<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">

<head>
<meta http-equiv=Content-Type content="text/html; charset=iso-8859-1">
<meta name=Generator content="Microsoft Word 12 (filtered medium)">
<style>
<!--
 /* Font Definitions */
 @font-face
        {font-family:Calibri;
        panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
        {font-family:Consolas;
        panose-1:2 11 6 9 2 2 4 3 2 4;}
 /* Style Definitions */
 p.MsoNormal, li.MsoNormal, div.MsoNormal
        {margin:0in;
        margin-bottom:.0001pt;
        font-size:11.0pt;
        font-family:"Calibri","sans-serif";}
a:link, span.MsoHyperlink
        {mso-style-priority:99;
        color:blue;
        text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
        {mso-style-priority:99;
        color:purple;
        text-decoration:underline;}
p.MsoPlainText, li.MsoPlainText, div.MsoPlainText
        {mso-style-priority:99;
        mso-style-link:"Plain Text Char";
        margin:0in;
        margin-bottom:.0001pt;
        font-size:10.5pt;
        font-family:Consolas;}
span.PlainTextChar
        {mso-style-name:"Plain Text Char";
        mso-style-priority:99;
        mso-style-link:"Plain Text";
        font-family:Consolas;}
span.EmailStyle19
        {mso-style-type:personal;
        font-family:"Calibri","sans-serif";
        color:windowtext;}
span.EmailStyle20
        {mso-style-type:personal;
        font-family:"Calibri","sans-serif";
        color:#1F497D;}
span.EmailStyle21
        {mso-style-type:personal-reply;
        font-family:"Calibri","sans-serif";
        color:#1F497D;}
.MsoChpDefault
        {mso-style-type:export-only;
        font-size:10.0pt;}
@page WordSection1
        {size:8.5in 11.0in;
        margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
        {page:WordSection1;}
-->
</style>
<!--[if gte mso 9]><xml>
 <o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
 <o:shapelayout v:ext="edit">
  <o:idmap v:ext="edit" data="1" />
 </o:shapelayout></xml><![endif]-->
</head>

<body lang=EN-US link=blue vlink=purple>

<div class=WordSection1>

<p class=MsoNormal><span style='color:#1F497D'>OWASP News<o:p></o:p></span></p>

<p class=MsoNormal><span style='color:#1F497D'><o:p>&nbsp;</o:p></span></p>

<p class=MsoNormal><span style='color:#1F497D'>Developer's choices to attend
Appsec USA 2010<o:p></o:p></span></p>

<p class=MsoNormal><span style='color:#1F497D'><a
href="http://www.owasp.org/index.php/AppSec_US_2010,_CA/Attending_Owasp_Leaders">http://www.owasp.org/index.php/AppSec_US_2010,_CA/Attending_Owasp_Leaders</a><o:p></o:p></span></p>

<p class=MsoNormal><span style='color:#1F497D'>InfoSec News<o:p></o:p></span></p>

<p class=MsoNormal><span style='color:#1F497D'><o:p>&nbsp;</o:p></span></p>

<p class=MsoNormal><span style='color:#1F497D'>Pentagon's cybersecurity plans
have a Cold War chill<o:p></o:p></span></p>

<p class=MsoNormal><span style='color:#1F497D'>With little fanfare, the
Pentagon is putting the finishing touches on a new strategy that will treat
cyberspace as a domain of potential warfare<o:p></o:p></span></p>

<p class=MsoNormal><span style='color:#1F497D'><a
href="http://www.washingtonpost.com/wp-dyn/content/article/2010/08/25/AR2010082505962.html">http://www.washingtonpost.com/wp-dyn/content/article/2010/08/25/AR2010082505962.html</a><o:p></o:p></span></p>

<p class=MsoNormal><span style='color:#1F497D'><o:p>&nbsp;</o:p></span></p>

<p class=MsoNormal><span style='color:#1F497D'><o:p>&nbsp;</o:p></span></p>

<p class=MsoNormal><span style='color:#1F497D'>China policy could force foreign
security firms out <o:p></o:p></span></p>

