InfoSec News

Intel on Thursday said it wrapped up a strong fiscal 2010 with profit and revenue gains in the fourth quarter, and predicted a strong fiscal year 2011.
 
PCSC-Lite 'atrhandler.c' Buffer Overflow Vulnerability
 
Here in Australia, floods covering a vast land mass (roughly twice the size of Texas or France and Germany combined) have caused havoc and misery to the people in the state of Queensland. These flood waters came on so quickly that it caused thousands of people to flee with just the clothes on their backs and what they could carry. Water of unimaginable force and volume has utterly destroyed these peoples possession and property in a matter of minutes.
As with any disaster on your own doorstep, or that effects people you know and love, it makes you take stock and ponder what youd do in their place. Photographs are always high on the possessions-to-be-saved list, so why not look at showing friends and family another way to have a copy a local disaster isnt going to destroy. A few hours spent making copies of a life times worth of memories is any fair trade anyone the rest, well, best off quickly deleted or destroyed before finding their way to a social media site and haunt you until the end of the Internet.
Most of those that read this diary will have some method of making a backup of these treasured images, as were all aware of best practice disaster recovery and the importance of backups. If we think about our non-technical families and friends, do they have any such plans or procedures and is it easy to do without having to holding their hand every time they save a picture?
The old surely the Cloud is the only true answer?
Privacy issues of uploading images to the internet keeps some of us up all night, but as an incredibly effective backup method thats easy to do by anyone that can use a web browser, is it not worth some serious consideration? Those that are willing to pay for an online backup service, these services can allow for encrypted files to be uploaded and stored, satisfying the security and privacy conscious needs.
The free services, such as Flickr, Picasa or Microsofts sky drive are simple to set up, easy to use and manage. One of the more important details to set in the minds of anyone that uses these services is the level of access. The atypical three level of access are:
Public the whole world can see your pictures
Shared only people you allow can see your pictures
Private only you can see your pictures
Recommending starting with the shared option, as only friends and family should be able to access the images, is a reasonable starting point. After explaining how this works, how to set it up then why its important to set the restrict viewing options, tick off one of those New Years resolutions to bring IT goodness and a little extra piece of mind to those around. Safe and happy backing up. (c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
 
A California man has pleaded guilty to charges that he broke into the e-mail accounts of thousands of women, scouring them for nude photos that he then posted to the Internet.
 
I took a close look at HP's Envy 17 last September and found a lot to like, plus a few issues that bugged me. So it goes with most products--there's no perfect laptop. Now HP's refreshing the Envy 17, adding a new display and stereoscopic 3D capability.
 
Christopher writes in to tell us about new BES Server updates just out resolving PDF Vulnerabilities == http://www.blackberry.com/btsc/search.do?cmd=displayKCdocType=kcexternalId=KB25382

and

http://docs.blackberry.com/en/admin/deliverables/23945/BlackBerry_Enterprise_Server_Express-Release_Notes--1398117-0107122043-001-5.0_SP1_and_5.0_SP2-US.pdf (c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
 
=============== Rob VandenBrink Metafore (c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
 
The U.S. Department of Justice is looking into challenging Google's plan to buy travel software company ITA Software, according to reports.
 
Smartphones don't look particularly dangerous. But in the wrong hands, they can cause serious damage to a company's finances, reputation, and even long-term survivability. And those "wrong hands" aren't always the folks on the wrong side of the law.
 
Intel on Thursday said it wrapped up a strong fiscal 2010 with profit and revenue gains in the fourth quarter, and predicted a strong fiscal year 2011.
 
"Microsoft is fatally locked in the past," says one reader, while another says that after Feb. 10, "nobody will even consider the Android." Are new technologies spelling doom and gloom for existing powerhouses?
 
Dell said Thursday it has replaced the head of its US$8 billion services business, which it built up in late 2009 through its acquisition of Perot Systems.
 
You wouldn't judge a book by its cover, and you shouldn't judge a piece of software by its name. Especially when it sports a name like Help by Leo. If you can overlook the hokey moniker, you just might be impressed by this interactive help tool. It's certainly not perfect, but Help by Leo (free for personal use) is pretty darn helpful.
 
The FTC settles a complaint with a website it says made unauthorized charges on its customers credit cards.
 
