REMINDER/ Lookingglass to Moderate Panel at Suits and Spooks La Jolla 2013
Wall Street Journal (press release)
The event will consist of a combination of plenary and break-out sessions and include representatives from the FBI, NCIS, DOD, academia and cutting edge INFOSEC startups. Suits and Spooks La Jolla: "All-Source Intelligence: Actual Versus Perceived ...

(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

SANSFIRE 2013 is getting underway in Washington DC. Traditionally, Sansfire is the "ISC Handlers' conference", where many of us attend, teach classes, and give talks on current security trends and research results. Starting today (Monday Jun 17), we are hosting several bonus sessions, including the "State of the Internet" panel discussion on Monday evening. For a full list of the sessions lined up throughout the week, see here: https://www.sans.org/event/sansfire-2013/bonus-sessions/. If you are attending the conference, feel free to drop us a line or two about your Sansfire experience and the highlights of the day in the comments below, or let us know via our contact form.


(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

A security flaw in Adobe Flash thought to be repaired in October of 2011 has resurfaced again with a new proof-of-concept hack that can grab video and audio from a user’s computer without getting user authentication. Employing a transparent Flash object on a page to capture a user’s click, the exploit tricks a user into clicking to activate the object. The object can then take control of the camera and microphone regardless of the permissions set by the user.

The exploit was demonstrated by developer Egor Homakov and was based on code by Russian security researcher Oleg Filippov. (Note that the demonstration uses images of scantily-claid women and may not be considered safe for work.)

“This is not a stable exploit (tested on Mac and Chrome. I do use Mac and Chrome so this is a big deal anyway),” Homakov wrote. "Your photo can be saved on our servers but we don't do this in the PoC. (Well, we had an idea to charge $1 for deleting a photo but it would not be fun for you). Donations are welcome though.”

Read 3 remaining paragraphs | Comments

In the week ending 15 June – Business Source, GNOME Classic Mode in RHEL 7, users warned to remove the Debian Multimedia repository, Hetzner hacked, GlassFish 4.0, the BrickPi, and a sophisticated Android trojan

Xen 'ELF' Parser Multiple Security Vulnerabilities

A scan is a sca

n is a scan

One of our readers provided an update this morning to the ISC of an ongoing educational/research scan of the Internet that will be expanding to include further ports and protocols.  While I appreciate the effort and reasoning behind the educational/research scans, using the internet at large may not necessarily be the way to go about this, so I'm asking for input and comment.

The value in data taken from scans of the internet is very real, no doubt, and I applaud the organizations for efforts to inform the Internet community they are doing.  The impact to the organizations is the hidden cost in this scanning and classification effort, however, and I am afraid the research institute may be overlooking this fact.  

In almost every organization with an IDS or IPS you will have a person responsible for the review and analysis of the activity.  However not all Security Analysts out there read the ISC or other sources of security information on a daily basis.  So when the security analysis notices unidentified addresses or services, the effort to classify the activity begins.  This may take an hour sometimes, and from my experience time is always the resource we never have enough of.  This is where the cost is incurred by the end user being scanned.   The time spent to identify and update their internal databases.

One last thought: The vulnerability data collected by these scans would be a gem in the wrong hands, much like the compromise of the database compromised earlier this year which contained a catalog of existing vulnerabilities in US hydroelectric dams.

So thoughts your thoughts, is this the best way to do this?  Is it the only way?


tony d0t carothers @t gmail

(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

InfoSec Institute Opens First Wisconsin Office
PR.com (press release)
Madison, WI, June 15, 2013 --(PR.com)-- Cresa Madison represented InfoSec Institute, Inc. (www.infosecinstitute.com) on a lease transaction for their Madison office space at 2 South Carroll Street in downtown Madison. InfoSec Institute will occupy ...


Australia's banks quietly swatting trojan
Sydney Morning Herald
Australia's banks have been quietly working with a Russian security and forensics firm to swat a nasty banking trojan crafted in the Ukraine that has infected 150,000 Australian PCs since last year. Once installed, the fraud software Carberp waits for ...


A comprehensive list of security terms you should know
A comprehensive glossary of information security terms used in government documents has been updated by the National Institute of Standards and Technology, with more than 200 pages of definitions for words most commonly used in NIST publications.

and more »
Microsoft's surprise launch of Office Mobile for the iPhone today shows that the software giant continues to favor Windows' future over Office's fortune, analysts said today.
Facebook appears to have a new product up its sleeve that it will unveil next week at its headquarters in Menlo Park, California.
Facebook is gearing up for a product announcement on June 20, but isn't saying what it has planned.
Tweeting has become so popular that the Oxford English Dictionary broke one of its own rules to add 'tweet' to its lexicon.
Greater transparency, as well as respect for the Internet's open architecture and multi-stakeholder participation, are needed to help guide discussions around intellectual property policy on the Internet, according to the Internet Society.
Last week's disclosure of massive data collection efforts at the U.S. National Security Agency has generated heated debate in the U.S. and across the world about privacy. The NSA is collecting metadata on U.S. residents' phone calls made on Verizon's network and Internet records from nine Web companies, including Facebook, Google and Microsoft, according to reports in the Guardian and The Washington Post newspapers. But intelligence agencies in other countries have similar goals, according to reports, and in some cases there are few details about what data these governments are collecting.
Facebook and Microsoft each fielded thousands of requests for user data as part of law enforcement investigations from U.S. authorities in the second half of last year, they said late Friday.
The new super high-resolution screens bring beauty, clarity and precision to our work and play, writes columnist Mike Elgan. Are they worth the extra money? Definitely.
Could Samsung's "next big thing" come from the heart of the Big Apple or Silicon Valley?
Rivals Apple and Microsoft bookended the week by revealing productivity tools aimed at the same pool of customers: The millions who own Apple's iPhone.
Internet Storm Center Infocon Status