Share |

InfoSec News

A former engineer with U.S. military contractor L-3 Communications is facing as much as 20 years in prison on charges that he illegally exported military data to China.
 
Apple has also released a couple of updates today. Apparently, they are catching up on some Java updates that Oracle released earlier. The updates are for Mac OSX 10.5 update 9 and 10.6 update 4
References
http://support.apple.com/kb/HT4562
http://support.apple.com/kb/HT4563
---------------

Jim Clausing, GIAC GSE #26

jclausing --at-- isc [dot] sans (dot) edu (c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
 
RETIRED: Microsoft March 2011 Advance Notification Multiple Vulnerabilities
 
For most people, Wallaby conjures up images of a kangaroo-like creature. In the halls of Adobe, though, it's the code name for an experimental Flash-to-HTML 5 converter.
 
Oracle Java SE and Java for Business CVE-2010-4471 Remote Security Vulnerability
 
Oracle Java SE and Java for Business CVE-2010-4469 Remote Java Runtime Environment Vulnerability
 
The average organizational cost of a data breach increased 5% over 2009 to $7.2 million, according to a Ponemon Institute report issued today.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google
 
Microsoft issued three bulletins, one critical, repairing a DLL preloading issue affecting Windows Media Player and Windows Media Center.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google
 
IT executives are seeking architects with a wide range of skills, including technology expertise and an artist-like ability to deal with converging IT trends.
 
Google patched 25 vulnerabilities in Chrome today in one last update before the Pwn2Own hacking contest starts Wednesday in Canada.
 
As if users needed another reason to spend more time on Facebook, Warner Bros. has started offering movies to rent or buy and view on the site.
 
Wireshark 1.4.3 and 1.2.14 Multiple Security Vulnerabilities
 
While it sounds miniscule next to Apple's App Store and its more than 350,000 apps, the Windows Phone Marketplace now offers 9,000 apps and games and is growing by an average of 100 apps a day.
 
SAS Institute is teaming up with mobile BI vendor Mellmo to bring analytic applications to Apple's iPhone and iPad.
 
Google's Android Market mobile software shop was hit last week with its first major malware attack; a popular application called "DroidDream" proved to be infected with malware that could steal users' personal information, and Google was forced to use a built-in Android 'kill-switch' to do away with the problematic app.
 
OpenText has acquired London-based mobile application development tool vendor WeComm.
 
Tech-related trade groups call for new incentives for companies to protect cybersecurity.
 
Microsoft today shipped three security updates that patched four vulnerabilities in Windows and Office, but did not patch IE ahead of the Pwn2Own hacking contest that begins Wednesday.
 
Microsoft Internet Explorer DLL Loading Arbitrary Code Execution Vulnerability
 
Microsoft Internet Explorer 'mshtml.dll' Dangling Pointer Vulnerability
 
FreeOTFE may sound like a political bumper sticker, but it stands for "Free On The Fly Encryption." The "Free" part is self-explanatory; "On The Fly Encryption" refers to the encrypting/decrypting of data as it is written to or read from your hard disk. The data on your disk (either the whole disk or a portion of it, as you see fit) is stored in an encrypted form, and FreeOTFE handles all read and write requests, so that the operating system, applications, etc, operate normally. Despite what you might expect, speed impact is generally minimal and will probably not be noticed by a user under most circumstances.
 
Microsoft VBScript and JScript Scripting Engines Information Disclosure Vulnerability
 
Here are the March 2011 Black Tuesday patches. Enjoy!


Overview of the March 2011 MicrosoftPatchesand their status.





#
Affected
Contra Indications
Known Exploits
Microsoft rating
ISC rating(*)


clients
servers



MS11-015
Vulnerabilities in Windows Media Could Allow Remote Code Execution


DirectX

CVE-2011-0032

CVE-2011-0042
KB 2510030
PoC exists
Severity:Critical

Exploitability: 1,1
Critical
Important



MS11-016
Vulnerability in Microsoft Groove Could Allow Remote Code Execution


Microsoft Groove 2007 SP2

CVE-2010-3146
KB 2494047
PoC exists
Severity:Important

Exploitability: 1
Important
Less Urgent



MS11-017
Vulnerability in Remote Desktop Could Allow Remote Code Execution


Remote Desktop

CVE-2011-0029
KB 2508062
no known exploit
Severity:Important

Exploitability: 1
Important
Important







We will update issues on this page for about a week or so as they evolve.

