Security News (updated throughout the day)

• Vuln: GnuPG 'GPGSM Tool' Certificate Importing Remote Code Execution Vulnerability
• Vuln: Multiple Mozilla Products 'importScripts()' Method Cross Domain Information Disclosure Vulnerability
• Vuln: Mozilla Firefox, Thunderbird, and SeaMonkey 'nsTreeSelection' Remote Code Execution Vulnerability
• Vuln: Mozilla Firefox, Thunderbird and SeaMonkey CSS Values Integer Overflow Vulnerability
• Bugtraq: ESA-2010-012: EMC Disk Library (EDL) Denial Of Service Vulnerability
• Bugtraq: XSS vulnerability in Campsite
• Bugtraq: XSS vulnerability in Campsite
• Bugtraq: Akamai Download Manager arbitrary file download & execution
• More rss feeds from SecurityFocus

Sorry: It's not possible to reach RSS file http://rssnewsapps.ziffdavis.com/eweeksecurity.xml
(you will probably hide this message in "live" and simply show nothing)

Network World on Privacy
Latest privacy news and analysis from NetworkWorld.com.

• Facebook, nannying, and objectives
• Facebook, nannying, and objectives
• Former student files second lawsuit over school Webcam spying
• ICO: Google Wi-Fi data didn't contain personal information
• The Facebook Data Torrent Debacle: Q&A
• 100M Facebook Profiles Now Available For Download
• Facebook Testing Delete Account Option
• Next step for Wikileaks: Crowdsourcing classified data
• Do Identity-Theft Protection Services Work?
• OFT launches e-consumer protection consultation

Recent Security at Home information
Keep up to date with the ten most recent syndicated articles from Microsoft Security at Home.

• Microsoft security updates for July 2009
• Microsoft security updates for June 2009
• Microsoft security updates for May 2009
• What is a botnet?
• What is spam?
• What are Internet filters?
• What is identity theft?
• Microsoft security updates for April 2009
• Protect yourself from the Conficker computer worm
• How to prevent a computer worm

Microsoft Security Bulletins
Microsoft Security Bulletins

• MS10-045 - Important: Vulnerability in Microsoft Office Outlook Could Allow Remote Code Execution (978212)
• MS10-044 - Critical: Vulnerabilities in Microsoft Office Access ActiveX Controls Could Allow Remote Code Execution (982335)
• MS10-043 - Critical: Vulnerability in Canonical Display Driver Could Allow Remote Code Execution (2032276)
• MS10-042 - Critical: Vulnerability in Help and Support Center Could Allow Remote Code Execution (2229593)
• MS10-041 - Important: Vulnerability in Microsoft .NET Framework Could Allow Tampering (981343)
• MS10-040 - Important: Vulnerability in Internet Information Services Could Allow Remote Code Execution (982666)
• MS10-039 - Important: Vulnerabilities in Microsoft SharePoint Could Allow Elevation of Privilege (2028554)
• MS10-038 - Important: Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (2027452)
• MS10-037 - Important: Vulnerability in the OpenType Compact Font Format (CFF) Driver Could Allow Elevation of Privilege (980218)
• MS10-036 - Important: Vulnerability in COM Validation in Microsoft Office Could Allow Remote Code Execution (983235)
• MS10-035 - Critical: Cumulative Security Update for Internet Explorer (982381)
• MS10-034 - Critical: Cumulative Security Update of ActiveX Kill Bits (980195)
• MS10-033 - Critical: Vulnerabilities in Media Decompression Could Allow Remote Code Execution (979902)
• MS10-032 - Important: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (979559)
• MS10-031 - Critical: Vulnerability in Microsoft Visual Basic for Applications Could Allow Remote Code Execution (978213)
• MS10-030 - Critical: Vulnerability in Outlook Express and Windows Mail Could Allow Remote Code Execution (978542)
• MS10-029 - Moderate: Vulnerability in Windows ISATAP Component Could Allow Spoofing (978338)
• MS10-028 - Important: Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution (980094)
• MS10-027 - Critical: Vulnerability in Windows Media Player Could Allow Remote Code Execution (979402)
• MS10-026 - Critical: Vulnerability in Microsoft MPEG Layer-3 Codecs Could Allow Remote Code Execution (977816)
• MS10-025 - Critical: Vulnerability in Microsoft Windows Media Services Could Allow Remote Code Execution (980858)
• MS10-024 - Important: Vulnerabilities in Microsoft Exchange and Windows SMTP Service Could Allow Denial of Service (981832)
• MS10-023 - Important: Vulnerability in Microsoft Office Publisher Could Allow Remote Code Execution (981160)
• MS10-022 - Important: Vulnerability in VBScript Scripting Engine Could Allow Remote Code Execution (981169)
• MS10-021 - Important: Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (979683)

