Hackin9
Computers was the biggest area for patent activity worldwide last year, but medical devices saw the most growth, according to a new report this week.
 
Some network operators say they need new tools to set up and manage connections in a virtualized world, even if that means adopting software-defined networking technology, which is still in its infancy.
 
A Facebook tool that allowed users to view and delete their search history on the site has vanished, and some people are keen to get it back.
 
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 

Thanks Mike and others for sending it through Some security fixes in both. Details are at the following links.




Security fixes

Release Notes





https://www.mozilla.org/security/known-vulnerabilities/firefox.html

https://www.mozilla.org/en-US/firefox/20.0/releasenotes/



http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird17.0.5

https://www.mozilla.org/en-US/thunderbird/17.0.5/releasenotes














M

(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
Apache Maven CVE-2013-0253 SSL Certificate Validation Security Bypass Vulnerability
 
Ruby on Rails 'sanitize_css()' Method CVE-2013-1855 Cross Site Scripting Vulnerability
 
Prices of Windows RT devices have started falling, signaling an attempt by PC makers to quickly clear out stock after poor adoption of tablets and convertibles with the operating system.
 

No, it's not an April Fool's prank. AT&T really is forbidding passwords that contain obscene language. Or at least that's what the company's password reset page says.

AT&T's policy barring obscene passwords is surprising because it's completely unnecessary, even for a company that bends over backward not to offend even its most modest customers or employees. If workers are following standard industry practices, passcodes will never be shared with customer support representatives or engineers either verbally or in e-mails. Instead, plain-text strings such as "shittypolicy" will be cryptographically converted to strings such as "eaf6f87e9d009cd3c713e6533ce8b15ac9ed2009" that in theory can't be mathematically reversed. Sure, it's a good idea to block the use of expletives, but that has nothing to do with their potential to offend. The reason to bar them is that they're generally so short and widely used that they're easily cracked.

When AT&T's policy came to light over the weekend, Ars assumed it was an April Fool's-motivated hoax. An AT&T spokesman still hasn't delivered a requested statement, but the screenshot posted above suggests the reports are true.

Read 2 remaining paragraphs | Comments

 
News leaks and speculation are pointing to a launcher for Android smartphones as the mysterious announcement expected from Facebook on Thursday.
 
Office 365 has accounted for about 25% of all Office retail unit sales in the U.S. since its introduction two months ago. But the new "rent-not-own" strategy has not boosted overall sales, an analyst said today.
 
TheA delegation of new generic top-level domains (gTLDs) by the Internet Corporation for Assigned Names and Numbers (ICANN)A is premature and could cause risks to the security and stability of the Domain Name System (DNS) and affect the working of the whole Internet, Verisign has warned.
 

The War Z, a first-person zombie shooter game with 600,000 players, has been taken offline after attackers gained access to e-mail addresses and password data used to play the game and log in to user forums.

The data exposed in the breach also included in-game character names, the IP addresses players used to access user forums and the game, and any other data contained in the forum or game databases, an advisory posted by game developer Hammerpoint Interactive warned. It said the game and forums will be unavailable while outside experts and investigators pinpoint the cause of the compromise. Payment information was not exposed because payments are processed by a third-party and not on The War Z systems.

"If you posted other information to the forum it is likely that such data was accessed as well," the advisory stated. "We do not collect the names or addresses of our gamers so that information was not impacted unless you posted it on the forum. We are investigating whether additional information may have been obtained." The notice warned that e-mail addresses used to register for the game were also obtained.

Read 5 remaining paragraphs | Comments

 
Per-window private browsing, a new download experience, improved developer tool layouts and three critical bug fixes are the essential components of the latest update to Firefox


 
Hewlett-Packard next week will unveil a class of hyperscale servers as part of Project Moonshot, the company's attempt to build densely packed low-power servers that can scale performance quickly.
 
Youre no longer in control of your data once you hand it over to a cloud storage provider, but youre legally still responsible for it. Knowing whats in your cloud-provider contract is critical, says tech attorney Milton Petersen.
 
Pepco, a large utility that serves Washington DC and the surrounding area, is in the political bullseye. Its customers include many members of Congress so a security breach that hurts service would get noticed.
 
House of Marley's $60 Chant Portable Audio System is a Bluetooth speaker that you can carry inside its own custom canvas case. If you prize affordability and portability over audio fidelity, the Chant is a fine option.
 
Google is aiming to expand the reach of users' Google+ profiles and social data across the Web through new partnerships with Janrain and Gigya.
 
(No, not the actual plane used.)

Here in the Ars science section, we cover a lot of interesting research that may eventually lead to the sort of technology discussed in other areas of the site. In many cases, that sort of deployment will be years away (assuming it ever happens). But in a couple of fields, the rapid pace of proof-of-principle demonstrations hints that commercialization isn't too far beyond the horizon.

