InfoSec News

Wi-Fi support has made its way into all kinds of consumer devices -- from smartphones to gaming consoles, cameras, DVD players and televisions -- and it is often implemented with native connection sharing capabilities. While great for consumers, this creates security and performance issues when any of these devices end up at work.
 
BMC CEO Bob Beauchamp talks about his company’s cloud strategy, why BMC thinks IBM and HP are the wrong answer for management buyers, and how BMC’s acquisitions have positioned the company to dominate the evolving management market.
 
New York's move to new electronic voting technology is causing some problems for people trying to cast ballots in today's primary election.
 
A critical printer sharing vulnerability is related to the Stuxnet malware, which was discovered targeting industrial control systems and other enterprises.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google

Microsoft - Malware - Control system - Business - Security
 
Researchers at Damballa Inc. have discovered one of the largest active global botnets, which can rented out to flood domains with unwanted traffic.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google

Damballa - Botnet - Denial-of-service attack - Business - China
 
Women are earning more master's degrees and doctorates than men, except in computer and information sciences, where men overwhelmingly dominate the field, according to a new study.
 
Thornton May laments the state of IT planning today, but he has a plan of his own.
 
Harrisburg University provost Eric Darr wants to know if his students can live without Facebook, Twitter, instant messaging and other social networks for an entire week.
 
Nokia wants to 're-enter' the U.S. market and is developing smartphones for U.S. consumers, but the phone maker won't be building more CDMA-based phones, which run on half the nation's wireless networks, Nokia's global head of sales said.
 
When you die, your online life can continue on for years.
 
Microsoft today delivered nine security updates to patch 11 bugs in Office, the IIS Web server and Windows, including one that was overlooked but exploited by a July worm.
 
New York's move to new electronic voting technology is causing some problems for people trying to cast ballots in today's primary election.
 
STEC Corp. on Tuesday released the MACH16 family of SSDs, which can achieve up 240MB/sec throughput and are aimed at server and storage array manufacturers for enterprise-class data centers.
 
Intel kicked off the second day of the Intel Developer Forum by officially launching its app store and rolling out new Atom processors.
 
Financial services giant JPMorgan Chase is blaming technical problems for the ongoing outage of its online banking site, Chase.com.
 
A sophisticated worm designed to steal industrial secrets and disrupt operations has infected at least 14 plants, according to Siemens.
 

Jack Daniel Distills a Cloud Communications Conversation
TMCnet
In 2010 he was recognized by Microsoft (News - Alert) as a MVP and in another, recent honor, he was named one of the “Top 10 Sexy Infosec Geeks of 2009” ...

and more »
 
Mozilla has temporarily stopped providing security updates to its Firefox browser as engineers investigate a bug that has caused some computers to crash.
 
At the CSO Security Standard conference, General Electric's senior counselor explained what GE is doing to protect customer, employee and supplier privacy.
 
At Nokia World 2010 trade show in London, the world's biggest mobile phone maker announced three new smartphones: the E7, C7 and C6.
 
Spaces is a great way to keep your screen from getting too cluttered. But if you like to keep applications in specific window positions, it can be a hassle to move them from one space to another, because those window positions can be lost. Mac OS X Hints reader rab777hp found a fix--a way to move a window from a specific spot in one space to the same spot in another:
 
Many moons ago I wrote about TouchFreeze, a free laptop utility that solves one of life's most maddening problems: accidental swipes of your touchpad while typing. (Why isn't Windows smart enough to do this on its own? Just saying.)
 
Outdoor enthusiasts: This one's for you. If you enjoy running, hiking, biking, walking, roller-blading, skateboarding, cross-country skiing--well, Google has an app that just may help you enjoy that sport or activity even more. My Tracks is like having a personal outdoors assistant running alongside you, making notes and calculations and even telling you where to go if you get lost.
 
Overview of the September 2010 MicrosoftPatchesand their status.





