Posted by InfoSec News on Apr 16


By Bruce Schneier
The Atlantic
April 15, 2013

As the details about the bombings in Boston unfold, it'd be easy to be scared.
It'd be easy to feel powerless and demand that our elected leaders do
something -- anything -- to keep us safe.

It'd be easy, but it'd be wrong. We need to be angry and empathize with the...

Posted by InfoSec News on Apr 16


By Kristina Wong
The Washington Times
April 15, 2013

Defense Secretary Chuck Hagel is canceling the creation of a heroism medal for
drone pilots and cyber warriors, prompted by uproar over its precedence over
the Bronze Star and Purple Heart medals.

Mr. Hagel, who ordered a Pentagon review of the new medal, said Monday: “While
the review...

Posted by InfoSec News on Apr 16


By Seth Rosenblatt
Security & Privacy
April 15, 2013

Peiter "Mudge" Zatko, who was hired three years ago to be a project manager at
the U.S. Department of Defense's research and development division known as
the Defense Advanced Research Projects Agency, has announced via Twitter that
he's returning to the private...

Posted by InfoSec News on Apr 16


By Dan Goodin
Ars Technica
Apr 15 2013

Oracle plans to release an update for the widely exploited Java browser
plugin. The update fixes 39 critical vulnerabilities and introduces changes
designed to make it harder to carry out drive-by attacks on end-user

The update scheduled for Tuesday comes as the security of Java is...

Posted by InfoSec News on Apr 16


By Mathew J. Schwartz
Information Week
April 15, 2013

Attention, WordPress users: If you have a WordPress username set to "admin,"
change it immediately.

That warning was issued Friday by WordPress founder Matt Mullenweg, in the
wake of reports that thousands of WordPress sites with an administrator
username set to "admin"...

Posted by InfoSec News on Apr 18


By Iain Thomson in San Francisco
The Register
17th April 2013

The scummier end of the online community has been quick to use Monday's bombing
of the Boston Marathon as bait for multiple malware dispersals, plus a spot of
old-fashioned online fraud along the way.

Within 24 hours of the blasts, the ISC reported that 234 potentially fake
domains have been...

Posted by InfoSec News on Apr 18


The Baltic Times
Apr 17, 2013

RIGA - Latvian cyber-crime suspect Deniss Calovskis is innocent until proven
guilty, but the charges against him are very serious, U.S. Ambassador to Latvia
Mark Pekala said, commenting on the so-called ‘Riga hacker affair,’ reports

“Taking into account his possible participation in these crimes, Calovskis has
been charged with fraud and large scale...

Posted by InfoSec News on Apr 18


By Antone Gonsalves
April 16, 2013

Cybercriminals are attacking servers hosting WordPress sites in an attempt to
build a potent botnet that would be eerily similar to one used last year to
attack major U.S. financial institutions.

The motives of the latest attackers is not known. However, their tactics
resemble those used to build the...

Posted by InfoSec News on Apr 18


Poughkeepsie Journal
Apr 16, 2013

Central Hudson Gas & Electric Corp.’s president says the company may never be
able to confirm if nearly one-third of its customers’ banking information has
been compromised by a cyber security breach in February.

The utility said in a statement Tuesday that it has completed...

Posted by InfoSec News on Apr 17

Forwarded from: DeepSec Conference <deepsec (at) deepsec.net>

DeepSec 2013 "Seven Seas" - Call for Papers

Dear Researchers, Hackers, Developers, dear Members of the IT-Security
Community: This is our call for papers for DeepSec 2013, the seventh DeepSec
In-Depth Security Conference. Our annual event will take place from November
19th to 22th at the Imperial Riding School Renaissance Hotel in Vienna. It
consists of two days of...

Posted by InfoSec News on Apr 17


By Eric Chabrow
Bank Info Security
April 16, 2013

The rush to find qualified IT security professionals to meet current
cyber-threats could jeopardize IT systems' security in the
not-too-distant future, say two leading IT security experts, Eugene
Spafford and Ron Ross.

Spafford, a Purdue University computer science professor, and Ross, a
leading IT...

Posted by InfoSec News on Apr 17


By Craig Shumard
April 16, 2013

For CISOs, in addition to deciding what policies, processes, or
technology an organization should have in place, an even more
significant challenge is successfully negotiating disputed risk issues.
But, the process for determining risk tolerance is fraught with
organizational politics, and it goes without saying that...

