Share |

InfoSec News

Earlier today, Wireshark announced the release of a new stable and old-stable versions of this versatile network protocol analysis tool used heavily in the networking and security community. The new version corrects many bugs including a potential remote code execution vulnerability. As always, it is recommended that you update any computers you use for packet analysis or capturing.
More information is available at :
www.wireshark.org/lists/wireshark-announce/201104/msg00001.html

www.wireshark.org/lists/wireshark-announce/201104/msg00002.html
Scott Fendley

ISC Handler On Duty (c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
 
Patent attorneys and inventors of all types are closely watching a Microsoft case that the U.S. Supreme Court will start to consider on Monday.
 
Patent attorneys and inventors of all types are closely watching a Microsoft case that the U.S. Supreme Court will start to consider on Monday.
 
Companies specialising in two-factor authentication hope to boost business following the breach of RSA's SecurID, and many plan to capitalise with new products at Infosecurity Europe.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google
 
The software giant will release a record number of patches April 12.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google
 
SearchSecurity.com's new "Eye on" series examines a security topic each month. In March, the series explores the role PCI DSS has played in shaping the security industry.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google
 
Experts Diana Kelley and Ed Moyle answer your PCI DSS questions and give advice on how to solve your enterprise's toughest PCI problems.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google
 
Technologies that enable credit card payments via mobile phones have prompted the PCI Council to start a mobile task force.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google
 
Microsoft’s 17 bulletins repair a record 64 vulnerabilities, including four Internet Explorer flaws and several Server Message Block errors.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google
 
NSS Labs Inc., an independent testing firm, has found that some firewalls are failing stability tests and contain a flaw that enables attackers to easily bypass them.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google
 
Cybercriminals are actively targeting a Flash zero-day vulnerability that could cause a crash and enable an attacker to gain complete control of an affected system.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google
 
Verizon's Wade Baker previews the 2011 Verizon Breach Investigations Report and shares surprising insight from the 2010 report on tactics that do and don't help prevent breaches.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google
 
Some say new protections in the SecurID manufacturing and shipping processes may be an effort to mitigate the loss of secret keys used to generate one-time passwords.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google
 
Pithos 'pithos.ini' Local Information Disclosure Vulnerability
 
Perl 'lc()' and 'uc()' Functions TAINT Mode Protection Security Bypass Weakness
 
Adobe has patched a critical vulnerability in Flash Player that the company said criminals were already exploiting with malicious Microsoft Word and Excel documents.
 
Oracle announced Friday that it will no longer sell a commercial version of the Open Office productivity suite, and that the open-source OpenOffice.org will be transitioned to "a purely community-based open-source project."
 
Oracle is now in its fourth quarter, meaning the vendor and its customers are locked in the annual ritual of trying to get new deals done before the fiscal year ends on May 31.
 
President Obama last night shared his criticism of government IT operations with the world via a mistakenly open microphone.
 
(c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
 
In an effort to attract buyers away from Apple's iPad, device makers are setting starting prices of Android tablets to undercut iPad's $499 entry-level price.
 
Microsoft's latest explanation of its Windows Phone 7 update fiasco gets an A for effort, but a B+ for its timing, a crisis communications expert said today.
 
RE: THOMSON Router XSS
 
As more LTE networks go live across the globe, wireless operators have started planning to offer data roaming, and reusing spectrum is seen as one of the best chances of getting worldwide coverage, according to speakers at the LTE Forum conference this week in Stockholm.
 
Intel and Micron announced they have almost halved the size of their NAND flash circuitry, which will open up space in end products for things such as larger batteries or new chips with additional features.
 
Many common website practices can, if implemented in the wrong way, invite legal problems.
 
Microsoft Windows OpenType Font (OTF) Driver Stack Overflow Remote Code Execution Vulnerability
 
Microsoft Excel Data Validation Record Parsing Buffer Overflow Vulnerability
 
Microsoft plans to turn on the Windows Update spigot for Internet Explorer 9 (IE9) on Monday, April 18.
 
Red Hat CEO Jim Whitehurst, HP CTO Phil McKinney, Ubuntu technical architect Allison Randal and Marten Mickos of MySQL and Eucalyptus will keynote LinuxCon.
 
Why wait until the new version of Mac OS X is released this summer? With the right tools, you can get some of the features promised for Lion in Snow Leopard, Leopard or Tiger now.
 
