InfoSec News

All started with iPhone...:)



Some days ago I had to replace the battery on my wife's iPhone, and after that I noticed that the Wifi was not working properly anymore...so I decided to check on Google for pictures of the iPhone antenna so that I could open again and verify if I left anything loose (which later I found to be the case...) :) .

A regular search for iphone wifi antenna (BE CAREFUL) and I got several hits...and as Google is proactive, it also showed some examples of pictures related to my search.

Well, I decided to see one of the pictures and clicked on it. It then started to load and suddenly was redirected to another page, which looked like my Finder screen:

As you can see, this looks a lot as a common Finder screen. It also looks a LOT like the common FakeAV (FakeAlert) tactics for Windows, where they use JavaScript to simulate a fake scan on My Computer, showing all drivers and folders being scanned.
That is exactly what happens on the next screenshot:

Note that everything is really well crafted to look real. On Windows systems they use real detection names for the fake trojans found on the system. Here they use detection names to resemble Mac trojan names, which includes the OSX on the name.
Whenever you press Cancel or Remove All it will push the anti-malware.zip file which is actually a .DMG file (the one used by Mac OSX).
At the time of this diary, only 17 of 42 AV detects it on VirusTotal, some as MacDefender, some as Downloader.OSX.
--------------------------------------------------------------

Pedro Bueno (pbueno /%%/ isc. sans. org)

Twitter: http://twitter.com/besecure (c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
 
Microsoft’s June Patch Tuesday includes a major security update to Internet Explorer and a repair fixing a serious SMB client bug.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google
 
Citigroup hackers used a common website vulnerability to bypass security controls and reap confidential banking data.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google
 
Microsoft Silverlight & .NET Framework Invalid Array Offset Remote Code Execution Vulnerability
 
Adobe Acrobat and Reader '3difr.x3d' Remote Buffer Overflow Vulnerability
 
Adobe Acrobat and Reader 'tesselate.x3d' Remote Buffer Overflow Vulnerability
 
RETIRED: Microsoft June 2011 Advance Notification Multiple Vulnerabilities
 
Microsoft Hyper-V VMBus 'vmswitch.sys' Denial of Service Vulnerability
 
Microsoft Internet Explorer VML Memory Corruption CVE-2011-1266 Remote Code Execution Vulnerability
 
Beginning Wednesday, Starbucks' bar code-based mobile payment app will be extended to the Android platform.
 
Microsoft Windows MHTML Mime-Formatted Request Information Disclosure Vulnerability
 
Siemens PLC Systems Unspecified Vulnerability
 
Microsoft Internet Explorer HTTP Redirect Uninitialized Memory Remote Code Execution Vulnerability
 
Oracle Java SE and Java for Business CVE-2011-0802 Remote Integer Overflow Vulnerability
 
PhotoFast has come up with the first two-way file transfer accessory for the iPad, iPhone and iPod touch and any Mac or PC.
 
A test network of 100 Apple iPads successfully ran a battery of classroom multimedia applications over an 802.11n Wi-Fi network, according to Aruba Networks and the University of Ottawa, where the test was held in May.
 
With its 15.6-inch display, dual-core Intel processor, and integrated graphics, the Asus K53E falls shy of our power and size criteria for inclusion in the desktop replacement category. But as all-purpose notebooks go, it's definitely on the beefy side, weighing in at 5.8 pounds and outfitted with a full-size keyboard and a dedicated numeric keypad. Although the K53E might not be a great companion for a daily commute and its performance is only so-so, its superior audio, good battery life, and modest price tag ($750 as of 6/14/2011) make it a model worth considering by those on a budget.
 
President Barack Obama is making a push to train 10,000 new American engineers a year, primarily with the help of the private sector.
 
Microsoft today patched 34 vulnerabilities in Windows, Internet Explorer, Office and other software, 15 of them labeled "critical" by the company.
 
