(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

More than two years before coming under FBI questioning about possibly hacking into the in-flight entertainment system of a commercial plane while it was in mid air, a security researcher told peers he accessed the computer controls of other highly sensitive aviation and aeronautics systems, including the International Space Station.

Chris Roberts of One World Labs told an audience in 2012 that he bypassed the on-board firewall of a Boeing 737 plane he was traveling on and made contact with the Apache Tomcat webserver the firewall was protecting. He told the same audience he accessed communications systems NASA uses to control the International Space Station and changed the temperature. It was impossible to confirm the veracity of those claims, which went largely unnoticed until Friday, when an FBI search warrant application came to light alleging Roberts told agents he took control of a jet plane and briefly caused it to climb and fly sideways.

The 2012 talk—titled By Land, By Sea, By Air—has already touched off howls of protest from some researchers who say even the passive accessing of restricted parts of a plane while it's in flight is grossly reckless. Critics also argue the behavior would likely be a violation of the Computer Fraud and Abuse Act, which makes it a felony to gain unauthorized access to protected computer systems.

Read 6 remaining paragraphs | Comments


Posted by InfoSec News on May 18


Inside Cybersecurity
May 13, 2015

The information-sharing entity for industrial control system operators is
being folded into Webster University's "Cyberspace Research Institute" and
will announce next week that it is launching a new information sharing and
analysis organization,...
OpenSSL 'ASN1_TYPE_cmp()' Function Denial of Service Vulnerability
Oracle Solaris CVE-2015-2574 Local Security Vulnerability

A new vulnerability arised in Safari Web Browser that can lead to an address spoofing allowing attackers to show any URL address while loading a different web page. While this proof of concept is not perfect, it could definitely be fixed to be used by phishing attacks very easily.

There is a proof of concept http://www.deusen.co.uk/items/iwhere.9500182225526788/. From an iPad Air 2 Safari Web Browser:

From same iPad using Google Chrome:

The code is very simple: webpage reloads every 10 milliseconds using the setInterval() function, just before the browser can get the real page and so the user sees the real" />

We are interested if you notice any phishing attacks using this vulnerability. If you see one, please let us know using our contact form.

Manuel Humberto Santander Pelez
SANS Internet Storm Center - Handler
Twitter: @manuelsantander
e-mail: msantand at isc dot sans dot org

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Experts Urge InfoSec Info Sharing At Columbia-GCIG Conference
Dark Reading
NEW YORK -- The necessity for greater cybersecurity information sharing was stressed by speakers from academia, government and finance, Friday, at the Conference on Internet Governance and Cyber-Security, held by the Columbia University School of ...

WordPress Pro Quoter Plugin CVE-2014-4545 Multiple Cross Site Scripting Vulnerabilities
[slackware-security] mozilla-thunderbird (SSA:2015-137-01)
ESA-2015-087 EMC Document Sciences xPression SQL Injection Vulnerability

From the department of things that aren't what they seem, researchers have demonstrated a new address-spoofing exploit that tricks Safari users into thinking they're visiting one site when in fact the Apple-made browser is connected to an entirely different address.

The recently published proof-of-concept exploit causes the Safari address bar to display dailymail.co.uk even though the browser is displaying content from deusen.co.uk. It works on fully patched versions of iOS and OS X. Malicious attackers might use the bug to dupe Safari users into thinking they're connecting to a trusted site instead of one that's phishing their login credentials or attempting to install malware.

The demo code isn't perfect. On the iPad Mini Ars tested, the address bar periodically refreshed the address as the page appeared to reload. The behavior might tip off more savvy users that something is amiss. Still, many users would surely fail to spot the unusual refresh. What's more, the refresh behavior wasn't observed on a MacBook Pro Ars also tested.

Read 2 remaining paragraphs | Comments


On Monday the Federal Trade Commission (FTC) sent a letter to the bankruptcy court presiding over RadioShack's supervised asset sell-off suggesting a compromise that would allow RadioShack to sell its database of information from 117 million customers.

The sale of the data—which includes names, addresses, e-mail addresses, phone numbers, and purchase histories—has caused concern among consumer protection advocates. The states of Tennessee and Texas recently filed objections to RadioShack's plan to find a buyer for its database, saying that the company promised in various privacy policies that it would not resell customer data to third parties. AT&T and Apple also objected to the sale of portions of the database, saying that that information actually belongs to them and not to RadioShack as per RadioShack's business agreements with those companies.