We appreciate updates

US based customers can call Microsoft for free patch related support on 1-866-PCSAFETY

(*): ISC rating

We use 4 levels:

PATCH NOW: Typically used where we see immediate danger of exploitation. Typical environments will want to deploy these patches ASAP. Workarounds are typically not accepted by users or are not possible. This rating is often used when typical deployments make it vulnerable and exploits are being used or easy to obtain or make.
Critical: Anything that needs little to become interesting for the dark side. Best approach is to test and deploy ASAP. Workarounds can give more time to test.
Important: Things where more testing and other measures can help.
Less Urgent: Typically we expect the impact if left unpatched to be not that big a deal in the short term. Do not forget them however.


The difference between the client and server rating is based on how you use the affected machine. We take into account the typical client and server deployment in the usage of the machine and the common measures people typically have in place already. Measures we presume are simple best practices for servers such as not using outlook, MSIE, word etc. to do traditional office or leisure work.
The rating is not a risk analysis as such. It is a rating of importance of the vulnerability and the perceived or even predicted threat for affected systems. The rating does not account for the number of affected systems there are. It is for an affected system in a typical worst-case role.
Only the organization itself is in a position to do a full risk analysis involving the presence (or lack of) affected systems, the actually implemented measures, the impact on their operation and the value of the assets involved.
All patches released by a vendor are important enough to have a close look if you use the affected systems. There is little incentive for vendors to publicize patches that do not have some form of risk to them


---------------

Jim Clausing, GIAC GSE #26

jclausing --at-- isc [dot] sans (dot) edu



SANS SEC401 coming to central OH beginning 17 May, see http://www.sans.org/mentor/details.php?nid=24678 (c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
 
Image Gallery: Android is now more profitable than iOS for well-known game developer.
 
Rackspace will help enterprises build private clouds using the OpenStack cloud operating system, the company announced Tuesday. Meanwhile, Dell is seeking enterprises and service providers for proof-of-concept OpenStack trials with its Dell PowerEdge C family of servers.
 
RainStor today announced the general availability of its updated database repository, which is optimized to store and serve up machine-generated data, such as user logs and OLTP data sets.
 
Michael deAgonia says that iPad 2 keeps Apple ahead of rivals for now. Jonny Evans takes it further, saying competitors are already DOA. Will iPad 2 be a knock out-punch to rival tablets?
 
Linux Kernel SCTP Local Race Condition Vulnerability
 
Linux Kernel 'install_special_mapping()' Local Security Bypass Vulnerability
 
Cross-Site Scripting vulnerabilities in Icinga
 
[security bulletin] HPSBUX02641 SSRT100412 rev.1 - HP OpenView Network Node Manager (OV NNM) for HP-UX, Linux, Solaris, and Windows running Java, Remote Denial of Service (DoS)
 
[ MDVSA-2011:043 ] libtiff
 
[HITB-Announce] HITB Magazine Call for Articles
 
Linux Kernel FSGEOMETRY_V1 IOCTL Local Information Disclosure Vulnerability
 
Linux Kernel 'task_show_regs()' Local Information Disclosure Vulnerability
 
The search engine giant said it would take steps to prevent additional malicious applications from using similar exploits from being distrusted via its Android Market.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google
 
Ever wonder how your Facebook friends add those smiley faces, hearts, musical notes, and other cute little icons to their status updates? It's easier than you might think. Here's how:
 
ID theft tops the list of consumer complaints made to the U.S. FTC and its partners in 2010.
 
Wireless networks can serve mobile devices up to 76% faster through the novel use of accelerometers, GPS locators, gyroscopes and compasses that come standard on iPhones, iPads and other smartphones and tablets, researchers say.
 
The battle against groups of hacked computers known as botnets is suffering from a lack of coordination, resulting in a cybercrime industry worth more than $10 billion worldwide annually, according to a report from a European Union security agency.
 
Execution of its big-screen docking capability needs work but is a good first step.
 
