Hackin9

InfoSec News

(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
Google Apps will soon gain an email routing and filtering feature from Google's Postini suite of email security services, part of an effort to eventually replicate all Postini functionality in Google Apps.
 
Apple's iCloud service, which was recently forced upon former-users of mac.com (including myself), has not proven to be a shiny seamless service. Many tech journos complain that iCloud doesn't represent the user-experience associated with Cupertino's decades-long tradition as a quality-brand.
 
A case that pits a whistleblowing employee against offshore outsourcing giant Infosys will be delayed until next month, a judge ordered on Wednesday.
 
Microsoft and Nokia will hold a press conference in three weeks, an event that will likely center around Windows Phone 8, the next version of Microsoft's OS for mobile devices.
 
Cisco Systems posted a small sales gain of 4 percent and a larger boost in profit for its fiscal fourth quarter on Wednesday.
 
On its August Patch Day, Adobe has closed several holes in Reader, but not in the Linux version. To make things worse, this is unlikely to change in the near future. Further holes also exist in Reader for Windows and Mac OS X


 
[SECURITY] [DSA 2530-1] rssh security update
 
----------- Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu (c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
Wireshark released an update for its popular protocol analyzer fixing several bugs and vulnerabilities fixing 8 CVE. Affected versions are: 1.4.0 to 1.4.14, 1.6.0 to 1.6.9, 1.8.0 to 1.8.1. Latest version can be downloaded here.
[1] http://www.wireshark.org/docs/relnotes/wireshark-1.8.2.html

[2] http://www.wireshark.org/docs/relnotes/wireshark-1.6.10.html

[3] http://www.wireshark.org/docs/relnotes/wireshark-1.4.15.html

[4] http://www.wireshark.org/download.html
-----------
Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu (c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
Microsoft has told Windows 8 app developers that if they use the word 'metro' in the name of their software, the app will be denied access to the Windows Store.
 
Your sensitive data is only as secure as the weakest link in your organization, and in many cases the weak link is your employees. A properly established security awareness and training program can pay huge dividends.
 
As promised, Microsoft today released the final version of Windows 8 to MSDN and TechNet subscribers, and it posted a 90-day evaluation copy of Windows 8 RTM that anyone can download.
 
Some AT&T customers are being affected by a failure in the carrier's DNS (Domain Name System) servers that began Wednesday morning.
 
[ MDVSA-2012:132 ] glpi
 
As promised, Microsoft today released the final version of Windows 8 to MSDN and TechNet subscribers, and it posted a 90-day evaluation copy of Windows 8 RTM that anyone can download.
 
While nobody is predicting that the proliferation of mobile devices in the enterprise will create a full-blown bandwidth catastrophe, IT managers will have to move quickly to ensure satisfactory performance for employees accessing company data over wireless links.
 
[2.0 Update] Cisco Security Advisory: Cisco IOS XR Software Route Processor Denial of Service Vulnerability
 
CFP for ZeroNights conference Moscow 19-20 November 2012
 
[SECURITY] [DSA 2528-1] icedove security update
 
iTunes gives you the ability to access thousands of free streaming Internet radio stations from around the world. But what about if you want to spin the virtual radio dial on an iOS device as well?
 
Looking to get in on the booming mobile market, social network Pinterest has unveiled mobile apps for its pinboard service.
 
Some AT&T customers are being affected by a failure in the carrier's DNS (Domain Name System) servers that began Wednesday morning.
 
The two faces of Windows 8 -- the Desktop and the interface formerly known as Metro -- still coexist uneasily in the final RTM version of the OS. But some of Windows 8's native apps are great.
 
Hoping to inspire tablet users to create more content with their devices, Samsung introduced a stylus-based tablet, called the Galaxy Note 10.1, which the company touts as more interactive than the market-leading Apple iPad.
 
Twitter co-founders Evan Williams and Biz Stone, who were also leaders at Blogger, have unveiled a preview of Medium, which they describe as a new Web publishing platform.
 
Security researchers have detected attacks targeting users of Internet Explorer with a Flash file embedded in a Microsoft Word document.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google
 
Adobe has published security updates for its Reader and Acrobat products, fixing multiple critical vulnerabilities. Updates for the company's Flash and Shockwave Players have also been released to close critical holes
 
Google on Tuesday boosted payments to researchers for reporting bugs in Chrome, saying the move was prompted by a decline in vulnerabilities submitted by outsiders.
 
Following a drop in the number of vulnerabilities reported by external researchers, Google has made changes to the rewards structure of its Vulnerability Rewards Program


 
Give a child a toy and you entertain her for a day. Teach a child to build her own toys and she'll probably make a death trap out of thumbtacks, then use it to run twisted experiments on tiny, sentient creatures. That can be amusing, too, but you'd be surprised how quickly you run out of thumbtacks.
 
More that a dozen retailers including Best Buy, Walmart, Target and 7-Eleven have joined forces to form the Merchant Customer Exchange (MCX), a mobile-payments network that will compete with Google and Isis.
 
Buffalo Technology's MiniStation Thunderbolt drive is a plug-and-play, portable, external hard drive that boasts both Thunderbolt and USB 3.0 connectivity.
 
Standard edition of Java will run on Mac OS X, two versions of ARM processor; JavaFX gains Linux and multitouch capabilities
 
Ecuador's external affairs ministry on Wednesday will present to the country's president the results of its deliberations on the request for asylum from WikiLeaks founder Julian Assange.
 
Two independent networking problems took computers offline at Department of Motor Vehicles (DMV) offices across California on Tuesday, causing problems for thousands of people.
 
Sony said its new mobile gaming platform, which will allow "PlayStation-like" games to be played on third-party Android devices, will launch this fall in nine countries.
 
Three decades into the digital revolution, passwords are still complicated, ineffective and a drain on IT's resources. What gives?Insider (registration required)
 
Microsoft has decided to stop publishing new apps for Windows Phone on Marketplace, while it addresses an issue that led to users experiencing problems with application downloads this week, the company said in blog post on Tuesday.
 
Saudi Arabia objected this week to a variety of new generic top-level domains (gTLDs) ranging from .porn and .sexy to .wine and .bar and .bible, according to records of the Internet Corporation for Assigned Names and Numbers (ICANN).
 
Adobe has published security updates for its Reader and Acrobat products, fixing multiple critical vulnerabilities. Updates for the company's Flash and Shockwave Players have also been released to close critical holes


 
In what it says is an attempt to turn the tables on malicious hackers, security vendor Prolexic has released details of vulnerabilities it discovered in a toolkit family used by hackers to launch distributed denial of service attacks against corporate networks.
 
For its August Patchday, Microsoft has released nine security bulletins for twenty-six holes in a variety of products. Five of these bulletins are rated critical and one security bulletin from July had to be re-issued


 
A Java Runtime Environment for Mac OS X and a free, but not open source, Linux ARM v6/v7 JDK are the highlights of Java SE 7 Update 6


 

Informatica positions itself in the security space
IT-Director.com
Informatica has been trying to establish itself in the security space for some time. It exhibited at InfoSec this year, for example, and it will be at the RSA conference in London in October. Nevertheless, most people probably don't think of ...

 
RETIRED: Microsoft August 2012 Advance Notification Multiple Vulnerabilities
 
Internet Storm Center Infocon Status