InfoSec News

Research In Motion said on Wednesday that it was investigating reports from some users who were experiencing delays.
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Six Estonians were arrested Tuesday as part of the largest botnet takedown ever. The DNS Charger botnet aided a $14 million click-fraud scheme.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google
Oracle has updated its Unix-based operating system Solaris, adding some features that would make the OS more suitable for running cloud deployments, as well as integrating it more tightly with other Oracle products, the company announced Wednesday.
Six Estonians were arrested Tuesday as part of the largest botnet takedown ever. The DNS Changer botnet aided a $14 million click-fraud scheme.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google
Back in July I promised to help track down a solution to the "General failure" error that appears in Outlook when you click a link embedded in an e-mail. Judging from the number of pleas for help I continue to get from readers, this problem hasn't gone away. And it appears to affect users of all browsers, not just Firefox or Internet Explorer.
Cisco Systems has completed most of a major restructuring that began early this year, and on Wednesday posted revenue and profit for its fiscal first quarter that exceeded analysts' expectations.
In terrestrial systems, you don't think about disk space. In the clouds, you have to, if you don't it will cost you.
[ MDVSA-2011:168 ] apache
[SECURITY] [DSA 2343-1] openssl security update
Source: http://www.fbi.gov/news/stories/2011/november/malware_110911/malware_110911

The FBI has unsealed a federal indictment that includes details of the two-year FBI investigation called Operation Ghost Click, as announced today in New York.

The article describes the arrest of six Estonian nationals who have been charged with running a sophisticated Internet fraud ring that infected millions of computers worldwide with a virus and enabled the thieves to manipulate the multi-billion-dollar Internet advertising industry.
The FBI offers details on determining if you've been affected by DNSChanger in this PDF.

This cybercrime ring used DNSChanger to redirect unsuspecting users to rogue servers controlled by the cyber thieves, allowing them to manipulate users web activity.
The DNS Changer Working Group (DCWG), with cooperation from SANShandlers, will be publishing more details soon as they have been closely monitoring this class of malware.

As you may well be aware, several different malware families modify DNS to redirect customer traffic in the past, while it has been installed in many different ways, it isn't a single malware, but more a class of malware that exhibits certain characteristics.
ISC handlers have published many diaries over the years about various DNSChanger malware including a recent Mac version:
New Mac Trojan: BASH/QHost.WB
(Minor) evolution in Mac DNS changer malware
DNS changer Trojan for Mac (!) in the wild
ISC Handler Donald Smith, who provided the details for this diary entry, advises that:

ISPs and corporations that wish to assist their customers can route the rogue space to their resolvers and NAT/PAT from the rogue DNS space to their resolver space, their resolvers will answer the query and the answer gets re-NAT/PAT and the customers get the correct dns response. Add logging and you have a list of infected customers. It is recommended though that you be extremely careful in what you consider rogue address space and how long you keep things considered as such: that's the tricky part. [Swa Frantzen]
Finally, thanks to a coordinated effort of trusted industry partners, a mitigation plan commenced today to replace rogue DNS servers with clean DNS servers to keep millions online, while providing ISPs the opportunity to coordinate user remediation efforts. Such effort means that those infected with DNSChanger, who otherwise would have had no DNS and basically no Internet ability, still get to use the Intarwebs. :-)
Stay tuned for more, and feel free to share your experiences with DNSChanger via comments.

