Tag Archives: calendar

[ISN] Georgia Tech student indicted for UGA website hack

http://onlineathens.com/breaking-news/2014-12-30/georgia-tech-student-indicted-uga-website-hack By JOE JOHNSON Athens Banner-Herald December 31, 2014 A Clarke County grand jury recently indicted a Georgia Tech student for allegedly hacking into the University of Georgia’s computer network to post a message prior to the annual rivalry football game between the Bulldogs and Yellow Jackets. Ryan Gregory Pickren, 21, was charged with felony computer trespass for making the posting on UGA’s online calendar on Nov. 27, two days before the intrastate gridiron match-up. The illegal calendar entry, which was added below the legitimate entry for the game, read: “Sat., November 29, 2014/ 12:00 pm/ Get Ass Kicked by GT.” Tom Jackson, UGA’s vice president for public affairs, said the calendar hack was discovered shortly after it was posted on Thanksgiving and taken down about an hour after it appeared. […]




Facebooktwittergoogle_plusredditpinterestlinkedinmail

Politically Correct way to say “Merry Christmas” (2015 Edition)

Please accept with no obligation, implied or implicit, my best wishes for an environmentally conscious, socially responsible, low-stress, non-addictive, gender-neutral celebration of the winter or in some locations summer solstice holiday, practiced within the most enjoyable traditions of the religious persuasion of your choice, or secular practices of your choice, with respect for the religious/secular persuasion and/or traditions of others, or their choice not to practice religious or secular traditions at all. I also wish you a fiscally successful, personally fulfilling and medically uncomplicated recognition of the onset of the generally accepted calendar year 2015, but not without due respect for the calendars of choice of other cultures whose contributions to society have helped make America great. Not to imply that America is necessarily greater than any other country nor the only America in the Western Hemisphere. Also, this wish is made without regard to the race, creed, color, age, physical ability, religious faith or sexual preference of the wishee.


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] CarolinaCon-11 call for papers/presenters

Fowarded from: Vic Vandal h4x0rs, stuff breakers, InfoSec pros, g33k girls, international spies, and script kidz, CarolinaCon-11, also referred to as “The Last CarolinaCon As We Know It”, will occur on March 20th-22nd 2015 in Raleigh NC (USA). We are now officially accepting speaker/paper/demo submissions for the event. If you are somewhat knowledgeable in any interesting field of hacking, technology, robotics, science, global thermonuclear war, etc. (but mostly hacking), and are interested in presenting at CarolinaCon-11, we cordially invite you to submit your proposal. Please send; – your name or handle/alias – the presentation name/title – a brief topic abstract (1-2 paragraphs) – the estimated time-length of your presentation – a brief bio (100% optional item, but if your talk is chosen it saves the time and trouble of asking for it later) ….via e-mail to: speakerscarolinacon.org *NOTE: All submissions are due BY January 1, 2015. However we may be making some early selections again this year from amongst the submissions, so please be timely in submission if you’re committed to being part of the elite cadre of chosen presenters. We value diversity so please don’t hesitate to propose your ideas no matter how outlandish. If you present at the Con, you will receive; – free CarolinaCon admission for you and one guest – one free CarolinaCon-11 T-shirt (l33t) – free transportation between RDU airport and the conference hotel (if needed) – minimal fame, glory, and possibly even notoriety – mad props and much love from our staff and attendees ATTENDEES: If you are interested in attending, watch this space for more details: www.carolinacon.org …and don’t forget to mark the March 2015 dates on your calendar. If you have any important (as in not-dumb and not-chinese-spam) inquiries about the event you can send email to: infocarolinacon.org We look forward to seeing you at our 2015 event. SPONSORS and/or VENDORS and/or ADVERTISERS: We don’t accept any so please don’t bother asking. Capitalism (what you vendor/sponsor types do) and philanthropic knowledge-sharing (what we do) don’t mix at CarolinaCon by design. We keep our admission price to the bare minimum to cover our venue and equipment expenses. All of our staff are volunteers who generously donate their time and energy. All of our presenters generously donate their time and talent. The only items sold at CarolinaCon are a limited quantity of single-design CarolinaCon t-shirts….and we only make and sell those because attendees and staff want them (and because they’re cool). Peace, Vic


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] New website aims to publicly shame apps with lax security

http://arstechnica.com/security/2014/08/new-website-aims-to-shame-apps-with-lax-security/ By Robert Lemos Ars Technica Aug 18 2014 The amount of personal data traveling to and from the Internet has exploded, yet many applications and services continue to put user information at risk by not encrypting data sent over wireless networks. Software engineer Tony Webster has a classic solution—shame. Webster decided to see if a little public humiliation could convince companies to better secure their customers’ information. On Saturday, the consultant created a website, HTTP Shaming, and began posting cases of insecure communications, calling out businesses that send their customers’ personal information to the Internet without encrypting it first. One high-profile example includes well-liked travel-information firm TripIt. TripIt allows users to bring together information on their tickets, flight times, and itinerary and then sync it with other devices and share the information with friends and co-workers. Information shared with calendar applications, however, is not encrypted, Webster says, leaving it open to eavesdropping on public networks. Among the details that could be plucked from the air by anyone on the same wireless network: a user’s full name, phone number, e-mail address, the last four digits of a credit card number, and emergency contact information. An attacker could even change or cancel the victim’s flight, he says. So far, TripIt and 18 other applications and services have made the shaming list, many submitted by other people fed up with the security missteps of companies, Webster says. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Apple releases OS X 10.9.2 update, patches severe SSL bug

