Share |

InfoSec News

Gibbs has more IT tools for the iPad, iPod Touch, and iPhone
 
Mozilla Firefox/SeaMonkey 'eval()' Function Security Bypass Vulnerability
 
Mozilla Firefox and SeaMonkey JavaScript Worker Use-After-Free Memory Corruption Vulnerability
 
Mozilla Firefox/SeaMonkey Cross-Site Request Forgery Vulnerability
 
It's been nearly a year since Apple refreshed its MacBook Pro line. That's a longer-than-usual gap between updates, but the new MacBook Pros sport several changes under the hood, including new processors, new graphics processors, and a new peripheral connector. It all translates into performance jumps that were worth the wait.
 
One critical and two important security bulletins are expected for Microsoft's Patch Tuesday.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google
 
Even as Apple was unveiling the new iPad 2 this week, one analyst firm was reporting that tablets are wreaking havoc on the PC market.
 
As fewer people rely on e-mail, one IT services company plans to eradicate e-mail over three years, in favor of social business tools.
 
The FCC took the first step Thursday toward reworking two related programs that provide telephone subsidies for low-income residents, with commissioners calling for part of the funding to support broadband service
 
libTIFF CCITT Group 4 Encoded TIFF Image Buffer Overflow Vulnerability
 
libTIFF TIFF Image Buffer Overflow Vulnerability
 
The U.S. Department of Homeland Security today denied it plans to expand the use of whole-body scanning technologies to rail and bus transit facilities or for pedestrian surveillance.
 
Details regarding the amount of private banking data being sent from the European Union to the U.S. Treasury Department are not forthcoming, raising concerns among European parliamentarians.
 
Microsoft today revealed that it will not update Internet Explorer (IE) before the Pwn2Own hacking contest begins next week.
 
Upon first seeing the new Sony VAIO Y Series laptop (model VPCYB15KX), your first thought will likely be, "That is a very pink laptop." Virtually everyone in the PCWorld offices who saw our test unit felt the need to express just that thought. Of course, that's just this particular test system. If you're neither a 13-year-old girl, nor especially into promoting breast cancer awareness, you can get the system with silver styling instead.
 
[ MDVSA-2011:040 ] pango
 
HTB22837: Path disclosure in PrestaShop
 
HTB22865: XSS vulnerability in xtcModified
 
[security bulletin] HPSBPI02640 SSRT100410 rev.1 - HP MFP Digital Sending Software Running on Windows, Authentication Bypass
 
Google today said that Gmail service has mostly been restored some four days after an outage -- except to those heavy users with 'very large' inboxes.
 
Apple will patch its Safari browser before the Pwn2Own hacking contest kicks off next week, security researchers hinted today.
 
AT&T today confirmed that it will support the new Personal Hotspot feature of Apple's iOS 4.3 on iPhone 4s when the update ships released March 11.
 
As with any new Apple product, questions abound over the details of the new iPad 2. Sure, we know it's thinner, faster, and lighter and, like the original iPad, set to dominate the tablet landscape. But even if you've watched what Steve Jobs had to say, read our hands on account, and perused our pretty pictures, you may still have lingering queries about the new revision.
 
HTB22866: XSS vulnerability in xtcModified
 
HTB22857: Path disclosure in Tribiq CMS
 
HTB22863: XSS vulnerability in xtcModified
 
Re: Prestashop Cartium 1.3.3 Multiple Cross Site Scripting (XSS)
 
AT&T is expanding its data pricing options for tablet computers with the unveiling of Apple's iPad device.
 
Microsoft last week changed how it delivers an update that disables AutoRun, a Windows feature that big name worms, including Conficker and Stuxnet, have used to infect millions of PCs.
 
Twitter co-founder Biz Stone reportedly said today that the company is making money and there are no plans for Twitter to go public in the near future.
 
All Enthusiast PhotoPost PHP Pro Multiple Cross-Site Scripting Vulnerabilities
 
RETIRED: PhotoPost PHP 'showgallery.php' Multiple Cross Site Scripting Vulnerabilities
 
Mozilla Firefox/SeaMonkey Text Run Construction Memory Corruption Vulnerability
 
[USN-1050-1] Thunderbird vulnerabilities
 
iDefense Security Advisory 03.02.11: Apple CoreGraphics Library Heap Memory Corruption Vulnerability
 
Google Chrome prior to 9.0.597.107 Multiple Security Vulnerabilities
 
Mozilla Firefox and SeaMonkey JavaScript String Values Buffer Overflow Vulnerability
 
Teradata said it plans to buy data warehousing startup Aster Data Systems, continuing a run of consolidation in the market for technology that can process ever-growing amounts of "big data."
 
We are in the process of discussing the issue of how does one optimize WAN performance in a cloud-based world in a Thought Leadership Discussion at Webtorials.
 
From coffee shops to planes, trains, and cruise ships, we've become accustomed to having ready access to the Internet just about anywhere. The problem is, it's easy to forget how vulnerable that makes us to security threats.
 
Point-of-sale payment processing devices for credit and debit cards are proving to be rich targets for cybercriminals due to lax security controls, particularly among small businesses, according to a report from Trustwave.
 
I love it when I learn things from readers. (It happens more often than you might think.) For example, following yesterday's post about turning on Smooth Scrolling in Firefox, reader hijohnhi posted a comment recommending SmoothWheel--a Firefox add-on that he says delivers "the optimum smooth scrolling experience." And you know what? He's right!
 
