InfoSec News

A 23-year-old Bellevue, Ohio, man has been sentenced to 30 months in prison following a 2007 online crime spree in which he used a network of hacked computers to attack and knock offline websites belonging to conservative pundits Bill O'Reilly and Ann Coulter.
 

Last week my company decided to upgrade our data network bandwidth of 1 GB to 10 GB. The last time we update the design, we found that the bandwidth of the 45 vlan more secure servers, taking into account that each uplink has the 1 GB limit, we gave as 2.8 Gbps total consumption, so we chose a FWSM blade inside a Catalyst 6513. Please look the following diagram:



Now with our network with expanded bandwidth to 10 GB, forced us to change the proposed design to implement security features through a service switch that is connected to the users and the server farm. Please look the following diagram:



My big problem is I can not find a Cisco device (Firewall and IPS) capable of handling a traffic level large enough. If I would choose Cisco, I would need to place multiple firewalls and IPS, which is not acceptable to me because of the administration overload. This led me to think again about the factors that would fulfill the perimeter security devices to protect the information assets of my company. The factors are:

Sufficient traffic throughput: If the bandwidth supported by firewalls and IPS are exceeded, they can become the bottleneck of the network, causing trauma to the its services and availability. Remember that one of the key criteria for network design is the scalability and any security services in place need to preserve it.
Supported protocols: TCP and UDP are not the only protocols that are supported on IP [1]. The firewall and IPS you choose must support the protocols that travel over your network and be able to make decisions about them and not limited only to forward the packets. What would happen if you need a specific type of multicast for your brand new conference system that your firewall andIPSare not capable to support?
IDS/IPS evation: Is the IPS you are looking for capable of control the most common techniques for IPS/IDS evation? A simple google search can give you a decent list to work with.
Management platform: If we have a perimeter security plan for a large company, you need a management solution that enables the following features: security event management, dynamic network protection and real-time visualization of attacks attempts and successful attacks. Here we must involve an event correlation system that can interact with devices from the network security perimeter that consolidates the information and make reports to enable trends. These trends will allow to implement controls effectively to reduce identified risks.
ARP attacks: Is your firewall/IPS able to notice and block fast ARP changes commonly used for man in the middle attacks?

Do you have any other criteria you want to share with us? Use the comment page or our contact form.
[1] See http://www.networksorcery.com/enp/protocol/ip.htm#Protocol
-- Manuel Humberto Santander Pelez | http://twitter.com/manuelsantander | http://manuel.santander.name | msantand at isc dot sans dot org (c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
 
The odds are stacked against RockMelt, a new browser designed to serve as a social networking hub, industry analysts said on Monday.
 
Xcftools 'flattenIncrementally()' Function Remote Stack Buffer Overflow Vulnerability
 
Arm has entered the server market with Marvell Semiconductor announcing a chip based on its processor architecture, but customer acceptance and design issues could affect its chances of winning market share from Intel and Advanced Micro Devices, analysts said.
 
IETF RFC 3279 X.509 Certificate MD5 Signature Collision Vulnerability
 
Toshiba introduced its new blade-type SSD modules with capacities of up to 256GB and with a thickness one-third that of solid-state disk drives that typically come in a hard-drive form factor.
 
Oracle has managed to get some but not all aspects of the U.S. government's fraud case against it dismissed, according to documents filed last week in U.S. District Court for the Eastern District of Virginia.
 
The PMP exam is a four-hour test with 200 multiple-choice questions that cover concepts from the Project Management Institute's (PMI's) Guide to the Project Management Body of Knowledge (PMBOK Guide). Some PMPs have described the exam as grueling, and most will tell you that it takes a considerable amount of studying to pass it successfully.
 
RETIRED: Pay Roll Time Sheet & Punch Card Login SQL Injection Vulnerability
 
Oracle CEO Larry Ellison faced tough questioning on the witness stand Monday morning about the effects of TomorrowNow's intellectual-property theft on his company.
 
