Hackin9
Typo Products, the start-up being sued by BlackBerry over an iPhone keyboard add-on, has come out swinging against a demand that its product be taken off sale in the U.S.
 
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 

You might think that phone call might be unlikely, but as of this week it's built in and is likely happening right now.

I was poking around in the latest version of Sysinternals, and tripped over a new option.  You can now submit any running process in memory directly to Virustotal.  it's a simple right-click in the latest version of Process Explorer.

If that's not just the coolest thing!  If your AV product isn't triggering on a suspect process, you can now query all the AV engines without even having to find or upload the file - - assuming that a file that matches your process even exists - if you're in the midst of a security incident a suspect process might not have a matching file.

 

Sysinternals: http://technet.microsoft.com/en-us/sysinternals

VirusTotal: https://www.virustotal.com/

===============
Rob VandenBrink
Metafore

(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 

Today Microsoft published the advance notification for this months security bulletins. The bulletins will be published on February 11th (coming Tuesday) [1]. Again, we will have a pretty light patch day, with only 5 bulletins, and only 2 of these bulletins are considered critical.

Noteworthy: No Internet Explorer patches and no Office Patches. We will only see Windows Patches, a patch for .Net and a "Security Software" patch.  

Not part of the patch Tuesday, but still happening on the same day: Microsoft will no longer allow MD5 hashes for certificates. This may be difficult for some applications that haven't been changed over yet, even though Microsoft gave ample warning, and MD5 hashes have been shown to be badly broken for certificate signatures for a few years now. Just earlier today I ran into a brand new Axis, pretty expensive,  network camera that only allows the use of MD5 hashed certificate signatures.

 

[1] http://technet.microsoft.com/en-us/security/bulletin/ms14-feb

------
Johannes B. Ullrich, Ph.D.
SANS Technology Institute
Twitter

(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
Facebook marked its 10th year as a company on Tuesday and to celebrate, the social network offered its 1.2 billion users around the world a feature called Look Back movies, made up of photos and activities that users have shared.
 
The anointment of new CEO Satya Nadella has renewed calls by analysts that Microsoft free its profitable Office franchise from Windows and release full-featured versions for Android and iOS tablets.
 
Intel promoted five executives to the roles of corporate vice president as the chip maker expands its communications and manufacturing assets.
 
Google's agreement to end its three-year antitrust dispute with the European Union gives the company's search rivals a boost, but it's probably not enough to make a dent in Google's search engine dominance
 
Hurricanes, blizzards, floods, earthquakes, even mundane events like employees' car troubles or family obligations can disrupt your business and put a damper on productivity. Here's how to prepare your business and your personnel for working remotely.
 
More than 4,000 groups and websites have signed on to support a day of protest against U.S. National Security Agency surveillance programs, scheduled for Tuesday.
 
Microsoft's Dynamics ERP and CRM product lines seemed safe immediately following former CEO Steve Ballmer';s sweeping reorganization of the company last year. But now that longtime Microsoft executive Satya Nadella has been named Ballmer's successor, the time is ripe for more focused speculation on the future of Dynamics. Here's a look at what could be in store.
 
AlienVault OSSIM SQL Injection vulnerability
 
German Telekom Bug Bounty #11 - Remote SQL Injection Vulnerability
 
German Telekom Bug Bounty #10 - Arbitrary File Upload Vulnerability
 
German Telekom Bug Bounty #9 - Code Execution Vulnerability
 
A massive fire at Iron Mountain's Buenos Aires archive facility caused a wall to collapse on nine firefighters, killing them; seven others were injured.
 
LinuxSecurity.com: Multiple vulnerabilities have been found in stunnel, the worst of which may cause a Denial of Service condition.
 
LinuxSecurity.com: Several security issues were fixed in Pidgin.
 
LinuxSecurity.com: A vulnerability in Freeciv may allow a remote attacker to execute arbitrary code.
 
LinuxSecurity.com: Multiple vulnerabilities have been found in Adobe Flash Player, the worst of which could result in execution of arbitrary code.
 
LinuxSecurity.com: Perl could be made to run programs if it processed a specially craftedLocale::Maketext templates.
 
LinuxSecurity.com: Updated pidgin packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate [More...]
 
LinuxSecurity.com: Several security issues have been corrected in multiple demuxers and decoders of the libav multimedia library. The IDs mentioned above are just a portion of the security issues fixed in this update. A full list of the changes is available at [More...]
 
LinuxSecurity.com: Several issues have been discovered in mumble, a low latency VoIP client. The Common Vulnerabilities and Exposures project identifies the following issues: [More...]
 
