Hackin9
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 

LAS VEGAS—Google and its Android partners on Wednesday started distributing a fix for a vulnerability that could cause millions of phones to execute malicious code when they're sent a malformed text message or the user is lured to a malicious website.

The flaw in an Android code library known as Stagefright was disclosed last week, several months after security researchers privately reported it to engineers responsible for Google's Android operating system. Google engineers, in turn, have introduced changes to the Android text messaging app Messenger. The changes mitigate the threat by requiring users to click on videos before playing them.

Google began pushing out the updated app and other unspecified safeguards to Nexus devices and will be releasing them in open source later in the day, once full vulnerability details are disclosed. Google already sent the fix to hardware partners, and according to the Android Police news site, both Sprint and Samsung have started pushing out the updates. Updated handsets include the Nexus 5 and Nexus 6, the Galaxy S5, S6, S6 Edge, and Note Edge, the HTC One M7, One M8, One M9; LG Electronics G2, G3, G4; Sony Xperia Z2, Xperia Z3, Xperia Z4, Xperia Z3 Compact; and the Android One.

Read 3 remaining paragraphs | Comments

 

LAS VEGAS—Today at the Black Hat information security conference, Dell SecureWorks researchers unveiled a report on a newly detected hacking group that has targeted companies around the world while stealing massive amounts of industrial data. The majority of the targets of the hacking group were in the automotive, electronic, aerospace, energy, and pharmaceutical industries. The group, believed to be based in China, has also targeted defense contractors, colleges and universities, law firms, and political organizations—including organizations related to Chinese minority ethnic groups.

Designated as Threat Group 3390 and nicknamed "Emissary Panda" by researchers, the hacking group has compromised victims' networks largely through "watering hole" attacks launched from over 100 compromised legitimate websites, sites picked because they were known to be frequented by those targeted in the attack.

At least 50 organizations in those industries in the US and the United Kingdom had data stolen by members of Emissary Panda. Sites targeted included the website of the Embassy of the Russian Federation in the US (as well as those of other embassies and non-governmental organizations); government agency websites around the world; manufacturing companies, many of whom were suppliers to defense contractors; and the Spanish defense manufacturer Amper. A cultural site for the Chinese Uyghur ethnic group was also used, apparently to target members of the Muslim minority for surveillance.

Read 3 remaining paragraphs | Comments

 
[security bulletin] HPSBUX03388 SSRT102180 rev.1 - HP-UX running OpenSSL, Remote Disclosure of Information
 
Re: [FD] Mozilla extensions: a security nightmare
 
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
Re: [FD] Mozilla extensions: a security nightmare
 
The National Institute of Standards and Technology (NIST) has released the final version of its 'Secure Hash Algorithm-3' standard, a next-generation tool for securing the integrity of electronic information. Nine years in the making, ...
 

Crowdsourced InfoSec Budgeting Tool Available Free to Peerlyst Users
SYS-CON Media (press release)
SAN FRANCISCO, CA -- (Marketwired) -- 08/05/15 -- Peerlyst, the preeminent information security community, is today pleased to announce PeerSource Budget™. The crowdsourced free tool gives InfoSec professionals, for the first time, a flexible and ...

 
LinuxSecurity.com: Updated java-1.5.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6 Supplementary. Red Hat Product Security has rated this update as having Important security [More...]
 
LinuxSecurity.com: Updated node.js packages that fix one security issue are now available for Red Hat OpenShift Enterprise 2.1. Red Hat Product Security has rated this update as having Important security [More...]
 
LinuxSecurity.com: Updated node.js packages that fix one security issue are now available for Red Hat OpenShift Enterprise 2.0. Red Hat Product Security has rated this update as having Important security [More...]
 
LinuxSecurity.com: Several security issues were fixed in Oxide.
 
LinuxSecurity.com: Security Report Summary
 
SEC Consult SA-20150805-0 :: Websense Content Gateway Stack Buffer Overflow in handle_debug_network
 

The Register

I could spoof Globalstar satellite messages, boasts infosec bod
The Register
Black Hat 2015 Intercepting and spoofing satellite communications carried over the Globalstar network is possible with modest technical skills and an investment of just $1,000, according to new research due to be unveiled at Black Hat. Globalstar is ...

and more »
 
Internet Storm Center Infocon Status