InfoSec News

On June 28th Microsoft released a Service Pack for Office 2010. Office 2010 SP1 includes the usual roll-up of past security and hotfix patches, as well as a number of improvements and new features, particularly for its Office Web Applications (OWA), the online versions of Word, Excel, PowerPoint and OneNote. The download is 316.9M and is available by using Microsoft's Update site.
www.computerworld.com/s/article/9217989/Microsoft_delivers_Office_2010_SP1_upgrade

Deb Hale (c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
 
There have been reports this weekend of hacked websites that are serving up source code for VSFTP that contain backdoor code. The compromise has been confirmed by the programs creator. Thanks to benm for providing the heads up for the compromise.
forums.cnet.com/7726-6132_102-5160036.html

Deb Hale (c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
 
Mozilla Firefox/Thunderbird/SeaMonkey SVG Polygon Parsing Remote Code Execution Vulnerability
 
feh 'feh_unique_filename()' Predictable Filename Local Privilege Escalation Vulnerability
 
I enjoy being the tech hero. Relatives and friends come to me with their computer problems, and more often than not, I help them. Their problem gets solved, and my ego goes up a notch. (I can vouch for that last one. --Ed.)
 
Xataface 'action' Parameter Local File Include Vulnerability
 
cURL/libcURL GSS/Negotiate Feature Spoofing Security Vulnerability
 
Facebook told QueenPendragon that her PC was infected. The message looked very much like rogue malware trying to trick her into downloading something vicious. She asked the Antivirus & Security Software forum for advice.
 
Microsoft's Bing search engine will provide English-language search results for Baidu, China's largest search engine, the companies announced Monday.
 
The Twitter account for Fox News was apparently hacked, with six tweets falsely reporting early Monday morning that U.S. President Barack Obama had been shot twice in an Iowa restaurant while campaigning.
 
Multiple Cross-Site Scripting vulnerabilities in WebCalendar
 
[SECURITY] [DSA 2271-1] curl security update
 
WikiLeaks' card payment processor is preparing legal action against Visa Europe, MasterCard Europe and other payment intermediaries after its contract to process payments was abruptly terminated following WikiLeaks' release of secret U.S. diplomatic cables last November.
 

Google+ Tips and Tricks Facebook Should Use
PCWorld
Right now, I have all kinds of lists in Facebook--Family, High School, Air Force, Infosec, etc.--which help me cut down the noise on the incoming stream by letting me view individual lists, but when I write my own post I can only choose between ...

and more »
 
The Twitter account for Fox News was apparently hacked, with six tweets falsely reporting early Monday morning that U.S. President Barack Obama had been shot twice in an Iowa restaurant while campaigning.
 
A list of 27 user names and encrypted passwords, apparently for an Apple website, was posted online over the weekend along with a warning from hacker group Anonymous that the Cupertino-based computer maker could be a target of its attacks.
 
Microsoft IIS FTPd Globbing Functionality Remote Denial of Service Vulnerability
 
Donar Player '.wma' Remote Denial of Service Vulnerability
 
Sony will fully restore PlayStation Network service to users in Japan this week, ending a two-and-a-half month suspension of service, and bringing to a close an embarrassing incident that began with the largest known loss of customer information by a company.
 

Researchers join forces to battle insider e-threats
International Business Times AU
Insider threats forms one of the diverse areas of research performed by the InfoSec-Informatics research group in the School of Mathematical and Geospatial Sciences at RMIT, which also offers postgraduate degrees in Information Security and Assurance.

 
Internet Storm Center Infocon Status