Cross-Site Scripting (XSS), inadvertently disclosed sensitive information, and other vulnerabilities. It is written in Java, GUI based, and runs on Linux, OS X, and Windows. Vega includes an automated scanner for quick tests and an intercepting noreply@blogger.com (Seguridad de la Información)

  Visto en @NotiHacker noreply@blogger.com (Seguridad de la Información)

Great story.

schneier

Security is a big business on both sides of the line. Anti-virus companies scare customers with doom and gloom if you do not buy the wares, meanwhile, on the black-hat side of the fence, the sale of exploits is a lucrative trade. Now the source code for one of the biggest exploits, known as Carberp, has leaked and cut off reported sales that top $40,000.

Tags: Securityl33tdawg

 Dell today said it’s ready with new anti-malware defense and encryption offerings for businesses using its PCs, laptops, and Android-based mobile devices.

The improved security is available via the company’s Protected Workspace program for business computing.

Tags: DellSecurityEncryptionViruses & Malwarel33tdawg

Web sites you think are safe but have been compromised to distribute malicious software are far more prevalent than sites that are intentionally dangerous, according to a new Transparency Report from Google released on Tuesday.

The new Safe Browsing section of the report reveals some of the security trends that Google has been seeing. While Google reiterated that its Safe Browsing program flags up to 10,000 sites a day, the report showed that hacked sites remain a major problem -- with about 60 percent hosting malware and 40 percent being used for phishing attacks.

Tags: GoogleHackersSecurityl33tdawg

Mozilla Tuesday shipped Firefox 22, which enables the in-browser audio-video calling standard WebRTC, and switches on a new JavaScript module that promises to speed up web apps.

The update also includes patches for 17 security vulnerabilities, seven of them marked “critical.”

Tags: FirefoxMozillaSoftware-Programmingl33tdawg

L33tdawg: I have a rough idea on what this might be - maybe ;)

iOS hacker Joshua Hill, more commonly known as P0isxninja, has taken to Twitter to announce that “amazing things” are coming to us all soon. The details of Hill’s latest project are still a mystery, so we have no idea what he’s planning to unveil. But he says “think bigger than jailbreak.”

What could be bigger than a jailbreak for iOS users? Maybe the ability to install custom tweaks and other unauthorized software without having to jailbreak?

Tags: iOSAppleSecurityHackersl33tdawg

Intel is in danger of getting torn to shreds by Indian anti-trust watchdogs.

According to the Times of India, fair trade regulator Competition Commission has completed its investigations into global chip maker Intel's alleged abuse of its dominant position in the Indian market.

Tags: IntelIndial33tdawg

Taking another page out of the WikiLeaks playbook, Edward Snowden has apparently distributed an encrypted copy of at least “thousands” of documents that he pilfered from the National Security Agency to “several people,” according to Glenn Greenwald, The Guardian reporter who first published Snowden’s leaks.

In an interview with the Daily Beast on Tuesday, Greenwald said that Snowden “has taken extreme precautions to make sure many different people around the world have these archives to insure the stories will inevitably be published.”

Tags: NSAPRISMEncryptionSecurityIndustry Newsl33tdawg

Six out of 10 consumers are concerned about storing content in social networking and cloud storage services, according to F-Secure(author unknown)

Cyber-Ark's 7th annual Global Advanced Threat Landscape survey found 80 percent of respondents believe cyberattacks pose a greater threat to their nation than physical attacks(author unknown)

App uses a machine learning algorithm that works with more websites over time(author unknown)

Google

The vast majority of sites that push malware on their visitors are legitimate online services that have been hacked as opposed to those hosted by attackers for the purposes of distributing malicious software, Google security researchers said Tuesday.

The data, included for the first time as part of the safe browsing section of Google's regular transparency report, further challenges the myth that malware attacks happen only on disreputable sites, such as those that peddle porn, illicit software ("warez"), and similar content. For instance, on June 9 only 3,891 of the sites Google blocked as part of its Safe Browsing program were dedicated malware sites, while the remaining 39,247 sites that were filtered offered legitimate services that had been compromised.

In all, Google blocks about 10,000 sites per day as part of the program, which is designed to help people using Firefox, Chrome, and other participating browsers to steer clear of phishing scams and drive-by malware attacks. The program is also designed to inform webmasters of infections hitting their site and to take steps to fix the problems. In all, the Safe Browsing program helps protect about 1 billion people per day.

Read 2 remaining paragraphs | Comments

Lancope will also join the recently announced Cisco Security Technology Partner Ecosystem and Platform Exchange(author unknown)