[security bulletin] HPSBUX02638 SSRT100339 rev.1 - HP-UX Running OpenSSL, Remote Execution of Arbitrary Code, Denial of Service (DoS), Authentication Bypass
 
[USN-1083-1] Linux kernel vulnerabilities
 
[USN-1080-2] Linux kernel vulnerabilities
 
ZDI-11-103: Mozilla Firefox JSON.stringify Dangling Pointer Remote Code Execution Vulnerability
 
TrueCrypt is a powerful, free, open source program that allows you to create encrypted volumes on your computer, or to encrypt entire disks, including your system disk. Furthermore, it allows you to create hidden volumes, or even an entire hidden operating system.
 

Android Marketplace is a place where users that own devices using the Android operating system can download a large variety of apps for the device. There has been reports of applications that have gone into Android Marketplace DroidDream infected with malware, which was rooting phones and stealing the IMSI and IMEA codes.

One of the favorite targets of attackers are mobile devices. They can use them as bridges to gain access to corporate data network. To minimize risks, it is important to establish a security baseline and place antimalware protection inside them. We have the example of Trendmicro Mobile Security for Android, Mcafee Mobile Securityand Symantec Mobile Internet Security.
More information at http://antivirus.about.com/b/2011/03/02/as-many-as-56-android-apps-contain-backdoor.htmand http://blog.mylookout.com/2011/03/security-alert-malware-found-in-official-android-market-droiddream/
-- Manuel Humberto Santander Pelez | http://twitter.com/manuelsantander | http://manuel.santander.name | msantand at isc dot sans dot org (c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
 
Microsoft is again updating Samsung's Windows Phone 7-based smartphones, after technical problems forced a halt to the program, it said in a blog post on Wednesday.
 
GNOME glib Base64 Encoding and Decoding Multiple Integer Overflow Vulnerabilities
 
The complex Stuxnet worm proved attacks on SCADA and other industrial control systems were possible. Are we ready if one comes our way?
 
Juniper Networks is developing a massive switch that could replace traditional IP (Internet Protocol) routers in the core of service-provider networks and combine optical and electronic technologies that today exist in separate systems with dedicated staffs.
 

Although I have been fortunate to work with a company that handles large amounts of money and time to implement the security solutions typically get the latest technology solution, we also have companies that do not handle the same amount of money due to profit margin business in which they are located and therefore there is a greater rationale for the investment of monetary resources in those projects that are vital to the operation of the company.

A risk that materializes more frequently in companies is the leaking of information and one of the most common ways to steal over the Internet is through various forms such as emails and file transfers. That means we need to have a sensor that is responsible for monitoring the Internet traffic inbound and outbound. To determine your position, we will outline a two firewall DMZ and place a snort sensor in the middle using linux and configured in bridge mode.


Bridge configuration ispretty simple. Consider eth0 as the interface connected to vlan11 and eth1 the interface connected to vlan10:
ifconfig eth0 0.0.0.0

ifconfig eth1 0.0.0.0

brctl addbr sensor

brctl addif sensor eth0

brctl addif sensor eth1

ifconfig sensor up

Now it is time to configure the sensor. Many companies manage document templates, which contain default information that can be used to catalog the information contained therein. You can use words like secret, confidential, restricted, and many others. Based on this template, we proceed to create the appropriate alert to block the transit of information to the outside.For the following example, we will assume as the internal ip address range 192.168.1.0/24 and also that the template for confidential documents relating to the company X provides the following sentence: Company X - Confidential:

alert ip 192.168.1.0/24 any - any any (msg:Data Loss from inside the network content:Company X - Confidential rev:1)

Another interesting measure, depending on the environment and the risks of the company, is to disable the USB storage devices. To do this task in Windows environments, disable all permissions to the following files used each time you install a USB drive:
%SystemRoot%\Inf\Usbstor.pnf

%SystemRoot%\Inf\Usbstor.inf

If the USB storage device is already installed,change the following registry key value to 4:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\UsbStor
Do you have any other ideas? Use our contact form to share it with us.
-- Manuel Humberto Santander Pelez | http://twitter.com/manuelsantander | http://manuel.santander.name | msantand at isc dot sans dot org (c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
 
Capgemini Consulting, a specialist in strategy and transformation, is about to transform its own strategy for the second time in two years. To cope with the change, the company plans to recruit up to 1,000 staff this year, predominantly younger workers with social media and "digital transformation" skills, although it expects other staff to leave.
 
Salesforce.com is deepening the integration between its CRM (customer relationship management) and customer service software with the explosively popular social-networking site Facebook, Salesforce.com will announce today.
 
Taiwan's AU Optronics, one of the biggest LCD screen makers in the world, said Thursday it filed two separate lawsuits in the U.S. against Sharp, alleging the infringement of nine LCD screen-related patents in all.
 
As Apple prepares to ship its iPad 2, the first viable Android competitor packs a punch
 
Consumers unloaded their old iPads in unprecedented numbers so they can trade up to Apple's latest tablet, a gadget buy-back company said Wednesday.
 
Linux Kernel 'set_ftrace_filter' File Local Denial Of Service Vulnerability
 
Recent online calls for mass protests have sent the Chinese government on the defensive, and while experts say the online activity probably won't lead to outright revolution, it could force China's leadership to be more responsive to social problems ailing the country.
 
Linux Kernel Btrfs Integer Overflow Information Disclosure Vulnerability
 

EC-Council Launching CEHv7: New Standard in InfoSec Training
PR Web (press release)
The most advanced, hands-on ethical hacker training is now official: Certified Ethical Hacker Version 7. Hackers pose an escalating risk to US businesses and government agencies, so the EC-Council, a leading global cybersecurity training organization, ...

and more »
 
NetSupport Manager Remote Buffer Overflow Vulnerability
 
Mozilla Firefox and Thunderbird JPEG Image Decoding Buffer Overflow Vulnerability
 
Mozilla Firefox CVE-2011-0062 Multiple Unspecified Memory Corruption Vulnerabilities
 


Internet Storm Center Infocon Status