#
Affected
Contra Indications
Known Exploits
Microsoft rating
ISC rating(*)


clients
servers







MS10-061
Vulnerability in Print Spooler Service Could Allow Remote Code Execution


Microsoft Windows

CVE-2010-2729
KB 2347290
This vulnerability is currently being exploited.
Severity:Critical

Exploitability: 1
Critical
PATCH NOW!



MS10-062
Vulnerability in MPEG-4 Codec Could Allow Remote Code Execution


Microsoft Windows

CVE-2010-0818
KB 975558
no known exploits.
Severity:Critical

Exploitability: 1
Critical
Important



MS10-063
Vulnerability in Unicode Scripts Processor Could Allow Remote Code Execution


Microsoft Windows, Microsoft Office

CVE-2010-2738
KB 2320113
no known exploits.
Severity:Critical

Exploitability: 2
Critical
Important





MS10-064
Vulnerability in Microsoft Outlook Could Allow Remote Code Execution (Replaces MS06-012 MS10-045 )


Microsoft Office

CVE-2010-2728
KB 2315011
no known exploits.
Severity:Critical

Exploitability: 2
Critical
Important



MS10-065
Vulnerabilities in Microsoft Internet Information Services (IIS) Could Allow Remote Code Execution (Replaces MS08-006 )


Microsoft Windows, IIS

CVE-2010-2730

CVE-2010-2731

CVE-2010-1899
KB 2267960
This vulnerability has been disclosed publicly CVE-2010-2731.
Severity:Important

Exploitability: 1,1,3
Critical
PATCH NOW!





MS10-066
Vulnerability in Remote Procedure Call Could Allow Remote Code Execution (Replaces MS09-026 )


Internet Explorer

CVE-2010-2567
KB 982802
no known exploits.
Severity:Important

Exploitability: 1
Critical
Important



MS10-067
Vulnerability in WordPad Text Converters Could Allow Remote Code Execution


Microsoft Windows

CVE-2010-2563
KB 2259922
no known exploits.
Severity:Important

Exploitability: 1
Critical
Important





MS10-068
LSASS Heap Overflow Vulnerability (Replaces MS09-066 )


Active Directory

CVE-2010-0820
KB 983539
no known exploits.
Severity:Important

Exploitability: 1
Important
Important



MS10-069
Vulnerability in Windows Client/Sever Runtime Subsystem Could Allow Elevation of Privilege (Replaces MS07-021 )


Microsoft Windows

CVE-2010-1891
KB 2121546
no known exploits.
Severity:Important

Exploitability: 1
Important
Important




We will update issues on this page for about a week or so as they evolve.

We appreciate updates

US based customers can call Microsoft for free patch related support on 1-866-PCSAFETY

(*): ISC rating

We use 4 levels:

PATCH NOW: Typically used where we see immediate danger of exploitation. Typical environments will want to deploy these patches ASAP. Workarounds are typically not accepted by users or are not possible. This rating is often used when typical deployments make it vulnerable and exploits are being used or easy to obtain or make.
Critical: Anything that needs little to become interesting for the dark side. Best approach is to test and deploy ASAP. Workarounds can give more time to test.
Important: Things where more testing and other measures can help.
Less Urgent: Typically we expect the impact if left unpatched to be not that big a deal in the short term. Do not forget them however.


The difference between the client and server rating is based on how you use the affected machine. We take into account the typical client and server deployment in the usage of the machine and the common measures people typically have in place already. Measures we presume are simple best practices for servers such as not using outlook, MSIE, word etc. to do traditional office or leisure work.
The rating is not a risk analysis as such. It is a rating of importance of the vulnerability and the perceived or even predicted threat for affected systems. The rating does not account for the number of affected systems there are. It is for an affected system in a typical worst-case role.
Only the organization itself is in a position to do a full risk analysis involving the presence (or lack of) affected systems, the actually implemented measures, the impact on their operation and the value of the assets involved.
All patches released by a vendor are important enough to have a close look if you use the affected systems. There is little incentive for vendors to publicize patches that do not have some form of risk to them