Marking the 50th anniversary of the inauguration of President John Kennedy, the JFK Library Foundation unveiled the nation's largest online digitized presidential archive, including global access to papers, records, photographs and recordings from his presidency.
 
Mozilla hopes to have a final version of Firefox 4 ready to ship by the end of February, according to comments made by the company's engineering director.
 
InduSoft NTWebServer Web Service Stack-Based Buffer Overflow Vulnerability
 
What separates the helpful ones from the deadweight?
 
Working 200 feet underground in an abandoned limestone mine, Hans Jensen of Iron Mountain carefully digitizes a film of President Kennedy for uploading to a new online archive.
 
The BlackBerry PlayBook, initially being sold with Wi-Fi, will allow tethering to a BlackBerry smartphone, giving users access to the smartphone's cellular network and all the calendar, messaging and Web-browsing features running on the smartphone, RIM officials said
 
More than a quarter of iPhone owners now using AT&T will switch to Verizon, a U.S. consumer survey said today.
 
Gartner, like IDC before it, said PC sales grew more slowly than expected in the fourth quarter, largely due to competition from tablets like Apple's iPad.
 
Poland-based Etsy shop Rib & Hull offers a variety of felt, leather, and canvas sleeves for laptops and media devices. Its newest offering, the 11-inch MacBook Air sleeve, gives Apple's tiny laptop sleek, moderate protection from outside dangers and bag bumps.
 
SAP on Thursday reported preliminary results for the fourth quarter and year ending Dec. 31 that showed a strong uptick in software revenue, spurred in part by its acquisition of Sybase last year.
 
Final Penultimate last Call for Papers for CanSecWest 2011 (deadline Jan. 17th, conf March 9-11)
 
[ MDVSA-2011:005 ] evince
 
[security bulletin] HPSBMA02624 SSRT100195 rev.1 - HP LoadRunner, Remote Execution of Arbitrary Code
 
[USN-1042-2] PHP5 regression
 
Microsoft Windows Kernel 'Win32k.sys' Keyboard Layout Local Privilege Escalation Vulnerability
 
This diary is a bit different than the tecky ones i usually write, I'm hoping we can have a discussion on what trends folks are seeing in their security budgets and projects for 2011.

I'll go first, I hope that's ok. I'm seeing IT budgets trending towards modest increases, but with a real difference. IT budgets all seem to be skewed towards things that have quantifiable, hard returns on investment. Things like virtualization, storage upgrades and updates to core business applications are the big winners this year. The exception to this trend seems to be at the plus end of the spectrum. I've got 10gig network upgrades, trill and fcoe projects left and right.

What I'm not seeing is increases in security budgets. There seems to be fewer audits and pentests, or in some cases none at all. Security teams seem to have a big helping of more with less this year. While you can get a lot done with a good imagination, good skills and free tools, a zero budget and no time allocatedis still a big pair of obstacles. What managers often overlookis the rate of change in this field. Standing still in your securuty efforts in most cases means walking backwards in varying degrees of briskness. I'm seeing lots of folks walking slowly backwards lately.

So, please, use the contact form and let us know what you see coming up for security projects and budgets this year. Is what I'm seeing matching what's happening in your company, or am I off base completely?



=============== Rob VandenBrink Metafore =============== (c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
 
Research In Motion plans to launch a cloud-based version of its popular BlackBerry Enterprise Server by the end of 2011.
 
Research in Motion showed off its upcoming 7-in. PlayBook tablet today in Boston, arguing that the device can bridge the consumer and enterprise market for tablets.
 

Hacker Halted USA Returns to Miami - October 21-27, 2011
PRLog.Org (press release)
The conference will again be held at the Intercontinental Miami and will include advanced infosec training and presentations from some of the world's most ...

and more »
 
Three employees at Tucson's University Medical Center have been fired for improperly accessing the medical records of some of the victims in Saturday's shooting spree that killed six people and wounded 14, including U.S. Rep. Gabrielle Gifford.
 
RETIRED: PHP-Nuke 'modules.php' Cross Site Scripting Vulnerability
 

Panda Security researchers document the troubling use of fake antivirus software

Rogue antivirus first surfaced only four years ago, but today it makes up about 11.6% of all malware, according to PandaLabs, the research arm of Panda Security.

