Share |

InfoSec News


Optus offers Google Apps for business
ZDNet Australia
#infosec RT @darrenpauli: ASIO creates a cyber espionage unit http://bit.ly/hjesu4 It won't help the hacked, but it watch on with excitement. #infosec "Bradlow suggests differentiated classes of service on mobile networks will be inevitable at some ...

and more »
 
Apple's Safari and Microsoft's Internet Explorer (IE) both fell to the first hackers who tried their luck on the browsers at Wednesday's opening day of Pwn2Own.
 
Verizon on Wednesday said that it filed a lawsuit this week against a group of people and related companies that it alleges duped people into signing up and getting charged for premium short message services.
 
An official Windows Phone blog in French says that the first substantial update for Windows Phone devices may not come until the end of the month, a week or two later than expected.
 
The new Firefox browser will feature a radically redesigned interface as well as new privacy controls
 
NetApp announced today that it has entered into an agreement to purchase LSI's external storage systems business, Engenio, for $480 million.
 
A House subcommittee votes to kill net neutrality rules.
 
Verizon on Wednesday said that it filed a lawsuit this week against a group of people and related companies that it alleges duped people into signing up and getting charged for premium short message services.
 
Netgear's 4-port gigabit, simultaneous dual-band WNDR3700 Wi-Fi router proved a joy to use. It was stable and glitch-free, with easy media serving. However, bliss only commenced after setup and configuration.
 
vsftpd FTP Server 'ls.c' Remote Denial of Service Vulnerability
 
Included in this Patch Tuesday is a Forefront update KB2508823[1] (Client Version: 1.5.1996.0).


We have received a number of reports that the KB2508823 update fails during the install. Once the update fails, the existing Forefront client is also removed. This leaves the machine without any anti-malware protection.
We recommend you hold off deploying the update until confirmation from Microsoft.
Microsoft have posted a similar warning here:

http://blogs.technet.com/b/clientsecurity/archive/2011/03/08/fcs-v1-march-2011-update.aspx
[1] http://support.microsoft.com/kb/2508823

Chris Mohan (c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
 
Apple today released iOS 4.3, an upgrade for its iPhone and iPad operating system, pushing the update to users two days early.
 
WebKit CVE-2011-0156 Unspecified Memory Corruption Vulnerability
 
WebKit CVE-2011-0154 Javascript 'sort()' Method Memory Corruption Vulnerability
 
The non-profit white hat website, abuse.ch, attempts to detect and list malicious IP addresses hosting botnet command-and-control servers. But its success has put it in the crosshairs of cybercriminals.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google
 
Facebook plans to use its entry into movie rentals with Warner Bros. Entertainment as another tactic to compete with Google, analysts said.
 
WebKit CVE-2011-0138 Unspecified Memory Corruption Vulnerability
 
WebKit CVE-2011-0134 Unspecified Memory Corruption Vulnerability
 
WebKit CVE-2011-0136 Unspecified Memory Corruption Vulnerability
 
Apple today patched a record 62 vulnerabilities in Safari 5, updating the Mac and Windows browser to version 5.0.4.
 
If you feel you are a lost cause at setting up and operating the latest tablets and smartphones, you aren't alone.
 
A do-not-track bill in Congress would hurt e-commerce, a trade group says.
 
WebKit CVE-2011-0165 Unspecified Memory Corruption Vulnerability
 
The Pwn2Own contest by HP Tipping Point held at CanSecWest each year has a new sponsor this year. Google.
Google has offered up a bounty for breaking into Google Chrome. As a seemingly direct defensive measure to prevent a big pay out, Google has published updates the day before the competition kicks off that fix numerous problems.
Yesterday, Google published 23 updates for the Chrome browser. 15 of them were rated high by Google. So get those browers patched!
http://googlechromereleases.blogspot.com/2011/03/chrome-stable-release.html
The nice part is Credit and Cash go to the individuals that report and assist with patch development.
--

Kevin Shortt

ISC Handler on Duty (c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
 

GovInfoSecurity.com

Naval Academy to Require Infosec Courses
GovInfoSecurity.com
The United States Naval Academy is revising its core curriculum and will require midshipmen, beginning with the incoming freshman class entering Annapolis this summer, to take at least two cybersecurity courses during their four years at the school. ...

and more »
 
Apple today released iOS 4.3, an upgrade for its iPhone and iPad operating system, pushing the update to users two days early.
 
VeriFone today released an open letter charging that the free Square payment card reader could poses potential serious security problems for consumers.
 
