Hackin9
NASA engineers are trying to figure out what is causing a cooling system malfunction that has been plaguing the International Space Station since Wednesday.
 
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
When it comes to search, Google plans to focus on advancing voice search in 2014.
 

The widespread takeaway from today's announcement that Google will start caching all remotely-hosted images sent to Gmail users was that the move will hinder e-mail marketers and other nosy senders by preventing them from seeing recipients' personal information. But less reported was this: the move also promises marketers—and, indeed, other types of shady senders—a major silver lining.

That's because of two ways Google has gone about implementing the change. First, Gmail will begin displaying Web-based images by default, reversing the years-long practice of automatically hiding them unless a user clicks a button. And second, according to preliminary tests, the Google server that temporarily stores the image contacts the Web address where the image is hosted only after a user opens the message, sometimes each time the message is opened. That means for the first time in years, Gmail by default will allow senders who embed a unique image address in each message they send to know which ones are ignored, which ones are opened, and how many times they are viewed.

Rapid7 Chief Research Officer HD Moore sent several Gmail messages that contained Web-based images hosted on servers he controlled. Then he monitored the URLs of the images to see what happened. Each time, Google servers didn't download the images until after he opened the Gmail message and viewed the remote content. As Google promised Thursday morning, the new cached delivery system is safer and more secure, mainly because Web requests to view remote images are no longer made by the end user computer. Having Google servers make the request instead prevents the image host from being able to see the receiver's IP address, browser version, or other system information.

Read 4 remaining paragraphs | Comments


    






 

PCI-DSS 3.0 Brings New Penetrating Testing Requirements, Explains Rhino ...
Broadway World
The Payment Card Industry Data Security Standard (PCI-DSS) is a proprietary infosec standard for organizations that handle payment card information, including debit, credit, 'e-purse', and POS cards. It was founded by the Payment Card Industry Security ...

and more »
 
Apache Subversion 'mod_dav_svn' Module Denial of Service Vulnerability
 
Apache Subversion CVE-2013-4505 Security Bypass Vulnerability
 
Plone and Zope 'Image.py' Cross Site Scripting Vulnerability
 
Plone and Zope 'BrowserIdManager.py' Cross Site Scripting Vulnerability
 
The World Federation of Exchanges has established an international committee to collaborate on cybersecurity best practices for global capital markets.
 
Microsoft today used the hoary practice of predicting next year to drive another nail into Windows XP's coffin.
 
Mini-stream Software CastRipper '.pls' File Remote Stack Buffer Overflow Vulnerability
 
Plone CatalogTool Information Disclosure Vulnerability
 
Plone File Object Information Disclosure Vulnerability
 
PHP OpenSSL Extension 'openssl_x509_parse()' Remote Memory Corruption Vulnerability
 

PCI-DSS 3.0 Brings New Penetrating Testing Requirements, Explains Rhino ...
PR Web (press release)
The Payment Card Industry Data Security Standard (PCI-DSS) is a proprietary infosec standard for organizations that handle payment card information, including debit, credit, 'e-purse', and POS cards. It was founded by the Payment Card Industry Security ...

and more »
 
Monitorix HTTP Server 'handle_request()' Remote Command Execution Vulnerability
 

2014 to bring a 'storm of change' in InfoSec compliance
CIOL
ELY, ENGLAND: The coming year will bring a 'storm of change' in information security compliance, creating fresh challenges for board directors, CIOs and business owners seeking to ensure business resilience, says IT Governance Ltd. Alan Calder, founder ...

 
Avon Products has halted the rollout of a global SAP implementation, with the cosmetics maker saying in a regulatory filing that a pilot program in Canada caused "significant business disruption in that market, and did not show a clear return on investment."
 
Expanding the range of its mobile photo sharing service, Instagram has introduced Instagram Direct, which allows users to send photos or short videos to a specific user or group of users.
 
Analysts are pondering just what Microsoft might do with the Android-variant smartphone Nokia has under development: Keep it or kill it.
 
A Pennsylvania man who hacked into multiple corporate, university and government computer networks and tried to sell access to them, including supercomputers from a U.S. national security laboratory, has been sentenced to 18 months in prison.
 
Apple's iPad was the preferred pick of prospective tablet buyers this holiday season by a huge margin, according to a market research firm's survey of 25,000 Americans.
 
Gartner says that its clients have started planning to migrate from Unix. For some of them, it may take two or three years, and for others, five years. A few may still be running Unix 10 years from now, but nonetheless, Gartner believes the operating system is on a path to insignificance.
 
In-flight cellular in the U.S. may be closer to reality than some consumers realize, with foreign airlines poised to extend services they already offer elsewhere. But evidence from overseas suggests the odds of being trapped next to a chronic caller are slim.
 
Dell will start selling systems early next year that run Red Hat's version of the OpenStack open-source cloud platform.
 
LinuxSecurity.com: Updated php53 packages that fix one security issue are now available for Red Hat Enterprise Linux 5.6 and 5.9 Extended Update Support. The Red Hat Security Response Team has rated this update as having critical [More...]
 
LinuxSecurity.com: Updated php packages that fix one security issue are now available for Red Hat Enterprise Linux 5.3 Long Life, and Red Hat Enterprise Linux 5.6, 5.9, 6.2, 6.3, and 6.4 Extended Update Support. [More...]
 
LinuxSecurity.com: An updated thunderbird package that fixes several security issues is now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having [More...]
 
LinuxSecurity.com: Several security issues were fixed in Thunderbird.
 

Memory has plenty of useful information for incident handlers such as open files, network connections and encryption keys. With pulling the plug forensics methodology you are losing all this information and you’re putting your skills into question if the case go to the court.