It has happened to everyone at one point or another: A customer enters a cash-only store or restaurant, but has only a debit card on hand. The result, of course, is a lost sale. But Square promises to make sure those days are over with its new Square Reader.
 
Why does IT exist? If you consider IT value only in terms of technical precision, you're overlooking half your value. Such focus often relegates IT to a mere cost center rather than a critical participant in the organization.
 
Despite the best precautions, it is impossible to protect your network against every attack. When the inevitable happens, your log data can be critical for identifying the cause of the breach and collecting evidence for use in the legal system. That is, if your logs were properly configured before the breach happened.
 
DIMVA 2011 Call for Workshops Proposals
 
Re: Seo Panel 2.1.0 - Critical File Disclosure
 
Hackito Ergo Sum 2011 - Call For Paper - HES2011 CFP
 
Low-income, rural and some minority groups continue to lag significantly behind other U.S. groups in broadband adoption, according to a new report from the U.S. National Telecommunications and Information Administration (NTIA).
 
A Bluetooth speaker isn't the first thing you might associate with Aliph--after all, the company is better known for its Bluetooth Jawbone headsets with superb noise reduction. Think of the Jawbone Jambox ($199 as of November 9, 2010) as an extension of what the company's core products provide: This Bluetooth speaker system can connect to a PC or phone, and it delivers pleasing sound and functional speakerphone capabilities that together are a far cry above what most portable devices can achieve.
 
Google today said it will sponsor free Wi-Fi on three major U.S. airlines during the last six weeks of the year to promote its Chrome browser.
 
Comedian and television host Jimmy Kimmel thinks Facebook users have too many 'friends,' and he wants everyone to cull their friend lists on Nov. 17.
 
As the "new normal" of the post-recession economy stretches before us, cloud computing services are become more widely considered and adopted by large mainstream enterprises. Many organizations just last year refused to accept the premise and are now enthusiastic advocates looking forward to a new future of computing flexibility and choice.
 
After having a Facebook page for only a few hours, the Queen of England already has more than 87,000 "likes" from other Facebook users.
 
Windows Phone 7 smartphones went on sale today at AT&T and T-Mobile retailers in the U.S., although customers are not exactly breaking down doors to buy them in the early going.
 
Oracle MySQL 'EXPLAIN' Denial Of Service Vulnerability
 
Oracle MySQL Prior to 5.1.49 Malformed 'BINLOG' Arguments Denial Of Service Vulnerability
 
Oracle MySQL Prior to 5.1.49 'WITH ROLLUP' Denial Of Service Vulnerability
 
Droid Pro, the Android 2.2 smartphone designed largely for business use, will go on sale Nov. 18 for $179.99 after rebate and a two-year agreement with Verizon Wireless.
 
Cisco Vice President of IT John Manville discusses the company's data center makeover strategy, the migration to the company's own Unified Computing System, the benefits of cloud and the new IT organizational structure with Network World Editor in Chief John Dix.
 
Product strategy groups used to be staffed by all-knowing MBAs. Not any more. Here's why your CRM system should be at the hub of product strategy decisions.
 
Marvell on Monday announced a quad-core chip designed for use in servers that could help Arm break into a server market currently dominated by Intel and Advanced Micro Devices.
 
Microsoft unveils Azure blueprints, training and 70 certified hosting providers
 
Seo Panel 2.1.0 - Critical File Disclosure
 
Spree e-commerce JSON Hijacking Vulnerabilities - CVE-2010-3978
 
[ MDVSA-2010:155-1 ] mysql
 
Malware Collections and Feed Exchange
 
Droid Pro, the Android 2.2 smartphone designed largely for business use, will go on sale Nov. 18 for $179.99 after rebate and a two-year agreement with Verizon Wireless.
 
