InfoSec News

Posted by InfoSec News on Oct 18

By Lewis Page
The Register
18th October 2010

The Coalition government sought today to suggest that the savings
package for the national-security sector is all part of a joined-up plan
or strategy, which will feature a 'transformative' cyber security force
or capability of some type.

This was done by issuing a document today entitled A Strong Britain in

Posted by InfoSec News on Oct 18

By Henry Kenyon
Oct 18, 2010

The Defense and Homeland Security departments have launched an
initiative to share analysts and coordinate their cyber operations. In a
joint statement co-signed by Defense Secretary Robert Gates and Homeland
Security Secretary Janet Napolitano, the two departments announced that
they will immediately formalize joint processes to...

Posted by InfoSec News on Oct 18


Open Security Foundation - DataLossDB Weekly Summary
Week of Sunday, October 10, 2010

19 Incidents Added.


DataLossDB is a research project aimed at documenting known and reported
data loss incidents world-wide. The Open Security Foundation asks for
contributions of new incidents and new data for...

Posted by InfoSec News on Oct 18

By Gregg Keizer
October 18, 2010

Microsoft said Monday that an "unprecedented wave" of attacks are
exploiting vulnerabilities in Oracle's Java software.

According to a manager at Microsoft's Malware Protection Center (MMPC),
attempts to exploit Java bugs have skyrocketed in the past nine months,
climbing from...
Apple announced on Monday that it once again had set a Mac sales record last quarter, and also broke previous records for both the iPhone and iPad.
Ray Ozzie, Microsoft's chief software architect and the executive responsible for pushing the company into the cloud, plans to step down, Microsoft said on Monday.
Ray Ozzie, Microsoft's chief software architect and the executive responsible for pushing the company into the cloud, plans to step down, Microsoft said on Monday.
Apple on Monday reported a rise in revenue and profits for its fourth fiscal quarter of 2010 behind strong iPad and iPhone sales.
VMware continues to ride high on server virtualization
IBM said Monday that third-quarter net income rose 12 percent to $3.6 billion, buoyed by strong performance in Brazil, Russia, India and China as well as solid sales of analytics software and services.
IBM said Monday that third-quarter net income rose 12 percent to US$3.6 billion, buoyed by strong performance in Brazil, Russia, India and China as well as solid sales of analytics software and services.
AT&T extended its U-Verse Mobile application to Android on Monday, tapping into the operating system's growing popularity by offering the TV-viewing software on the Android Market and several phones.

The topic for day 18 of the Cyber Security Awareness Month is a subject that happens frequently in many organizations...information security incidents. Many companies have formal information security incident response teams, which help the organization to diminish the impact of incidents on the organization. One fundamental element of any information security response plan has to be the information given to your boss during the crisis. Let's take a look at the incident response lifecycle diagram:

Source: Special Publication 800-61 ComputerSecurity Incident Handling Guide page 3-1

Preparation: When the team is preparing for an incident, you must determine what incidents are most likely to occur inside the organization. Risk analysis is crucial to determining those incidents that are likely to happen to the information assets of the company. With your boss you should identify those risks that the company is willing to take and those that will not take. Management should have a clear perspective that each risk he decides to accept for the company may represent a future incident for which the company must be prepared. Here is where you should prepare the elements required to respond to potential incidents it they occur, as well as technical and procedural elements, organizational skills and above all the procedures that regulate the operation of the incident response team.

Detection and Analysis: There are several ways in which the incident response team can detect a security incident, such as alerts from monitoring systems, reports from employees or even reports from your own boss. In any of the above cases there will be tremendous pressure from the complainants to know what had happened and to take action against those responsible for the events. When you decide to give the official report to your boss, do so only if it is truthful and accurate information about what happened ,not speculation and assumptions, as much of this information may be used in legal proceedings or meetings with senior management, where any comments you make will be taken as absolute truth.

