InfoSec News

Sprint Nextel turned down bids from ZTE and Huawei Technologies because of U.S. government concerns over possible dangers to national security from the Chinese vendors building critical infrastructure in the U.S., the Wall Street Journal reported on Friday.
 
Mark Hurd may have tipped off former contractor Jodie Fisher about Hewlett-Packard's pending $13.9 billion EDS acquisition, according to a report in the Wall Street Journal Friday.
 
Cisco CiscoWorks Common Services Web Server Module Buffer Overflow Vulnerability
 
OpenLDAP X.509 Certificate NULL Character Certificate Validation Security Bypass Vulnerability
 
Adobe Flash Player CVE-2010-3639 Remote Denial of Service Vulnerability
 
OpenOffice Python Scripting IDE Remote Code Execution Vulnerability
 
OpenOffice Impress File Multiple Buffer Overflow Vulnerabilities
 
OpenOffice VBA Macro Restrictions Remote Security Bypass Vulnerability
 
OpenOffice Prior to 3.2 Multiple Remote Code Execution Vulnerabilities
 
An FBI agent has been in the courtroom each day this week watching the Oracle-SAP trial, suggesting U.S. law enforcement continues to take an interest in the case.
 
Oracle's lawsuit against SAP, alleging intellectual-property theft by SAP's former subsidiary TomorrowNow, went to trial this week, garnering daily headlines out of the U.S. District Court in Oakland, California. Otherwise, as is so often the case, security-related stories captured interest, and the U.S. midterm elections provoked questions about network neutrality's future, among other issues.
 
Computerworld Premier 100 Leader Jinx Walton also answers questions on the job market and leveraging an MBA.
 
The Black Hat security conference will kick off in Abu Dhabi on Monday with new information revealed about the Stuxnet malicious software program along with other cutting-edge research.
 
The U.S. Federal Communications Commission should allow for an open Internet separate from specialized services that may prioritize IP traffic, a group of Internet and technology pioneers said.
 
Dell is moving its 25,000 employees from BlackBerrys to its own Windows Phone 7-based smartphone as the company prepares to offer a service that enables customers to make the same switch, Dell confirmed Friday.
 
Microsoft has released the source code for its F# open source functional programming language.
 
Pioneer RSS feed manager Bloglines will continue operating thanks to a last-minute agreement from MerchantCircle to take over operation of the service from Ask.com.
 
RETIRED: Adobe Flash Player APSB10-26 Multiple Remote Vulnerabilities
 
While overall pay for information security certs has dropped for the first time since 2006, an infosec salary expert says that doesn't mean demand for certified security pros is waning.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google
 
An article has been posted about how bots can implement a false admin interface to lure security researchers in. It goes on to describe how essentially it is a honeypot that allows the botmaster to gather information about how others try to hack their botnet.



Interesting reading: http://www.boingboing.net/2010/11/05/botmasters-include-f.html
Cheers,

Adrien de Beaupr

EWA-Canada.com (c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
 

Rare pay drop for information security certifications, but skills in demand
SearchSecurity.com
Pay may be down for information security certifications, but infosec pros shouldn't panic just yet. ...

and more »
 
Mark Gibbs marvels at HTML5 browsers, learns what the mystery hardware is, and revisits Wi-Fi router firmware.
 
Lumber Liquidators is attributing a weak third quarter to a complex SAP implementation, saying the project imposed a significant drain on worker productivity.
 
Final liftoff of the space shuttle Discovery was postponed for a fourth time due to a hydrogen leak.
 
Pixel Qi is preparing a seven-in., power-saving display for devices like tablets and e-readers, which could become available as test samples during the Consumer Electronics Show in early January, the company said.
 
Apple has said it will stop selling its Xserve rack servers early next year, killing a product that has traditionally sold in low quantities.
 
A Kaiser Permanente study involving almost 800,000 patients showed that targeted electronic alerts to doctors about specific medical conditions can reduce the number of tests they order.
 
Daves99 asked the Office & Business Software forum how to insert file names into a worksheet or document.
 
Angel LMS Exploit
 
Re: [Full-disclosure] Joomla 1.5.21 | Potential SQL Injection Flaws
 
Python FTP server library (pyftpdlib) 'ftpserver.py' File Multiple Security Vulnerabilities
 
Dell is getting ready to move its 25,000 employees from BlackBerrys to its own Windows Phone 7-based smartphone, in preparation to the launch of its own migration service, The Wall Street Journal reported on Friday.
 
[FG-VD-10-020]Adobe Flash Player Remote Memory corruption Vulnerability
 
ASPR #2010-11-05-01: Remote Binary Planting in Adobe Flash Player
 
Wargame Qualifications - Win a car !!!
 
