Hackin9

InfoSec News

Supercomputer company Cray has created a new division that will sell big-data systems, the company has announced. The division will market its offerings to large enterprises, which will be a new kind of client for the company.
 
Windows 8 on ARM, dubbed WOA by Microsoft, could offer a big 'Whoa!' moment for workers wanting to run Microsoft Excel, PowerPoint and other Office apps on a touchscreen tablet.
 
Gibbs is thinking about the NeuroSky MindWave
 
Oracle MySQL CVE-2011-2262 Remote MySQL Server Vulnerability
 
Oracle MySQL CVE-2012-0113 Remote MySQL Server Vulnerability
 
Cloudscaling plans to introduce on Monday an OpenStack-based platform that enterprises can use to build private clouds.
 
Yet again another automotive website has come under attack from hackers who have left it defaced. The attack comes from Latinhackteam and has targeted the Peru based toyota site. toyotaperu.com.pe.


 
Anonymous has released a video that is directed towards ISraeli government and the claimed actions they take, This is adding huge fuel to the already on going middle easy cyber war that we have been watching erupt over the past few weeks.


 
Google is planning to enter the home entertainment market with a Google-branded wireless device that streams music within a house, according to the Wall Street Journal.
 
The former owner of two Illinois technology companies was sentenced to 30 months in prison for participating in a conspiracy to defraud a U.S. Federal Communications Commission program to help schools and libraries in poor areas connect to the Internet, the U.S. Department of Justice said.
 
Microsoft has released technical design details about the new version of Windows for devices that use ARM chips, outlining in a lengthy blog post different ways in which this OS, called WOA and still in the works, will be alike and different from existing versions of Windows.
 
The New York Attorney General settled an antitrust case it brought against Intel in 2009, the chip maker announced on Thursday.
 
Microsoft today said it would deliver nine security updates next week, four of them critical, to patch 21 vulnerabilities in Windows, Internet Explorer (IE), Office, .Net and Silverlight.
 
Product review site NextAdvisor.com now offers rankings of cloud storage services.
 
As patent infringement lawsuits continue to pile up in the mobile industry, Google, Apple and Microsoft appear to be trying individually to reassure regulators and standards bodies that they won't use their patents to build a monopoly, experts said.
 
Microsoft plans to fix coding errors in Internet Explorer, .NET Silverlight and Microsoft Office.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google
 
Apple will introduce a new iPad the first full week of March, and will start selling it the following week, according to reports and industry analyst expectations.
 
The founder of several Muslim jihad websites has pleaded guilty to three charges related to making online threats, including threatening the writers of the television show "South Park," the U.S. Department of Justice said.
 
Sony's new CEO says the company needs to move on from its hardware roots.
 
Google is at odds with Apple, Microsoft and Cisco over the licensing and litigation of patents. While Google wants to make the most of patents it will receive if its acquisition of Motorola is approved, the others want to change the way so-called essential patents are licensed.
 
While organizations focus on mobile security and other emerging threats, an analysis of more than 2,000 penetration tests conducted by Trustwave found older threats often overlooked.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google
 
Oracle MySQL Server CVE-2012-0492 Remote MySQL Server Vulnerability
 
[Suspected Spam] eFront Community++ v3.6.10 - Multiple Web Vulnerabilities
 
[SECURITY] CVE-2011-4367 Apache MyFaces information disclosure vulnerability
 
The FBI today made public a background probe of Steve Jobs conducted in 1991, when he was being considered by the George H. W. Bush administration for a spot on the President's Export Council.
 
Raspberry Pi Foundation's $25 PC will become available by the end of this month, and buyers hope it could fill in as a low-power desktop, while being an alternative to the more expensive open-source hardware.
 
A computer Trojan that targets online banking users is evolving and spreading rapidly because its creators have adopted an open-source development model, according to researchers from cyberthreat management firm Seculert.
 
Thanks to 4G LTE technology, the global market for mobile communications gear will grow 17% in 2012, according to IHS, formerly iSuppli.
 
