Hackin9

InfoSec News

Apple has asked a court in California for a preliminary injunction against Samsung's Galaxy S III smartphone, ahead of its U.S. launch, claiming the device infringes at least two of its patents.
 
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
Facebook is conducting a massive user referendum this week, asking its 900 million-plus users to approve or reject changes to its privacy policy that it first proposed on May 13.
 
Oracle CEO Larry Ellison declared the company is ready to offer "the most comprehensive cloud on the planet Earth," during a webcast event on Wednesday.
 
Oracle CEO Larry Ellison declared the company is ready to offer "the most comprehensive cloud on the planet Earth," during a webcast event on Wednesday.
 
Real Networks RealPlayer CVE-2012-0926 Remote Code Execution Vulnerability
 
Mozilla Firefox, SeaMonkey, and Thunderbird CVE-2012-1947 Heap Buffer Overflow Vulnerability
 
Mozilla Firefox/Thunderbird/SeaMonkey '.lnk' Files Information Disclosure Vulnerability
 
Mozilla Firefox/Thunderbird/SeaMonkey Use-After-Free Remote Code Execution Vulnerability
 
Mozilla Firefox, SeaMonkey, and Thunderbird CVE-2012-1940 Use After Free Vulnerability
 
After years of battling Linux as a competitive threat, Microsoft is now offering Linux-based operating systems on its Windows Azure cloud service.
 
In response to widespread reports of a massive data breach at social networking site LinkedIn, the company Wednesday confirmed that passwords belonging to "some" of its members have been compromised.
 
Microsoft today announced it will issue an update to its Windows Update to prevent copy-cat hackers from duplicating Flame's feat of infecting fully-patched PCs by faking the service.
 
Latest cyberwarfare news on Flame, Stuxnet, Duqu and more.
 
A new report from IHS iSuppli states that drive prices that skyrocketed after flooding in Thailand will remain high for the next couple of years.
 
Finding developers with the skills to create MapReduce jobs in Apache Hadoop is challenging, but you can ease that hiring pain with Cascading, an open source Java application framework for building enterprise Big Data applications on Hadoop.
 
After a year of testing the software in beta, Red Hat Wednesday launched its hybrid cloud management software, called CloudForms.
 
A judge in Massachusetts ordered a teen driver to one year in a county correctional center for texting while driving that led to a fatal crash.
 
Web services, VoIP and other technology may have turned any place with an Internet connection into an office, but a range of factors contribute to how enterprise telecommuting policies are developed and who should untether from the traditional workplace, said IT executives and staffing professionals.
 
With the big release of Microsoft's Windows 8 operating system fast approaching, the war of words between Intel and ARM has become more heated as the rivals gear up for the release of new touch-based devices with their processors.
 
Professional social networking service LinkedIn today said it is looking into reports that hackers have broken into its systems and accessed the usernames and hashed passwords of the social network's 6.5 million members.
 
It is illegal for U.S. employers to issue broadbased prohibitions of employee discussions about their workplaces on social media, according to a new memo from the acting general counsel of the U.S. National Labor Relations Board.
 
A hacker yesterday claimed to have broken into a personal email account linked to GOP presidential candidate Mitt Romney by answering 'secret' password-reset questions.
 
A majority of U.S. consumers say online shopping is their "overall favorite" way to shop, according to Nielsenwire, and it is also the easiest and most convenient.
 
More than 6 million passwords may have been stolen from the servers of social network LinkedIn and posted to a Russian hacking forum.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google
 

NetClarity Hires Cisco Sales Veteran Tom Hewett as Vice President of Sales for ...
Albany Times Union
NetClarity, Inc., the leading provider of Next Generation Network Access Control (NAC) technology in the marketplace, on the heels of receiving the “Most Innovative New Security Product for 2012” award from InfoSec Products Guide, today announces ...

and more »
 
Microsoft needs to drop the Windows name from its new consumer products, such as Windows RT tablets and smartphones, an industry analyst said.
 
Professional social networking service LinkedIn today said it is looking into reports that hackers have broken into its systems and accessed the usernames and hashed passwords of the social network's 6.5 million members.
 