Microsoft Internet Explorer Selection Uninitialized Memory Remote Code Execution Vulnerability
 
Microsoft Internet Explorer Layout Uninitialized Memory Remote Code Execution Vulnerability
 
Microsoft PowerPoint (CVE-2011-1269) Remote Code Execution Vulnerability
 
Overview of the June 2011 Microsoft patches and their status.



#
Affected
Contra Indications - KB
Known Exploits
Microsoft rating
ISC rating(*)


clients
servers




MS11-037
The MHTML (Mime encapsulated HTML) protocol handler is vulnerable to information disclosure through an XSS like problem.

Replaces MS11-026.


MHTML



CVE-2011-1894
KB 2544893
Publicly known vulnerability.
Severity:Important

Exploitability:3
Important
Low


MS11-038
WMF processing by OLE allows for arbitrary code execution with the rights of the logged on user.

Replaces MS08-008.


OLE - WMF



CVE-2011-0658
KB 2476490
No known exploits
Severity:Critical

Exploitability:1
Critical
Important


MS11-039
Input validation vulnerabilities in the .NET framework and the Silverlight implementations allow for arbitrary code execution with the rights of the logged on user.


.NET - silverlight



CVE-2011-0664
KB 2514842
No known exploits
Severity:Critical

Exploitability:1
Critical
Important


MS11-040
Improper bounds checking in Microsoft Forefront Threat Management Gateway 2010 Client allows for arbitrary code execution in the context of the service.


Forefront TMG



CVE-2011-1889
KB 2520426
No known exploits
Severity:Critical

Exploitability:1
Critical
Important


MS11-041
An input validation problem in the parsing of OTF (OpenType Font) fonts in in 64bit kernels allows for arbitrary code execution in kernel mode. This is remotely exploitable though file sharing, webdav, websites, email and more.

Replaces MS11-034.


OTF



CVE-2011-1873
KB 2525694
No known exploits
Severity:Critical

Exploitability:2
Critical
Important


MS11-042
Input validation problems in the Distributed File System (DFS)implementation allow for arbitrary code execution in the context of the service or denial of service (DoS) conditions.


DFS (Distributed File System)



CVE-2011-1868

CVE-2011-1869
KB 2535512
No known exploits
Severity:Critical

Exploitability:1-3
Critical
Critical


MS11-043
An input validation problem in the parsing of the responses to SMB requests allows for arbitrary code execution in the context of the service.

Replaces MS11-019 and MS10-020.


SMB



CVE-2011-1268
KB 2536276
No known exploits
Severity:Critical

Exploitability:1
Critical
Important


MS11-044
An input validation problem in the JIT optimization of the .NET framework allows for arbitrary code execution in the context of the logged on user, and bypass security measures such as the CAS(Code Access Security) restrictions.

Replaces MS11-028 and MS10-060.


.NET



CVE-2011-1271
KB 2538814
Publicly disclosed vulnerability.
Severity:Critical

Exploitability:2
Critical
Critical


MS11-045
Multiple vulnerabilities in Excel allow for arbitrary code execution in the context of the logged on user.

Office for Mac versions are also affected.

Replaces MS11-021 and MS11-022.


Excel



CVE-2011-1272

CVE-2011-1273

CVE-2011-1274

CVE-2011-1275

CVE-2011-1276

CVE-2011-1277

CVE-2011-1278

CVE-2011-1279
KB 2537146
No known exploits
Severity:Important

Exploitability:1-3
Critical
Important


MS11-046
An input validation vulnerability in AFD (Ancillary Function Driver) allows for privilege escalation and arbitrary code execution in kernel mode for logged on users.

Replaces MS10-066.


AFD



CVE-2011-1249
KB 2503665
Publicly disclosed vulnerability, Microsoft claims limited, targeted attacks attempting to exploit the vulnerability
Severity:Important

Exploitability:1
Critical
Critical


MS11-047
A Denial of Service (DoS) condition is possible where an authenticated user of a guest system can cause a denial of service on the host system.

Replaces MS10-102.


Hyper-V



CVE-2011-1872
KB 2525835
No known exploits.
Severity:Important

Exploitability:3
Low
Important


MS11-048
A parsing error in the SMB server can be used to cause a Denial of Service (DoS) condition.