(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Adobe's decision to stop Flash Player development for mobile browsers will likely be repeated for browsers on the desktop, just not anytime soon, analysts said today.
Cisco Security Advisory: Cisco TelePresence System Integrator C Series and Cisco TelePresence EX Series Device Default Root Account Manufacturing Error
Banks are having to fend off ever more attacks from hackers who break into computers of their business customers and try to make fraudulent funds transfers electronically for large amounts. If you doubt how bad this hacker scourge has become, ask Jorge Solis, senior vice president of security at First Midwest Bank.
Fusion 4 is the newest version of VMware's virtualization solution for the Mac, which allows you to run multiple operating systems within Mac OS X. Since we reviewed Fusion 3, VMWare has added support for Lion and the ability to create OS X Lion virtual machines, reduced the consumption of system resources to zero when you aren't running a virtual machine, redesigned the settings window, and much more.
Verizon Wireless will launch the new Droid Razr for $299.99 in its stores on Friday, which has the date 11-11-11, marking the event with a later-than-usual opening time at 11:11 a.m.
Many U.S. cable providers will offer broadband service for US$9.95 a month and an e-recycler will offer $150 PCs and laptops to low-income families in an effort to bring the benefits of broadband to more people across the country.
Researchers from security vendor Trusteer have come across a professional calling service that caters to cybercriminals. The business offers to extract sensitive information needed for bank fraud and identity theft from individuals.
30 Days With the Cloud: Day 3
The U.S. Department of Justice is charging seven individuals with 27 counts of wire fraud and other computer-related crimes, alleging that the group hijacked 4 million computers across 100 countries in a sophisticated clickjacking scheme.
Four U.S. senators have introduced legislation that would allow states to collect taxes on Internet sales, even when the seller does not have a physical presence in the taxing state.
Amazon Web Services opened up a new data center in Oregon that will cost less to use than AWS's other West Coast facility, in California.
[SECURITY] [DSA 2341-1] iceweasel security update
[ MDVSA-2011:168 ] apache
DC4420 - London DEFCON - November 2011 meet - Tuesday 15th November
Multiple security vulnerabilities in AShop
Consumer Reports has put Apple's iPhone 4S on its recommended list, saying that unlike its predecessor, the new smartphone doesn't suffer from a design flaw.
Gibbs discusses the Lua programming language, an app that lets you program in Lua, and a Sci-Fi novel that has nothing to do with the language
New Kansas state IT chief Jim Mann has resigned after questions were raised about his academic credentials.
APPLE-SA-2011-11-08-1 Java for Mac OS X 10.7 Update 1 and Java for Mac OS X 10.6 Update 6
LabStoRe <= 1.5.4 Sql Injection Vulnerabilities
OrderSys <= 1.6.4 Sql Injection Vulnerabilities
Adobe Systems said Wednesday it is abandoning the Flash Player in future mobile browsers to focus on HTML5, a decision that immediately ignited concerns among mobile app developers, many of whom are working with Android apps.
Google, which last week bungled the launch of a Gmail application for Apple iOS devices, has decided to put out to pasture its Gmail application for the BlackBerry.
SAP customers seeking to move from traditional deployments to a private cloud architecture have a new option from Accenture, the companies announced Wednesday during the Sapphire conference in Madrid.
Adobe Systems Wednesday is expected to disclose plans for 750 job cuts, cutting its investment in enterprise software and a halt to mobile Flash browser development.
The number of public Wi-Fi hotspots is expected to increase by 350% in the next four years, as operators look for ways to offload traffic from their mobile networks, according to a report by market research company Informa Telecoms and Media.
Microsoft's Windows Intune, which launched in March, lets you remotely secure, monitor, manage, and assist PCs via the Internet. One of the first cloud-based PC management systems available, it's basically a streamlined, less-expensive variant of Microsoft's long-lived Systems Management Server (SMS).
Media outlets that plan to use Google+ Pages need to consider some legal implications.
Tata Consultancy Services (TCS) has bagged a $2.2 billion business process outsourcing order from Friends Life, a provider of pensions, investments, and insurance, it said in a filing to Indian stock exchanges.
It may sound counterintuitive, but the way to increase the number of cybersecurity professionals is not to start granting degrees in cybersecurity.
After winning over U.S. operators with its security software for Android phones, Lookout Mobile Security is turning to Europe to find new networks ready to install or promote its software on the phones they distribute.
There is another computer revolution around the corner, where everything is instrumented and users can interact with the resulting data. And it's closer than you might think.
China is planning more supercomputers with homegrown chips in order to meet government demands, according to a Chinese researcher involved in the country's high performance computing.
While some consumer electronics manufacturers have cleaned up their act, making more energy-efficient gadgets with fewer toxic materials, others are continuing to make fine promises but no changes, according to Greenpeace. In response, the environmental pressure group is changing the way it scores companies in its Guide to Greener Electronics, placing more emphasis on their actions than their words, and measuring new aspects of their operations.
Asustek Computer on Wednesday announced the 10-inch Eee Pad Transformer Prime tablet, which has a quad-core processor that could make it the fastest tablet in the market.
Tablets and smartphones will soon get quad-core processors with Nvidia's new Tegra 3 chip, which will eclipse the application and graphics performance provided by dual-core processors found on tablets like Apple's iPad and Motorola's Xoom.
Mozilla on Tuesday released Firefox 8, adding Twitter search to the browser and patching eight vulnerabilities.
When Frank Sinatra sang 'If I can make it there, I'll make it anywhere' about New York, he wasn't singing about startup tech businesses. Those startups are most associated with Silicon Valley, not Manhattan.
Corporate IT executives need to pay attention to numerous potential security issues before using Hadoop to aggregate data from multiple, disparate sources, analysts and IT executives said at the Hadoop World conference here this week.
The low-cost computer tablets coming next week from Amazon and Barnes & Noble connect only over Wi-Fi networks, which reduces costs and also cuts the nation's 3G/4G cellular carriers out of the equation.
SAP is expected to make a slew of announcements related to in-memory computing, mobile applications and cloud-based services on Wednesday during the Sapphire conference in Madrid.
The executive office of U.S. President Barack Obama said Tuesday that the administration strongly opposes passage in the Senate of a resolution that could impact the equal availability of the Internet to all classes of users.
One of China's most popular Twitter-like services, Sina Weibo, said it needs better systems to stop harmful rumors on the site, but doesn't intend to force its users to register with their real names.
Internet Storm Center Infocon Status