The French National IT Systems Security Agency has released further details of the recent attack on French government computers, saying they were targeted by cyberspies.
 
A security researcher lost a sure $15,000 at this week's Pwn2Own hacking contest because he had earlier reported the bug to Google, which has patched the vulnerability in its Android Market.
 
HTB22872: Path disclosure in Cool Video Gallery wordpress plugin
 
HTB22873: XSS in Inline Gallery wordpress plugin
 
HTB22870: SQL Injection in GRAND Flash Album Gallery wordpress plugin
 
HTB22871: File Content Disclosure in GRAND Flash Album Gallery wordpress plugin
 
---------------

Jim Clausing, GIAC GSE #26

jclausing --at-- isc [dot] sans (dot) edu (c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
 

Infosec Units Focus on Tech Training, Not User Awareness
GovInfoSecurity.com (blog)
One of the more curious results from our survey of government IT security practitioners (see Gov't Infosec Pros Question Fed's Security Resolve) is their assessment on how well their agencies execute security training and awareness initiatives. ...
Westfield Insurance Launches eBook Guide to Information SecurityMarketwire (press release)

all 7 news articles »
 
For many, security is like going to the dentist--you have to deal with it, but that doesn't mean you have to go willingly, or like it once you get there. One of the main problems with IT security, though, comes down to money. While new servers or PCs can be justified as an investment, security is seen simply as an expense and a headache. But, what if you could protect your network and your PCs without breaking the bank?
 
Make smart use of your smartphone to keep in touch with your project team.
 
YouTube has acquired web video production startup Next New Networks to help contributors to YouTube make successful videos.
 
InfoSec News: The new cyber arms race: http://www.csmonitor.com/USA/Military/2011/0307/The-new-cyber-arms-race
By Mark Clayton Staff writer The Christian Science Monitor March 7, 2011
Arlington, Va.; and Idaho Falls, Idaho
Deep inside a glass-and-concrete office building in suburban Washington, [...]
 
InfoSec News: Postman named Britain's cyber security champion: http://www.telegraph.co.uk/technology/8365868/Postman-named-Britains-cyber-security-champion.html
By Christopher Williams Technology Correspondent The Telegraph 07 Mar 2011
The government-backed competition to find the country's best computer defence amateur culminated in day of challenges for 25 finalists in Bristol. They investigated data breaches and battled hackers in realistic simulations of the attacks that threaten critical private and public sector systems every day.
The champion, Dan Summers, 33, had a background in IT but left the industry to pursue his own business. When it faltered, he took a casual delivery job with the Royal Mail.
He said: "I enjoyed it but never thought that I would be a winner."
Mr Summers entered the competition last summer on the suggestion of his mother and aunt, who had heard about the launch on the radio.
"They said 'you're a geek, you should enter that'," he explained.
[...]
 
InfoSec News: Zombie computers in DDoS attack begin to destroy own hard drives: http://english.yonhapnews.co.kr/techscience/2011/03/06/55/0601000000AEN20110306003500320F.HTML
Yonhap News 2011/03/06
SEOUL, March 6 (Yonhap) -- Sixty-two hard disc drive destructions were reported as of Sunday among an estimated 34,000 zombie computers [...]
 
InfoSec News: [Dataloss Weekly Summary] Week of Sunday, February 27, 2011: ========================================================================
Open Security Foundation - DataLossDB Weekly Summary Week of Sunday, February 27, 2011
27 Incidents Added.
======================================================================== [...]
 
InfoSec News: Christchurch earthquake will send firms into the cloud: http://www.stuff.co.nz/technology/4738187/Christchurch-earthquake-will-send-firms-into-the-cloud
By TOM PULLAR-STRECKER AND CLAIRE ROGERS Stuff.co.nz 07/03/2011
More small businesses are likely to switch to cloud computing as a result of the Christchurch earthquake, analysts say. [...]
 
InfoSec News: LEET '11 Program Now Available: Forwarded from: Lionel Garth Jones <lgj (at) usenix.org>
Join us at the 4th USENIX Workshop on Large-Scale Exploits and Emergent Threats, which will take place in Boston, MA, on March 29, 2011. Now in its fourth year, LEET continues to be a unique and leading forum for the [...]
 
