InfoSec News

Facebook's new Places feature lets you share your current location by "checking in" from your smartphone. Whether you never really got into earlier location-based social networking services like Gowalla or Foursquare or just want to know what it is (and how to turn it off), read on for everything you need to know about Facebook Places.
 
Facebook has acquired Hot Potato in a move that could help further its move into location-based services.
 

How will Intel buying McAfee affect the desktop virtualization industry?
Brian Madden (blog)
Let the Infosec people worry about it... My personal feeling is AV has been dead for years and it's a pointless waste of CPU cycles on your desktops and ...

and more »
 
The group responsible for managing the Internet's domain name system is asking Demand Media's eNom division for answers, following complaints from Internet security groups.
 
Intel surprised the IT community this week with its plans to buy McAfee. Intel justified the multibillion-dollar purchase price by citing the importance of securing mobile devices, a growing need. Facebook users can now share even more information thanks to the site's Places service, which allows people to publish their location on their profiles. U.S. broadband user complaints about slow service could be valid, according to a government study that says service providers are skimping on bandwidth. This week brought more private network neutrality talks, further frustrating open Internet advocates who were already miffed by Google and Verizon Communication's negotiations.
 
Oracle gave its Beehive collaboration platform a splashy debut during OpenWorld 2008, featuring it in a keynote by co-President Charles Phillips.
 
The College of Healthcare Information Management Executives released a guidebook for IT managers with tips on implementing electronic health records in order to meet the federal government's 'meaningful use' standards.
 
Canonical this week released a software framework that brings multitouch interaction to the open-source Ubuntu OS, which could accelerate adoption of the OS on tablets.
 
Sure, if someone steals your iPhone, you might be able to remotely wipe it in order to protect sensitive data. But what about catching the thief? An Apple patent application, filed earlier this year but posted online Thursday, describes sophisticated ways to do just that.
 
Google announced it would require new Chrome extension developers to pay a one-time $5 registration fee as a way to stymie malicious add-ons for its browser.
 

Intel's McAfee Deal: A National Security Nightmare
Forbes (blog)
... highly trained Russian engineers for positions in their security department; at least one of whom simultaneously taught an InfoSec course for the FSB. ...

and more »
 
Doctors are finding new applications to provide shortcuts for their busy workdays. Their choices include a new voice-enabled medical search app for the iPhone announced by Nuance Communications.
 
Actress Cameron Diaz leads the McAfee list of celebrities who are most dangerous to Web searchers.
 
Siouxfan asked the Answer Line forum to define a hard drive crash is and explain what can cause it.
 

Associated Aircraft acquires AN/APX-121 IFF rights
Defence Suppliers
Features of the unit include the ability to operate with existing KIT-1 Computers and Mode 5 operation with the addition of an NSA-certified INFOSEC ...

 

Schriever Air Force Base

100 percent shred required for INFOSEC
Schriever Air Force Base
If the issue warrants higher level attention then members should contact the wing OPSEC manager. For more information on OPSEC or INFOSEC call Captain ...

 

IT security pros mentoring each other for career growth
NetworkWorld.com
A program started in March called InfoSec Mentors has already paired more than 100 mentors and mentees who share their expertise on technology as well as ...

and more »
 
We are entering an era where corporate social responsibility (CSR) is of central concern to executives of almost every enterprise. With the publication of ISO 26000, a standard for CSR based on the UN Global Compact, executives now have a reliable blueprint for action. But to what extent is enterprise technology up to the task of documenting CSR initiatives?
 
Nokia's Messaging for Social Networks will never make it out of the beta stage. Nokia said it is discontinuing the application and instead will use what it has learned in the upcoming N8 smartphone.
 

Dr. InfoSec's Quotes of the Week (007)
CIO
Who said: "If I look at enough of your messaging and your location, and use Artificial Intelligence, we can predict where you are going to go. ...

 
Nokia has signed an agreement to acquire Motally, a privately owned U.S. company that has specialized in tracking and reporting usage statistics on mobile websites and applications, it said on Friday.
 
