«
Expand/Collapse
190 items tagged "cyber"
Related tags:
oracle products [+],
internet explorer [+],
explorer microsoft [+],
cyber security [+],
china [+],
microsoft server software [+],
microsoft developer tools [+],
cyber attacks [+],
technical [+],
warfare [+],
cyber warfare [+],
cyber war [+],
windows office [+],
vulnerabilities [+],
office microsoft [+],
office internet [+],
cyber criminals [+],
command [+],
cyber security alert [+],
war [+],
video [+],
swiss [+],
security event [+],
online [+],
iran [+],
ian amit tags [+],
dangerous waters [+],
cyber storm [+],
crime war [+],
band updates [+],
audio [+],
security [+],
x server [+],
windows internet [+],
tiffany rad [+],
security controls [+],
security bulletin [+],
robohelp [+],
private sector computer [+],
oracle fusion middleware [+],
oracle [+],
microsoft visual studio [+],
microsoft sql server [+],
microsoft software products [+],
microsoft office [+],
microsoft net framework [+],
microsoft expression design [+],
microsoft data access components [+],
microsoft data access [+],
megaupload [+],
manager. microsoft [+],
mac os x server [+],
mac os x [+],
mac os [+],
jurisdiction [+],
isa [+],
host integration server [+],
geographic challenges [+],
exchange microsoft [+],
espionage [+],
economic creativity [+],
denial of service [+],
database oracle [+],
cyber threats [+],
cyber thieves [+],
cyber army [+],
cs5 [+],
criminals [+],
country [+],
black hat [+],
backup manager [+],
adobe shockwave player [+],
adobe reader [+],
wps [+],
will [+],
warns [+],
wanna [+],
threats [+],
threat [+],
targeting [+],
target [+],
switzerland [+],
storm [+],
staging areas [+],
spies [+],
software microsoft [+],
share best practices [+],
shane powell [+],
sean boyce tags [+],
riley repko [+],
repko [+],
public sector organizations [+],
preparing [+],
prediction [+],
perspectives [+],
pentagon [+],
parliament [+],
paper [+],
olympics [+],
network [+],
mitigation steps [+],
military [+],
max kelly [+],
london olympics [+],
london [+],
lake zurich [+],
japanese parliament [+],
japanese [+],
international security industry [+],
insider [+],
information [+],
house [+],
hackers [+],
hacker [+],
government [+],
force posture [+],
false sense of security [+],
enough [+],
electronic funds transfers [+],
cyber cops [+],
cops [+],
collaboration engine [+],
code [+],
chief [+],
centric world [+],
authors [+],
attacks [+],
attacker [+],
arbitrary code [+],
abu dhabi [+],
microsoft [+],
white house [+],
white [+],
weapon plans [+],
weapon [+],
water facility [+],
warn [+],
war lessons [+],
war conflict [+],
want [+],
wade polk [+],
usa [+],
trojan [+],
toronto [+],
top [+],
tip [+],
threatens [+],
than china [+],
test [+],
terrorism [+],
terror attacks [+],
teen [+],
targeting iran [+],
talk [+],
sweden [+],
suspicion [+],
superstar [+],
superpower status [+],
superpower [+],
summit [+],
stymied [+],
string [+],
strike [+],
spying [+],
speakers [+],
sophistication [+],
soca [+],
signs [+],
shell [+],
sex [+],
set [+],
security summit [+],
security experts [+],
security conference [+],
security challenge [+],
security authors [+],
seattle [+],
scorns [+],
s. vulnerable [+],
run [+],
roberto preatoni [+],
retaliation [+],
result [+],
response capabilities [+],
reports [+],
report [+],
renewal [+],
realm [+],
prizes [+],
prepped [+],
police uk [+],
police [+],
peter feaver [+],
per year [+],
per schneier [+],
paula dockery [+],
paul malkewicz [+],
ottawa [+],
os x [+],
oil [+],
offensive [+],
of rise [+],
number [+],
nuclear plant [+],
nick harvey [+],
netwar [+],
national collegiate [+],
national [+],
mystery [+],
modern [+],
minister nick harvey [+],
microsoft battles [+],
mi5 [+],
martin khoo [+],
major [+],
losses [+],
lord reid calls [+],
kim jong il [+],
kevin archer tags [+],
kevin archer [+],
kenneth geers [+],
jong il [+],
jihad [+],
jaroslav novak [+],
japan [+],
iranian [+],
ip addresses [+],
ioc [+],
internet access [+],
innovation [+],
infect [+],
industrial [+],
indian government [+],
indian [+],
immune [+],
imminent [+],
imf [+],
house hearing [+],
hot spots [+],
holes [+],
hits [+],
hit [+],
head [+],
hack in the box [+],
greg white [+],
governments [+],
global stability [+],
global rules [+],
geers [+],
france [+],
foreign [+],
force [+],
foes [+],
first casualty [+],
fingered [+],
fbi [+],
existence [+],
exaggerated [+],
evil [+],
dubai [+],
drill [+],
doomsday scenarios [+],
don [+],
domain rules [+],
division [+],
digital warfare [+],
digital [+],
dhs [+],
defense pact [+],
defense [+],
defence minister [+],
defence [+],
davos [+],
dalai lama [+],
czar [+],
cyberwar [+],
cyber wings [+],
cyber weapon [+],
cyber sex [+],
cyber realm [+],
cyber police [+],
cyber fraud [+],
cyber division [+],
cyber defense [+],
cyber cop [+],
cyber commander [+],
cyber battle [+],
cyber activist [+],
