Facebook, Google and Apple Appear before Senate Subcommittee on Mobile Device Location Privacy Issues
/
0 Comments
On May 19, Facebook, Google and Apple appeared before a Senate subcommittee on Capitol Hill lead by Senator John Rockefeller, D-West Virginia, and Senator John Kerry, D-Massachusetts, to discuss claims they are not adequately safeguarding their customers’ location privacy on mobile devices.
FCC, FTC to Hold Forum on Cell Phones Tracking Users
The Federal Communications Commission (FCC) and the Federal Trade Commission (FTC) plan a public forum next month on privacy concerns about cell phones and their ability to track the location of users.
The June 28 forum will include recommended best practices individuals can use to guard their privacy.
Enabling a CAC Card Reader on Ubuntu 10.04
I recently installed Ubuntu 10.04 on a PC and for those of you who utilize a Linux or a Mac-based system with a need to access a CAC card reader you are in luck. I have researched all over the Internet and found the best site with full instruction on how installed a CAC reader that will work with Ubuntu and Firefox 3.
SANS Boston 2011
SANS will be back in Boston, MA with an exceptional information security training lineup this August. Why not get your management, security, and forensics training at SANS Boston 2011 on August 8-15? We are bringing our top courses and best instructors to make this the perfect training event for you! Register before June 29 and save $400.
Black Hat // Webcast 28 – HTTP Parameter Pollution Vulnerabilities in Web Applications
While input validation vulnerabilities such as XSS and SQL injection have been intensively studied, a new class of injection vulnerabilities called HTTP Parameter Pollution (HPP) has not received as much attention. HPP attacks consist of injecting encoded query string delimiters into other existing parameters. If a web application does not properly sanitize the user input, a malicious user can compromise the logic of the application to perform either client-side or server-side attacks. This talk analyzes HTTP Parameter Pollution and presents the first automated system for the detection of HPP flaws in real web applications. We used this system to conduct a large-scale experiment by testing more than 5,000 popular websites and discovering unknown HPP bugs in many important and well-known sites such as Microsoft, Google, VMWare and PayPal. In this presentation we will describe the details of the architecture and of the algorithms we implemented to efficiently detect HPP vulnerabilities. We will conclude by discussing the HPP phenomenon and giving suggestions on how to prevent this novel class of injection vulnerabilities in future web applications.
Threat Outbreak Alert: Fake Bin Laden Pictures E-mail Messages on May 13, 2011
Cisco Security Intelligence Operations has detected significant activity related to Portuguese-language spam e-mail messages that claim to contain pictures of Osama Bin Laden The text in the e-mail message instructs the recipient to open a .zip attachment to view the pictures. However, the .zip attachment contains a malicious .scr file that, when executed, attempts to infect the system with malicious code.
Sourcefire® National Seminar Series
Cyberthreats are evolving. Networks are evolving. And so are your security requirements.
Against a backdrop of cyber opponents who are faster, smarter, more prevalent, more targeted, and more elusive than ever before, how can you protect the growing number and types of operating systems, applications, services and users on your network?
White House to Unveil Cyber Security Proposal
White House officials Thursday planned to unveil a major legislative proposal aimed at improving U.S. cybersecurity and protecting the economy, an administration official said.
SANSFIRE 2011 in DC
If you like what the SANS Internet Storm Center (ISC) provides to the cyber security community, then you will love SANSFIRE! SANSFIRE 2011 is the one annual training event powered by the ISC. This years event will be held in Washington DC, July 15-24, and includes more than 25 courses and dozens of up-to-the-minute field reports from ISC handlers.Each evening, the ISC handlers share riveting talks on their most interesting experiences and newest cyber hazards. These special presentations are free to everyone who attends a course at SANSFIRE 2011.
Free SANS Webcasts Powered by vLive!
Please join us in the upcoming weeks for the following informative, free SANS webcasts powered by vLive!, the SANS Institute's online learning platform:
