InfoSec News

Thomas Nielsen has stepped down after just eight months as CEO of RealNetworks, the Seattle-based company best known for its RealPlayer multimedia-streaming software.
A jury in San Francisco on Tuesday decided to fine Toshiba $87 million for colluding with other vendors to keep LCD prices artificially high, but the Tokyo-based company doesn't expect to have to pay anything.
If you're setting up your first email account on your iPhone, simply tap the Mail icon in the dock at the bottom of the home screen. If adding a second or third account, tap Settings, scroll down to Mail, Contacts, Calendars, tap it and then tap Add account...

This One Picture Explains Why The Efforts To End The Israeli-Palestinian ...
Business Insider
A Flight Attendant Reveals 10 Shocking Secrets About Her Job · More · Latest · Video · The Hive · Data · Your News · BI Intelligence · Events · About BI · Events · BI Intelligence · Military & Defense Home · Troops · Hardware · INFOSEC · The Smoke Pit ...

Since the mid 2000s one of the prevailing trends in the IT world has been to move networks, data, operating systems and servers into an environment where they are not tied to a specific piece of hardware.
Google is rolling out a tool for Apps administrators to search through Gmail logs, the company announced on Tuesday.
As U.S. residents crane their necks skyward this week during their local Fourth of July fireworks displays, they may not realize the degree to which increasingly sophisticated software technology is behind all of the booms, blasts and starbursts.
A computer worm that propagates by exploiting a 2010 Windows vulnerability is responsible for some of the recent incidents involving network printers suddenly printing useless data, according to security researchers from Symantec.
More than half of tablet adopters are reading books and other media on their tablet screens instead of relying on paper -- and this survey finding should serve as a warning to publishers to adapt quickly to electronic media, Gartner analysts said.
In a case that could have implications for Apple across the European Union, Italy's competition and markets authority has opened new proceedings against popular device maker for failing to respect the country's consumer laws.
Mozilla rebranded its mobile operating system -- which it's been working on for more than a year -- as Firefox OS to tie it with its best-known product, the Firefox browser.
The U.S. government -- minus key spy operations -- spent $11.36 billion to protect classified data in 2011, according to the Information Security Oversight Office.
Apple's new Podcasts app is a welcome step to bringing attention to audio and video podcasts that were previously buried in the Music app. But while it has some good things going for it, it's a step that's not yet fully realized.
Broadband providers have "editorial discretion" to give priority to their own Web content, and the U.S. Federal Communications Commission's net neutrality rules limiting that discretion is a violation of providers' free speech rights, two carriers said in a court brief filed Monday.
Twitter has received more government requests for user information in the first six months of this year than it did in all of 2011, the company reported this week.
In a decision that could have widespread implications, Europe's highest court ruled on Tuesday that the trading of "used" software licenses is legal and that the author of such software cannot oppose any resale.
In this corner, weighing in at 50 million users, and five years' growth under its belt, the filer from Manila-er, the forest that counts all its trees, the synchronized, syncopated master of all it shares, Droooooopbox! And, in this corner, the Mountain Viewmaster, the original 800-pound gorilla, the only thing that scares Steve Ballmer while he sleeps, a giant among search engines, Goooooooglllleee! When these online storage sluggers come out fighting, will there be a knockout, or just a bloody match?
Apple will launch OS X Mountain Lion July 25 if it repeats what it did last year when it announced the then-new Lion a day after its quarterly earnings call with Wall Street analysts.
The U.S. NTIA has awarded ICANN the mandate to manage the assignment of IP addresses and the management of top-level domains until September 2015, the government agency announced on Monday.
Linux Kernel KVM 'kvm_set_irq()' Function Local Buffer Overflow Vulnerability
Linux Kernel Reliable Datagram Sockets (RDS) CVE-2012-2372 Local Denial of Service Vulnerability
The Citadel crimeware, a toolkit giving cybercriminals sophisticated financial malware, is being taken off the market by its authors, according to experts monitoring its activity.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google
Despite a decline in SQL injection errors over the last two years, attackers continue to find Web application flaws as easy targets, says Chris Wysopal of Veracode Inc.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google
The new Apple MacBook Pro -- with its super-high-resolution 15-in. Retina display, quad-core speed, and light weight -- is truly revolutionary.
Editor's note: The following review is part of Macworld's GemFest 2012 series. Every weekday from mid June through mid August, the Macworld staff will use the Mac Gems blog to briefly cover a favorite free or low-cost program. Visit the Mac Gems homepage for a list of past Mac Gems.
[security bulletin] HPSBUX02795 SSRT100878 rev.1 - HP-UX Running BIND, Remote Denial of Service (DoS)
Slideware of IPv6 hacking training (HIP 2012 edition), and future trainings (Portugal & Belgium)
[SECURITY] [DSA 2506-1] libapache-mod-security security update
iHome's $100 iD9 (officially called the iD9 Portable App-friendly Rechargeable Speaker System for iPad/iPhone/iPod, but I'll stick with just iD9) is a portable, rechargeable stereo speaker dock for your iOS devices and iPods. And despite its affordable price--or, heck, partly because of it--the iD9 is pretty cool.
Nagios XI Unspecified Command Injection Vulnerability
[IA30] Photodex ProShow Producer v5.0.3256 Local Buffer Overflow Vulnerability
Malicious Code Execution in PCI Expansion ROM

Business Insider

The US Government Keeps Raising Its 'Secret Keeping' Budget
Business Insider
Recommended For You. Please follow Military & Defense on Twitter and Facebook. Follow Michael Kelley on Twitter. Ask Michael A Question >. Tags: INFOSEC, Military, Defense | Get Alerts for these topics ». Sponsored Link: Advertisement: Short URL ...

