Hackin9

InfoSec News

(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
yubico-pam NULL Password Authentication Bypass Vulnerability
 
Netpbm XPM File Remote Stack Buffer Overflow Vulnerability
 
A U.S. House of Representatives committee has scheduled a debate and vote on controversial copyright legislation, the Stop Online Piracy Act, with the bill's main sponsor offering an amendment meant to address some concerns with the bill.
 
Avast! Internet Security 'aswFW.sys' Driver IOCTL Handling Local Denial of Service Vulnerability
 
Opera ':visited' Browser History Information Disclosure Vulnerability
 
Microsoft Internet Explorer CSS ':visited' Browser History Information Disclosure Vulnerability
 
LightSquared believes a government official selectively leaked results from tests of its proposed mobile broadband network to set public opinion against the company, and it is seeking a federal investigation of the apparent leak.
 
Software-defined networking startup Embrane this week came out of stealth mode to unveil its product and strategy for virtualizing network services.
 
As part of the IDG Enterprise CEO Interview Series, William McCracken, chief executive officer of CA Technologie,s spoke at the recent CA World conference to IDGE Chief Content Officer John Gallant about how the concept of 'business service innovation' is driving CA's business. Insider (registration required)
 
Making good on an announcement made earlier this year, Microsoft has installed a version of Apache Hadoop on its Azure cloud service. The company now offers a limited preview version of the open-source data analysis platform, often used for big data-style analysis.
 
Microsoft today released an update to its OneNote application for iOS that it said has been tweaked for the iPad.
 
Amazon will reportedly provide an over-the-air update to Kindle Fire tablets in less than two weeks.
 
SandForce today announced its newest NAND flash controller that is aimed for use with SSDs in cloud computing systems because it has twice the error correction capability for data resilience.
 
Online holiday spending is up 15% so far this year, with Americans shelling out nearly $25 billion, according to online traffic monitor ComScore.
 
Oracle have released Java 6 Update 30 (6u30) today. The fixes are mostly of functional nature. As far as we can tell from the release notes, no gaping security craters had to be leveled out this time .. for a change. Two security related fixes are still noteworthy for developers, one affects the use of SSL (TLS_DH_anon_WITH_AES_128_CBC_SHA), the other is about the use of secure cookies in HTTPS when the applet gets invoked via JavaScript. The full release information and list of fixes are available on Oracle's web site.
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
Earlier today, SANSISC reader Matthew reported one of his users stumbling over an odd Click here to win your prize page. We are still investigating the full contents, but it looks like several misspellings of wikipedia are used in this scam, in addition to many other domains.
wikipeida-org, wikepedia-org, wictionary-org, wikpedia-com, wikispaces-cm are all domains with a typo that redirect visitors to a you won a prize page. The result currently looks like the screenshot below


Clicking through leads to another page, where to claim the prize lots of personal information must be entered. They even have a Privacy Policy of sorts in the fine print, and it even seems to be unexpectedly honest:
(a) PERSONAL INFORMATION. We will share any and all personal information you submit to our Company with third parties who may have products or services you will find of interest. We will share your information without your additional consent. We may also use your personal information to verify your identity, to check your qualifications, or to follow up with transactions initiated on the Site. We may also use your contact information to inform you of any changes to the Site, or to send you additional information about us. If you give your permission during the account registration process, we may share your information with our business partners or other companies so that they may send you promotional materials. By giving your permission during the account registration process, you expressly consent to receive such promotional materials from us and/or our business partners or other companies via various media channels, which includes, but is not limited to, SMS messaging (standard carrier text messaging charges will apply).


Be careful what you wish for .. this free iPad comes with plenty strings attached!

Update: Other prominent typo domains affected includeyoutrube-com, youotube-com, youzube-com. RUS-CERT's passive DNS has a long list of domains pointing to the same IP:http://www.bfk.de/bfk_dnslogger.html?query=69.6.27.100#result (c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
AT&T has asked a judge to put on hold the U.S. Department of Justice's lawsuit to block its merger with T-Mobile USA while the two companies decide whether to move forward with the deal.
 
libcap Local Security Bypass Vulnerability
 
Google has removed nearly two dozen malware-infected apps from its official Android Market in the last several days, according to San Francisco-based Lookout Security.
 
