InfoSec News

Red teaming assesses the security of an organization and can be a more effective way to assess the organization's security posture.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google
Apple platform security firm Intego has discovered OSX/Imuler.E, a new variant of the Imuler Trojan.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google
Four things are clear from Cisco's better-than-expected Q1 FY 2013 results:
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Google has expanded its legal agreement with developers working on Android applications to specifically prohibit them from taking any action that could lead to a fragmentation of the operating system.
The U.S. Senate has voted against moving forward on a cybersecurity bill that supporters have called critical for national security.

Adobe has revealed that apparently a password database from connectuser.com was compromised via a SQL injection attack.[1] Ars Technica reports that the passwords were hashed using MD5 (not clear whether they were salted or not).[2] Do we really need to remind you what constitutes a strong password and not to reuse them?

Some previous password diaries that might be of interest:

Potential leak of 6.5+ million LinkedIn password hashes

Critical Control 11: Account Monitoring and Control

Theoretical and Practical Password Entropy

An Impromptu Lesson on Passwords

Password Rules:Change them every 25 years (or when you know the target has been compromised)


[1] https://blogs.adobe.com/adobeconnect/2012/11/connectusers-com-forum-outage-following-database-compromise.html

[2] http://arstechnica.com/security/2012/11/adobe-breach-reportedly-spills-easy-to-crack-password-hashes/


Jim Clausing, GIAC GSE #26

jclausing --at-- isc [dot] sans (dot) edu
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Some users of Microsoft's new Surface tablet are complaining about connectivity issues that are preventing them from getting on the Internet, according to posts on Microsoft's Surface support forum.
Web content is great, when you don't mind visiting a multitude of Web sites in order to peruse all that you want to see. Wouldn't it be great if you could grab the content you wanted to read and put it in one place, almost like a virtual newspaper? You can, with Paper.li, another tool in the growing online curation space.
Texas Instruments will lay off 1,700 employees as it refocuses its efforts away from the wireless sector -- including cellphones and tablets -- and toward embedded systems, the company announced Wednesday.
The Ransomlock.U Trojan can successfully lock computers running Windows 8, according to a test performed by researchers at Symantec.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google
Hardened operating system will give industrial control system manufacturers a more secure platform for their software.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google
Oracle MySQL Server CVE-2012-1689 Remote Security Vulnerability
Oracle MySQL Server CVE-2012-3150 Remote Security Vulnerability
The U.S. Air Force has decided to scrap a major ERP (enterprise resource planning) software project after spending US$1 billion, concluding that finishing it would cost far too much more money for too little gain.
Adobe has shut down Connectusers.com, a community forum site for users of its Adobe Connect Web conferencing platform, because the site's user database was compromised.

The folks over at Microsoft (who now owns Skype) fixed a bug earlier today that potentially would have allowed anyone to hijack a Skype account simply by knowing the e-mail address the account was associated with. Apparently the vulnerability was found at least 3 months ago by a Russian researcher who claims that many users were affected. Im not aware of any procedures in place to reclaim a Skype ID that was hijacked, but if anyone knows of one please let us know either by leaving a comment or contacting us via the contact page. Trend Micro[1] has a pretty good writeup, so I wont rehash the whole thing here and Microsoft has responded[2].