Today's state-of-the-art network security appliances do a great job of keeping the cyber monsters from invading your business. But what do you do when the monster is actually inside the security perimeter? Unfortunately, all of the crosses, garlic, wooden stakes and silver bullets in the world have little effect on today's most nefarious cyber creatures. Here are the top 10 ways your network can be attacked from inside and what you can do to insure your business never has to perform an exorcism on your servers.
 
nSense-2010-003: Cisco Unified Communications Manager
 
CFP: DIMVA 2011 - Detection of Intrusions and Malware & Vulnerability Assessment
 
[ MDVSA-2010:221 ] openoffice.org
 
Mozilla Firefox SeaMonkey and Thunderbird MFSA 2010-49 Multiple Memory-Corruption Vulnerabilities
 
Mozilla Firefox/SeaMonkey/Thunderbird 'designMode' Cross Domain Scripting Vulnerability
 
A fix for Flash Player on Android smartphones is due out Nov. 9.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google
 

GovInfoSecurity.com

McAfee CTO/Public Sector Phyllis Schneck on Future of Infosec Wares
GovInfoSecurity.com
Having their various components interact with each other, Schneck says, the evolving infosec tools are having intelligence built in to recognize abnormal ...

 
Cisco bet big on its UCS products for data centers – and now it's going "all in" with a massive, resilient and green data center built on that integrated blade architecture.
 
Western Digital's My Book series of consumer network-attached storage boxes has a new variant, the My Book Live. With new sharing features--including a file-sharing portal--and great performance, it brings the My Book line up-to-date. Offering 2TB of storage, the My Book Live costs $229 (as of October 28, 2010), about half what you'd pay for similarly performing NAS competitors. (A 1TB version sells for just $169, also a deal.)
 
And your response to it will be career-defining.
 
Jibran Ilyas and Nicholas J. Percoco of Trustwave's SpiderLabs forensics and malware research team talk about malware sophistication and memory dumping techniques.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google
 
Tomaladaca asked the Windows forum for the best way to backup and then restore all of the information in Outlook.
 
SharePoint sites can spread like weeds throughout a company -- creating regulatory and e-discovery risks. It's time to assert some control, without crimping collaboration.
 
Two-thirds of workers in a survey for Cisco said their companies need to improve IT policies; at the same time, 20% of IT professionals said their relationship with employees is "strained and dysfunctional."
 
A security company has developed a free Firefox add-on that warns when someone on the same network is using Firesheep, a tool that has raised alarm over how it simplifies an attack against a long-known weakness in Internet security.
 
The company's Java plans also call for sharing microkernel between app servers
 
Adobe Flash Player CVE-2010-3652 Remote Memory Corruption Vulnerability
 
Adobe Flash Player CVE-2010-3636 Policy File Cross Domain Security Bypass Vulnerability
 
Adobe Flash Player CVE-2010-3650 Remote Memory Corruption Vulnerability
 
Microsoft will likely issue an emergency kit to an unpatched IE flaw after it was added to the Eleonore crimeware kit.
 

Dubai Internet City Official ICT Partner for Middle East's First Black Hat ...
AME Info
The Black Hat briefings are a series of highly technical information security (infosec) conferences that bring together leaders from the corporate and ...

and more »
 
Lotus Connections user CEMEX, a global building supply company, plans to update to Version 3.0 that IBM is introducing today.
 
Security experts expect the divided congress to remain mostly bipartisan on efforts to enact cybersecurity and online privacy measures.
 
New research by Computerworld suggests that IT shops are moving to address mobility issues.
 
Robert Half Technology foresees average salary increases of 3.4% in 2011.
 
When the success of the iPad became apparent, I predicted that Linux-based tablets would quickly give Apple's device a run for its money. I was wrong.
 
The World Equestrian Games in Kentucky presented many difficult challenges, with the whole world watching.
 
Enterprises may resist upgrading to Windows 8 in 2012 so soon after migrating to Windows 7, a Gartner analyst predicts.
 
NASA is eager to move its IT infrastructure to open-source cloud systems over the next 10 to 20 years.
 
When a log indicates that two high-level executives logged into a tool that they shouldn't mess with, it's time to investigate.
 
Mobile data traffic in the U.S. will be 35 times higher in 2014 than it was in 2009, leading to a massive wireless spectrum shortage if the government fails to make more available, the FCC said in a paper released last month.
 