One of these areas is quantum key distribution between places that aren't in close proximity. Quantum keys hold the promise of creating a unique, disposable key on demand in such a way that any attempts to eavesdrop will quickly become obvious. We know how to do this over relatively short distances using fiber optic cables, so the basic technique is well-established. Throughout the past couple of years, researchers have been getting rid of the cables: first by sending quantum information across a lake, then by exchanging it between two islands.

The latter feat involved a distance of 144km, which is getting closer to the sorts of altitudes occupied by satellites. But exchanging keys with satellites would seem to add a significant challenge—they move. Over the weekend, Nature Photonics published a paper that indicates we shouldn't necessarily view that as an obstacle. The paper describes a team of German researchers who managed to obtain quantum keys transmitted from a moving aircraft.

Read 6 remaining paragraphs | Comments

 
Alcatel-Lucent is promising more manageable cloud computing through Nuage Networks, an internal startup that is making its formal debut on Tuesday.
 
Amazon may be building a Kindle smartphone on a custom version of Android to be launched in the second half of 2013.
 
Conventional wisdom says that simple security is an oxymoron. Good security is complex, while uncomplicated security is weak.
 
Per-window private browsing, a new download experience, improved developer tool layouts and three critical bug fixes are the essential components of the latest update to Firefox


 
The internet activist accused of being behind one of the biggest distributed denial-of-service (DDoS) attacks to date claims he is the victim of an establishment conspiracy.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google
 
Two people will share a $50,000 prize from the U.S. Federal Trade Commission for the best idea to block illegal robocalls from reaching the owners of mobile and wired phones.
 
A U.S. government watchdog agency has found that nearly half of 14 large ongoing military IT projects are over budget and more than half are behind schedule.
 

Tens of thousands of websites, some operated by The Los Angeles Times, Seagate, and other reputable companies, have recently come under the spell of "Darkleech," a mysterious exploitation toolkit that exposes visitors to potent malware attacks.

The ongoing attacks, estimated to have infected 20,000 websites in the past few weeks alone, are significant because of their success in targeting Apache, by far the Internet's most popular Web server software. Once it takes hold, Darkleech injects invisible code into webpages, which in turn surreptitiously opens a connection that exposes visitors to malicious third-party websites, researchers said. Although the attacks have been active since at least August, no one has been able to positively identify the weakness attackers are using to commandeer the Apache-based machines. Vulnerabilities in Plesk, Cpanel, or other software used to administer websites is one possibility, but researchers aren't ruling out the possibility of password cracking, social engineering, or attacks that exploit unknown bugs in frequently used applications and OSes.

Researchers also don't know precisely how many sites have been infected by Darkleech. The server malware employs a sophisticated array of conditions to determine when to inject malicious links into the webpages shown to end users. Visitors using IP addresses belonging to security and hosting firms are passed over, as are people who have recently been attacked or who don't access the pages from specific search queries. The ability of Darkleech to inject unique links on the fly is also hindering research into the elusive infection toolkit.

Read 14 remaining paragraphs | Comments

 

We reported last week on a massive distributed denial of service attack that was intended to take anti-spam organization Spamhaus offline.

We described the scale of the attack as "Internet-threatening," elaborating further that the attack, peaking at more than 300 gigabits per second, "is the kind of scale that threatens the core routers that join the Internet's disparate networks."

Subsequently, posts on Gizmodo and The Guardian called into question these assessments, with Gizmodo casting doubt on the description by asking some "simple questions" and The Guardian specifically claiming that it was "shoddy journalism."

Read 40 remaining paragraphs | Comments

 
FreeBSD Linux Compatibility Layer Local Privilege Escalation Vulnerabiity
 
Cisco Linksys E1500/E2500 Router Multiple Security Vulnerabilities
 
NGS00248 Patch Notification: Virtual Access Monitor Multiple SQL Injection Vulnerabilities
 
Remote command execution in Ruby Gem ldoce 0.0.2
 
Last year, when an earthquake hit Melbourne, Twitter was the first on the scene. Within minutes, the subject became the top Twitter-trending topic worldwide and even caused the Geoscience Australia website to crash as people went online to see what had happened.
 
Soasta, Cloudbees partner to connect mobile app dev to Jenkins continuous integration server, making it easier for developers to test and deploy apps to the cloud
 
Researchers from security vendor FireEye have uncovered a new APT that uses multiple detection evasion techniques, including the monitoring of mouse clicks, to determine active human interaction with the infected computer.
 
A debate requires intelligent dialogue from representatives on both sides of an issue. That's not what happened at the RSA conference panel on security awareness.
 
The nonprofit organization CyArk creates 3D digital images of the world's historic sites, but stores them on disk drives dropped each week into a bank security box. As the data is expected to grow to two petabytes over the next five years, the group chose a new archival strategy that includes stashing tape drives in a limestone mine storage facility owned by Iron Mountain.
 
Windows service accounts used by software are often given domain administrator rights, just because it's quick and easy. That sort of thing rubs security managers the wrong way.
 
AT&T and Sprint Tuesday separately announced plans to start selling 32GB HTC One smartphones on April 19 for $199.99 with a two-year contract.
 
