Hackin9
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
Revelations about U.S. National Security Agency snooping have made some buyers outside the U.S. think twice about public clouds, placing a drag on one of the world's biggest technology trends, the head of Hewlett-Packard's enterprise group said.
 
You'd be forgiven for thinking Amazon CEO Jeff Bezos wants to compete with other phone makers with his company's new Fire smartphone. But forget the multiple cameras and pretty 3-D-like effects, the device is really about selling more stuff.
 

How infosec gained primacy with ANZ Bank execs: cyber-security head
CSO Magazine
Senior bank executives are more aware of and responsive to the growing cyber security threat than ever – and are investing to proactively address it, according to the ANZ Banking Group's global cyber-security head. The change had been driven not only ...

and more »
 
Many of the most popular mobile apps look set to be available on Amazon's new Fire smartphone when it launches on July 25.
 
With its new Fire Phone, Amazon is primarily interested in connecting to its 250 million Amazon and Prime customers with a phone that makes it quick and easy to shop over the Web.
 
Google is well-known for building its own server hardware to meet the unique needs of its massive compute network, but that won't always be the case, the head of its infrastructure team said Wednesday.
 
No one at Apple's headquarters will be losing sleep over whether the new Amazon Fire will snatch market share from the iPhone, analysts said.
 

A code-hosting service that boasted having a full recovery plan has abruptly closed after someone gained unauthorized access to its Amazon Web Service account and deleted most of the customer data there.

Wednesday's demise of Code Spaces is a cautionary tale, not just for services in the business of storing sensitive data, but also for end users who entrust their most valuable assets to such services. Within the span of 12 hours, the service experienced the permanent destruction of most Apache Subversion repositories and Elastic Block Store volumes and all of the service's virtual machines. With no way to restore the data, Code Spaces officials said they were winding down the operation and helping customers migrate any remaining data to other services.

"Code Spaces will not be able to operate beyond this point," a note left on the front page of codespaces.com said. "The cost of resolving this issue to date and the expected cost of refunding customers who have been left without the service they paid for will put Code Spaces in a[n] irreversible position both financially and in terms of on going credibility. As such at this point in time we have no alternative but to cease trading and concentrate on supporting our affected customers in exporting any remaining data they have left with us."

Read 4 remaining paragraphs | Comments

 
Microsoft Internet Explorer CVE-2014-0282 Remote Memory Corruption Vulnerability
 
Hiring at companies that are mostly users of technology is on the rise, according to Computer Economics.
 
PetPace's new smart collar is making it easier for veterinarians to track the well-being of pets and keep in touch with owners.
 
Jobs at many IT departments have been primarily about maintenance -- handling crashed email systems, ever-expanding security perimeters and users who bringing their own devices to the office
 
A Missouri escrow firm that lost $440,000 in a 2010 cyberheist cannot hold its bank responsible for the loss an appeals court said this week affirming a lower court's previous ruling on the issue.
 
Amazon unveiled its highly anticipated entry into the smartphone market Wednesday, a handset called "Fire."
 
NullCrew's Twitter feed gives Timothy French and a fellow NullCrew member a fitting sendoff—calling them "skids."

Continuing variations on a theme, the FBI has arrested yet another alleged “hacktivist” based on information provided by a confidential informant. This time, FBI agents from the bureau’s Chicago field office nabbed Timothy Justin French, who the Justice Department claims was a member of a group called NullCrew. Another alleged NullCrew member, a juvenile offender, was arrested by the Royal Canadian Mounted Police based on information passed by the FBI.

Based on a statement from a member of NullCrew who remains at large, the arrests weren’t a big surprise. Calling French and the other hacker “skids” (script kiddies), the NullCrew member mocked their poor operational security and failure to cover their own digital tracks. And in a reference to the LulzSec case, the poster said that French missed “what should’ve been the most fucking obvious thing ever: don't let just any asshole in the crew, and don't give them the keys to the fucking kingdom. The FBI got someone to get you fuckers, and you deserved it. I've already taken care of that little problem—if it walks like Sabu and talks like Sabu...”

French, who the FBI claims is known by the usernames “Orbit,” “crysis,” and a number of other IRC, Skype, and Twitter handles, was arrested on June 11 at his home in Morristown, Tennessee. He is accused, along with other members of NullCrew, of launching “computer attacks that resulted in the release of computer data and information, including thousands of username and password combinations,” according to a statement issued by the Justice Department.

Read 3 remaining paragraphs | Comments

 
A Nokia building in Finland.

Finnish law enforcement is currently investigating a blackmail case involving Nokia and an unknown person, according to local media.