Microsoft Internet Explorer Multiple Remote Code Execution Vulnerabilities
 
More companies that advertise on the Internet in Europe will give consumers the option to turn off advertisements that collect data on their audiences ahead of European Union regulations soon to come into effect.
 
The Los Angeles Times said that a city budget committee closed door meeting with attorneys could indicate the city is considering a lawsuit against Google and CSC due to delays in implementing Google Apps citywide.
 
SQL-Ledger 'am.pl' Directory Traversal Vulnerability
 
Linux Kernel CIFS Local Security Bypass Vulnerability
 
The rewards of cloud computing can be tremendous if the risks are well managed. E-Com Canada's Sri Prakash discusses how best to manage the risk when planning to move assets to the cloud.
 
April 15, 2011: RIM PlayBook fails to impress, Steve Jobs life story going to press
 
VUPEN Security Research - Microsoft Internet Explorer Property Change Memory Corruption (CVE-2011-1345)
 
VUPEN Security Research - Microsoft Office Excel Real Time Data Stack Overwrite Vulnerability (CVE-2011-0105)
 
VUPEN Security Research - Apple Safari Text Nodes Remote Use-after-free Vulnerability (CVE-2011-1344)
 
VUPEN Security Research - Microsoft Windows OpenType CFF Driver Stack Overflow Vulnerability (CVE-2011-0034)
 

Infosec 2011: Brand reputation the most likely target of insider threats
ComputerWeekly.com
Damage to brand reputation is probably the most common threat to organisations from disgruntled employees, says Andrew Kellett, senior research analyst at Ovum. This is more likely than insiders taking down an entire organisation, he says, ...

 
Based on notifications received from Microsoft we are upgrading the rating of MS11-020 (KB 2508429, CVE-2011-0661) from Critical to PATCHNOW. See: http://isc.sans.edu/diary.html?storyid=10693 for the full table.
The Remote Code Exploit is possible without authentication, so this presents a serious risk to internal networks. Think Downadup/Conficker, or think lateral movement if that will help motivate patching.
Also note that this patch requires a reboot of your system.
Please submit any reports of weponization/exploits, or impacts from applying the patch.
Sorry.
-KL (c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
 
SimplyPlay '.pls' File Remote Buffer Overflow Vulnerability
 
Oracle plans to release a large number of security patches for its various software products next week, including six bug-fixes for its flagship database software.
 
As Research In Motion launched its PlayBook on Thursday, Cisco Systems was already accepting orders for its Cius enterprise tablet and shipping it to some customers.
 
IDevSpot TextAds HTML Injection Vulnerability
 
Why wait until Lion is released this summer? With the right tools, you can get many of the features promised for the upcoming OS in Snow Leopard, Leopard or Tiger today.
 
Kevin Timmons, previously Microsoft's general manager of Datacenter Services, is to take up a position at Apple, it has been reported.
 
The BlackBerry PlayBook tablet, which goes on sale Tuesday starting at $499, is performing a balancing act between two worlds -- enterprise customers and consumers.
 
Dotclear Media Manager Arbitrary File Upload Vulnerability
 
cPassMan 'downloadfile.php' Arbitrary File Download Vulnerability
 
Research in Motion executives came out in force Thursday evening in New York, playing hosts at the industry launch of the PlayBook tablet in an effort to convince market watchers and potential users that the device is a serious contender in an arena dominated by Apple's iPad.
 
InfoSec News: USAID waives FISMA for iPads: http://www.fiercegovernmentit.com/story/usaid-waives-fisma-ipads/2011-04-13
By Molly Bernhart Walker FierceGovernmentIT April 13, 2011
Many U.S. Agency for International Development workers are using iPads--a fact that recently drew the ire of Secretary of State Hillary [...]
 
InfoSec News: UAE moves to limit more secure BlackBerry service: http://www.itp.net/584500-uae-moves-to-limit-more-secure-blackberry-service
By Ed Attwood ITP.net April 14, 2011
Following a threat to cancel services in the UAE last year, the country's regulator has now moved to restrict access of the more secure [...]
 
InfoSec News: Hackers gain root access to WordPress servers: http://www.computerworld.com/s/article/9215809/Hackers_gain_root_access_to_WordPress_servers
By Jeremy Kirk IDG News Service April 14, 2011
Hackers have compromised several servers that support WordPress and may have obtained source code, according to the founding developer of [...]
 
