Hackin9
[SECURITY] [DSA 3583-1] swift-plugin-s3 security update
 

US House lifts block on Google-hosted apps, Yahoo Mail remains blacklisted
Yahoo News
Yahoo Mail remains inaccessible, however, and has been blacklisted since the House Information Security Office said in an April 30 memo it had detected an increase of ransomware attacks on the network. The two restrictions were not related, but came ...

 
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 

Foreign hackers snooping on campaigns, US intel says
Hong Kong Standard (press release)
Jonathan Lampe with InfoSec Institute, a private information security company in Chicago, said security has not improved significantly since then. In October, he evaluated the security of sixteen candidates' websites and wrote a pair of 20-page reports.

 

House lifts block on Google-hosted apps, Yahoo Mail remains blacklisted
Yahoo News
Yahoo Mail remains inaccessible, however, and has been blacklisted since the House Information Security Office said in an April 30 memo it had detected an increase of ransomware attacks on the network. The two restrictions were not related, but came ...

and more »
 

House lifts block on Google-hosted apps, Yahoo Mail remains blacklisted
KFGO
Yahoo Mail remains inaccessible, however, and has been blacklisted since the House Information Security Office said in an April 30 memo it had detected an increase of ransomware attacks on the network. The two restrictions were not related, but came ...

and more »
 
[security bulletin] HPSBGN03602 rev.1 - HPE RESTful Interface Tool, Local Disclosure of Information
 

Some useful resources for your reading pleasure and implementation:

1) A recently publishedWindows 10 and Windows Server 2016 security auditing and monitoring reference:https://www.microsoft.com/en-us/download/details.aspx?id=52630

From the reference abstract, you can expect:

  • Detailed technical descriptions for most of the advanced security audit policies that are included with Windows 10 and Windows Server 2016.
  • Monitoring recommendations for security events to include in advanced security audit policies.
  • Recommendations for Group Policy settings for advanced security audit policy for domain controllers, workstations, and member servers.

2) A great Linux.com article on setting up two-factor authentication for login and sudo:https://www.linux.com/learn/how-set-2-factor-authentication-login-and-sudo

From Jack Wallens article:

What if I told you could take the login to your Linux servers and desktops one stepnay, two stepsfurther? Thanks to the Google Authenticator, you can. On top of that, its incredibly easy to set up.I am going to walk you through the process of setting up two-factor authentication for use on login and sudo. I will demonstrate this on a Ubuntu 16.04 desktop, but the process works for the server as well. To handle the two-factor side of things, I will be making use of the Google Authenticator...

3) In the this speaks for itself and too good not to sharecategories:">|">@holisticinfosec

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
Cisco Security Advisory: Cisco Web Security Appliance Connection Denial of Service Vulnerability
 
Cisco Security Advisory: Cisco Web Security Appliance HTTP Length Denial of Service Vulnerability
 
Cisco Security Advisory: Cisco Web Security Appliance Cached Range Request Denial of Service Vulnerability
 
Cisco Security Advisory: Cisco Web Security Appliance HTTP POST Denial of Service Vulnerability
 

The Guardian

Presidential candidates may be vulnerable to foreign hackers, US says
The Guardian
Jonathan Lampe with InfoSec Institute, a private information security company in Chicago, said security had not improved significantly since then. In October, he evaluated the security of 16 candidates' websites and wrote a pair of 20-page reports ...
US Intelligence: Foreign hackers spying on campaignsWDRB
Clapper: Hackers target US presidential campaignsDeutsche Welle

all 90 news articles »
 
[security bulletin] HPSBHF03578 rev.1 - HPE ConvergedSystem for SAP HANA using glibc, Multiple Remote Vulnerabilities
 
[security bulletin] HPSBHF03579 rev.1 - HPE ConvergedSystem for SAP HANA using OpenSSL, Multiple Remote Vulnerabilities
 

Fox News

US intelligence: Foreign hackers spying on campaigns
Fox News
Jonathan Lampe with InfoSec Institute, a private information security company in Chicago, said security hasn't improved significantly since then. In October, he evaluated the security of sixteen candidates' websites and wrote a pair of 20-page reports.

and more »
 

Enlarge (credit: @flanvel)

Login credentials for as many as 117 million LinkedIn accounts have been put up for sale online by someone who is seeking more than $2,200 for the haul, a security researcher said.

The credentials—which include e-mail addresses and passwords hashed using the woefully weak SHA1 function—appear to come from a 2012 breach of the career networking site, researcher Troy Hunt said in a series of tweets. LinkedIn officials have since verified that the 2012 hack was the source and said they are working to invalidate any passwords that may still be actively used on compromised accounts. According to LeakedSource, a site that maintains a database of more than 1.25 billion compromised accounts, the new batch contains data for 167 million accounts. 117 million of the records in the batch include a password field.

The discovery means that the 2012 LinkedIn breach was much bigger than previously believed. At the time, researchers found almost 6.5 million credentials belonging to site users. It's not clear if the new number of affected accounts is news to LinkedIn. In the days following discovery of the 2012 breach, company officials implemented a mandatory password reset for affected users. A statement from company officials on Wednesday saying that they're working to change any passwords still in use leaves open the possibility that they were unaware the number was so high.

Read 3 remaining paragraphs | Comments

 

AppSense Updates Flagship Desktop Service
Channel Partners
Working to mitigate endpoint security risk, DesktopNow Plus v10 enables IT or InfoSec personnel to create customized endpoint policies guided by production data utilizing new report filter, sorting, and grouping capabilities and new reports that track ...

and more »
 

US Intelligence: Foreign Hackers Spying on Campaigns
ABC News
Jonathan Lampe with InfoSec Institute, a private information security company in Chicago, said security hasn't improved significantly since then. In October, he evaluated the security of sixteen candidates' websites and wrote a pair of 20-page reports.

and more »
 

Organizations still not ready for Internet of Things, says Intel Security exec
IT World Canada
Often news reports of attacks point fingers at foreign countries. But Montgomery says the focus is ... Lines of business owners have to tell infosec teams what is real value in the data so IT knows where to marshal its resources, he says. After all, he ...

and more »
 
 
[SECURITY] [DSA 3582-1] expat security update
 
FreeBSD Security Advisory FreeBSD-SA-16:19.sendmsg
 
FreeBSD Security Advisory FreeBSD-SA-16:18.atkbd
 
[security bulletin] HPSBGN03587 rev.1 - HPE Helion OpenStack using OpenSSL and Open vSwitch, Remote Arbitrary Command Execution, Denial of Service (DoS), Disclosure of Information
 
Internet Storm Center Infocon Status