crime data [+],
cracked [+],
crack [+],
costing [+],
cost [+],
copy [+],
cop [+],
consumers [+],
conflict [+],
conference [+],
commander talks [+],
command logo [+],
command chief [+],
collegiate [+],
clean [+],
claims [+],
city [+],
chinese [+],
china run [+],
china arrests [+],
chief suggests [+],
charlie miller [+],
chaos communication congress [+],
chances [+],
call to arms [+],
build [+],
brink [+],
brand new car [+],
boston [+],
becomes [+],
bbc [+],
australian government [+],
australian [+],
australia [+],
attackers [+],
asia [+],
arrests [+],
army [+],
approval [+],
anonymous [+],
amnesty [+],
al qaeda [+],
activist [+],
accuses [+],
accelerates [+],
Public [+],
Italian [+],
cyber attack [+],
technical cyber security alert [+],
windows microsoft [+],
u.s. [+],
txt [+],
cyber crime [+],
crime [+],
attack [+]
-
-
![Permalink for '[Video] International Cyber Jurisdiction'](/themes/lilina/web//media/mark_off.gif)
21:28
»
SecDocs
Authors:
Tiffany Rad Tags:
law Event:
Chaos Communication Congress 27th (27C3) 2010 Abstract: Concepts of sovereignty, freedom, privacy and intellectual property become amorphous when discussing territories that only exists as far as the Internet connects. International cyber jurisdiction is supported by a complicated web of international law and treaties. Jurisdiction hopping, a technique that is becoming popular for controversial content, is one we have used for the U.S. 1st Amendment censorship-resistant and non-profit hosting company, Project DOD, by using PRQ's services in Sweden. This technique is used to place assets in a diverse, but accessible, web of countries in which that content may be legal in the hosting country, but may have legal complications in the country in which it is accessed. As ownership and protection of property becomes a concept that is difficult to maintain across boundaries that are not easily distinguishable, can the U.S. "kill-switch" parts of the Internet and under what authority can it be done? Similarly, the geographic challenges to international cyber criminal law – and the feasibility of new sovereign nations – will be analyzed. When a cybercrime is committed in a country in which the electronic communication did not originate, there is difficulty prosecuting the crime without being able to physically apprehend a subject that is virtually within – and physically without – a country's boarders. Similarly, a technique called jurisdiction hopping can be used to place assets in a diverse, but accessible, web of countries in which that content may be legal in the hosting country, but is not in the country in which it is accessed. Lastly, if the U.S. attempts to isolate damage by cutting off Internet connections, under what authority can it be done? This presentation will discuss the types of international laws and treaties that may be cited in the event of extradition of cyber criminals, legal and geographic challenges – such as new sovereign nations – to jurisdiction hopping and the authority with which the U.S. may "kill switch" the Internet. I will also discuss the practical example of where, as a result of our Project DOD case in U.S. Federal court, we have put non-copyright infringing materials on PRQ's servers in Sweden to reduce the incidences of Digital Millennium Copyright Act’s "Take Down" infringement notices that are illegitimate.
-
-
19:07
»
Packet Storm Security Advisories
Technical Cyber Security Alert 2012-129A - Select Microsoft software products contain multiple vulnerabilities. Microsoft has released updates to address these vulnerabilities.
-
19:07
»
Packet Storm Security Recent Files
Technical Cyber Security Alert 2012-129A - Select Microsoft software products contain multiple vulnerabilities. Microsoft has released updates to address these vulnerabilities.
-
19:07
»
Packet Storm Security Misc. Files
Technical Cyber Security Alert 2012-129A - Select Microsoft software products contain multiple vulnerabilities. Microsoft has released updates to address these vulnerabilities.
-
-
8:07
»
Packet Storm Security Advisories
Technical Cyber Security Alert 2012-101A - There are multiple vulnerabilities in Microsoft Windows, Internet Explorer, Microsoft .NET Framework, Microsoft Office, Microsoft Server Software, Microsoft SQL Server, Microsoft Developer Tools, and Microsoft Forefront United Access Gateway. Microsoft has released updates to address these vulnerabilities.
-
8:07
»
Packet Storm Security Recent Files
Technical Cyber Security Alert 2012-101A - There are multiple vulnerabilities in Microsoft Windows, Internet Explorer, Microsoft .NET Framework, Microsoft Office, Microsoft Server Software, Microsoft SQL Server, Microsoft Developer Tools, and Microsoft Forefront United Access Gateway. Microsoft has released updates to address these vulnerabilities.
