The U.S. National Telecommunications and Information Administration will end its formal relationship with the Internet Corporation for Assigned Names and Numbers in late 2015, with ICANN developing a new global governance model, the agency said Friday.
Dual-boot PCs and tablets could potentially give users the best of both worlds with Android and Windows OSes. But they won't catch on as there is little use for such systems, analysts said.

Users' brains scanned in bid to fix infosec
CSO Magazine (blog)
Users' brains scanned in bid to fix infosec. Mind map holds hope for better security design. Sam Bells (CSO Online); — 15 March, 2014 10:32. Security system design and user education could benefit from neuralimaging that uses brain scans to determine ...

and more »
Both Oracle and Oregon officials bear some blame for the widespread problems with the state's troubled heath insurance exchange website, according to a scathing investigative report on the project that surfaced this week.
Bill Gates and Alan Greenspan, in separate forums here, offered outlooks and prescriptions for fixing jobs and income.
PHPExcel CVE-2014-2054 XML External Entity Information Disclosure Vulnerability
SRWare Iron Unspecified Security Vulnerabilities
Security researchers demonstrated zero-day exploits against Google Chrome, Microsoft Internet Explorer, Apple Safari, Mozilla Firefox and Adobe Flash Player during the second day of the Pwn2Own hacking competition Thursday, racking up total prizes of $450,000.
The tech IPO market is coming back, just don't call it a bubble.
Embarcadero Technologies is acquiring the ERwin data modeling software and associated personnel from CA Technologies, giving the vendor of software development tools an instant and formable presence in the growing field of data architecture.
Mutt Mailreader 'mutt_copy_hdr()' Function Heap Based Buffer Overflow Vulnerability
Cisco Intelligent Automation for Cloud CVE-2014-0694 Multiple Information Disclosure Vulnerabilities
LinuxSecurity.com: Multiple vulnerabilities has been discovered and corrected in php: Fixed bug #66731 (file: infinite recursion (CVE-2014-1943)). Fixed bug #66820 (out-of-bounds memory access in fileinfo [More...]
LinuxSecurity.com: Updated imapsync package fixes security vulnerabilities: Imapsync, by default, runs a release check when executed, which causes imapsync to connect to http://imapsync.lamiral.info and send information about the version of imapsync, the operating system and [More...]
LinuxSecurity.com: New samba packages are available for Slackware 14.0, 14.1, and -current to fix security issues. [More Info...]
This is not the Google Docs login page you're looking for.

With literally millions of phishing scams crossing the wires each day, media reports about individual ones are the quintessential dog-bites-man stories that are rarely worth the time of writer or reader alike. Every now and then, though, one comes along that's clever enough to make it rise to the top of the massive steaming pile of messages. To wit: one recently caught by researchers from Symantec.

The phishing attempt shows up as an e-mail with the subject "Documents" and advises the recipient to view important files stored on Google Docs. It includes a link in the body. So far pretty banal stuff. But it gets better. As Symantec researcher Nick Johnson writes:

The fake page is actually hosted on Google's servers and is served over SSL, making the page even more convincing. The scammers have simply created a folder inside a Google Drive account, marked it as public, uploaded a file there, and then used Google Drive's preview feature to get a publicly accessible URL to include in their messages.

This login page will look familiar to many Google users, as it's used across Google's services. (The text below "One account. All of Google." mentions what service is being accessed, but this is a subtlety that many will not notice.)

It's quite common to be prompted with a login page like this when accessing a Google Docs link, and many people may enter their credentials without a second thought.

After pressing "Sign in," the user’s credentials are sent to a PHP script on a compromised web server.

This page then redirects to a real Google Docs document, making the whole attack very convincing. Google accounts are a valuable target for phishers, as they can be used to access many services including Gmail and Google Play, which can be used to purchase Android applications and content.

With all the attention on zero-day exploits that surreptitiously install malware with little or no user interaction, it's easy to forget that one of the biggest threats we face is our own gullibility. Most people reading Ars are experienced enough to spot phishing attempts, but the campaign Symantec reported is one I could see my friends or relatives falling for, especially if they were tired, rushed, or otherwise not paying close attention.

Read 1 remaining paragraphs | Comments

NCC00596 Technical Advisory: iOS 7 arbitrary code execution in kernel mode
Multiple Vulnerabilities in SeedDMS < = 4.3.3
[ MDVSA-2014:059 ] php
The website Kremlin.ru, the page of the office of Russian Federation President Vladimir Putin's government, was taken offline this morning by a distributed denial of service attack.

In the latest round of a wave of cyberattacks on Russian targets, the official websites of the Russian Federation’s president and central bank were taken offline this morning in what the Kremlin’s press office called a “serious DDoS attack.” The attack also targeted “a number of other Web portals,” according to the Kremlin statement. The sites are back online for most users, but the attack is still ongoing.

Anonymous Caucasus, the “Electronic Army of the Caucasus Emirate,” has claimed responsibility for the attack on its Facebook page with a statement saying, “This is just warming up, Russian pig!”

