Information Security News
Security Policy Orchestration brings InfoSec under larger tent
Network World (blog)
For a long time many pundits have spoken about a time when security does not exist in a separate silo but is instead integrated into the larger IT mission. Combining this with development processes represents a holy grail for some in security as well ...
The critical Microsoft Windows and Office vulnerability that came to light two days ago is being more widely exploited than previously reported, making it more urgent that end users install a temporary fix right away.
Early research into the zero-day exploit detected only highly targeted attacks on individuals or companies that were mostly located in the Middle East and South Asia. More often than not, the word "targeted" is used to describe espionage campaigns aimed a particular company or industry. Now, researchers at two security firms have uncovered evidence that the same critical flaw—found in Windows Vista, Windows Server 2008, Microsoft Office 2003 through 2010, and all supported versions of Microsoft Lync—is also being targeted in wider-ranging hacking campaigns being carried out by multiple gangs, including one made up of financially motivated criminals.
The more recently discovered attacks are being carried out by the same India-based group behind Operation Hangover, a malware campaign first detected earlier this year, researchers from security firm FireEye wrote in a recent blog post. The researchers went on to say that the same attacks—which exploit weaknesses in the way Microsoft code processes TIFF images—is being waged by yet another group, alternately dubbed Arx and Ark, to deliver the Citadel trojan. Citadel is a highly malicious piece of malware that's mostly used by criminals to access and liquidate online bank accounts.
Ladar Levison founded secure e-mail service Lavabit in 2004. His company garnered international attention when it was revealed to be the preferred provider for Edward Snowden, a former NSA contractor and whistleblower now living in exile in Russia. In July 2013, the American government ordered Lavabit to hand over the SSL keys to the entire website, which would have allowed them to read every single user's e-mail—not just Snowden's. Levison complied with the order by printing the keys on paper in a tiny font, which gave him enough time to shut down the service. He is actively fighting the government in court, and he recently joined forces with another related company, Silent Circle, to create the forthcoming Dark Mail Alliance.
Lavabit was designed to protect the privacy of e-mail by allowing users to encrypt messages stored on the Lavabit servers. Once encrypted, an e-mail could only be decrypted with a user’s password. The system was made to protect messages on Lavabit’s servers from prying eyes. Quite simply, the goal was to remove Lavabit from the surveillance equation.
In response to the recently announced Dark Mail Alliance, famed security researcher Moxie Marlinspike penned an op-ed in which he makes a number of interesting points. His arguments are well-reasoned and his contributions to the community are worthy of note, so I feel compelled to respond to his critique of Lavabit’s design.
Researchers have uncovered software available on the Internet designed to overload the struggling Healthcare.gov website with more traffic than it can handle.
"ObamaCare is an affront to the Constitutional rights of the people," a screenshot from the tool, which was acquired by researchers at Arbor Networks, declares. "We HAVE the right to CIVIL disobedience!"
In a blog post published Thursday, Arbor researcher Marc Eisenbarth said there's no evidence Healthcare.gov has withstood any significant denial-of-service attacks since going live last month. He also said the limited request rate, the lack of significant distribution, and other features of the tool's underlying code made it unlikely that it could play a significant role in taking down the site. The tool is designed to put a strain on the site by repeatedly alternating requests to the https://www.healthcare.gov and https:www.healthcare.gov/contact-us addresses. If enough requests are made over a short period of time, it can overload some of the "layer 7" applications that the site relies on to make timely responses.
Posted by InfoSec News on Nov 07http://www.zdnet.com/whats-making-your-android-insecure-blame-those-free-apps-you-never-asked-for-7000022867/
Posted by InfoSec News on Nov 07http://rt.com/news/fbi-wanted-list-russian-340/
Posted by InfoSec News on Nov 07http://www.washingtonpost.com/national/13-marines-returning-from-afghanistan-get-unexpected-welcome-at-chicagos-ohare-airport/2013/11/06/dd4f6bcc-46b5-11e3-95a9-3f15b5618ba8_story.html
Posted by InfoSec News on Nov 07http://www.politico.com/story/2013/11/homeland-security-cybersecurity-99347.html
Posted by InfoSec News on Nov 07http://arstechnica.com/security/2013/11/now-theres-a-bug-bounty-program-for-the-whole-internet/