Mozilla Firefox/Thunderbird/SeaMonkey CSP's Inline-Script Blocking Feature Security Bypass Weakness
 
Mozilla Firefox, SeaMonkey, and Thunderbird CVE-2012-1941 Heap Buffer Overflow Vulnerability
 
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-1939 Memory Corruption Vulnerability
 
The Internet's biggest players -- including Facebook, Google, Yahoo and Bing -- are turning on IPv6 today as part of the World IPv6 Launch Day challenge coordinated by the Internet Society. But which websites are not ready to support the next-gen Internet Protocol?
 
[SECURITY] [DSA 2486-1] bind9 security update
 
Reports originally surfaced in Norway overnight that about 6.5 million unsalted SHA-1 password hashes had been posted to a Russian site with a request for assistance in cracking them. Several highly trusted security researchers have confirmed that the hashes posted include those of passwords they use exclusively on LinkedIn. There are no usernames associated with the hashes and a number of us have confirmed that our passwords are NOTincluded, but this seems serious enough to merit a recommendation that LinkedIn users change their passwords. The folks from LinkedIn have posted to twitter that they are investigating and further information will be forthcoming.
Update: (2012-06-06 20:00 UTC--JC) Okay, some have asked if we have recommendations. Other than change your password now and don't use the same password on multiple accounts, all we can really recommend at the moment is wait and see. LinkedIn is reporting they see no evidence of a breach at the moment, but the investigation is still pretty early (in my opinion). Once you've changed this password (and the passwords on any other accounts where you used this one), wait for a while. Once we figure out what happened here, you'll probably need to change it again. We'll save a rehash of password policies and the secure handling of passwords within databases and applications for a future diary. In the meantime, I'm adding a few links to some other password-related diaries we've done that seem appropriate to review today
Update 2: (2012-06-06 20:10 UTC--JC) No sooner do Ido the previous update then Idiscover an official response from LinkedIn.
References:
http://blog.linkedin.com/2012/06/06/linkedin-member-passwords-compromised/
http://thenextweb.com/socialmedia/2012/06/06/bad-day-for-linkedin-6-5-million-hashed-passwords-reportedly-leaked-change-yours-now/
Also see @thorsheim on twitter.


Some previous password diaries that might be of interest:
Critical Control 11: Account Monitoring and Control
Theoretical and Practical Password Entropy
An Impromptu Lesson on Passwords
Password Rules:Change them every 25 years (or when you know the target has been compromised)
I'm sure I've missed a couple of good ones, but these are a decent place to start --JC
---------------

Jim Clausing, GIAC GSE #26

jclausing --at-- isc [dot] sans (dot) edu (c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
SQL injection in Serendipity
 
IBM AIX 'socketpair()' Local Denial of Service Vulnerability
 
The Internet Systems Consortium released a security advisory on Monday about a possible denial of service attack against BINDnamed DNSservers (which constitute the majority of name servers on the internet). The advisory states that the primary threat is against recursive name servers (the ones clients workstations/laptops/mobile devices point to to translate DNSnames into IPaddresses), though authoritative primary and secondary name servers could also be at risk if configured with experimental record types. While they were not aware, at the time, of any active exploitation of the vulnerability, the details had been discussed in public mailing lists. The vulnerability involves improper handling of certain requests with zero-length RDATA fields. From the description, it doesn't appear that the crafting of a packet that would trigger the vulnerability would be too difficult. The result would be either crashing the named daemon or disclosure of some unrelated contents of memory. Updates should be applied, especially to your recursive name servers, as soon as practical.
References:
http://www.isc.org/software/bind/advisories/cve-2012-1667
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1667
---------------

Jim Clausing, GIAC GSE #26

jclausing --at-- isc [dot] sans (dot) edu (c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
The Mozilla folks have released new versions of Firefox, Thunderbird, and Seamonkey and if you haven't already seen or been offered the update via the automatic updating mechanisms, you should soon. However, this time, push the issue and manually update, if it doesn't come automatically. The Mozilla Foundation released a security advisory yesterday regarding a privilege escalation vulnerability introduced by the new updater service (yes, I'm sure they realize the irony there) introduced in the last release. Bottom line, make sure you update from Firefox/Thunderbird 12 to 13 (and Seamonkey 2.9 to 2.10) ASAP
References:
http://www.mozilla.org/security/announce/2012/mfsa2012-35.html
---------------

Jim Clausing, GIAC GSE #26

jclausing --at-- isc [dot] sans (dot) edu (c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
Chipsets that integrate the upcoming 802.11ac wireless standard and Bluetooth 4.0 are being demonstrated by Qualcomm Atheros at the Computex show in Taipei this week.
 
