InfoSec News

Adobe has released an advisory for Flash Player 10.1.82.76 and earlier versions for Windows, Macintosh, Linux, Solaris, and Adobe Flash Player 10.1.92.10 for Android, as well as Adobe Reader 9.3.4 for Windows, Macintosh and UNIX, and Adobe Acrobat 9.3.4 and earlier versions for Windows and Macintosh. CVE-2010-2884 has been assigned to the issue, which has an impact of crashing Flash or arbitrary code execution on some affected platforms. There is currently no patch, Adobe has indicated that it should be released in late September and/or early October. There are indications that this previously unknown vulnerability is currently being exploited in the wild by malicious web sites attacking browsers. YYAAAV Yes, Yet Again Another Adobe Vulnerability. Sigh.
Keep an eye out for this one folks. It will take a bit for the anti-virus, IDS/IPS and other vendors to catch up and detect the malware that exploits the vulnerability. Although by that point the box affected may well be compromised as most detect after the exploit has already taken place. Since the vendor has released the advisory after being notified that exploits are already occurring against Windows boxes it is recommended to explore workarounds for mitigation, detection of already compromised hosts, and cleanup.
Adobe PSIRT blog: http://blogs.adobe.com/psirt/2010/09/security-advisory-for-adobe-flash-player-apsa10-03.html
Adobe advisory: http://www.adobe.com/support/security/advisories/apsa10-03.html
Cheers,

Adrien de Beaupr

EWA-Canada.com (c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
 
Alert follows last week's warning of a critical flaw in Reader, Acrobat.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google

Adobe Acrobat - Adobe Flash - Adobe Systems - Security - Multimedia
 
Less than a week after warning users that hackers were exploiting an unpatched bug in its Reader PDF viewer, Adobe on Monday said Flash, its other prominent program, was also under fire.
 
When Intel engineers began thinking about designing a new chip architecture, they first decided to reconsider the way they think about laptops.
 
A federal judge has thrown out a lawsuit aimed at stopping the federal government from restricting the use of H-1B visas by IT staffing firms.
 
The security firm Damballa is warning of a large and fast growing botnet created specifically to deliver distributed denial of service (DDoS) attacks on demand for anyone willing to pay for the service.
 
Mitsubishi Electric will begin selling this month a modular display that can be built to almost any size by combining square display blocks.
 
A physical security specialist teams up with an IT security specialist to outline a more potent defense. From the CSO Security Standard event in New York.
 
Motricity announced mCore MobileCast, a service for wireless carriers and large companies that want to deliver content to smartphones based on user preferences.
 
Like many of you, I've had trouble syncing Outlook calendars and contacts with my iPhone. After more than a year of syncing without much trouble, it suddenly stopped working. I've spent a lot of frustrating time tweaking this and that and talking with Apple support, but to no avail.
 
Microsoft posts a pre-release of its communications server, now called Lync
 
Social networks and microblogging sites are getting a significant boost from the influx of new mobile devices from a variety of vendors.
 
Mozilla, which launched the latest beta of Firefox 4 last week, has started to drop features from the still-under-construction browser.
 
Like many people, I have more music and videos than can possibly fit on my iPhone. What am I supposed to do? Delete all my episodes of "Firefly" to make room for "Flight of the Conchords"? Am I supposed to not listen to Brendan Benson because he can't fit alongside my Green Day library?
 
Microsoft will issue a blanket software license to nonprofit groups and journalist groups outside the U.S. after the New York Times reported that Russian police have used software copyright raids to seize computers of activist groups.
 
CEO Paul Otellini kicked off the company's annual IDF conference by announcing that Intel is on track to ship a 22-nanometer processor in 2011.
 
HP says its planned $1.5 billion buyout of ArcSight announced Monday is intended to propel HP into the heart of enterprise security -- a move that both surprised and impressed industry watchers.
 

