Information Security News
REMINDER/ Lookingglass to Moderate Panel at Suits and Spooks La Jolla 2013
Wall Street Journal (press release)
The event will consist of a combination of plenary and break-out sessions and include representatives from the FBI, NCIS, DOD, academia and cutting edge INFOSEC startups. Suits and Spooks La Jolla: "All-Source Intelligence: Actual Versus Perceived ...
SANSFIRE 2013 is getting underway in Washington DC. Traditionally, Sansfire is the "ISC Handlers' conference", where many of us attend, teach classes, and give talks on current security trends and research results. Starting today (Monday Jun 17), we are hosting several bonus sessions, including the "State of the Internet" panel discussion on Monday evening. For a full list of the sessions lined up throughout the week, see here: https://www.sans.org/event/sansfire-2013/bonus-sessions/. If you are attending the conference, feel free to drop us a line or two about your Sansfire experience and the highlights of the day in the comments below, or let us know via our contact form.
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
by Sean Gallagher
A security flaw in Adobe Flash thought to be repaired in October of 2011 has resurfaced again with a new proof-of-concept hack that can grab video and audio from a user’s computer without getting user authentication. Employing a transparent Flash object on a page to capture a user’s click, the exploit tricks a user into clicking to activate the object. The object can then take control of the camera and microphone regardless of the permissions set by the user.
The exploit was demonstrated by developer Egor Homakov and was based on code by Russian security researcher Oleg Filippov. (Note that the demonstration uses images of scantily-claid women and may not be considered safe for work.)
“This is not a stable exploit (tested on Mac and Chrome. I do use Mac and Chrome so this is a big deal anyway),” Homakov wrote. "Your photo can be saved on our servers but we don't do this in the PoC. (Well, we had an idea to charge $1 for deleting a photo but it would not be fun for you). Donations are welcome though.”
A scan is a sca
n is a scan
One of our readers provided an update this morning to the ISC of an ongoing educational/research scan of the Internet that will be expanding to include further ports and protocols. While I appreciate the effort and reasoning behind the educational/research scans, using the internet at large may not necessarily be the way to go about this, so I'm asking for input and comment.
The value in data taken from scans of the internet is very real, no doubt, and I applaud the organizations for efforts to inform the Internet community they are doing. The impact to the organizations is the hidden cost in this scanning and classification effort, however, and I am afraid the research institute may be overlooking this fact.
In almost every organization with an IDS or IPS you will have a person responsible for the review and analysis of the activity. However not all Security Analysts out there read the ISC or other sources of security information on a daily basis. So when the security analysis notices unidentified addresses or services, the effort to classify the activity begins. This may take an hour sometimes, and from my experience time is always the resource we never have enough of. This is where the cost is incurred by the end user being scanned. The time spent to identify and update their internal databases.
One last thought: The vulnerability data collected by these scans would be a gem in the wrong hands, much like the compromise of the database compromised earlier this year which contained a catalog of existing vulnerabilities in US hydroelectric dams.
So thoughts your thoughts, is this the best way to do this? Is it the only way?
tony d0t carothers @t gmail(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
InfoSec Institute Opens First Wisconsin Office
PR.com (press release)
Madison, WI, June 15, 2013 --(PR.com)-- Cresa Madison represented InfoSec Institute, Inc. (www.infosecinstitute.com) on a lease transaction for their Madison office space at 2 South Carroll Street in downtown Madison. InfoSec Institute will occupy ...
Australia's banks quietly swatting trojan
Sydney Morning Herald
Australia's banks have been quietly working with a Russian security and forensics firm to swat a nasty banking trojan crafted in the Ukraine that has infected 150,000 Australian PCs since last year. Once installed, the fraud software Carberp waits for ...
A comprehensive list of security terms you should know
A comprehensive glossary of information security terms used in government documents has been updated by the National Institute of Standards and Technology, with more than 200 pages of definitions for words most commonly used in NIST publications.