Replaces MS09-050.


SMB server



CVE-2011-1267
KB 2525835
No known exploits.
Severity:Important

Exploitability:3
Low
Important


MS11-049
XML editor can leak file content though XML external entities that are nested. XML editor is part of Infopath, SQLserver, and Visual Studio.

Replaces MS10-039 and MS09-062.


XML editor



CVE-2011-1280
KB 2543893
No known exploits.
Severity:Important

Exploitability:3
Important
Important


MS11-050
Multitude of vulnerabilities in MSIE.

Replaces MS11-018.


MSIE



CVE-2011-1246

CVE-2011-1250

CVE-2011-1251

CVE-2011-1252

CVE-2011-1254

CVE-2011-1255

CVE-2011-1256

CVE-2011-1258

CVE-2011-1260

CVE-2011-1261

CVE-2011-1262
KB 2543893
No known exploits.
Severity:Critical

Exploitability:1-3
Critical
Important


MS11-051
Active Directory Certificate Services Web Enrollment allows for a reflected XSS issue.


Active Directory Certificate Services Web Enrollment



CVE-2011-1264
KB 2518295
No known exploits.
Severity:Important

Exploitability:1
N/A
Important


MS11-052
A VML memory corruption allows arbitrary code execution in MSIE with the rights of the logged on user. IE9 is not affected.


VML - MSIE



CVE-2011-1266
KB 2544521
No known exploits.
Severity:Critical

Exploitability:1
Critical
Important




We will update issues on this page for about a week or so as they evolve.

We appreciate updates

US based customers can call Microsoft for free patch related support on 1-866-PCSAFETY

(*): ISC rating

We use 4 levels:

PATCH NOW: Typically used where we see immediate danger of exploitation. Typical environments will want to deploy these patches ASAP. Workarounds are typically not accepted by users or are not possible. This rating is often used when typical deployments make it vulnerable and exploits are being used or easy to obtain or make.
Critical: Anything that needs little to become interesting for the dark side. Best approach is to test and deploy ASAP. Workarounds can give more time to test.
Important: Things where more testing and other measures can help.
Less Urgent: Typically we expect the impact if left unpatched to be not that big a deal in the short term. Do not forget them however.


The difference between the client and server rating is based on how you use the affected machine. We take into account the typical client and server deployment in the usage of the machine and the common measures people typically have in place already. Measures we presume are simple best practices for servers such as not using outlook, MSIE, word etc. to do traditional office or leisure work.
The rating is not a risk analysis as such. It is a rating of importance of the vulnerability and the perceived or even predicted threat for affected systems. The rating does not account for the number of affected systems there are. It is for an affected system in a typical worst-case role.
Only the organization itself is in a position to do a full risk analysis involving the presence (or lack of) affected systems, the actually implemented measures, the impact on their operation and the value of the assets involved.
All patches released by a vendor are important enough to have a close look if you use the affected systems. There is little incentive for vendors to publicize patches that do not have some form of risk to them.


--

Swa Frantzen -- Section 66 (c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
 
Customers will judge your company's competence according to how well you protect their data, says Don Peppers, co-founder of customer relationship advisory firm Peppers & Rogers Group. CIOs are on the front line.
 
In an effort to accelerate the rendering of Web pages in users' computers, Google has developed a search feature that predictively preloads pages before users click on result links.
 

GovInfoSecurity.com

Int'l Cooperation Seen Yielding Improved Global Infosec
GovInfoSecurity.com
"We're going to work internationally to promote open, interoperable, secure and reliable information and communications infrastructures," State Department Cyber Issues Coordinator Chris Painter says in an interview (transcript below). ...

 
Microsoft today credited a February security update for lowering AutoRun-abusing malware infection rates on Windows XP and Vista by as much as 82% since the start of the year.
 
We've scoured listings on IT hiring sites like Dice and Modis and talked with IT execs about the skills they're looking for in the year to come. Our sources point to a cluster of new job titles created to make IT more agile, more social -- and more tightly intertwined with business.
 
