Share |

InfoSec News

Intel is throwing its might into the mobile market against ARM, but analysts note that the PC chip giant might have a fight on its hands. Can Intel ultimately unseat ARM?
A planned presentation on security vulnerabilities in Siemens industrial control systems was pulled Wednesday over worries that the information in the talk was too dangerous to be released.
Sean Maloney will return to the spotlight as one of Intel's most important executives on May 31 after several months of medical leave and a gradual return to work at the processor giant.
As if being unemployed isn't bad enough, 210,000 unemployed residents of Massachusetts may have had personal data about them stolen from the state agency that is supposed to be helping them out.

Can you guess which domains the crooks behind the Fake Anti-Virus Scam are going to use next ? Well, neither can we. But for several weeks now, they are hosting a lot of their bad stuff out of, geo-located in lovely Russia (where else?).
A passive DNS collector like BFK/RUS-CERT can help to turn this IP address back into the domain names currently in use. Here's an excerpt from the resulting list, all in all 165 domains of badness.

Several of these domains were found by our readers via the poisoned Google image searches that we reported earlier this month, and also via malicious advertisements embedded in perfectly benign web pages.
If you Apple Mac users now feel all safe, think again! As we mentioned earlier, Fake AV has made its appearance on Macs, where naive automatic download-and-run default settings in browsers still are common, and where MacDefender and its expected numerous successors and variants are likely to become as successful for the bad guys as their Windows version has been for years.
Fake AV Bingo? The only winning move is not to play.
(c) SANS Internet Storm Center. Creative Commons Attribution-Noncommercial 3.0 United States License.
ADP, which claims to handle the payroll for one in six working Americans, is moving aggressively to modernize its services and expand the range of products it provides to customers.
Hold on to your hat. The first of the social networking sites is about to launch its initial public offering, or IPO.
The T-Mobile 4G Mobile Hotspot ($80 with a two-year contract) joins a growing group of mobile hotspots that fit in your pocket and allow several Wi-Fi enabled devices to connect to the Internet via a single mobile broadband connection. (For background on this growing category, read our feature on stand-alone versus phone-integrated hotspots.)
The company plans to offer the ability to build multi-tier applications directly from an AppFabric console
The world's biggest chip maker is focusing in on the mobile market, but analysts say ARM is in a great position to withstand any Intel onslaught.
gnome-screensaver Monitor Addition Lock Bypass Vulnerability
FFmpeg libavcodec 'sp5xdec.c' '.amv' File Memory Corruption Vulnerability
An estimated 250,000 BlackBerry PlayBook tablets have been sold in the first month, edging out Motorola Xoom's early sales, an analyst at RBC Capital Markets said Wednesday
An Internet trade group says a new copyright bill would lead to "thousands" of private legal actions against Web companies.
The San Francisco city and county government is moving from multiple email systems to Microsoft's cloud-based email.
Nothing comes easy to Sony these days. The company was forced to take part of its Sony PlayStation Network offline briefly Wednesday as it fixed a Web glitch that gave hackers a way to take over users' accounts.
Google today confirmed that it's starting to roll out a server-side patch for a security vulnerability in most Android phones that could let hackers snatch important credentials at public Wi-Fi hotspots.
SmarterStats Multiple Input Validation Vulnerabilities
An estimated 250,000 BlackBerry PlayBook tablets have been sold in the first month, edging out Motorola Xoom's early sales, an analyst at RBC Capital Markets said Wednesday
The city of San Francisco announced Wednesday that it is moving workers from multiple email systems to Microsoft's cloud-based email.
Paul McCartney is expected to perform a concert at HP's big user conference in early June. McCartney's lyrics help explain HP's earnings, which were released Wednesday.
[ MDVSA-2011:093 ] gnome-screensaver
DOMinator - The DOMXss Analyzer Tool - is finally public

Ohakea base for new CIS school
Wanganui Chronicle
"Such as CIS operational planning training for senior RNZAF personnel, and Infosec and cyber-warfare training focused on deployed computer network defence." All future potential recruits will be required to qualify on a primary electro-technology ...

