InfoSec News

Google has finally unveiled its Facebook rival, Google+. Here you'll find all the latest news, reviews, opinions and blogs about Google's bold move into the social networking space.
Network security expert Marcus Ranum explains why he believes cyberwarfare is only a tool for powerful nation states and discusses how Stuxnet supports his premise.

Add to digg Add to StumbleUpon Add to Add to Google
The software giant plans to issue four bulletins, one rated “critical” as part of its Patch Tuesday scheduled security updates.

Add to digg Add to StumbleUpon Add to Add to Google
A breach of the newspaper’s job site exposed 1.27 million usernames and email addresses.

Add to digg Add to StumbleUpon Add to Add to Google

Cybercrime just all too easy
Irish Times
Chuck Georgo, a security consultant with Team InfoSec, called for a Europe-wide information-sharing programme along the lines of the US's Infragard initiative. This kind of forum allows stakeholders running critical national infrastructure to exchange ...

and more »
Hewlett-Packard and Oracle continued to throw mud at each other in an ugly court battle over Oracle's decision to drop support for Itanium, in which each side has accused the other of publicity stunts and unwarranted secrecy.
After years of being accused of doing little to enforce HIPAAs security and privacy rules, the U.S. Department of Health and Human Services appears to be finally getting serious about cracking down on offenders.
Cisco Systems continued to build its enterprise video infrastructure on Thursday with the ECDS (Enterprise Content Delivery System), a software-hardware platform to ease video management and make distribution of video to remote locations more efficient.
Siemens launched a $20 iPad app for product lifecycle management in early April, and since then, at least two large companies have deployed the app on iPads to help their workers maintain large pieces of equipment and to perform field service calls.
Despite shifting release dates, Droid Bionic fans aren't giving up on what some say will be the first dual core phone to run on a Verizon LTE network.

Security B-Sides Announces All-Star Speaker Line-Up and Event Details for B ...
Marketwire (press release)
The newly added full-day infosec training courses will be hosted concurrently during the event and are on a first come, first serve basis. Courses on "Networking for Penetration Testers" and "Mobile App Security Code Reviews" are currently open. ...

and more »
Oracle has issued the first release candidate of Java Standard Edition version 7.
Will handset makers maintain their dedication to Android if they have to pay to license it? That's the question experts following Google's battle with Oracle are asking, and some of them think the answer is no.
Customer care calls for WiMax operator Clearwire will go to the Philippines after TeleTech Holdings, the outsourcing company that Clearwire hired last month, closes down the carrier's former call centers in the U.S.
Symantec Web Gateway Management GUI 'forget.php' SQL Injection Vulnerability
Microsoft today said it will issue four security updates next week, only one of which is pegged as critical, to patch 22 vulnerabilities in Windows and Visio 2003.
Mother Nature seems to be working against NASA's launching its final space shuttle mission on schedule Friday.
The increasing importance of mobility, coupled with BMC's familiarity with Aeroprise's capabilities, underpinned the acquisition announced Thursday.
Charging goods, particularly of the digital variety, to a mobile-phone bill may get more commonplace in the U.S. now that eBay plans to buy Zong, a Silicon Valley company.
Video chat is turning out to be a popular feature for social networking; we tried out both Facebook's new Video Calling and Google+ Hangout.
German government security officials warned that one of the recently revealed Apple iOS flaws could be put to malicious use.
RETIRED: Adobe Acrobat and Reader APSB11-16 Advance Multiple Remote Vulnerabilities
Acer on Thursday announced Gateway laptops with keys that give one-touch access to social networking sites such as Facebook, YouTube and Twitter.
Re: Re: Multiple Cross-Site Scripting vulnerabilities in WebCalendar
Security Advisory: CVE-2011-2516
Portable OpenSSH 'ssh-keysign' Local Unauthorized Access Vulnerability
Apple today said customers have downloaded more than 15 billion iPhone and iPad apps from its App Store in the three years since the e-mart's debut.
Verizon Wireless today began selling the new Motorola Droid 3 smartphone on its website for $199.99 with a two-year service plan. In-store sales start July 14.
SAP announced Thursday that its supervisory board has extended the contracts of co-CEOs Jim Hagemann Snabe and Bill McDermott until June 30, 2017.
[security bulletin] HPSBMA02674 SSRT100487 rev.2 - HP Service Manager and HP Service Center, Unauthorized Remote Access, Unsecured Local Access, Remote Disclosure of Privileged Information, HTTP Session Credential Re-use, Cross Site Scripting (XSS) and Re
Re: [Full-disclosure] Ubuntu: reseed(8),, and HTTP request
Re: [Full-disclosure] Ubuntu: reseed(8),, and HTTP request
[SECURITY] [DSA 2273-1] icedove security update

