Personal tools
You are here: Home Subsections Network Security News
« November 2009 »
November
MoTuWeThFrSaSu
1
2345678
9101112131415
16171819202122
23242526272829
30
Log in


Forgot your password?
New user?
 

News

News Item CERT-FI Statement on the Outpost24 TCP Issues
In February 2009, CPNI of UK published a thorough security assessment of the TCP protocol, which presents a number of TCP vulnerabilities and mitigation advice. The report can be downloaded at http://www.cpni.gov.uk/Products/technicalnotes/Feb-09-security-assessment-TCP.aspx
News Item Researchers Find Massive Botnet On Nearly 2 Million Infected Consumer, Business, Government PCs
More than 70 government-owned domains hit, and nearly half of the overall infections are in the U.S.
News Item OpenSSH (and possibly SSH) flaw made public
An underlying flaw in the widely used encryption protocol Open Secure Shell (OpenSSH) has been made public by researchers from the Royal Holloway, University of London.
News Item Slowloris HTTP DoS
A low-bandwidth DoS attack which many webservers are vulnerable to has been released.
News Item After links to cybercrime, Latvian ISP is cut off
 
News Item Security certificate warnings don't work, researchers say
 
News Item Researchers Try to Stalk Botnets Used by Hackers
 
News Item BIND denial of service (server crash) caused by receipt of a specific remote dynamic update message.
 
News Item Military set to lay out $42M to develop advanced network prioritization, security technology
 
News Item Linux webserver botnet pushes malware
 
News Item PayPal Null-Prefix SSL Certificate
PayPal no longer secure from IE, Chrome, Safari on Windows.
News Item Widespread Linux bug may give root access
""" "The null pointer dereference flaw was only fixed in the upcoming 2.6.32 release candidate of the Linux kernel, making virtually all production versions in use at the moment vulnerable. While attacks can be prevented by implementing a common feature known as mmap_min_addr..." """
News Item Man-In-the-Middle Vulnerability For SSL and TLS
"The SSL 3.0+ and TLS 1.0+ protocols are vulnerable to a set of related attacks which allow a man-in-the-middle (MITM) operating at or below the TCP layer"
News Item Google SPDY alternative protocol
Google releases alternative to HTTP protocol to speed up web access.
News Item SSL renegotiation attack implemented
A Turkish grad student has devised a serious, real-world attack on Twitter that targeted a recently discovered vulnerability in the secure sockets layer protocol.
News Item EDUCASE to implement DNSSEC and sign .edu TLD
EDUCASE and Verisign to deploy DNSSEC for .edu TLD by March 2010.
News Item XML flaw threatens apps built with Sun, Apache, Python libraries
Vulnerabilities discovered in XML libraries from Sun, Apache Software Foundation and Python Software Foundation could result in successful denial-of-service attacks on applications built with them, according to Codenomicon.
News Item SSLSniff 0.6 Includes Null-Prefix Attack
 
News Item Null-prefix SSL flaw
 
News Item New AES Attack
 
Document Actions