InfoSec News

Improving customer experience remains the holy grail for most organisations. Seen as the key to attracting and retaining new customers, reducing churn and increasing profit, how to do it well is an ongoing subject of research, analysis, investment and intense scrutiny.
 
Three congressmen who asked Google to explain why and how it collected data being transmitted over Wi-Fi networks from its Street View cameras were not placated by the search company's response.
 
The U.S. Federal Communications Commission should move ahead with plans to create formal network neutrality rules in order to encourage investment and innovation in Web applications and content, three venture capitalists said Friday.
 
Those who’ve purchased an HDTV understand that when making such a purchase you don’t simply buy the TV. You have to upgrade your cable or satellite TV account for HD. And since you have this glorious picture, are you really going to settle for the weak stereo sound built into the TV or cough up the money necessary for a surround-sound receiver and speakers? And then there’s the hunk of furniture large enough to hold the thing.
 
The hackers who harvested an estimated 114,000 Apple iPad 3G owner e-mail addresses defended their actions Friday as "ethical" and said they did nothing illegal.
 
Tilera on Friday said a "major" server maker will announce a low-power server with 512 cores, using eight of its 64-core processors, later this month.
 
It's not the first time onlookers have declared that the long-running legal dispute between Novell and SCO is over, but many are saying that a Thursday judgment favoring Novell on all counts is the end of the road.
 
The city of Indianapolis and Marion County have embarked on a $16 million technology overhaul designed to improve business processes, standardize technology and drive down costs.
 
Scientists at Duke University have figured out how to make large quantities of copper nanowires that can be used to make computers and maybe even bendable, foldable tablet computers someday.
 
Apple will probably face a federal investigation into its decision to bar rival Google from iPhone's mobile advertising market, an antitrust expert said today.
 
One of the biggest promoters of the Android OS, Motorola executive Sanjay Jha, said his company will roll out an Android smartphone with a 2 GHz processor by years end.
 
One of the biggest promoters of the Android OS, Motorola executive Sanjay Jha, said his company will roll out an Android smartphone with a 2 GHz processor by years end.
 
Trend Micro has acquired humyo, an online storage and data synchronization company, to enhance its cloud security offerings.
 
Gibbs has a problem with Mike Montadon, a Nevada state gubernatorial candidate, who keeps sending him e-mail.
 
Stop us if you've heard this one: Steve Jobs unveiled the latest in the iPhone series this week, and despite more advance publicity than Apple ever intended, thanks to some nosy bloggers, Jobs still managed to pull off a few surprises. What's less surprising: AT&T is in hot water with customers for yet another gaffe, while BP earned itself yet more bad PR. Google unveiled two new features that users seem to both love and hate. And California is chock-full of former Silicon Valley types looking to dip their toes (and their bank accounts) in politics. Do you have what it takes to ace our quiz? Give yourself 10 points for each correct answer. Now go out there and vote.
 
Motorola and Research in Motion have come to a settlement that will end all pending litigation between them, the companies announced Friday.
 
North Korea, one of the world's few remaining information black holes, has taken the first step toward a fully fledged connection to the Internet. But a connection, if it comes, is unlikely to mean freedom of information for North Korea's citizens.
 
All eyes will be on South Africa for the next few weeks whilst the FIFA World Cup unfolds. However with an event reportedly bigger than the Olympics. It is likely that scams, spam and other money making efforts will target the event or at least will use the interest in the event to hide and do their thing. A little reminder to staff to be vigilant and a little less eager to click that OK button will go a long way. As always if you see something interesting, let us know via the contact form.
As for my pick a -)
Mark
(8 minutes to go)
Update
The first few SPAM emails have already been sighted (in fact yesterday) subject along the lines of FIFA World Cup South Africa._. bad news and attachment,news.html. Typically these redirect to another site.


(c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
 
Cisco Systems said today that its social collaboration platform aimed at the enterprise, Cisco Quad, will be released in the next four to five months.
 