Apple will refresh its popular MacBook Air line of ultra-thin notebooks in June or July, a Taiwanese publication said today, citing unnamed Asian supplier sources.
Shaw reviews the GoFlex Satellite, by Seagate.
E-waste is a serious problem for IT, but energy seems to be getting all the attention. It's time to turn that around, one industry watcher says.
At a glance, the Motorola Droid X2 looks almost identical to its predecessor -- but Verizon's new phone packs a couple of noteworthy differences.
The Wikileaks insider threat is not the first and will not be the last, however with the media hype Wikileaks has garnered, government cybersecurity managers are beginning to take different approaches to security.

Add to digg Add to StumbleUpon Add to Add to Google

St. Philip's IT curriculum earns government certification
The program now offers students two National Security Agency certifications upon completion of the courses: Information Systems Security (INFOSEC) Professionals NSTISSI No. 4011, and Senior Systems Managers CNSSI No. 4012. For a five-year period from ...

Over the next five years, the media and entertainment industry will see digital storage capacity requirements jump from 11 exabytes to 62 exabytes.
BlackBerry-maker Research In Motion released a significant OS update for its PlayBook tablet that enabled a new video chat application and other features. But the OS update seems to have had an unintended effect on the tablet's battery life.
If you store your data on the cloud, will you retain the ability to quickly archive, copy and preserve information that might be needed in litigation?
Cable killer or not, Netflix takes a big bite out of bandwidth every night in America.
Perl IO::Socket::SSL 'verify_mode' Security Bypass Vulnerability
Adobe Flash Player CVE-2011-0579 Information Disclosure Vulnerability
The two companies will bridge Microsoft .Net and Azure with SAP's NetWeaver Gateway.
Attachmate intends to revitalize the sales and technical development of the virtualization and collaboration products gained with its acquisition of Novell.
SAP is opening up a cloud-based platform for its HANA (High-Performance Analytic Appliance) in-memory computing technology, enabling partners to develop applications that take advantage of its capabilities, the company announced Wednesday.
Apple has proposed a standard for new, smaller SIM cards, in an effort to free up more space on future smartphones.
Users of SAP's BusinessObjects and Rapid Deployment products are now able to run the applications from Amazon's cloud.
ARM Holdings is seeking the support of software makers for its plan to put its low-power processors in servers, company executives said this week.
Verizon Wireless announced the Motorola Droid X2 smartphone will be available online Thursday for $199.99 and a two-year service agreement.
Most organizations believe they aren't in danger of losing data, but as recent news demonstrates, the threat is real and no organization is immune.
MDaemon Server WorldClient Email Subject HTML Injection Vulnerability
[ MDVSA-2011:092 ] perl-IO-Socket-SSL
XSS vulnerability in TWiki < 5.0.2
A new Common Vulnerability Framework sets a standard so organizations can share vulnerability information in a common readable format.

Add to digg Add to StumbleUpon Add to Add to Google

CIOs Must Meet Minimum Necessary - Building Information Systems Like Building ...
CSO (blog)
When I search for information security certifications through Google, I get about 9560000 results. When I search for CIO certifications through Google, I get about 1330000 results. ...

The Windows Registry is a database that holds your operating system's configurations and settings. This includes everything from how long your mouse must hover over a taskbar icon before the preview pops up (in Windows Vista and Windows 7) to performance settings.
India has just approved three new information technology rules, some of which might impact U.S. companies that outsource and others that will hurt Indian Internet users.
Perl libwww-perl (LWP) Module SSL Certificate Validation Security Bypass Vulnerability

How the Microsoft/LogMeIn support scam works
iT News
Remember to sign up to our Security bulletin for the definitive summary and analysis of Infosec threats. In a weird twist of logic he asked me if I had a computer, and whether it ran Windows. These people aren't trained particularly well. ...

Intel is in talks with major Asian PC makers that could see new laptops released as early as December this year that feature fast, battery-saving processor technology announced by the company at a financial analyst's meeting.
While much of the innovation these days seems to be happening in smartphones and tablets, Intel says big improvements lie ahead for the trusty PC.
After years of dominance in computer chips, Intel now is chasing the mobile chip market and trying to redefine its future.
WindSpring, which makes data compression and search technology for embedded systems in the auto industry, is now hawking its wares to the general storage market to allow compressed data sets to be searched without a performance hit.
The touted cost savings associated with cloud services didn't pan out for Ernie Neuman, not because the savings weren't real, but because the use of the services got out of hand.
Riverbed's Steelhead Mobile WAN acceleration software client slashes Web, mail, file copy, and file transfer times for Windows and Mac users

Posted by InfoSec News on May 18

Forwarded from: cfp (at)

Ruxcon 2011 Call For Papers

The Ruxcon team is pleased to announce the call for papers for the
seventh annual Ruxcon conference.

