InfoSec News

Drupal Secure Password Hashes Module Security Bypass Vulnerability
PHP 'grapheme_extract()' NULL Pointer Dereference Denial Of Service Vulnerability
Cybercriminals made an estimated $150 million from targeted phishing attacks in June, according to researchers at Cisco Systems Inc.

Add to digg Add to StumbleUpon Add to Add to Google
Many U.S. government agencies aren't tracking their data centers' capacity and energy use, a new survey says.
The New York man suing Facebook and its founder Mark Zuckerberg for a massive stake worth billions of dollars in the company has suffered several setbacks recently in the case, according to published reports.
On June 1, 1991, the first commercial calls over GSM were made in Finland and Sweden, Nokia Siemens and Ericsson noted Friday as they celebrated the anniversary by recollecting the early days of the technology.
Chrome and Safari continued to chip away at Internet Explorer's usage share last month, while Firefox remained stalled for the fourth straight month, a Web statistics firm said today.
Google's failure to win a bid on 6,000 Nortel patents raises doubts about its commitment to Android and its large community of developers and device manufacturers, intellectual property analyst Florian Mueller said Friday.
A federal judge has declined to dismiss charges against Google that it allegedly violated the Federal Wiretap Act when it collected personal data from Wi-Fi networks.
Office 365 is now officially out, having been launched with great fanfare by Microsoft CEO Steve Ballmer in New York City this week, but customers of the suite's previous version, called BPOS, will have to wait at least two months to join the party.
It's the hottest invitation in technology right now -- an e-mail telling you how to "learn more about Google+." If you get one, though, be careful about clicking on it. It may be spam.
Google is giving Gmail users a glimpse of design updates that will roll out over the next few months.
The Anonymous hacking group has taken another swipe at police in Arizona, launching online attacks against several police union websites and publishing e-mail messages stolen from law enforcement officers.

Posted by InfoSec News on Jul 01

By Neal Ungerleider
Fast Company
June 30, 2011

A top Secret Service official ended up spilling details about federal
anti-hacker strategy at a relatively obscure federal hearing in Alabama.
In testimony given to the House Committee on Financial Services,
assistant director Alvin T. Smith revealed just how involved the Secret
Service is in federal investigations...

Posted by InfoSec News on Jul 01

By Jeremy Kirk
IDG News Service
June 30, 2011

Computers lacking patches for long-known vulnerabilities potentially
face more of a hacking risk than from zero-day exploits, or attacks
targeting vulnerabilities that haven't been publicly disclosed,
according to new research from Secunia.

Finding an unknown vulnerability and crafting an...

Posted by InfoSec News on Jul 01

Forwarded from: Simon Taplin <simon (at)>

By Jim Finkle
June 29, 2011

BOSTON (Reuters) - Hackers broke into a Gannett Co database containing
personal information about subscribers to publications read by U.S.
government officials, military leaders and rank-and-file soldiers, the
media company said on Tuesday....

Posted by InfoSec News on Jul 01

By Elizabeth Montalbano
June 30, 2011

Less than a week after hactivist group LulzSec called it quits, a hacker
group to which its members migrated mounted separate attacks on Viacom
and Vivendi SA's Universal Music Group as well as on a previous LulzSec
target, the Arizona Department of Public Safety (DPS).

Last Saturday, hacking group LulzSec, aka the Lulz...

Posted by InfoSec News on Jul 01

By Lance Whitney Security
CNet News
June 30, 2011

Google may see its Chrome operating system as more secure than
traditional alternatives, but one security researcher believes the
cloud-based OS is vulnerable, according to a Reuters story published

WhiteHat Security researcher Matt Johansen said he found a flaw in a
Chrome OS application...

Posted by InfoSec News on Jul 01

Hello folks,

I gave a keynote address on this very topic late last year at Penn State's
security conference. Regrettably, the attitude among many IT personnel toward
user mistakes continues to be demeaning. Conversely, we IT personnel are often
seen by users as elitist, condescending jackals. And trust me, we live up to
that reputation...especially when we go on record calling our target audience

I won't...

Posted by InfoSec News on Jul 01

By Duncan Gardham,
Security Correspondent
The Telegraph
30 Jun 2011

Britain faces losing its position at the leading edge of technology
unless news ideas are developed to fight cyber attacks, according to the
Institute for Security and Resilience Studies.

The group, based at University College London, says the government needs
to develop more innovative...
Apple's iPhone gained share among U.S. consumers who bought a mobile phone in the last three months, as the share for devices running Google's Android remained flat during the same period, Nielsen said Thursday.
Nortel Networks has auctioned off its remaining patents and patent applications to a consortium of key technology companies for a cash purchase price of US$4.5 billion.
The latest update to Apple's iMac line leaves intact the stylish design while adding Sandy Bridge processors and a Thunderbolt port for high-speed peripheral connections. Columnist Michael deAgonia says it's a compelling package of improvements.
U.S. Senator John Cornyn (R-Tex.) is siding with IT staffing firms that rely heavily on H-1B visa workers in a fight over a new immigration rule that curbs their ability to hire foreign workers.

Three mobile device security policy lookouts from ISF
Unattended, they are vulnerable to a host of infosec threats. Organizations need to put in place solutions for securing mobile device access within the corporate environment. This includes enabling functionality such as malware protection, firewalls, ...

Nortel Networks has auctioned off its remaining patents and patent applications to a consortium of key technology companies for a cash purchase price of US$4.5 billion.
Nortel Networks has auctioned off its remaining patents and patent applications to a consortium of key technology companies for a cash purchase price of US$4.5 billion.
Internet Storm Center Infocon Status