Hackin9

The Mandarin (registration)

Unis need better risk management, infosec and to stop playing politics
The Mandarin (registration)
NSW universities need to improve their risk management, improve information security and stop paying money to political parties, according to the state's auditor-general. New South Wales universities need to continue improving their risk management ...

 
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 

The Office of Personnel Management, the government agency that manages federal employees, announced Thursday that its network was breached in December 2014, potentially compromising the personal records of approximately 4 million former and current employees.

The Washington Post, citing unnamed government officials, reported that the attack originated from “Chinese hackers,” and was the “second major intrusion of the agency by China in less than a year.”

As the agency wrote in a statement:

Read 1 remaining paragraphs | Comments

 

Naked Security

Infosec 2015: "What concerns you the most in computer security?"
Naked Security
We took to the exhibition floor at Infosec Europe 2015 armed with ten cool ASCII-art Naked Security T-shirts to put a question to ten visitors. (The T-shirts were a "thank you" for those who agreed to take part.) As it happened, one of our participants ...

 

Researchers at Wandera, a mobile security company, have alerted Apple to a potential security vulnerability in iOS that could be used by attackers to fool users into giving up their credit card data and personal information. The vulnerability, based on the default behavior of iOS devices with Wi-Fi turned on, could be used to inject a fake "captive portal" page that imitates the Apple Pay interface.

The attack leverages a well-known issue Ars has reported on in the past: iOS devices with Wi-Fi turned on will attempt by default to connect to any access point with a known SSID. Those SSIDs are broadcast by "probe" messages from the device whenever it's not connected to a network. A rogue access point could use a probe request capture to masquerade as a known network, and then throw up a pop-up screen masquerading as any web page or app.

The Wandera attack uses this behavior to get a mobile device to connect and then presents a pop-up portal page—the type usually used when connecting to a public WiFi service to present a Web-based login screen—that is designed to resemble an Apple Pay screen for entering credit card data. The attack could be launched by someone nearby a customer who has just completed or is conducting an Apple Pay transaction so that the user is fooled into believing Apple Pay itself is requesting that credit card data is reentered. An attacker could loiter near a point-of-sale system with an Apple Pay terminal and continuously launch the attack.

Read 4 remaining paragraphs | Comments

 
Linux Kernel 'fs/pipe.c' Multiple Local Memory Corruption Vulnerabilities
 
Apache Tomcat 'mod_jk' CVE-2014-8111 Information Disclosure Vulnerability
 
Cisco AnyConnect Secure Mobility Client CVE-2015-0761 Local Privilege Escalation Vulnerability
 

The Register

Infosec turns 20 to face battle with BSides, RSAC Unplugged
The Register
Infosec 2015 Infosec, the annual IT security trade show, wheeled out the rock stars of the Infosec world for its 20th anniversary this week. Bruce Schneier and John McAfee – the Paul McCartney and Keith Moon of the cybersecurity world – both keynoted ...

 

Without public notice or debate, the Obama administration has expanded the National Security Agency's warrantless surveillance of Americans' international Internet traffic to search for evidence of malicious computer hacking, according to classified NSA documents.

In mid-2012, Justice Department lawyers wrote two secret memos permitting the spy agency to begin hunting on Internet cables, without a warrant and on American soil, for data linked to computer intrusions originating abroad—including traffic that flows to suspicious Internet addresses or contains malware, the documents show.

Read 27 remaining paragraphs | Comments

 
Multiple Cisco Products CVE-2015-0744 Denial of Service Vulnerability
 
LinuxSecurity.com: Updated python27 collection packages that fix multiple security issues and several bugs are now available as part of Red Hat Software Collections 2. Red Hat Product Security has rated this update as having Moderate security [More...]
 
LinuxSecurity.com: Updated thermostat1 collection packages that fix one security issue, several bugs, and add various enhancements are now available as part of Red Hat Software Collections 2. [More...]
 
LinuxSecurity.com: Updated php54 collection packages that fix multiple security issues and several bugs are now available as part of Red Hat Software Collections 2. Red Hat Product Security has rated this update as having Moderate security [More...]
 
LinuxSecurity.com: Updated php55 collection packages that fix multiple security issues and several bugs are now available as part of Red Hat Software Collections 2. Red Hat Product Security has rated this update as having Moderate security [More...]
 
LinuxSecurity.com: Security Report Summary
 
LinuxSecurity.com: t1utils could be made to crash or run programs as your login if itopened a specially crafted file.
 
LinuxSecurity.com: Qt could be made to crash or run programs as your login if it opened aspecially crafted file.
 
LinuxSecurity.com: An updated virtio-win package that fixes one security issue and two bugs is now available for Red Hat Enterprise Linux 7 Supplementary. Red Hat Product Security has rated this update as having Important security [More...]
 
LinuxSecurity.com: An updated virtio-win package that fixes one security issue and two bugs is now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having Important security [More...]
 
LinuxSecurity.com: Security Report Summary
 
LinuxSecurity.com: Security Report Summary
 
LinuxSecurity.com: Updated kernel packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Important security [More...]
 

Posted by InfoSec News on Jun 04

http://www.theguardian.com/technology/2015/jun/04/hackers-extorted-multinational-firm-in-australia-and-threatened-employee

By Joshua Robertson
The Guardian
3 June 2015

Hackers extorted an international company based in Brisbane for a ransom
paid out in bitcoin but then escalated their demands by threatening online
attacks on a senior employee’s child, Queensland police have said.

The company, which police refused to identify, paid the...
 

Posted by InfoSec News on Jun 04

http://www.theregister.co.uk/2015/06/04/security_sleuths_sniff_out_the_stupid_from_your_oracle_dbs/

By Darren Pauli
The Register
4 Jun 2015

Databases remain a security nightmare, says Datacom TSS hacker David
Litchfield, so he's built an application to give admins a hand.

The Datacom TSS hacker says the Database Security Scorecard will help
inform system administrators of security shortfalls in databases and help
bridge the language...
 

Posted by InfoSec News on Jun 04

http://www.v3.co.uk/v3-uk/news/2411419/fbi-europol-and-nca-gunning-for-top-200-black-hats-making-exploit-kits-for-criminals

By Alastair Stevenson
V3.co.uk
03 Jun 2015

Law enforcement agencies need to mount a coordinated effort to shut down
the exploit developers and hosting sites powering organised crime,
according to experts from the FBI, Europol and the UK's National Crime
Agency (NCA).

The experts made the claim during a panel...
 

Posted by InfoSec News on Jun 04

http://www.csoonline.com/article/2928928/disaster-recovery/heartland-issues-breach-notification-letters-after-computer-theft.html

By Steve Ragan
Salted Hash
CSO Online
June 1, 2015

In a letter to the California Attorney General, Heartland Payment Systems
has disclosed a data breach impacting personal information. The letter
states that the data exposure is the result of a break-in at one of their
offices, which included stolen computers....
 
Internet Storm Center Infocon Status