InfoSec News

Chinese regulatory authorities have approved Google's acquisition of Motorola Mobility, paving the way for the deal to close within the week, company officials confirmed Saturday.
In the latest move in a complex series of patent-related cases, Apple filed a motion in a U.S. district court late Friday to ban Samsung Electronics' Galaxy Tab 10.1 in the U.S.

There is a remote exploit in the wild for PHP 5.4.3 in Windows, which takes advantage of a vulnerability in the com_print_typeinfo function. The php engine needs to execute the malicious code, which can include any shellcode like the the ones that bind a shell to a port.

Since there is no patch available for this vulnerability yet, you might want to do the following:

Block any file upload function in your php applications to avoid risks of exploit code execution.
Use your IPS to filter known shellcodes like the ones included in metasploit.
Keep PHP in the current available version, so you can know that you are not a possible target for any other vulnerability like CVE-2012-2336 registered at the beginning of the month.
Use your HIPS to block any possible buffer overflow in your system.

Manuel Humberto Santander Pelez

SANS Internet Storm Center - Handler



e-mail: msantand at isc dot sans dot org (c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Apple's plans for a Bluetooth 4.0-based iWallet could be the beginning of the end for the venerable cash register.

Poll: 64% think cloud storage risky, but 45% use it anyway
GMA News
Computer security firm Sophos said the survey conducted at Infosec Europe last April should prompt businesses to set policies on how their employees use such services. “With that level of awareness, it's obvious that people - at least, those people who ...

Internet Storm Center Infocon Status