InfoSec News

He was hired to fix their computers, but police say that Trevor Harwell instead installed spyware software that took candid photos of his clients in various states of undress.
Apple's Steve Jobs this week unveiled iCloud, the company's new cloud-based sync and storage service. Is iCloud B2C cloud perfection or merely Apple playing catch-up with Google and others?
Samsung's Galaxy S II smartphone will reportedly go on sale in the U.S. next month, but carriers aren't confirming those plans.
With only a few hours left to go on World IPv6 Day, Facebook, the world's largest social network, reported no problems as it tested an upgrade of the communications protocol.
Cyberattacks on U.S. networks by other nations may not always demand the same level of retaliation, and only attacks that cause major damage or loss of life should prompt similar responses, a group of national security experts said Wednesday.
A pair of Lawson Software shareholders have filed a class action lawsuit to block the ERP software vendor's sale to Infor and its parent company Golden Gate Capital, according to documents filed Tuesday in U.S. District Court for the District of Minnesota.
Oracle Java SE and Java for Business CVE-2011-0867 Remote Information Disclosure Vulnerability
Facebook's move to enable facial recognition across its entire social networking site is raising some eyebrows -- and possibly some legal woes -- over its privacy implications.
Every day in large and small offices across America, business workers ignore the PC or desk phone and grab their smartphones for convenient voice, email and Internet access. But delivering high quality cellular service inside office buildings is a challenge for wireless carriers, especially for high-speed data which requires a particularly strong signal.
Oracle Java SE and Java for Business CVE-2011-0863 Remote Code Execution Vulnerability
Microsoft has improved the tools it provides for webmasters to track their sites' visibility on Bing search engine results, so that they can make any necessary adjustments to improve how Bing crawls their content and ranks their pages.
Oracle's decision in March to stop developing software for Intel's Itanium chips is in violation of "legally binding commitments" Oracle has made to Hewlett-Packard and the companies' approximately 40,000 shared customers, HP said.
Apple's iCloud strategy isn't about making money, analysts said today. It's about using the free service to keep customers and battle Google for smartphone and tablet supremacy.
With World IPV6 Day in full swing, the test flight of the Internets new communications protocol is going smoothly.
A new report recommends that the U.S. Department of Commerce help the Internet industry develop cybersecurity codes of conduct.
Oracle Java SE and Java for Business CVE-2011-0817 Remote Code Execution Vulnerability
Oracle Java SE and Java for Business CVE-2011-0873 Remote Java Runtime Environment Vulnerability
Oracle Java SE and Java for Business CVE-2011-0802 Remote Java Runtime Environment Vulnerability
In 2010, healthcare providers spent $88.6 billion on developing and implementing electronic health records, health information exchanges, and other health information technology initiatives, making healthcare a rich market for IT jobs.
Oracle Java SE and Java for Business CVE-2011-0864 Remote Java Runtime Environment Vulnerability
[security bulletin] HPSBMA02674 SSRT100487 rev.1 - HP Service Manager and HP Service Center, Unauthorized Remote Access, Unsecured Local Access, Remote Disclosure of Privileged Information, HTTP Session Credential Re-use, Cross Site Scripting (XSS) and Re
ZDI-11-192: Oracle Java Web Start Command Argument Injection Remote Code Execution Vulnerability
ZDI-11-191: Oracle Java ICC Screening Tag Parsing Remote Code Execution Vulnerability
ZDI-11-190: Oracle Java ICC Profile 'crdi' Tag Parsing Remote Code Execution Vulnerability

commissum at Infosec Europe 2011
SourceWire (press release)
Another Infosec Europe has come and gone. Once again, commissum had a strong presence; the company's sixth year of exhibiting at this premier event. Information Security experts commissum managed to make the even a great success, despite visitor ...

and more »
A former student at a suburban Philadelphia high school has sued his school district for allegedly spying on him and his family using a school-issued Mac laptop, according to court documents.
Multiple Vendors STARTTLS Implementation Plaintext Arbitrary Command Injection Vulnerability
ZDI-11-185: Oracle Java ICC Profile 'bfd ' Tag Parsing Remote Code Execution Vulnerability
ZDI-11-183: Oracle Java ICC Profile MultiLanguage 'mluc' Tag Parsing Remote Code Execution Vulnerability
ZDI-11-182: Oracle Java IE Browser Plugin Corrupted Window Procedure Hook Remote Code Execution Vulnerability
Oracle Java SE and Java for Business ICC Profile Multiple Remote Code Execution Vulnerabilities