Hitachi GST announced the Ultrastar SSD400S.B, which uses high-endurance SLC NAND flash memory to create an enterprise-class drive that also comes with native encryption.
 
Oracle is buying cloud-based talent management and employee recruitment software vendor Taleo for roughly $1.9 billion, the company announced Thursday. The move comes shortly after SAP's move to acquire SuccessFactors, a close competitor of Taleo, for $3.4 billion in a deal that has yet to close.
 
[ MDVSA-2012:015 ] wireshark
 
[SECURITY] [DSA 2407-1] cvs security update
 

Sci-Tech Today

Source code for Symantec's pcAnywhere published after failed extortion attempt
Infosecurity Magazine (US)
Symantec has confirmed that sample source code provided by the hacker known as YamaTough to Infosec Island is genuine Norton AV source code from the 2006 version of its product. As yet, little else is known. Malware in Android apps is a growing concern ...
Anonymous publishes email exchange with Symantec over $50K payoffDigitaltrends.com

all 47 news articles »
 
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
Google's long-rumored GDrive that would let you upload and store files to its servers and be able to access them from anywhere you have an Internet connection may finally be close to launching in the coming weeks as a more cheaply priced Dropbox rival.
 
Oracle is buying cloud-based talent management and employee recruitment software vendor Taleo for roughly US$1.9 billion, the company announced Thursday. The move comes shortly after SAP's move to acquire SuccessFactors, a close competitor of Taleo, for US$3.4 billion in a deal that has yet to close.
 
A high-ranking federal official and aviation industry leaders called on Wednesday for rules to prevent future interference with GPS, looking beyond a proposal by would-be hybrid mobile operator LightSquared that may be doomed by broad opposition.
 
BASE 'base_qry_main.php' SQL Injection Vulnerability
 
Foswiki Multiple HTML Injection Vulnerabilities
 
EPiServer CMS Cross Site Scripting and Security Bypass Vulnerabilities
 
The growing importance of reliable applications in the enterprise has opened a lucrative market opportunity for application performance management vendors, some of which have taken full advantage lately.
 
Lenovo's profit in its fiscal third quarter ended Dec. 31 grew 54% year-over-year, as the company saw growth in many key markets.
 
Hackers claimed to have stolen internal data from Apple supplier Foxconn, and leaked the information online, in response to media reports of poor working conditions at the electronics manufacturer's factories in China.
 
This new appliance from Microsoft and HP can bring in all database instances from around the network and host them in a fault-tolerant device with lots of features -- and a hefty pricetag. Insider (registration required)
 
Growth in India's exports of IT services, business process outsourcing and related services is forecast to drop to 11 to 14 percent in the Indian fiscal year to March 31, 2013 from an estimated 16.3 percent in the current fiscal year, the National Association of Software and Services Companies (Nasscom) said.
 
The changes Samsung Electronics has made to the Galaxy Tab 10.1N are enough to no longer infringe on Apple's intellectual property rights, a judge at the district court in DA1/4sseldorf, Germany, decided on Thursday.
 
Telemedicine has been around since the 1990s, but psychiatrists say it's increasingly used to treat remote patients as technology and security improves, and prices drop.
 
Once again the united nations have become the target of hackers and have ended up on the bad end and had more data and vunerable links leaked.


 
Saadi and Hax.r00t have been defacing many sites recently and sadly we have missed many of them. Earlier we published four other sites that have been hit by them and now comes a big government site for Bangladesh.


 
The twitter account @OccupyAllSt has announced the hack on twitter which has been dumped on pastebin. The hack has resulted in some minor data being leaked from the server. The attack which has been labelled part of OpNigeria shows that this operation is far from finished.


 
A hacker using the handle 34GL3_3Y3 and flys under the Bangladesh Cyber Army flag as well as dumped yet another huge list of hacked and defaced websites.


 

Posted by InfoSec News on Feb 09

http://www.wired.com/threatlevel/2012/02/home-cameras-exposed/

By Kim Zetter
Threat Level
Wired.com
February 7, 2012

A flaw in home security cameras made by Trendnet potentially exposed
thousands of customers to hackers who could access the live video feeds
without a password.