Posted by InfoSec News on Apr 17


By Jack Clark in San Francisco
The Register
17th April 2013

Oracle has issued a critical update patch for Java as the database giant
works to shore up confidence in the widely used code.

The security update fixes 42 security flaws, 19 of which merit a 10
(most severe) rating acording to the CVVS metric the company uses to
evaluate the software. Along with this, Oracle has...

Posted by InfoSec News on Apr 17


The Chosun Ilbo
April 17, 2013

International hackers' collective Anonymous has broken into North Korean
propaganda website Uriminzokkiri again and released the personal
information of about 100 more subscribers on Tuesday. The hackers
earlier released the personal information of thousands of subscribers to
the website.

The group said it had hacked five North...

Posted by InfoSec News on Apr 18


By Dan Goodin
Ars Technica
Apr 17 2013

Coordinated attacks used to knock websites offline grew meaner and more
powerful in the past three months, with an eight-fold increase in the average
amount of junk traffic used to take sites down, according to a company that
helps customers weather the so-called distributed denial-of-service...
Microsoft Excel CVE-2012-1886 Memory Corruption Remote Code Execution Vulnerability
Microsoft Capicom ActiveX Control Remote Code Execution Vulnerability
Multiple Microsoft Product Gopher Client Buffer Overflow Vulnerability
Blackstone Group has given up its bid for Dell, less than a month after the private-equity fund manager said it was planning to top an offer from founder Michael Dell and private-equity firm Silver Lake Partners, according to news reports.
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Any deal by IBM to sell parts of its server business to Lenovo is likely to focus on low-end commodity x86 hardware, not higher-end x86 systems such as IBM's PureSystems and iDataPlex servers, an industry analyst said Thursday.
Google's core product may always be search, but the company is just as serious about providing in-the-moment information to users with emerging technologies such as Google Now, self-driving cars and Glass, CEO Larry Page signaled on Thursday.
Apricorn's Aegis Bio 3.0 pairs solid performance with enhanced security features to create a nice, all-around external hard drive. The Aegis Bio harnesses biometrics to make sure you (and only you) have access to your data.
Unable to close a number of large mainframe and software deals by the end of the quarter, IBM has reported a 5 percent decline in revenue to US$23.4 billion for the first quarter of 2013.
Oracle Java SE Remote Heap Buffer Overflow Vulnerability
Oracle Java SE CVE-2013-2414 Remote Java Runtime Environment Vulnerability
Oracle Java SE CVE-2013-2423 Remote Java Runtime Environment Vulnerability
Oracle Java SE CVE-2013-1564 Remote Java Runtime Environment Vulnerability
Oracle Java SE CVE-2013-2427 Remote Java Runtime Environment Vulnerability
Oracle Java SE CVE-2013-2431 Remote Java Runtime Environment Vulnerability

SANS looks to streamline the hunt for infosec talent
Infosecurity Magazine
Faced with an age of unprecedented growth and scope of cyberthreats, the Information Security Forum (ISF) has reached an agreement with the (ISC)² to provide its extensive research library for use in development of (ISC)² examinations and official ...


Austin Chronicle (blog)

Hack to the Future: InfoSec Southwest conference runs April 19-21
Austin Chronicle (blog)
So it's fitting that the InfoSec Southwest conference is going on this weekend at the Austin Convention Center. Lectures are slated to include such topics as cracking corporate passwords, the state of cyber intelligence, and more on malware, DDoS ...

The race to make the most advanced chips for smartphones and tablets is gaining steam, with contract chip manufacturer TSMC hastening implementation of its latest manufacturing technology to close a chip-making advantage long held by Intel.
Microsoft increased revenue across all its divisions in its third fiscal quarter, achieving an almost 20 percent revenue increase year on year.
Advanced Micro Devices reported a 31 percent drop in revenue for the first quarter as it continues to battle a weak PC market and lackluster demand for its chips.
Google's first-quarter revenue rose by 31 percent to about $14 billion, driven by strong gains within the company's advertising business.
The U.S. Senate has moved toward a vote to impose sales tax on most Internet purchases, with lawmakers likely to vote to close debate on legislation next week.
U.S. mobile operators will warn subscribers when they're heading toward a big bill, after most carriers agreed to send email or text alerts when users are about to exceed their monthly usage limits or start using international roaming.
Big Yellow's annual report indicates a threefold rise in targeted attacks against SMBs as attackers search beyond big firms for susceptible targets.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google

Earlier this money, Lenny released version 4 of REMnux, a lightweight Ubuntu Linux-based distro for analyzing malware.  It was recently reviewed on Hak5.  Take a look and if you haven't already, download the image and send Lenny your feedback.