My initial impression of the AVADirect Clevo P151HM all-purpose laptop, with its unassuming, matte-black exterior and hefty size, wasn't entirely positive: I'm no fan of bulky, nearly 9-pound (with power brick) 15-inch laptops--I've seen lighter 17-inch units. But as I used the P151HM more, my attitude definitely softened. Some users certainly will love this laptop, despite its bulk. Although I wouldn't want to lug it around, that extra weight has been put to good use.
 
Gibbs looks for trends and performance in social media
 
Google will start a public test of a new Gmail feature that will automatically label certain types of mass and automated e-mail so that users can more easily recognize and assign proper priority to them.
 
Microsoft rolls out a local help viewer for Visual Studio 2010 and integrates Project Server with Team Foundation Server to enable teams to work more effectively,
 
Database vendor Ingres is targeting public and private clouds, announcing three managed services for application development, storage and analytics.
 
SAP AG has deployed 3,500 Apple iPads globally, mainly for software developers and sales execs who use them for real-time access to vital BI data, SAP CIO Oliver Bussmann said in an interview Wednesday.
 
JP Morgan Chase is leading an effort of top U.S. companies to hire military personnel after they leave active duty.
 
Microsoft today announced it would launch Internet Explorer 9 (IE9) on Monday, March 14.
 
Progressive Medical Inc. began a move to agile methodology more than a year ago and realized an almost immediate improvement in development time.
 
The NASA space shuttle Discovery touched down for the last time this morning after completing its final mission.
 
Fusion-io, a maker of NAND flash memory cards for servers, announced today it is seeking to raise $150 million in an initial public offering.
 
Novatel Wireless MiFi 2352 Password Information Disclosure Vulnerability
 
Some readers from Montreal, Canada wrote in about a problem with AVG Anti-Virus 2011 Free Edition 10.0.1024. The issue is with the all PDF's being quarantined and marked as infected by Luhe.Exploit.PDF.B.


It has been reported and noted on the above AVG Forum that an affected version is the following:

AVG Anti-virus 2011 Free Edition 10.0.1204, virus database version 1497/3490





The following url is a conversation on the issue:

http://forums.avg.com/ww-en/avg-free-forum?sec=threadact=showid=151679where

This seems to be a bug in the definition for Luhe.Exploit.PDF.B. This does not mean other versions of AVG aren't impacted as well. Please check your version and verify with AVG. The current version of the virus database as of writing this diary is 3494 and was released today. I have no confirmed report that the problem has been resolved yet AVG was aware and working on it.

Please share what you're seeing and update the readers.

Thanks goes to Heber and Tomas for sending in the information to get it out there.

UPDATE:
AVG has responded to the issue and a new virus database was released earlier today.





http://forums.avg.com/ww-en/avg-free-forum?sec=threadact=showid=151987#post_151987



...a virus database update removing the Re:Luhe.Exploit.PDF.xfalse alarm (wherexstands forB,C,D,E,H) has been released on 2011-03-08 21:16:44 CET.


--
Kevin Shortt
ISC Handler on Duty
(c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
 
Leslie Valiant, a versatile computer scientist at Harvard University whose work has influenced everything from artificial intelligence to distributed computing, has been named the winner of the 2010 A.M. Turing Award.
 
The U.S. Senate passes an overhaul of the U.S. patent system.
 
RecordPress Multiple Vulnerabilities
 
[USN-1086-1] Linux kernel (EC2) vulnerabilities
 
NSOADV-2011-003: Majordomo2 'help' Command Directory Traversal (Patch Bypass)
 
ProFTPD 'mod_sftp' Module Integer Overflow Vulnerability
 
AthCon 2011 Announcement
 
The newest specs for HTML forms give programmers more control over data input and validation, while offloading much of the work to the browsers
 
Bob Bragdon says the RSA show displayed industry progress in more ways than one
 

SANS gets ready for Amsterdam
PRLog.Org (press release)
SANS Secure Europe, one of the region's largest infosec training events is returning to Amsterdam's Radisson Blu Hotel from 9th-21st May with 2 weeks of technical, hands-on and in-depth information security courses across a wide range of disciplines. ...

and more »
 
SAP strengthened its eager embrace of in-memory computing today, announcing plans for a series of applications that include programs it calls previously 'unimaginable' as well as some that overhaul existing software.
 
Cisco Systems plans to collaborate rather than compete with IT services providers.
 