Mozilla Firefox and SeaMonkey 'JSON.stringify()' Use-After-Free Memory Corruption Vulnerability
 
While Android is a terrific operating system in many ways, it does pose some real risks for IT departments. Google's recent removal of around 50 malware-infected apps from its Android Market highlighted the downside of the company's "free love" approach to publishing applications. The upside: the market also offers a variety of quality security applications.
 
The cost of a data breach went up to $7.2 million last year up from $6.8 million in 2009 with the average cost per compromised record in 2010 reaching $214, up 5% from 2009.
 
Boeing and Intel run programs that let IT workers spend time in other business units to learn about operations and perhaps cost cutting ideas.
 
Multitouch screens, which already dominate in smartphones and tablets, are moving into everything from desktop PCs to in-flight entertainment systems and an array of consumer electronics.
 
Rapidly growing sores of structured and unstructured data are prompting IT executives to turn to open source Hadoop technology for storage and analysis efforts.
 

Posted by InfoSec News on Mar 08

http://www.csmonitor.com/USA/Military/2011/0307/The-new-cyber-arms-race

By Mark Clayton
Staff writer
The Christian Science Monitor
March 7, 2011

Arlington, Va.; and Idaho Falls, Idaho

Deep inside a glass-and-concrete office building in suburban Washington,
Sean McGurk grasps the handle of a vault door, clicks in a secret entry
code, and swings the steel slab open. Stepping over the raised lip of a
submarinelike bulkhead, he enters a room...
 

Posted by InfoSec News on Mar 08

http://www.telegraph.co.uk/technology/8365868/Postman-named-Britains-cyber-security-champion.html

By Christopher Williams
Technology Correspondent
The Telegraph
07 Mar 2011

The government-backed competition to find the country's best computer
defence amateur culminated in day of challenges for 25 finalists in
Bristol. They investigated data breaches and battled hackers in
realistic simulations of the attacks that threaten critical private...
 

Posted by InfoSec News on Mar 08

http://english.yonhapnews.co.kr/techscience/2011/03/06/55/0601000000AEN20110306003500320F.HTML

Yonhap News
2011/03/06

SEOUL, March 6 (Yonhap) -- Sixty-two hard disc drive destructions were
reported as of Sunday among an estimated 34,000 zombie computers
mobilized to carry out massive cyber attacks on the web sites of South
Korea's key government agencies and financial institutions on Friday and
Saturday, government officials said.

The web...
 

Posted by InfoSec News on Mar 08

========================================================================

Open Security Foundation - DataLossDB Weekly Summary
Week of Sunday, February 27, 2011

27 Incidents Added.

========================================================================

DataLossDB is a research project aimed at documenting known and reported
data loss incidents world-wide. The Open Security Foundation asks for
contributions of new incidents and new data for...
 

Posted by InfoSec News on Mar 08

http://www.stuff.co.nz/technology/4738187/Christchurch-earthquake-will-send-firms-into-the-cloud

By TOM PULLAR-STRECKER AND CLAIRE ROGERS
Stuff.co.nz
07/03/2011

More small businesses are likely to switch to cloud computing as a
result of the Christchurch earthquake, analysts say.

IDC Research country manager Ullrich Loeffler said the "Kiwi spirit" was
evident as the business community came together to help one another in
the wake...
 

Posted by InfoSec News on Mar 08

Forwarded from: Lionel Garth Jones <lgj (at) usenix.org>

Join us at the 4th USENIX Workshop on Large-Scale Exploits and Emergent
Threats, which will take place in Boston, MA, on March 29, 2011. Now in
its fourth year, LEET continues to be a unique and leading forum for the
discussion of threats to the confidentiality of our data, the integrity
of digital transactions, and the dependability of the technologies we
increasingly rely...
 
RPM Package Update and Removal File Attribute Security Bypass Vulnerabilities
 
Google has bought Beatthatquote.com, a British website for comparing prices of insurance, utilities and legal services.
 
Lenovo on Tuesday announced the ThinkPad X220 laptop, which runs on new processors based on Intel's Sandy Bridge microarchitecture.
 
Cisco Systems acted to make its Umi home videoconferencing platform more affordable on Monday, slashing the service cost to $99 per year.
 


Internet Storm Center Infocon Status