Forbes (blog)

HP Acquires Arcsight In Ongoing Security Shopping Spree
Forbes (blog)
... the rumor has helped to boost Symantec's stock 20% over the last month. Expect the infosec industry gossip–and likely the deals–to continue.

and more »
 

Network Security and PCI Compliance to be Explored at Secure Boston Event
TMCnet
He has also been honored with the title as one of the “Top 10 Sexy Infosec Geeks of 2009.” Astaro recently published an e-book titled Driving Profitability ...

and more »
 
Google has released a breakdown of Android releases running on active smartphones, tablets and other devices and the results show that the latest versions are taking off along with Android itself.
 
Apple today announced that it will sell the iPad in China starting this Friday.
 

NaviSite Teams With Industry Experts on Cloud Security Webinar
MarketWatch (press release)
... Allen has earned the highest industry certifications including CCIE, CCSP, CISSP, MCSE, CCSE, INFOSEC Professional, and the NSA CNSS 4013. ...

and more »
 

Military network security for guarding JTRS against electronic warfare attacks ...
Military & Aerospace Electronics (blog)
NSA awarded information security (INFOSEC) certification to the General Dynamics AIM II RF cryptographic module for JTRS handheld, manpack, small form fit, ...

 
BurstPoint Networks officially launched operations today with a portfolio of enterprise-class video-streaming and videoconferencing products.
 
RonE asked the Windows forum why Windows 7's XP Mode can't see other computers on the network. It can access the Internet.
 
Hewlett Packard struck a $1.5 billion deal to integrate ArcSight's event correlation software into its IT management and operations suite.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google

Hewlett Packard - ArcSight - Business - HP - Hardware
 

Top Infosec Articles of the Year - Part 1
CIO
Our first year here at Infosec Island has been really exciting. The Island has really taken on a life of its own, with more contributions than we could have ...

 

NaviSite Teams With Industry Experts on Cloud Security Webinar
PR-USA.net (press release)
... Allen has earned the highest industry certifications including CCIE, CCSP, CISSP, MCSE, CCSE, INFOSEC Professional, and the NSA CNSS 4013. ...

and more »
 
We have received reports that CVE-2010-2883 is being actively exploited.
There are a couple of interesting analysis done about this vulnerability. Read them at http://community.websense.com/blogs/securitylabs/archive/2010/09/10/brief-analysis-on-adobe-reader-sing-table-parsing-vulnerability-cve-2010-2883.aspxand http://www.attackvector.org/new-adobe-0day-demonstration.
Read the Adobe advisory here.
-- Manuel Humberto Santander Pelez | http://twitter.com/manuelsantander| http://manuel.santander.name| msantand at isc dot sans dot org (c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
 
Hewlett-Packard announced Monday that it has agreed to purchase security vendor ArcSight for $1.5 billion. The deal is expected to close by the end of the year.
 

Handler Daniel wrote a story abot Enhanced Mitigation Experience Toolkit(EMET) in september 2. This tool can be used now to successfuly block Adobe Reader and Acrobat CVE-2010-2883 exploit. More information athttp://blogs.technet.com/b/srd/archive/2010/09/10/use-emet-2-0-to-block-the-adobe-0-day-exploit.aspx

More details about EMET athttp://technet.microsoft.com/en-us/security/ff859539.aspx

-- Manuel Humberto Santander Pelez | http://twitter.com/manuelsantander| http://manuel.santander.name| msantand at isc dot sans dot org (c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
 

BankInfoSecurity.com

ACH Case: Headed to Trial?
BankInfoSecurity.com
However, David Navetta, a partner at InfoSec Law Group disagrees. "Although I can't quote statistics, it is generally known that the vast majority of cases ...

 
Google shook the search market last week with the launch of Instant, a new feature that lets the company's search engine refresh results on the fly as people type their queries.
 
Rumor has it Apple will soon launch a new iPad tablet, and that's a good thing. Because the first-generation model is already looking a bit creaky.
 
Six months after launching its Google Apps Marketplace, Google is pleased with the project's progress but acknowledges it has much bigger expectations.
 
As attacks against VoIP persist businesses not only have to defend themselves, they have to do it under the gun of regulators who want proof that security was addressed in accordance with their ever-changing rules.
 
Hewlett-Packard announced Monday that it has agreed to purchase security vendor ArcSight for US$1.5 billion. The deal is expected to close by the end of the year
 

Forbes (blog)

HP Acquires Arcsight In Ongoing Security Shopping Spree
Forbes (blog)
... the rumor has helped to boost Symantec's stock 20% over the last month. Expect the infosec industry gossip–and likely the deals–to continue.

 
Dell may have lost out to Hewlett-Packard in the bidding war for storage vendor 3Par earlier this month, but the computer maker wasn't pained by the decision to walk away.
 
Microsoft and Adobe are urging that users run Microsoft's Enhanced Migration Experience Toolkit to block ongoing attacks against the popular PDF viewer software.
 
Analysts say that if HP plays its cards right, its $2.4 billion purchase of 3Par could prove fruitful, even though it paid roughly 11 times the amount of revenue generated by grid storage maker in 2009.
 
Social media offers organizations like the Red Cross a cheaper, easier means of responding in an emergency.
 
Two contributing factors are the way we teach -- or fail to teach -- IT to high-school students, and the uncertainties of the domestic job market.
 
Gartner predicts that the supply of IT staffers qualified to handle Windows 7 migrations will exceed demand over the next few years, leading to higher IT labor costs.
 
Tips for ensuring that employees don't reveal private data when they log into public Wi-Fi networks at hotels, coffee shops and Internet cafes.
 
Ambit Energy CIO and co-founder John Burke turned away from software vendors and outside consultants to build out Ambit's IT infrastructure, opting to do everything in-house.
 
Doctors, lawyers and other business professionals are using iPads to ease their workloads, but analysts and other observers say Apple's tablet isn't yet ready to replace laptops for key business functions.
 
Purdue University uses software to slow down server chips -- and thus reduce heat -- when the data center's cooling system falters.
 
Researchers find that RFID tags transmit signals much farther when the radio waves go though air ducts, which opens the door to installing wireless sensors throughout buildings.
 
Futurist Thornton May says the IT leaders who will survive the next decade are those who excel at the four M's: mapping the future, mastering the 'info-cosm,' mobilizing the masses, and modernizing marketing.
 
InfoSec News: Information about MV Sun Sea migrants stolen from Tamil group's office: http://www.theglobeandmail.com/news/national/information-about-mv-sun-sea-migrants-stolen-from-tamil-groups-office/article1704561/
By Kelly Grant Globe and Mail Sept 12, 2010
Canada's most prominent Tamil organization is concerned about the safety [...]
 
InfoSec News: Report: HP to buy ArcSight for $1.5 billion: http://www.networkworld.com/news/2010/091210-report-hp-to-buy-arcsight.html
By Robert McMillan IDG News Service September 12, 2010
Hewlett-Packard will soon purchase security vendor ArcSight for $1.5 billion, the Wall Street Journal reported Sunday. [...]
 
InfoSec News: JPMorgan Said to Test IPhone, BlackBerry Alternatives: http://www.bloomberg.com/news/2010-09-10/jpmorgan-said-to-test-iphone-for-e-mail-as-more-bankers-bypass-blackberry.html
By Hugo Miller, Elena Logutenkova and Adam Satariano Bloomberg September 10, 2010
JPMorgan Chase & Co. may soon let employees use iPhones for corporate [...]
 
InfoSec News: Newly Discovered World Cup Database Breach Exposed 250, 000 Attendees' Details: http://www.darkreading.com/database_security/security/attacks/showArticle.jhtml?articleID=227400151
By Ericka Chickowski Special To Dark Reading DarkReading Sept 10, 2010
Hundreds of thousands of attendees at the 2006 World Cup in Germany were put at risk of identity theft, though the major breach of a FIFA database was only recently uncovered.
Initially reported by Norwegian newspaper Dagbladet, the breach came to light when an employee of the firm in charge of World Cup 2010 ticketing circulated an e-mail peddling more than 250,000 2006 World Cup customer details, including such personal information as birth dates and passport information.
According to Rob Rachwald, director of security strategy at database monitoring firm Imperva, the interesting hook to this story is that the customer data in question came from the Germany event four years ago and not the South African World Cup last summer. He says the event is indicative of a number of failures, including carelessness with older databases and unused data, a failure to think beyond the conclusion of the event, and a failure to have a full data security protection and destruction strategy.
"At the end of the '06 World Cup, a data destruction process should have been performed, and it clearly didn't occur to anyone [with FIFA or its IT firm]," Rachwald says. "[A good strategy should] identify what you have, attach risk and design a protection and destruction program."
[...]
 
InfoSec News: Quantum Cryptography Breached With Lasers: http://www.informationweek.com/news/security/vulnerabilities/showArticle.jhtml?articleID=227300318
By Mathew J. Schwartz InformationWeek September 8, 2010
Norwegian computer scientists have perfected a laser-based attack against quantum cryptography systems that allows them to eavesdrop on [...]
 
All of a sudden, data center networking has gone from ho-hum to hot.
 
When talk turns to flattening the data center network, Cisco has as much of a story to tell as the other guys, if not more so.
 
From its position in the switching trenches, Juniper Networks has planned not one, but two ways to flatten legacy three-tier data center networks.
 
It's no secret that Fibre Channel storage vendor Brocade has long coveted a piece of the next-generation data center network. The company made that clear with its 2008 acquisition of Ethernet switch vendor Foundry Networks.
 
Now that HP has the 3Com H3C switch technology in house, it's got the goods for helping enterprises flatten their data center network architectures.
 
Gibbs refuses to sign away his privacy rights.
 
Our Network World State of the Network Study gives a fascinating view into where you stand on everything from budget availability to thoughts on the stature of networking and plans for a range of technology options.
 
New research from PricewaterhouseCoopers paints a rosy picture for the future of health-care services delivered over mobile devices, and who would question such optimism given that virtually anything that's important to consumers is rapidly going mobile.
 

Posted by InfoSec News on Sep 12

http://www.theglobeandmail.com/news/national/information-about-mv-sun-sea-migrants-stolen-from-tamil-groups-office/article1704561/

By Kelly Grant
Globe and Mail
Sept 12, 2010

Canada's most prominent Tamil organization is concerned about the safety
of some families in Sri Lanka after sensitive information about their
boat migrant relatives was stolen from the group's Toronto office.

A computer containing the names, birth certificates and...
 

Posted by InfoSec News on Sep 12

http://www.networkworld.com/news/2010/091210-report-hp-to-buy-arcsight.html

By Robert McMillan
IDG News Service
September 12, 2010

Hewlett-Packard will soon purchase security vendor ArcSight for $1.5
billion, the Wall Street Journal reported Sunday.

Citing unnamed sources, the Journal said that the deal could be
announced as soon as Monday. ArcSight sells a well-regarded product that
gives system administrators a way to monitor their...
 

Posted by InfoSec News on Sep 12

http://www.bloomberg.com/news/2010-09-10/jpmorgan-said-to-test-iphone-for-e-mail-as-more-bankers-bypass-blackberry.html

By Hugo Miller, Elena Logutenkova and Adam Satariano
Bloomberg
September 10, 2010

JPMorgan Chase & Co. may soon let employees use iPhones for corporate
e-mail, making it an alternative to Research in Motion Ltd.’s BlackBerry
at the bank for the first time, two people familiar with the situation
said.

JPMorgan is...
 

Posted by InfoSec News on Sep 12

http://www.darkreading.com/database_security/security/attacks/showArticle.jhtml?articleID=227400151

By Ericka Chickowski
Special To Dark Reading
DarkReading
Sept 10, 2010

Hundreds of thousands of attendees at the 2006 World Cup in Germany were
put at risk of identity theft, though the major breach of a FIFA
database was only recently uncovered.

Initially reported by Norwegian newspaper Dagbladet, the breach came to
light when an employee...
 

Posted by InfoSec News on Sep 12

http://www.informationweek.com/news/security/vulnerabilities/showArticle.jhtml?articleID=227300318

By Mathew J. Schwartz
InformationWeek
September 8, 2010

Norwegian computer scientists have perfected a laser-based attack
against quantum cryptography systems that allows them to eavesdrop on
communications without revealing their presence.

One of the biggest commercial uses for quantum cryptography to date has
been to securely exchange keys....
 

Internet Storm Center Infocon Status