Containment, eradication and recovery: Once it is determined that the events constitute an information security incident, make an objective assessment of the situation, define a strategy of containment, eradication and recovery that is compatible with corporate strategies and present to your boss a work plan that takes a pessimistic view of the task duration, enabling you to respond to contingencies that may arise. When we talk about the compatibility of this plan with corporate strategy it is important to consider the following variables according to the company's objectives: potential damage of resources, need for evidence preservation, service availability, time and resources needed to implement the strategy, effectiveness of the strategy and the duration of the solution. Before you begin execution of the plan, make sure your boss agrees with it and keep him informed of critical issues you might have. He will be your main support during the execution of this plan and you want to keep him focused on the parts where you need support.

Post-incident activity: Once the containment, eradication and recovery of the incident have, meet with your boss and other stakeholders and discuss the lessons learned and devise recommendations to prevent occurrence of similar events and respond more effectively to such events in the future. The idea is to maintain the commitment from your boss to the information security process and all incidents that might occur in the future.
Do you havemore recommendations? Feel freeto page ushere. I will be updating the diary with all your input.
-- Manuel Humberto Santander Pelez | | | msantand at isc dot sans dot org (c) SANS Internet Storm Center. Creative Commons Attribution-Noncommercial 3.0 United States License.
Recently I wanted to order something that would include a company logo imprinted on the side. I had no trouble creating the logo, but the company wanted it in EPS format--something that few programs outside of Photoshop can create. (Freeware favorite Paint.NET can't do it; neither can GIMP.)
Turtle Beach used to be a name invoked when you wanted something higher spec than Creative's older, generic Sound Blaster audio cards. What you lost in native game support, you gained in ahead-of-the-curve audio engineering, and the cards themselves sounded less like geek tech than tropical respites, with names like Maui, Montego, Rio, Riviera, and Santa Cruz (contrast with Creative's comparably dull Pro, Pro 2, Awe32, Awe64, Audigy, and X-Fi).
Rumor has it that at Wednesday’s Mac-themed event in Cupertino, Apple may introduce a major revision to the MacBook Air, a product whose exterior has remained unchained since it was introduced three years ago. The Air is near and dear to my heart—I have used one almost every single day of its existence—which may qualify me as its biggest booster and critic.
Microsoft said an 'unprecedented wave' of attacks are exploiting vulnerabilities in Oracle's Java software.
Gartner analysts warned users that the growing merger and acquisition activity among large vendors could help stifle technology innovation.
Technology related to e-discovery and multi-lingual translation is playing a critical role in the ongoing process to find justice for victims of war crimes in once war-torn places such as the former Yugoslavia, Cambodia and Rwanda.
Motorola is asking a court to invalidate 12 Apple patents, even though Apple hasn't accused Motorola of infringing them.
Passengers don't want to pay for in-flight Wi-Fi connectivity, according to In-Stat research. That's not surprising: Just look at the Wi-Fi hotspot experiences of Starbucks, McDonald's and Barnes & Noble.
Microsoft said its free malware cleaning tool had scrubbed the money-stealing Zeus bot from nearly 275,000 Windows computers in under a week.
U.K. police arrested a 34-year-old man on Monday on suspicion of creating counterfeit credit cards and organizing a network of people involved in money laundering, officials said.
Ericuse165 asked the Windows forum which is better: the 32- or 64-bit version of Windows 7.
The Google Search Appliance, an enterprise search device loaded with Google search software, is now able to crawl, index and retrieve data stored in the company's Apps hosted collaboration and communication suite.
SuccessFactors announced a new Calculator in the Cloud service on Monday that allows users to pull together analytic mashups with data from its human resources software suite as well as from other SaaS applications.
Operators have merged two different platforms for distributing Web-based mobile applications, in a effort to start competing with the likes of Apple's AppStore and Google's Market.
A number of Facebook apps have been providing advertisers with information that make the social networker easily identifiable, according to an investigation by the Wall Street Journal.