Linux e1000e Driver 'Jumbo Frame' Handling Remote Security Bypass Vulnerability
 
Linux Kernel 'ipv6_hop_jumbo()' Remote Denial of Service Vulnerability
 
Oracle Java SE and Java for Business CVE-2011-0872 Remote Java Runtime Environment Vulnerability
 
[security bulletin] HPSBMA02627 SSRT090246 rev.2 - HP OpenView Performance Insight Server, Remote Execution of Arbitrary Code
 
HP OpenView Performance Insight Server 'doPost()' Remote Arbitrary Code Execution Vulnerability
 
New guidelines on virtualisation issued by the PCI SSC show PCI compliance is possible within a virtualised environment, but may not be feasible.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google
 
Our exclusive outsourcing survey finds CIOs need to improve vendor management
 
Apple today started selling unlocked iPhones in the U.S. for hundreds more than the usual subsidized price that AT&T and Verizon customers pay.
 
NetApp announced upgrades to its OnCommand management software for storage, which now allows it to plug into most leading cloud management systems.
 
Google has applied for the necessary license to continue operating its online maps in China as the deadline for obtaining government approval approaches.
 
The options for open-source data warehousing and analytics grew on Tuesday, with a number of announcements from Infobright, Jaspersoft and Ingres.
 
UPDATED
As if we will not have enough work on reboot Wednesday, Adobe released their own patches today
APSB11-14: Security update: Hotfix available for ColdFusion

CVE-2011-0629, CVE-2011-2091
APSB11-15 Security update available for LiveCycle Data Services, LiveCycle ES, and BlazeDS

CVE-2011-2092, CVE-2011-2093
APSB11-16 Security updates available for Adobe Reader and Acrobat

CVE-2011-2094, CVE-2011-2095, CVE-2011-2096, CVE-2011-2097, CVE-2011-2098, CVE-2011-2099, CVE-2011-2100, CVE-2011-2101, CVE-2011-2102, CVE-2011-2103, CVE-2011-2104, CVE-2011-2105, CVE-2011-2106
APSB11-17 Security update available for Adobe Shockwave Player

CVE-2011-0317, CVE-2011-0318, CVE-2011-0319, CVE-2011-0320, CVE-2011-0335, CVE-2011-2108, CVE-2011-2109, CVE-2011-2111, CVE-2011-2112, CVE-2011-2113, CVE-2011-2114, CVE-2011-2115, CVE-2011-2116, CVE-2011-2117, CVE-2011-2118, CVE-2011-2119, CVE-2011-2120, CVE-2011-2121, CVE-2011-2122, CVE-2011-2123, CVE-2011-2124, CVE-2011-2125, CVE-2011-2126, CVE-2011-2127
APSB11-18 Security update available for Adobe Flash Player

CVE-2011-2110
--

Swa Frantzen -- Section 66 (c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
 
Time is money, and time spent searching for lost paperwork is money down the drain, as is money spent making unnecessary copies.
 
It's rare to find an inexpensive product that also introduces innovation into its category. And yet that's exactly what Kobo Books' Kobo eReader Touch Edition does. The company's third-generation e-reader, this model is the smallest and lightest 6-inch E Ink e-reader currently available. At $130 (as of June 13, 2011), it's also the cheapest e-reader with a touchscreen, besting Barnes and Noble's touchscreen Nook by $10. The Kobo eReader Touch Edition lacks the finesse of the Nook and the Amazon Kindle Wi-Fi, but it still has much to offer value-conscious book lovers.
 
Verizon Wireless announced 19 more cities that will get its faster LTE wireless network service starting Thursday, bringing the total to 74 metropolitan areas.
 
With all the bad security news that has come out over the last few months, you might think the sky is falling. Once a story catches people's attention, we start seeing it everywhere, kind of like noticing a lot of blue cars after you just bought a blue car. The problem with all this is that it distorts the conversation and we may fail to notice the really important security lessons that can be learned:
 
SAP will soon roll out Crystal Server 2011 and Business Objects Edge 4.0, a pair of new business intelligence products aimed at small and medium-sized companies.
 