Resellers rethinking RSA
Financial Times (blog)
Infosec, a UK-based IT security company has said it will no longer be selling RSA's SecurID tokens, following news that the authentication devices had been hacked and used in an attack against defence contractor Lockheed Martin. ...

and more »
With its upcoming iCloud service, Apple takes a common concept -- cloud computing -- and pares it back to core functions. Columnist Ryan Faas compares Apple's plans with what Google already offers.
WordPress GD Star Rating Plugin 'votes' Parameter SQL Injection Vulnerability
Silex 'sitemap.php' Cross Site Scripting Vulnerability asked WAN managers about where they stand today with their IPv6 migration strategies as well as their thoughts on World IPv6 Day.

Add to digg Add to StumbleUpon Add to Add to Google
The Samsung Galaxy Tab 10.1 Wi-Fi is the first Android tablet to effectively challenge Apple's iPad 2 at what Apple does best: Design. Let's face it, when it comes to tablets, design is the attribute that's squarely at center stage. And the Tab 10.1-available in limited distribution starting today, starting at $499 for a 16GB version-- has that in spades. In fact, its design, together with its Android 3.1 operating system, vaults the Tab 10.1 to the head of the Android pack.
Verizon Wireless on Wednesday confirmed that it will start selling Samsung's Galaxy S II 'superphone' some time next month.
Gibbs looks at a few products for the Apple users.
The idea that IT professionals don't need business acumen is a destructive myth.
Multiple vulnerabilities in several IP camera products
[HITB-Announce] HITB2011AMS Conference Materials & Photos
We keep getting ongoing reports from readers about spam being sent from legitimate Hotmail accounts. Like web mail systems in general, Hotmail accounts are targeted to be able to send spam from trusted sources. if an e-mail is received from a friend or relative, you are much more likely to open and read it.
These accounts are compromised via many ways, most commonly these days via phishing. The question always is if it is actually a compromised account, or just someone spoofing the From address.
Hotmail adds some characteristic headers that can be used to identify the source as hotmail. While they may be faked of course, the allow you to narrow down the chances of the account being compromised.
You should see a Received header from a host, using Microsoft SMTSVC. If the e-mail was posted via the web interface, you should also see an X-Oritinating-IP

X-Originating-IP: [??.91.145.??]

I obfuscated the X-Originating header.
Next question we get: What to do if you find out your friends hotmail account was compromised? If your friend is lucky, all that happened was a phishing attack. Your friend only needs to change the password (and of course, all sites he uses the same password with). Worse case: Your friend is infected with malware that stole the password. Point the friend to some decent anti-malware detection, or if you are a real good friend, help with the cleanup.


Johannes B. Ullrich, Ph.D.

SANS Technology Institute

Twitter (c) SANS Internet Storm Center. Creative Commons Attribution-Noncommercial 3.0 United States License.

What would Salvador Dalí make of LIGATT and LulzSec?
CSO (blog)
A string of posts on the Infosec Island website show just how surreal these guys have made it for the rest of us. First came a post about a press release where LIGATT claimed to be hot on the trail of LulzSec, followed by a post where LIGATT's Gregory ...

Apple plans to build a new campus with a circular building that looks a spaceship, big enough to house 12,000 employees.
Version 12 of Google Chrome became available Tuesday, along with patches for 15 bugs in the browser.
If your company allows employees to use an iPhone, here are the productivity apps that you should install on the mobile devices
If you provide or allow employees an iPad, here are the productivity apps that you should install on them
Twitter rolled out an automatic link shortening feature on Tuesday.
Intel said on Wednesday it is investigating a fire at the company's manufacturing facilities in Chandler, Arizona, that left 13 people injured.
Warm mangos, Pandas and Alan Greenspan: these were among the wide range of topics that came up during the characteristically humorous keynote by Google’s Matt Cutts at the end of the first day of the Search Marketing Expo in Seattle.
Microsoft has placed quarter-page notifications in two Russian newspapers, a legal formality required as part of its ongoing lawsuit in the U.S. against operators of Rustock, a defunct botnet used to send prolific amounts of pharmaceutical spam.
Veteran IT trainer Don R. Crawley wants to help IT departments raise their stature and reputation within the organization by giving techies some basic training in emotional intelligence and listening skills.
Experts say suspect IPv6 security features in commercial products and weaknesses in the protocol could be exploited by attackers.

Add to digg Add to StumbleUpon Add to Add to Google
Internet Storm Center Infocon Status