John Bambenek
bambenek \at\ gmail /dot/ com
Bambenek Consulting

(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.


John Bambenek

bambenek \at\ gmail /dot/ com

Bambenek Consulting

(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
NASA's Kepler space telescope has found two planets that are perfectly sized and positioned to potentially hold life
Apple sold approximately 38 million iPhones in the first quarter, an 8% increase over what it sold in the same quarter a year ago, an ISI Group analyst said today. Other analysts pegged the sales number at 35 million.
Yahoo has released two new mobile apps, for weather and email, suggesting the company may be on track toward delivering on its promise of offering users a range of new mobile products over the next several months.
The new National Digital Public Library will initially contain 2.4 million digital records, including historical images, video and audio that had previously been siloed in public and private institutions.
Security researchers from Russian cybercrime investigations company Groub-IB have recently identified a new piece of malware designed to steal login credentials from specialized software used to trade stocks and other securities online.
Beginning in Mountain Lion, OS X features social media integration options with both Twitter and Facebook, letting you post to the services from the OS itself, as well as sync contacts.
Think you'll make a bundle when you put your Explorer Edition of Google Glass up for grabs on eBay? Think again.
Verizon Communications reported an increase in revenue and a double-digit spike in net income for the first quarter of 2013, compared to a year earlier, driven largely by gains in mobile customers and in revenue from its Fios service.
The recent analysis from IDC that 2013's first-quarter PC sales have declined by 14% year over year lays the blame at the feet of Windows 8. Do you think their assessment was correct?
The U.S. House of Representatives has voted to approve a controversial cyberthreat information-sharing bill, despite opposition from the White House and several privacy and digital rights groups.
CVE-2013-2504 : Matrix42 Service Desk XSS
Oracle Java SE CVE-2013-2426 Remote Java Runtime Environment Vulnerability

Over the past 48 hours, Internet security forums have buzzed with news about a newly discovered technique that allows crackers to make an impressive 3 million guesses per second when trying to find the passcode that unlocks the contents of the widely used 1Password password manager.

The optimization, devised by the developer of the oclHashcat-plus password cracking tool, achieved guessing speeds that were, depending on whom you are asking, from two to four times faster than expected. Its discovery was surprising, mainly because it relies in part on a subtle design flaw that until now has been overlooked.

Cryptographers disagree about whether the weakness resides in the popular cryptographic hash function folded into 1Password or the specific implementation contained in 1Password. Either way, the designers of 1Password are smart people who do cryptography right, so the flaw has turned heads. And while even a four-fold reduction in the time it takes to exhaust a cracking attack isn't earth-shattering, it's still significant, considering how many people use 1Password to store the keys to their digital kingdoms.

Read 16 remaining paragraphs | Comments

Oracle Java SE CVE-2013-1518 Remote Java Runtime Environment Vulnerability
Oracle Java SE CVE-2013-2415 Remote Java Runtime Environment Vulnerability
[SECURITY] [DSA 2662-1] xen security update
[SECURITY] [DSA 2661-1] xorg-server security update
Microsoft last week filed a patent application for a new method of browsing through open windows on the desktop that builds on an older, now-abandoned feature in Windows Vista and Windows 7.
Shaw reviews BlackBerry's Z10 smartphone.
You might not know BroadSoft if you're not in thetelecommunications space. But if you use a hosted unifiedcommunications service from a provider like Verizon, Swisscom, or any of about 500 othertelcos around the world, you may be a BroadSoft customer withoutrealizing it.
Twitter today is releasing a service that the social network hopes will change how people find music and artists.
VUPEN Security Research - Oracle Java JavaFX Video Frame Decoding Remote Heap Overflow (Pwn2Own 2013)
DC4420 - London DEFCON - April meet - Tuesday 23rd April 2013
Cisco Security Advisory: Cisco Network Admission Control Manager SQL Injection Vulnerability
SEC Consult SA-20130417-2 :: HTTP header injection/Cache poisoning in Oracle WebCenter Sites Satellite Server
Everybody knows data warehousing is big data. But when you want to understand what's really going on with your customers' social interactions, terabytes may seem small. It's a laborious process, but the insight it provides can reap big rewards.
SAP will announce its first-quarter 2013 earnings on Friday, a report that will get heavy scrutiny from company watchers. Here's a look at some of the more important topics that should come up during SAP executives' conference calls with press and analysts on Friday.
The FreeBSD Foundation and Google are funding developer Pawel Jakub Dawidek to further improve the open source Capsicum framework. Capsicum aims to give thin-client operating systems like Google's Chrome OS a robust security model

