InfoSec News

------

Johannes B. Ullrich, Ph.D.

SANS Technology Institute

Twitter (c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
 
The U.S. Department of Homeland Security is cracking down on a international criminal ring, based in Vietnam, that is thought to have stolen hundreds of millions of dollars from online merchants using hacking and identity theft.
 
There's a lot to like about Microsoft Office 2007's ribbon-based interface, but it can get confusing. With all of the features inside Word, PowerPoint, and Excel, it's easy to get lost inside those ribbons, trying to remember which one has the feature you need right now.
 
The California Supreme Court has ruled that police don't need a warrant to search the text messages on a cell phone being carried by a suspect.
 
With email, texting, and all the instant communication methods available to us today, it's easy for some of us to forget that we still receive traditional mail in our mailboxes, especially if you're like me and don't get much mail as it is. Fear not though, because now there is a way to get push notifications on your iPhone from the physical world, alerting you electronically when the snail mail has arrived.
 
We hear tales of deception on Facebook every day -- typically involving criminals who fool unsuspecting users into giving up sensitive information. But a savvy service station manager recently used the social network to catch a criminal instead.
 
Mathematica '/tmp/MathLink' Symlink Attack Local Privilege Escalation Vulnerability
 
NASA has awarded Hewlett-Packard's Enterprise Services operation an outsourcing contract worth $2.5 billion over 10 years.
 
Health check - an interview with Royal District Nursing Service SA CIO, Jodie Rugless
 
OpenSC Smart Card Serial Number Multiple Buffer Overflow Vulnerabilities
 
Drupal Views Module Multiple Cross Site Scripting Vulnerabilities
 

WikiLeaks Hacktivists Likely Left Internet Trail for Feds
SecurityNewsDaily
3) on the security blog Infosec Island. It seems that the Low Orbit Ion Cannon (LOIC), an easy-to-use open-source tool used by many members of the ad hoc ...

and more »
 
Google and Apple, among others, are creating technologies to bring online and on-demand video content to TVs and other devices for mass consumption, so it should come as no surprise that Cisco Systems, the king of networking, is entering the game.
 
The demands of virtualization and network convergence are driving the emergence of a host of new network developments. Here’s what you need to know and how to plan accordingly.
 
Although Apple's share of the U.S. smartphone market remains slightly ahead of Google's, more buyers in the last six months picked a device powered by the latter's Android OS, Nielsen said today.
 
New tablets, 4G smartphones, Web-TV convergence devices and more will be on display this week ... What will be the biggest announcement from CES 2011?
 
Windows 7 cracked the 20% share mark last month, a milestone the problem-plagued Vista never reached, a Web measurement vendor said over the weekend.
 
Samsung has sold 10 million Galaxy S smartphones globally since sales began last June, the company said.
 
Linux Kernel KVM Intel VT-x Extension NULL Pointer Denial of Service Vulnerability
 
Lexar Media announced the first 128GB SDXC secure digital memory card, which could help products like digital cameras store more video and images.
 
Linux Kernel 'drivers/scsi/bfa/bfa_core.c' Denial of Service Vulnerability
 
Big Blue anticipates organizations struggling to manage smartphone security and predicts that critical infrastructure will be among the top targets of cybercriminals in 2011.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google
 
This will be better year than 2010 was, both for IT and tech products.
 
The newly released version 6.0 of the JBoss application server supports the latest version of enterprise Java
 
Microsoft's Internet Explorer lost 1.4 percentage points of usage share in December, the largest one-month decline for the browser in more than two years, a Web metrics company said Saturday.
 
Stream TV Networks on Monday announced seven Elocity tablets with 10-inch screens that will run Google's upcoming Android 3.0 OS.
 
[ACM, Ariadne Content Manager] unauth. SQL injection + user enumeration
 
www.eVuln.com : SQL Injection in WikLink
 
Geeklog 1.7.1 <= Cross Site Scripting Vulnerability
 
Wireshark ENTTEC DMX Data RLE Buffer Overflow Vulnerability
 
Facebook faces an SEC inquiry focused on private investments, according to news reports.
 