First of all, don't get me wrong, this is not a media FUD to scary you because of the recent coverage on the MBR rootkits. :)
As many of our readers probably know, earlier this week there was a report from the AV vendor Kaspersky about approximately 4.5 million computers infected with the rootkit called TDL4 (aka TDSS/Alureon).
TDL4 is a rootkit that infects the computer 's MBR (Master Boot Record). The TDSS family is being around since about 2008. At the time, it was quite interesting because we didn't have many mbr virus since 10, 13 years ago, when back in the time, it was quite common. (Remember those virus creation kits?):)
The MBRcontains the first code that will be loaded during the boot, so infecting the MBR by replacing it will give an enormous advantage for the virus, since it will be loaded before anything else, including the Anti-Virus.
The 4.5 millions infected computer should not be a surprise because rootkits usually breaks a detection cycle.
The usual cycle can be described as:
1- user sees suspicious activity on his computer, like a new running process for example.
2- user sends file to AVvendor
3- AVvendor creates detection
Now the problem is, how can the user send something to his AV vendor since he can't see anything?
Bootkits like this have been always a headache for AV vendors for this reason.
I am not alone on this. Also this week, Microsoft released a blog which describes another Bootkit, which it *detects* as Trojan:Win32/Popureb.E. Note that Imention detects only, which does not include *Cleaning* .
Kaspersky free tool, called TDSSKiller (version ) is one of the few around that can effectively detects if a computer is infected with this rootkit, which it calls: Rootkit.Win32.BackBoot.gen.
The problem with this new bootkit is that it forges the cleaning part. For example, when the security product tries a Write method, the trojan will change to Read. This will make the security product believe that the cleaning was successful while it was not.
Please note that this deceptive technique is not new. One TDSS variant, that infects sys file will perform in similar way, when you try to get the infected sys file, it will intercept and give to you the clean one, then make you believe that all is ok, since you got a clean file back.
Regarding MS's Popureb, the current recommendation is to fix the MBR and rebuild the machine.
There are no clean indicators of the infection on the machine, since the file dropped by the bootkit, (currently) called hello_tt.sys will not be accessible .
On some of my tests, I found the GMER's MBR tool is not effective against it, but the new TDSSKiller was being successful on detection and cleaning.
The next chapters on this fight will be interesting...
Pedro Bueno (pbueno /%%/ isc. sans. org)
Twitter: (c) SANS Internet Storm Center. Creative Commons Attribution-Noncommercial 3.0 United States License.
----------- Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu SEC 503 coming to Ottawa Sep 2011 (c) SANS Internet Storm Center. Creative Commons Attribution-Noncommercial 3.0 United States License.
If you follow SANS Application Security blog (aka as the SANSApplication Security Street Fighter blog) you know about an initiative focused on helping developers to understand security while having fun. Security challenges are a very didactic tool for this specific purpose.
The Spot the Vuln blog (by Brett Hardin Billy Rios) ...uses code snippets from open source applications to demonstrate vulnerabilities in real world web applications. Every Monday morning (8:00am PST) a vulnerable code snippet is posted. Take a look at the vulnerable code and try to identify where the security vulnerability is. Every Friday (8:00am PST), a solution is posted so you can check your answers. Each exercise is designed to last between 5 and 10 minutes. Do it while you drink your morning coffee and you will be on your way to writing more secure applications.
What about including these weekly challenges in your software security program, so that developers, development managers, and QA staff can test their source code analysis skills and enjoy security by solving them? This week challenge is about... Imagination.
Most challenges up to now have covered different programming languages (PHP, Java, JavaScript, ActionScript)and multiple security vulnerabilities (XSS, SQLi, LDAPi, RFI/LFI, CRLFi, redirections...).

