Hackin9

InfoSec News

The mobile gift-giving app Karma announced Friday it has been acquired by Facebook. The announcement came shortly after the markets closed on Facebook's first day as a publicly traded company.
 
The U.S. International Trade Commission issued an import ban Friday on any Android devices from Motorola that infringe one of Microsoft's patents.
 
The latest addition to Adonit's family of disc styluses for iOS devices, the Jot Flip seeks to fill the 2-in-1--stylus combined with pen--niche treasured by those still chained to paper and pen. And while the problems I've had with the Jot line in the past are still present in the Flip, it largely succeeds in conquering the 2-in-1 challenges.
 
pidgin-otr 'log_message_cb()' Function Format String Vulnerability
 
HP is expected to announce a large layoff at its quarterly investors briefing on Wednesday, losing as many as 30,000 employees. But for now, the company isn't talking about its plans.
 
Facebook's IPO got off to a shaky start as its share price ended the first day of trading with small gains.
 
[Ask the iTunes Guy is a regular column in which we answer your questions on everything iTunes related. If there's something you'd like to know, send an email to the iTunes Guy for consideration.]
 
Twitter has announced support for "Do Not Track," immediately implementing it to halt online tracking of users who trigger a setting in their browsers.
 
With the arrival of the Mercury Accelsior PCI Express SSD, OWC claims to have the only Mac bootable PCIe solid state drive currently on the market. The Mercury Accelsior comes in four different size configurations, 120GB, 240GB, 480GB, and 960GB, and will set you back $360, $530, $950, or $2080, respectively. Despite its relatively high price point, the Accelsior's performance is among the best SSDs we've seen, and its ability to upgrade capacity as needed is definitely a plus.
 
Hewlett-Packard Virtual SAN Appliance 'hydra.exe' Remote Buffer Overflow Vulnerability
 
Oracle mod_wl HTTP POST Request Remote Buffer Overflow Vulnerability
 
PolarSSL Diffie Hellman Key Exchange Security Bypass Vulnerability
 
Liferay Portal Multiple Security Vulnerabilities
 
The first hours of Facebook's IPO got off to a shaky start today with the share price wavering around the $40 mark, never gaining the astronomical momentum many had anticipated.
 
True privacy can be hard to come by in the socially enabled online world, but Twitter on Thursday announced that it has joined Firefox maker Mozilla in taking a big step forward for users.
 
Liferay Portal 'updateOrganizations()' Method Security Bypass Vulnerability
 
ikiwiki CVE-2012-0220 Multiple Cross Site Scripting Vulnerabilities
 
Microsoft will repeat last year's back-to-school promotion, kicking off the deal Sunday with an offer of a free Xbox 360 game console to eligible U.S. students who buy a new Windows 7 PC.
 
After all the buildup, Facebook's long-anticipated initial public offering is finally here.
 
Adoption of Android devices in large businesses has been 'severely limited' because of the complexities of managing the wide variety of Android models and versions, according to research firm Gartner.
 
H2HC Brazil 9th Edition - Call for Papers
 
SEC Consult SA-20120518 :: Memory overwrite vulnerability in libwpd (OpenOffice.org) - CVE-2012-2149
 
Re: [oss-security] CVE Request: Planeshift buffer overflow
 
After all the buildup, Facebook's long-anticipated initial public offering is finally here.
 
Re: [oss-security] CVE Request: Planeshift buffer overflow
 
[SECURITY] [DSA 2475-1] openssl security update
 
[security bulletin] HPSBOV02780 SSRT100766 rev.1 - HP OpenVMS ACMELOGIN, Local Unauthorized
 
Re: [oss-security] CVE Request: Planeshift buffer overflow
 
After all the buildup, Facebook's long-anticipated initial public offering is finally here.
 
HP OpenVMS Integrity Server Unspecified Local Privilege Escalation Vulnerability
 
The ZTE Score M phone, apparently available via Metro PCS in the US, comes with a special suid backdoor. The backdoor for a change does not use a fixed secret root password. But instead, the suid binary sync_agent has to be called with a special parameter.
If you do have an Android phone, take a look if you have this application in /systen/bin. At this point, only this one particular model is reported to have this application present, but it would be odd to not have ZTE use the same backdoor on other models.
Cataloging and limiting suid applications should be a standard unix hardening step. The simplest way in my opinion to find suid binaries is to use this find command:
find / -x -type f -perm +u=s
Files with the suid bit set will run as the user owning the file, not as the user executing the file. This is typically used to allow normal users to execute particular administrative tasks. So verify if you need or don't need to execute a particular binary as normal user before removing the suid bit.
Update: The file has also been found on the ZTE Skate.

------

Johannes B. Ullrich, Ph.D.

SANS Technology Institute

Twitter (c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
Despite the rumors, developers are focused on making apps -- and money -- from today's Android
 
Fully 95% of 600 businesses surveyed by Cisco permit the use of employee-owned smartphones and tablets at the office and found productivity gains for workers who use their own hardware.
 

Posted by InfoSec News on May 18

http://www.darkreading.com/compliance/167901112/security/news/240000583/obama-cybersecurity-czar-schmidt-steps-down.html

By Kelly Jackson Higgins
Dark Reading
May 17, 2012

The nation's first cybersecurity czar, Howard A. Schmidt, has resigned
his historic post and will be succeeded by Michael Daniel, chief of the
White House budget office's intelligence branch.

Schmidt said in a statement that he is leaving to spend more time with...
 

Posted by InfoSec News on May 18

http://www.theatlanticwire.com/technology/2012/05/how-stuxnet-came-back-haunt-us/52466/

By Megha Rajagopalan
ProPublica
May 17, 2012

Last week, the Department of Homeland Security revealed a rash of cyber
attacks on natural gas pipeline companies. Just as with previous cyber
attacks on infrastructure, there was no known physical damage. But
security experts worry it may only be a matter of time.

Efforts to protect pipelines and other...
 

Posted by InfoSec News on May 18

http://www.arabtimesonline.com/NewsDetails/tabid/96/smid/414/ArticleID/183360/reftab/36/t/KSE-site-hacked-on-day-of-launching/Default.aspx

Arab Times
18/05/2012

KUWAIT CITY, May 17: The website of Kuwait Stock Exchange (KSE) was
hacked on the day it was launched, reports Al-Jaridah daily quoting
reliable sources.

They disclosed that the hackers managed to copy all data from the
website before deleting them. The website administration team...
 

Posted by InfoSec News on May 18

http://www.informationweek.com/news/security/vulnerabilities/240000575

By Mathew J. Schwartz
InformationWeek
May 17, 2012

Beware fake Chrome installers for Windows.

A file named "ChromeSetup.exe" is being offered for download on various
websites, and the link to the file appears to be legitimately hosted on
Facebook and Google domains. In reality, the software won't install
Google's Chrome browser, but an...
 

Posted by InfoSec News on May 18

http://news.techworld.com/security/3358334/uk-now-top-ten-nation-for-hacking-traffic-logs-show/

By John E Dunn
Techworld
17 May 2012

A growing volume of attempted hacks and probes has propelled the UK into
the global top ten for this type of traffic, the NCC group has reported.

For the first three months of 2012, the UK was at number seven on the
list with 2.4 percent of hacking traffic according to intrusion
detection log data sourced from...
 
Linux Kernel KVM 'kvm_apic_accept_pic_intr()' Function Local Denial of Service Vulnerability
 
Internet Storm Center Infocon Status