Common consumer routers password disclosure
 
In a candid discussion, brand-new CEO Mike Borman lays out his plans for WAN and network security vendor Blue Coat
 
Research In Motion's (RIM) free BlackBerry Enterprise Server (BES) Express software should become available today to organizations that employ IBM's Lotus Domino mail server and associated infrastructure, according to the BlackBerry-maker. BES Express is a no-cost, "slimmed down" version of RIM's full BES with many of the same security safeguards and mobile connectivity options, but fewer IT control policies for corporate BlackBerry administrators.
 
A computer security researcher says he released code Thursday that could be used to attack some versions of Google's Android phones over the Internet.
 
Horde Application Framework 'icon_browser.php' Cross-Site Scripting Vulnerability
 
pam-xauth Local Privilege Escalation Vulnerability
 
Google is facing fresh complaints over Street View in Germany, after technical problems caused some properties to be visible rather than blurred in a preview of the service launched earlier this week.
 
In another high-profile departure, Michael Kirwan, formerly CIO of Yahoo, has left the company.
 
GNUCash 'LD_LIBRARY_PATH' Local Privilege Escalation Vulnerability
 
Xpdf 'FoFiType1::parse()' Array Indexing Error Vulnerability
 
The Japanese government was scrambling on Friday to find out how videos of an altercation between a Chinese fishing trawler and the Japan Coast Guard ended up on YouTube. Its appearance marked the second time this week that sensitive government information was leaked on to the Internet.
 
Microsoft this week began offering U.S. customers its free antivirus program via Windows' built-in update service, a move one major security firm said may be anticompetitive.
 
Now that LTE and WiMax officially are not 4G, use of that heavily advertised term is a free-for-all -- at least until it comes time to name the next wave of mobile networks.
 
A free app called Tango is challenging Apple's FaceTime and Android's Qik by offering video chat on a variety of hardware and software platforms.
 
Webkit Floating Point Datatype Remote Code Execution Vulnerability
 
InfoSec News: Europe attacks itself in cyber-warfare test: http://www.theregister.co.uk/2010/11/04/europe_cyber_test_lives/
By John Oates The Register 4th November 2010
Security experts are launching fake cyber-attacks against various European institutions today to check the response of European cyber defence. [...]
 
InfoSec News: Firm finds security holes in mobile bank apps: http://news.cnet.com/8301-27080_3-20021874-245.html
By Elinor Mills InSecurity Complex CNet News November 4, 2010
A security firm disclosed holes today in mobile apps from Bank of America, USAA, Chase, Wells Fargo and TD Ameritrade, prompting a scramble by most of the companies to update the apps.
"Since Monday (11/01/2010), we have been communicating and coordinating with the financial institutions to eliminate the flaws," research firm viaForensics wrote in a post on its site. "The findings we published reflect testing completed on 11/03/2010. Since that time, several of the institutions have released new versions and we will post updated findings shortly."
The company had reported its findings to The Wall Street Journal earlier in the day. Yesterday, viaForensics went public with problems in PayPal's iPhone app, spurring the online payment provider to action.
Specifically, viaForensics concluded that: the USAA's Android app stored copies of Web pages a user visited on the phone; TD Ameritrade's iPhone and Android apps were storing the user name in plain text on the phone; Wells Fargo's Android app stored user name, password, and account data in plain text on the phone; Bank of America's Android app saves a security question (used if a user was accessing the site from an unrecognized device) in plain text on the phone; and Chase's iPhone app stores the username on a phone if the user chose that option, according to the report.
[...]
 
InfoSec News: MPD antiterrorism file leak traced to Luxembourg server: http://mdn.mainichi.jp/mdnnews/news/20101103p2a00m0na011000c.html
Mainichi Japan November 3, 2010
Internal information about the Tokyo police's anti-terrorism activities found circulating online was leaked via a server in Luxembourg, investigative sources have revealed, raising the possibility that there was intent to disguise the source of the leak.
Furthermore, there have been no signs that computers at the Metropolitan Police Department (MPD) were infected with a virus via a file-sharing program, increasing the likelihood that the data was leaked intentionally. Those involved in the case say that it will be difficult to trace the leak.
According to investigators and experts, records of the leak -- which took place via the file-sharing program Winny -- showed that the information had been uploaded onto the Internet via a server in Luxembourg. Experts say that when computers in Japan are infected with a virus, the source of the virus is usually traced to a domestic server. The MPD is currently trying to trace the original server used to upload the leaked information.
The MPD has found 114 documents online, which include information on people believed to be cooperating with terrorism investigations and those who are under investigation. Of these, 108 documents were in PDF format.
[...]
 
InfoSec News: Burma Taken Off-Net By Cyber Attack: http://www.eweekeurope.co.uk/news/myanmar-taken-off-net-by-cyber-attack-11113
By Peter Judge eWEEK Europe November 4, 2010
The Asian nation of Myanmar, still widely known as Burma, has been virtually taken of the Net by a sustained attack of unknonw origin. [...]
 