LinuxSecurity.com: Pedro Ribeiro from Agile Information Security found a possible remote code execution on Horde3, a web application framework. Unsanitized variables are passed to the unserialize() PHP function. A remote attacker could specially-crafted one of those variables allowing her to load and [More...]
 
LinuxSecurity.com: An environment variable processing error has been reported in Banshee, possibly allowing local attacker to load a specially crafted shared library.
 
LinuxSecurity.com: An updated Adobe Flash Player package that fixes one security issue is now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical [More...]
 
LinuxSecurity.com: Updated java-1.7.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical [More...]
 
Freeciv Lua Runtime Environment Remote Command Execution Vulnerability
 
Inteno DG301 Command Injection
 
Multiple SQL Injection Vulnerabilities in AuraCMS
 
SQL Injection in doorGets CMS
 
Microsoft this week set Satya Nadella's annual base salary at $1.2 million, nearly twice his predecessor's but right on the average of CEOs in the tech industry, an executive compensation expert said today.
 
A lawsuit between patent licensing firm Intellectual Ventures and Motorola Mobility over aspects of Google's Android OS and several mobile phone features has ended in a mistrial.
 

New enterprise security business aims to revolutionise infosec
Computer Business Review
CSG International, a provider of interactive transaction-driven solutions and services, has launched CSG Invotas, a software and services business focused on enterprise security solutions. CSG Invotas offers CIOs and CISOs a "revolutionary approach" to ...

and more »
 
MuPDF 'xps_parse_color()' Function Stack Buffer Overflow Vulnerability
 
Mura CMS 'index.cfm' Authentication Bypass Vulnerability
 
When two parties are in conflict, they don't have to agree in order to respect and learn from each other's perspective.
 
The Syrian Electronic Army (SEA), a group of hackers that has hijacked other high-profile domain names, managed to change the domain registration information for Facebook.com, but failed to redirect the domain to a different server.
 
Typo Products, the start-up being sued by BlackBerry over an iPhone keyboard add-on, has come out swinging against a demand that its product be taken off sale in the U.S.
 
Sony will sell its struggling PC business to a Japanese investment firm, the company said Thursday, meaning the slick 'Vaio' brand could all but disappear from markets outside Japan.
 
New figures released by Twitter on Wednesday suggest the company may be struggling to keep its users engaged, but CEO Dick Costolo has outlined some ideas to make the service more inviting.
 
Google's proposed acquisition of Nest Labs has been cleared by U.S. antitrust regulators, possibly paving the way for an early closure of the transaction.
 
Google has named a top executive from its advertising business to become the new chief executive of its YouTube service.
 
Apple on Wednesday removed Blockchain, the last remaining application in its mobile store for transmitting bitcoins, signaling the continuing uncertainty around the virtual currency.
 
The inspector general of NASA has issued a report that's critical of both Hewlett-Packard and the space agency for messing up a plan to centralize management of the agency's end-user computing under a $2.5 billion outsourcing contract.
 
The massive data breach at Target last month may have resulted partly from the retailer's failure to properly segregate systems handling sensitive payment card data from the rest of its network.
 
Google runs its services from some of the biggest, most sophisticated data centers on the planet, but it wasn't always that way. Some of its top engineers have been reminiscing this week about the early days, when Google operated from a tiny server room down the hall from Altavista, and when Larry Page used to roll up his sleeves and fix its servers with a twist tie.
 
Google runs its services from some of the biggest, most sophisticated data centers on the planet, but it wasn't always that way. Some of its top engineers have been reminiscing this week about the early days, when Google operated from a tiny server room down the hall from Altavista, and when Larry Page used to roll up his sleeves and fix its servers with a twist tie.
 
FFmpeg and Libav Multiple Remote Security Vulnerabilities
 
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1481 Security Bypass Vulnerability
 

Posted by InfoSec News on Feb 06

http://krebsonsecurity.com/2014/02/target-hackers-broke-in-via-hvac-company/

By Brian Krebs
Krebs on Security
February 5, 2014

Last week, Target told reporters at The Wall Street Journal and Reuters
that the initial intrusion into its systems was traced back to network
credentials that were stolen from a third party vendor. Sources now tell
KrebsOnSecurity that the vendor in question was a refrigeration, heating
and air conditioning...
 
OpenStack Compute (Nova) CVE-2013-7130 Information Disclosure Vulnerability
 
ESA-2014-005: EMC Documentum Foundation Services (DFS) Content Access Vulnerability
 
Internet Storm Center Infocon Status