[1] http://countermeasures.trendmicro.eu/skype-vulnerability/

[2] http://heartbeat.skype.com/2012/11/security_issue.html


Jim Clausing, GIAC GSE #26

jclausing --at-- isc [dot] sans (dot) edu
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
The best move Microsoft could make after Steven Sinofsky's departure is to ditch the culture of secrecy he brought to Windows, analysts said today
NASA is scrambling to implement full disk encryption on agency laptops after one containing unencrypted personal information on a "large" number of people was recently stolen.
Microsoft will begin running four new TV ads for Windows Phone 8 tonight, featuring celebrities Jessica Alba and Gwen Stefani and the live tiles interface in the new devices.
Facebook announced Wednesday that it's launching an app to help users find jobs.
Two hotels in Hong Kong are leveraging mobile apps to give guests a new experience during their stay.
Ukraine startup Devellar has launched the beta version of an online tool that checks URLs to see if content posted under them has been duplicated elsewhere on the Web.
Asked if they'd rather receive a PC or a tablet as a holiday gift, 59% of respondents in a PriceGrabber survey opted for the tablet. Are these results a sign of things to come, or will this holiday season see a rebound in PC sales?
Opera Web Browser Prior to 12.10 Multiple Vulnerabilities
Reader Derrick Craver is having some difficulty sharing images via iCloud. He writes:
As Salesforce.com's SaaS offerings become more sophisticated, configuration and deployment gets more complex. In response, enterprises are increasingly turning to partners for implementation help.
Chairman and CEO, Netgear, talks about market competition and partner strategy in the India market.
Mobility and security hardly go hand-in-hand. But not at the Essar Group. In fact, for this Indian, multinational conglomerate, security was the stepping stone to enterprise mobility and a vibrant BYOD environment.
If the increase in supercomputer speeds continue at their current pace, we will see the first exascale machine by 2020, estimated the maintainers of the Top500 compilation of the world's fastest systems.
Gajim '_ssl_verify_callback()' Function SSL Certificate Validation Spoofing Vulnerability
After leaving -- or losing -- his job at Microsoft. Steven Sinofsky will probably not be standing in an unemployment line.
SAP announced strong support for the Windows 8 platform this week, including six upcoming mobile apps that focus on business training, recruiting and sales
Microsoft System Center Configuration Manager CVE-2012-2536 Cross Site Scripting Vulnerability
Re: Re: [oss-security] Re: [OVSA20121112] OpenVAS Manager Vulnerable To Command Injection
SAP has developed an update for its HANA in-memory database that will enable it to "power mission-critical transactional and analytical applications in one platform," the vendor announced Wednesday during the Tech Ed and Sapphire conferences in Madrid.
Skype has disabled the account password reset option on its website following reports that the feature can be abused to hijack Skype accounts if the attackers know the email addresses associated with them.
Microsoft plans to release Windows Embedded Standard 8 next March, as the company aims to bring Windows 8 features to a whole host of devices outside the PC, including ATMs, information kiosks, advertising displays and even industrial machines.
Regular as clockwork -- just after an election which generated far too many stories of people waiting far too long to vote (and far too many local election officials saying that everything went fine and that there were no problems) -- come the calls for voting via the Internet. The press wonders if we are a third-world country, politicians posture and most security experts say "don't go there."
Nokia dropped to seventh place in the global smartphone market in the third quarter, as Samsung and Apple controlled 46.5% of the market, Gartner said today.
Named after the famous Star Trek engineer, Scotty is a lightweight open source tool that allows users to easily set up a proxy server to circumvent internet filtering, eavesdropping and firewalls

Skype is investigating a security vulnerability that apparently allowed attackers to take control of any Skype account with only the associated email address
iDev Rentals v1.0 - Multiple Web Vulnerabilities
YUI 'SWF' File Multiple Cross-Site Scripting Vulnerabilities
IBM Java Multiple Remote Code Execution Vulnerabilities
Security advisory for Bugzilla 4.4rc1, 4.2.4, 4.0.9 and 3.6.12
Multiple vulnerabilities in BabyGekko
Re: [oss-security] Re: [OVSA20121112] OpenVAS Manager Vulnerable To Command Injection
0-day vulnerabilities in Call of Duty MW3 and CryEngine 3

Project Manager
The person in this position will be responsible for planning, implementation and tracking of programming and operational projects for the InfoSec PEIS team. They will work to develop a detailed work plan that identifies and sequences the activities ...


Post suggestions or comments in the section below or send us any questions or comments in the contact form on https://isc.sans.edu/contact.html#contact-form


Adam Swanger, Web Developer (GWEB, GWAPT)

Internet Storm Center https://isc.sans.edu
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
The physical keyboard and inclusion of Office are differentiators that make a straight-up comparison with iPads and Android tablets impossible.
Online backups are a useful component of a well-balanced backup strategy. Whether you rely primarily on cloud storage for backups (see "Backup Basics") or use the cloud to supplement local backups such as bootable duplicates (see "Bulletproof Backups"), it's crucial to understand how you will go about restoring your data after disaster strikes.
Skype is investigating a security vulnerability that apparently allowed attackers to take control of any Skype account with only the associated email address
Now that you've been using Time Machine regularly to back up your computer, you should be fully prepared if your Mac crashes or if you need to move data from one Mac to another. Restoring data from Time Machine is just as easy as backing things up in the first place.
IBM is planning to release on Dec. 14 a public beta of Notes and Domino 9.0 Social Edition that will no longer use the Lotus brand.
Visa said Tuesday that it has expanded its digital wallet service V.me to an additional 53 banks and 23 merchant partners.
Google said Tuesday it is starting to connect homes in Kansas City, Kansas, to its Google Fiber broadband service.
The Chrome developers at Google have confirmed that the recent stable release of Chrome for Mac OS X now includes a fully sandboxed Flash Player plugin. The Windows, Linux and Chrome OS versions added this in previous releases