It looks like the cybercriminals behind rogue antivirus software are keeping it fresh, according to the PandaLabs Annual Report 2010 (PDF), which documents many of the common threats and trends that dominated 2010. The researchers found that 40% of all rogue antivirus programs were created in 2010. Of more than 5.6 million individual examples of fake antivirus programs, nearly 2.3 million were detected between January and November of 2010.

According to the report:

If we analyze all the examples classified of this type of threat with respect to all malware contained in our Collective Intelligence database (the automatic system we use to detect, analyze and classify 99.4% of the 63,000 new threats that appear every day), some 11.6% are fake antivirus programs. And let’s not forget that this database contains all the malware detected in the 21 year history of our company, while rogueware only emerged four years ago.

Panda estimates that about 53% of computers users have been infected at some time by malware, even with protection installed and up to date. That leaves plenty of revenue opportunities for fake antivirus peddlers. According to Panda, they’re taking in about $34 million a month.

Here’s the malware type breakdown based on an analysis of 60 million malware files analyzed by Panda:

  1. Trojans: 55.9%
  2. Traditional viruses: 22%
  3. Adware: 17%
  4. Worms: 10%
  5. Spyware: 5.7%

We’ve written about some of the social engineering attempts used by rogueware pushers. In October there was a report of Rogue antivirus spoofing Google and Firefox attack warning pages. In March, an Amazon phishing scam duped people into downloading a fake antivirus program. PandaLabs also found new rogueware using ransomeware technology.

The good news is that enterprises can benefit by educating end users about the dangers of these programs. Some experts say a little education over time helps. Finally, many standard antimalware programs can detect the phony malware.



Add to digg Add to StumbleUpon Add to del.icio.us Add to Google
 

Rebranding part of strategy to streamline operations and expand technology portfolio.

Web security appliance vendor St. Bernard Software Inc. is renaming itself. The software vendor, which targets small and midsize businesses, will be called EdgeWave.

San Diego, Calif.-based St. Bernard targets small and midsize businesses with Web security appliances, software and hosted security offerings.

In a statement, Lou Ryan, the company’s CEO and chairman said over the last year the company has taken significant steps in the last year to improve its senior leadership team and bring on additional employees. The company is also expanding its technology portfolio and overhauling its go-to-market strategy, he said.

We believe all of these efforts will produce greater customer satisfaction and increase business growth and shareholder value over the long term.

The changes include the addition of five new executives, the streamlining of operations and retooling of the company’s back office operation, the company said. In addition the company plans an expansion into new markets with new products.

The new name reflects a broader mission that builds on the company’s strong Web and email security foundation, Ryan said.

St. Bernard acquired managed email security supplier Red Condor in August. Red Condor sells hosted and hybrid email spam filtering products to small businesses and ISPs.



Add to digg Add to StumbleUpon Add to del.icio.us Add to Google
 
Python 'audioop' Module Memory Corruption Vulnerability
 
Python 'audioop' Module Integer Overflow Vulnerability
 

Seven cyber crime facts executives need to know
ComputerworldUK
IT Risk Management (InfoSec, BC / DR, Compliance, Governance), like ERM, is a continuous improvement program, not merely an "achieve it once and forget it" ...

and more »
 
Google Thursday said it patched 16 bugs in the Chrome browser, including one tagged as critical that brought its founder a record $3,133 bounty.
 
SPB Software has released a migration tool that should make it easier for consumers to move from Symbian or Windows Mobile to Android-based smartphones and tablets, the company said on Wednesday.
 
Google is accelerating its push in the e-book space by acquiring eBook Technologies, a company that specializes in both hardware and content distribution for electronic readers.
 
Analysts say Apple sold nearly 2 million Mac desktops and laptpns in the fourth 2010 quarter, but still dropped two places to the fifth spot in U.S. computer sales.
 
Research In Motion has given mobile carriers in India the ability to intercept e-mail and instant messages from BlackBerry consumer services if requested by the government, according to a customer update from the company.
 
A controversial 2005 bill designed to create a national standard for driver's licenses may not be quite as dead in the water as many might have assumed, according to a report released this week by the Center for Immigration Studies.
 
Who can you trust?
 
Who can you trust?
 