InfoSec News: Metasploit and SCADA exploits: dawn of a new era?: http://www.zdnet.com/blog/security/metasploit-and-scada-exploits-dawn-of-a-new-era/7672
By Ryan Naraine Zero Day ZDNet News November 4, 2010
Guest editorial by Shawn Merdinger
On 18 October, 2010 a significant event occurred concerning threats to [...]
 
InfoSec News: Hacker Attacks on Cheong Wa Dae on the Rise: http://english.chosun.com/site/data/html_dir/2010/11/04/2010110401076.html
The Chosum Ilbo Nov. 04, 2010
Cyber attacks targeting the computers of Cheong Wa Dae officials are increasing as the G20 Summit in Seoul approaches, officials say. Even the home computers of senior Cheong Wa Dae officials have apparently become targets.
Officials believe North Korean hackers based in China are behind the attacks. "North Korean hackers are increasingly accessing the website of the G20 Summit preparatory committee," said one Cheong Wa Dae official. "They appear to be gathering data of lower importance, but we are keeping our eyes open for any sudden moves."
As the hacking attempts intensify, officials are changing their computers every six months, and security officials at the presidential office are having their cars screened every month for bugs planted by North Korean agents.
According to the National Intelligence Service, North Korea has a 1,000-strong hacker unit. There have been 9,200 hacking attempts targeting the computers of the G20 Summit preparatory committee and other government agencies this year. Since June, the government has been running a special cyber defense team to prevent attacks against major private and public computer networks.
[...]
 
InfoSec News: Secunia Weekly Summary - Issue: 2010-44: ========================================================================
The Secunia Weekly Advisory Summary 2010-10-28 - 2010-11-04
This week: 78 advisories [...]
 

Posted by InfoSec News on Nov 04

========================================================================

The Secunia Weekly Advisory Summary
2010-10-28 - 2010-11-04

This week: 78 advisories

========================================================================
Table of Contents:

1.....................................................Word From...
 

Posted by InfoSec News on Nov 04

http://www.theregister.co.uk/2010/11/04/europe_cyber_test_lives/

By John Oates
The Register
4th November 2010

Security experts are launching fake cyber-attacks against various
European institutions today to check the response of European cyber
defence.

The simulated attack aims to cut or interfere with internet connections
between European countries, forcing member states to cooperate in order
to stop a complete network collapse.

The...
 

Posted by InfoSec News on Nov 04

http://news.cnet.com/8301-27080_3-20021874-245.html

By Elinor Mills
InSecurity Complex
CNet News
November 4, 2010

A security firm disclosed holes today in mobile apps from Bank of
America, USAA, Chase, Wells Fargo and TD Ameritrade, prompting a
scramble by most of the companies to update the apps.

"Since Monday (11/01/2010), we have been communicating and coordinating
with the financial institutions to eliminate the flaws,"...
 

Posted by InfoSec News on Nov 04

http://mdn.mainichi.jp/mdnnews/news/20101103p2a00m0na011000c.html

Mainichi Japan
November 3, 2010

Internal information about the Tokyo police's anti-terrorism activities
found circulating online was leaked via a server in Luxembourg,
investigative sources have revealed, raising the possibility that there
was intent to disguise the source of the leak.

Furthermore, there have been no signs that computers at the Metropolitan
Police Department...
 

Posted by InfoSec News on Nov 04

http://www.eweekeurope.co.uk/news/myanmar-taken-off-net-by-cyber-attack-11113

By Peter Judge
eWEEK Europe
November 4, 2010

The Asian nation of Myanmar, still widely known as Burma, has been
virtually taken of the Net by a sustained attack of unknonw origin.

Acording to analysis by Arbor Networks the cyber-warfare attack, which
centred on the main Myanmar internet provider, the state-owned Ministry
of Post and Telecommunications (PTT), has...
 

Posted by InfoSec News on Nov 04

http://www.zdnet.com/blog/security/metasploit-and-scada-exploits-dawn-of-a-new-era/7672

By Ryan Naraine
Zero Day
ZDNet News
November 4, 2010

Guest editorial by Shawn Merdinger

On 18 October, 2010 a significant event occurred concerning threats to
SCADA (supervisory control and data acquisition) environments.

That event is the addition of a zero-day exploit for the RealFlex
RealWin SCADA software product into the Metasploit repository....
 

Posted by InfoSec News on Nov 04

http://english.chosun.com/site/data/html_dir/2010/11/04/2010110401076.html

The Chosum Ilbo
Nov. 04, 2010

Cyber attacks targeting the computers of Cheong Wa Dae officials are
increasing as the G20 Summit in Seoul approaches, officials say. Even
the home computers of senior Cheong Wa Dae officials have apparently
become targets.

Officials believe North Korean hackers based in China are behind the
attacks. "North Korean hackers are...
 


Internet Storm Center Infocon Status