Hackin9

InfoSec News

(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
An Infosys employee, whose lawsuit against the company triggered a federal investigation into visa fraud, has released some of the evidence in defense of his case.
 
If Microsoft buys Yammer, as unconfirmed press reports indicate, Susan Gautsch hopes the Yammer team won't lose the qualities she has appreciated in the several years her employer has been a customer.
 

AusCERT2012: Infosec militia should help cyber cops
SC Magazine Australia
Private sector bolsters efforts by under-resourced police.Networks.

and more »
 
SAP technology chief Vishal Sikka has reaffirmed that the company will have its core ERP (enterprise resource planning) software running on the HANA in-memory database by the end of this year.
 
The processor said its breach did not exceed 1.5 million cards, but added that the personal data provided by merchant applications was also exposed.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google
 
Apple's new Retina MacBook Pro is a harbinger of future changes to the company's laptop line, analysts said today. And those changes could come as soon as October.
 
After last week's breach of the LinkedIn site, analysts are debating whether the attack will cause long-term damage to the social network.
 
Fast food franchises have a larger presence in many communities than next generation, high-speed gigabit networks, a fact the White House says it's attempting to address.
 
A decade ago, most IT departments denounced open-source software. Now they embrace the way that open source encourages innovation while saving money. The furor over cloud computing shows that history is repeating itself. The outcome should be the same, columnist Bernard Golden says.
 
Nokia's announcement that it plans to cut 10,000 job in coming months resurrected speculation that Microsoft should buy the cell phone maker in order to prop up its struggling Windows Phone platform.
 
Nokia is betting on camera functionality, navigation technology and further price reductions for its Windows Phone-based products to turn the company around after a round of cost cuts. Breaking Apple's and Samsung's stranglehold on the smartphone market won't be easy, however.
 
------

Johannes B. Ullrich, Ph.D.

SANS Technology Institute

Twitter (c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
A spear phishing campaign contains a message about industrial control systems security and a malicious .pdf file that downloads malware to steal data.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google
 
Oracle has issued an "urgent bulletin" asking desktop administrators to immediately turn off the Java Runtime Environment auto-update option "for all Windows end-user desktops connecting to Oracle E-Business Suite Release 11i, 12.0, and 12.1" due to a critical incompatibility.
 
Although taking a few months longer than expected, Automattic and the volunteer developers have finally released version 3.4 of the widely used WordPress blogging platform.
 
Thunderbolt ports have reached Windows PCs with Acer's Aspire S5 ultrabook, expanding the availability of the technology beyond Macs.
 
Find out how to implement authentication and authorization security controls in your company, with help from InfoWorld's expert guide
 
Microsoft in serious discussions to buy Yammer, an enterprise social collaboration company, according to reports.
 
Some IT shops provide technical support for personal smartphones, tablets and laptops used at work, but the percentage is still relatively small, a Gartner poll found.
 
Amazon has revised its support pricing for Amazon Web Services, expanding basic free support and lowering the cost of premium support.
 
Breaking with an oft-criticized tradition, Apple this week released a Java update for OS X on the same day that Oracle patched the vulnerabilities for Windows and other operating systems.
 
We have seen a couple of reports recently of pretty well done Verizon Wireless phishing attempts. At this point, I haven't gotten one with the target site still up, so they may try to install malware instead of just asking for Verizon credentials.
update: Paul just wrote in that he caught some of the links still active, and indeed they are trying to install malware and don't ask for credentials. And fellow handler Pedro notes that the malware is a blackhole exploit kit that will try to install Zeus.
See if you can spot the fake one. The answer is below the images (click to open image in new window at full resolution)



The left one is the fake.The only give away is that the fake e-mail doesn't include the partial account number, and typically indicates a large bill $1,000 (at least large for me). I assume the large amount is supposed to cause panic clicking.


------

Johannes B. Ullrich, Ph.D.

SANS Technology Institute

Twitter (c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
A spear phishing campaign contains a message about industrial control systems security and contains a malicious .pdf file that downloads malware to steal data.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google
 
Amazon announced updates to its Kindle for iOS, Kindle Cloud Reader and Kindle for Android apps on Thursday. The three apps now support children's books, comics and graphic novels.
 

Security awareness training often teaches the importance of password length and password complexity, but these best practices, as it turns out, may be creating a false sense of security. Even worse, users who cooperate and create long, complex passwords may feel betrayed when the organizations they trusted prove fallible and their passwords are hacked.