Linux-PAM 'pam_env' and 'pam_mail' Modules Multiple Vulnerabilities
 
Learn how to rescue precious resources from tech's six most notorious money pits
 
monotone Denial Of Service Vulnerability
 
phpCAS CAS Proxy Mode Cross-Site Scripting Vulnerability
 
Being entertained in your home is as big and popular as ever. New TVs are coming out all the time, with features like 3D, better high-definition, and even Internet connectivity. Internet streaming devices let you connect your TV to services like Pandora, Netflix, Hulu and even more. Speaker systems for your iPod and even iPad let you play the music louder than ever before. Here are write-ups of lots of home entertainment devices and options:
 
Now that Election Day is behind us, judgment day nears for David Kernell, the 22-year-old son of a Tennessee politician who was convicted earlier this year of prying into Sarah Palin's personal e-mail account two months before the 2008 presidential election.
 
Sometimes life is random. So is this list. These gift ideas were so rebellious that we couldn’t fit them into a category, so they get the nice title of “miscellaneous”. We also throw our robots in here.
 
If the iPad is the best holiday gift idea this season, then iPad accessories comes in at a close second. There’s so much new stuff out there for the iPad, we decided to give it its own category in the Cool Yule Tools guide this year. From cases to sleeves to keyboards and stands, there’s a bunch of extra stuff that every iPad owner will want in addition to their device.
 
If you’re into gadgets, chances are you carry around a lot of them when you travel. The road warrior uses gadgets as tools and weapons (the figurative kind, not literal), so when it comes time for coming up with gift ideas for them, chances are a new gadget beyond the phone or computer will hit the spot. Here’s a bunch of our favorite weapons for the road warrior:
 
Desktop or notebook – check. Smartphone – check. After that, though, there might be some additional pieces of gear to make your home or office truly productive. Here are our picks for some products that help you create a better home or office.
 
The days of having multiple devices for listening to music or watching movies is basically over – Apple dominates the market so much so that it’s hard to find interesting devices that don’t immediately compare themselves to the iPod or the iPad. So a lot of the gear in the portable entertainment space this year focuses on the headphone space, where we are seeing lots of different choices, designs and styles. Here are our picks for favorites in the portable entertainment space:
 
NTT DoCoMo will begin offering cellular data transmission at up to 10 times the speed of 3G from late December when it switches on the biggest upgrade to its cellular data network in years, it said Monday.
 
There's a long-standing need in wired networks to verify the quality of connectivity of wire, cable, and fiber with appropriate test equipment. But with wireless nets, this requirement extends beyond initial site surveys and occasional troubleshooting.
 
Storage drive vendors have a tough sell to consumers – after all, just hyping storage capacity really isn’t enough anymore. So we’re starting to see things on hard drives like personalized designs, protection features, network connectivity, additional software (both useful and entertaining), and funky formats. Here’s some of our favorite storage devices that we think would make good holiday gifts.
 