This year the conference will take place over the weekend of 19th and
20th of November at the CQ Function Centre, Melbourne, Australia.

The deadline for submissions is the 30th of July.

* What is Ruxcon?

Ruxcon is the premier technical computer security conference in the...

Posted by InfoSec News on May 18

By Stilgherrian
May 18th, 2011

Police have spoken out strongly against so-called "ethical hacking" in
the wake of yesterday's demonstration of a Facebook privacy hack at the
BSides Australia conference being held in parallel to the AusCERT 2011
information security conference. The incident has already seen a
journalist arrested and his iPad...
Linux Kernel 'icmp_send()' NULL Pointer Dereference Remote Denial of Service Vulnerability
A few days ago, a group of researchers from the University of Ulm in Germany published details about a security vulnerability in Android operating systems version 2.3.3 or lower. This is not really a vulnerability but the way that Android apps use the ClientLogin authentication protocol in order to access various Googles services.
As you can probably guess by now the problem here is that ClientLogin sends authentication data over plain text HTTP connections. The Authorization: header, which is used (as the name implies) for authorization is sent as part of a GET request in plain text so any attacker who can see this traffic can easily extract this header and impersonate the victim. Depending on what you use, the token can give the attacker access to the Calendar and Contact Google applications. Whats even worse, the token is valid for 14 (!!!) days, so once it has been acquired by the attacker it can be easily used in the future.
This issue is not limited only to Android any other application that uses the ClientLogin protocol over plain text HTTP is subject to similar attacks, however since Android is so wide spread it looks as the most critical target for a potential attacker.
How could an attacker exploit this? First of all, if you are connecting with your Android on any open wireless networks (i.e. Starbucks or similar), the attacker can easily sniff your traffic and collect all authentication tokens. Similarly, the attacker could setup a fake access point with a familiar name to get victims to connect to it if the attacker is just forwarding traffic (and extracting authentication tokens), the victim will never even know what happens. Finally, attacks such as ARP poisoning are possible even on encrypted wireless networks (if the attacker can connect to it).
What can you do? If possible, update Android to at least version 2.3.4 on your phones since that version uses HTTPS for authentication. In todays world, there is absolutely no reason not to use SSL to encrypt everything.


INFIGO IS (c) SANS Internet Storm Center. Creative Commons Attribution-Noncommercial 3.0 United States License.

Posted by InfoSec News on May 18

By John E Dunn
17 May 11

An Australian security researcher has compromised Facebook security in
the most personal way imaginable, publically ‘hacking’ private
photographs posted to the service by the wife of a disliked rival
security professional.

The declared intention of Christian Heinrich’s session 'For God...

Posted by InfoSec News on May 18

Yonhap News Agency

SEOUL, May 18 (Yonhap) -- South Korea's financial regulator decided
Wednesday to punish Hyundai Capital Services Inc. for lax computer
system maintenance, which led to a major hacking attack at the biggest
local consumer finance firm.

The Financial Supervisory Service (FSS) launched an inspection into

Posted by InfoSec News on May 18

By George V. Hulme
May 17, 2011

Anyone who has worked to defend enterprise secrets from theft knows that
the answer to success certainly doesn't come from technology alone.

Few know this better than Eric O'Neill. O'Neill is the former FBI
operative who worked as an investigative specialist and played a crucial
role in the arrest and conviction of FBI...

Posted by InfoSec News on May 18

By Nancy Gohring
IDG News Service
May 17, 2011

A potential DDoS attack on Heroku, the Ruby platform-as-a-service
provider now owned by, is creating availability issues
for its customers.

The problems started on Monday when Heroku reported that a small number
of users, primarily those that point a root domain to Heroku via static...

Posted by InfoSec News on May 18

By Dan Goodin in San Francisco
The Register
17th May 2011

The Obama Administration has put the world on notice that hack attacks
directed against US assets could be met with military action.

“When warranted, the United States will respond to hostile acts in
cyberspace as we would to any other threat to our country,” the White
House said in a long-expected policy,...

Internet Storm Center Infocon Status