Rootsecure.net: Slashdot: Hacking the Free La Fonera Wireless Router “possible to get shell access by connecting... ... to a serial port present on the circuit board” ZDNet Blog: Digg vs. Diggers? “Is Kevin Rose snubbing the very diggers that digg for the sake of... ... Digg?” Yahoo: Security Awareness Program milw0rm: Nullsoft Winamp < 5.31 Ultravox Ultravox-Max-Msg Heap Overflow Dos POC Tech World: Wikipedia hijacked by malware BBC News: Britain is 'surveillance society' Secunia: Microsoft XMLHTTP ActiveX Control Code Execution Vulnerability Wired: The Virus That Ate DHS Secure Works: Botnet Attack and Analysis Windows Security: How to secure remote desktop connections using TLS/SSL based authentication BBC News: Google 'acts on YouTube threat' “Google is trying to win permission from media compani... ...es to broadcast output legally on YouTube and avoid the threat of legal action, a report has said” Infosec Writers: Malicious Code Injection - It’s Not Just for SQL Anymore [pdf] Security Fix: 14 Arrested for Credit Card, Phishing Scams Reuters: Microsoft, Novell to link on Linux -report Michael Sutton's Blog: Top 10 Signs You Have an Insecure Web App Seattle PI: Diebold demands that HBO cancel documentary on voting machines CNet: Microsoft backtracks on Vista transfer limits “Microsoft said on Thursday that it will not... ... limit the number of times that retail customers can transfer their Windows Vista license to a different computer” Computer World: Mozilla promises fix for second minor Firefox 2.0 bug “users shouldn't have any ... ...major problems caused by the flaw” Washington Post: 'Hacking' Doesn't Crack the Code SANS: Bluetooth 0day hacking

2600: The Hacker Quarterly: Shadow over Long Island, Part 3 The special Halloween rebroadcast of the radio play "Shadow Over Long Island" is now available online. You can find the links to the audio files here. Shadow over Long Island, Part 2 The special Halloween rebroadcast of the radio play "Shadow Over Long Island" is now available online. You can find the links to the audio files here. Shadow over Long Island, Part 1 The special Halloween rebroadcast of the radio play "Shadow Over Long Island" is now available online. You can find the links to the audio files here. 2600 MEETINGS TODAY Today is the first Friday of November which means it's once again time for the monthly 2600 meetings all over the world. To see if there are meetings in your area, check our listings. Off the Hook show for November 1, 2006 SPECIAL HALLOWEEN RADIO BROADCAST TUESDAY We'll be rebroadcasting a classic from the radio archives on Tuesday in place of "Off The Wall." Starting at 5 pm (one hour earlier than normal), a radio play entitled "Shadow Over Long Island" will be presented. This play is a real time production which follows the tradition of the "War of the Worlds" broadcast many years ago in which a somewhat believable scenario is presented to the public, leaving many to wonder whether or not they're listening to reality or to fiction. In this case, "Shadow Over Long Island" deals with an accident at a nuclear power plant on Long Island and the resulting chaos that ensues. At the time of the original broadcast in 1985, nuclear safety was a very controversial topic in the area as a plant was set to open in the vicinity. Since then the plant has been shut down after widespread public opposition. This radio play was written by Emmanuel Goldstein/Eric Corley in the height of the controversy and has been broadcast on a number of occasions on Long Island and Connecticut radio stations. This will be the first rebroadcast in at least a decade. FINAL HOPE NUMBER SIX PANEL SCHEDULED AT LAST We said we'd do it and we meant it. When the Steve Rambam talk at HOPE Number Six was disrupted by his arrest minutes before he was scheduled to go on stage, we vowed to make sure it would one day be presented to the public. That day has now been set and we trust that the FBI won't interfere this time. On Thursday, November 16, HOPE Number Six will finally end with the presentation: "Privacy is Dead - Get Over It" featuring Steve's revealing look at how much information on each of us is readily accessible to virtually anyone. As part of the talk, Steve will reveal all of the information he was able to find on a volunteer "victim." In addition, he will answer all sorts of questions from the audience, including what really happened back in July. Admission to this talk is totally free. It's our way of saying thanks to the HOPE attendees and also a demonstration of the fact that our speakers will not be silenced, no matter what adversity they may have to face. The talk will take place from 6 to 9 pm at the Stevens Institute in Hoboken, New Jersey. There's no need to panic - this location is very easily accessible from New York City and many other places. Full details are available here. You may think you witnessed the conclusion of HOPE Number Six. But until this final talk is given, HOPE is not over. Off the Wall show for October 24, 2006 AUTUMN ISSUE OF 2600 RELEASED The Autumn 2006 issue is out and should be in your hands if you're a subscriber. It should also be at your local bookstore assuming they're one of the many who carry it. (If they're not, be sure to firmly request it.) If you want the convenience of having our magazine come directly to your home, office, or hideout then you should definitely subscribe. More details on the Autumn issue can be found here. HOPE NUMBER SIX SHIRTS AVAILABLE We've finally gotten around to putting our leftover HOPE Number Six merchandise on our online store. That means a bunch of unique shirts are now within your grasp. In addition, we're offering some extra HOPE stuff to go along with all shirt orders. Click here for details. HOPE VIDEOS AVAILABLE All of the HOPE Number Six videos are now available at our online store. In addition to offering individual DVDs of the talks that were held in the two main tracks, we also have a number of special package deals you may find of interest. And for those of you who have been spending the last few days trying to download all of the high fidelity audio of the conference that's available on our website, we've crammed it all onto a single DVD which is also available in our HOPE Number Six video section. ALL HOPE AUDIO NOW ONLINE We now have available for your listening enjoyment all of the HOPE Number Six talks and panels. To listen, simply go to http://www.hopenumbersix.net/speakers.html.

