Microsoft's monthly patch release for July will cover seven security issues, six of which could be remotely exploited by an attacker.
The founder of an eavesdropping-resistant instant messaging application called Cryptocat has apologized over a now-fixed bug that made some types of messages more vulnerable to snooping.

It's been exactly five years since the ISC Diary discussed the Storm botnet and fireworks.exe. What better way to celebrate America's birthday with another fireworks-like visualization. Much has changed in five years, including malware techniques, and the venerable AfterGlow visualization tool set, but some things remain consistent. Malware still sucks, sometimes it's really chatty, and when it is, the resulting PCAP can be rendered as a great picture. Raffy Marty's AfterGlow now includes a cloud version (like I said, much has changed in five years), but I rolled this graphic with a ZeroAccess sample and AfterGlow with Argus on an Ubuntu VM. An excellent analysis of this sample is provided by Contagio, so I'll spare you the details. Using the PCAP provided in that post, I executed argus -r zeroaccess.pcap -w - | ra -r - -nn -s saddr daddr -c, | perl afterglow.pl -c color.properties | neato -Tgif -o zeroaccess.gif. To simplify textually, the blue dot in the middle is our hapless victim system and the red nodes are all the evil minions it's conversing with.

With the utmost respect, and sincere apologies to the Honorable Mr. Lincoln: We here highly resolve that these samples shall not have been analyzed in vain — that this Diary, under the World Wide Web, shall promote a new birth of security — and that an Internet of the people, by the people, for the people, shall not perish from the earth.

Happy 4th of July!!

ZeroAccess visualization

Russ McRee | @holisticinfosec


(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Cyber criminals will face tougher penalties across the European Union, under new rules adopted by the European Parliament on Thursday.
Nokia is expected to launch a follow-up to its 41-megapixel 808 PureView running Windows Phone a week from now, a move that will give the struggling phone vendor a much needed boost, according to one analyst.
IBM Business Process Manager CVE-2013-0581 Multiple Cross Site Scripting Vulnerabilities
A US security firm says that it has discovered a bug in Android that allows potential attackers to inject arbitrary code into signed app packages without invalidating the signature

The European Parliament on Thursday gave its consent to suspend data-sharing deals with the United States following the allegations about spying and the Prism scandal.
A German data protection authority has begun a formal action against Google over changes the company made to its privacy policy last year. The French privacy regulator announced a similar action last month.
An online protest against the surveillance programs of the U.S. National Security Agency planned for July 4 was off to a slow start Thursday morning, despite expectations it would see participation from thousands of websites.
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0783 Memory Corruption Vulnerability
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0780 Remote Code Execution Vulnerability

ISNR Abu Dhabi 2014 Latest Developments Announced
Wall Street Journal
The IS pavilion is supported by the UAE Telecommunications Regulatory Authority (TRA) and InfoSec Europe. Moreover, the CIS pavilion will be sponsored by ISC West exhibition and conference. FEM is the region's platform for experts and public safety ...
ISNR Abu Dhabi 2014 latest developments announcesAME Info (press release)

all 5 news articles »
China saw an increase in Trojan and botnet attacks coming from other countries in 2012, as the amount of mobile malware in the country also surged, according to a local security group.
Oracle Java SE CVE-2013-2453 Remote Security Vulnerability
The Internet held up in Egypt as the military deposed the country's president Wednesday, with both the former president's aides and the opposition using Twitter and Facebook extensively to communicate with followers in Egypt and the rest of the world.
re: Real player resource exhaustion Vulnerability

ISNR Abu Dhabi 2014 latest developments announces
AME Info (press release)
The Information Security pavilion is supported by the UAE Telecommunications Regulatory Authority (TRA) and InfoSec Europe, Europe's most prominent and largest Information Security industry event. It will be the ideal new platform that will bring ...
ISNR Abu Dhabi 2014 Latest Developments AnnouncedWall Street Journal

all 3 news articles »
A persistent, widespread malware campaign that utilizes compromised Apache servers is locking users' computers and demanding a fee of US$300 to free their data.
Boston University is seeking to ban Apple from selling some of its products, besides demanding damages for the alleged infringement of a semiconductor patent invented by a university professor.

Hurry up for the World's Leading Regional Information Security Event: Black ...
PR Newswire (press release)
After the top level trainings on highly technical fields of information security, a one day summit will take place where the latest developments in infosec will be analyzed by global as well as local researchers. Industry trends pertaining to the ...

and more »
Internet Storm Center Infocon Status