Hackin9
Intel is expected to announce its fourth-generation Core processors code-named Haswell for laptops and desktops in June, but the company is already releasing teasers that talk about their performance.
 
A subdomain of a U.S. Department of Labor website appeared offline on Wednesday after an apparent hack that looks similar to a known China-based hacking campaign nicknamed DeepPanda.
 
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
Shaw reviews the Seagate Central network-attached hard drive.
 
Facebook posted a revenue increase of 38% in the first quarter that was bolstered by broad engagement across the site, the company reported Wednesday.
 
A little more than two years after purchasing Java tool vendor WaveMaker, VMware has sold the assets of the company to the Pramati software engineering firm.
 
Users of the Hadoop data processing platform now have two more search engines to help them sort through their mountains of information.
 
An appeals court has rejected SAP's attempt to overturn a $345 million judgment awarded to Versata Software, which had brought a patent-infringement case against the software maker.
 

Australia's Privacy Commissioner gets serious about infosec
CSO Magazine
Australia's Privacy Commissioner gets serious about infosec. The new OAIC information security guide sets out "reasonable steps" to protect personal information, but how many organisations will comply by March 2014? Stilgherrian (CSO Online (Australia ...

and more »
 
A U.S. senator has introduced legislation allowing the U.S. Patent and Trademark Office to review and invalidate controversial patents challenged by technology startups in an effort to discourage so-called patent trolls.
 

Competitive video gaming community E-Sports Entertainment Association secretly updated its client software with Bitcoin-mining code that tapped players' computers to mint more than $3,600 worth of the digital currency, one of its top officials said Wednesday.

The admission by co-founder and league administrator Eric ‘lpkane’ Thunberg came amid complaints from users that their ESEA-supplied software was generating antivirus warnings, computer crashes, and other problems. On Tuesday, one user reported usage of his power-hungry graphics processor was hovering in the 90-percent range even when his PC was idle. In addition to consuming electricity, the unauthorized Bitcoin code could have placed undue strain on the user's hardware since the mining process causes GPUs to run at high temperatures.

"Turns out for the past 2 days, my computer has been farming bitcoins for someone in the esea community," the person with the screen name ENJOY ESEA SHEEP wrote. "Luckily I have family in the software forensics industry."

Read 9 remaining paragraphs | Comments

 
Mediawiki 'SVG' Files Cross Site Scripting Vulnerability
 
Mediawiki 'Password Reset' Security Bypass Vulnerability
 
A Gartner study released today predicts that by 2017, half of all companies will require employees to bring their own smartphones for work purposes.
 
Tablet shipments soared by 142% in the first quarter of 2013 year-over-year as all Android tablets, including low-budget white box versions, dominated the market over Apple iOS tablets, IDC said.
 
Printers, routers, IP cameras, sensors and other Internet-connected devices are increasingly used to launch large distributed denial of service attacks, security firm Prolexic warned in a report this week.
 
Linux Kernel CVE-2013-1848 Local Privilege Escalation Vulnerability
 
AT&T will exclusively sell the 5.5-in., quad-core LG Optimus G Pro smartphone starting May 10 for $199.99 with a two-year contract, the two companies announced Wednesday.
 
When Dunkin' Donuts executives were deciding how to respond on Twitter and Facebook to the Boston Marathon bombings, they acted like what they are - members of a grieving Boston community.
 
U.S. President Barack Obama has nominated telecom trade group veteran Tom Wheeler to be the next chairman of the U.S. Federal Communications Commission.
 
BlackBerry CEO Thorsten Heins' prediction that tablets would decline in popularity provoked debate on what will happen over the next five to 10 years to smartphones, tablets and laptops -- even wearable computers -- and what devices users might eventually prefer.
 
A 3-D representation of a webpage used to deliver "invisible" display ads, with stacked ad spaces that visitors never see. Pages like these get stuffed into small ad slots in legitimate websites through ad networks.

There's more than one way to fleece people using Web advertising. Botnets have been harnessed to generate fake clicks by injecting fake links into search results and to click randomly on webpages the infected computer's user never sees. But fraudsters are starting to get more sophisticated in their efforts to get rich off Web advertising.

