Share |

InfoSec News

The judge hearing Oracle's Java patent lawsuit against Google hopes to get the case wrapped up before the end of November, he said Wednesday, but it won't help his cause that the U.S. patent office has agreed to reexamine Oracle's patents in the case.
 
Cisco Systems orchestrated the arrest of Multiven founder Peter Alfred-Adekeye last year in order to force a settlement of Multiven's antitrust lawsuit against Cisco, a Multiven executive said on Wednesday.
 
Microsoft said on Wednesday that its BPOS-Federal service has received an important certification that allows federal organizations to use the service.
 
Chris Eng, senior security researcher at Veracode Inc., explains how firms can get started improving their software development processes.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google
 

Several warnings to business from ICO at Infosec 2011
ComputerWeekly.com (blog)
Deputy Information Commissioner David Smith had several warnings for business organisations at this morning's keynote at Infosec 2011 in London. Looking to future, Smith made ...

 
Apple today said it sold a record 18.6 million iPhones in the first three months of 2011, the third consecutive quarter the company's smartphone has set sales records.
 
The Texas State Comptroller's office has fired its heads of information security and of innovation and technology following an inadvertent data leak that exposed Social Security numbers and other personal information on over 3.2 million people in the state.
 

Infosec 2011: Policy is only way to deal with social media, say security ...
ComputerWeekly.com
The best and only way organisations can deal with the use of social media is through robust policies and user aware campaigns, according to a panel debating the topic at Information Security Europe 2011 in London. Despite the considerable risk that the ...

 
Nokia's move to the Windows Phone OS took the "wind" out of possible volume sales of Intel smartphone chips this year, but the chip maker has moved on, Intel CEO Paul Otellini said this week.
 
The increasingly successful use of phishing email by hackers to gain access to secure networks should prompt IT managers to take new steps to combat them.
 
Amazon said Wednesday that its popular Kindle e-reader will allow customers to borrow Kindle books from more than 11,000 U.S. libraries starting later this year.
 
Nobody expects the BlackBerry PlayBook tablet to sell as well as the iPad 2. Still, Research In Motion seems to have taken an especially measured approach with its PlayBook launch, which started Tuesday in stores such as Best Buy and Radio Shack.
 
Oracle is getting ready to challenge SaaS human resources vendors like SuccessFactors and Workday with Fusion HCM (human capital management), one component of its long-awaited Fusion Applications suite.
 
A Michigan woman pleads guilty to selling $400,000 worth of counterfeit software on a website.
 
Apple's revenue and profit soared in its fiscal second quarter ended March 26, buoyed by strong iPhone sales, the company said Wednesday.
 
Oracle Help CVE-2011-0785 Remote Security Vulnerability
 
RETIRED: Oracle April 2011 Critical Patch Update Multiple Vulnerabilities
 
Oracle JD Edwards EnterpriseOne Multiple Cross Site Scripting Vulnerabilities
 
Oracle Database and Enterprise Manager Grid Control CVE-2011-0787 Remote Security Vulnerability
 
Oracle Outside In Technology Microsoft CAB File Parsing Remote Code Execution Vulnerability
 
Oracle Outside In Technology Lotus 123 File Parsing Remote Code Execution Vulnerability
 
[SECURITY] [DSA 2223-1] doctrine security update
 
The latest study of application code by Veracode found many applications submitted by software makers are of “unacceptable security quality.”

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google
 
The rise in cyberattacks highlights the need for robust penetration testing of government networks.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google
 
Yes, Virustotal.com appears to be down and/or not resolve correctly in DNS at the moment.
Update: Looks like they're back. (c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
 
Apple won't start selling the next iPhone until September, sources have told the Reuters news service, adding to the chorus that the company will abandon a four-year practice.
 
Driven by mobile customer gains, AT&T's revenue for the first quarter of 2011 was up 2.3% and its net income rose 38.9% from a year earlier.
 
RIM's BlackBerry PlayBook tablet could be an interesting business device, but it's missing too many features to be useful yet.
 
A stepladder bent and broken against a rack of electrical equipment, debris covering the ground, on-screen radiation readings in the red zone. These are the first images provided by robots from inside the Fukushima Daiichi nuclear power plant after the massive March 11 earthquake and subsequent tsunami led to the world's second-worst nuclear accident.
 