Using social media to market your business or collaborate internally means more than having a presence on Twitter, LinkedIn, Google+ and Facebook. To teach college students that lesson, Syracuse University adopted HootSuite University's certification program. Syracuse isn't alone: Social media certifications are a growing trend, but is a training course right for you?
 
A Web and app designer has stolen a page out of Microsoft's own playbook in urging users to abandon three of the company's four newest browsers because Microsoft is "standing in the way" of progress.
 
Nearly a decade after research firms predicted major cost savings and clinical benefits from the use of health-IT, adoption rates among U.S. medical providers remain sluggish, with the industry slow to embrace the big-data movement.
 

We received the following earlier today regarding scans to SSH from this IP address which is a research group in Germany. As far as we are aware it is legitimate research and the scans have been conducted previously. So if you see scans from this IP address, this is what it is about. Ill leave whether you wish to block it or take advantage of their blacklist, up to you.

Ive asked a few clarifing questions, but have not yet received an answer. I was curious about the not Loggin in, but sending a username (and presumably a password) as Ive identified the IP address on a number of fail2ban logs, so multiple password attempts.

As one of the handlers mentioned, migh be ok in your area, but in many places it might still be seen as an intrusion. I guess to me it is similar to anyone else doing the same for whatever reason, but that does mean you get treated the same, i.e. blocked after x attempts. In this case for me, a firm thanks for the note Ill block it now. Our DB will no doubt show it as an attacking IP as log files start coming in. There is a note on the IP address from previous scans, so those that use the data can make their own choice.

If you have SSH open you may want to look at something like fail2ban or other similiar tools and it will take care of scans from here the same as scans from anywhere else. In the mean time if you see the IP address your incident response time to investigate may be shorter for reading the below message.

Cheers

Mark.


Dear colleagues,



Our team at the Network Architectures and Services Dept. (I8) of TU

Mnchen, Germany, has started an IPv4-wide SSH scan. This is the same

kind of scan that we have conducted several times over the past few

months. Once again, the purpose is purely scientific.



The scanning machine is 188.95.234.6.



It is not infected, nor is an attack intended (we do *not attempt to

login*, in fact we send the most harmless username ever). However, this

is a large-scale scan, which we expect to last up to 10 days. The

long-term goal are continuous scans.



We are perfectly aware that many IDS systems will count this as

an attack. We are thus writing in order to inform you of our activity.

If there is anything you can do - adding us to a whitelist, adding a

comment in your DB etc. - we would very much appreciate your help.



Please note that we respond to every complaint and are happy to

blacklist systems with annoyed admins.



Background information can be found here:



29C3 Lightning Talk, from minute 9:

http://www.youtube.com/watch?v=eao8yBKHYT8



Crossbear-Paper:

http://www.net.in.tum.de/fileadmin/bibtex/publications/papers/holz_x509forensics_esorics2012.pdf



Project homepage:https://pki.net.in.tum.de
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
Schneider Electric Interactive Graphical SCADA System 'dc.exe' Buffer Overflow Vulnerability
 
Seagate's Wireless Plus drive offers a terabyte of storage and a way to stash your videos, photos, music and documents or wirelessly stream them to your mobile devices.
 
A trademark infringement lawsuit against Facebook over its use of 'timeline' will go to trial before a jury, after a judge ruled that the company had failed to show that the trademark was generic or descriptive, or Facebook's use of it amounted to fair use.
 
Apple CEO Tim Cook apologized to Chinese consumers over concerns about its warranty policies after government-run media attacked the company for its customer service.
 
Facebook Chief Operating Officer Sheryl Sandberg is scheduled to join a number of other high-profile tech players to testify in a private antitrust suit brought against seven California-based technology companies by former employees.
 
The decline in usage share of Windows XP, which is slated for retirement in 53 weeks, has slowed significantly, hinting that millions of its users will hold onto the operating system much longer than some, including Microsoft, expect.
 
The three largest memory makers announced the final specifications for three-dimensional DRAM, which is aimed at increasing performance for networking and high performance computing markets.
 
Mitsubishi MX Component ActiveX Control 'ActUWzd.dll' Remote Buffer Overflow Vulnerability
 
VxWorks SSH Server CVE-2013-0712 Denial of Service Vulnerability
 
VxWorks Web Server CVE-2013-0716 Remote Denial of Service Vulnerability
 
VxWorks CVE-2013-0715 Remote Denial of Service Vulnerability
 
VxWorks SSH Server CVE-2013-0711 Denial of Service Vulnerability
 
Wind River Systems VxWorks CVE-2013-0713 Denial of Service Vulnerability
 
Wind River Systems VxWorks CVE-2013-0714 Denial of Service Vulnerability
 

Seven basic steps to avoid being 'phished'
Sydney Morning Herald
Phishing your employees in the name of security. An international hacker was recently found to have more than 10,000 stolen debit and credit card numbers. So, clearly, phishing – the practice of tricking someone into giving bank or credit card ...

and more »
 
Internet Storm Center Infocon Status