InfoSec News

The jury has reached a partial verdict in the copyright phase of Oracle's intellectual property dispute with Google, and the judge has given them one more day to try to resolve the remaining issue.
Most users of Facebook and Google had fundamental gaps in understanding, even after reading privacy policies, about how the websites handled their information and how other Web users could discover it, according to a study released by the digital branding firm Siegel+Gale.
The deadline to migrate email domains and websites hosted on the Microsoft Office Live Small Business (OLSB) online service suite passed on Monday, but customers continue to post a steady stream of complaints and problem reports, indicating that the number of businesses that haven't made the transition is considerable.
Asterisk Shell Command Execution Security Bypass Vulnerability
Asterisk Skinny Channel Driver Heap-Based Buffer Overflow Vulnerability
Adobe is addressing a zero-day flaw in Flash Player being used by cybercriminals in email attacks targeting Internet Explorer users.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google
ICCLIB CVE-2012-1616 Use-After-Free Remote Code Execution Vulnerability

eSecurity Planet

OpenX Plans Fix for Security Flaw
eSecurity Planet
"The first compromised systems were discovered by Infosec researcher Mark Baldwin, who found that attackers were exploiting a cross-site request forgery (CSRF) vulnerability to create a malicious 'openx-manager' account on affected systems and then ...
OpenX Promises Fix for Rogue Ads BugKrebs on Security

all 3 news articles »
Adobe released a critical patch for Flash Player addressing an object confusion vulnerability (CVE-2012-0779). If exploited, it could cause the application crash and potentially allow an attacker to take control of the system. The security bulletin is posted here and the update can be downloaded here.
Affected Software
- Windows, Macintosh and Linux version and earlier

- Android 4.x version and earlier

- Android 3.x and 2.x version and earlier
[1] http://www.adobe.com/support/security/bulletins/apsb12-09.html

[2] http://get.adobe.com/flashplayer/
Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu (c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
The National Institute of Standards and Technology (NIST) has extended until May 25, 2012, the comment period for the second draft of a publication intended to help federal departments and agencies better manage supply chain risks for ...

IBM Profiles The New CSO, Security Exec
Dark Reading
By Kelly Jackson Higgins CSOs and other senior information security executives have earned a higher profile in the business, but not all infosec leader positions are created equal, according to a new report released yesterday by IBM's Center for ...

and more »
Researchers were able to use diamond tipped tools to add pressure to a phase-change memory alloy and increase its data storing capacity, its performance and its ability to store data longer.
All the momentum and vision that Yahoo CEO Scott Thompson has been building for the struggling company may have been thrown off course.
Mine was originally a mixed marriage: I'm a Mac, my wife was a PC. Years ago, though, after yet another virus had rendered my beloved's Windows machine unusable, I insisted she switch. (She did so begrudgingly, but she's since become a contented Mac user.) I smoothed the transition by copying all of her old files from her Windows PC to her Mac, but some tracks from her iTunes library, for whatever reason, didn't made the leap.
Android malware being automatically distributed from hacked websites looks like it's being used to mask online purchases, and could be part of a fraud gang's new push into mobile, researchers said today.
Adobe today warned that hackers are exploiting a critical vulnerability in its popular Flash Player program, and issued an emergency update to patch the bug.
Oracle has asked a judge to bar Google from using some testimony given by former Sun Microsystems CEO Jonathan Schwartz in the companies' intellectual-property suit over the Android mobile OS, saying it has "no legal and factual predicate."
As the expected date of Facebook's long-awaited initial public offering nears, analysts and investors are taking a last, close look at the financial, legal and other details that could help or hurt what could be the biggest IPO in tech history.
Target plans to stop selling Kindle e-readers in its brock-and-mortar stores after seeing buyers test the devices in its showrooms only to later buy them online from Amazon.
GNU Common Internet File System (CIFS) setuid 'mount.cifs' Information Disclosure Vulnerability
Samba mount.cifs Local Security Bypass Vulnerability
We have launched some new data collection projects relatively recently in addition to the original DShield project. What happens to all that data being collected? When there appears to be enough data to publicly release, the reports will likely be linked to from our Reports page at https://isc.sans.edu/reports.html. You can get there by clicking Data/Reports or its sub-menu Summary Page on the top-right menu. We've highlighted some of these projects in past Features but let's list them all out here.
Data Collection - https://isc.sans.edu/reports.html#collect

This section was added recently as a central location to list new and existing data collection and reporting projects.

ISC/DShiled API - Click for previous feature diary coverage.
HTTP Headers - Project to find how many sites use security relevant headers. Read Jason Lam's diary on HTTP Headers.
404Project - Click for previous feature diary coverage.
Fake Call Tech Support Calls - Newly launched information collection form in response to understanding the growing number of cold-call Fake Tech Support Calls.

Top 10 Ports - https://isc.sans.edu/reports.html#top10ports

Summary table of the top 10 ports listed by Reports, Targets, Sources with link to Port Report Page at https://isc.sans.edu/portreport.html

Available on the ISC Dashboard.
Option on customization page once logged in.

World Map - https://isc.sans.edu/reports.html#worldmap

Graphics map of country statistics (This deserves more in-depth coverage in another feature diary...Stay Tuned!) with link to Country Report Page at https://isc.sans.edu/countryreport.html

Available on the ISC Dashboard.
Option on https://isc.sans.edu/customize.htmlisc.sans.edu/customize.html once logged in.
Available in the right column on the homepage.