Tinyproxy ACL Security Bypass Vulnerability
 
[SECURITY] [DSA 2222-1] tinyproxy security update
 
We received a number of comments regarding the release of the iPhone tracker [1], a tool which plots geo location data stored in iOS backups. All iOS devices (iPhone as well as iPad) will accumulate location information over time, and store it as part of backup files. The iPhone tracker will read this file and plot the information.
However, this information is not sent to any remote sides (at least not that this is known so far). Mobile operators may of course keep their own geo location data. As a simple counter measure, it is recommended to encrypt backups using a strong password.
And of course yet more interesting data for mobile forensics.
[1] http://petewarden.github.com/iPhoneTracker
------

Johannes B. Ullrich, Ph.D.

SANS Technology Institute

Twitter (c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
 
The BlackBerry PlayBook's hardware earned a 'repairability' score of 7 out of 10 from iFixit, well above the teardown website's earlier 4 out of 10 grade for the iPad 2.
 
A pair of researchers have found that Apple iPhones and iPads track users' locations and store the data in an unencrypted file on the devices and on owners' computers.
 
RIM has launched its long-awaited PlayBook, and the first-looks and analysis pieces are just coming in. Does RIM's new tablet look like its DOA or an iPad killer to you?
 
Microsoft will not be able to keep patents it proposed to buy from Novell under an agreement with the U.S. Department of Justice said Wednesday.
 
Google will open up to third parties its digital maps infrastructure so that enterprise organizations can use it to store and serve up geospatial data to their end users.
 
[ MDVSA-2011:075 ] kdelibs4
 
OpenSLP Extension Parser Remote Denial Of Service Vulnerability
 
Adobe Flash Player CVE-2010-3648 Remote Memory Corruption Vulnerability
 
[security bulletin] HPSBMA02663 SSRT100428 rev.1 - HP Systems Insight Manager (SIM) for HP-UX, Linux, and Windows, Remote Cross Site Scripting (XSS), Cross Site Request Forgery (CSRF), Execution of Arbitrary Code, Denial of Service (DoS)
 

V3.co.uk

InfoSec 2011: DPA breached after NHS security fail
IT PRO
The ICO raises concerns organisations are getting the basics wrong after an NHS Trust breaches the Data Protection Act. By Tom Brewster, 20 Apr 2011 at 12:49 Another NHS body has breached the Data Protection Act after a network access failure, ...
InfoSec 2011: ICO hits back at critical reportComputing
Infosec: ICO Denies Fining One Percent Of BreacheseWEEK Europe UK
Infosec 2011: Move to shared services will signal more data breachesComputerWeekly.com

all 57 news articles »
 
FTC Chairman Jon Liebowitz this week singled out Google for not adopting "Do Not Track," the privacy feature that lets consumers opt out of online tracking by Web sites and advertisers.
 
The Internet, as we all know, never forgets. And it turns out the World Wide Web has quite a few interesting memories on the subject of Android.
 
Here comes the fastest public-key algorithm that most people have never heard of: It's called NTRUEncrypt and this month was approved by the financial services standards body, the Accredited Standards Committee X9.
 
[USN-1118-1] OpenSLP vulnerability
 
Verizon have published their comprehensive annual breach investigations report today. Their analysis makes for interesting reading, for example they point out that a whopping 86% of breaches were discovered by outside third parties, and not by the victim organization internally. The chart on top of page 55/56 in the report shows, quite compellingly, the average time spans between intrusion and compromise, as well as between compromise and discovery. The former is in minutes to days, the latter in weeks to months. As for the cause of the breaches: Exploitation of default or guessable credentials is in the top three. Kinda where Cliff Stoll was already at, 20 years ago.

(c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
 
The next version of Fedora will be the first major Linux distribution to use the radically updated GNOME as its default desktop interface.
 
Websites designed to take advantage of the unique features in Internet Explorer 9 provide an immersive user experience that can increase customer loyalty and drive traffic. To obtain these benefits, though, you'll need to optimize your site to capitalize on IE 9.
 
Toshiba will launch its first tablet computer in late June in Japan and at around the same time in global markets, the company said Wednesday.
 