-
8:07
»
Packet Storm Security Misc. Files
Technical Cyber Security Alert 2012-101A - There are multiple vulnerabilities in Microsoft Windows, Internet Explorer, Microsoft .NET Framework, Microsoft Office, Microsoft Server Software, Microsoft SQL Server, Microsoft Developer Tools, and Microsoft Forefront United Access Gateway. Microsoft has released updates to address these vulnerabilities.
-
-
20:04
»
Packet Storm Security Advisories
Technical Cyber Security Alert 2012-73A - There are multiple vulnerabilities in Microsoft Windows, Microsoft Visual Studio, and Microsoft Expression Design. Microsoft has released updates to address these vulnerabilities.
-
20:04
»
Packet Storm Security Recent Files
Technical Cyber Security Alert 2012-73A - There are multiple vulnerabilities in Microsoft Windows, Microsoft Visual Studio, and Microsoft Expression Design. Microsoft has released updates to address these vulnerabilities.
-
20:04
»
Packet Storm Security Misc. Files
Technical Cyber Security Alert 2012-73A - There are multiple vulnerabilities in Microsoft Windows, Microsoft Visual Studio, and Microsoft Expression Design. Microsoft has released updates to address these vulnerabilities.
-
-
16:07
»
Packet Storm Security Advisories
Technical Cyber Security Alert 2012-45A - There are multiple vulnerabilities in Microsoft Windows, Internet Explorer, Microsoft .NET Framework, Silverlight, Office, and Microsoft Server Software. Microsoft has released updates to address these vulnerabilities.
-
16:07
»
Packet Storm Security Recent Files
Technical Cyber Security Alert 2012-45A - There are multiple vulnerabilities in Microsoft Windows, Internet Explorer, Microsoft .NET Framework, Silverlight, Office, and Microsoft Server Software. Microsoft has released updates to address these vulnerabilities.
-
16:07
»
Packet Storm Security Misc. Files
Technical Cyber Security Alert 2012-45A - There are multiple vulnerabilities in Microsoft Windows, Internet Explorer, Microsoft .NET Framework, Silverlight, Office, and Microsoft Server Software. Microsoft has released updates to address these vulnerabilities.
-
-
8:40
»
Packet Storm Security Advisories
Technical Cyber Security Alert 2012-24A - US-CERT has received information from multiple sources about coordinated distributed denial-of-service (DDoS) attacks with targets that included U.S. government agency and entertainment industry websites. The loosely affiliated collective "Anonymous" allegedly promoted the attacks in response to the shutdown of the file hosting site MegaUpload and in protest of proposed U.S. legislation concerning online trafficking in copyrighted intellectual property and counterfeit goods (Stop Online Piracy Act, or SOPA, and Preventing Real Online Threats to Economic Creativity and Theft of Intellectual Property Act, or PIPA).
-
8:40
»
Packet Storm Security Recent Files
Technical Cyber Security Alert 2012-24A - US-CERT has received information from multiple sources about coordinated distributed denial-of-service (DDoS) attacks with targets that included U.S. government agency and entertainment industry websites. The loosely affiliated collective "Anonymous" allegedly promoted the attacks in response to the shutdown of the file hosting site MegaUpload and in protest of proposed U.S. legislation concerning online trafficking in copyrighted intellectual property and counterfeit goods (Stop Online Piracy Act, or SOPA, and Preventing Real Online Threats to Economic Creativity and Theft of Intellectual Property Act, or PIPA).
-
8:40
»
Packet Storm Security Misc. Files
Technical Cyber Security Alert 2012-24A - US-CERT has received information from multiple sources about coordinated distributed denial-of-service (DDoS) attacks with targets that included U.S. government agency and entertainment industry websites. The loosely affiliated collective "Anonymous" allegedly promoted the attacks in response to the shutdown of the file hosting site MegaUpload and in protest of proposed U.S. legislation concerning online trafficking in copyrighted intellectual property and counterfeit goods (Stop Online Piracy Act, or SOPA, and Preventing Real Online Threats to Economic Creativity and Theft of Intellectual Property Act, or PIPA).
-
-
23:33
»
Packet Storm Security Advisories
Technical Cyber Security Alert 2012-10A - There are multiple vulnerabilities in Microsoft Windows and Microsoft Developer Tools and Software. Microsoft has released updates to address these vulnerabilities.
-
23:33
»
Packet Storm Security Misc. Files
Technical Cyber Security Alert 2012-10A - There are multiple vulnerabilities in Microsoft Windows and Microsoft Developer Tools and Software. Microsoft has released updates to address these vulnerabilities.
-
-
16:29
»
Packet Storm Security Recent Files
Technical Cyber Security Alert 2012-6A - Wi-Fi Protected Setup (WPS) provides simplified mechanisms to configure secure wireless networks. The external registrar PIN exchange mechanism is susceptible to brute force attacks that could allow an attacker to gain access to an encrypted Wi-Fi network.
-
16:29
»
Packet Storm Security Misc. Files
Technical Cyber Security Alert 2012-6A - Wi-Fi Protected Setup (WPS) provides simplified mechanisms to configure secure wireless networks. The external registrar PIN exchange mechanism is susceptible to brute force attacks that could allow an attacker to gain access to an encrypted Wi-Fi network.