(c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
 

Tech Eye

Pentagon hunting Wikileaks founder
Tech Eye
... and information security(INFOSEC) threat to the US Army". It recommended “the identification, exposure, termination of employment, criminal prosecution, ...

and more »
 

No Forced Disclosure of UK Data Breaches, Says ICO
ITProPortal
Speaking at the Infosec security conference in April, deputy commissioner David Smith announced that the ICO planned to implement the Data Protection Act ...

and more »
 
Microsoft has confirmed that Windows XP and Windows Server 2003 contain an unpatched bug that could be used to infect PCs by duping users into visiting rigged Web sites or opening attack e-mail.
 
From a solar-powered watch to a speaker for your bike helmet and a nifty geocache finder, these 10 high-tech toys are perfect for summer.
 
The U.S. Federal Bureau of Investigation has opened an investigation into the leak of an estimated 114,000 Apple iPad user e-mail addresses.
 
The U.S. Federal Bureau of Investigation has opened an investigation into the leak of an estimated 114,000 Apple iPad user e-mail addresses.
 
InfoSec News: Cyber War: Microsoft a weak link in national security: http://arstechnica.com/security/news/2010/06/cyber-war-microsoft-a-weak-link-in-national-security.ars
By Matthew Lasar Ars Technica June 9, 2010
"Microsoft has vast resources, literally billions of dollars in cash, or liquid assets reserves. [...]
 
InfoSec News: Rudd dumps AusCERT: http://www.theaustralian.com.au/australian-it/rudd-dumps-auscert/story-e6frgakx-1225878062470
By Karen Dearne Australian IT June 10, 2010
THE nation's Computer Emergency Response Team, better known as AusCERT, has been dumped by the Rudd Government. [...]
 
InfoSec News: Policemen jailed for hacking into network: http://gulfnews.com/news/gulf/uae/crime/policemen-jailed-for-hacking-into-network-1.639635
By Bassam Za' za' Senior Reporter Gulf News June 11, 2010
Dubai: Two policemen have been jailed after a court convicted them yesterday of tapping into the Dubai Police network system and cancelling [...]
 
InfoSec News: Kerviel Says He Hid Nothing From Societe Generale: http://www.businessweek.com/news/2010-06-08/kerviel-says-he-hid-nothing-from-societe-generale-update2-.html
By Heather Smith and Carol Matlack Bloomberg June 08, 2010
Jerome Kerviel, accused of causing a 4.9 billion-euro ($5.9 billion) loss at Societe Generale SA with unauthorized market bets, told a Paris court he "hid nothing" and that all of his actions were visible to his employer.
Kerviel, 33, answered questions from Judge Dominique Pauthe about his professional history on the first day of his trial today. He is charged with abuse of trust, faking documents and computer hacking related to the bank's losses and faces as many as five years in jail and 375,000 euros in fines.
Kerviel and lawyer Olivier Metzner this month will battle prosecutors and Societe Generale, which is seeking to recoup the losses. The Paris-based bank disclosed the unauthorized bets on Jan. 24, 2008, with then-Chief Executive Officer Daniel Bouton calling Kerviel a "terrorist."
During questioning at today.s hearing, the former trader recounted his education, saying he was "interested in finance" when asked why he focused on market operations, including financial controls, in his master's program. He described his salary and bonus history, telling the judge he knew "strictly nothing" about decisions, such as the one awarding him a bonus of 60,000 euros in 2006.
[...]
 
InfoSec News: Drupal clarifies security rules after White-House gaper: http://www.theregister.co.uk/2010/06/10/drupal_security_changes/
By Gavin Clarke The Register 10th June 2010
Webmasters running unfinished modules for Drupal do so at their own risk after the open-source CMS updated its guidelines on fixing security vulnerabilities. [...]
 
InfoSec News: Secunia Weekly Summary - Issue: 2010-23: ========================================================================
The Secunia Weekly Advisory Summary 2010-06-03 - 2010-06-10
This week: 76 advisories [...]
 
InfoSec News: Hacker defends going public with AT&T's iPad data breach (Q&A): http://news.cnet.com/8301-27080_3-20007407-245.html
By Elinor Mills InSecurity Complex CNet News June 10, 2010
A hacker involved with a highly publicized data breach is taking some flack, but he says he and his colleagues simply acted in the public's best interest. [...]
 
InfoSec News: Final CFP: ERCIM STM'2010 : Forwarded from: "M. Carmen Fernandez Gago" <mcgago (at) lcc.uma.es>
** Apologies for multiple copies **
*Call for Papers *
*6th International Workshop on
SECURITY and TRUST MANAGEMENT (STM'10)
Athens, Greece
23-24 September 2010 *
http://www.isac.uma. [...]
 