SecurityFocus News
SecurityFocus is the most comprehensive and trusted source of security information on the Internet. We are a vendor-neutral site that provides objective, timely and comprehensive security information to all members of the security community, from end users, security hobbyists and network administrators to security consultants, IT Managers, CIOs and CSOs.

• News: Change in Focus
• News: Twitter attacker had proper credentials
• News: PhotoDNA scans images for child abuse
• News: Conficker data highlights infected networks
• Brief: Google offers bounty on browser bugs
• Brief: Cyberattacks from U.S. "greatest concern"
• Brief: Microsoft patches as fraudsters target IE flaw
• Brief: Attack on IE 0-day refined by researchers
• News: Monster botnet held 800,000 people's details
• News: Google: 'no timetable' on China talks
• News: Latvian hacker tweets hard on banking whistle
• News: MS uses court order to take out Waledac botnet
• Infocus: Enterprise Intrusion Analysis, Part One
• Infocus: Responding to a Brute Force SSH Attack
• Infocus: Data Recovery on Linux and <i>ext3</i>
• Infocus: WiMax: Just Another Security Challenge?
• Gunter Ollmann: Time to Squish SQL Injection
• Mark Rasch: Lazy Workers May Be Deemed Hackers
• Adam O'Donnell: The Scale of Security
• Mark Rasch: Hacker-Tool Law Still Does Little
• More rss feeds from SecurityFocus

CERT/CC
At the CERT Coordination Center, we study Internet security vulnerabilities and incident activity, research security and survivability in wide-area networked computing, and develop information to help you improve security at your site.

Sorry: It's not possible to reach RSS file http://www.computerworld.com/news/xml/0,5000,584,00.xml
(you will probably hide this message in "live" and simply show nothing)

LinuxSecurity.com - Security Advisories
The central voice for Linux and Open Source security news.

• SuSE: 2010-032: Mozilla Firefox
• Debian: 2077-1: openldap: Multiple vulnerabilities
• Red Hat: 2010:0574-01: java-1.4.2-ibm: Critical Advisory
• Mandriva: 2010:142: openldap
• Red Hat: 2010:0567-01: lvm2-cluster: Moderate Advisory
• Debian: 2076-1: gnupg2: use-after-free

Apple Hot News
Hot News provided by Apple.

• New iMac Is Editors’ Choice
• Thumbs Up for Magic Trackpad
• Apps Built for iPhone 4
• New iMac King of the All-in-Ones
• Apple Updates Safari 5
• Apple Updates iMac Line
• New Mac Pro With Up to 12 Processing Cores
• Apple Unveils New 27-inch LED Cinema Display
• iPhone 4 Arrives in 17 More Countries This Friday
• Apple Reports Third Quarter Results
• FileMaker Unveils New FileMaker Go for iPhone and iPad
• iPad Available in Nine More Countries This Friday
• iPhone and Apps for Good Health
• iPad Apps Entertain Kids on the Road
• 15 Must-Have Games for iPad
• Editors’ Choice: Mac mini with Snow Leopard Server
• Letter from Apple Regarding iPhone 4
• iPhone 4 Sales Top 1.7 Million
• Apple Updates MobileMe
• Apple Sells Three Million iPads in 80 Days

Stupid Security
Exposing Fake Security Since 2003

• Note on security gate... with code.
• Man prints fake pilot's license on printer at home, flies commercial jets for 13 years
• Airport scanners being misused--quelle surprise!!
• Homeland Security out of a job?
• Arabic-language flashcards don't fly with TSA
• TSA Worker Fired For "White Powder" Prank
• TSA Logo Competition
• 8 year old on watch list
• Roundup of Web "Security" Articles
• Slovak Air Security Test Goes Very Wrong