InfoSec News

(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
A sophisticated attack on the website security firm involved Google Apps, AT&T security problems.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google
Google began warning users today of its Gmail online email services when it suspects they may be targets of "state-sponsored" attacks.
Google began warning users today of its Gmail online email services when it suspects they may be targets of "state-sponsored" attacks.
Hewlett-Packard enterprise chief Ann Livermore was "furious and appalled" when she saw Oracle's announcement that it would end development for HP's Itanium server chips, she said in a San Jose, California, court on Tuesday.
This year there's a Summer Olympics, a European football contest, and a US presidential election. The Olympics return to London for the first time since 1948, the Euro Cup comes to Poland and Ukraine, and the US election hinges on only a few states as the USA still uses a colonial-era "electoral college" which supersedes the popular vote."
Jason Palmer has some pretty straightforward advice for executives looking to derive more value from technology: be a contrarian.
Mozilla Firefox SeaMonkey and Thunderbird CVE-2012-1943 Local Privilege Escalation Vulnerability
Today's IaaS (infrastructure as a service) cloud platforms allow customers to rent virtualized servers and storage on demand, typically by the hour. But in the future, such services could be sold in a much more efficient and granular manner, with specific resources, such as CPU cycles and memory, rented for just a few seconds, according to new research.
NetApp announced a significant refresh of its FAS2220 storage array, increasing performance by three times and memory six times for the same price as the previous version.
Total mobile smartphone and tablet subscriptions in North America reached 330 million in the first quarter of 2012, or about one-third the number in either China or India, Ericsson said in a 28-page report released Tuesday.
Hewlett-Packard enterprise chief Ann Livermore was "furious and appalled" when she saw Oracle's announcement that it would end development for HP's Itanium server chips, she said in a San Jose, California, court on Tuesday.
Hewlett-Packard kicked off its annual HP Discover user conference, being held in Las Vegas this week, with a number of new cloud computing offerings, emphasizing a single architecture that can be used across both in-house and public clouds.
With the latest update to its Apache Hadoop distribution, Cloudera has provided the possibility of using data processing algorithms beyond the customary MapReduce, the company announced Tuesday.
Facebook has started notifying victims of the DNSChanger malware who visit the social networking site that their computers will be cut off from the Internet on July 9, if they don't clean them until that time.
Facebook could be a has-been within a few years, according to one analyst. Others aren't as certain that will happen, but they agreed that how the company handles mobile users will be key to its fate.
The U.S. Federal Communications Commission will look into new regulations of middle-mile broadband connections used by many businesses and owned largely by AT&T and Verizon Communications, the agency said.
Mozilla today released Firefox 13, an upgrade that patched 13 vulnerabilities, including two critical flaws in the browser's update service.
The sophisticated cyber espionage malware known as 'Flame' was discovered after computers within Iran's energy industry were wiped clean of data. Does the Flame malware increase the odds of a cyberwar?
ISC BIND CVE-2012-1033 Security Bypass Vulnerability
ISC BIND 9 DNS Resource Records Handling Remote Denial of Service Vulnerability
Two lawmakers were quick to press Facebook about reports that the company may permit children younger than 13 to join the site.
SanDisk entered the growing marketplace for solid-state accelerator products with its own PCI Express card designed to boost the performance of workstations and servers used in data centers, server farms and cloud computing environments.
The Android malware scanner called Bouncer, which Google uses to scrutinize all apps uploaded to Google Play, can be easily bypassed, a pair of security researchers said on Monday.
AT the HP Discover user conference today, HP CEO Meg Whitman assured the audience that planned layoffs won't affect the company's overall resilience. But users remain concerned.
A near-record 81% of owners of Apple's newest iPad said that they were "very satisfied" with the tablet in a survey conducted by ChangeWave Research last month.
The overhaul to Windows Update is to follow Microsoft?s emergency update, revoking three fraudulent certificates that could be used in broad attacks.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google
Adobe Illustrator APSB12-10 Multiple Memory Corruption Vulnerabilities
Windows RT tablets could cost $500 to $700 -- too high to make them viable in a market filled with less expensive tablets, according to an IDC analyst .
Cisco Systems wants to make it easier for mobile operators to scale up the wired networks that their wireless systems feed into, so on Tuesday it is introducing a mobile aggregation switch with 10 times the capacity of its current product.
Former Hewlett-Packard enterprise business chief Ann Livermore recalled a close working relationship with Oracle co-President Safra Catz, and the moves by Oracle that eventually eroded the companies' partnership, in a Silicon Valley courthouse on Monday.
SQL injection in Bigware shop software
Sielco Sistemi Winlog Buffer Overflow <= v2.07.14
[ MDVSA-2012:087 ] nut
Arbitrary File Upload/Execution in Collabtive
libcrypt 'crypt()' Password Encryption Weakness
Cloud-based solutions are being offered for ensuring apps run on specific devices
Oracle announced Tuesday that it has agreed to buy social intelligence vendor Collective Intellect, which has technologies that allow companies to track and analyze the conversations their customers are having on social media websites.
Dell introduced on Tuesday a refreshed and expanded line of its Inspiron consumer notebooks, some of which have Intel's third generation Core processor, code-named Ivy Bridge.
Adobe released several security updates on Monday, addressing nine arbitrary code execution vulnerabilities that affect Adobe Photoshop and Adobe Illustrator CS5.x for Windows and Mac OS X.
Intel is open to bringing Microsoft's Windows Phone OS to smartphones based on its x86 chips, but only if it is commercially viable, the company said on Tuesday.
While Windows 8 devices are dominating this year's Computex show in Taipei, also present is Intel's newest mobile processor, codenamed Clover Trail, which is set to arrive later this year and could pave the pay for the U.S. chip maker to break into the tablet market.
Apple's bid to get a ban on sales in the U.S. of Samsung's Galaxy Tab 10.1 tablet has been delayed after a federal court in California said on Monday it could not rule right away on Apple's request for a preliminary injunction, while the matter is before an appeals court.
Samsung unveiled several new Windows devices on the opening day of Taipei's Computex show, including two tablets with attachable keyboards that are scheduled to arrive in markets in October.
Intel is seeking a reboot in the tablet market with its upcoming Atom Z2760 chips code-named Clover Trail, and 20 tablets are in the works with the new chips, the company said on Tuesday.
The consumerization of IT may well be leading to the consumerization of business processes. Here are four paths toward improved processes for a more mobile enterprise and a transformed user experience. (Insider; registration required)
Acer lost its direction in the past few years amid management, product and supply chain issues, but the company is working its way to get back on track, company president Jim Wong said.
Qualcomm gave reporters a chance to try out Windows RT on its Snapdragon S4 processor at the Computex trade show Wednesday, though there's still no word when Windows tablets on Qualcomm hardware will hit the market.
Intel provided a glimpse into the future of ultrabooks on Tuesday, saying the next big thing for the emerging class of thin and light laptops is natural interaction through sight, sound and touch.
ARM on Tuesday showed a server using its processors built by Taiwanese manufacturer MiTAC, which will join U.S. makers Dell and Hewlett-Packard in producing ARM-based servers.
Security researchers today published detailed information about how the Flame cyber-espionage malware spreads through a network by exploiting Microsoft's Windows Update mechanism.
Internet Storm Center Infocon Status