-
-
16:27
»
Packet Storm Security Advisories
Technical Cyber Security Alert 2011-350A - Adobe has released Security Bulletin APSB11-30, which describes multiple vulnerabilities affecting Adobe Reader and Acrobat.
-
16:27
»
Packet Storm Security Recent Files
Technical Cyber Security Alert 2011-350A - Adobe has released Security Bulletin APSB11-30, which describes multiple vulnerabilities affecting Adobe Reader and Acrobat.
-
16:27
»
Packet Storm Security Misc. Files
Technical Cyber Security Alert 2011-350A - Adobe has released Security Bulletin APSB11-30, which describes multiple vulnerabilities affecting Adobe Reader and Acrobat.
-
-
18:32
»
Packet Storm Security Advisories
Technical Cyber Security Alert 2011-347A - There are multiple vulnerabilities in Microsoft Windows, Office, and Internet Explorer. Microsoft has released updates to address these vulnerabilities.
-
18:32
»
Packet Storm Security Recent Files
Technical Cyber Security Alert 2011-347A - There are multiple vulnerabilities in Microsoft Windows, Office, and Internet Explorer. Microsoft has released updates to address these vulnerabilities.
-
18:32
»
Packet Storm Security Misc. Files
Technical Cyber Security Alert 2011-347A - There are multiple vulnerabilities in Microsoft Windows, Office, and Internet Explorer. Microsoft has released updates to address these vulnerabilities.
-
-
8:06
»
Packet Storm Security Advisories
Technical Cyber Security Alert 2011-312A - There are multiple vulnerabilities in Microsoft Windows. Microsoft has released updates to address these vulnerabilities.
-
8:06
»
Packet Storm Security Recent Files
Technical Cyber Security Alert 2011-312A - There are multiple vulnerabilities in Microsoft Windows. Microsoft has released updates to address these vulnerabilities.
-
8:06
»
Packet Storm Security Misc. Files
Technical Cyber Security Alert 2011-312A - There are multiple vulnerabilities in Microsoft Windows. Microsoft has released updates to address these vulnerabilities.
-
-
22:50
»
Packet Storm Security Advisories
Technical Cyber Security Alert 2011-286A - There are multiple vulnerabilities in Mac OS X 10.6.8, 10.7, and 10.7.1 and Mac OS X Server 10.6.8, 10.7, and 10.7.1. Apple has released updates to address these vulnerabilities.
-
22:50
»
Packet Storm Security Recent Files
Technical Cyber Security Alert 2011-286A - There are multiple vulnerabilities in Mac OS X 10.6.8, 10.7, and 10.7.1 and Mac OS X Server 10.6.8, 10.7, and 10.7.1. Apple has released updates to address these vulnerabilities.
-
22:50
»
Packet Storm Security Misc. Files
Technical Cyber Security Alert 2011-286A - There are multiple vulnerabilities in Mac OS X 10.6.8, 10.7, and 10.7.1 and Mac OS X Server 10.6.8, 10.7, and 10.7.1. Apple has released updates to address these vulnerabilities.
-
-
19:10
»
Packet Storm Security Advisories
Technical Cyber Security Alert 2011-284A - There are multiple vulnerabilities in Microsoft Windows, .NET Framework, Silverlight, Internet Explorer, Forefront Unified Access Gateway, and Host Integration Server. Microsoft has released updates to address these vulnerabilities.
-
19:10
»
Packet Storm Security Recent Files
Technical Cyber Security Alert 2011-284A - There are multiple vulnerabilities in Microsoft Windows, .NET Framework, Silverlight, Internet Explorer, Forefront Unified Access Gateway, and Host Integration Server. Microsoft has released updates to address these vulnerabilities.
-
19:10
»
Packet Storm Security Misc. Files
Technical Cyber Security Alert 2011-284A - There are multiple vulnerabilities in Microsoft Windows, .NET Framework, Silverlight, Internet Explorer, Forefront Unified Access Gateway, and Host Integration Server. Microsoft has released updates to address these vulnerabilities.
-
-
22:52
»
Packet Storm Security Recent Files
Technical Cyber Security Alert 2011-256A - There are multiple vulnerabilities in Microsoft Windows, Microsoft Server Software, and Microsoft Office. Microsoft has released updates to address these vulnerabilities.
-
22:52
»
Packet Storm Security Misc. Files
Technical Cyber Security Alert 2011-256A - There are multiple vulnerabilities in Microsoft Windows, Microsoft Server Software, and Microsoft Office. Microsoft has released updates to address these vulnerabilities.
-
-
21:26
»
Packet Storm Security Advisories
Technical Cyber Security Alert 2011-222A - There are multiple vulnerabilities in Adobe Shockwave Player, Flash Media Server, Flash Player, Photoshop CS5, and RoboHelp. Adobe has released updates to address these vulnerabilities.
-
21:26
»
Packet Storm Security Recent Files
Technical Cyber Security Alert 2011-222A - There are multiple vulnerabilities in Adobe Shockwave Player, Flash Media Server, Flash Player, Photoshop CS5, and RoboHelp. Adobe has released updates to address these vulnerabilities.