[security bulletin] HPSBMA02661 SSRT100408 rev.1 - HP Proliant Support Pack (PSP) Running on Linux and Windows, Remote Cross Site Scripting (XSS), URL Redirection, Information Disclosure
 
[security bulletin] HPSBMA02658 SSRT100413 rev.1 - Insight Control for Linux (IC-Linux), Remote Unauthorized Elevation of Privilege, Execution of Arbitrary Code, Encryption Downgrade, Information Disclosure, Denial of Service (DoS)
 
[SECURITY] [DSA 2221-1] Mojolicious security update
 
[security bulletin] HPSBMA02662 SSRT100409 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote Unauthorized Access, Execution of Arbitrary Code, Denial of Service (DoS)
 

ITProPortal

UPDATED: InfoSec 2011: ICO wants larger fining powers
IT PRO
The Information Commissioner's Office (ICO) would like fining powers above its £500000 cap, a senior figure from the privacy watchdog has admitted today. Deputy commissioner David Smith said if the need to fine ...
Infosec: ICO Denies Fining One Percent Of BreacheseWEEK Europe UK
Infosec 2011: Move to shared services will signal more data breachesComputerWeekly.com

all 54 news articles »
 

Infosec 2011: APT attacks a real threat to business, says security panel
ComputerWeekly.com
Advanced Persistent Threats (APTs) are a reality and cannot be dismissed as a myth or media hype, according to a panel of experts debating the top threats at Infosecurity Europe 2011 in London. APTs are typically associated with state actors, ...
InfoSec 2011: Most IT chiefs underestimate danger from advanced threats, warns ...Computing

all 2 news articles »
 

InfoSec 2011: Cyber Security Challenge gets refresh
IT PRO
The UK's Cyber Security Challenge today revealed additional competitions will feature in this year's contest, with a wider range of skills addressed. One of the chief differences between this year's challenge and ...

and more »
 

Drive-by cache attack silently loads malware into the browser cache

Researchers at Armorize Technologies have discovered a more sophisticated drive-by download attack that uses zero-day vulnerabilities and a technique designed to dupe signature-based antivirus.

Wayne Huang, founder and CEO of Armorize issued a report outlining the new attack, called drive-by cache, last weekend. The firm identified the attack taking place on a legitimate human rights website.

The new attack method is similar to the drive-by download method currently popular in exploiting Flash and JavaScript vulnerabilities. In this type of attack, when the user accesses an infected page their browser is forced to make a connection to another URL, which is often a malware server. It then downloads a piece of malware to the victim’s hard disk. The attack takes place in the background without user intervention.

This type of attack is popular due to how difficult it is to detect using traditional, signature based antivirus software. These types of attacks happen due to flaws and exploits resident in browser or third party application codes such as flash and JavaScript. Therefore, they are easy to hide amongst garbage code.

The drive-by cache attack technique identified by Huang and his team works similarly to the aforementioned method but instead of downloading the malware from an external source, the malware is executed from within the browser’s cache directory. The file is downloaded into the cache as part of the loading of the infected page, usually disguised as a jpeg or JavaScript file, that the browser downloads to its cache as an attempt to enhance the user’s browsing experience.

After caching the malware, the exploit and shell code are executed before the malware is finally executed as the final step. Huang and his team have dubbed this new type of attack drive-by cache and identified it on an Amnesty International website using the recently patched flash zero-day as the exploit.
The Armorize Team even found abnormal detection rates for the display.swf file, which contains the Flash exploit code.

“When we submitted the swf file to VirusTotal, 0 out of 42 antivirus vendors detected this exploit,” writes Huang on the Armorize blog. “As for newsvine.jp2 (swf.exe), we got 1/42 on VirusTotal (report is here). Only Microsoft detected this backdoor.”

The full Armorize report, including transcripts of the malicious code can be viewed here:  http://blog.armorize.com/2011/04/newest-…



Add to digg Add to StumbleUpon Add to del.icio.us Add to Google
 

InfoSec 2011: Detica brings national security to businesses
IT PRO
Detica Treidan aims to offer businesses Government-level protection, as targeted attacks become increasingly common. By Tom Brewster, 20 Apr 2011 at 13:59 BAE Systems Detica is hoping to bring Government-level cyber defence to businesses, ...

and more »
 

USA Today

Intel is using Infosec to push Sandy Bridge security
Inquirer
OPPORTUNISTIC LAPTOP THIEVES beware, as Intel is talking up the levels of protection it is adding to its Sandy Bridge second generation Core processor series. Although the security will not immolate any thieves, it will let the owner ...
Intel pushes security features in Sandy Bridge Core platformV3.co.uk

all 606 news articles »
 