The U.S. Department of Justice and AT&T Monday filed a joint motion to halt proceedings in the U.S. agency's lawsuit to block the telecom giant's $39 billion acquisition of mobile competitor T-Mobile USA.
 
Ipswitch WhatsUp Gold LDAP Authentication Security Bypass Vulnerability
 
Linux Kernel NFS Client 'decode_getacl()' Remote Denial of Service Vulnerability
 
[ MDVSA-2011:184 ] krb5
 
Secunia Research: Winamp AVI Parsing Two Integer Overflow Vulnerabilities
 
WordPress flash-album-gallery Plugin 'flagshow.php' Cross Site Scripting Vulnerability
 
For the past 25 years, a war has waged between malicious programmers and the researchers trying to make computing safe for the enterprise. The battle has shown no signs of subsiding — once a new countermeasure is deployed, the hackers find new ways to make IT worried. Insider (registration required)
 
The University of New Hampshire InterOperability Laboratory (UNH-IOL) hosted its third IPv6 Customer Edge (CE) Router Interoperability Test Event the week of November 7-11, 2011. The event brought together users and suppliers of CE Router equipment in order to gain perspective on the current status of interoperability against the Internet Engineering Task Force's (IETF) Basic Requirements for IPv6 Customer Edge Routers.
 
Competition in the smartphone sector will remain cutthroat in 2012, as vendors will improve performance using LTE, high-resolution screens and quad-core processors and GPUs.
 
The European Union plans to distribute new software to help human rights activists and dissidents in authoritarian regimes circumvent censorship.
 
One very effective way to improve your organization's security is to work more closely with its software developers.
 
Google plans to announce in the coming month or so several customer wins for Google Apps that exceed 100,000 users, according to Google Enterprise Vice President Amit Singh.
 
Apple boasted today that it had distributed more than 100 million programs through the Mac App Store since the e-market's January launch.
 
Don't you have any outside interests that teach you lessons applicable to security? Of course you do. Mine is chess. So it's time for my quasi-annual chess column.
 
OSI Security: Squiz Matrix - User Account Enumeration
 
SAP has abruptly put the brakes on a planned upgrade to its massive community network portal, which was set to be rolled out this month, due to a number of lingering, "critical" bugs.
 
Introduction to R-sequence public key cryptography attack
 
[ MDVSA-2011:183 ] pidgin
 
zFTPServer Suite 6.0.0.52 'rmdir' Directory Traversal
 
Call for Papers -YSTS 6 - Security Conference, Brazil
 
Intel warned Monday that fourth-quarter revenue will be lower than anticipated due to a hard-drive shortage. The chip maker now anticipates quarterly revenue of $13.7 billion, down from a previous estimate of $14.7 billion.
 
Nokia Siemens Networks is selling its fixed-line broadband access business to Adtran, the latest in a series of sell-offs, the company said on Monday.
 
Using concepts from IT and networking, a Japanese consortium plans to develop large-scale energy grids that will handle power the way the Internet handles data, using "routers" and "service providers" to efficiently manage and direct the flow of electricity.
 
 
Taking a cue from rivals such as Salesforce.com, SAP on Monday announced a partnership under which it will resell and support social media analytics software from NetBase.
 
Pidgin OSCAR Protocol UTF-8 Message Denial of Service Vulnerability
 
TeleCommunication Systems today introduced a portfolio of managed mobile communications services on Monday called TotalCom for government agencies and businesses.
 
After some tough years for IT and tech pros, high demand for tech workers is here in some areas -- and is expected to continue
 
Preston Gralla worked on the three new color e-readers -- the Kindle Fire, Kobo Vox and Nook Tablet -- and reports on his experiences and preferences.
 
Hitachi Global Storage Technologies (Hitachi GST) said Monday it began shipments of its first 4TB, 3.5-inch hard drive, targeted at the PC market, three months after rival Seagate launched its own version.
 
acpid Power Button Events Local Privilege Escalation Vulnerability
 
Motorola Solutions today announced the MC2100, a lightweight, rugged handheld computer designed in the shape of a slender TV remote control device.
 
Internet Storm Center Infocon Status