InfoSec News: Call for Papers -YSTS V - Security Conference, Brazil: Forwarded from: Luiz Eduardo <le (at) ysts.org>
YSTS 5th Edition
Sao Paulo, Brazil
May 16th, 2011
Call for Papers Opens: November 1st 2010 Call for Papers Close: February 28th 2011 http://www.ysts.org @ystscon
INTRODUCTION
Following the success of previous editions, the 5th edition of the you Sh0t the Sheriff security conference will happen on May, 16th, 2011 in Sao Paulo, Brazil. This is your chance to speak about that cool research you’ve been working on, to those whom matter in the Brazilian Information Security realm.
ABOUT THE CONFERENCE
you Sh0t the Sheriff is a very unique, one-day, event dedicated to bringing cutting edge talks to the top-notch professionals of the Information Security Community in Brazil.
The conference’s main goal is to bring the attendees to the most up-to-date state of the information security world by mixing professionals and topics from different Infosec segments of the market.
yStS is a very exclusive, mostly invite-only security con. Getting a talk accepted, will, not only get you to the event, but after you successfully present your talk, you will receive a challenge-coin that guarantees your entry to yStS for as long as the conference exists.
Due to the great success of the previous years' editions, yes, we're keeping the same format:
* YSTS 5 will be held at an almost secret location only announced to whom it may concern a couple of weeks before the con * the venue will be, most likely, a club or a bar * cool environment to network with great security folks from Brazil and abroad * since it’s a 1 day con with tons of talks, we provide coffee, lunch and an open-bar in the afternoon
CONFERENCE FORMAT
Anything Information Security related is interesting for the conference, although we do not accept commercial/ product-related talks.
Just in case you need some ideas, some of the stuff that would be interesting to us are:
* Operating Systems * Career and Management topics * Mobile Devices/Embedded Systems * Information Security Audit and Control * Social Networking and Search Engine Hacks & Threats * Information Security Policies * Privacy * Messing with Network Protocols * Security from layer 1 through 7 * 802.11 Wireless and any RF related stuff for that matter * Authentication * Crypto * Incident Response & other applicable (and useful) Infosec Policies * Information Warfare * Malware * Botnets * Secure Programming * Hacker Spaces * Application and Protocol Fuzzing * Physical Security * Virtualization * Webapp Security * DataBase Security * "the" Cloud * Cryptography * System Weaknesses * Infrastructure and Critical Systems * Social Engineering * Reverse Engineering * Social Reverse Engineering * Reversing Social Engineering * Caipirinha and Feijoada Hacks * and everything else information security related that our attendees would enjoy
We do like shorter talks, so, please submit your talks and remember they must be 30 minutes long. (yes, we do strictly enforce that)
We’re also opened to some 15-minute talks, some of the smart people around might not need 30 minutes to deliver a message, or it might be a project that has been just kicked-off. 15 minutes might be your thing and that's nothing to be ashamed about.
you Sh0t the Sheriff is the perfect conference to release your new projects, trust us, other people have released cool stuff before they presented it at the big cons. And yes, we do prefer new hot-topics and, yes, "first-time" speakers are more than welcome. If you got good stuff to speak about, that's all that matters.
SPEAKER PRIVILEGES (and, that applies only to the 30 minute-long talks)
* USD 1,000.00 to help covering travel expenses for international speakers * Breakfast, lunch and dinner during conference * Pre-and-post-conference official party (and the unofficial ones as well) * Auditing products in traditional Brazilian barbecue restaurants * Life-time free admission for all future yStS conferences (yes, if you 've spoken before at yStS, you have your free-entry guaranteed, just buy us a beer, ohh, wait, it's free anyways, isn't it?)
CFP IMPORTANT INFO
Each paper submission must include the following information:
* Name, title, address, email and phone/contact number * Short biography and qualification * Speaking experience * Do you need or have a visa to come to Brasil? * Summary or abstract for your presentation * is it a 30 minute or a 15 minute talk? * Technical requirements (others than LCD Projector) * Other publications or conferences where this material has been or will be published/submitted.
VERY IMPORTANT DATES
Final CFP Submission - February 28th, 2011 Final Notification of Acceptance - March 20th, 2011 Final Material Submission for accepted presentations - May 5th, 2011
All submissions must be sent via email, in text format only to: cfp/at/ysts.org
IMPORTANT CONTACT INFORMATION
Paper Submissions: cfp/at/ysts.org General Inquiries: b0ard/at/ysts.org Sponsorship Inquiries: sponsors/at/ysts.org
OTHER STUFF
website www.ysts.org video channel http://ysts.blip.tv/ twitter @ystscon official twitter hashtag #ysts
We hope to see you there!
Luiz Eduardo & Nelson Murilo & Willian Caprino http://www.ysts.org
 
InfoSec News: PHP Attack Hits GoDaddy-Hosted Sites Again: http://www.eweek.com/c/a/Security/PHP-Attack-Hits-GoDaddy-Hosted-Sites-Again-716108/
By Fahmida Y. Rashid eWEEK.com 2010-11-05
In a recurring pattern, GoDaddy-hosted sites running PHP applications may be under attack again as hackers inject malicious code onto their sites. [...]
 