On Tuesday, MTV News in Finland reported for the first time that in 2007, Nokia paid millions of euros to someone who had acquired the Symbian encryption signing key to prevent its distribution. If released, that key would have allowed Nokia phones to accept non-authorized applications. At the time, Nokia was the world’s leading smartphone manufacturer.

After receiving the ransom demand, Nokia informed the National Bureau of Investigation, which appears to have orchestrated a surveillance operation. Nokia paid the multi-million euro ransom in cash, left in a bag at a parking lot near the Särkänniemi amusement park in the city of Tampere. As MTV News reported, “Police, however, lost track of the blackmailer and the money was gone. The case is still unsolved.”

Read 2 remaining paragraphs | Comments

 
Facebook has taken networking into its own hands, building a switch to link servers inside its data centers, and wants to make the platform available to others.
 
Breaking with other players in the IT industry, Amazon's CTO has downplayed any impact of the Edward Snowden revelations on its international business.
 
An unknown person or group reportedly stole the cryptographic key used by Nokia to digitally sign applications for Symbian OS and extorted millions of euros from the company in 2007 by threatening to make the key public.
 
Intel is stepping up its efforts to build custom chips for online giants like eBay and Facebook, giving them a boost in performance and, Intel hopes, another reason to keep buying its microprocessors.
 
The Internet has so far delivered mostly bad news to the U.S. Postal Service, but the agency now hopes an emerging Web application -- the Internet of Things -- can help it improve efficiency.
 
Amazon CEO Jeff Bezos today unveiled the online retailer's latest foray into hardware: A new smartphone called the Fire phone.
 
Amazon unveiled its highly anticipated entry into the smartphone market Wednesday, a handset called "Fire."
 

People will happily run malware if paid ONE CENT – new study
Register
The presence of malware actually increased on machines running the latest patches and infosec tools in what was described as an indication of users' false sense of security. Users completing the tasks told a subsequent questionnaire they were conscious ...

and more »
 
Apple today added a new entry-level iMac to its line, pricing it 15% lower than the previous cheapest model but dramatically scaling back the all-in-one's performance/
 
One of the affected Synology devices.
Synology

A hacker generated digital coins worth more than $620,000 by hijacking a popular type of Internet-connected storage device from Synology, security researchers said.

The incident, which was documented in a research report published Tuesday by Dell SecureWorks, is only the latest hack to steal other people's computing resources to perform the computationally intense process of digital currency mining. The cryptographic operations behind the process often draw large amounts of power and produce lots of heat. People looking to acquire a large war chest of digital coins typically must pour large amounts of money and effort into the endeavor. One way malicious actors get by this requirement is by compromising large numbers of devices operated by other people. The devices then perform the work at the expense of the unsuspecting end users and pass on the proceeds to the attacker.

According to researchers from SecureWorks Counter Threat Unit, the attackers exploited four separate vulnerabilities contained in the software of Synology network-attached storage boxes. The vulnerabilities were documented in September and fixed in February by Synology. By then, large numbers of people began complaining their Synology devices were running sluggishly and extremely hot. It turns out that at least some of them were running software that mined large sums of the Dogecoin cryptocurrency.

Read 5 remaining paragraphs | Comments

 

AT&T has begun mailing out letters to customers affected by a data breach that allowed employees of a “service provider” to access customer account information, including customers’ dates of birth and Social Security numbers. The data was exposed in April through a system used to obtain unlocking codes for used AT&T phones for resale, according to the letter, which has been posted by California’s Office of the Attorney General.

“We recently determined that employees of one of our service providers violated our strict privacy and security guidelines by accessing your account without authorization between April 9 and 21, 2014, and while doing so would have been able to view your social security number and possibly your date of birth…," notes the letter. "Additionally, while in your account, these individuals would also have been able to view your Customer Proprietary Network Information (CPNI).”

CPNI data includes the information usually visible on a phone bill—including call activity metadata.

Read 3 remaining paragraphs | Comments

 
WordPress Featured Comments Plugin Cross Site Request Forgery Vulnerability
 
Secunia CSI/VIM - Filter Bypass & Persistent Validation Vulnerabilities
 
Microsoft had warned customers that its malware detection engine, used in a wide range of its products, could be disabled if an attacker sent a malformed file as an email attachment.
 
The BlackBerry 10 OS will soon have Amazon's Android app store built-in, in a bid to increase the number of apps available on the smartphone and allow BlackBerry to focus on enterprise software as it tries to stay afloat.
 
Red Hat is filling out its OpenStack portfolio by acquiring eNovance, a provider of integration services, for approximately $95 million in cash and stock.
 