As Dr. Douglas de Jager, CEO of Spider.io, reported in a blog post today, fraudulent advertising networks are now acting as middlemen between advertising networks placing Web display ads and those stuffing whole hidden webpages of ads into ad slots on legitimate sites. Instead of using bots, this sort of ad fraud uses real humans to generate the traffic—but it never actually shows them the ads that are served up to them.

Display advertising fraud targets ads that are paid for by pageview rather than by click. The use of real-time bidding to auction ad space on websites through exchanges such as Google's DoubleClick Ad Exchange and Microsoft's AdECN has made it possible for fraudulent ad traders to purchase an ad slot through one exchange and then sell it multiple times across others. They "fulfill" all those ads by putting them onto a webpage that gets served up within an ad slot on a legitimate site—with most of its ads hidden from view.

Read 3 remaining paragraphs | Comments

 
Linux Kernel CVE-2013-1767 Local Privilege Escalation Vulnerability
 
Microsoft was hit with a double whammy last month as it made scant progress in either boosting the usage share of Windows 8 or depressing the share of Windows XP, data published today showed.
 
PowerDNS Recursive Server CVE-2012-1193 Multiple Security Bypass Vulnerabilities
 
Multiple Cross-Site Scripting (XSS) vulnerabilities in GetSimple CMS
 
SQL Injection in b2evolution
 
[HITB-Announce] #HITB2013KUL Call for Papers
 
Unchecked Buffer in Microchip TCP/IP Stack Could Allow Remote Code Execution
 
Asana has beefed up its workplace task management software to make it viable for enterprises with thousands of users.
 
Privacy groups are denouncing a federal government move to force Internet companies like Facebook and Google to build backdoors that would let the FBI and other agencies snoop in on real time online communications.
 
That's not the real Firefox, either.

Mozilla has sent a cease-and-desist letter to a company that sells spyware allegedly disguised as the Firefox browser to governments. The action follows a report by Citizen Lab, which identifies 36 countries (including the US) hosting command and control servers for FinFisher, a type of surveillance software. Also known as FinSpy, the software is sold by UK-based Gamma International to governments, which use it in criminal investigations and allegedly for spying on dissidents.

Mozilla revealed yesterday in its blog that it has sent the cease and desist letter to Gamma "demanding that these illegal practices stop immediately." Gamma's software is "designed to trick people into thinking it's Mozilla Firefox," Mozilla noted. (Mozilla declined to provide a copy of the cease and desist letter to Ars.)

The spyware doesn't infect Firefox itself, so a victim's browser isn't at risk. But the spyware "uses our brand and trademarks to lie and mislead as one of its methods for avoiding detection and deletion" and is "used by Gamma’s customers to violate citizens’ human rights and online privacy," Mozilla said. Mozilla continues:

Read 4 remaining paragraphs | Comments

 
Before turning to the world of cloud computing, let's pause to remember the crazy days of the 1970s when the science of the assembly line wasn't well-understood and consumers discovered that each purchase was something of a gamble. This was perhaps most true at the car dealer, where the quality of new cars was so random that buyers began to demand to know the day a car rolled off the assembly line.
 
About half of the world's companies will enact BYOD (bring your own device) programs by 2017 and will no longer provide computing devices to employees, a new Gartner report predicts.
 
IBM enters Guinness Book with world's smallest stop-motion movie made with atoms.
 
Privacy groups are denouncing a federal government move to force Internet companies like Facebook and Google to build backdoors that would let the FBI and other agencies snoop in on real time online communications.
 
Microsoft's Internet Explorer 10 (IE10) doubled its usage share last month, and now accounts for nearly 11% of all copies of IE in use, a Web measurement company said today.
 