Intel recently announced a mini solid-state drive that is one-eighth the size of its current 2.5-in SSD, but that can hold as much as 80GB of data and achieve up to 200MB/sec. throughput.
 
ChurchInfo 'ListEvents.php' SQL Injection Vulnerability
 
The Android OS lacks an integrated office document viewer--something you'll come to regret over time if you are a business user. Some phone manufacturers bundle a crippled version of the Quickoffice app as a partial solution, but the functionality is pretty weak unless you purchase the $10 upgrade key that unlocks all its features. OliveOffice is a free document viewer (.doc, .docx, .xls, .xlsx, .ppt, .pptx, .pdf, .chm) that includes a local file browser, but it also lacks key functionality that would make it really useful.
 
Rasha1997 asked the Hard Drives, NAS Drives, Storage forum if he should use Windows' own defragging tool, a third-party defragger, or just not bother.
 
Wireless technologies developer Qualcomm plans to build a $1 billion plant in the island nation to build low-power color displays.
 
Analysts speculate whether there will be a jobless recovery for IT in the coming year.
 
P100 IT Leader Susan Schade also has advice on mentors and career advancement.
 
Happily, our 2011 State of the CIO research reveals that this coming year will be all about enhancing productivity, investing strategically and fueling growth.
 
Announcing cross_fuzz, a potential 0-day in circulation, and more
 

Users of Android smartphones in China could be infected by Geinimi malware if mobile applications are downloaded from third-party services.

Security researchers at mobile security firm Lookout Inc. have discovered a new Trojan designed to compromise smartphones running Google’s Android operating system.

The San Francisco-based firm is calling the new malware, “Geinimi” and said it can steal personal data on the user’s phone and send it to remote servers. Lookout said the Geinimi malware displays botnet-like capabilities by having the ability to receive commands from a remote command and control server.

The good news is that so far infections are limited to users who download mobile applications distributed via third-party Chinese Android application markets. The malware is integrated in certain games and requires user interaction, Lookout said.

The affected applications request extensive permissions over and above the set that is requested by their legitimate original versions. Though the intent of this Trojan isn’t entirely clear, the possibilities for intent range from a malicious ad-network to an attempt to create an Android botnet.

Security researchers have been predicting that attackers will begin to use mobile malware to steal sensitive data stored on smartphones or sniff payment information as more and more users conduct banking and make purchases on their smarthphones. While researchers have demonstrated vulnerabilities in smartphones, including the Apple iPhone, only jailbroken devices have been targeted in limited attacks.

Some researchers believe vulnerabilities in applications could be the avenue of future attacks. A common misnomer is that the applications are vetted for security issues by major app store vendors, including Google, Apple, and Blackberry. In a recent interview, security expert Winn Schwartau of Mobile Active Defense said that is absolutely NOT the case.

Lookout said the Geinimi malware attempts to contact C&C servers in five minute intervals using one of ten embedded domain names. Lookout said the malware has the capabilities to send location coordinates of the device, the smartphone identifiers as well as a list of the applications installed on the victim’s device.

Graham Cluley, a security consultant with UK-based security vendor Sophos downplayed the threat posed by Geinimi. He said only users who deliberately change the settings on their phone to install software from “unknown sources” are at risk of infection.

So, the sky is not falling - and it’s not the end of the the world as we know it if you love all things Android. But Android users should still be sensible about security.



Add to digg Add to StumbleUpon Add to del.icio.us Add to Google
 
With 802.11n, enterprise Wi-Fi networks are shifting from convenient to critical. They’re becoming the preferred and primary network access for users – which means IT groups have to rethink how they deploy, secure, manage and run the wireless LAN.
 
Asustek Computer will introduce two tablet PCs this month, one with a detachable keyboard and another with a sliding keyboard. The products will join a tough market dominated now by giants such as Dell and Acer.
 