SAP Supplier Relationship Management 'umTestSSO.jsp' Open Redirection Vulnerability
 
ppc64-diag CVE-2014-4038 Multiple Race Condition Vulnerabilities
 
Paypal Inc Bug Bounty #36 - SecurityKey Card Serialnumber Module Vulnerability
 
Acer named one of its co-founders, George Huang, to the post of company chairman as the Taiwanese PC maker battles to become a force in mobile devices and software.
 
There are multiple approaches to load testing your website, but one thing is certain: Organizations that fail to see how their sites will handle sudden surges in traffic do so at their own risk.
 
Thanks to high-profile computer security scares such as the Heartbleed vulnerability and the Target data breach , and to the allegations leveled at the government and cloud providers by Edward Snowden, more of us Internet users are wising up about the security of our information. One of the smarter moves we can make to protect ourselves is to use a password manager. It's one of the easiest too.
 
LinuxSecurity.com: Several security issues were fixed in OpenStack Nova.
 
LinuxSecurity.com: Security Report Summary
 
LinuxSecurity.com: Security Report Summary
 
LinuxSecurity.com: An attacker could trick APT into installing altered source packages.
 
Samsung Electronics has launched a new version of the Galaxy S5 with an upgraded screen and faster processor, but for now it is only available in South Korea.
 
The Irish High Court has referred to a 14-year-old agreement governing the exchange of personal data between the European Union and the U.S. to the EU's top court.
 
Linux Kernel CVE-2014-4014 Local Privilege Escalation Vulnerability
 
Multiple SQL Injection Vulnerabilities in web2Project
 
SQL Injection in Dolphin
 

After traveling around the past few months in various countries it looks like getting rid of Windows XP is going to take quite a while.  It is probably due to the fact that it has expired that I noticed it more than usual, but XP is certainly everywhere.  You see it at airports on display boards, Point of Sale systems. In one overseas country the computers in customs as well as the railway displays and control systems and hospitals. 

Having obsolete operating systems in a corporate environment is bad enough, there are still many organisations that utilise XP internally.  However as part of critical infrastructure it worries me slightly more.  Now most of us can't do much outside of our little sphere of influence, but it is time for the operating system to go.  

So if junior needs something to do over the next few weeks set them a challenge. Identify all remaining XP devices connected to the network.  Categorise them into real XP and embedded XP ( Still some support available for those).  Then develop a strategy to get rid of them.  

If getting rid of them is not an option and there will those of you in that situation, at least look for ways of protecting them a bit better. Consider network segmentation, application whitelisting, endpoint solutions (some will still work on XP).  As an absolute minimum at least know where they are and how they are being used.

Seek, identify and remove away.

Mark H  

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 

An update was released today addressing the OpenSSL issues in VMWare products. Libraries have been updated to 0.9.8za and 1.0.1h to fix issues.   

You'll want to evaluate and apply the updates as appropriate.  

Mark H

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
Lynis CVE-2014-3982 Symlink Vulnerability
 
Djblets 'json_dumps()' Function HTML Injection Vulnerability
 
[security bulletin] HPSBMU03048 rev.1 - HP Software Executive Scorecard, Remote Execution of Code, Directory Traversal
 
A data breach like the one recently reported by AT&T demonstrates that security policies alone are only a paper tiger without the technological teeth to make sure they are enforced, experts say.
 
Mining personal data to deliver targeted ads is the lifeblood of Google's business -- and of many other online firms. But what if that data dries up at the source?
 
[security bulletin] HPSBUX03046 SSRT101590 rev.2 - HP-UX Running OpenSSL, Remote Denial of Service (DoS), Code Execution, Security Restriction Bypass, Disclosure of Information, or Unauthorized Access
 
[SECURITY] [DSA 2963-1] lucene-solr security update
 
[SECURITY] [DSA 2962-1] nspr security update
 
Tablets haven't killed off the PC market, which is about to return from a downturn.
 
Long espoused in educational circles, intelligent software that tailors training to the individual learner is catching on in corporations.
 
Growing demand for flash continues to rock enterprise storage, with NetApp becoming the latest big vendor to shape a new product around the high-speed media.
 
Apple's tight vetting of mobile applications gives it a security edge over Android, but there are still several ways for attackers to steal data from iOS devices, a mobile security company warned in a report Tuesday.
 
Moscow-based Elcomsoft has developed a tool to collect iCloud backup files without knowing a person's Apple ID, a development intended to help law enforcement analyze seized computers.
 
iodine Authentication Bypass Vulnerability
 
Proxmox VE 'AccessControl.pm' User Enumeration Vulnerability
 
OpenStack Neutron L3-agent Remote Denial of Service Vulnerability
 
Internet Storm Center Infocon Status