Information Security News
Richard Porter --- ISC Handler on Duty(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Security researchers have blown the whistle on a computer-espionage campaign that over the past eight years has successfully compromised more than 350 high-profile targets in 40 countries.
"NetTraveler," named after a string included in an early version of the malware, has targeted a number of industries and organizations, according to a blog post published Tuesday by researchers from antivirus provider Kaspersky Lab. Targets include oil industry companies, scientific research centers and institutes, universities, private companies, governments and governmental institutions, embassies, military contractors and Tibetan/Uyghur activists. Most recently, the group behind NetTraveler has focused most of its efforts on obtaining data concerning space exploration, nanotechnology, energy production, nuclear power, lasers, medicine, and communications.
"Based on collected intelligence, we estimate the group size to about 50 individuals, most of which speak Chinese natively and have working knowledge of the English language," the researchers wrote. "NetTraveler is designed to steal sensitive data as well as log keystrokes, and retrieve file system listings and various Office of PDF documents."
Apple released the next update for OS X, 10.8.4. Eventually, we should learn more about the security content of the update, but at this point, the security page has not been updated yet .
However, Apple did distribute a list of patched vulnerabilities via e-mail (thanks Dave for sharing). The update fixes a total of 33 vulnerabilities. Here are some of the highlights:
|CVE #||Component||Affected Versions|
|2013-0982||CFNetwork||10.8 - 10.8.3||data leakage (authentication cookies)|
|2013-0983||CoreAnimation||10.8 - 10.8.3||code execution|
|2013-0984||Directory Service||10.6.8||remote code execution as system|
|2013-0985||Disk Management||10.8-10.8.3||data leakage (disable file vault)|
|2012-4829||OpenSSL||10.6.8, 10.7-10.7.5, 10.8-10.8.3||data leakage ("CRIME" attack)|
|multiple||OpenSSL||10.6.8, 10.7-10.7.5, 10.8-10.8.3||DoS, data leakage|
|2013-0987||QuickTime QTIF Files||10.6.8, 10.7-10.7.5, 10.8-10.8.3||code execution|
|2013-0988||QuickTime FPX Files||10.6.8., 10.7-10.7.5, 10.8-10.8.3||code execution|
|2013-0989||QuickTime MP3 Files||10.8-10.8.3||code execution|
|multiple||Ruby on Rails||10.6.8||code execution (EXPLOITED)|
|2013-0990||SMB||10.7-10.7.5, 10.8-10.8.3||authenticated user may write files outside of shared directory|
Gatekeeper will check downloaded JNLP applications and may require a valid developer ID certificate.
In addition, this update includes Safari 6.0.5 with various improvements / security fixes not listed here.
Safari 6.0.5 patches a total of 23 arbitrary code execution vulnerabilities, two cross site scriting issue and one problem with the XSS Auditor that may cause form submissions to be altered.
Novopay Report: Costs Blew Out As Talent2 'Overwhelmed'
Scoop.co.nz (press release)
IT firm Talent2 and the Ministry of Education were “unprepared and overwhelmed” by escalating problems with the Novopay payroll system for teachers. The Ministerial Inquiry into the Novopay Project paints a picture of departmental failures across the ...
Going where few password crackers have gone before, a team of security consultants has deployed a cracking-optimized computer that's completely submerged in mineral oil. Members say the setup offers significant cost savings compared with the same machine that uses air to stay cool.
The rig contains two AMD Radeon 6990 graphics cards, long considered a workhorse for password crackers. While the parallel processing in just one of these $800 cards can make as many as 9 billion password guesses each second (see PC3 in the graph at the bottom of this page), the performance comes at a price. GPUs run extremely hot, particularly when combined with other graphics cards, which drives up the cost of keeping them cool enough to run without burning out. The dedicated fans normally used to keep them cool also generate plenty of noise.
Employees of security consultancy KoreLogic recently deployed the password cracker at Midas Green Tech, an Austin, Texas-based data center that specializes in so-called immersion-cooled server hosting. Unlike the other air-cooled systems KoreLogic uses to test the strength of clients' password policies, the cost of hosting it is less than $60 per month, compared to about $100 for an air-cooled system, said Rick Redman, one of the KoreLogic penetration testers who deployed the new machine.
Army Intelligence Report on WikiLeaks 'Threat' Being Used to Argue Bradley ...
Wikileaks.org, a publicly accessible Internet Web site, represents a potential force protection, counterintelligence, operational security (OPSEC), and information security (INFOSEC) threat to the US Army. The intentional or unintentional leaking and ...
Posted by InfoSec News on Jun 04http://www.army.mil/article/103799/Army_releases_new_leaders__handbook_on_cybersecurity/
Posted by InfoSec News on Jun 04http://gcn.com/articles/2013/06/03/dhs-data-breach-employee-info.aspx
Posted by InfoSec News on Jun 04http://news.cnet.com/8301-13579_3-57587482-37/iphones-can-apparently-be-hacked-with-malicious-charger/
Posted by InfoSec News on Jun 04http://www.informationweek.com/security/application-security/oracle-promises-enterprise-java-security/240155912
Posted by InfoSec News on Jun 04http://www.mcclatchydc.com/2013/06/03/192895/us-publishes-details-of-missile.html