PHP Address Book Multiple SQL Injection Vulnerabilities
Google received an ultimatum Thursday from German consumer organizations that want it to start answering questions from its users via email.
Oracle Java SE CVE-2013-2424 Remote Java Runtime Environment Vulnerability
Oracle Java SE CVE-2013-2420 Remote Java Runtime Environment Vulnerability
When a customer controls cloud-deployed applications, the software-licensing issues can get complicated.
LinuxSecurity.com: Updated kernel packages that fix several security issues and three bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate [More...]
LinuxSecurity.com: Updated kernel packages that fix two security issues and several bugs are now available for Red Hat Enterprise Linux 6.2 Extended Update Support. The Red Hat Security Response Team has rated this update as having [More...]
LinuxSecurity.com: Updated krb5 packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate [More...]
LinuxSecurity.com: Samba would allow unintended write access to files over the network.
LinuxSecurity.com: Multiple cross-site scripting (XSS) vulnerabilities in tbl_gis_visualization.php in phpMyAdmin 3.5.x before 3.5.8 might allow remote attackers to inject arbitrary web script or HTML via the (1) visualizationSettings[width] or (2) visualizationSettings[height] parameter (CVE-2013-1937). [More...]
LinuxSecurity.com: The X server could be made to reveal keystrokes of other users.
LinuxSecurity.com: Updated icedtea-web packages that fix two security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate [More...]
LinuxSecurity.com: David Airlie and Peter Hutterer of Red Hat discovered that xorg-server, the Xorg X server was vulnerable to an information disclosure flaw related to input handling and devices hotplug. [More...]
LinuxSecurity.com: Updated java-1.7.0-openjdk packages that fix various security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having critical [More...]
LinuxSecurity.com: Updated java-1.7.0-openjdk packages that fix various security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having [More...]
Oracle Java SE CVE-2013-2383 Remote Java Runtime Environment Vulnerability
The U.S. House of Representatives moved closer toward passage of the Cyber Intelligence Sharing and Protection Act (CISPA), despite concerns that the cyberthreat information-sharing bill will allow Web-based companies to share a wide amount of customer information with government agencies.
Oracle WebCenter Sites CVE-2013-1509 HTTP Header Injection Vulnerability
Nokia's sales of smartphones running Windows Phone continued to grow in the first quarter, and its net loss shrank year on year, even as overall revenue declined.
Thirteen popular home and small office routers contain security problems that could allow a hacker to snoop or modify network traffic, according to new research.
Google is acquiring iProvo, a fiber-optic network owned by the city of Provo, Utah, as part of a plan to introduce its high-speed broadband network called Google Fiber there.
Oracle has fixed 128 security holes across its product range, excluding the Java patches it had delivered earlier. The updates include two vulnerabilities with a score of 10 according to the Common Vulnerability Scoring System (CVSS2)


Becrypt showcases latest innovations for secure tablets and virtual desktops ...
SourceWire (press release)
London, UK, 18 April 2013 - Becrypt, the market leading supplier of cyber security solutions to UK central and local government, Ministry of Defence and the corporate sector will be showcasing two new products on Stand G40 at InfoSec Europe 2013 - DISK ...

Freefloat FTP Server 'USER' Command Buffer Overflow Vulnerability
The largest Bitcoin exchange in the U.S., BitFloor, has closed again, this time due to issues with its bank account, according to its founder.
Oracle Java SE CVE-2013-2419 Remote Code Execution Vulnerability
MIT Kerberos CVE-2013-1416 NULL Pointer Dereference Denial of Service Vulnerability
Internet Storm Center Infocon Status