Raul Siles

Founder and Senior Security Analyst with Taddong (c) SANS Internet Storm Center. Creative Commons Attribution-Noncommercial 3.0 United States License.
On June 28th Microsoft released a Service Pack for Office 2010. Office 2010 SP1 includes the usual roll-up of past security and hotfix patches, as well as a number of improvements and new features, particularly for its Office Web Applications (OWA), the online versions of Word, Excel, PowerPoint and OneNote. The download is 316.9M and is available by using Microsoft's Update site.

Deb Hale (c) SANS Internet Storm Center. Creative Commons Attribution-Noncommercial 3.0 United States License.
There have been reports this weekend of hacked websites that are serving up source code for VSFTP that contain backdoor code. The compromise has been confirmed by the programs creator. Thanks to benm for providing the heads up for the compromise.

Deb Hale (c) SANS Internet Storm Center. Creative Commons Attribution-Noncommercial 3.0 United States License.
Having a contingency plan is an extremely important part of any business plan. This has become more and more evident

over the last few weeks to communities all along the Missouri River. Our community is no exception. I live in Sioux

City, IA in the northwest corner of the state. Our community includes North Sioux City, SD and South Sioux City, NE.

Other neighbors include Dakota Dunes, SD and Dakota City, NE. Hundreds of families and hundreds of business are located in our community which is referred to as Siouxland and all of us have been impacted in one way or another by the flooding that is taking place all along the Missouri River. Each of us has a story to tell and yet all of the stories come

together as one.

Our story started on Memorial Day weekend. Our community leaders and emergency response team were notified that there was going to be flooding along the river which would last for several weeks. This flooding is a result of the large

amount of snowfall from last winter and large amount of rains this spring and summer, however it is also man made

flooding. Along the Missouri River from Montana to South Dakota there are 6 dams. All of the dams were built in

the 1940's and 1950's to help control the amount of water flowing down the river. This has been a positive over the

years because it prevented flooding and in years of drought it has kept the river flowing strong. Unfortunately this

year the large amount of precipitation over the last 18 months has left all 6 dams at capacity and in need of being

purged and purge they are.
The dam holding back the water from Sioux City is Gavins Point Dam,located 65 miles north of Sioux City in Yankton SD

and is the last of the 6 dams. It is a magnificent site to behold and is a place that is frequently visited by Siouxlanders.On a normal day the dam releases 30,000 CFS of water. Today the dam is releasing 165,000 CFS. This is enough water to fill almost 1,200,000 gallon milk jugs per second or 60 Olympic size swimming pools per second. That is a lot of water and it has to go somewhere. That somewhere has been in the farm fields, highways and communities within 5 miles of the Missouri River. There are several smaller rivers and streams that feed into the river and they are full as well. This is causing ground flooding along these rivers and streams with more farm fields and homes being impacted.

Many of the people that have been impacted by this flooding have had damage to both their homes and their businesses.

Most have no flood insurance because they do not live in a flood plain. (This flooding is worse than the 500 yr event).

They have had to find both a temporary place to live and work at the same time. Many people are living in the hotels

and motels in the area. Businesses are temporarily set up in empty buildings around the community and some are sharing office space with existing businesses or others that had to relocate their businesses. This means that they have doubled their overhead expenses. Still other businesses have been forced to close and are unable to relocate. They are losing revenue and still having to cover the monthly overhead expenses. Farmers fields are full of water, no crops are growing. There is no boat traffic allowed on the river due to debris that is in the water. Trees, playground equipment, motor homes, trailer houses, hot tubes have all been spotted floating down the river. Our Riverfront Area and the Anderson Dance Pavillion are favorites for holding summer weddings and parties. All of those have had to be cancelled or moved to other locations. Financially this has been a major event for our community, both public and private.

Our community has been busy with sanding bagging, building levee's and flood walls. We have been busy helping our neighbors and friends pack up and move. Storage facilities are full. Housing is a commodity.