Joomla! Core Design Scriptegrator Component Multiple Local File Include Vulnerabilities
 
DC4420 - London DEFCON - June meet - Tuesday 21st June 2011
 
Last Day for AppSec USA 2011 CFP!
 

HP finds cloud security practices lacking
Inquirer
Publishing the results of a survey of 341 security professionals it conducted at this year's Infosec conference, HP said that 24 per cent of respondents admitted that applications security is not a priority. HP said it found that many companies simply ...

and more »
 
[Annoucement] ClubHack Magazine - Call for Articles
 
PHP CVE-2011-2202 Security Bypass Vulnerability
 
Ericsson has reached an agreement to acquire Telcordia Technologies for $1.15 billion, the company said.
 
When it comes to cloud-computing contracts, knowledge is key, and reading is fundamental.
 
Hewlett-Packard announced 11 new laptops starting at $399, running AMD's new chips code-named Llano.
 
VMware is to acquire Digital Fuel Technologies, a vendor of IT financial management software that helps companies determine the cost of IT services.
 
Recent break-ins at high-profile targets like the International Monetary Fund (IMF) demonstrate just how proficient hackers have become at 'spear phishing,' researchers said today.
 
The recent spate of successful cyber attacks against high-profile organizations has focused fresh attention on the need for enterprises to implement new defenses against targeted threats.
 
Rather than paying to recycle, you can get cash or credit for your used tech gear -- if you have a solid asset-management plan in place.
 
China is blocking searches on Google and microblogs for the name of a Chinese city where protests have erupted against local authorities. The move is part of an effort to suppress information on the rioting.
 
Lenovo announced low-end servers with new Xeon chips and remote management features aimed at cutting maintenance costs.
 
Nokia and Apple have settled an almost two-year long legal battle over patents with an agreement that will see Apple pay a lump sum and ongoing royalties to the European cell-phone maker.
 
libvoikko Null Characters Denial of Service Vulnerability
 
The recent spate of successful cyber attacks against high-profile organizations has focused fresh attention on the need for enterprises to implement new defenses against targeted threats.
 
HTML5 and a vibrant ecosystem of libraries are making the mobile Web a compelling alternative to developing native code. These tools can help developers build out the mobile Web.
 

Posted by InfoSec News on Jun 14

Well that was interesting!

After moving InfoSec News to a new host, getting DNS to play nice, LOTS of new
software upgrades, and a number of small tests, I thought the list was 'ready
for prime time' but its apparent that something in the Mailman configuration
got borked and was allowing posts to go through without moderation.

The offending party has been removed from the list, (Just not in 48 point red
bold letters) but if you...
 

Posted by Ben on Jun 14

Seriously. You want to unsubscribe? This wasn't hard to find.

http://www.infosecnews.org/mailman/listinfo/isn

I like exclamation marks. They are really useful. However, like a
laxative, too many and ......that is nasty.

ps - apologies to the other subscribers to the list.
 

Posted by Tom on Jun 14

hey freggy,
You're on an infosec mailing list.
get a clue.
 

Posted by Boris Wanzeck, Swiss Infosec AG on Jun 14

Yeah, you know how emotional these Italians can get:)

-----Ursprüngliche Nachricht-----
Von: isn-bounces () infosecnews org [mailto:isn-bounces () infosecnews org] Im Auftrag von khatfield () serverorigin com
Gesendet: Dienstag, 14. Juni 2011 09:44
An: Cloude "Freggy"; isn-bounces () infosecnews org; InfoSec News; isn () infosecnews org
Betreff: Re: [ISN] REMOVE NOW!!!!!!!!!!!!!!!!!!!

Whoa someone is touchy.
-----Original...
 

Posted by Cloude \"Freggy\" on Jun 14

YOU ARE SPAMMER!!!!!!!!!!!!!!!!!!