Top Source IPs - https://isc.sans.edu/reports.html#top10source

Top 10 Source IPs as collected by DShield sensor listed with count, number of attacks, first seen and last seen with link to Top Sources Page at https://isc.sans.edu/sources.html

Available on the ISC Dashboard.
Option on customization page once logged in.

Additional Reports - https://isc.sans.edu/reports.html#additional

AS Reports - DShield data by ASN information
Country Reports - Dshield data by Country information
Survival Time - calculated as the average time between reports for an average target IP address
Trends of Ports - attempt to put a number to the increase in activity for a given port. Also available on the Dashboard and right column of the homepage.
Daily Data Volume (Submissions/day) - Summaries with graph, table and criteria form

Post suggestions or comments in the section below or send us any questions or comments in the contact form on https://isc.sans.edu/contact.html#contact-form


Adam Swanger, Web Developer (GWEB, GWAPT)

Internet Storm Center - https://isc.sans.edu
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

GovInfoSecurity.com (blog)

Why Fed CIOs Worry Most About Infosec
GovInfoSecurity.com (blog)
By Eric Chabrow, May 5, 2012. Organizations that don't treat information security as a fundamental component of their businesses will be handicapped in achieving their goals. The threat of breaches, not necessarily the intrusions themselves, ...

and more »

Infosecurity Europe 2012 Best Ever Event
The Data Center Journal
Business Information Security Officer for Citigroup adds his experience: “I've been to Infosec before and the reason I've come back today is because I want to see what developments are happening in the information security space.

Yahoo is said to have written to Facebook indicating that it believes that 16 patents it claims to hold "may be relevant" to open source technology allegedly being used in the data centers and servers of the social networking company, according to a regulatory filing by Facebook on Thursday.
[Ask the iTunes Guy is a regular column in which we answer your questions on everything iTunes related. If there's something you'd like to know, send an email to the iTunes Guy for consideration.]
Samsung Electronics will be allowed to challenge the validity of an Apple patent before a decision is made on whether Samsung has infringed the patent, the Regional Court in Mannheim, Germany ruled Friday.
LinkedIn is acquiring SlideShare, which allows its users to share presentations online, for $118.75 million as it tries to find new ways to make its site more useful, the company said.
[SECURITY] [DSA 2462-2] imagemagick regression update
VMware Backdoor Response Uninitialized Memory Potential VM Break
Re: DDIVRT-2011-39 SolarWinds Storage Manager Server SQL Injection Authentication Bypass

Posted by InfoSec News on May 04


By Maksim Bogodvid
RIA Novosti
May 3, 2012

Russia has climbed up the global spam rating and now ranks third
internationally and first in Europe, according to Symantec’s Internet
Security Threat Report.

The country’s ever-increasing hacker activity also took Russia up to
sixth place in the global Internet malware activity rating. Last year,
the country was tenth. Among the...

Posted by InfoSec News on May 04


By Kim Zetter
Threat Level
May 3, 2012

A top British codebreaker who died a mysterious death in his flat two
years ago had just returned from a computer security conference in the
United States before his death, according to information disclosed
during an inquest this week.

The body of Gareth Williams, a codebreaker with Britain’s MI6 spy
agency, was...

Posted by InfoSec News on May 04


By Andrew Lapin
May 3, 2012

Protecting government information from cyberattacks is the issue that
weighs most heavily on the minds of federal chief information officers,
according to a new survey.

One-fifth of respondents to the 22nd annual TechAmerica/Grant Thornton
LLP Federal CIO Survey mentioned cybersecurity as their top...

Posted by InfoSec News on May 04


By Loek Essers
03 May 2012

Hackers claimed to have breached the systems of the Belgian credit
provider Elantis and threatened to publish confidential customer
information if the bank does not pay €150,000 (£122,000) before Friday,
May 4, they said in a statement posted to Pastebin. Elantis confirmed
the data breach...

Posted by InfoSec News on May 04



LONDON - The website of Britain's Serious Organized Crime (SOCA), known
as British FBI, was attacked by hackers and forced to close down, a SOCA
spokesman said Thursday.

The distribution denial of service (DDoS) attacked the soca.gov.uk late
Wednesday, SOCA confirmed to BBC.

"We took action to limit the impact on other clients hosted by the...
VLC Media Player Multiple Remote Buffer Overflow Vulnerabilities

Despite increased infosec spending, breaches and frustration are on the rise
Infosecurity Magazine
The SANS Institute has released Version 3.0 of its 20 critical controls, a prioritized baseline of information security measures designed to provide monitoring of cyber threats aimed at government and commercial computers and networks.

and more »
McAfee Virtual Technician ActiveX Control 'GetObject()' Insecure Method Vulnerability
As China leads the world in smartphone shipments, top handset vendors are raising their stakes in the nation, and will likely bring more exclusive products and lower-end devices to the market, resulting in fierce competition, according to analysts.
Microsoft identified a Chinese security partner as the source of a leak last March in its highly restricted vulnerability information-sharing program.
Surging enterprise demand for big data tools that can manipulate and analyze massive volumes of structured and unstructured data has caught investor attention in a big way.
Researchers at UCLA have created a crowd-sourcing game that allows hundreds, even thousands of players to help diagnose malaria victims by viewing and choosing among dozens of microscopic images
PHP 'php-cgi' Information Disclosure Vulnerability
Yahoo said late Thursday that its board will review a discrepancy in the resume of its CEO, Scott Thompson, and "make an appropriate disclosure" to its shareholders.
Internet Storm Center Infocon Status