The average organizational cost of a data breach increased 5% over 2009 to $7.2 million, according to a Ponemon Institute report issued today.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google
 
InfoSec News: Naval Academy adds cybersecurity courses: http://www.hometownannapolis.com/news/nav/2011/03/08-21/Naval-Academy-adds-cybersecurity-courses.html
By EARL KELLY Staff Writer Capital Gazette Communications 03/08/11
In its first significant change to the core curriculum in 10 years, the Naval Academy is adding two mandatory cybersecurity courses aimed at preparing junior officers for today's warfare, academy officials said yesterday.
The first course will be required next spring for freshmen, or plebes, in the Class of 2015, Academic Dean Andrew Phillips told the school's civilian oversight board during its meeting in Annapolis.
The second required course will start during the Class of 2015's junior year.
The plebe course will focus on recognizing cyber risks and threats, Phillips said.
[...]
 
InfoSec News: [HITB-Announce] HITB Magazine Call for Articles: Forwarded from: Hafez Kamal <aphesz (at) hackinthebox.org>
HITB Magazine is currently seeking submissions for our next issue. If you have something interesting to write, please drop us an email at: editorial at hackinthebox.org
TOPICS
Topics of interest include, but are not limited to the following:
* New Attack and Defense Techniques * Reverse Code Engineering * Network Security * Forensics and Incident Response * WLAN, GPS, HAM Radio, Satellite, RFID and Bluetooth Security * Cryptography * Hardware Hacking * Malware Analysis * Lock Picking / Physical Security
HITB Magazine is a deep-knowledge technical magazine. Articles that are more technical or that discuss new and never before seen attack methods are of more interest than a subject that has been covered several times before. Please send your article to editorial () hackinthebox org
Submissions for issue #6 due no later than 5th of April 2011 Tel: +603-20394724 Fax: +603-20318359
 
InfoSec News: How N.Korean Hackers Could Inflict Maximum Damage: http://english.chosun.com/site/data/html_dir/2011/03/09/2011030900429.html
chosun.com Mar. 09, 2011
Friday's GPS jamming and cyber attacks, which are suspected to be the work of North Korea, have led to a flood of speculation among experts about possible future provocations by the North. [...]
 
InfoSec News: Anonymous probed for hack threat against WikiLeaker captors: http://www.theregister.co.uk/2011/03/08/anonymous_investigated/
By Dan Goodin in San Francisco The Register 8th March 2011
The Pentagon has asked for an investigation into threats made by the Anonymous hacking collective against officials at Quantico, the Marine [...]
 
InfoSec News: Why Pwn2Own doesn't target Linux: http://blog.internetnews.com/skerner/2011/03/why-pwn2own-doesnt-target-linu.html
By Sean Michael Kerner Netstat -vat Internetnews.com March 8, 2011
From the 'Hack Me' files:
The annual Pwn2Own hacking challenge kicks off today, pitting security [...]
 
InfoSec News: Malware Attacks Decline In SCADA, Industrial Control Systems, Report Says: http://www.darkreading.com/insider-threat/167801100/security/attacks-breaches/229300509/malware-attacks-decline-in-scada-industrial-control-systems-report-says.html
By Kelly Jackson Higgins Darkreading March 07, 2011
Malware accounts for close to one-third of all real-world industrial [...]
 
InfoSec News: Hacking of DuPont, J&J, GE Were Undisclosed Google-Type Attacks: http://www.businessweek.com/news/2011-03-08/hacking-of-dupont-j-j-ge-were-undisclosed-google-type-attacks.html
By Michael Riley and Sara Forden Bloomberg March 08, 2011
The FBI broke the news to executives at DuPont Co. late last year that hackers had cracked the company’s computer networks for the second time in 12 months, according to a confidential Dec. 9, 2010, e-mail discussing the investigation.
About a year earlier, DuPont had been hit by the same China- based hackers who struck Google Inc. and unlike Google, DuPont kept the intrusion secret, internal e-mails from cyber-security firm HBGary Inc. show. As DuPont probed the incidents, executives concluded they were the target of a campaign of industrial spying, the e-mails show.
The attacks on DuPont and on more than a dozen other companies are discussed in about 60,000 confidential e-mails that HBGary, hired by some of targeted businesses, said were stolen from it on Feb. 6 and posted on the Internet by a group of hacker-activists known as Anonymous. The companies attacked include Walt Disney Co., Sony Corp., Johnson & Johnson, and GE, the e-mails show.
The incidents described in the stolen e-mails portray industrial espionage by hackers based in China, Russia and other countries. U.S. law enforcement agencies say the attacks have intensified in number and scope over the past two years.
[...]
 