-
21:26
»
Packet Storm Security Misc. Files
Technical Cyber Security Alert 2011-222A - There are multiple vulnerabilities in Adobe Shockwave Player, Flash Media Server, Flash Player, Photoshop CS5, and RoboHelp. Adobe has released updates to address these vulnerabilities.
-
-
21:31
»
Packet Storm Security Advisories
Technical Cyber Security Alert 2011-221A - There are multiple vulnerabilities in Microsoft Windows, Microsoft Office, Internet Explorer, .NET Framework, and Microsoft Developer Tools. Microsoft has released updates to address these vulnerabilities.
-
21:31
»
Packet Storm Security Recent Files
Technical Cyber Security Alert 2011-221A - There are multiple vulnerabilities in Microsoft Windows, Microsoft Office, Internet Explorer, .NET Framework, and Microsoft Developer Tools. Microsoft has released updates to address these vulnerabilities.
-
21:31
»
Packet Storm Security Misc. Files
Technical Cyber Security Alert 2011-221A - There are multiple vulnerabilities in Microsoft Windows, Microsoft Office, Internet Explorer, .NET Framework, and Microsoft Developer Tools. Microsoft has released updates to address these vulnerabilities.
-
-
11:35
»
Packet Storm Security Advisories
Technical Cyber Security Alert 2011-201A - Oracle Database, Oracle Secure Backup, Oracle Fusion Middleware, and various other Oracle products suffer from vulnerabilities including remote execution of arbitrary code, information disclosure, and denial of service.
-
11:35
»
Packet Storm Security Recent Files
Technical Cyber Security Alert 2011-201A - Oracle Database, Oracle Secure Backup, Oracle Fusion Middleware, and various other Oracle products suffer from vulnerabilities including remote execution of arbitrary code, information disclosure, and denial of service.
-
11:35
»
Packet Storm Security Misc. Files
Technical Cyber Security Alert 2011-201A - Oracle Database, Oracle Secure Backup, Oracle Fusion Middleware, and various other Oracle products suffer from vulnerabilities including remote execution of arbitrary code, information disclosure, and denial of service.
-
8:08
»
Packet Storm Security Advisories
Technical Cyber Security Alert 2011-200A - US-CERT is providing this Technical Security Alert in response to recent, well-publicized intrusions into several government and private sector computer networks. Cyber thieves, hacktivists, pranksters, nation-states, and malicious coders for hire all pose serious threats to the security of both government and private sector networks. A comprehensive security program provides the best defense against the full spectrum of threats that our computer networks face today. Network administrators and technical managers should not only follow the recommended security controls information systems outlined in NIST 800-53 but also consider the following measures. These measures include both tactical and strategic mitigations and are intended to enhance existing security programs.
-
8:08
»
Packet Storm Security Recent Files
Technical Cyber Security Alert 2011-200A - US-CERT is providing this Technical Security Alert in response to recent, well-publicized intrusions into several government and private sector computer networks. Cyber thieves, hacktivists, pranksters, nation-states, and malicious coders for hire all pose serious threats to the security of both government and private sector networks. A comprehensive security program provides the best defense against the full spectrum of threats that our computer networks face today. Network administrators and technical managers should not only follow the recommended security controls information systems outlined in NIST 800-53 but also consider the following measures. These measures include both tactical and strategic mitigations and are intended to enhance existing security programs.
-
8:08
»
Packet Storm Security Misc. Files
Technical Cyber Security Alert 2011-200A - US-CERT is providing this Technical Security Alert in response to recent, well-publicized intrusions into several government and private sector computer networks. Cyber thieves, hacktivists, pranksters, nation-states, and malicious coders for hire all pose serious threats to the security of both government and private sector networks. A comprehensive security program provides the best defense against the full spectrum of threats that our computer networks face today. Network administrators and technical managers should not only follow the recommended security controls information systems outlined in NIST 800-53 but also consider the following measures. These measures include both tactical and strategic mitigations and are intended to enhance existing security programs.
-
-
18:53
»
Packet Storm Security Advisories
Technical Cyber Security Alert 2011-165A - There are multiple vulnerabilities in Microsoft Windows, Office, Internet Explorer, ISA, Visual Studio, and .NET Framework. Microsoft has released updates to address these vulnerabilities.
-
18:53
»
Packet Storm Security Recent Files
Technical Cyber Security Alert 2011-165A - There are multiple vulnerabilities in Microsoft Windows, Office, Internet Explorer, ISA, Visual Studio, and .NET Framework. Microsoft has released updates to address these vulnerabilities.
-
18:53
»
Packet Storm Security Misc. Files
Technical Cyber Security Alert 2011-165A - There are multiple vulnerabilities in Microsoft Windows, Office, Internet Explorer, ISA, Visual Studio, and .NET Framework. Microsoft has released updates to address these vulnerabilities.
-
-
18:51
»
Packet Storm Security Advisories
Technical Cyber Security Alert 2011-130A - There are multiple vulnerabilities in Microsoft Windows and Office. Microsoft has released updates to address these vulnerabilities.