DELETE freggy () fastwebnet it

NOW!!!!!!!!!!!!!!!!!!
----- Original Message -----
From: <khatfield () serverorigin com>
To: "Cloude "Freggy"" <freggy () fastwebnet it>; <isn-bounces () infosecnews org>;
"InfoSec News" <alerts () infosecnews org>; <isn () infosecnews org>
Sent: Tuesday, June 14, 2011 9:43 AM
Subject: Re: [ISN] REMOVE...
 

Posted by khatfield on Jun 14

Whoa someone is touchy.
-----Original Message-----
From: "Cloude \"Freggy\"" <freggy () fastwebnet it>
Sender: isn-bounces () infosecnews orgDate: Tue, 14 Jun 2011 09:38:16
To: InfoSec News<alerts () infosecnews org>; <isn () infosecnews org>
Cc: InfoSec News<alerts () infosecnews org>
Subject: [ISN] REMOVE NOW!!!!!!!!!!!!!!!!!!!
 

Posted by Cloude \"Freggy\" on Jun 14

REMOVE NOW!!!!!!!!!!!!!!!!!!!!!

----- Original Message -----
From: "InfoSec News" <alerts () infosecnews org>
To: <isn () infosecnews org>
Sent: Tuesday, June 14, 2011 9:11 AM
Subject: [ISN] New Nationwide Breach Law Could Force Data-Centric
SecurityPush

--------------------------------------------------------------------------------
 

Posted by Matthew Drage on Jun 14

Nothing a 3 hour lunch won't fix

P.s what is going on with infosecnews?

-----Original Message-----
From: isn-bounces () infosecnews org [mailto:isn-bounces () infosecnews org] On
Behalf Of Boris Wanzeck, Swiss Infosec AG
Sent: 14 June 2011 08:51
To: 'khatfield () serverorigin com'; Cloude "Freggy";
isn-bounces () infosecnews org; InfoSec News; isn () infosecnews org
Subject: Re: [ISN] REMOVE NOW!!!!!!!!!!!!!!!!!!!...
 

Posted by p8x on Jun 14

Is this some kind of joke?
 
Advanced Micro Devices has promised a boost in video and graphics performance from its first Fusion processor aimed at the mainstream PC segment, which will go on sale in laptops later this month and desktops soon after, AMD announced Tuesday.
 

Posted by InfoSec News on Jun 14

http://www.darkreading.com/database-security/167901020/security/security-management/230600093/new-nationwide-breach-law-could-force-data-centric-security-push.html

By Ericka Chickowski
Contributing Writer
Dark Reading
June 13, 2011

The surge in high-impact data breaches in the first half of 2011 -- and
its resulting attention from consumers --is increasing the pressure on
federal lawmakers and regulators to introduce nationwide data breach...
 

Posted by InfoSec News on Jun 14

http://www.informationweek.com/news/security/management/230500249

By Mathew J. Schwartz
InformationWeek
June 10, 2011

EMC faces mounting criticism over the March data breach that continues to
expose its RSA security division customers--including Lockheed Martin--to
targeted attacks. In response, it's created a new job position at RSA:
chief security officer (CSO).

While EMC hasn't officially announced the move, a Wednesday Twitter...
 

Posted by InfoSec News on Jun 14

http://www.theregister.co.uk/2011/06/13/nissan_leaf_privacy_invasion/

By Dan Goodin
The Register
13th June 2011

Electric cars manufactured by Nissan surreptitiously leak detailed
information about a driver's location, speed and destination to websites
accessed through the vehicle's built in RSS reader, a security blogger has
found.

The Nissan Leaf is a 100-percent electric car that Nissan introduced seven
months ago. Among its...
 

Posted by InfoSec News on Jun 14

http://www.bankinfosecurity.com/articles.php?art_id=3736

By Tracy Kitten
Managing Editor
Bank Info Security
June 13, 2011

Details surrounding the reported breach of the International Monetary Fund
remain sketchy, but alarming, as the pace of high-profile breaches
continues unabated. And Gartner analyst Avivah Litan believes there may be
"dozens" of similar incidents that have not been disclosed.