With more optimism combined with scary security %^$#, 2011 could be a wild ride
 
An accidental leak may have confirmed Chinese hackers' suspicions that Internet Explorer has a critical unpatched vulnerability, a security researcher said.
 
Google is attempting to get support from publishers of magazines and newspapers for a digital newsstand targeted at users of smartphones and tablets running the Android operating system, according to a report in The Wall Street Journal.
 
Lenovo will show its first tablets this week as it moves to make a mark in the fast-growing market led by Apple's iPad and Samsung's Galaxy Tab.
 
Intel on Monday said that it was building a hardware security layer in its next-generation Core chips to prevent streaming movies from being copied.
 
Microsoft Internet Explorer 'ReleaseInterface()' Remote Code Execution Vulnerability
 
New expectations and a new economic landscape point to a new role for IT in 2011. Here's how to avoid getting left behind
 
Enterprises will increasingly look for opportunities to tap self-service business intelligence and SaaS-based BI models in 2011, analysts say.
 
InfoSec News: Ankit Fadia / Manu Zacharia - "Network Intrusion Alert" Heavily Plagiarized: http://attrition.org/errata/charlatan/ankit_fadia/network_intrusion/
Mon Jan 3 02:43:17 CST 2011
"Network Intrusion Alert: An Ethical Hacking Guide to Intrusion Detection" written by Ankit Fadia [1] and Manu Zacharia [2] (ISBN 1598634143 and 9781598634143) contains significant amounts of [...]
 
InfoSec News: Facing WikiLeaks Threat, Bank Plays Defense: http://www.nytimes.com/2011/01/03/business/03wikileaks-bank.html
By NELSON D. SCHWARTZ The New York Times January 2, 2011
By the time the conference call ended, it was nearly midnight at Bank of America's headquarters in Charlotte, N.C., but the bank's [...]
 
InfoSec News: Honda US cops to vast data snaffle from marketing firm: http://www.theregister.co.uk/2010/12/31/honda_data_breach/
By John Leyden The Register 31st December 2010
Honda US has written to customers following a data breach that led to the exposure of million of customer records.
Hackers made off with a database containing names, email addresses, and [...]
 

Posted by InfoSec News on Jan 03

http://attrition.org/errata/charlatan/ankit_fadia/network_intrusion/

Mon Jan 3 02:43:17 CST 2011

"Network Intrusion Alert: An Ethical Hacking Guide to Intrusion
Detection" written by Ankit Fadia [1] and Manu Zacharia [2] (ISBN
1598634143 and 9781598634143) contains significant amounts of
plagiarized material. Published in 2008, the book uses material from a
wide variety of sources to varying degrees. In many cases, entire...
 

Express Computer

Infosec lessons from WikiLeaks
Express Computer
Another aspect that any seasoned infosec professional can see is that, the strength of information security in a set-up depends only up to a point on the IT ...

 

Posted by InfoSec News on Jan 03

http://www.nytimes.com/2011/01/03/business/03wikileaks-bank.html

By NELSON D. SCHWARTZ
The New York Times
January 2, 2011

By the time the conference call ended, it was nearly midnight at Bank of
America's headquarters in Charlotte, N.C., but the bank's
counterespionage work was only just beginning.

A day earlier, on Nov. 29, the director of WikiLeaks, Julian Assange,
said in an interview that he intended to "take down" a major...
 

Posted by InfoSec News on Jan 03

http://www.theregister.co.uk/2010/12/31/honda_data_breach/

By John Leyden
The Register
31st December 2010

Honda US has written to customers following a data breach that led to
the exposure of million of customer records.

Hackers made off with a database containing names, email addresses, and
Vehicle Identification Numbers (the unique ID for cars) of 2.2 million
Honda customers following an attack on an unnamed third-party marketing...
 
CoolPlayer M3U File Buffer Overflow Vulnerability
 
Microsoft Windows Kernel 'Win32k.sys' Window Class Local Privilege Escalation Vulnerability
 


Internet Storm Center Infocon Status