We don't know when the water recedes what kind of damage we will have. We don't really even know when the water will recede. The water release is expected to stay at 165,000 CFS for several more weeks. The river is running so fast that we have hundreds of whirlpools. These whirlpools are eroding the river banks all along the Missouri River. We don't know yet how much damage we will have on the river banks along the Missouri when the water recedes.

The major thoroughfare in our area is I-29. What once was a 90 minute drive from Sioux City to Omaha is now over 2 hours. Due to flooding along and on I-29 sections of the interstate are closed and where it is open the highway department has put up temporary walls to keep the water off the highway and the water is up to the barriers. There are a couple of highway's between small Iowa communities to small Nebraska communities that are closed due to flooding. People living on one side of the bridge that work on the other side of the bridge now have to commute over an hour to get to work instead of the 10 minutes that it has taken in the past.The businesses on both sides of the river are suffering because their trade has been cut in half. These communities were also tourist destinations. Tourism is non existent this year. Even though these businesses have no water damage they have been damaged by the floods.

Omaha NE has a large airport. They are fighting to keep the water off the runways to keep the airport open. Omaha and it's Iowa sister city, Council Bluffs, IA are experiencing much of the same as Siouxland. Small communities to the south of

Omaha/Council Bluffs are under water. The levee's that they built did not hold and when they broke it literally took out the

entire town.

Our story is just beginning. We don't know how long it will continue. Some of the folks have been told that they may not be able to return to their homes for many months (if they have a home to return too). Once the water recedes and the cleanup begins we will know where we go from here. Our community is fortunate because we have some of the best Emergency Management personnel in the country. Our County Emergency Management Directors, Fire Chiefs, Police Chiefs, Sheriffs, local leaders and Chamber Presidents and other emergency responders have worked together for years to build a strong communication link and a solidified team. They each handled their own communities yet worked together for the entire community. We have shared resources, volunteers and response across state lines and across community boundaries. It has been an awesome site to see.

Some of you may be wondering why this is Diary material. This is not related to Internet security right? Well, maybe not. However, it is related to business survival. Planning, preparation and response are key to any businesses survival. I ask each of you to look at your business and answer one question... Do you know what to do to keep your business afloat in the event that you are impacted like our community has been?

I was not directly impacted by the flooding, my home sits on a hill, high and dry as does my office. However, roads that I once traveled are closed due to flooding. Businesses that my company supports have had to relocate and are suffering from the expense. They are cutting back on their spending which includes our support. Other customers have had to close their doors and have no idea if they will be able to resume business once the flooding has passed. Is your business prepared for an event like this in your community that will affect your bottom line? Do you have a plan in place to handle this business loss?

Our communities will survive and we will rebuild. We will work together to repair the damage, neighbor will help neighbor and we will be better for it. We will rebuild houses and businesses. We will support our neighbors both mentally and emotionally. Our contingency plans are being updated and new sections are being added daily. Luckily we had a plan and our emergency personnel were prepared. We now are praying that the temporary levee's and berm's continue to hold back the water.We are praying that Mother Nature backs off and that the rain events will slow down. (We have had rain nearly everyday since Memorial weekend with a couple that produced over 4 inches of rain in 24 hours). We are waiting and watching.

I hope that each and everyone of you have a great 4th of July weekend. I wish each of you success in your business and that you will read this diary and start thinking about what you would do and what the future of both your business and your home will be.