A very specialised sub-site of the US Department of Labour's web site has been hacked in an attack that bears the fingerprint of a "known Chinese actor", but most users are unlikely to ever visit the site
    


 
[ MDVSA-2013:159 ] clamav
 

North Korean attacks on the rise?

by Robert Richardson

Solutionary posted a blog piece late last week that takes at look at incidents originating from North Korean IP addresses. A couple of key findings:

  • North Korea has historically generated 34-200 touches per month against Solutionary clients… until February of 2013 when Solutionary recorded 12,473 touches – an 8445% increase over the average during the previous 12 months
  • It is important to note that just over 11,000 of these touches were directed against a single financial services entity as part of a prolonged attack, but that the remaining spike of around 1,000 was spread across its client base and was still a relevant number
  • North Korea has never been considered a “big player,” BUT things are beginning to change with the new regime in North Korea
  • Coincidence? The last spike in “touches” occurred in November 2012 when North Korea replaced their defense minister with “a more aggressive, hard-line military commander”
  • While the touches span across 13 industries, the financial sector was the top target, and has been for quite some time

The percentage increase statistic strikes me as pretty well-nigh meaningless, given that the base was tiny, a couple hundred incidents a month, but this does seem to indicate that North Korea has found a new toy.



Add to digg Add to StumbleUpon Add to del.icio.us Add to Google
 

A smartphone hacker has provided conclusive proof that the futuristic computing headset known as Google Glass can be surreptitiously modified to give anyone with physical access almost complete control over the device. He called on Google engineers to improve the security of Glass—which is currently only available to developers—before it becomes available to the general public.

Google engineers have stressed that the head-mounted computing device—which can capture nearby conversations and images and transmit them over the Internet—was meant to be hacked. But until now, it has been easy for end users to know when their all-seeing, all-hearing headsets were modified. All that has changed now that security consultant Jay "saurik" Freeman has fashioned an alternative way to gain almost unfettered "root" control. Using an exploit discovered seven months ago to root smartphones running Google's Android operating system, it takes him less than five minutes to hack the new device. From there, he can install a customized operating system that silently monitors everything the device sees or hears.

Because it requires a device to be put into a special "debug mode," the exploit isn't considered much of a security threat for smartphone users. After all, debug mode can be invoked only after a user has unlocked the handset using a PIN code or other security mechanism. Glass, by contrast, has no form of screen lock, making it possible for someone with even brief access to a headset to make persistent changes.

Read 9 remaining paragraphs | Comments

 

As Johannes mentions in yesterday's ISC StormCast, the city of Schwerin in Germany apparently decided to throw 170 PCs into the trash, because cleaning them from a Conficker worm infestation was estimated at around 130'000 Euros, whereas the replacement of the old PCs had already been budgeted for at 150'000 Euros. Our recent discussion aside on whether a modern malware infection can actually be "cleaned" or if wiping and reinstallation from scratch is always called for, "the cost of cleaning up" is actually  relevant in either case. Schwerin's 130kEuro estimate amounts to about 1000$ per PC. The report doesn't say if this calculation includes lost productivity of the employee who has to wait for his/her computer to be returned from scrubbing, or if this is just for the cleaning/reinstall itself.

Some Google searches gave me a going rate between 79$ and 299$ for a malware clean-up on a single home user PC, and several of the providers mention explicitly that they offer a "fresh install" for a lower price than the cleanup, which is one more indication that "re-install" seems to become the norm.

My search didn't result in any decent figures for virus cleanup costs in a mid-to-large corporate environment though. Companies of a certain size are likely set up to automatically provision and install new computers, so a replacement/re-stage should be a standard process for them, and relatively quick and cost effective. If you have any figures on the actual cost of cleanup/restage in a larger organization, or know any recent studies that have analyzed this in some depth, please let us know.

(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
LinuxSecurity.com: ClamAV 0.97.8 addresses several reported potential security bugs. [More...] _______________________________________________________________________
 
LinuxSecurity.com: Kevin Wojtysiak discovered a vulnerability in strongSwan, an IPsec based VPN solution. When using the openssl plugin for ECDSA based authentication, an empty, zeroed [More...]
 
Consumers will have to share small, inexpensive cells in their homes with nearby mobile users to affordably meet the growing demand for mobile data in the next decade, a Qualcomm executive said Tuesday.
 