InfoSec News: A Different Spin On Sleuthing Stuxnet: http://www.darkreading.com/insiderthreat/security/attacks/showArticle.jhtml?articleID=228200330
By Kelly Jackson Higgins DarkReading Nov 05, 2010
Conspiracy theories have run rampant ever since the Stuxnet worm was discovered this year, with speculation ranging from an inside job at [...]
 
InfoSec News: U.S. Workers Are on Alert After Breach of Data: http://www.nytimes.com/2010/11/07/us/07breach.html
By Ashley Southall The New York Times November 6, 2010
WASHINGTON -- Federal workers at the General Services Administration are on alert against identity theft after an employee sent the names and [...]
 
InfoSec News: Report: Sprint rejected Huawei, ZTE for security concerns: http://www.computerworld.com/s/article/9195278/Report_Sprint_rejected_Huawei_ZTE_for_security_concerns
By Stephen Lawson IDG News Service November 5, 2010
Sprint Nextel turned down bids from ZTE and Huawei Technologies because of U.S. government concerns over possible dangers to national security from the Chinese vendors building critical infrastructure in the U.S., the Wall Street Journal reported on Friday.
Sprint, the nation's third-largest mobile operator, rejected ZTE and Huawei's bids to modernize its network even though they were lower than those of three rival companies, the Journal reported. The other bidders were Ericsson of Sweden, Samsung Electronics of South Korea and Alcatel-Lucent, which is based in Paris and incorporates the former U.S. telecom vendor Lucent.
[...]
 

Posted by InfoSec News on Nov 07

Forwarded from: Luiz Eduardo <le (at) ysts.org>

YSTS 5th Edition

Sao Paulo, Brazil

May 16th, 2011

Call for Papers Opens: November 1st 2010
Call for Papers Close: February 28th 2011
http://www.ysts.org
@ystscon

INTRODUCTION

Following the success of previous editions, the 5th edition of the you
Sh0t the Sheriff security conference will happen on May, 16th, 2011 in
Sao Paulo, Brazil. This is your chance to speak about that cool...
 

Posted by InfoSec News on Nov 07

http://www.eweek.com/c/a/Security/PHP-Attack-Hits-GoDaddy-Hosted-Sites-Again-716108/

By Fahmida Y. Rashid
eWEEK.com
2010-11-05

In a recurring pattern, GoDaddy-hosted sites running PHP applications
may be under attack again as hackers inject malicious code onto their
sites.

Web administrators who host their domains on GoDaddy should check their
source code again for rogue code that downloads malware, according to a
security research firm....
 

Posted by InfoSec News on Nov 07

http://www.darkreading.com/insiderthreat/security/attacks/showArticle.jhtml?articleID=228200330

By Kelly Jackson Higgins
DarkReading
Nov 05, 2010

Conspiracy theories have run rampant ever since the Stuxnet worm was
discovered this year, with speculation ranging from an inside job at
Siemens to a nation state-sponsored targeted attack against Iran's
nuclear operations. But what still doesn't add up with any of these
scenarios is how Stuxnet...
 

Posted by InfoSec News on Nov 07

http://www.nytimes.com/2010/11/07/us/07breach.html

By Ashley Southall
The New York Times
November 6, 2010

WASHINGTON -- Federal workers at the General Services Administration are
on alert against identity theft after an employee sent the names and
Social Security numbers of the agency’s entire staff to a private e-mail
address.

The agency, which manages federal property, employs more than 12,000
people. Officials apologized to employees...
 

Posted by InfoSec News on Nov 07

http://www.computerworld.com/s/article/9195278/Report_Sprint_rejected_Huawei_ZTE_for_security_concerns

By Stephen Lawson
IDG News Service
November 5, 2010

Sprint Nextel turned down bids from ZTE and Huawei Technologies because
of U.S. government concerns over possible dangers to national security
from the Chinese vendors building critical infrastructure in the U.S.,
the Wall Street Journal reported on Friday.

Sprint, the nation's...
 


Internet Storm Center Infocon Status