AT&T said the HTC One X smartphone will go on sale at its stores Sunday for $199.99 and a two-year service plan, ending a two week delay caused by a U.S. Customs review of shipments.
 
A flood of mobile devices into the enterprise is exhausting available licenses for mobile-device security. But there are great options available today that didn't exist two years ago.
 
Overview
In honor of IPv6 Day today, Wednesday June 6, 2012, we'll review all the IPv6 features on the ISC website and more! Have you tested your network on IPv6? Need to learn more about IPv6 implementation? All that and more covered in this feature!
Features
IPv6 Diaries and Videos

https://isc.sans.edu/tag.html?tag=ipv6 - Here you will find a list of many IPv6 related diaries written by various handlers
https://isc.sans.edu/ipv6videos/ - This page has an abundance of IPv6 videos embedded

IPv6 / IPv4 Conversion and Analysis - https://isc.sans.edu/tools/ipv6.html

Summary Information - Explination and ipv6test box
IP Entry Form - Enter an ipv4 IP and you get a table with numerous conversions.
How to Translate Teredo IPv6 addresses

For more information about IPv6:

http://www.ipv6day.org/
http://www.worldipv6day.org/
http://ipv6ready.org/
http://www.ipv6actnow.org/
http://www.kame.net/ - do you see the dancing turtle!


Learn more about IPv6

SANS IPv6 Summit! Friday, July 6, 2012 http://www.sans.org/ipv6-summit-2012/

IPv6 Essentials SEC546 July 7-8, 2012 at SANSFIRE 2012 http://www.sans.org/sansfire-2012/description.php?tid=5086

Security 546 IPv6 Essentials description and events https://www.sans.org/security-training/ipv6-essentials-1022-mid


Post suggestions or comments in the section below or send us any questions or comments in the contact form on https://isc.sans.edu/contact.html#contact-form
--

Adam Swanger, Web Developer (GWEB, GWAPT)

Internet Storm Center https://isc.sans.edu (c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
IDC projects that shipments of Windows Phone will displace Apple iOS to become the number two OS running smartphones in 2016.
 
The websites of Indian government-run communications company Mahanagar Telephone Nigam and the Internet Service Providers Association of India faced DDoS (distributed denial of service) attacks from Anonymous on Wednesday as some Internet service providers continue to block file-sharing websites following a court order.
 
Nokia has launched three new advanced feature phones with touchscreens offering a "smartphone-like" experience, the company said on Wednesday.
 
An upcoming Google TV box based on Android 4.0 OS and an ARM processor will come closer to smartphones and tablets with the capability to play direct movie streams from Android 4.0 mobile devices, a set-top box maker said on Wednesday at the Computex trade show in Taipei.
 
Advanced Micro Devices showed off a Windows 8 tablet-laptop hybrid running AMD A-series chips code-named Trinity, taking direct aim at Intel's effort to sell touchscreen ultrabooks running on Ivy Bridge processors.
 
The TennRich Internationalvphone doesn't have a charging port, or any ports at all -- and has no screen.
 
Yahoo said it will roll out globally this week a new antispam specification intended to make it easier for service providers to confidently discard suspicious email messages.
 
Monitoring services from Boundary, Circonus, and Librato combine simple setup and richly different capabilities
 
The first tablets based on the Nvidia Kai platform, which is being built to enable quad-core, 7-inch Android devices for around $200, will be announced in the second half of the year, an Nvidia executive said this week.
 
Forward-thinking tech execs are learning how to stop worrying and love the gadget, lest their business units attempt an end-run around IT. Insider (registration required)
 
Microsoft has partnered with Taiwan's Quanta Computer to design a Windows-based system that aims to get business customers up and running quickly on a private cloud.
 
Consumers who buy a new PC between now and Jan. 31 can pay US$14.99 for an upgrade to Windows 8, the next version of Microsoft's PC operating, Microsoft announced Wednesday.
 
Bigware Shop 'main_bigware_54.php' SQL Injection Vulnerability
 
Internet Storm Center Infocon Status