Infosys Technologies, India’s second largest outsourcer, reported Thursday strong growth in revenue and profits for the quarter ended Dec. 31, but warned that the outsourcing market continues to be uncertain.
 
Last week's Consumer Electronics Show was indisputably dominated by tablets. Almost a year since Apple redefined portable computing with its iPad, competitors launched attempts to cut the Cupertino company's lead. Taken together, the announcements at CES provide a much clearer picture of the likely evolution of the tablet market in 2011 and provide consumers a few tips on what to look for and when to buy.
 
Microsoft Works 7 'WkImgSrv.dll' ActiveX Control Remote Code Execution Vulnerability
 
InfoSec News: Stuxnet-Like Trojans Can Exploit Critical Flaw in Chinese Industrial Software: http://www.eweek.com/c/a/Security/StuxnetLike-Trojans-Can-Exploit-Critical-Flaw-in-Chinese-Industrial-Software-296674/
By Fahmida Y. Rashid eWEEK.com 2011-01-12
A critical security flaw in supervisory-control-and-data-acquisition (SCADA) systems used in China raises the possibility of another [...]
 
InfoSec News: 3 UMC workers fired for records access: http://azstarnet.com/news/local/crime/article_4f789a48-1e8c-11e0-929a-001cc4c002e0.html
By Stephanie Innes Arizona Daily Star January 12, 2011
Three employees at Tucson's University Medical Center have been fired for violating patient privacy in connection with accessing confidential [...]
 
InfoSec News: USENIX LEET '11 Submission Deadline Approaching: Forwarded from: Lionel Garth Jones <lgj (at) usenix.org>
I'm writing to remind you that the submission deadline for the 4th USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET '11) is quickly approaching. Please submit your work by Tuesday, January 25, 2011, at 11:59 p.m. PST. [...]
 
InfoSec News: Spectrum analyzer catches exam cheats in Taiwan: http://www.pcworld.idg.com.au/article/373172/spectrum_analyzer_catches_exam_cheats_taiwan/
By Ralph Jennings IDG News Service 12 January, 2011
Police in Taiwan used a set of spectrum analyzers to catch at least three people suspected of cheating on an exam by monitoring them for [...]
 
Drupal Panels Module Unspecified HTML Injection Vulnerability
 

Posted by InfoSec News on Jan 13

http://www.eweek.com/c/a/Security/StuxnetLike-Trojans-Can-Exploit-Critical-Flaw-in-Chinese-Industrial-Software-296674/

By Fahmida Y. Rashid
eWEEK.com
2011-01-12

A critical security flaw in supervisory-control-and-data-acquisition
(SCADA) systems used in China raises the possibility of another
Stuxnet-like attack, a security researcher said.

The latest stable version of KingView, the SCADA software developed by
Beijing WellinControl...
 

Posted by InfoSec News on Jan 13

http://azstarnet.com/news/local/crime/article_4f789a48-1e8c-11e0-929a-001cc4c002e0.html

By Stephanie Innes
Arizona Daily Star
January 12, 2011

Three employees at Tucson's University Medical Center have been fired
for violating patient privacy in connection with accessing confidential
medical records in the high-profile shooting rampage that killed six
people and left Congresswoman Gabrielle Giffords in critical condition,
hospital...
 

Posted by InfoSec News on Jan 13

Forwarded from: Lionel Garth Jones <lgj (at) usenix.org>

I'm writing to remind you that the submission deadline for the 4th
USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET '11)
is quickly approaching. Please submit your work by Tuesday, January 25,
2011, at 11:59 p.m. PST.

http://www.usenix.org/leet11/cfpb

Now in its fourth year, LEET continues to provide a unique forum for the
discussion of threats to the...
 

Posted by InfoSec News on Jan 13

http://www.pcworld.idg.com.au/article/373172/spectrum_analyzer_catches_exam_cheats_taiwan/

By Ralph Jennings
IDG News Service
12 January, 2011

Police in Taiwan used a set of spectrum analyzers to catch at least
three people suspected of cheating on an exam by monitoring them for
mobile phone signals, a first case of its type, the equipment maker said
on Wednesday.

Officers used three FSH4 analyzers specially configured by the German...
 


Internet Storm Center Infocon Status