On June 12, The Wall Street Journal...
 

Posted by Cloude \"Freggy\" on Jun 14

REMOVE NOW!!!!!!!!!!!!!!!!!!!!!
----- Original Message -----
From: "InfoSec News" <alerts () infosecnews org>
To: <isn () infosecnews org>
Sent: Tuesday, June 14, 2011 9:11 AM
Subject: [ISN] To defeat phishing, Energy learns to phish

--------------------------------------------------------------------------------
 

Posted by Cloude \"Freggy\" on Jun 14

REMOVE NOW!!!!!!!!!!!!!!!!!!!!!
----- Original Message -----
From: "InfoSec News" <alerts () infosecnews org>
To: <isn () infosecnews org>
Sent: Tuesday, June 14, 2011 9:12 AM
Subject: [ISN] Siemens fixes security flaws in SCADA industrial
controlsystems
 

Posted by Cloude \"Freggy\" on Jun 14

REMOVE NOW!!!!!!!!!!!!!!!!!!!!!

----- Original Message -----
From: "InfoSec News" <alerts () infosecnews org>
To: <isn () infosecnews org>
Sent: Tuesday, June 14, 2011 9:11 AM
Subject: [ISN] To defeat phishing, Energy learns to phish

--------------------------------------------------------------------------------
 

Posted by Cloude \"Freggy\" on Jun 14

REMOVE NOW!!!!!!!!!!!!!!!!!!!!!___________________________________________________________
Tegatai Managed Colocation: Four Provider Blended
Tier-1 Bandwidth, Fortinet Universal Threat Management,
Natural Disaster Avoidance, Always-On Power Delivery
Network, Cisco Switches, SAS 70 Type II Datacenter.
Find peace of mind, Defend your Critical Infrastructure.
http://www.tegataiphoenix.com/
 

Posted by Cloude \"Freggy\" on Jun 14

REMOVE NOW!!!!!!!!!!!!!!!!

----- Original Message -----
From: "InfoSec News" <alerts () infosecnews org>
To: <isn () infosecnews org>
Sent: Tuesday, June 14, 2011 9:11 AM
Subject: [ISN] RSA Adds Chief Security Officer After Hack
 

Posted by Cloude \"Freggy\" on Jun 14

REMOVE NOW!!!!!!!!!!!!!!!!

----- Original Message -----
From: "InfoSec News" <alerts () infosecnews org>
To: <isn () infosecnews org>
Sent: Tuesday, June 14, 2011 9:10 AM
Subject: [ISN] Nissan car secretly shares driver data with websites

--------------------------------------------------------------------------------
 

Posted by InfoSec News on Jun 14

http://www.prweb.com/releases/2011/6/prweb8569249.htm

Innovative Startup Offers Comprehensive, Scalable Cybersecurity Services

Phoenix, AZ (PRWEB)
June 13, 2011

Tegatai, an innovative cybersecurity startup, today announced the launch
of its IT infrastructure and security solutions at i/o, the leading
provider of digital energy technology. Tegatai delivers proactive
information security, data center, and cloud computing solutions for...
 

Posted by InfoSec News on Jun 14

http://news.techworld.com/security/3285507/siemens-fixes-security-flaws-in-scada-industrial-control-systems/

By Robert McMillan
Techworld.com
13 June 11

Siemens has fixed bugs in its Simatic S7 industrial computer systems, used
to control machines on factory floors, power stations and chemical plants.

The patches, released Friday, mark Siemens' first response to a high
profile computer security incident since the Stuxnet worm, which was...
 

Posted by InfoSec News on Jun 14

http://gcn.com/articles/2011/06/13/doe-phishing-test.aspx

By William Jackson
GCN.com
June 08, 2011

The Energy Department’s Oak Ridge National Laboratory received more than
500 e-mails in April that appeared to be from the lab’s benefits
department and contained a link for more information. The link which
actually downloaded malicious code when users clicked on it.

Several recipients clicked on it, said Barbara Penland, the lab’s...
 
Internet Storm Center Infocon Status