Hackin9

Software engineer and Iowa State computer science student Josh Davis has created a website dedicated to comparing how online services employ (or don't employ) two-factor authentication.

Every day we entrust our private information—whether it be credit card numbers, e-mails, or other data stored on personal accounts—to any number of Web-based services. And comparing security across a swath of websites can be a time-munching chore for even the most experienced consumer. Davis' new site, twofactorauth.org, hopes to make those decisions easier.

Davis wrote in a blog post over the weekend that after the high-profile hijacking of Naoki Hiroshima's valuable @N Twitter handle, he decided to transfer his domains to a new registrar. He noticed how hard it was to find information on which services used two-factor authentication and which didn't.

Read 5 remaining paragraphs | Comments

 
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
 
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1511 Security Bypass Vulnerability
 
LinuxSecurity.com: Updated php packages that fix two security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Critical [More...]
 
LinuxSecurity.com: Updated php packages that fix one security issue are now available for Red Hat Enterprise Linux 5.3 and 5.6 Long Life, and Red Hat Enterprise Linux 5.9 Extended Update Support. [More...]
 
LinuxSecurity.com: Firefox could be made to crash or run programs as your login if itopened a malicious website.
 
LinuxSecurity.com: An updated mutt package that fixes one security issue is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having [More...]
 
LinuxSecurity.com: Updated samba packages that fix three security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Moderate [More...]
 
LinuxSecurity.com: Updated ruby193-rubygem-actionpack packages that fix two security issues are now available for Red Hat Software Collections 1. The Red Hat Security Response Team has rated this update as having Moderate [More...]
 
LinuxSecurity.com: Security Report Summary
 
LinuxSecurity.com: Updated udisks packages fixes security vulnerability: A flaw was found in the way udisks and udisks2 handled long path names. A malicious, local user could use this flaw to create a specially-crafted directory structure that could lead to arbitrary [More...]
 
LinuxSecurity.com: Updated x2goserver package fixes security vulnerability: A vulnerability in x2goserver before 4.0.0.2 in the setgid wrapper x2gosqlitewrapper.c, which does not hardcode an internal path to x2gosqlitewrapper.pl, allowing a remote attacker to change that [More...]
 

Google's stated policy for apps on its Google Glass head-mounted hardware is that apps aren't allowed to take photographs when the display is turned off. But it turns out there's nothing actually enforcing this policy. Two California Polytechnic students built an app that converts Glass into a spy camera, taking a photo every 10 seconds without any visible indication to the user, reports Forbes.

The app, built by graduate researchers Mike Lady and Kim Paterson, masquerades as a legitimate piece of note-taking software, albeit with the decidedly illegitimate name of Malnotes. It captures images of whatever the Glass wearer is looking at and uploads them to the Internet. The pair notes that although this violates the Glass terms of service, those terms of service have no actual enforcement in the Glass software.

They aren't sure if they could get the app into Google's curated MyGlass app store. They did manage to get it into the relatively wild Google Play app store, but when their professor tweeted about their work, they decided not to bother trying to submit it to the more restrictive storefront. Google has subsequently removed the app.

Read 5 remaining paragraphs | Comments

 
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1514 Out of Bounds Memory Corruption Vulnerability
 
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1513 Out of Bounds Memory Corruption Vulnerability
 
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1512 Remote Code Execution Vulnerability
 
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1510 Privilege Escalation Vulnerability
 
Oracle's third-quarter revenue rose 4 percent to US$9.3 billion while net income increased 2 percent to $2.6 billion, buoyed by growth in new software licenses and cloud subscriptions as well as a long-anticipated rise in hardware product revenue.
 
Apple today replaced the iPad 2 with 2012's fourth-generation Retina iPad as its lowest-priced tablet, a likely reaction to both pressure from cheap Android tablets and the advanced age of the iPad 2.
 
If you didn't think wearables were going to be big, think again. Google and Samsung are among the biggest players in this emerging tech field and both just made new wearable app developer announcements.
 
Verizon Communications is forcing customers in southern California to move from traditional telephone service to voice over IP or wireless services, a consumer advocacy group has said in a complaint filed with the state.
 
The former CIO for Oregon's troubled health care insurance website is alleging that state officials engaged in a "substantial cover-up" meant to deflect blame away from themselves and onto herself and the project's contractor, Oracle.
 
Google and Viacom have settled a 2007 lawsuit in which Viacom originally demanded US$1 billion from Google for what it said was massive copyright infringement on YouTube.
 
Most CIOs -- and other C-suite executives have at least a LinkedIn profile, but social media requires much more these days. LinkedIn, Facebook, Twitter and others are no longer exclusively personal, but also reflective of your role in the larger organization.
 
MIT researchers have created a soft, autonomous robotic fish that can change direction in a fraction of a second -- nearly as fast as a real fish can.
 
Apple today unveiled an 8GB iPhone 5C that costs between 8% and 9% less than the previous lowest-priced model with 16GB of storage space.
 
Google has kicked off an effort to bring Android to wearable devices, reminding everyone that the OS is not just for tablets and smartphones.
 
Google and Cisco are teaming up in the enterprise collaboration market, bundling WebEx with Chromebooks and integrating the Cisco Web conferencing and online meeting product with Google Apps.
 

Researchers have documented an ongoing criminal operation infecting more than 10,000 Unix and Linux servers with malware that sends spam and redirects end users to malicious Web pages.

