Information Security News
It hasn't really been reported much, but just after Microsoft sort of stopped releasing patches for Windows XP last month, we now have to get going on the next phase-out: Windows 8.1!
[In a first version of this diary, I stated that support ends tomorrow. As a reader points out in a comment, Microsoft announced earlier today that it extended the deadline by a month] 
As Microsoft wraps it in beautiful marketing speak:
"Since Microsoft wants to ensure that customers benefit from the best support and servicing experience and to coordinate and simplify servicing across both Windows Server 2012 R2, Windows 8.1 RT and Windows 8.1, this update will be considered a new servicing/support baseline... beginning with the May Patch Tuesday, Windows 8.1 user's devices without the update installed will no longer receive security updates." 
To make things a bit more interesting, there are 3 different versions of what people commonly refer to as "Windows 8":
"Windows 8" , "Windows 8.1" and "Windows 8.1 Update".
I guess in the old days, "Windows 8.1 Update" would be considered a "Service Pack". But then again, that would be something people are used to and not all that confused by, so Microsoft figured to mix it up and call this one "Windows 8.1 Update".
Sadly, there are reports that individuals have problems installing Windows 8.1 Update. You can now even deliver Windows 8.1 Update via WSUS, even though Windows 8.1 initially broke WSUS. 
So with WSUS fixed, and Windows 8.1 Update only breaking some of your systems, you will now be in grant shape for making Windows 8.1 Update your new baseline as this will be the last patch Tuesday for Windows 8.1 Pre-update patches.
Haven't upgraded to Windows 8.1 and still not missing the "Start" button? You should be good until 2023. Lots of time to get used to the new interface. But Windows 8 will only be available for retail sale until end of October .
Police in the Canadian city of Ottawa said they arrested a 16-year-old male charged with carrying out so-called "swatting" attacks that targeted 30 North American targets.
One of the targets included KrebsOnSecurity reporter Brian Krebs, who was previously on the receiving end of a vicious swatting attack that resulted in a team of police pointing guns at him as he opened the front door of his Virginia home. Krebs said the recent attacks were preceded by taunts from someone controlling the Twitter handle @ProbablyOnion. The last tweet made from that account, made on Thursday, stated: "Still awaiting for the horsies to bash down my door." The individual didn't have long to wait. That same day, the 16-year-old was arrested, according to press releases here and here issued by the Ottawa Police Service and the FBI, respectively.
Swatting refers to the act of knowingly giving authorities false information about bomb threats, the taking of hostages, or similar threats in progress with the goal of tricking heavily armed police to raid the location of an innocent person or group. According to authorities, the unnamed 16-year-old allegedly carried out swatting attacks on 30 targets, including schools in North America that responded with lockdowns or evacuations. The minor was charged with 60 criminal offenses, including public mischief, mischief to property, uttering death threats, and conveying false info with intent to alarm.
Maintainers of the Linux kernel have patched one of the more serious security bugs to be disclosed in the open source operating system in recent months. The five-year-old code-execution hole leaves computers used in shared Web hosting services particularly vulnerable, so users and administrators should make sure systems are running updated versions that contain a fix.
The memory-corruption vulnerability, which was introduced in version 2.6.31-rc3, released no later than 2009, allows unprivileged users to crash or execute malicious code on vulnerable systems, according to the notes accompanying proof-of-concept code available here. The flaw resides in the n_tty_write function controlling the Linux pseudo tty device.
"This is the first serious privilege escalation vulnerability since the perf_events issue (CVE-2013-2049) in April 2013 that is potentially reliably exploitable, is not architecture or configuration dependent, and affects a wide range of Linux kernels (since 2.6.31)," Dan Rosenberg, a senior security researcher at Azimuth Security, told Ars in an e-mail. "A bug this serious only comes out once every couple years." As Ars reported in May 2013, the then-two-year-old CVE-2013-2049 continued to imperil users more than a month after Linux maintainers quietly released a patch for the gaping hole.
=============== Rob VandenBrink Metafore(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
GE patches gap in infosec capabilities with Wurldtech buy
Years after the infosec world noticed the chronic insecurity of SCADA kit, industrial giant GE has decided it needs to improve its in-house capabilities by announcing that it's to acquire Wurldtech. Founded in 2006, Wurldtech's product portfolio, sold ...