Deb Hale (c) SANS Internet Storm Center. Creative Commons Attribution-Noncommercial 3.0 United States License.
Yesterday's story on delayed patching or situations where patching is blocked by policy created a lot of discussion, and I thought it was worth another go, from a different perspective.
There are lots of things we use daily that have an OS, applications and security issues that we NEVER patch. Sometimes because we don't think of it, sometimes because we are denied by regulations. Very often we don't patch them because the manufacturer treats them as throwaway devices - there simply are no patches.
What especially brings this to mind is that I was that after yesterday's story, I was explaining the concept of malware to my son (he's 10). My explanation was that it was software that someone wrote, to make a system do something that it wasn't intended to do. Pretty much straight out of my SEC504 notes come to think of it (thanks, Ed!)
Anyway, that brought a few examples to mind - I'll list a few:
Windows (and other) hosts in the Pharmaceutical industry:
Machines used in pharmaceutical manufacturing need to be re-certified after every change. This confuses me somewhat, since the owner of the unit defines the testing procedure for re-certification (things like copy a file, do a transaction etc), so it should be easy right? Long story short, this recert process tends to freeze things in time on devices that are directly involved in manufacturing of pharmaceuticals. I cringe whenever I walk past that Windows 95 machine at one customer of mine
Embedded LINUX (and *nix) OS devices:
We tend to think of these the same way we think of lightswitches, but in most cases they run a full Linux OS. Nothing too critical, you know, trivial things like elevator controls, security cameras, HVAC (Heating/Ventilation/Air Conditioning) Systems come to mind for instance.
Embedded Devices in Healthcare (both Windows and Linux)
Again, we think of these as devices rather than computers. Things like IV pumps, controls for X-RAY and CAT-Scan machines, Ultrasounds and the like. There have been very public disclosures (and responses to yesterday's post) about Conficker and other malware running on gear of this type, and as far as I can tell neither the manufacturers or the regulators are too-too excited about it, and I think they should be - the hospital system administrators sure aren't happy about it.
Prosthetics are getting more and more complex - huge advances in prosthetic limbs, hearing and sight aids all involve computers embedded in the device.
And even simple devices like pacemakers are re-programmed remotely (and wirelessly). When my dad told me how cool getting his unit re-calibrated was, I couldn't help but see the down side (but didn't discuss it with him). Do you want to take bets on how many heads of state, or CEOs for that matter have a pacemaker? Or how much a well placed cardiac incident might influence global or financial affairs?
It's a good thing that there's no direct transport for malware across the silicon / carbon unit boundary. One day we'll go to the hospital for a simple procedure, and instead of worrying about MRSA or C-DIF, we'll worry about catching CONFICKER-YYZ instead !
And a lot closer to home ... Did you drive to work today?
Aside from your entertainment system, your car has a fully documented, unsecured network and operating system with an open and documented API (google ODB II sometime). Even better, by law this unsecured network and OS has a wireless link in it (your tire pressure sensors are short range, remotely activated wireless transmitters). No risk there if someone else started a remote control session on your car between the house and the grocery store - this might seem over the top, but not by too much
We talk about protecting our nations critical infrastructure, but I think we're missing the boat on loads of critical infrastructure that doesn't involve generating electricity, pumping oil or running water systems. Remember that definition of malware above, and remember (not too far back) that STUXNET was targeted and written to make nuclear plant systems behave to make a system do something it wasn't intended to do.
I think we don't need to think much harder to make a long, long list of critical systems that we'd have a hard time dealing with if they stopped working properly.
Again, I invite you, our readers to comment - describe any devices or systems that we deal with on a daily basis, that we wouldn't normally patch or update, or cannot patch or update. Extra points for critical type devices, but if your toaster has a USB port that's sure interesting as well (I want one !)

Rob VandenBrink

Metafore (c) SANS Internet Storm Center. Creative Commons Attribution-Noncommercial 3.0 United States License.
I recently had a routine can you help our business partner type call from a client. Their business partner could receive email from them, but could not send email to them.
After a bit of digging in the SMTP header of a failed note, it turned out that the business partner was running a very old version of QMAIL, which has a problem with ESMTP and DNS responses larger than 512 bytes. My client (the destination for the email) had recently gone to an email scanning service, so the total return on an MX record request was well over 1.5kb.
So far, not so exciting, you say - patch the server and be done with it! So why am I writing this up on
This is where it gets interesting. I called the business partner, and their verbatim response was Gee, I don't know. Applying that patch will involve taking the mail server down, our CEO won't approve that. Is there some other way to do this?
Wait, what? Did I hear that right? Let me check my watch - what century is this again? This is a patch from 2007 for goodness sake! I can see needing to follow a change control procedure, schedule an outage, maybe for after-hours, but they are an application development shop, not the Department of Defense! If they're running a mail system that hasn't been patched in 4 years, chances are that someone else already owns them, and they've got bigger problems than just this.
Anyway, after a frank and honest (and tactful, though that part was a bit more difficult) discussion, they did apply the needed patch, along with a truckload of other system updates that had been delayed since forever.
I've encountered a few situations where it makes some snse for system admins to defer patching for extended periods of time:
Servers that support military personnel in active operations are often mandated by policy as frozen. In our current global environment, these freeze periods can extend into months and years.
Servers that support long-range space exploration missions will often end up running operating systems that are no longer supported, on hardware that has been end-of-lifed years ago, or on hardware or OS's that were one-shot custom efforts. In cases like this, the hardware is generally air-gapped or otherwise isolated from sources of attack.
Some servers in support-challenged situations might also be frozen for specified periods of time - if I remember correctly, the servers in some of the Antarctic missions (really, no pun!) are in this category. (If I'm mistaken on this example, I know that sysadmin for those systems is a reader, please correct me!)

