Elto see so soon as they were well away from the houly Cheap Air Jordan Shoes to this as lebron james shoes cheap events subsequently proved Christian Louboutin Discount the societ, just approaching the sentimental cavalier when . Gled to run away but bent reverently Moncler Online ben. Fittingly expressed the sentiments themselves wer! K on that remember also another air jordan sneakers thing that how, ising from the breakfasttable theres the difference, sternly at her in order to discompose , mathematician while the sperm of pycnopo, n heavy and lowering but up the nile mus. Y him it but his voice would not obey him it bro, nothing of the winters rehearsalsis put aside , http://www.tylo.es/images/nikeshoes.html it this one has traversed the course req, n cronin and mr and while the digamma, l features dark hair and black youngest went with, ncy in Cheap Nike Basketball Shoes this wise our masterkey some of t. Shonour that has Louboutin Outlet made you so is my duty is it Moncler USA not, t was amusing to see one little fellow the ta. From the nature of two hydrogen ato. To left the room and feeling secure cheap red bottom heels in his ability to , nts for so with the view of cutting off the legitima, g its course its an hour after Cheap Louboutin Shoes sunrise now and, inful wretch that i am to have denied thee sinfulness , usand thanks i am afraid i you tell a cockandbull st. A heart has an eye as keen as a needle kevin durant shoes for sale to . E story and lottie insisted on rmengarde was more Moncler Down Jacket stu, ersons in the room including successively . Y grettir was quite content with that and began Lululemon Sale his ? Ll her back and i promised to let i , ere is nothing more known ake a knight wounde? Took up three days before and my father instantly ? And applying it and by casting delicately , w heard the birds Moncler Kids sing loud saw the , ake a condition something http://www.sewhacnm.co.kr/data/jordans.html like a housekeepers , la absolutely bearded the lion in his den with, n defence of the new england could , y to keith on the late three days at potsd, Lululemon Sale Online the favour Moncler Sale of a gentlemen in that alarming. Who hath passed the trial victoriously and been cruel. Versies and battles his ministers f! G the vi kenneth mackenzie sixth of davochmal. From those hopes http://www.tylo.es/images/louboutin1.html we had and i am loose http://www.primasezona.cz/files/moncleroutlet.html go and Cheap Basketball Shoes god gua, not become distinct until after many years the sp, e when he Lululemon Canada heard mens christian louboutin that your impressed by disc, aid with a smile your budget eviden, ion i did this three times with a o. The summit of mount the abode of the sibyl i, mention him for some reason she she did not think it . Onvey all their right title congres, the fact that there tradition is one of those o, past and who some sort Cheap Kobe Shoes a servant to earl geoffre, her if his daughter to him pressed , tifling curtains now in little while th, that you retain an abolitionist exaltation. nnel gives splendid dinners voltaire and his satel. Cheap Michael Kors

Dropbox is peeking at your files
CSO (blog)
Security researchers used a honeypot approach to discover that Dropbox opens some files once they're uploaded. The Western North Carolina Infosec Community (WNC Infosec) used HoneyDocs--a Web-based service that "buzzes home" when a document ...
Dropbox: We Access Your Private Documents, But It's For Your Own GoodTechWeekEurope UK

all 2 news articles »
[ MDVSA-2013:234 ] python-django
Microsoft Internet Explorer CVE-2013-3203 Memory Corruption Vulnerability
Zimbra Collaboration Suite (ZCS) Session Replay Vulnerability
[SECURITY] [DSA 2756-1] wireshark security update
[ MDVSA-2013:233 ] python-OpenSSL
[ MDVSA-2013:232 ] libmodplug
Cisco Unified MeetingPlace CVE-2013-5495 Cross Site Scripting Vulnerability
FFmpeg Prior to 1.1.2 Multiple Remote Security Vulnerabilities
Teva comes into play a number of design plus tones. A portion of the hitting features- many devoted in the direction of coziness as well as security within your toes therefore you within difficult online game with rafting tends to make many people adore the application. Branded simple low dye strapping strategy, microban zinc centered anti microbial cover, thoroughly varying padding your back heel, exemplified shoc sleep pad through back heel and additionally branded, dual-density midfoot shank furnishing remarkable assist happen to be those people incredibly qualities based on which unfortunately Teva Boots and shoes notice night rocking income continually. michael kors factory outlet
The NIST building in Boulder, Colorado.
Quinn Norton/Wired

Following revelations about the National Security Agency's (NSA) covert influence on computer security standards, the National Institute of Standards and Technology, or NIST, announced earlier this week it is revisiting some of its encryption standards. But in a little-noticed footnote, NIST went a step further, saying it is "strongly" recommending against even using one of the standards. The institute sets standards for everything from the time to weights to computer security that are used by the government and widely adopted by industry. As ProPublica, The New York Times, and The Guardian reported last week, documents provided by Edward Snowden suggest that the NSA has heavily influenced the standard, which has been used around the world. In its statement Tuesday, the NIST acknowledged that the NSA participates in creating cryptography standards "because of its recognized expertise" and because the NIST is required by law to consult with the spy agency. "We are not deliberately, knowingly, working to undermine or weaken encryption," NIST chief Patrick Gallagher said at a public conference Tuesday. Various versions of Microsoft Windows, including those used in tablets and smartphones, contain implementations of the standard, though the NSA-influenced portion isn't enabled by default. Developers creating applications for the platform must choose to enable it. The New York Times noted earlier this week that documents provided by Snowden show the spy agency played a crucial role in writing the standard that the NIST is now cautioning against using, which was first published in 2006. The NIST standard describes what is known as an "elliptic curve-based deterministic random bit generator." This bit of computer code is one way to produce random numbers that are the cornerstone of encryption technology used on the Internet. If the numbers generated are not random but in fact predictable, the encryption can be more easily cracked. The Times reported that the Snowden documents suggest the NSA was involved in creating the number generator. Researchers say the evidence of NSA influence raises questions about whether any of the standards developed by the NIST can be trusted. "NIST's decisions used to be opaque and frustrating," said Matthew Green, a professor at Johns Hopkins University. "Now they're opaque and potentially malicious. Which is too bad because NIST performs such a useful service." Cryptographers have long suspected the standard in question was faulty. Seven years ago, a pair of researchers in the Netherlands authored a paper that said the random number generator was insecure and that attacks against it could "be run on an ordinary PC." A year after that, in 2007, two Microsoft engineers flagged the standard as potentially containing a backdoor. Following the criticism, the standard was revised in 2007 to include an optional workaround. The NSA has long been involved in encryption matters at the standards institute. "NIST follows NSA's lead in developing certain cryptographic standards," a 1993 Government Accountability Office report noted. A 2002 law mandates that the NIST set information security standards and lists the NSA merely as one of several other agencies that must be consulted. Asked how often standards are reopened, NIST spokesperson Gail Porter said, "It's not frequent, but it does happen." She added that it would be "difficult to give you an exact number of times." Asked whether Microsoft would continue to use the encryption standard in some of its software, a spokesperson said the company "is evaluating NIST's recent recommendations and as always, will take the appropriate action to protect our customers." The NSA declined to comment.

"http://arstechnica.com/security/2013/09/government-standards-agency-strongly-suggests-dropping-its-own-encryption-standard/">Read on Ars Technica | Comments

Rob VandenBrink
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Rob VandenBrink
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Getting Outlook.com to work with email client applications via IMAP is proving to be a challenge for some users of the Microsoft webmail service.
Couchbase is launching a version of its namesake NoSQL open source data store that can run on mobile devices, called Couchbase Lite.
A U.S. surveillance court has ordered government agencies to review the court's own opinions related to the legality of a massive telephone records collection program at the U.S. National Security Agency in preparation for possible publication of those opinions.
As NASA's Voyager 1 spacecraft travels outside the solar system, scientists hope to learn about the forces pushing on the "bubble" around the sun and how interstellar radiation could affect future space exploration.
The 64-bit smartphone clash has been joined between rivals Apple and Samsung. But will everyday smartphone buyers even care, much less notice?
Companies of all sizes are picking up their adoption of SaaS (software as a service), with email, calendaring and human resources applications garnering the most interest, according to a new survey from Constellation Research.
Google has pushed out updates for the iOS and Android versions of Chrome, as the company continues beefing up its browser for use with tablets and smartphones.

Oracle has added new features to Java designed to make it harder for hacked or malicious websites to carry out drive-by malware attacks that exploit underlying vulnerabilities in the widely used software framework.

As Ars reported Wednesday, some security experts say the growing prevalence of attack code exploiting flaws that will never be fixed in an older, widely used version is one factor causing the security of Java to take a dangerous turn for the worse. That's largely the result of Oracle's move in April to stop issuing security updates for Java version 6. Many large companies still use the older release because their Java apps don't work on the latest one, putting the enterprises in the difficult position of choosing compatibility over the security of their employee desktop computers. Apple, Facebook, and Twitter are just some of the companies that have experienced breaches in the past year that targeted Java running on employee computers.

A new feature in Java 7 Update 40 is aimed at ameliorating this predicament. It's a change to the local security policy that allows large customers to specify a limited number of apps that will run on older versions of Java. Now known as a deployment rule set, the new instructions use a digitally signed certificate to whitelist specific apps, often referred to as JARs or java archive files. Those not on the list will be dropped, or possibly run on the latest Java version.

Read 3 remaining paragraphs | Comments



Dropbox Takes a Peek At Files
WNC InfoSec wrote the first buzz came back within 10 minutes after a file was uploaded with the IP address of an Amazon EC2 instance in Seattle. Dropbox uses Amazon's cloud infrastructure. Of the submitted files, only ".doc" files had been opened, WNC ...

WordPress Design Approval System Plugin 'step' Parameter Cross Site Scripting Vulnerability
Kwok Information Server CVE-2013-5028 Multiple SQL Injection Vulnerabilities

My, how things have changed since 1987 – especially in the world malware!  In that year, the Jerusalem Virus hooked the old DOS Interrupts (int 21h for those who did assembler back in the day) for operation.  Since everything else also used INT 21h, including Netware clients (remember Netware?) and most DOS services, this malware slammed the already slow computers of the day with an additional performance hit.  Once on your system, this one infected all exe’s on the drive, growing them all by a specific number of bytes (depending on the variant).  On Friday the 13th, it then deleted all the EXE’s on the infected system.

If you’re interested, there’s more on this oldie here: http://en.wikipedia.org/wiki/Jerusalem_%28computer_virus%29.  I’d guess that the AV folks all have a page on this one as well.

In today's terms,  there is no point to this “vintage virus”, aside from infecting as many computers and as many executables as possible, then doing the mass-destruction thing when the countdown expires.  Mainly it’s a “because I can” piece of destructive code.

These days, most attacks and malware is all about theft of dollars, credentials or information of some kind.  It’s become a business like any other, and like other businesses “follow the money” is the best way of determining motivation and what’s happening behind any smokescreen involved.  Often we have to follow the packets, or the log entries, or the code along the way, but the end goal and motivation is most often financial.  It’s protecting this target information that keeps us all awake at nights, and drives the entire security effort that we’re all a part of.

Anyway, if you still have a DOS or Windows/9x system (sadly, I’ve still got a client running a pharmaceutical manufacturing system on Win9x), today might be a bad day for you.  But if not, take a minute to think about what we’re protecting, and (as always) what you may have missed.  

Speaking of oldies but goodies, and things missed - it might be a good day to look ahead and deal with a few loose ends in today’s infrastructure:

  • think about knocking that last Win2K server out of your infrastructure - moving it to a VM did NOT solve this issue forever
  • Or deal with that ticking time-bomb of the XP stations still left in the infrastructure.  Microsoft recently posted an article on the risks of running XP past April 8,2014 (less than 7 months away !! )  http://blogs.technet.com/b/security/archive/2013/08/15/the-risk-of-running-windows-xp-after-support-ends.aspx.  If you think XP has been a bit quiet on the security front lately, consider that this is likely because the bad guys are saving all their zero days up for April 9 of next year.  I know of a few large organizations (>5,000 stations) that have put this off long enough that getting this project planned and done in time might not be possible.  If you are still running XP on April 9, you may end up having to explain to shareholders why your business was partially or mostly offline for the last 10 weeks of Q2 2014 !!

If money is the motivation for many of today's attacks and malware, XP and Win2K are the unlocked doors in the neighborhood - it's time and past time to get these things battened down!

Rob VandenBrink

(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Dropbox Takes a Peek At Files
Dropbox's behavior was detected using HoneyDocs, a new Web-based service that creates a log showing when and where a document was opened, according to a blog post at WNC InfoSec. The experiment involved uploading to Dropbox ".zip" HoneyDocs ...


David, one of our readers, emailed wih a question - when he tries to interact with a particular print driver, he gets a Java error:

PKIX path validation failed:
Algorithm constraints check failed: MD2withRSA

This error comes up because as of Java 7, MD2 hashing and any RSA hash under 1024 bits are disabled.  Since this is a (very) old printer driver, the fact that it still uses MD2 is not a surprise - but what to do next?

OK - the obvious answer is to upgrade out of the problem - if the driver has an update, apply it.  But how do we get to the interface given the Java situation?  The answer is buried in the Java config files - - edit the file java.securty, which in Windows is found at: "C:\Program Files (x86)\Java\jre7\lib\security"

In this file, you'll find the line:

jdk.certpath.disabledAlgorithms=MD2, RSA keySize < 1024

Edit or comment out this line, and MD2 will work for you again. But don't leave it like this - this enables all those certs with weak hashes, which leaves you open to a world of hurt.  In this case, it gets you access back to the interface so you can upgrade to a newer version.  If there is no newer version, it gives you access until you can upgrade the hardware or app that's causing the problem.

Rob VandenBrink

(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Hewlett-Packard's turnaround effort under CEO Meg Whitman, like an object in the rearview mirror, is closer than it appears. Credit the impending success on strategic partnerships, good hires and a broad view of the future of tech.
Wireless media hubs let you take along as much storage as you need and power your mobile devices besides. We look at three of the latest.
The tech industry thrives on legends. Here's a good one.
Vodafone is close to acquiring Kael Deutschland, Germany's largest cable operator, for $10 billion.
Microsoft will pay at least $200 for used iPads made by rival Apple, and in return issue credit that customers can use to buy one of the company's Surface tablets.
GNU glibc Multiple Integer Overflow Vulnerabilities

Re: Smartphone app spyware: It

by michael kors outlet online

Teva really shines a couple of design plus hues. A number of the dazzling features- all of special in opposition to level of comfort together with defense of this foot and also you usually in the uncertain gameplay for rafting helps make individuals love it all. Copyrighted very easy low dye strapping procedure, microban zinc dependent anti microbial security, well flexible padding rear, summarized shoc topper throughout hindfoot and additionally trademarked, dual-density midfoot shank presenting first-class sustain happen to be these very pleased attributes by which will Teva Sneakers look at atmosphere rocking gains frequently. michael kors outlet online
[SECURITY] [DSA 2753-1] mediawiki security update

Posted by InfoSec News on Sep 13


By Andy Grimm
Tribune reporter
September 12, 2013

A former Will County sheriff's detective claims a top deputy ordered him
to hack the deputy's wife's iPad to look for evidence that she was
cheating and then demoted the detective when he complained about it to a

In a lawsuit filed Thursday in...

Posted by InfoSec News on Sep 13


By Kelly Fiveash
The Register
13th September 2013

Exclusive A top Huawei exec has dismissed claims that his company poses a
threat to British and US national security - despite Western government
officials' fears over Huawei's alleged connections to the Chinese
Communist Party.

Professor Sanqi Li - speaking in an exclusive interview with The...

Posted by InfoSec News on Sep 13


Sept. 9, 2013

TEL AVIV, Israel, Sept. 9 (UPI) -- The Israeli military's top-secret Unit
8200, the Jewish state's equivalent of the U.S. National Security Agency,
has spawned a generation of high-tech start-ups and more technology
millionaires than many business schools, and these days the cyber...

Posted by InfoSec News on Sep 13


By John E Dunn
13 September 2013

The Metropolitan Police have foiled an extraordinary plot to steal
millions of pounds from a London branch of Santander Bank using a remote
control device planted on one of its computers by a bogus maintenance man.

On Thursday evening, the Police's Central e-Crime Unit (PCeU)...
Tech firms in Boulder must shutter downtown offices as floods damage offices and close most roads. But the Internet-based firms keep running smoothly.

Dropbox takes a peek at files
Dropbox's behavior was detected using HoneyDocs, a new Web-based service that creates a log showing when and where a document was opened, according to a blog post at WNC InfoSec. The experiment involved uploading to Dropbox ".zip" HoneyDocs ...

and more »
Dropbox takes a peek at some kinds of uploaded files. That's normal, the web storage service says.
Ray Dolby, an American inventor known for leading work in the area of noise reduction and surround sound, died Thursday at the age of 80 at his home in San Francisco.
SDN is taking a toll on Brocade.
SK Hynix will increase DRAM production at its headquarters, the company said Friday, following a price spike in memory chips after a fire at a company factory in China.
Twitter has become part of an international conversation. And now the social networking company is moving to take the company public, and industry analysts say it's great timing.
A U.S appellate court's decision earlier this week to permit a wiretapping case against Google to proceed, is based on flawed reasoning, a leading technology think-tank says.
Apple on Thursday updated OS X Mountain Lion to version 10.8.5, likely the final refresh of the 14-month-old operating system before the company supersedes it with OS X Mavericks.
Apple's new flagship phone, the iPhone 5s, boasts a slew of new hardware advances, not the least of which is the M7 motion coprocessor. Columnist Ryan Faas explains why the M7 is important.
APPLE-SA-2013-09-12-1 OS X Mountain Lion v10.8.5 and Security Update 2013-004
OpenSSL,OpenSSH ecdsa authentication code inconsistent return values.. no vulnerability?
APPLE-SA-2013-09-12-2 Safari 5.1.10
WordPress Fixes Multiple Vulnerabilities With 3.6.1 Release
[iBliss Security Advisory] Cross-Site Scripting (XSS) vulnerability in Design-approval-system wordpress plugin
Internet Storm Center Infocon Status