Cheers,

Adrien de Beaupr

EWA-Canada.com (c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
 

GovInfoSecurity.com

Defense Deputy Secretary in Europe to Discuss Infosec with NATO
GovInfoSecurity.com
Deputy Secretary William Lynn III is upholding the fourth of the Department of Defense's five-pillar strategy he outlined last month, meeting this week with ...

and more »
 

INTERPOL Info Security Conference Comes to HK
CRIENGLISH.com
The theme of the conference is "Global Cooperation Today for InfoSec Risks Tomorrow." It will bring together industry leaders, academic experts and law ...
First INTERPOL Information Security Conference held in Hong Kong7thSpace Interactive (press release)

all 2 news articles »
 

Journalists get free attendance for ICT training
Vanguard
Meanwhile, the InfoSecurityuk 2010 team has announced the keynote topic for the summit – “The Future of InfoSec” to be delivered by Winn Schwartau, ...

 
Nokia confirmed that Chairman Jorma Ollila plans to resign in 2012, making way for new leadershiup as the company tries to win back market leadership with new smartphones.
 
Nvidia is set to unveil Parallel Nsight 1.5, which includes multicore debugging and system analysis functionality.
 
Shadowserver has published their take on a recent series of DDoS attacks http://www.shadowserver.org/wiki/pmwiki.php/Calendar/20100913. The control domains, victim industries, countries affected, and command communications are all listed in the article. Not a complete analysis of the BlackEnergy bot, and bots are not a new phenomenon, but server to remind that DDoS for hire is still around, botnets are still around, and that their impact can be devastating.
Cheers,

Adrien de Beaupr

EWA-Canada.com (c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
 
Tackling 'universal problem,' Terracotta says BigMemory module helps improve apps performance
 
A company that makes a cloud management system is getting a $14 million investment from Intel and others. It will use the money to hire new employees.
 
Verizon announced a cloud computing service for small and midsize U.S. businesses with up to 1,000 employees.
 
Experts disagree on whether a bug in Adobe's Reader PDF was caused by the same Chinese group that hacked into the systems of Google and other major companies late last year.
 
We look at the current state of the market and review 8 of the most popular e-readers.
 
The Virtual Computing Environment (VCE) coalition has signed up its first Asian operator customer -- Singapore Telecommunications (SingTel) -- ten months after the partnership was created to offer packages of hardware and software for data centers, it said this week.
 
Hadoop and other tools can unlock critical insights from unfathomable volumes of corporate and external data
 
Online backup provider Carbonite today released Version 4.0 of its software, an update it said increases the ease and granularity with which users can search for and restore their data.
 
The popularity of e-readers proves that reading books isn't passé. But what is the current state of the market, and which e-readers are the best?
 
Juniper Networks is expected to soon announce that it is acquiring wireless LAN player Trapeze Networks from parent Belden in a move that will expand Juniper’s enterprise portfolio.
 

First INTERPOL Information Security Conference held in Hong Kong
7thSpace Interactive (press release)
Hong Kong (HKSAR) - The 1st INTERPOL Information Security Conference entitled "Global Cooperation Today for InfoSec Risks Tomorrow" will be held between ...

 
InfoSec News: Data centre security needs rethinking: AFCOM: http://www.computerworld.com.au/article/360434/data_centre_security_needs_rethinking_afcom/
By Tim Lohman Computerworld 13 September, 2010
IT Departments have been warned that their internal and external data centre providers may be far from being as secure as they may think due [...]
 
InfoSec News: Vishing Scam Hits FDIC: http://www.bankinfosecurity.com/articles.php?art_id=2911
By Tracy Kitten Managing Editor Bank Info Security September 12, 2010
Telephone-based phishing, or vishing scams are quickly ranking among the most popular socially-engineered schemes perpetrated by fraudsters. [...]
 