Linux Kernel Reliable Datagram Sockets 'rds_cmsg_rdma_args()' Local Integer Overflow Vulnerability
 

Assuming the Best and Worst of the Infosec Practitioners
GovInfoSecurity.com (blog)
One would figure that the thousands of people roaming the cavernous floor filled with hundreds of vendor booths at last month's RSA2011 conference would mostly be IT security practitioners interested in buying IT security wares. ...

and more »
 

Westfield Insurance Launches eBook Guide to Information Security
PR-USA.net (press release)
The eBook is available as a free download through Westfield's online media room at http://www.westfieldinsurance.com/mediaroom/infosec/. It provides tips on protection from security exposures such as spamming, tailgating and password hacking. ...

and more »
 
On Tuesday, Apple shipped its first Java update for the Mac OS since last fall, when it also disclosed plans to 'deprecate' the Java runtime in Leopard and Snow Leopard.
 
An attractive application of Hadoop and other Big Data technologies is to analyze users' social activities, sometimes without their express knowledge
 
Like smartphones, Bluetooth headsets now offer style, features and their own apps. We tested five of the latest models.
 
A new round of antivirus testing found some products fail to detect malware that tries to infect a computer via a different attack vector, such as through a local network fileshare or a USB drive.
 
Despite developer concerns, the company sees variation as a benefit because it allows for customization of devices
 

Posted by InfoSec News on Mar 09

http://english.chosun.com/site/data/html_dir/2011/03/09/2011030900429.html

chosun.com
Mar. 09, 2011

Friday's GPS jamming and cyber attacks, which are suspected to be the
work of North Korea, have led to a flood of speculation among experts
about possible future provocations by the North. Some now fear that it
could resort simultaneous cyber attacks against South Korean power,
traffic, communication, military and other state infrastructure....
 

Posted by InfoSec News on Mar 09

http://www.theregister.co.uk/2011/03/08/anonymous_investigated/

By Dan Goodin in San Francisco
The Register
8th March 2011

The Pentagon has asked for an investigation into threats made by the
Anonymous hacking collective against officials at Quantico, the Marine
brig that is holding accused WikiLeaker Pfc. Bradley Manning.

The probe was requested following news reports that members of Anonymous
were discussing ways to avenge the 23-year-old...
 

Posted by InfoSec News on Mar 09

http://blog.internetnews.com/skerner/2011/03/why-pwn2own-doesnt-target-linu.html

By Sean Michael Kerner
Netstat -vat
Internetnews.com
March 8, 2011

From the 'Hack Me' files:

The annual Pwn2Own hacking challenge kicks off today, pitting security
researchers against web browsers and mobile platforms. The HP
TippingPoint sponsored event grows every year to include more platforms,
though Linux isn't among them.

Pwn2Own will target IE,...
 

Posted by InfoSec News on Mar 09

http://www.darkreading.com/insider-threat/167801100/security/attacks-breaches/229300509/malware-attacks-decline-in-scada-industrial-control-systems-report-says.html

By Kelly Jackson Higgins
Darkreading
March 07, 2011

Malware accounts for close to one-third of all real-world industrial
control system security incidents recorded in the Security Incidents
Organization's Repository of Industrial Security Incidents (RISI)
database, according to...
 

Posted by InfoSec News on Mar 09

http://www.businessweek.com/news/2011-03-08/hacking-of-dupont-j-j-ge-were-undisclosed-google-type-attacks.html

By Michael Riley and Sara Forden
Bloomberg
March 08, 2011

The FBI broke the news to executives at DuPont Co. late last year that
hackers had cracked the company’s computer networks for the second time
in 12 months, according to a confidential Dec. 9, 2010, e-mail
discussing the investigation.

About a year earlier, DuPont had been...
 

Posted by InfoSec News on Mar 09

http://www.hometownannapolis.com/news/nav/2011/03/08-21/Naval-Academy-adds-cybersecurity-courses.html

By EARL KELLY
Staff Writer
Capital Gazette Communications
03/08/11

In its first significant change to the core curriculum in 10 years, the
Naval Academy is adding two mandatory cybersecurity courses aimed at
preparing junior officers for today's warfare, academy officials said
yesterday.

The first course will be required next spring for...
 

Posted by InfoSec News on Mar 09

Forwarded from: Hafez Kamal <aphesz (at) hackinthebox.org>

HITB Magazine is currently seeking submissions for our next issue. If you have
something interesting to write, please drop us an email at:
editorial () hackinthebox org

TOPICS

Topics of interest include, but are not limited to the following:

* New Attack and Defense Techniques
* Reverse Code Engineering
* Network Security
* Forensics and Incident Response
* WLAN, GPS, HAM Radio,...
 
Wireshark 6LoWPAN Packet Denial Of Service Vulnerability
 
ClamAV 'cli_pdf()' PDF File Processing Denial Of Service Vulnerability
 


Internet Storm Center Infocon Status