The vulnerability was discovered by a blogger who uses the name
“someLuser” and who posted details of the flaw in January, describing
how he was able to find...
 

Posted by InfoSec News on Feb 09

http://www.nextgov.com/nextgov/ng_20120208_5377.php

By Aliya Sternstein
Nextgov
02/08/2012

Military program managers whose operations are vaguely associated with
computer networks could reposition their programs as being critical to
cybersecurity to tap into one of the few untouched defense accounts and
boost their own funding odds, some budget experts predict.

Defense Secretary Leon Panetta in January rewrote the nation's military...
 

Posted by InfoSec News on Feb 09

http://www.darkreading.com/advanced-threats/167901091/security/client-security/232600511/factory-outlets-selling-stolen-facebook-twitter-credentials-at-discount-rates.html

By Kelly Jackson Higgins
Dark Reading
Feb 08, 2012

Stealing credentials via Trojans like Zeus and SpyEye has become so
simple and prevalent that cybercriminals are finding themselves with a
surplus: Two cybercrime gangs are now advertising bulk-rate Facebook,
Twitter, and...
 

Posted by InfoSec News on Feb 09

http://www.haaretz.com/print-edition/news/bashar-assad-emails-leaked-tips-for-abc-interview-revealed-1.411445

By Barak Ravid
07.02.12
Haaretz.com

Hundreds of emails from Syrian President Bashar Assad's office were
leaked on Monday after an attack by the hacker group Anonymous. One of
the email files, which Haaretz has obtained, was a document preparing
Assad for his December 2011 interview with ABC's Barbara Walters.

The attack...
 

Posted by InfoSec News on Feb 09

http://www.computerworld.com/s/article/9224082/Trustwave_admits_issuing_man_in_the_middle_digital_certificate_Mozilla_debates_punishment

By Lucian Constantin
IDG News Service
February 8, 2012

Digital Certificate Authority (CA) Trustwave revealed that it has issued
a digital certificate that enabled an unnamed private company to spy on
SSL-protected connections within its corporate network, an action that
prompted the Mozilla community to...
 

Posted by InfoSec News on Feb 09

http://www.zdnet.co.uk/news/security-threats/2012/02/08/mod-unfazed-by-satellite-phone-encryption-crack-40095002/

By Tom Espiner
ZDNet UK
8 February, 2012

The Ministry of Defence has said a satellite phone encryption crack by
researchers will not affect UK military use of satellite phones.

The crack of the A5-GMR-1 and A5-GMR-2 encryption algorithms will not
affect military operations, the Ministry of Defence (MoD) told ZDNet UK
on...
 

Posted by InfoSec News on Feb 09

http://www.appleinsider.com/articles/12/02/09/alleged_foxconn_hack_allowed_bogus_orders_to_be_placed_for_vendors.html

By Josh Ong
Apple Insider
February 9, 2012

A "Greyhat" hacking group announced this week that it had successfully
hacked contract manufacturer Foxconn and released usernames and
passwords for vendors that could be used to place fraudulent orders for
companies like Apple and Microsoft.

Swagg Security published a...
 

Anonymous hacks into 78 Syrian government email accounts
The Verge
#LulzFin #InfoSec That's sadly worse than using password as your password. bad choice of actions on the part of anonymous. just because somebody leaves their door unlocked does not give you the right to go inside and move their furniture to the lawn.

and more »
 
Once again an automobile company has come under the sights of hackers and has turned up as a victim to. the website www.fiat-india.com is the india based website for automobile giant fiat, who is not so giant these days. The defacing has left a new news article and uploaded a document which can both been [...]


 
A hacker who is part of ZHC, ZCompany Hacking Crew going by the handle of Neopn Seven has leaked credit card details and left a bunch of UN resolutions for people to revise to get an understanding.


 
Yesterday, we got word from @SwaggSec that they had hacked and leaked a huge amount of information from a well known electronic manufacturer that works with many big names.


 
Internet Storm Center Infocon Status