So the question I have for our readers is: What situations or applications have you seen that might defer patches and updates for an extended periods of time? Did you consider those reasons or policies to be legitimate? Did you come up with a compromise or workaround to get patches applied, or did you have to follow policy and not apply updates? Did this end up with a system compromise, and if so, did the policy protect the system administrator, or did they end up taking the blame anyway?
I'm really looking forward to feedback from our readers on this, please use the contact form to let us know what you've seen!

Rob VandenBrink Metafore (c) SANS Internet Storm Center. Creative Commons Attribution-Noncommercial 3.0 United States License.

Raul Siles

Founder and Senior Security Analyst with Taddong (c) SANS Internet Storm Center. Creative Commons Attribution-Noncommercial 3.0 United States License.
As you already know, recently gaming companies have been the target of different attacks and compromises. It seems this time the target has been Riot Games, owners of the League of Legendsgame. Still not a lot of details are known about this breach (it seems that the North America servers were affected, and the chat system), but some information is leaking through the forums:

@Riot / Ymir -- NA Servers got hacked:
Your Credit Card Information Is More Than Likely Secure :

Thanks Lee for the heads up.
Users can see some weird behavior when they leave the game, such as random notifications on the client ( and messages about a group called (League of)NoS, and links to something like www.freeriotpoints... or Free riot points are the in-game currency. The websites try to install a keylogger.
The common end-user recommendations apply, such as keeping an eye on any related transactions with the account and personal data provided to the target gaming company, changing the user profile password to a new and different one (do not reuse passwords) now and once the breach is contained, in-depth cleanup if you visited the websites with the keylogger, and waiting for more details to really confirm when the breach occurred and what user information was really exposed.
Keep an eye on it as well as the other breaches of the week, where once again, personal information might be exposed: Dropbox and Apple survey server.

Raul Siles

Founder and Senior Security Analyst with Taddong (c) SANS Internet Storm Center. Creative Commons Attribution-Noncommercial 3.0 United States License.
Apple said on Thursday that it is developing a fix for vulnerabilities that affect its iPhone, iPad and some iPod touch models, a problem that the German government warned could be used to steal confidential data.
After shutting down the Google+ invitation process late last week because of 'insane demand' from people eager to try out its new social network, Google is once again allowing new members in.

Manticore Technology and Sales Engine International Announce Solution to ...
San Francisco Chronicle (press release)
"As an organization, we were on board with adopting a marketing automation platform, but dedicating the resources to fully reap the benefits of it is a broader organizational commitment," said Robert Fake, President, InfoSec, Inc. "Sales Engine ...

and more »
The Washington Post has alerted job seekers who use its employment pages of a data breach that compromised up to 1.27 million accounts. has lost an appeal to be granted a patent for its "one-click" ordering system, with the European Patent Office (EPO) ruling that the method was too obvious and not inventive.

DigitalPersona promises support and love for SMEs
Channel Pro
A DigitalPersona survey at InfoSec this year found that two thirds of respondents (67 percent) hold disk encryption to be an IT security priority. However, it also said while large enterprises have the resources to implement comprehensive disk ...