SecurityFocus News: News: Quantum attacks worry computer scientists Quantum attacks worry computer scientists News: Bot nets likely behind jump in spam Bot nets likely behind jump in spam News: Researcher attempts to shed light on security troll Researcher attempts to shed light on security troll >> Advertisement << ALERT: "How A Hacker Launches A Blind SQL Injection Attack Step-by-Step"!" - White Paper Blind SQL Injection can deliver total control of your server to a hacker giving them the ability to read, write and manipulate all data stored in your backend systems! Download this *FREE* white paper from SPI Dynamics for a complete guide to protection! https://download.spidynamics.com/1/ad/bsq.asp?Campaign_ID=701600000004c29 News: Targeted Trojan attacks on the rise Targeted Trojan attacks on the rise Brief: U.S., Korea top list of phishing hosts U.S., Korea top list of phishing hosts Brief: New, critical Microsoft Windows 0-day appears New, critical Microsoft Windows 0-day appears >> Advertisement << ALERT: "How A Hacker Launches A Blind SQL Injection Attack Step-by-Step"!" - White Paper Blind SQL Injection can deliver total control of your server to a hacker giving them the ability to read, write and manipulate all data stored in your backend systems! Download this *FREE* white paper from SPI Dynamics for a complete guide to protection! https://download.spidynamics.com/1/ad/bsq.asp?Campaign_ID=701600000004c29 Brief: FBI nabs suspected identity-theft ring FBI nabs suspected identity-theft ring Brief: Air Force establishing cyberspace command Air Force establishing cyberspace command News: Microsoft offers Apple security advice Microsoft offers Apple security advice >> Advertisement << ALERT: "How A Hacker Launches A Blind SQL Injection Attack Step-by-Step"!" - White Paper Blind SQL Injection can deliver total control of your server to a hacker giving them the ability to read, write and manipulate all data stored in your backend systems! Download this *FREE* white paper from SPI Dynamics for a complete guide to protection! https://download.spidynamics.com/1/ad/bsq.asp?Campaign_ID=701600000004c29 News: Skype under scrutiny for bugs Skype under scrutiny for bugs News: Say hello to the Skype Trojan Say hello to the Skype Trojan News: Shared music abuse bug hits iTunes Shared music abuse bug hits iTunes >> Advertisement << ALERT: "How A Hacker Launches A Blind SQL Injection Attack Step-by-Step"!" - White Paper Blind SQL Injection can deliver total control of your server to a hacker giving them the ability to read, write and manipulate all data stored in your backend systems! Download this *FREE* white paper from SPI Dynamics for a complete guide to protection! https://download.spidynamics.com/1/ad/bsq.asp?Campaign_ID=701600000004c29 News: Nigeria enlists Microsoft to fight spam scammers Nigeria enlists Microsoft to fight spam scammers News: Cross-Site Scripting Worm Hits MySpace Cross-Site Scripting Worm Hits MySpace News: Another data security bill in the works Another data security bill in the works >> Advertisement << ALERT: "How A Hacker Launches A Blind SQL Injection Attack Step-by-Step"!" - White Paper Blind SQL Injection can deliver total control of your server to a hacker giving them the ability to read, write and manipulate all data stored in your backend systems! Download this *FREE* white paper from SPI Dynamics for a complete guide to protection! https://download.spidynamics.com/1/ad/bsq.asp?Campaign_ID=701600000004c29 News: FTC sues company over spyware FTC sues company over spyware Infocus: Hacking Web 2.0 Applications with Firefox Hacking Web 2.0 Applications with Firefox Infocus: Recent Security Enhancements in NetBSD Recent Security Enhancements in NetBSD >> Advertisement << ALERT: "How A Hacker Launches A Blind SQL Injection Attack Step-by-Step"!" - White Paper Blind SQL Injection can deliver total control of your server to a hacker giving them the ability to read, write and manipulate all data stored in your backend systems! Download this *FREE* white paper from SPI Dynamics for a complete guide to protection! https://download.spidynamics.com/1/ad/bsq.asp?Campaign_ID=701600000004c29 Infocus: Beginner's Guide to Wireless Auditing Beginner's Guide to Wireless Auditing Infocus: Analyzing Malicious SSH Login Attempts Analyzing Malicious SSH Login Attempts Mark Rasch: Employee Privacy, Employer Policy Employee Privacy, Employer Policy >> Advertisement << ALERT: "How A Hacker Launches A Blind SQL Injection Attack Step-by-Step"!" - White Paper Blind SQL Injection can deliver total control of your server to a hacker giving them the ability to read, write and manipulate all data stored in your backend systems! Download this *FREE* white paper from SPI Dynamics for a complete guide to protection! https://download.spidynamics.com/1/ad/bsq.asp?Campaign_ID=701600000004c29 Scott Granneman: Surprises Inside Microsoft Vista's EULA Surprises Inside Microsoft Vista's EULA Kelly Martin: Viruses, Phishing, and Trojans For Profit Viruses, Phishing, and Trojans For Profit Federico Biancuzzi: ModSecurity 2.0 with Ivan Ristic ModSecurity 2.0 with Ivan Ristic >> Advertisement << ALERT: "How A Hacker Launches A Blind SQL Injection Attack Step-by-Step"!" - White Paper Blind SQL Injection can deliver total control of your server to a hacker giving them the ability to read, write and manipulate all data stored in your backend systems! Download this *FREE* white paper from SPI Dynamics for a complete guide to protection! https://download.spidynamics.com/1/ad/bsq.asp?Campaign_ID=701600000004c29 More rss feeds from SecurityFocus News, Infocus, Columns, Vulnerabilities, Bugtraq ...