Skype is investigating a security vulnerability that apparently allowed attackers to take control of any Skype account with only the associated email address

Adobe Flash Player and AIR APSB12-24 Multiple Security Vulnerabilities
As expected, Microsoft on Tuesday shipped a major preview of Internet Explorer 10 (IE10) for Windows 7, using a moniker that hints at a final release as early as next month.
DD-WRT, Tomato, OpenWRT, M0n0wall, PfSense, and Vyatta suit a wide range of devices and networking needs
A new beta version of BlackBerry Messenger (BBM) that allows users to make voice calls over Wi-Fi is now available for download, Research In Motion said.
Japan's Sharp is seeking an investment from U.S. chip giant Intel and other companies.
A new cyberlaw issued by the President of the United Arab Emirates this week provides for the imprisonment of political dissidents, according to information on the law from the government-run Emirates News Agency, also known as WAM (Wakalat Anba'a al-Emarat).
GSA excesses at a Las Vegas conference two year's ago prompted a cutback in U.S. government travel budgets -- and that means fewer federal researchers at this year's supercomputing conference.
If there was one lesson for political pundits from last week's presidential election, it was that basic statistical modeling techniques can be used to predict election outcomes with stunning accuracy.
Steve Jobs was right about apps in more ways than perhaps he ever knew. The concept of using apps to make software easily available and affordable to large numbers is arriving in high performance computing.
On its November Patch Tuesday, Microsoft releases six bulletins to close a total of 19 security holes. All versions of Windows are affected – including the newly released version 8. Further updates affect Internet Explorer, the .NET Framework and Office

HT Editor File Open Remote Stack Buffer Overflow Vulnerability
nspluginwrapper Private Browsing Flash Player Storage Local Information Disclosure Vulnerability
Linux Kernel EXT4 'ext4_fill_flex_info()' Local Denial of Service Vulnerability

Posted by InfoSec News on Nov 13


By Steve Myall
14 Nov 2012

A Royal Navy officer tried to pass nuclear submarine secrets to the
Russians because he wanted to "hurt the Navy," a court heard yesterday.

Petty Officer Edward Devenney, 30, tried to contact the spies when he
was due to serve on HMS Vigilant -- a submarine which carries Trident
nuclear missiles.

He had...

Posted by InfoSec News on Nov 13


Source: NASA HQ
Posted Tuesday, November 13, 2012

From: HQ-NASA INC [mailto:hq-nasa-inc (at) nasa.gov]
Sent: Tuesday, November 13, 2012 2:30 PM
Subject: Breach of Personally Identifiable Information (PII)


Point of Contact: Kelly M. Carter, Information Technology and Communications
Division, NASA Headquarters, kelly.carter (at) nasa.gov

Message from...

Posted by InfoSec News on Nov 13


By Thor Olavsrud
November 13, 2012

Employees are increasingly turning to the cloud to get their work done,
whether IT has a policy about cloud use or not, according to research
studies by Symantec and cloud backup provider Symform.

"I don't think IT realizes how much the way we live life as individuals

Posted by InfoSec News on Nov 13


By Dirk A. D. Smith
Network World
November 13, 2012

At a time when cyberattacks on America's critical infrastructure have
increased 17-fold (between 2009 and 2011), the need for highly trained
cybersecurity professionals is acute. However, 83% of federal hiring
managers in a recent survey said it was extremely difficult to find
well-trained cybersecurity...

Posted by InfoSec News on Nov 13


By Regan Thaw
13 Nov 2012

The South African Banking Risk Information Centre (Sabric) is gravely
concerned over a security breach that led to personal bank card details
being leaked and personal accounts being hacked, officials said on

The breach occurred at a company that handles online transactions.

It is unclear exactly how many cardholders' details were accessed....
Internet Storm Center Infocon Status