<p class=MsoNormal><span style='color:#1F497D'>China is stepping up efforts to
keep the security systems that protect its critical infrastructure in the hands
of local firms, and that could be bad news for companies based outside the
country.<o:p></o:p></span></p>

<p class=MsoNormal><span style='color:#1F497D'><o:p>&nbsp;</o:p></span></p>

<p class=MsoNormal><span style='color:#1F497D'><a
href="http://www.computerworld.com/s/article/9182218/China_policy_could_force_foreign_security_firms_out">http://www.computerworld.com/s/article/9182218/China_policy_could_force_foreign_security_firms_out</a><o:p></o:p></span></p>

<p class=MsoNormal><span style='color:#1F497D'>Researcher Creates Clearinghouse
Of 14 Million Hacked Passwords<o:p></o:p></span></p>

<p class=MsoNormal><span style='color:#1F497D'>The &quot;Wall of Sheep&quot;
has become a cherished tradition at the annual Defcon hacker conference in Las
Vegas: Anyone foolish enough to use the local wireless network at the hotel
will likely have his or her username and password stolen..<o:p></o:p></span></p>

<p class=MsoNormal><span style='color:#1F497D'><a
href="http://blogs.forbes.com/andygreenberg/2010/08/26/researcher-creates-clearinghouse-of-14-million-hacked-passwords/">http://blogs.forbes.com/andygreenberg/2010/08/26/researcher-creates-clearinghouse-of-14-million-hacked-passwords/</a>
<o:p></o:p></span></p>

<p class=MsoNormal><span style='color:#1F497D'><o:p>&nbsp;</o:p></span></p>

<p class=MsoNormal><span style='color:#1F497D'>Hackers accidentally give
Microsoft their code<o:p></o:p></span></p>

<p class=MsoNormal><span style='color:#1F497D'>When hackers crash their systems
while developing viruses, the code is often sent directly to Microsoft,
according to one of its senior security architects, Rocky Heckman.<o:p></o:p></span></p>

<p class=MsoNormal><span style='color:#1F497D'><a
href="http://www.zdnet.com.au/hackers-accidentally-give-microsoft-their-code-339305548.htm">http://www.zdnet.com.au/hackers-accidentally-give-microsoft-their-code-339305548.htm</a><o:p></o:p></span></p>

<p class=MsoNormal><span style='color:#1F497D'><o:p>&nbsp;</o:p></span></p>

<p class=MsoNormal><span style='color:#1F497D'>Rustock botnet ditches
encryption to ramp spam<o:p></o:p></span></p>

<p class=MsoNormal><span style='color:#1F497D'>The Rustock mega-botnet appears
to have ditched the experimental use of TLS (transport layer security) to
obscure its activity, Symantec has reported.<o:p></o:p></span></p>

<p class=MsoNormal><span style='color:#1F497D'><a
href="http://news.techworld.com/security/3236787/rustock-botnet-ditches-encryption-to-ramp-spam/">http://news.techworld.com/security/3236787/rustock-botnet-ditches-encryption-to-ramp-spam/</a><o:p></o:p></span></p>

<p class=MsoNormal><span style='color:#1F497D'><o:p>&nbsp;</o:p></span></p>

<p class=MsoNormal><span style='color:#1F497D'>Sticks and stones: Picking on
users AND security pros <o:p></o:p></span></p>

<p class=MsoNormal><span style='color:#1F497D'>Johnston, a member of the
Vulnerability Assessment Team at Argonne National Laboratory. In the
presentation, he gave examples of surprising (or not) examples of what he has
seen as a vulnerability assessor: <o:p></o:p></span></p>

<p class=MsoNormal><span style='color:#1F497D'>security devices, systems and
programs with little or no security -- or security thought -- built in. There
are the well-designed security products foolishly configured by those who buy
them, thus causing more vulnerability than before the devices were installed.<o:p></o:p></span></p>