The makers of the FinFisher spyware, used by repressive governments around the world, have been disguising their trojans as the Firefox browser. Mozilla wants them to stop trading on the organisation's trustworthy reputation
    


 
3D printing, gamification, digital assistants ... the list is long of consumer technologies poised to remake the enterprise.
 
Yahoo has scrapped plans to invest in French online video site Dailymotion, after the French government opposed the Internet giant acquiring a majority stake in the company, according to reports.
 
Facebook may treasure the data it has on its one billion-plus users for its advertising returns, but the analysis the site performs on that data is expected to continue to pose numerous challenges over the coming year, an engineer said.
 
Mozilla sent a cease-and-desist letter on Tuesday to a European company that created a piece of spyware masquerading itself as the Firefox browser.
 
BlackBerry and Samsung have separately launched security and management software with dual-personality features for their latest Z10 and Galaxy S4 smartphones, both designed to meet the demands of a growing BYOD marketplace.
 
Amazon Web Services (AWS) has launched a Global Certification Program, which will allow solutions architects, systems operations administrators, and developers to get proof of their cloud know-how.
 

Australia's Privacy Commissioner gets serious about infosec
CSO Magazine
Australia's Privacy Commissioner gets serious about infosec. The new OAIC information security guide sets out "reasonable steps" to protect personal information, but how many organisations will comply by March 2014? Stilgherrian (CSO Online (Australia ...

 

In Jack Daniel's infosec fantasy world
SC Magazine UK
Known for his influential views on threat research and of course, his co-founding of the B-Sides conference circuit, Daniel also works as a product evangelist at Tenable Network Security, having left his previous position at Astaro following its ...

 

Posted by InfoSec News on May 01

http://www.wired.com/threatlevel/2013/04/charles-cullen-hospital-hack/

BY CHARLES GRAEBER
Threat Level
Wired.com
04.29.13

Nurses deal with drugs every day. Most do so professionally, safely,
reliably. A very few abuse them, getting high or selling them for a
profit, mostly opiates. And a tiny minority — a handful in the history
of nursing — turn medicines into a murder weapon.

One such nurse was Charles Cullen, who is the subject of my...
 

Posted by InfoSec News on May 01

http://www.argusmedia.com/pages/NewsBody.aspx?id=845092

Argus Media Ltd
30 Apr 2013

The US Commodity Futures Trading Commission (CFTC) may initiate a rule
to address market manipulation from social media cyber-attacks after the
stock market took a momentary dip last week in response to a false news
report from a hacked Twitter account.

CFTC chairman Gary Gensler said today that the commission is working to
put out a concept release which...
 

Posted by InfoSec News on May 01

Forwarded from: cfp (at) ruxcon.org.au

Breakpoint 2013 Call For Papers
Melbourne, Australia, October 24th-25th
Intercontinental Rialto
http://www.ruxconbreakpoint.com

.[x]. Introduction .[x].

The Ruxcon team is pleased to announce Call For Papers for Breakpoint 2013.

Breakpoint showcases the work of expert security researchers from around the
world on a wide range of topics. This conference is organised by the Ruxcon
team and offers a...
 

Posted by InfoSec News on May 01

https://jerichoattrition.wordpress.com/2013/04/29/fun-times-infosec-and-no-wind-in-chicago/

By jerichoattrition
April 29, 2013

I just returned from a brief trip to Chicago, where I attended and presented at
Thotcon, as well as attended BSides Chicago.

Thursday: After a two hour delay due to “mechanical” issues, I arrived in
Chicago. I am a bit surprised, as the flight crew in Denver did not give us a
lot of confidence. We were told a...
 

Posted by InfoSec News on May 01

http://www.darkreading.com/attacks-breaches/chinese-cyberespionage-brazen-prolific-a/240153934

By Kelly Jackson Higgins
Dark Reading
April 30, 2013

China, China, China: New data and intelligence is shedding more light on
just how bold and pervasive Chinese cyberespionage activity is today.

Tracing malware and breaches to their attackers is not straightforward
-- anyone can hide behind layers of IP addresses -- but China has been
confirmed...
 
Internet Storm Center Infocon Status