-
18:51
»
Packet Storm Security Recent Files
Technical Cyber Security Alert 2011-130A - There are multiple vulnerabilities in Microsoft Windows and Office. Microsoft has released updates to address these vulnerabilities.
-
18:51
»
Packet Storm Security Misc. Files
Technical Cyber Security Alert 2011-130A - There are multiple vulnerabilities in Microsoft Windows and Office. Microsoft has released updates to address these vulnerabilities.
-
-
0:19
»
SecDocs
Authors:
Tiffany Rad Tags:
law Event:
Black Hat Abu Dhabi 2010 Abstract: Cyberspace, Cyber Criminal Prosecution & Jurisdiction Hopping Concepts of sovereignty, freedom, privacy and intellectual property become amorphous when discussing territories that only exists as far as the Internet connects. When a cyber crime is committed in a country in which the electronic communication did not originate, there is difficulty prosecuting the crime without being able to physically apprehend a subject that is virtually within -- and physically without -- a country's boarders. Similarly, a technique called jurisdiction hopping can be used to place assets in a diverse, but accessible, web of countries in which that content may be legal in the hosting country, but is not in the country in which it is accessed. Lastly, if the U.S. attempts to isolate damage by "kill switching" parts of the Internet, how will this affect critical infrastructure such as water, electricity and electronic funds transfers? Under what authority can it be done? This presentation will discuss the types of international laws and treaties that may be cited in the event of extradition of cyber criminals, legal and geographic challenges – such as new sovereign nations -- to jurisdiction hopping and the authority with which the U.S. may "kill switch" the Internet. Our most popular phone technologies use decade-old proprietary cryptography. GSM's 64bit A5/1 cipher, for instance, is vulnerable to time memory trade-offs but commercial cracking hardware costs hundreds of thousands of dollars. We discuss how cryptographic improvements and the power of the community created an open GSM decrypt solution that runs on commodity hardware. Besides GSM we discuss weaknesses in DECT cordless phones. The talk concludes with an overview of mitigation steps for GSM and DECT in response to our research, some of which are already being implemented.
-
0:17
»
SecDocs
Authors:
Tiffany Rad Tags:
law Event:
Black Hat Abu Dhabi 2010 Abstract: Cyberspace, Cyber Criminal Prosecution & Jurisdiction Hopping Concepts of sovereignty, freedom, privacy and intellectual property become amorphous when discussing territories that only exists as far as the Internet connects. When a cyber crime is committed in a country in which the electronic communication did not originate, there is difficulty prosecuting the crime without being able to physically apprehend a subject that is virtually within -- and physically without -- a country's boarders. Similarly, a technique called jurisdiction hopping can be used to place assets in a diverse, but accessible, web of countries in which that content may be legal in the hosting country, but is not in the country in which it is accessed. Lastly, if the U.S. attempts to isolate damage by "kill switching" parts of the Internet, how will this affect critical infrastructure such as water, electricity and electronic funds transfers? Under what authority can it be done? This presentation will discuss the types of international laws and treaties that may be cited in the event of extradition of cyber criminals, legal and geographic challenges – such as new sovereign nations -- to jurisdiction hopping and the authority with which the U.S. may "kill switch" the Internet. Our most popular phone technologies use decade-old proprietary cryptography. GSM's 64bit A5/1 cipher, for instance, is vulnerable to time memory trade-offs but commercial cracking hardware costs hundreds of thousands of dollars. We discuss how cryptographic improvements and the power of the community created an open GSM decrypt solution that runs on commodity hardware. Besides GSM we discuss weaknesses in DECT cordless phones. The talk concludes with an overview of mitigation steps for GSM and DECT in response to our research, some of which are already being implemented.
-
-
12:15
»
SecDocs
Authors:
Sean Boyce Tags:
evasion insider Event:
Black Hat DC 2011 Abstract: There are several stages to a successful cyber attack. The most crucial of which is also the least discussed: data theft. Cyber criminals, insider threats, advanced persistent threats; every attacker has ways to get into your network and find what they want. While there are several tools, methods and strategies to combat intruders, once they’ve made off with your data there is no getting it back, the game is over. MANDIANT’s consultants regularly respond to incidents where data, intellectual property even money is being stolen from victim organizations. During this presentation we will take a look at some of the advanced methods of stealing data that we have recently encountered in the field, including: preparing and cleaning staging areas, avoiding DLP/traffic scanning products and how attackers use a victim’s own infrastructure and architecture against them. We will discuss why these tricks work and what, if anything, can be done to stop them. Whether it be financial information, intellectual property, or personally identifiable information; the most valuable thing on your network is the data. Intruders may get in, but until they get out with what they came for the game’s not over.