<p class=MsoNormal><span style='color:#1F497D'><a
href="http://www.csoonline.com/article/605764/sticks-and-stones-picking-on-users-and-security-pros">http://www.csoonline.com/article/605764/sticks-and-stones-picking-on-users-and-security-pros</a><o:p></o:p></span></p>

<p class=MsoNormal><span style='color:#1F497D'><o:p>&nbsp;</o:p></span></p>

<p class=MsoNormal><span style='color:#1F497D'><o:p>&nbsp;</o:p></span></p>

<p class=MsoNormal><span style='color:#1F497D'>California Legislation Would
Require Companies To Specify The Data Exposed In Breaches<o:p></o:p></span></p>

<p class=MsoNormal><span style='color:#1F497D'>A privacy breach notification
bill recently passed by the California legislature would expand the state's
existing law for how organizations notify consumers of a data breach.<o:p></o:p></span></p>

<p class=MsoNormal><span style='color:#1F497D'><a
href="http://www.darkreading.com/database_security/security/attacks/showArticle.jhtml?articleID=227001108">http://www.darkreading.com/database_security/security/attacks/showArticle.jhtml?articleID=227001108</a><o:p></o:p></span></p>

<p class=MsoNormal><span style='color:#1F497D'><o:p>&nbsp;</o:p></span></p>

<p class=MsoNormal><span style='color:#1F497D'>FSA fine Zurich UK over data
security breach <o:p></o:p></span></p>

<p class=MsoNormal><span style='color:#1F497D'>Zurich UK suffered the
2.28million fine after losing a disk containing the details of 46,000
customers.<o:p></o:p></span></p>

<p class=MsoNormal><span style='color:#1F497D'><a
href="http://www.metro.co.uk/money/838932-fsa-fine-zurich-uk-over-data-security-breach">http://www.metro.co.uk/money/838932-fsa-fine-zurich-uk-over-data-security-breach</a><o:p></o:p></span></p>

<p class=MsoNormal><span style='color:#1F497D'><o:p>&nbsp;</o:p></span></p>

<p class=MsoNormal><span style='color:#1F497D'>Data Loss News<o:p></o:p></span></p>

<p class=MsoNormal><span style='color:#1F497D'>Source: dataloss@datalossdb.org<o:p></o:p></span></p>

<p class=MsoNormal><span style='color:#1F497D'><o:p>&nbsp;</o:p></span></p>

<p class=MsoNormal><span style='color:#1F497D'>Title: Bank of America Settles
Data Theft Claims <a
href="http://www.dailyfinance.com/story/credit/bank-of-america-settles-data-theft-claims/19605617/">http://www.dailyfinance.com/story/credit/bank-of-america-settles-data-theft-claims/19605617/</a><o:p></o:p></span></p>

<p class=MsoNormal><span style='color:#1F497D'><o:p>&nbsp;</o:p></span></p>

<p class=MsoNormal><span style='color:#1F497D'>Title: Bank of America settles
Countrywide data theft case <a
href="http://feeds.latimes.com/~r/latimes/business/~3/YBHBpTOdFwc/la-fi-countrywide-20100824,0,5710799.story">http://feeds.latimes.com/~r/latimes/business/~3/YBHBpTOdFwc/la-fi-countrywide-20100824,0,5710799.story</a><o:p></o:p></span></p>

<p class=MsoNormal><span style='color:#1F497D'><o:p>&nbsp;</o:p></span></p>

<p class=MsoPlainText><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>Regards<o:p></o:p></span></p>

<p class=MsoPlainText><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p>&nbsp;</o:p></span></p>

<p class=MsoNormal>Marco Mirko Morana<o:p></o:p></p>

<p class=MsoNormal>OWASP Cincinnati USA Chapter Lead<o:p></o:p></p>

<p class=MsoNormal><o:p>&nbsp;</o:p></p>

</div>

</body>

</html>