InfoSec News: [Dataloss Weekly Summary] Week of Sunday, September 5, 2010: ========================================================================
Open Security Foundation - DataLossDB Weekly Summary Week of Sunday, September 5, 2010
32 Incidents Added.
======================================================================== [...]
 
InfoSec News: Secure App Development Can Lead To Cost Savings, Study Says: http://www.darkreading.com/vulnerability_management/security/app-security/showArticle.jhtml?articleID=227400302
By Tim Wilson DarkReading Sept 13, 2010
If you could find and fix security flaws before the application is deployed, instead of afterward, then your organization would save money. [...]
 
InfoSec News: Can we fight cyber crime like the Untouchables fought Capone?: http://fcw.com/articles/2010/09/13/cybererye-targeting-the-head-of-cybercrime.aspx
By William Jackson FCW.com Sept 13, 2010
There appears to be little relief in sight from the relentless onslaught of spam that continues to deliver malicious code and phishing lures to [...]
 

Posted by InfoSec News on Sep 13

========================================================================

Open Security Foundation - DataLossDB Weekly Summary
Week of Sunday, September 5, 2010

32 Incidents Added.

========================================================================

DataLossDB is a research project aimed at documenting known and reported
data loss incidents world-wide. The Open Security Foundation asks for
contributions of new incidents and new data for...
 

Posted by InfoSec News on Sep 13

http://www.darkreading.com/vulnerability_management/security/app-security/showArticle.jhtml?articleID=227400302

By Tim Wilson
DarkReading
Sept 13, 2010

If you could find and fix security flaws before the application is
deployed, instead of afterward, then your organization would save money.
But how much could you really save?

That's the question studied in a new report published today by ROI
consultancy Mainstay Partners and Fortify...
 

Posted by InfoSec News on Sep 13

http://fcw.com/articles/2010/09/13/cybererye-targeting-the-head-of-cybercrime.aspx

By William Jackson
FCW.com
Sept 13, 2010

There appears to be little relief in sight from the relentless onslaught
of spam that continues to deliver malicious code and phishing lures to
our inboxes day in and day out. According to Symantec's "State of Spam
and Phishing Report" for August, spam made up more than 92 percent of
e-mail last month. The...
 
Many Android tablets will soon reach shelves to compete with Apple's iPad, which has not faced a worthy challenger yet. Samsung, Toshiba, ViewSonic and Archos recently announced tablets with screen sizes ranging from 7 inches to 10 inches. These tablets are not just cheap knockoffs, but legitimate competitors that outdo the iPad on certain features. Toshiba's Folio 100 features better video capabilities with full 1080p HD video support, topping iPad's 720p video support. These tablets also include USB ports and run Android 2.2 OS, bringing Flash support for Internet video, which the iPad lacks. The iPad is considered a well-rounded tablet, but a sticking point has been its US$499 starting price. The latest Android tablets come at prices ranging from $299 to $1,000, depending on screen size and features.
 

Posted by InfoSec News on Sep 13

http://www.computerworld.com.au/article/360434/data_centre_security_needs_rethinking_afcom/

By Tim Lohman
Computerworld
13 September, 2010

IT Departments have been warned that their internal and external data
centre providers may be far from being as secure as they may think due
to a lack of serious approach to the risks associated with cyber
terrorism.

Issuing the warning, The Strategic Directions Group director and data
centre national...
 

Posted by InfoSec News on Sep 13

http://www.bankinfosecurity.com/articles.php?art_id=2911

By Tracy Kitten
Managing Editor
Bank Info Security
September 12, 2010

Telephone-based phishing, or vishing scams are quickly ranking among
the most popular socially-engineered schemes perpetrated by fraudsters.
The latest target: The Federal Deposit Insurance Corp., which last week
warned of a vishing scam that is duping consumers.

According to the FDIC's statement, the criminals...
 

Internet Storm Center Infocon Status