BBC News

InfoSec 2011: Data Protection Act breached after NHS security fail
IT PRO
The ICO raises concerns organisations are getting the basics wrong after an NHS Trust breaches the Data Protection Act. By Tom Brewster, 20 Apr 2011 at 12:49 Another NHS body has breached the Data Protection Act after a network access failure, ...
Infosec: ICO Denies Fining One Percent Of BreacheseWEEK Europe UK
Infosec 2011: Move to shared services will signal more data breachesComputerWeekly.com

all 50 news articles »
 
NetBeans version 7.0 offers Java 7 and improved Swing integration
 
Linux Kernel 'next_pidmap()' Local Denial of Service Vulnerability
 

BBC News

Infosec: ICO Denies Fining One Percent Of Breaches
eWEEK Europe UK
Today, the Deputy Information Commisioner David Smith told the Infosec show in London, that the figures were wrong. ViaSat says the figures cover a period beginning on 6 April 2010, when the ICO received the power to fine organisations that breach the ...
Infosec 2011: Move to shared services will signal more data breachesComputerWeekly.com
InfoSec 2011: ICO wants larger fining powersIT PRO

all 46 news articles »
 
Facebook, HP, Rackspace, Juniper, Fujitsu and dozens of other organizations have joined a group building a defensive patent portfolio to protect Linux-using members from potential lawsuits.
 
Open source version of Microsoft's Silverlight rich Internet plug-in platform is readied for Google's mobile OS
 
The chairman of the U.S. House Committee on Oversight and Government Reform this week called for Congress to increase the annual cap on H-1B visas.
 
PolicyKit 'pkexec' Utility and 'polkitd' Daemon Local Race Condition Vulnerability
 
atop Insecure Temporary File Creation Vulnerability
 

InfoSec 2011: ICO wants larger fining powers
IT PRO
The Information Commissioner's Office (ICO) would like fining powers above its £500000 cap, a senior figure from the privacy watchdog has admitted today. Deputy commissioner David Smith said if the need to fine ...

and more »
 
Analysts expect the Chinese outsourcing industry to be competitive with India's at some point over the next decade.
 
Make your data sing. We look at 22 free tools that will help you use visualization and analysis to turn your data into informative, engaging graphics.
 
Toshiba will launch its first tablet computer in late June in Japan and at around the same time in global markets, the company said Wednesday.
 
Japanese high-tech exports dropped sharply last month as a result of disruption caused by the massive earthquake and tsunami that hit the country on March 11, according to government trade statistics published Wednesday.
 

Infosec 2011: The security advantages and pitfalls of personal mobile devices ...
ComputerWeekly.com
Allowing employees to use personal mobile devices for work purposes can increase productivity and improve security measures. But managing users' mobile devices can present security risks too. A recent survey of 1075 UK employees by TNS Omnibus for ...

and more »
 

Computing

InfoSec 2011: Most IT chiefs underestimate danger from advanced threats, warns ...
Computing
IT leaders were told that they should be more concerned about the danger posed by advanced persistent threats (APT), and less worried about "strangling" the business with stringent security, in a keynote session at InfoSec 2011 in ...

 
InfoWorld's 8-lesson guide for developers making the transition to smartphones and tablets
 
Intel is facing increasing competition in the worldwide semiconductor industry -- but not from its traditional rival, Advanced Micro Devices.
 
A one-time Cisco engineer who had sued his former employer, alleging it monopolized the business of servicing and maintaining Cisco equipment, has been charged by U.S. authorities with hacking.
 

Infosec 2011: IoD raises protection and cuts costs with secure gateway
ComputerWeekly.com
London-based Institute of Directors (IoD) has cut its security administration by 75% by deploying a secure web gateway to protect users of its UK-wide network. "This means IT staff can concentrate on more strategic issues," said Richard Swann, ...

 
libsndfile VOC and AIFF Processing Buffer Overflow Vulnerabilities
 
libsndfile CAF Processing Buffer Overflow Vulnerability
 
libsndfile FLAC.C Buffer Overflow Vulnerability
 
Mutt NULL Character CA SSL Certificate Validation Security Bypass Vulnerability
 


Internet Storm Center Infocon Status