Posted by InfoSec News on Jun 10

Forwarded from: "M. Carmen Fernandez Gago" <mcgago (at) lcc.uma.es>

** Apologies for multiple copies **

*Call for Papers *

*6th International Workshop on

SECURITY and TRUST MANAGEMENT (STM'10)

Athens, Greece

23-24 September 2010 *

http://www.isac.uma.es/stm10

in conjunction with EuroPKI'10 and CRITIS'10, and just after ESORICS'10

STM (Security and Trust Management) is a working group of ERCIM
(European Research...
 

Posted by InfoSec News on Jun 10

http://arstechnica.com/security/news/2010/06/cyber-war-microsoft-a-weak-link-in-national-security.ars

By Matthew Lasar
Ars Technica
June 9, 2010

"Microsoft has vast resources, literally billions of dollars in
cash, or liquid assets reserves. Microsoft is an incredibly
successful empire built on the premise of market dominance with
low-quality goods."

Who wrote those lines? Steve Jobs? Linux inventor Linus Torvalds?...
 

Posted by InfoSec News on Jun 10

http://www.theaustralian.com.au/australian-it/rudd-dumps-auscert/story-e6frgakx-1225878062470

By Karen Dearne
Australian IT
June 10, 2010

THE nation's Computer Emergency Response Team, better known as AusCERT,
has been dumped by the Rudd Government.

AusCERT will be replaced by the federal government.s newly established
CERT Australia, which will take over the critical role of frontline
protection against cyber-threats.

Federal...
 

Posted by InfoSec News on Jun 10

http://gulfnews.com/news/gulf/uae/crime/policemen-jailed-for-hacking-into-network-1.639635

By Bassam Za' za'
Senior Reporter
Gulf News
June 11, 2010

Dubai: Two policemen have been jailed after a court convicted them
yesterday of tapping into the Dubai Police network system and cancelling
Dh3,650 worth of traffic violations.

The Dubai Court of First Instance's Presiding Judge Hamad Abdul Latif
Abdul Jawad jailed each of the Emirati...
 

Posted by InfoSec News on Jun 10

http://www.businessweek.com/news/2010-06-08/kerviel-says-he-hid-nothing-from-societe-generale-update2-.html

By Heather Smith and Carol Matlack
Bloomberg
June 08, 2010

Jerome Kerviel, accused of causing a 4.9 billion-euro ($5.9 billion)
loss at Societe Generale SA with unauthorized market bets, told a Paris
court he "hid nothing" and that all of his actions were visible to his
employer.

Kerviel, 33, answered questions from Judge...
 

Posted by InfoSec News on Jun 10

http://www.theregister.co.uk/2010/06/10/drupal_security_changes/

By Gavin Clarke
The Register
10th June 2010

Webmasters running unfinished modules for Drupal do so at their own risk
after the open-source CMS updated its guidelines on fixing security
vulnerabilities.

The project has updated the wording on its security site on how it
handles security fixes to clarify it will only work on vulnerabilities
in completed code of modules that...
 

Posted by InfoSec News on Jun 10

========================================================================

The Secunia Weekly Advisory Summary
2010-06-03 - 2010-06-10

This week: 76 advisories

========================================================================
Table of Contents:

1.....................................................Word From...
 

Posted by InfoSec News on Jun 10

http://news.cnet.com/8301-27080_3-20007407-245.html

By Elinor Mills
InSecurity Complex
CNet News
June 10, 2010

A hacker involved with a highly publicized data breach is taking some
flack, but he says he and his colleagues simply acted in the public's
best interest.

AT&T was forced to scramble to fix a security hole in its Web site that
exposed e-mail addresses of more than 100,000 iPad users this week. AT&T
says it learned about...
 
Taiwanese display maker AU Optronics expressed disappointment at an indictment brought against it in a price-fixing case filed by the U.S. Department of Justice, saying the facts in the case don't support the charges.
 
Less than a week after fielding reports that hackers were targeting a bug in its Flash Player software, Adobe Systems has rushed out a fix for the problem.
 

Internet Storm Center Infocon Status