-
12:15
»
SecDocs
Authors:
Sean Boyce Tags:
evasion insider Event:
Black Hat DC 2011 Abstract: There are several stages to a successful cyber attack. The most crucial of which is also the least discussed: data theft. Cyber criminals, insider threats, advanced persistent threats; every attacker has ways to get into your network and find what they want. While there are several tools, methods and strategies to combat intruders, once they’ve made off with your data there is no getting it back, the game is over. MANDIANT’s consultants regularly respond to incidents where data, intellectual property even money is being stolen from victim organizations. During this presentation we will take a look at some of the advanced methods of stealing data that we have recently encountered in the field, including: preparing and cleaning staging areas, avoiding DLP/traffic scanning products and how attackers use a victim’s own infrastructure and architecture against them. We will discuss why these tricks work and what, if anything, can be done to stop them. Whether it be financial information, intellectual property, or personally identifiable information; the most valuable thing on your network is the data. Intruders may get in, but until they get out with what they came for the game’s not over.
-
-
15:30
»
Packet Storm Security Advisories
Technical Cyber Security Alert 2011-102A - There are multiple vulnerabilities in Microsoft Windows, Office, Internet Explorer, and Visual Studio. Microsoft has released updates to address these vulnerabilities.
-
15:30
»
Packet Storm Security Recent Files
Technical Cyber Security Alert 2011-102A - There are multiple vulnerabilities in Microsoft Windows, Office, Internet Explorer, and Visual Studio. Microsoft has released updates to address these vulnerabilities.
-
15:30
»
Packet Storm Security Misc. Files
Technical Cyber Security Alert 2011-102A - There are multiple vulnerabilities in Microsoft Windows, Office, Internet Explorer, and Visual Studio. Microsoft has released updates to address these vulnerabilities.
-
-
7:27
»
Packet Storm Security Advisories
Technical Cyber Security Alert 2011-67A - There are multiple vulnerabilities in Microsoft Windows and Microsoft Office. Microsoft has released updates to address these vulnerabilities.
-
7:27
»
Packet Storm Security Recent Files
Technical Cyber Security Alert 2011-67A - There are multiple vulnerabilities in Microsoft Windows and Microsoft Office. Microsoft has released updates to address these vulnerabilities.
-
7:27
»
Packet Storm Security Misc. Files
Technical Cyber Security Alert 2011-67A - There are multiple vulnerabilities in Microsoft Windows and Microsoft Office. Microsoft has released updates to address these vulnerabilities.
-
-
17:33
»
Packet Storm Security Advisories
Technical Cyber Security Alert 2011-39A - There are multiple vulnerabilities in Microsoft Windows, Microsoft Office, and Internet Explorer. Microsoft has released updates to address these vulnerabilities.
-
17:33
»
Packet Storm Security Recent Files
Technical Cyber Security Alert 2011-39A - There are multiple vulnerabilities in Microsoft Windows, Microsoft Office, and Internet Explorer. Microsoft has released updates to address these vulnerabilities.
-
17:33
»
Packet Storm Security Misc. Files
Technical Cyber Security Alert 2011-39A - There are multiple vulnerabilities in Microsoft Windows, Microsoft Office, and Internet Explorer. Microsoft has released updates to address these vulnerabilities.
-
-
18:11
»
Packet Storm Security Advisories
Technical Cyber Security Alert 2011-11A - There are multiple vulnerabilities in Microsoft Data Access Components and Windows Backup Manager. Microsoft has released updates to address these vulnerabilities.
-
18:11
»
Packet Storm Security Recent Files
Technical Cyber Security Alert 2011-11A - There are multiple vulnerabilities in Microsoft Data Access Components and Windows Backup Manager. Microsoft has released updates to address these vulnerabilities.
-
18:11
»
Packet Storm Security Misc. Files
Technical Cyber Security Alert 2011-11A - There are multiple vulnerabilities in Microsoft Data Access Components and Windows Backup Manager. Microsoft has released updates to address these vulnerabilities.
-
5:55
»
Packet Storm Security Recent Files
The Call for Papers for the third Swiss Cyber Storm Security Conference in Switzerland is now open where the eminent figures in the international security industry will get together and share best practices and technology. The conference will be held at the University of Applied Sciences in Rapperswil lakeside of Lake Zurich on May 12th through the 15th, 2011.
-
5:55
»
Packet Storm Security Misc. Files
The Call for Papers for the third Swiss Cyber Storm Security Conference in Switzerland is now open where the eminent figures in the international security industry will get together and share best practices and technology. The conference will be held at the University of Applied Sciences in Rapperswil lakeside of Lake Zurich on May 12th through the 15th, 2011.
-
-
17:25
»
Packet Storm Security Advisories
Technical Cyber Security Alert 2010-348A - There are multiple vulnerabilities in Microsoft Windows, Internet Explorer, Office, Sharepoint, and Exchange. Microsoft has released updates to address these vulnerabilities.
-
17:25
»
Packet Storm Security Recent Files
Technical Cyber Security Alert 2010-348A - There are multiple vulnerabilities in Microsoft Windows, Internet Explorer, Office, Sharepoint, and Exchange. Microsoft has released updates to address these vulnerabilities.
-
17:25
»
Packet Storm Security Misc. Files
Technical Cyber Security Alert 2010-348A - There are multiple vulnerabilities in Microsoft Windows, Internet Explorer, Office, Sharepoint, and Exchange. Microsoft has released updates to address these vulnerabilities.