View log management systems as a source of business intelligence-and choose one that fits your business needs. David Torre provides expert guidance.
Software AG announced Monday that it has purchased MDM (master data management) vendor Data Foundations, and has plans to link that technology to its portfolio of BPM (business process management) and other middleware technologies. Terms were not disclosed.
Facebook has what marketing and business types call "network externalities," and what normal people call "My least tech-savvy relative uses it." In other words, even if it's technically inferior to other blogging or social networking tools in many ways, you end up using it because everyone else does. A social network without anyone in it is useless, or, if you prefer, "Friendster." This creates a great niche for a startup to occupy: Writing tools that make Facebook easier and more comfortable to use. Wowd (free) promises to be one such tool.
MarkMonitor has acquired the Danish company DtecNet, an antipiracy tracking company, the companies said Monday.
Companies selling products or services online could easily charge more if they just treated their customers a bit better, according to a survey.
These four password managers let you save and retrieve password data no matter what device you're using.
These four password managers let you save and retrieve password data no matter what device you're using.
Clearwire is launching its 4G WiMax network in New York, San Francisco and Los Angeles before the end of the year.
What you don't know -- or refuse to learn -- about social networking could undermine your business
Physicists at the University of California have taken a giant leap closer to creating a new computer chip that gives memory the brains of a CPU, which promises to vastly improve computer performance and keep systems in an always-on state.
Infosys Technologies says it will hire 1,000 U.S. workers to increase its ability to provide consulting and management services to its clients, an area of increasing importance for this India-based offshore giant.
InfoSec News: Stolen computer contains Social Security numbers:
By Ted Shockley Staff Writer Delmarva Now October 16, 2010
ACCOMAC -- An Accomack employee had a county-owned laptop computer stolen while on a personal vacation to Las Vegas, and with it the names and Social Security numbers of roughly 35,000 county residents.
In some cases, actual addresses of county residents also may have been included in computer files.
"It was taken there without permission," county administrator Steve Miner said of the computer.
Miner said the worker remains employed. The matter was discussed during a recent closed meeting of the Board of Supervisors.
InfoSec News: Hackers in China swiped sensitive data from gov’t:
JoongAng Daily October 16, 2010
Hackers from China have successfully stolen confidential information from foreign service and security officials through e-mails that purport to be from the Blue House or diplomats abroad, a report from the National Intelligence Service showed.
Grand National Party Representative Lee Jung-hyun, a member of the legislature’s National Defense Commission, provided the JoongAng Ilbo on Thursday with intelligence agency warnings sent to government offices earlier this year.
According to the documents, the National Intelligence Service warned that malicious e-mails were sent to foreign affairs and security public servants and diplomats abroad. The NIS said the e-mails, which contained a type of malware capable of stealing data from personal computers and mobile data storage devices, were sent repeatedly, and it warned civil servants to step up their security. The e-mails were disguised to appear to be coming from diplomats and Blue House officials.
The e-mails contained attachments titled “Briefing on [U.S.-Korea expert Jack] Pritchard’s North Korea visit,” “2010 Korean Peninsula affairs outlook” and “Itinerary of Kim Jong-il’s trip to China.”
InfoSec News: New Zeus Attack Preys On Quarterly Federal Taxpayers:
By Kelly Jackson Higgins DarkReading Oct 15, 2010
A widespread spam campaign that began several days ago started spiking today, Oct. 15 -- quarterly tax payment deadline day in the U.S. [...]
InfoSec News: Fight cyberwar with cold war doctrines, says former DHS chief:
By John Leyden The Register 15th October 2010
Cold war doctrines on how to respond to nuclear attack need to be applied to the 21st century threats of cyber attacks and espionage, [...]
InfoSec News: Hackers still strong despite soft economy:
By Erna Mahyuni The Malaysian Insider October 15, 2010
KUALA LUMPUR - Not even a recession can stall the hacker institution that is Hack in the Box (HITB). [...]
The global body in charge of allocating Internet addresses expects to hand out the final blocks of IPv4 (Internet Protocol version 4) addresses to regional registrars early next year, it said Monday.

Internet Storm Center Infocon Status