(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

After attacks, Kenya takes 100 government websites offline
MIS Asia
"There's a really frosty relationship with some government institutions when it comes to working with the Infosec community because they feel the community is exposing their incompetence," added Kamau. "However, ICTA is working with local security ...

and more »

On Monday, Home Depot confirmed that thieves compromised the payment systems in its stores in the US and Canada and stole credit- and debit-card data.

The theft likely began in April and used unspecified malware, but it may not have compromised the PINs used to secure debit cards, the company said in a statement. The home-supply retailer has not yet determined how many cards were breached, but the thieves had as many as six months in the company's systems. Comparatively, the malware-enabled theft of card data from retail giant Target resulted in the compromise of 40 million credit- and debit-card accounts and occurred in just over three weeks, albeit during the peak shopping season.

Home Depot's Chairman and CEO Frank Blake apologized to customers on Monday.

Read 5 remaining paragraphs | Comments

Ruby on Rails CookieStore Session Cookie Persistence Security Vulnerability

After attacks, Kenya takes 100 government websites offline
CSO Magazine
"There's a really frosty relationship with some government institutions when it comes to working with the Infosec community because they feel the community is exposing their incompetence," added Kamau. "However, ICTA is working with local security ...

and more »
Digital evidence, one of the fastest growing areas of forensic science, will now have its own subcommittee in the National Institute of Standards and Technology (NIST)-administered Organization of Scientific Area Committees (OSAC). NIST ...
GNU glibc 'getaddrinfo()' CVE-2013-4357 Remote Denial of Service Vulnerability
LinuxSecurity.com: Updated squid packages fix security vulnerability: Matthew Daley discovered that Squid 3 did not properly perform input validation in request parsing. A remote attacker could send crafted Range requests to cause a denial of service (CVE-2014-3609). [More...]
LinuxSecurity.com: Updated libgcrypt packages fix security vulnerability: The libgcrypt library before version 1.5.4 is vulnerable to an ELGAMAL side-channel attack (CVE-2014-5270). [More...] _______________________________________________________________________

Nearly a week after female celebrities’ nude photos were stolen and shared across the Internet, reddit has banned the subreddit that helped to distribute them.

The reddit group /r/TheFappening and related subreddits were banned on Saturday night after reddit CEO Yishan Wong posted a blog titled “Every Man Is Responsible For His Own Soul.” The blog explained why the company is unlikely to make changes to its policies because of one incident.

In an update to the blog post, Wong wrote that the subreddit was banned because it violated rules unrelated to being a center for people to access stolen nude photos of female celebrities. He wrote that he disagrees with the distribution of stolen images, yet believes that reddit is a place for people to distribute media (and in this case, stolen nude photos):

Read 3 remaining paragraphs | Comments

LinuxSecurity.com: USN-2306-1 introduced a regression in the GNU C Library.
LinuxSecurity.com: Updated python-django packages fix security vulnerabilities: These releases address an issue with reverse() generating external URLs (CVE-2014-0480); a denial of service involving file uploads (CVE-2014-0481); a potential session hijacking issue in the remote-user [More...]
LinuxSecurity.com: Updated ppp packages fix security vulnerability: A vulnerability in ppp before 2.4.7 may enable an unprivileged attacker to access privileged options (CVE-2014-3158). [More...] _______________________________________________________________________
CVE-2014-5392 XML eXternal Entity (XXE) in "JobScheduler"
CVE-2014-5391 DOM-based Cross-Site Scripting (XSS) in "JobScheduler"
CVE-2014-5393 Path Traversal to Sensitive Files in Webroot in "JobScheduler"

ITWeb Africa

Infosec fact and fiction
ITWeb Africa
Information security is littered with misconceptions and exaggerations. Too often there is little understanding about the threats out there, and risk perspective is based on erroneous information, resulting in people emphasising the wrong facts and ...

[security bulletin] HPSBUX03102 SSRT101681 rev.1 - HP-UX Apache Server Suite running Apache Tomcat or PHP, Remote Execution of Arbitrary Code and Denial of Service (DoS) and Other Vulnerabilities
[ MDVSA-2014:179 ] python-django
[ MDVSA-2014:178 ] ppp

AccessData and HP Extend Incident Response Services in the Wake of ...
"HP chose ResolutionOne for its seamless integration into infosec environments, SIEM interoperability and threat feed consumption capabilities for collective intelligence, automated detection, analysis and resolution." "AccessData carries proven and ...

and more »
apache tomcat cookie handling problem - characters out of 0x80 - 0xff causing internal server error
t2â??14 Challenge to be released 2014-09-13 10:00 EEST
[ MDVSA-2014:177 ] squid
[ MDVSA-2014:176 ] libgcrypt

Posted by InfoSec News on Sep 08


By William Knowles @c4i
Senior Editor
InfoSec News
September 5, 2014

San Diego based Bartell Hotels has released a statement detailing a data
security incident which occurred between February 16, 2014 and May 13,
2014 that may involve certain credit card data, including credit card
numbers, and other personally identifiable information.

The payment card systems at...
[SECURITY] [DSA 3019-1] procmail security update
Uninit memory disclosure via truncated images in Firefox

Posted by InfoSec News on Sep 08


By Robert Lemos
Ars Technica
Sept 7 2014

In late May, an international law enforcement effort disrupted the
Gameover Zeus (GoZ) botnet, a network of compromised computers used for
banking fraud.

The operation also hobbled a secondary, but equally important
cyber-criminal operation: the Cryptolocker ransomware campaign, which used
a program...

Posted by InfoSec News on Sep 08


The Yomiuri Shimbun
September 03, 2014

A flight-tracking app known as “Flightradar 24” has been revealing flight
data of government aircraft online for some time, The Yomiuri Shimbun has

Government aircraft, also known as Japanese Air Force One, are used to
transport the prime minister and senior government officials for overseas
visits. As part of counterterrorism measures,...

Posted by InfoSec News on Sep 08


By Bryan Bender
SEPTEMBER 07, 2014

WASHINGTON — The anonymous employee wrote to complain that a high-ranking
official “is frequently MIA,” or missing in action.

“We never know if he is coming or not,” the underling wrote. “He
frequently leaves work in the middle of...
Internet Storm Center Infocon Status