-
-
22:01
»
Packet Storm Security Recent Files
Technical Cyber Security Alert 2010-287A - The Oracle products and components listed above are affected by multiple vulnerabilities. The impacts of these vulnerabilities include remote execution of arbitrary code, information disclosure, and denial of service.
-
22:00
»
Packet Storm Security Advisories
Technical Cyber Security Alert 2010-287A - The Oracle products and components listed above are affected by multiple vulnerabilities. The impacts of these vulnerabilities include remote execution of arbitrary code, information disclosure, and denial of service.
-
-
21:00
»
Packet Storm Security Recent Files
Technical Cyber Security Alert 2010-238A - Due to the way Microsoft Windows loads dynamically linked libraries (DLLs), an application may load an attacker-supplied DLL instead of the legitimate one, resulting in the execution of arbitrary code.
-
21:00
»
Packet Storm Security Advisories
Technical Cyber Security Alert 2010-238A - Due to the way Microsoft Windows loads dynamically linked libraries (DLLs), an application may load an attacker-supplied DLL instead of the legitimate one, resulting in the execution of arbitrary code.
-
-
22:50
»
Packet Storm Security Recent Files
Technical Cyber Security Alert 2010-194B - A large amount of Oracle products and components are affected by multiple vulnerabilities. The impacts of these vulnerabilities include remote execution of arbitrary code, information disclosure, and denial of service.
-
22:48
»
Packet Storm Security Advisories
Technical Cyber Security Alert 2010-194B - A large amount of Oracle products and components are affected by multiple vulnerabilities. The impacts of these vulnerabilities include remote execution of arbitrary code, information disclosure, and denial of service.
-
-
3:42
»
SecDocs
Authors:
Shane Powell Tags:
security Event:
Black Hat DC 2010 Abstract: Once the sole domain of military planners, public sector organizations must begin to understand the extent to which cyber attacks may affect their ability to conduct mission essential operations. Various information security regulations and standards aid organizations with configuring information systems securely. Common processes are used to assess system vulnerabilities and assign risk. However, vulnerability and risk assessments can easily mislead system owners into a false sense of security. While vulnerabilities can be patched and risks may be mitigated, the end result is inevitable that someone must accept responsibility should their organization fall prey to cyber attack through exposures that remain. The approach to Cyber Effects Prediction proposed in this paper harnesses traditional and emerging analytic methods to provide a deep understanding of the actual security state of an organization’s information system. Cyber Effects Prediction harnesses detailed knowledge of how an organization’s information systems are configured, business operations, continuity of operations planning, and external relationships. Determination can be made from this information of how information systems will likely be attacked, allowing for prediction of the cascading effects that result from successful cyber attack.
-
3:42
»
SecDocs
Authors:
Shane Powell Tags:
security Event:
Black Hat DC 2010 Abstract: Once the sole domain of military planners, public sector organizations must begin to understand the extent to which cyber attacks may affect their ability to conduct mission essential operations. Various information security regulations and standards aid organizations with configuring information systems securely. Common processes are used to assess system vulnerabilities and assign risk. However, vulnerability and risk assessments can easily mislead system owners into a false sense of security. While vulnerabilities can be patched and risks may be mitigated, the end result is inevitable that someone must accept responsibility should their organization fall prey to cyber attack through exposures that remain. The approach to Cyber Effects Prediction proposed in this paper harnesses traditional and emerging analytic methods to provide a deep understanding of the actual security state of an organization’s information system. Cyber Effects Prediction harnesses detailed knowledge of how an organization’s information systems are configured, business operations, continuity of operations planning, and external relationships. Determination can be made from this information of how information systems will likely be attacked, allowing for prediction of the cascading effects that result from successful cyber attack.
-
-
1:00
»
Packet Storm Security Recent Files
Technical Cyber Security Alert 2010-103B - The Oracle products and components listed above are affected by multiple vulnerabilities. The impacts of these vulnerabilities include remote execution of arbitrary code, information disclosure, and denial of service.
-
1:00
»
Packet Storm Security Advisories
Technical Cyber Security Alert 2010-103B - The Oracle products and components listed above are affected by multiple vulnerabilities. The impacts of these vulnerabilities include remote execution of arbitrary code, information disclosure, and denial of service.
-
10:00
»
Packet Storm Security Advisories
Technical Cyber Security Alert 2010-89A - Microsoft has released out-of-band updates to address critical vulnerabilities in Internet Explorer.
-
1:00
»
Packet Storm Security Advisories
Technical Cyber Security Alert 2010-21A - Microsoft has released out-of-band updates to address critical vulnerabilities in Internet Explorer.
1337day (was: Inj3ct0r, 1337db)
OSVDB Vulnerabilities
Exploit-DB
SecurityFocus Vulnerabilities
Bugtraq
XSSed
Sophos security news
Penetration Testing
SecuriTeam
BackTrack Linux Forums
Threatpost
carnal0wnage.attackresearch.com
Carnal0wnage
Darknet
The Exploitant
Hack a Day
Wirevolution