http://www.zdnet.com/apple-releases-os-x-10-9-2-update-patches-severe-ssl-bug-7000026765/ By Adrian Kingsley-Hughes ZDNet News Security February 25, 2014 Apple has released OS X 10.9.2 update for all Maverick users, which, amongst other things patches the SSL bug in the operating system that could allow full transparent interception of HTTPS traffic. This vulnerability not only affected Safari, but also other installed applications relying on an encrypted channel to the internet. However, third-party browsers such as Chrome and Firefox rely on different implementations of SSL/TLS, which means that they aren’t subject to the vulnerability. The bug, which has apparently gone unpatched since iOS 6’s release in 2012, resides in a piece of open source code used by Apple. Aldo Cortesi, CEO and founder of security consultancy firm Nullcube, claimed to have intercepted iCloud data, including KeyChain enrolment and updates, data from Calendar application, and traffic from apps that use certificate pining, such as Twitter. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

Politically Correct Way to Say Merry Christmas (2014)

Please accept with no obligation, implied or implicit, my best wishes for an environmentally conscious, socially responsible, low-stress, non-addictive, gender-neutral celebration of the winter solstice holiday, practiced within the most enjoyable traditions of the religious persuasion of your choice, or secular practices of your choice, with respect for the religious/secular persuasion and/or traditions of others, or their choice not to practice religious or secular traditions at all. I also wish you a fiscally successful, personally fulfilling and medically uncomplicated recognition of the onset of the generally accepted calendar year 2014, but not without due respect for the calendars of choice of other cultures whose contributions to society have helped make America great. Not to imply that America is necessarily greater than any other country nor the only America in the Western Hemisphere. Also, this wish is made without regard to the race, creed, color, age, physical ability, religious faith or sexual preference of the wishee.


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] CarolinaCon-10 / 2014 – Call for Presenters/Speakers

Forwarded from: Vic Vandal h4x0rs, stuff breakers, InfoSec pros, g33k girls, international spies, and script kidz, CarolinaCon-10 will occur on May 16th-18th 2014 in Raleigh NC (USA). We are now officially accepting speaker/paper/demo submissions for the event. If you are somewhat knowledgeable in any interesting field of hacking, technology, robotics, science, global thermonuclear war, etc. (but mostly hacking), and are interested in presenting at CarolinaCon-10, we cordially invite you to submit your proposal. Please send; – your name or handle/alias – the presentation name/title – a brief topic abstract (1-2 paragraphs) – the estimated time-length of your presentation – a brief bio (100% optional item, but if your talk is chosen it saves the time and trouble of asking for it later) ….via e-mail to: speakerscarolinacon.org *NOTE: All submissions are due BY February 28, 2014. However we may be making some early selections this year from amongst the submissions, so please be timely in submission if you’re committed to being part of the elite cadre of chosen presenters. We value diversity so please don’t hesitate to propose your ideas no matter how outlandish. If you present at the Con, you will receive; – free CarolinaCon admission for you and one guest – one free CarolinaCon-10 T-shirt (l33t) – free transportation between RDU airport and the conference hotel (if needed) – minimal fame, glory, and possibly even notoriety – mad props and much love from our staff and attendees SPONSORS and/or VENDORS: We don’t accept any, so please don’t bother asking. Capitalism (what you vendor/sponsor types do) and philanthropic knowledge-sharing (what we do) don’t mix in our opinion. We keep our admission price to the bare minimum to cover our venue and equipment expenses. All of our staff are volunteers who generously donate their time and energy. All of our presenters generously donate their time and talent. The only items sold at CarolinaCon are a limited quantity of single-design CarolinaCon t-shirts….and we only make and sell those because attendees and staff want them (and because they’re cool). ATTENDEES: If you are interested in attending, watch this space for more details: www.carolinacon.org …and don’t forget to mark the May 2014 dates on your calendar. If you have any important (as in not-dumb and not-spam) inquiries about the event you can send email to: infocarolinacon.org We look forward to seeing you at our 2014 event. Peace, Vic


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] EHR and mobile device auditing, security requires vigilance

http://healthitsecurity.com/2013/09/04/ehr-and-mobile-device-auditing-security-requires-vigilance/ By Dom Nicastro Health IT Security September 4, 2013 If you need a few reasons to adapt to the latest security advancements, just look at the calendar for September and circle the “23”. That’s compliance day for the HIPAA Omnibus Rule, which modifies the privacy, security and enforcement rules. There are 659 more reasons – one for every large patient-information breach – on the Office for Civil Rights (OCR) Breach Notification Tool as of late August. Security today, naturally, goes beyond the traditional “shred the paper” techniques and two of the biggest issues are related to EHRs and mobile devices. HealthITSecurity.com caught up with a security officer whose organization is paying close attention to those two aspects of the securing protected health information (PHI) game. Nancy Davis, MS, RHIA, CHPS, system director of privacy and security for Ministry Health Care in Milwaukee, offered some details about some of the latest advancements her organization has made and how it ensures security. EHR access auditing While the jury is still out on a final rule on accounting of disclosures and proposed EHR access reports, looking into auditing in EHRs is a must for organizations, Davis said. “Face it by now most organizations have the EHRs but are lagging in the auditing area either due to the constraints of the EHR application and/or the need to finance external auditing applications,” Davis maintained. Ministry Health Care handles EHR access auditing through a combination of internal and external auditing applications. What’s a good first step if an organization is implementing this type of auditing? Have some type of tool – you have to have this. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail