Share |

InfoSec News

InfoSec, Inc. to Attend InfoSec World 2011 (press release)
InfoSec, Inc. announced today that, along with its partner DG Technology Consulting, it will be attending InfoSec World 2011 (April 19 – 21, 2011) and will be showcasing a brand new, breakthrough product. Robert Fake, President and CEO of InfoSec, ...

and more »
Novel software makes fine control of a mouse much easier for users with motor control problems.
Microsoft Windows 'xxxRealDrawMenuItem()' Function Local Denial Of Service Vulnerability
RETIRED: Microsoft Windows Kernel 'xxxRealDrawMenuItem()' Local Privilege Escalation Vulnerability
Intel is speeding up the release of tablet chips in an attempt to close the power and performance gap with ARM, which dominates the tablet market, analysts said this week.

SOURCE Boston: Two views on infosec interviewing, hiring
PC Advisor
By Taylor Armerding | CSO | 13 April 11 It's one thing to be a capable infosec professional. It is something else to be capable at managing your own career -- knowing how to land the right job yourself or, as a manager, to spot and hire the kind of ...

Banks must embrace mobile applications if they're to keep up with the hot trend in smartphones right now. And no phone is hotter for those applications than Apple's iPhone, even if it comes in third behind Android and BlackBerry phones.
Cisco CEO John Chambers this week announced a major restructuring of the company's business after two quarters of disappointing financial results. Namely, Cisco plans to stop producing consumer products like the Flip video camera and will roll its Umi consumer telepresence product into its business telepresence line. In addition, there will be a workforce reduction of 550 people.
WebKit WBR Tags Use-After-Free Remote Code Execution Vulnerability
Google reported solid growth in the first quarter, just as co-founder Larry Page prepares to usher in a new chapter in the company's history.
A lawsuit against Indian offshore giant Infosys Technologies is getting the attention of U.S. Sen. Chuck Grassley (R-Iowa), who wants top Obama administration officials "to get to the bottom of the situation."
ZDI-11-135: (Pwn2Own) WebKit WBR Tag Removal Remote Code Execution Vulnerability
[USN-1110-1] KDE-Libs vulnerabilities
Apple today patched bugs in iOS and Safari used at last month's Pwn2Own hacking contest by three teams of researchers who collectively earned $45,000 for their work.
libxslt 'xsltGenerateIdFunction()' Function Heap Memory Information Disclosure Vulnerability
Process Monitor v2.95, TCPView v3.04, Autoruns v10.07 have updates here [1]
Of equal interest as the tools update is Part 1 of an analysis of a Stuxnet infection with Sysinternals tools here [2]

Adrien de Beaupr Inc. (c) SANS Internet Storm Center. Creative Commons Attribution-Noncommercial 3.0 United States License.
The earthquake and subsequent tsunami in Japan have hit manufacturers of CMOS image sensors, a key ingredient in most mobile phones.
PC sales suffered in the first quarter, and analysts are placing the blame on the tablet market and the disaster in Japan.
One of the handiest things you can do with Visual Basic for Applications (VBA) in Office 2011 is to share data between two different Office apps. For example, let's say you want to embed data from Excel in a sales report you're writing in Word. VBA is the tool you'll want to use to make that happen.
For all of the PlayBook tablet's hardware triumphs, its software troubles could be its undoing.
Mozilla and Opera have mocked Microsoft's use of the term 'native HTML5' to describe IE9 and the upcoming IE10 as an oxymoron, an attempt to hijack an open standard and a marketing ploy.
Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-1241) Local Privilege Escalation Vulnerability
Winamp '.wlz' File Remote Buffer Overflow Vulnerability
Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-1240) Local Privilege Escalation Vulnerability
Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-1239) Local Privilege Escalation Vulnerability
Intel and Micron Technology on Thursday said they had shrunk NAND flash memory in size, which could help add more storage and features to smartphones or tablets.
Imagine if the strategic engine of the enterprise didn't report to the CEO.
Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-1225) Local Privilege Escalation Vulnerability
Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-0676) Local Privilege Escalation Vulnerability
Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-0677) Local Privilege Escalation Vulnerability
Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-1226) Local Privilege Escalation Vulnerability
Recon 2011 - Accepted Talks , Training, Call For Papers Reminder - July 8 to 10, 2011 - Montreal, Quebec
Unlike Microsoft, Apple has so far not committed to a regular patch cycle, and today's release of IOS 4.3.2 as well as the OS X Security Update 2011-002 came somewhat as a surprise. [1]
Both include security fixes that should be applied rather sooner then later. The OS X update also includes Safari 5.0.5 . We will update this diary once the Apple support page with security details is live.
The patch is pretty small compared to other Apple patches (about 4 MB). You need to restart your system after applying the security patch. I applied it to one system with PGP full disk encryption, and so far no ill effects.


Johannes B. Ullrich, Ph.D.

SANS Technology Institute

Twitter (c) SANS Internet Storm Center. Creative Commons Attribution-Noncommercial 3.0 United States License.
Microsoft GDI+ EMF Image Processing Integer Overflow Memory Corruption Vulnerability
Microsoft Windows Fax Cover Page Editor Remote Code Execution Vulnerability
7T Interactive Graphical SCADA System Multiple Security Vulnerabilities
[security bulletin] HPSBMA02652 SSRT100432 rev.3 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Information Disclosure
HTB22922: XSS vulnerabilities in
HTB22923: XSRF (CSRF) in
HTB22924: Arbitrary Command Execution in
Mozilla this week jumped into its new faster-tempo development program for Firefox 5.
HP Network Node Manager i Unspecified Information Disclosure Vulnerability
The BodgeIt Store - another vulnerable web app
ZDI-11-134: CA Total Defense Suite UNC Management Console RegenerateReport SQL Injection Vulnerability
ZDI-11-133: CA Total Defense Suite UNC Management Console DeleteReports SQL Injection Vulnerability
ZDI-11-132: CA Total Defense Suite UNC Management Console DeleteReportLayout SQL Injection Vulnerability
To say that Research in Motion's BlackBerry PlayBook is a study in contrasts is an understatement. After extensively testing a PlayBook ($500 for 16GB of storage, $600 for a 32GB version, and $700 for 64GB) that was running not-quite-final software, I'm impressed by its convenient size and novel navigation, but I found the tablet's sometimes primitive native software and selection of apps frustrating.'s growth and popularity are undeniable, but startup Active Endpoints is betting that its customers could use a little help getting the most out of the on-demand CRM (customer relationship management) software with a new application called Cloud Extend.
BoltWire 'p' Parameter Cross Site Scripting Vulnerability
Cacti 'drp_action' Parameter Cross Site Scripting Vulnerability

Danger Seen In Slashing Infosec Spend
Carper: Federal Infosec Efficiencies Needed). "There are things we can do to save some money for. And, the last one is to make sure that we're not wasting a billion-and-a-half dollars a year on paperwork exercises that pretend to reflect improvements ...

and more »
For Kei Kawai, the first few days following Japan's massive earthquake and tsunami were a frantic, stressful time. From his Mountain View, Calif., base, he managed to confirm the safety of family members living throughout the tsunami-hit area with one exception: his grandfather.
Orbeon Forms XML Injection Vulnerability
SAP Netweaver Multiple Cross Site Scripting Vulnerabilities

Bit9's Chief of Security to Present at InfoSec World
SYS-CON Media (press release)
Bit9 Inc., the leader in Advanced Endpoint Protection, today announced that Ian Poynter, chief of security, has been invited as a featured guest speaker at the upcoming InfoSec World Conference & Expo on April 20. He will be leading a session titled ...

and more »

Infosec 2011: Tougher regulations are helping drive user-centric security ...
Organisations typically rely on technology to ensure data protection and regard employees as a potential threat, but a growing number of information security teams are looking for ways to make users their biggest allies. The focus is shifting from ...

Red Hat's nomination for a Java EE distributed data cache sparks a standards war
For months, Hallmark Cards had been building a new Web site in parallel with its old one. On a September night last year, past midnight, Hallmark's online team arrived at its moment of truth, the switch-over.
Foxconn wants to open a factory in Brazil to make Apple products, the South American country's government said Tuesday. The move would likely mean cheaper goods for local buyers.
Google went on the defensive on Wednesday, saying it never misled the U.S. government about Google Apps' compliance with an important security standard. "
The semiconductor industry will see its total revenues hit record highs of $319 billion this year and $330 billion in 2012 as orders mount for mobile devices such as smartphones and tablet PCs, according to a prediction from an industry group.
Hackers have compromised several servers that support WordPress and may have obtained source code, according to the founding developer of Automattic, the company behind the popular blogging platform.
The sweeping deficiencies of Flash Player 10.2 for Android 3.0 Honeycomb tablets can't all be chalked up to its 'beta' status
CloudShare ProPlus allows businesses to try out applications safely and easily using their own private cloud.
Reports and opinions analyzing U.S. R&D spending, education, the business climate and other factors suggest that the U.S. is slipping in its role as a leader in technology.

Cloud and consumerisation to dominate security discussions
MicroScope (blog)
Cloud and securing the consumerisation of IT are the trends likely to dominate next week's InfoSec event in London. As more vendors reveal their plans for the event it is becoming clear that those two topics are the ones that will be discussed over the ...

SAP GUI 'saplogon.ini' File Buffer Overflow Vulnerability
PDF Extract TIFF 'pdf2tif.dll' Buffer Overflow Vulnerability

Internet Storm Center Infocon Status