InfoSec News

For any company that makes its living selling security, it's a nightmare come true. This week, RSA Security admitted that hackers who broke into its network three months ago had stolen information about its SecurID tokens and then used that information to attack a customer, Lockheed Martin.
 
Apple has halted the delivery of a small number of iPad 2s designed to work on the Verizon Wireless network because of a manufacturing glitch, according to news reports Friday.
 
World IPv6 Day boosted the amount of native IPv6 traffic on the Internet, but it mostly increased the use of transitional protocols that won't help to solve the looming shortage of IPv4 addresses, according to researchers studying data from Wednesday's event.
 
As teams become increasingly dispersed and mobile, you must ensure every team member can efficiently access up-to-date, centralized information and share updated documents, even over slow or intermittent Internet connections.
 
X.Org X Server PCF Font Parser Buffer Overflow Vulnerability
 
X.Org X Server 'Xinput' Extension Local Privilege Escalation Vulnerability
 
Siemens has fixed bugs in its Simatic S7 industrial computer systems, used to control machines on factory floors, power stations and chemical plants.
 
Xerox has told about 600 employees that if they don't agree to transfer to an Indian outsourcer they may face unemployment.
 
U.S. tech hiring for the second half of 2011 will increase as the gradually improving economy results in companies updating their IT systems after scaling back during the recession, according to a hiring survey from technology job website Dice.com.
 
VLC Media Player XSPF Playlist Integer Overflow Memory Corruption Vulnerability
 
The fledgling Indian operation of hacker group Anonymous attacked the website of the Indian army on Friday, but reversed its decision after it ran into criticism from Indian supporters who were annoyed that the Indian army was targeted.
 
If you've been a Gmail user for a long time, chances are good you've accumulated a lot of mail. In fact, it's not uncommon for a Gmail inbox to accumulate hundreds, thousands, even tens of thousands of messages. Indeed, at last count, one of my older Gmail accounts had nearly 33,000 of them (and still I'd barely used 20 percent of my available storage--gotta love Gmail).
 
Security start-up Unveillance fell prey to LulzSec. In this interview, founder Karim Hijazi talks about how the hack unfolded and what lessons he sees for companies.
 
Google Chromebooks can now be pre-ordered at Amazon.com and BestBuy. Expected ship date: June 15.
 
Implementing business analytics has risen to the top of midmarket CIOs' to-do lists, according to a new IBM study announced Friday during an event in Waltham, Massachusetts.
 
Apple has asked that it be allowed to intervene in a patent lawsuit brought by Lodsys against seven small independent iOS application developers.
 
Linux Kernel I/O-Warrior USB Device Heap Buffer Overflow Vulnerability
 
Linux Kernel 'OCFS2' Local Information Disclosure Vulnerability
 
Linux Kernel Native Instruments USB Device Name String Buffer Overflow Vulnerability
 
[SECURITY] [DSA 2257-1] vlc security update
 
Call for Participation: DIMVA 2011
 
VUPEN Security Research - Oracle Java ICC Profile "scrn" Tag Integer Overflow Code Execution Vulnerability
 
Sprint is in advanced testing of an iPhone, possibly for sale this fall, that would run at first on a 3G wireless network rather than on Sprint's faster WiMax, according to recent reports.
 
Apple this week called Amazon's Appstore for Android "inferior" as it urged a federal court to block the online retailer from using the term "appstore," court documents show.
 
VUPEN Security Research - Oracle Java ICC Profile "pseq" Tag Integer Overflow Code Execution Vulnerability
 
VUPEN Security Research - Oracle Java ICC Profile "ncl2" Tag Integer Overflow Code Execution Vulnerability
 
VUPEN Security Research - Oracle Java ICC Profile "clrt" Tag Integer Overflow Code Execution Vulnerability
 
VUPEN Security Research - Oracle Java ICC Profile "bfd" Tag Integer Overflow Code Execution Vulnerability
 
The latest Android smartphone from Sprint and Motorola offers nice features and a dock that can turn it into a desktop computer.
 
Security experts have criticized the European Commission's plans to set up a team to look at how to combat cyberattacks as too little, too late, saying that more coordination between member states is needed.
 
This month Premier 100 IT Leader Amy Wang also has advice on the gender role in mentoring, career advancement and more.
 
Spanish police said yhey arrested three members of the Anonymous hacking group who allegedly directed attacks on banks, government websites and companies including Sony.
 
IT is a considerable financial outlay for most businesses, and IT organizations must continually prove their strategic value. They can effectively demonstrate the value of their contributions by selecting and reporting metrics, but the challenge is to choose the right metrics.
 
[SECURITY] [DSA 2256-1] tiff security update
 
IEEE SocialCom/PASSAT Call For Paper Deadline: June 15, 2011
 
June 10, 2011: Apple shows off software, Congressman shows off underwear
 
Here in PCWorld Reviews Land, we often end up in conversations like this:
 
Chrome OS is here. The Series 5 from Samsung is the first of the so-called Chromebooks, and I'm not sure it's exactly what we all had in mind when Google announced Chrome OS two years ago. Back then, our imaginations pictured computers that were thinner and lighter than those with enough horsepower to run Windows. We thought we would see computers running on ARM processors, not just x86. We were promised it would look like the Chrome browser with "a new windowing system." Frankly, I'm not sure we really knew what to expect. But if someone had told us, back then, that the first Chromebook would be a large and simple netbook that does little more than run only the Chrome browser, I don't think we would have made such a big deal about Google producing its own operating system.
 
Whether you're an experienced hand or a technophobic novice, chances are good that your last PC upgrade didn't exactly follow the industry's best practices. Many newbs flub upgrades through inexperience, but it's just as common to see a hardcore system builder throw caution to the wind while swapping out a CPU, snapping in some RAM, or swapping out a hard drive or graphics card. Whichever camp you fall into, cutting corners as you work on your computer puts it at risk of sustaining damage to sensitive components. In the worst case, you might even destroy the entire machine.
 
Microsoft is trying to woo Android application developers, offering them help in porting applications to Windows Phone.
 
The next time you get mugged in Central Park, you'll be able to tell the world about it in real time.
 
Although the Supreme Court on Thursday rejected Microsoft's appeal of a four-year-old patent dispute woth i4i, its efforts weren't wasted, legal experts said.
 
Dell will first launch its Streak 10 Pro tablet in China, putting other markets like the U.S. and Europe on hold in order to give developers more time to create the necessary apps.
 
Unlike some gadgets that break new ground but don't actually work that well, these clever tech products are surprisingly usable. Remember, Father's Day is just around the corner.
 
Internet Storm Center Infocon Status