InfoSec News

Virtualization is on its way to mobile phones and could allow consumers to buy cheaper smartphones, download a wider variety of apps, or have a single device for both personal and businesses use, according to executives from VMware and other vendors.
 
Microsoft Windows Phone 7 devices will debut Oct. 11 and will be available exclusively through AT&T the week of Nov. 8, according to a recent report.
 
Hardware and software enhancements could transform future smartphones into full-fledged gaming consoles or even weather stations, attendees at a processor conference said this week.
 
The quick start of Internet Explorer 9's beta last month wasn't enough to prevent Microsoft's browser from again losing share to rivals from Google and Apple, a Web measurement firm said today.
 
You've already learned how to share a link by copying and pasting it from the address bar or, if it's an embedded link, right-clicking it and choosing the Copy option.
 
In the movie The Social Network, the co-founder and CEO of Facebook doesn't come off as the nicest guy in town.
 
Although sales of Apple's iPad haven't panicked PC makers yet, trends by tablet owners may give laptop manufacturers some sleepless nights next year, a market research analyst said today.
 
The SEC and the CFTC released the results of a months-long investigation that found a single trading firm's computer order execution system was responsible for the May 6 U.S. stock market "flash crash."
 
Microsoft filed patent infringement complaints against Motorola and its Android phones in the International Trade Commission and U.S. federal court Friday, indicating that the software giant may hope to use its strong patent position as one way to set its mobile software apart from the competition.
 
Leo Apotheker may yet have to prove that he can run a company the size of Hewlett-Packard, but his compensation package is on par with his predecessor.
 
Ukranian police on Thursday arrested five people thought to be the brains behind the Zeus malware.
 
Ukranian police on Thursday arrested five people thought to be the brains behind the Zeus malware.
 
(c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
 
Stuxnet's inability to stay stealthy may be fall-out from a failure to hit its intended targets last year, security researchers said today.
 
Google alone will not turn Android into an enterprise-ready OS, instead it will be up to third parties to add necessary features for businesses, according to Android Developer Challenge winners Konrad Hübner and Henning Böger.
 
Facebook is revamping its photo album functionality, letting members store images with a much higher resolution, simplifying the tagging process and improving the performance of the upload tool.
 
The Zeus botnet remains a robust network that is difficult to destroy despite an international sting operation that saw dozens arrested this week for allegedly stealing money from online bank accounts.
 
Mellmo is set to update its business intelligence app for the iPad and iPhone on Monday.
 
Ukrainian authorities have taken action against the criminals involved in the Zeus cybercrime and money-laundering ring, following law- enforcement raids in the U.S. and U.K. this week.
 
Verizon Wireless Friday unveiled a program aimed at helping users of wireless devices easily recycle them.
 
BenQ launched its second-generation e-reader on Friday, a device able to download e-books via Wi-Fi or 3G networks and take notes using the touchscreen.
 
Google has expanded the number of countries where paid applications are offered on Android Market. Developers in 20 more countries will be able to sell their applications, and users in 18 additional countries will be able to purchase those apps, the company said in a blog post on Thursday.
 
Samsung is dropping support for Symbian from its Mobile Innovator developer support program, it said in a letter sent out on Thursday.
 
Cobol was king and MIS ruled from on high -- some old-school tech management practices we'd like to see revived.
 
Panasonic is expanding its Lumix digital camera brand to cell phones and will unveil its first "Lumix Phone" at next week's Ceatec electronics show in Japan, the company said Friday.
 
InfoSec News: US military Cyber Command won't go operational as planned: http://www.theregister.co.uk/2010/09/30/cyber_command_delay/
By Lewis Page The Register 30th September 2010
The US military's central Cyber Command will not become operational as had been planned tomorrow, according to Pentagon spokesmen. Issues [...]
 
InfoSec News: Stuxnet code hints at possible Israeli origin, researchers say: http://www.computerworld.com/s/article/9188982/Stuxnet_code_hints_at_possible_Israeli_origin_researchers_say
By Gregg Keizer Computerworld September 30, 2010
Security researchers today offered another tantalizing clue about the possible origins of the notorious Stuxnet worm, but cautioned against reading too much from the obscure tea leaves.
In a paper released today and presented at a Vancouver, British Columbia security conference, a trio of Symantec researchers noted that Stuxnet includes references in its code to the 1979 execution of a prominent Jewish Iranian businessman.
Buried in Stuxnet's code is a marker with the digits "19790509" that the researchers believe is a "do-not infect" indicator. If the marker equals that value, Stuxnet stops in its tracks, and does not infect the targeted PC.
The researchers -- Nicolas Falliere, Liam O Murchu and Eric Chen -- speculated that the marker represents a date: May 9, 1979.
"While on May 9, 1979, a variety of historical events occurred, according to Wikipedia "Habib Elghanian was executed by a firing squad in Tehran sending shock waves through the closely knit Iranian Jewish community," the researchers wrote.
[...]
 