The recent LinkedIn hacking incident, in which 6.4 million LinkedIn passwords were stolen (or possibly leaked), demonstrated the strength of a user’s password is no defense when an Internet application provider is attacked. Even if each LinkedIn password was as long and complex as possible, it wouldn’t have mattered; the Russian hackers still found the hashed LinkedIn passwords and posted them for all to see.

According to some analysts reviewing the LinkedIn breach, the social networking site had failed to protect users’ passwords with a strong hashing algorithm. That’s where the sense of betrayal comes in. If users are doing their part by using strong passwords, they should be able to trust the application provider to take strong precautions, too.

The situation spurred LinkedIn to take stronger precautions now. In a blog post, LinkedIn said it would use better hashing and salting to protect its account databases in the future.

Organizations can learn from LinkedIn’s public mea culpa. If your IT staff has been lecturing users on strong passwords, but your organization’s passwords are stolen, how will your users react? After years of building trust between IT and users, an incident like this could destroy the relationship in one day.

The LinkedIn incident is a reminder of the need to properly balance responsibility for secure access management among users and IT. Yes, user training is important, but IT security teams must go the extra mile to protect account credentials and prove themselves worthy of users’ trust.



Add to digg Add to StumbleUpon Add to del.icio.us Add to Google
 

Dragon and International Space Station are one with the world
iTWire
ITEC Apprentice joins Infosec Technologies technical team ... Infosec Technologies, the Chineham-based IT security and networking reseller has recently ...

and more »
 

Could an infosec militia support cyber cops?
iT News
AusCERT mulls civilian support for under-resourced police.

 

Data management, infosecurity disconnect reveals two tribes
TechTarget UK
However, senior business leaders are still to apt to "think of stolen laptops when you say 'infosec,'" she said. "They need to think about policy, about who can ...

 

Organisations need to consider the internal as well as external ...
IT News Online
DigitalPersona® conducted a survey of nearly 400 IT professionals at InfoSec 2012, highlighting a startling trend - of the 380 respondents, 61% believed that the ...

and more »
 
Charles Nutter, Rich Hickey, and Galvin King each discovered that 'simplicity' doesn't mean the same thing
 
Some 64-bit operating systems and virtualization software programs are vulnerable to local privilege escalation attacks when running on Intel processors (CPUs), the U.S. Computer Emergency Readiness Team (US-CERT) said in a security advisory on Wednesday.
 
VMWare Released a new security advisory (VMSA-2012-0011) for its products [1]. The advisory covers pretty much all of VMWare's virtualization platforms (Player, Workstation, Fusions, ESX and ESXi).
The in my opinion most severe vulnerability out of the two described would allow an attacker to execute code on the remote host, which could be used to break out of the guest. However, this issue requires that the attacker is able to load checkpoint files on the guest, which in turn requires the attacker to have full control of the guest, a typical requirement for VMWare escape.
The second vulnerability can lead to a denial of service. An attacker can crash the virtual machine by manipulating traffic to remote devices like keyboards or disks attached to the virtual machine.
I would not consider either one of these as super critical, but in particular the first issue should be patched soon.
[1] http://www.vmware.com/security/advisories/VMSA-2012-0011.html
------

Johannes B. Ullrich, Ph.D.

SANS Technology Institute

Twitter (c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
Amazon announced updates to its Kindle for iOS, Kindle Cloud Reader and Kindle for Android apps on Thursday. The three apps now support children's books, comics and graphic novels.
 
Robber Rabbits and Robber Rabbits HD are two cartoonish physics-based games from Alawar Entertainment.
 

6.5 Million LinkedIn Users Possibly Exposed
Dark Reading
"For all infosec pros who are good in managing passwords, we use a different password for every website. The password has a certain signature that is very ...

and more »
 

TechEye

Flame and Stuxnet devs shared zero day exploits
TechEye
Although the Democrats appeared strangely enthusiastic to admit Stuxnet's responsibility, InfoSec Magazine quotes Israeli journalist Yossi Melman as ...

and more »
 

Dell doubles SecureWorks, plans additions to security portfolio
TechTarget
... Risk Management Summit, Dell Chairman and CEO Michael Dell spoke in detail about the Round Rock, Texas-based vendor's enterprise infosec strategy.

and more »
 
When researchers uncovered a back door in a MILSPEC chip, the reports all seemed to imply that it was no big deal.
 