According to a report from the state-sponsored RT.com, the Russian Foreign Ministry’s site was also disrupted today, following a number of attacks on the websites of Russian media outlets on Thursday. Anonymous Caucasus also claimed responsibility for attacks on a site operated by the largely state-owned national television network Russian Channel One and the Russian DDoS attack protection firm Esteq, stating through Twitter that it had “nothing to do with Ukraine, or all current events in this country.”

Read 1 remaining paragraphs | Comments

[slackware-security] samba (SSA:2014-072-01)
[SECURITY] [DSA 2879-1] libssh security update
[CVE-2014-2087] Free Download Manager CDownloads_Deleted::UpdateDownload() Buffer Overflow Remote Code Execution

We are getting different activity reports (Thanks for those!) on Word Press. Beyond the ping back issue that has been happening, is anyone else seeing strange WP behavior?


Richard Porter

--- ISC Handler on Duty

Twitter: Packetalien

Blog: packetalien.com

(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
[ MDVSA-2014:060 ] imapsync
[SECURITY] [DSA 2878-1] virtualbox security update
Multiple McAfee Appliances Multiple SQL Injection and Remote Command Execution Vulnerabilities
Former U.S. Secretary of State and retired Army general Colin Powell has joined the board of Salesforce.com, in a move that gives the cloud software vendor a seasoned Washington insider on its team as it looks to generate more business from government agencies.
Nokia's Refocus app -- which lets users play with the focus after a picture has been taken -- is now available for all Lumia smartphones with Windows Phone 8.
The pressure is mounting for CIOs and other IT leaders to help the business enable new disruptive technologies like mobile, social, cloud and big data, but many CIOs are struggling to do so because maintaining and supporting legacy applications consumes the lion's share of the budget. Here are five recommendations for rationalizing your application portfolio.
The best TED speakers, channeling Steve Jobs, are dynamic, engaging and moving. Meanwhile, analytics technology can provide near-real-time feedback on whatever you want, including audience (dis)engagement. So why are so many tech industry events just more of the same?
Law enforcement agencies in California are using devices that mimic cellular base stations to track mobile users, public records have revealed, triggering charges that the practice may be unconstitutional.
A former SK Hynix employee is at the center of a brewing legal battle between top flash memory rivals after allegedly stealing trade secrets.
Symantec has spotted a phishing campaign leveraging Google Drive that would be hard for users to discern as a scam.
The money spent by advertisers on the desktop will decline this year as people continue to reach for their smartphones to search for information, according to new data from eMarketer.
A demonstration this week by networking vendor Huawei Technologies and chip maker Xilinx signaled the optical industry's eagerness for 400-Gigabit Ethernet, a standard that is still at least two years away.
Apple's latest upgrade to its mobile operating system, iOS 7.1, adds some useful touches and fixes some of the glitches that appeared in the previous version.
Companies that suffer major data breaches almost always portray themselves as victims of cutting edge attack techniques and tools. The reality, though, is often much more mundane.
One of China's most popular messaging apps, WeChat, has started shutting down certain accounts known for their political writings, the latest sign that the nation is stepping up its censorship of the Internet.
Linux Kernel Memory Leak Multiple Local Information Disclosure Vulnerabilities
Schneider Electric ClearSCADA Unspecified Security Vulnerability

Posted by InfoSec News on Mar 14


By Michael Riley, Ben Elgin, Dune Lawrence, and Carol Matlack
Bloomberg Businessweek Technology
March 13, 2014

The biggest retail hack in U.S. history wasn’t particularly inventive, nor
did it appear destined for success. In the days prior to Thanksgiving
2013, someone installed malware in Target’s (TGT) security and payments

Posted by InfoSec News on Mar 14


By Dan Goodin
Ars Technica
March 13, 2014

For the past seven years, an annual hacker competition that pays big cash
prizes has driven home the point that no Internet-connected software,
regardless of who made it, is immune to exploits that surreptitiously
install malware on the underlying computer. The first day of this year's...

Posted by InfoSec News on Mar 14


By Bill Gertz
Washington Free Beacon
March 13, 2014

A cyber espionage operation by China seven years ago produced sensitive
technology and aircraft secrets that were incorporated into the latest
version of China’s new J-20 stealth fighter jet, according to U.S.
officials and private defense analysts.

The Chinese cyber spying against the...

Posted by InfoSec News on Mar 14


David S. Cohen
Senior Editor, Features
March 13, 2014

A new report from cybersecurity firm FireEye warns that the U.S. film and
entertainment industries could come under cyberattack from Chinese hackers
intent on undermining companies’ content, technology and internal

“China’s Soft Power...

Posted by InfoSec News on Mar 14


By Nicholas Weaver

We already knew that the NSA has weaponized the internet, enabling it to
"shoot" exploits at anyone it desires. A single web fetch, imitated by an
identified target, is sufficient for the NSA to exploit its victim.

But the Edward Snowden slides and story published yesterday at The Intercept
convey a wealth of new detailed information about the...
Udisks and Udisks2 Long Path Names Local Stack Buffer Overflow Vulnerability
Internet Storm Center Infocon Status