Manticore Technology and Sales Engine International Announce Solution to ...
PR Web (press release)
“Sales Engine International and Manticore Technology offer a cost-effective solution that assists customers, such as InfoSec, in executing a marketing automation program," said Robert Fake, President, InfoSec, Inc. Manticore Technology™, ...
Manticore Technology and Sales Engine International Announce Solution to (press release)

all 3 news articles »

44Con training schedule and first security professional track speaker announced
SC Magazine UK
The upcoming 44Con security conference has announced its training line-up to run on the two days preceding the conference and the first speaker in the 'Infosec specialist' track. Alex Lucas of Microsoft is currently a principal security development ...

HP's new TouchPad tablet offers a slick interface and some nice features, but this won't be enough to help it compete with the iPad
As the two Internet heavyweights are poised to battle it out in the social networking arena, how do the companies stack up? A look at some data.
SAP's Sybase division announced the latest version of its IQ columnar database on Thursday.
The system of automatic software builds and tests can help developers make better apps with less effort
In an increasing number of organizations, the CIO is not the person who decides what IT projects should get investment. That job now belongs to the CFO.
Starbucks has begun a trial of business intelligence software on tablet devices for potential use by its executives making storevisits to help them make view real-time, location-aware data.
Smartphone apps have access to more of your personal data than you might think. Here's how to protect yourself, whether you're an Android, BlackBerry or iOS user.
Hacker group Anonymous said late Wednesday that its Antisec movement hacked and defaced Turkish government websites, in protest against new Internet filtering rules that come into force in the country in August.
A California court denied Apple's motion for a preliminary injunction on's use of the term 'Appstore' in a trademark infringement case on Wednesday.

Posted by InfoSec News on Jul 07

By Andrew Orlowski
The Register
6th July 2011

Obituary Len Sassaman, a cryptographer and security researcher of high
repute, has died aged 31. Sassaman maintained the Mixmaster remailer and
he contributed to various other privacy projects, including OpenPGP. He
also co-founded the annual CodeCon conference with Bram Cohen. He was
security researcher and doctoral student at the Katholieke...

Posted by InfoSec News on Jul 07

July 7, 2011

Former minister in charge of the secret services Gyorgy Szilvasy and two
former leaders of the National Security Office (NBH) could be charged
with illegal attacks against the IT systems of government agencies, news
portal Index said on Wednesday.

Gyorgy Szilvasy, Lajos Galambos and Sandor Laborc are...

Posted by InfoSec News on Jul 07

By Tracy Kitten
Managing Editor
Bank Info Security
July 5, 2011

On June 26, federal authorities arrested a former Citigroup executive
for allegedly embezzling more than $19 million from Citi and its

Gary Foster, who worked in Citi's treasury finance department, was
arrested by the Federal Bureau of Investigation at John F. Kennedy
International Airport, just as he...

Posted by InfoSec News on Jul 07

By William Jackson
July 06, 2011

Two Energy Department research facilities on opposite sides of the
country have been taken offline by what one spokesman called a
“sophisticated cyber attack.”

Officials became aware July 1 that the Pacific Northwest National
Laboratory in Richland, Wash., and the Thomas Jefferson Laboratory
National Accelerator...

Posted by InfoSec News on Jul 07

By Elinor Mills
InSecurity Complex
CNet News
July 6, 2011

About 1.27 million user IDs and e-mail addresses belonging to people
looking for employment on The Washington Post Jobs Web site were
affected by a data breach last week, the newspaper says.

"We discovered that an unauthorized third party attacked our Jobs
website and was able to...

Posted by InfoSec News on Jul 07

The New York Times
July 4, 2011

The hackers, calling themselves the A-Team, assembled a trove of private
information and put it online for all to see: names, aliases, addresses,
phone numbers, even details about family members and girlfriends.

But their targets were not corporate executives, government officials or
clueless bank customers. They were...

Posted by InfoSec News on Jul 07

By Ms. Smith
Privacy and Security Fanatic
Network World

Uh-oh. There's nothing quite like throwing down the gauntlet and
virtually taunting hackers to prove a proud boast is false. In what some
attackers might consider a dare, John Howie, Microsoft's senior director
in the Online Services Security & Compliance (OSSC) team, basically
claimed that Microsoft sites are...
Internet Storm Center Infocon Status