New tool gives 150 ways to bypass web app firewalls

An interesting tool indeed

Breach of 50,000 accounts from Wall Street IT recruiting firm

Resumes, salary expectations, interview details leaked.

Chinese government issues cybersecurity guidelines

Government agencies all over are getting more serious about cyber threats.

Encrypt Text From Browsers

A super simple way to encrypt any email / IM / Tweet on the fly from within the browser, with no special tools.

SafeGmail, a tool to encrypt gmail messages within the browser.

Another easy way to encrypt text in broswers - Mailvelope

Yahoo confirms theft of 450K unencrypted passwords

After Linked-in, Yahoo loses 450,000 user login credentials, which were unencrypted. Since then, they claim to have fixed the issue. However, the fact remains, it's really pathetic that the web service providers still  do not adhere to the basic security principles, like encrypting passwords.

Here is the orignal dump of exposed passwords. Another copy is here.
A good analysis of the exposed passwords.
In case anyone needs a refresher course on what hashing is, and how to do it properly.

10 crazy IT security tricks that actually work

Now that I am recommending it, but a good read.

Wikileaks releases Syria Files, 2.4 million government related emails

Wikileaks says its latest release shines a light on the inner workings of Syria's government and on Western hypocrisy

Full Story

Internet will vanish Monday for 300,000 infected computers

As many as 300,000 PCs and Macs will drop off the Internet in about 65 hours unless their owners heed last-minute calls to scrub their machines of malware.

DNSChanger's victims to be removed from the net

Schneier's So You Want to Be a Security Expert

Good article for the newbies trying to get into this industry.

Trend Micro AV breached & backdoored

A hacker claims to have breached and backdoored security and antivirus software firm Trend Micro due to 'pseudo-security' as well as SYKES which runs support services for Trend Micro. According to Pastebin and a dump for 'proof' of the breach, the hacker claims to still be in control of a backdoor into the security firm.

Full Story

30 June - Leap Second problem

Apparently, there the clocks had to be inserted with another second on 30-June (details here). This did not go well with the applications. Issues faced described here.

Indian Navy secrets stolen and sent to China

Computers in India’s primary eastern seafront naval establishment at Visakhapatnam were reportedly infected with spyware that sent classified information to IP addresses in China.

Full Story