According to FTC Consumer Protection Director Jessica Rich (PDF), RadioShack could find a way to appease consumer advocates by taking a look at a bankruptcy case from 2000 involving retailer Toysmart. In that case, Toysmart had wanted to sell off its database of customer data, but after some pushback from the FTC it agreed to certain limitations on the sale of the database. For example, the buyer could not buy the customer database alone—it had to receive it bundled in with the sale of other assets like trademarks or Web content. In addition, the information had to be sold to a business similar to Toysmart and that buyer had to agree to honor the privacy policy that Toysmart had pledged to its customers.

Read 3 remaining paragraphs | Comments

OpenSSL 'tasn_dec.c' Remote Memory Corruption Vulnerability
Apache Tomcat CVE-2014-0230 Denial of Service Vulnerability

Posted by InfoSec News on May 18


By Sophie Curtis
The Telegraph
18 May 2015

The government has quietly rewritten a key clause of the Computer Misuse
Act, giving GCHQ staff, intelligence officers and police immunity from
prosecution for hacking into computers and mobile phones.

The Computer Misuse Act, which came into effect in 1990, states that

Posted by InfoSec News on May 18


By Jason Koebler
Staff Writer
May 15, 2015

Atlanta's affluent Buckhead neighborhood is a great place to shop, eat,
and, last weekend, it was a great place to spot a man bent over stretching
his asshole far beyond what could possibly be healthy.

Hackers took over a video billboard in the neighborhood and replaced it
the most...

Posted by InfoSec News on May 18


By Kim Zetter

A SECURITY RESEARCHER kicked off a United Airlines flight last month after
tweeting about security vulnerabilities in its system had previously taken
control of an airplane and caused it to briefly fly sideways, according to
an application for a search warrant filed by an FBI agent.

Chris Roberts, a security researcher with One World...

Posted by InfoSec News on May 18


By Oleg Demidov
PIR Center

The bilateral intergovernmental Russian-Chinese agreement on cooperation
in the field of international information security which was signed on May
8, 2015 during the visit to Moscow of Xi Jinping, General Secretary of the
CPC and the President of China, could potentially become an important
milestone in Russia’s strategy of pivoting to the East. Though in...

Posted by InfoSec News on May 18


By Ericka Chickowski
Dark Reading

USIS attack in 2013 stealing background check information about government
personnel with classified clearance came by way of an SAP exploit.

After the better part of a decade of warnings that SAP and other
enterprise resource planning (ERP) systems are wide open to attack at most
organizations, this...

Posted by InfoSec News on May 18


By Valsmith
May 16, 2015

I recently read this article:
and it brought to mind some thoughts that have been percolating for quite
a while. Sometime last year I believe Dave Aitel coined the term Stunt...
LinuxSecurity.com: updated to 8u45-b14. fixes rhbz#1123870
LinuxSecurity.com: phpMyAdmin (2015-05-13)=============================== - [security] CSRF vulnerability in setup - [security] Vulnerability allowing man-in-the-middle attack
LinuxSecurity.com: t1utils Version 1.39 (2015-02-26)================================= * t1disasm: Security fixes for buffer overrun reported by Jakub Wilk and Niels Thykier.t1utils Version 1.38 (2013-09-29)================================= * t1disasm: Fix an infinite loop on some fonts reported by Niels Thykier.
LinuxSecurity.com: t1utils Version 1.39 (2015-02-26)================================= * t1disasm: Security fixes for buffer overrun reported by Jakub Wilk and Niels Thykier.t1utils Version 1.38 (2013-09-29)================================= * t1disasm: Fix an infinite loop on some fonts reported by Niels Thykier.
LinuxSecurity.com: * CVE-2015-3456: (VENOM) fdc: out-of-bounds fifo buffer memory access (bz #1221152)
LinuxSecurity.com: Security Report Summary
LinuxSecurity.com: An updated thunderbird package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Important security [More...]
LinuxSecurity.com: New mozilla-thunderbird packages are available for Slackware 14.1 and -current to fix security issues. [More Info...]
LinuxSecurity.com: phpMyAdmin (2015-05-13)=============================== - [security] CSRF vulnerability in setup - [security] Vulnerability allowing man-in-the-middle attack
LinuxSecurity.com: This update for NetworkManager fixes a number of bugs and a low-impact security issue for IPv6.

Naked Security

Monday review - the hot 22 stories of the week
Naked Security
Tags: computer security, Infosec, monday review, news, security news, weekly roundup. How likely are you to recommend Naked Security to a friend or colleague? 0 1 2 3 4 5 6 7 8 9 10. Vote. Take Our Poll · The phone that keeps an eye on your eyes - 60 ...

Internet Storm Center Infocon Status