Western Digital today unveiled a line of home wireless routers for accelerating the performance of streaming video, online gaming and VoIP sessions.
 
Salesforce.com announced Wednesday a deal with Twitter that will give the enterprise cloud computing company access to Twitter's "firehose" feed of public messages, it said Tuesday.
 

Fired up About Flame
BankInfoSecurity.com (blog)
It makes me wonder if we, and others in infosec, are barking up the wrong tree. We preach that we need smarter, more skilled and technical people to deal with the 'Flames' as they come. But I doubt we'll ever be in a position where individuals on the ...

and more »
 
A worker at a Foxconn facility in southwestern China fell to his death on Wednesday, just a week after a dispute erupted with company employees in the same city.
 
Facebook, Google, Twitter, and AOL have joined an alliance set up to counter "bad ads," including those that deliver malware, direct users to scams, or try to sell counterfeit goods, said StopBadware, the promoters of the alliance.
 
GIS pioneer Jack Dangermond founded Esri in 1969 and has steered the company since the mainframe era. With today's announcement of ArcGIS Online organizational subscriptions, he sees Esri's evolution into the era of cloud and mobile computing. (Insider, registration required.)
 
Esri today rolled out an ambitious cloud offering for government and enterprise customers that allows users to create data-driven maps and map services without ArcGIS servers or desktop software.
 

Posted by InfoSec News on Jun 14

http://www.nextgov.com/cybersecurity/2012/06/nsa-chief-endorses-cloud-classified-military-cyber-program/56257/

By Aliya Sternstein
Nextgov
June 13, 2012

The cloud will be a logical place for sharing classified intelligence on
cyber threats with critical industries as the Defense Department presses
ahead on an attack-prevention program it recently opened to all defense
contractors, former military officials say, and Wednesday, a spokeswoman...
 

Posted by InfoSec News on Jun 14

https://www.nytimes.com/2012/06/14/business/smallbusiness/protecting-business-accounts-from-hackers.html

By PAMELA RYCKMAN
The New York Times
June 13, 2012

In May 2010, Golden State Bridge, an engineering and construction
company based in Martinez, Calif., was robbed of more than $125,000 when
cybercriminals hacked into its bank account.

The hackers made two automated clearinghouse batch transactions with the
office manager’s user name...
 

Posted by InfoSec News on Jun 14

http://www.informationweek.com/news/security/attacks/240002005

By Mathew J. Schwartz
InformationWeek
June 13, 2012

Did LinkedIn drop the ball on information security?

In the wake of a breach of LinkedIn users' passwords that first came to
light last week--after a subset of those passwords were uploaded to an
online password-cracking forum--security pundits have been asking how
much LinkedIn's business practices might have been at...
 

Posted by InfoSec News on Jun 14

http://www.darkreading.com/advanced-threats/167901091/security/news/240002026/former-white-house-cybersecurity-czar-calls-for-security-action.html

By Kelly Jackson Higgins
Dark Reading
June 13, 2012

GARTNER SECURITY & RISK MANAGEMENT SUMMIT -- National Harbor, Md. -- The
White House's first cybersecurity coordinator yesterday said it's time
for the federal government to begin implementing its blueprints for
secure identities...
 

Posted by InfoSec News on Jun 14

http://www.thedailybeast.com/articles/2012/06/13/anonymous-member-speaks-about-divide-in-the-collective-s-mission.html

By Parmy Olson
The Daily Beast
June 13, 2012

The sound of a milk steamer roars in the background in a coffee shop,
where William is sitting at a table and drinking idly from a cup. He is
a young man, early 20s, dressed in a checkered red shirt and low-slung
jeans, who wouldn’t look out of place wandering around his local...
 
The head of marketing at Verizon Wireless defended the new shared data plans that take effect June 28 against criticism from some analysts and many outraged customers.
 
Nokia said it plans to cut up to 10,000 positions globally by the end of 2013 and is selling luxury phone maker Vertu in a bid to cut costs, even as it plans to boost investments in feature phones and smartphones based on the Windows Phone operating system.
 
A U.S. federal grand jury has indicted Ryan Cleary, a British citizen, accusing him of orchestrating a hacking rampage last year that victimized Sony Pictures Entertainment, Fox Entertainment Group and others.
 
Internet Storm Center Infocon Status