Windigo, as the attack campaign has been dubbed, has been active since 2011 and has compromised systems belonging to the Linux Foundation's kernel.org and the developers of the cPanel Web hosting control panel, according to a detailed report published Tuesday by researchers from antivirus provider Eset. During its 36-month run, Windigo has compromised more than 25,000 servers with robust malware that sends more than 35 million spam messages a day and exposes Windows-based Web visitors to drive-by malware attacks. It also feeds people running any type of computer banner ads for porn services.

The Eset researchers, who have been instrumental in uncovering similar campaigns compromising large numbers of servers running the nginx, Lighttpd, and Apache Web servers, said the latest campaign has the potential to inflict significant harm on the Internet at large. They explained:

Read 9 remaining paragraphs | Comments

 
Vodafone and pharmaceutical company AstraZeneca have teamed up to provide mobile health services for improving treatment of cardiovascular conditions.
 
HP-UX Remote Line Printer Daemon Logic Flaw Vulnerability
 
2014 World Conference on IST - Madeira Island, April 15-17
 
Microsoft Forefront Protection for Exchange Server detected a virus
 
Microsoft will announce Office apps for Apple's iPad on March 27, according to a pair of reports Monday.
 
Hewlett-Packard has updated its Application Lifecycle Management (ALM) suite to accommodate the ever-quickening pace of today's software programming teams.
 
The coffee purveyor has indicated it wants to move in that direction. But so do other companies, and they all have some hurdles to overcome.
 

Social engineering threat tops infosec risks: ASD
iT News
Social engineering remains the greatest security threat to Australian government agencies, according to the 2014 Australian Government Information Security Manual (ISM), which was published this week. The manual highlights the increasing sophistication ...

 

There are two events I'm interested in following up at the moment.  A few reports mentioned that scans to destination port 5000 seem to be popular at the moment. (https://isc.sans.edu/port.html?port=5000).  So if you have a few spare packets that would be great.  In this instance I'm not looking for log records only pcaps.  

Another reader mentioned scans from source port 6000 going to numerous ports on their infrastructure, but from different IP addresses. eg.  IP address A  scanning target 1089-1099.  IP address B scanning target 1100-1110, etc.  If you have log records or packets for trafic from source port 6000 to multiple ports or IP addresses in your environment I'd be interested in taking a look.  

We've seen both of these previously, but certainly like to see if it is the same or something different.  

Thanks

Mark H 

(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
Wireshark M3UA Dissector CVE-2014-2282 Denial of Service Vulnerability
 
With technology the cornerstone of most businesses, the lines are blurring between IT and operations -- leading some IT pros to think of COO as their title of choice.
 
Lenovo will send a memo to its server sales team on Tuesday, urging them to ignore the 'uncertainty and doubt' its rivals are sowing over its acquisition of the IBM server division.
 
Failed Bitcoin exchange Mt. Gox is allowing users to log in to their accounts once again, nearly three weeks after it filed for bankruptcy protection.
 
Quantum computing holds huge promise, and scientists say it could eventually surpass classic supercomputers for tackling enormous calculations, like cryptography and finding planets. But there's debate over whether quantum computers truly exist. Google and NASA are testing one.
 

Posted by InfoSec News on Mar 18

http://www.computerworld.com/s/article/9247017/Court_approves_first_of_its_kind_data_breach_settlement

By Jaikumar Vijayan
Computerworld
March 17, 2014

Courts have generally tended to dismiss consumer class-action lawsuits
filed against companies that suffer data breaches if victims can't show
that the the breach directly caused a financial hit.

A federal court in Florida broke the mold by approving a $3 million
settlement for victims...
 

Posted by InfoSec News on Mar 18

http://www.japantoday.com/category/crime/view/japan-holds-first-full-cybersecurity-drill

By Tim Kelly and Nobuhiro Kubo
Japan Today
March 18, 2014

TOKYO -- Japan held a full-on cyberattack across government departments on
Tuesday in a drill aimed at bolstering national security as the country
gears up to host the 2020 Olympics.

Japan is following the lead of Britain, which invited ethical hackers to
test its computer systems in the run up...
 

Posted by InfoSec News on Mar 18

http://www.washingtonpost.com/business/economy/sally-beauty-confirms-data-breach/2014/03/17/c644049a-adf5-11e3-96dc-d6ea14c099f9_story.html

By Amrita Jayakumar
The Washington Post
March 17, 2014

Sally Beauty confirmed Monday that hackers broke into the supplier's
network, stealing the payment data of up to 25,000 customers.

The information stolen included payment card numbers and the three-digit
security codes, known as CVV numbers, the...
 

Posted by InfoSec News on Mar 18

http://www.israelhayom.com/site/newsletter_article.php?id=16181

[InfoSec News is a media sponsor, complete details are on the sidebar of
the website - www.infosecnews.org, and there's a 10% discount code if
you're interested in attending. - WK]

By Ilan Gattegno
Israel Hayom
March 17, 2014

Institute for National Security Studies, a prestigious academic think
tank, to host large event with the help of U.S.-based Cyber Security Forum...
 

Posted by InfoSec News on Mar 18

http://healthitsecurity.com/2014/03/17/healthcare-data-encryption-trends-and-methods/

By Patrick Ouellette
Health IT Security
March 17, 2014

There are varying responses from healthcare organizations and security
experts when the question of why an organization would not encrypt its
data is posed. For some, it's a numbers game and their budget simply can't
fit encryption technology. Others philosophically are opposed because they...
 
Internet Storm Center Infocon Status