InfoSec News: Serial hacker admits breaching Federal Reserve computers: http://www.theregister.co.uk/2011/04/14/federal_research_hacker_guilty/
By Dan Goodin in San Francisco The Register 14th April 2011
A Malaysian national has admitted hacking a computer network operated by the US Federal Reserve Bank and possessing stolen payment card data. [...]
 
InfoSec News: Secunia Weekly Summary - Issue: 2011-15: ========================================================================
The Secunia Weekly Advisory Summary 2011-04-07 - 2011-04-14
This week: 92 advisories [...]
 
InfoSec News: [Annoucement] ClubHack Magazine Issue 15-April 2011 released: Forwarded from: Abhijeet Patil <abhijeet (at) chmag.in>
Hi All,
Here we are with our 15th Issue of CHMag. March witnessed the launch of the much awaited Mozilla Firefox 4 so we dedicated this issue to Mozilla. Due to overwhelming response of "Call For Articles", we have [...]
 
InfoSec News: External hacker suspected in Nonghyup network crash: http://english.donga.com/srv/service.php3?bicode=040000&biid=2011041541348
The Dong-A Ilbo April 15, 2011
Prosecutors have begun an investigation into the National Agricultural Cooperative Federation, also called Nonghyup or NH Bank, which has suffered a major network crash. [...]
 

Posted by InfoSec News on Apr 14

http://www.fiercegovernmentit.com/story/usaid-waives-fisma-ipads/2011-04-13

By Molly Bernhart Walker
FierceGovernmentIT
April 13, 2011

Many U.S. Agency for International Development workers are using
iPads--a fact that recently drew the ire of Secretary of State Hillary
Clinton when she sat next to a USAID official on a plane, said Jerry
Horton, chief information officer at USAID. Horton spoke April 7 at a
cloud computing forum at the...
 

Posted by InfoSec News on Apr 14

http://www.itp.net/584500-uae-moves-to-limit-more-secure-blackberry-service

By Ed Attwood
ITP.net
April 14, 2011

Following a threat to cancel services in the UAE last year, the
country's regulator has now moved to restrict access of the more secure
version of Research In Motion (RIM)'s BlackBerry service.

The Telecommunications Regulatory Authority (TRA) today confirmed in a
statement to Arabian Business that it had asked the two...
 

Posted by InfoSec News on Apr 14

http://www.computerworld.com/s/article/9215809/Hackers_gain_root_access_to_WordPress_servers

By Jeremy Kirk
IDG News Service
April 14, 2011

Hackers have compromised several servers that support WordPress and may
have obtained source code, according to the founding developer of
Automattic, the company behind the popular blogging platform.

Matt Mullenweg wrote on the WordPress blog that Automattic has been
reviewing log records to determine...
 

Posted by InfoSec News on Apr 14

http://www.theregister.co.uk/2011/04/14/federal_research_hacker_guilty/

By Dan Goodin in San Francisco
The Register
14th April 2011

A Malaysian national has admitted hacking a computer network operated by
the US Federal Reserve Bank and possessing stolen payment card data.

Lin Mun Poo, 32, entered a guilty plea on Wednesday in US District Court
in Brooklyn. In November, prosecutors brought a four-count indictment
against him that charged...
 

Posted by InfoSec News on Apr 14

========================================================================

The Secunia Weekly Advisory Summary
2011-04-07 - 2011-04-14

This week: 92 advisories

========================================================================
Table of Contents:

1.....................................................Word From...
 

Posted by InfoSec News on Apr 14

Forwarded from: Abhijeet Patil <abhijeet (at) chmag.in>

Hi All,

Here we are with our 15th Issue of CHMag. March witnessed the launch of
the much awaited Mozilla Firefox 4 so we dedicated this issue to
Mozilla. Due to overwhelming response of "Call For Articles", we have
good number of articles and so we will continue with same theme for May
issue.

ClubHack Magazine: http://chmag.in

Direct Download:...
 

Posted by InfoSec News on Apr 14

http://english.donga.com/srv/service.php3?bicode=040000&biid=2011041541348

The Dong-A Ilbo
April 15, 2011

Prosecutors have begun an investigation into the National Agricultural
Cooperative Federation, also called Nonghyup or NH Bank, which has
suffered a major network crash. The Financial Supervisory Service will
start a probe into this as early as Friday.

Prosecutors said Thursday that they suspect an outside hacker disrupted...
 


Internet Storm Center Infocon Status