While analyzing memory require a set of skills, acquiring memory isn’t that difficult with the new tools available. On a previous diary[i] Mark Baggett wrote about using winpmem to acquire memory.

This diary will be about using similar tools which is Dumpit. Dumpit is a free tool written by Matthieu Suiche from MoonSols . Dumpit support both 64-bit and 32-bit Windows operating systems .

Dumpit can be downloaded from MoonSols website[ii] . After downloading and extracting the zip file it wil be a single executable file ‘dumpit.exe’.

One of the major benefits of Dumpit that it is very easy to use and any user with an admin privileges can use it. I would suggest that you provide your helpdesk team with some USB sticks with a copy of Dumpit, there are some issues that have to be considered: first the size of USB stick should be higher than the RAM size and if you have memory larger than 2 GB the USB sticks should be NTFS formatted.

When you have a suspicious event in a remote office or on a time that no body from the incident response team is available, a ready USB stick with Dumpit might be the ‘smoking gun’ for this incident.

The memory accusation can be performed with these three simple steps:

1.     Insert the USB stick.

2.     Double click on Dumpit icon (Figure 1)

3.     Type “y” (figure 2)

Dumpit Screenshot

Figure 1 (Dumpit executable)

Dumpit Console Screen Shot

Figure 2 (Dumpit)

After few minutes the image will be ready on the USB stick as the computer name-date-time.raw (figure 3)

Dumpit output image

Since Dumpit is a simple tool, it doesn’t have any analysis capabilities .Tools such as Mandiant Redline can be used for the analysis purpose. 


------
Johannes B. Ullrich, Ph.D.
SANS Technology Institute
Twitter

(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
The future of your organization rests in the hands of your Infrastructure and Operations talent. Gartner lays out a battle plan to win the war for those tech pros.
 
LinuxSecurity.com: Updated php packages that fix one security issue are now available for Red Hat Enterprise Linux 3 and 4 Extended Life Cycle Support. The Red Hat Security Response Team has rated this update as having critical [More...]
 
libxslt 'libxslt/xslt.c' Remote Denial of Service Vulnerability
 
Google yesterday launched its new packaged apps, dubbed 'Chrome Apps,' for the Mac, making good on a promise from September when it kicked off testing.
 
Mozilla Firefox/SeaMonkey CVE-2013-5619 Out of Bounds Memory Corruption Vulnerability
 
Mozilla Firefox CVE-2013-5611 Security Bypass Vulnerability
 
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-6673 Security Bypass Vulnerability
 
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-5615 Security Vulnerability
 

Art Coviello: Infosec Innovation Via Proactive Collaboration
ExecutiveBiz (blog)
The SBIC report is the second in the Global 10000 group of security companies' three-part series on infosec program building. Filed in: Cybersecurity, News Tags: Art Coviello, control assessments, Cyber, emc, information security, infosec, risk ...

and more »
 
Do you love, no scratch that -- "luv" espresso? Do you "adore" it even? Twitter advertisers may now know how you feel about their products no matter how you choose to express yourself.
 
Critics of the National Security Agency's bulk collection of U.S. residents' telephone records should offer a better way to track terrorists and protect the country against attacks, the agency's director said Wednesday.
 
Microsoft has opened another front in its webmail war against Google with the release of a new tool designed to automate the migration process for Gmail users who want to switch to Outlook.com.
 
Privacy groups have asked the Federal Communications Commission to declare that even "anonymized" phone records have to be protected under a privacy rule that restricts carriers from sharing customers' information without their consent.
 
Microsoft has launched the Cloud OS Network, a global consortium of cloud service providers that offer Windows Azure infrastructure-as-a-service.
 
A South Korean court on Thursday ruled against Samsung Electronics in a lawsuit that threatened to ban older iPhone and iPad models in the country for alleged patent infringement.
 
A widely used security feature intended to protect access to online bank accounts is becoming increasingly ineffective, as cybercriminals develop advanced malicious software for Android devices, according to a report released Wednesday.
 
Fast-growing companies like Square and MongoDB are driving IT innovation with leaner staffs, cloud-first computing, self-service everything and CTOs rather than CIOs.
 
The U.S. International Trade Commission will review a preliminary decision that found that HTC infringed on Nokia patents.
 
One of the three leading wireless charging groups today launched its consumer branding for products along with a certification program for mobile devices and chargers.
 
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-5616 Use After Free Memory Corruption Vulnerability
 
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-5618 Use After Free Memory Corruption Vulnerability
 
Mozilla Firefox and Seamonkey CVE-2013-5614 Security Bypass Vulnerability
 

2014 To Bring A 'Storm Of Change' In InfoSec Compliance, Says IT Governance
SourceWire (press release)
Ely, England, 12 December 2013 – The coming year will bring a 'storm of change' in information security compliance, creating fresh challenges for board directors, CIOs and business owners seeking to ensure business resilience, says IT Governance Limited.

 

Fort Mills Times

Anil Varghese Joins Targetbase as Chief Security Officer; Continues ...
Fort Mills Times
He holds many industry certifications, most notably Certified Information Systems Security Professional (CISSP) Certification, PGP Cryptography Certification, NSA-IAM National Security Agency-INFOSEC Assessment Methodology. Varghese is an active ...

and more »
 
TYPO3 Extbase 'errorAction' Method Cross Site Scripting Vulnerability
 
Microsoft Windows Kernel 'Win32k.sys' CVE-2013-5058 Local Denial of Service Vulnerability
 
Cisco DPR2320R2 Wireless Router Multiple Cross Site Request Forgery Vulnerabilities
 
Internet Storm Center Infocon Status