InfoSec News: Cyber-security Hurts Federal Government Productivity, Survey Says: http://www.eweek.com/c/a/Security/CyberSecurity-Cutting-Federal-Government-Productivity-Survey-744792/
By Fahmida Y. Rashid eWEEK.com 2010-09-30
Officials from 28 federal agencies say cyber-security measures impact productivity by restricting access to information and delaying [...]
 
InfoSec News: Secunia Weekly Summary - Issue: 2010-39: ========================================================================
The Secunia Weekly Advisory Summary 2010-09-23 - 2010-09-30
This week: 63 advisories [...]
 
InfoSec News: Study Shows Some Android Apps Leak User Data Without Clear Notifications: http://www.wired.com/gadgetlab/2010/09/data-collection-android/
By Priya Ganapati Gadget Lab Wired.com September 30, 2010
Something as simple as changing your Android phone’s wallpaper or downloading a ringtone could transmit personal data about you, including [...]
 
This chart shows the workflow of a sign in with Twitter session.
 
Now that Twitter has turned off basic authentication, anyone developing a Twitter application needs to know OAuth. We'll walk you step by step through the coding.
 

Posted by InfoSec News on Oct 01

http://www.theregister.co.uk/2010/09/30/cyber_command_delay/

By Lewis Page
The Register
30th September 2010

The US military's central Cyber Command will not become operational as
had been planned tomorrow, according to Pentagon spokesmen. Issues
responsible for the delay include difficulties finding suitably
qualified staff among America's uniformed legions, and also the fact
that it isn't even clear what "operational" means for...
 

Posted by InfoSec News on Oct 01

http://www.computerworld.com/s/article/9188982/Stuxnet_code_hints_at_possible_Israeli_origin_researchers_say

By Gregg Keizer
Computerworld
September 30, 2010

Security researchers today offered another tantalizing clue about the
possible origins of the notorious Stuxnet worm, but cautioned against
reading too much from the obscure tea leaves.

In a paper released today and presented at a Vancouver, British Columbia
security conference, a trio...
 

Posted by InfoSec News on Sep 30

http://www.eweek.com/c/a/Security/CyberSecurity-Cutting-Federal-Government-Productivity-Survey-744792/

By Fahmida Y. Rashid
eWEEK.com
2010-09-30

Officials from 28 federal agencies say cyber-security measures impact
productivity by restricting access to information and delaying
communications with others, according to a Government Business Council
survey. Officials say they often bypass security controls on purpose to
get things done....
 

Posted by InfoSec News on Sep 30

========================================================================

The Secunia Weekly Advisory Summary
2010-09-23 - 2010-09-30

This week: 63 advisories

========================================================================
Table of Contents:

1.....................................................Word From...
 

Posted by InfoSec News on Sep 30

http://www.wired.com/gadgetlab/2010/09/data-collection-android/

By Priya Ganapati
Gadget Lab
Wired.com
September 30, 2010

Something as simple as changing your Android phone’s wallpaper or
downloading a ringtone could transmit personal data about you, including
your location, without your knowledge.

Sound farfetched? It’s not: About 15 of 30 randomly selected, popular,
free Android apps sent sent users’ private information to remote...
 

Top Five Things I've Learned in Enterprise InfoSec
CIO (blog)
As information security professionals, we have an obligation to be more than a figurehead. As a CISSP I am bound by ISC2's Code of Ethics, which requires I ...

 
This year we are going to focus on steps that people should be doing with respect to securing their personal corner of cyberspace. Some of the subjects may include technical procedures such as turning off certain ports or services or modifying software, but we really want this to be more about the person rather than the machine.
To get the month started we will spend the first week talking about the computer your parents or your family uses. We'll get to children and schools next week, but this week let's stay focused on the adults. Many of us are our parents' system administrators (as well as our extended family to include brothers, sisters, aunts, uncles, cousins, grandparents, and anybody else who claims to be related to you especially when they remember that you've got half a clue about this thing called the Internet) so it's important to pass along tips to our users whenever we are performing maintenance for them.
So today let's look at some common sense advice about the family computer. Yes, we all know the mantra about keeping the anti-virus software updated and the system patched (we'll talk more about that in a few days) but what else should we be doing? Some of the things that I recommend for the family PCs I work on include:

Keep all computers in full view (no hidden machines, no illusion of privacy)
Document computer details in writing (serial number, software, receipts, BIOSpassword, etc.) and keep the documentation in a fireproof box or safe
Use an uninterruptable power supply (UPS)for PCs, laptops have their own built-in UPS - the battery
Keep all of the hardware and software manuals, plus any software CDs/DVDs in one place that is easy to find
Use a cable lock to keep intruders from stealing the computer should there be a break-in
Throw a towel over the webcam (better: unplug the webcam)
Unless it needs to always be on, consider turning it off when not in use
Keep plenty of room around the PCso that air can flow through to cool it

What else? Use the comment link below to add your own ideas and comments to this list. It is definitely not complete, but should get the discussion started.
Marcus H. Sachs

Director, SANSInternet Storm Center (c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
 
It's Cyber Security Awareness Month, and it's about more than just educating users-- security professionals can participate a little too. I want to start an additional track to the Internet Storm Center's Cyber Security Awareness Series. This will be a month-long series of diaries to supplement our weekly topics.
It was near 05:30 GMT on Saturday, 25 January 2003 when the Slammer worm started to spread. Some of you probably remember where you were when you were first alerted to that incident. For those of you who didn't get to experience that first hand, there's a pretty decent Wikipedia article on it (http://en.wikipedia.org/wiki/SQL_Slammer). As I write this, I note that it's well over 7 years later. But SQL Slammer alerts continue to be a top talker on my perimeter IDS.
It's time to do something about that.
Slammer actvitiy has been written off as background radiation for long enough.
Througout this month I'm going to continue on this topic to inspire people to try something new. If you're not looking at you logs, I want you to look at them. If you're not reaching out to abuse contacts, I want you to send a few emails and make a few phone calls. If you're not helping your customers clean up their systems, I want you to experiment and reach out to help a couple of them. See what happens. See if you can make a measureable difference.
I pulled the IDS and darknet logs from the day job. From just one day I see 153 unique source IP addresses generating IDS alerts, and on my external darknet I see 63 probing UDP/1434. How many do you see hitting your perimeter? How much bandwidth is being consumed that just that activity? Can you quantify that into a dollar amount?
That's your homework for today. More to come.
-KL (c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
 
October is Cyber Security Awareness Month, and as we have done the past three years we plan to use our handler diaries throughout the month to conduct a deep dive into various security issues. In 2007 we covered a large range of subjects based on what our readers submitted as ideas. In 2008 we took a closer look at the six steps of incident handling. Last year we examined 31 different ports/services/protocols/applications and discussed some of the major security issues plus passed along reader comments on tips and tricks for securing it.
This year we are going to borrow an idea from Lance Spitzner and focus on ways to Secure the Human. In other words, we are going to talk about Layer 8, the carbon layer.

We're still finalizing our list but here is how we think it will go each day in October. We plan to discuss the actions taken by people, rather than ports, protocols, software, etc. as we've done the past few years.

Week One (Oct 1-9) Parents and extended family

1 - Securing the family PC

2 - Securing the family network

3 - Recognizing phishing and online scams

4 - Managing email

5 - Sites you should stay away from

6 - Computer monitoring tools

7 - Remote access and monitoring tools

8 - Patch management and system updates

9 - Disposal of an old computer

Week Two (Oct 10-16) Children, schools, and young friends

10 - Safe browsing for pre-teens

11 - Safe browsing for teens

12 - Social media usage

13 - Online bullying

14 - Securing a public computer

15 - What teachers need to know about their students

16 - Securing a donated computer

Week Three (Oct 17-23) Bosses

17 - What a boss should and should not have access to

18 - What you should tell your boss when there's a crisis

19 - VPN and remote access tools

20 - Securing mobile devices

21 - Dealing with insane requests from the boss

22 - Security of removable media

23 - Importance of compliance

Week Four (Oct 24-31) Co-workers

24 - Using work computers at home

25 - Using home computers for work

26 - Sharing office files

27 - Use of social media in the office

28 - Role of the employee

29 - Role of the office geek

30 - Role of the network team

31 - Tying it all together
By the way, Cyber Security Awareness Month has expanded beyond the United States. Since 2007, Canada also recognizes the month of October for cyber security awareness. If you know of other countries that are recognizing October as Cyber Security Awareness Month, please pass them to us via our contact form and we'll update this diary to get a more complete list.
Canada: http://www.publicsafety.gc.ca/prg/em/cbr/index-eng.aspx

United States: http://www.dhs.gov/files/programs/gc_1158611596104.shtm


Marcus H. Sachs

Director, SANSInternet Storm Center (c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
 
Court documents released on Thursday related to indictments over a massive international financial cybercrime operation provide a fascinating -- if scary -- glimpse into how the crooks operated within the U.S.
 

Internet Storm Center Infocon Status