LibTIFF 'tiff2pdf' Utility Remote Integer Overflow Vulnerability

GovInfoSecurity.com (blog)

Applying Medical Internships to Infosec
GovInfoSecurity.com (blog)
Modeled on medical internships, the Center for Internet Security is teaming up with the State University of New York at Albany and the City University of New York to create a residency program, initially aimed for those who just earned a graduate ...

A court in California has refused to stay its earlier preliminary injunction on sales of Galaxy Tab 10.1 tablets in the U.S., pending an appeal by Samsung against the order.
Twitter has lost a fight in which it challenged a court order to turn over public but now deleted Twitter messages written by an Occupy Wall Street protestor without being served a search warrant.
Eastman Kodak said on Monday that it has received approval from bankruptcy court to go ahead with the auction of its digital imaging patent portfolios, despite claims to some of those patents by Apple and FlashPoint Technologies.
libvirt CVE-2012-2693 Multiple Local Security Bypass Vulnerabilities

Business Insider

Iran Drafted A Bill To Block Tankers In The Strait Of Hormuz
Business Insider
A Flight Attendant Reveals 10 Shocking Secrets About Her Job · More · Latest · Video · The Hive · Data · Your News · BI Intelligence · Events · About BI · Events · BI Intelligence · Military & Defense Home · Troops · Hardware · INFOSEC · The Smoke Pit ...

A year after Google+ was launched, Google executives are saying it's not really a social network after all.
Manufacturing employment has been a job bright spot for the economy, but IT workers aren't benefiting from it, a new report finds.
We take a hands-on look at 10 e-commerce tools that can help businesses large and small sell products and/or services online. Insider (registration required)
Red Hat Sos CVE-2012-2664 Information Disclosure Vulnerability

Posted by InfoSec News on Jul 03


By Cindy Waxer
July 02, 2012

They're the bane of the IT security professional's existence when
they're on the wrong side of the law, but the truth is, hackers often
understand the nuances of network security better than your average CSO.
So is it safe to bring a hacker into your IT team?

According to Shane MacDougall, there are pros and cons to...

Posted by InfoSec News on Jul 03


By Daniel Rothberg
Daily Trojan
June 28, 2012

A forensic investigation led by Ernst & Young found instances of credit
card theft at several USC Hospitality venues over at least a one-month
period, according to an email from Dan Stimmler, associate senior vice
president of auxiliary services. Credit card numbers were obtained
because of a breach in...

Posted by InfoSec News on Jul 03


The Dong-A-Ilbo
July 03, 2012

The government will foster six IT security agents to supervise national
cyber security in the belief that cyber warfare can be won by a single
genius, not numbers.

The Knowledge Economy Ministry and the Korea Information Technology
Institute have launched the "Best of the Best" program, which selects
six "white...
California's State Assembly advanced a bill on Monday that aims to establish rules and regulations covering the safe operation of driverless cars on the state's highways.

Posted by InfoSec News on Jul 03


By Aliya Sternstein
July 2, 2012

A decade ago, when Rick Dakinmet parents at his son’s grade school who
said they worked for the "government" --and declined to expand -- it
meant they were agents. Dakin, a security consultant, is a member of the
Denver chapter of the FBI's InfraGard program, a public-private
partnership that convenes businesses,...

Posted by InfoSec News on Jul 03


By Iain Thomson in San Francisco
The Register
3rd July 2012

Microsoft has named two individuals who it says are the leaders behind
the Zeus botnet and has passed on its dossier on them to the FBI.

Redmond fingered Yevhen Kulibaba and Yuriy Konovalenko as the two key
players behind the botnet in an amended criminal complaint and told the
FBI that the two were key to...
Microsoft IIS File Enumeration Weakness

Samsung Takes Another Slam With Galaxy Nexus Ban
RSA Encryption 'Crack' Rattles Infosec Industry · Google's Nexus 7: Who's Sweating Now? Google Flexes Nexus' Tablet Muscles · Google's I/O: Perfect Blend of Substance and Spectacle? Spray-On Battery Could Slip Power Into Tighter Spaces · Firefox OS ...


Business Insider

This Is What It Was Like When I Got Teargassed In The Middle Of A Protest Last ...
Business Insider
WATCH: The Lamborghini Gallardo Is An Absolute Beast · More · Latest · Video · The Hive · Data · Your News · BI Intelligence · Events · About BI · Events · BI Intelligence · Military & Defense Home · Troops · Hardware · INFOSEC · The Smoke Pit · After ...

Internet Storm Center Infocon Status