Three people were sentenced to prison terms Thursday for their roles in a multimillion-dollar scheme targeting payments to IT and consulting services vendors from four state governments, the U.S. Department of Justice said.
 

Take a No Cost Computer Forensics Class Sept. 4
TMCnet
Sign up for an email about upcoming classes (http://infosec.edcc.edu/computerforensicsfundamentals.htm).

 
But the lawsuit against Google is not likely to affect most Java users
 
Apple co-founder Steve Wozniak shared memories about memory at the Flash Memory Summit in Santa Clara, Calif.
 
South Korea has begun blocking access to a Twitter account operated by a North Korean Web site.
 
A top executive at JLJ Holdings, the parent company of a Singapore-based Apple supplier named in an alleged kickback scheme, has stepped down from his position "for the time being" as the company pursues an investigation of the charges.
 
Dell saw growth in net income and revenue for the second quarter of 2011, driven by strong growth in its enterprise hardware and services businesses.
 
Some users and analysts fear that the continuing acquisitions of security vendors by some of the largest firms in the business could have a chilling effect on technology innovation.
 
Google on Thursday patched 10 vulnerabilities in Chrome, but it didn't award any of the researchers who reported bugs its new top-dollar reward of $3,133.
 
With its new location-based Places feature, Facebook may have just lit the match that will ignite another round of privacy controversy.
 
Motorola's Droid 2 is, in essence, a refresh of the original Droid. Our reviewer tries to decide whether it's worth the upgrade.
 
InfoSec News: Ruxcon 2010 Final Call For Papers: Forwarded from: cfp (at) ruxcon.org.au
RUXCON 2010 FINAL CALL FOR PAPERS
Ruxcon would like to announce the final call for papers for the sixth annual Ruxcon conference.
This year the conference will take place over the weekend of 20th and 21st of November. [...]
 
InfoSec News: Researcher: Code-execution bug affects 200 Windows apps: http://www.theregister.co.uk/2010/08/20/windows_code_execution_vuln/
By Dan Goodin in San Francisco The Register 20th August 2010
About 200 Windows applications are vulnerable to remote code-execution attacks that exploit a bug in the way the programs load binary files for [...]
 
InfoSec News: With McAfee deal, Intel to bake in security: http://news.cnet.com/8301-27080_3-20014175-245.html
By Elinor Mills InSecurity Complex CNet News August 19, 2010
In the future, you may not have to buy antivirus software for your laptops and mobile devices if Intel is able to live up to the promise of [...]
 
InfoSec News: Root privileges through Linux kernel bug - Update: http://www.h-online.com/open/news/item/Root-privileges-through-Linux-kernel-bug-Update-1061563.html
The H Open Source 18 August 2010
According to a report (PDF) written by Rafal Wojtczuk, a conceptual problem in the memory management area of Linux allows local attackers to [...]
 
InfoSec News: Yale School of Medicine Statement on Laptop Computer Theft: http://opa.yale.edu/news/article.aspx?id=7696
August 18, 2010
New Haven, Conn. -- Yale School of Medicine today announced that it has begun notifying approximately 1,000 individuals whose clinical health information was contained on a laptop computer that was recently stolen. [...]
 
InfoSec News: Secunia Weekly Summary - Issue: 2010-33: ========================================================================
The Secunia Weekly Advisory Summary 2010-08-12 - 2010-08-19
This week: 44 advisories [...]
 
InfoSec News: HP's Fortify buy puts spotlight on obscure -- but important -- niche: http://www.computerworld.com/s/article/9180872/HP_s_Fortify_buy_puts_spotlight_on_obscure_but_important_niche
By Jaikumar Vijayan Computerworld August 18, 2010
Hewlett-Packard's move this week to buy Fortify software focuses attention on the increasingly important, but still mostly underutilized [...]
 
InfoSec News: Cyberwar claims high-profile victim: Forwarded from: Simon Taplin <simon.taplin (at) gmail.com>
http://www.ioltechnology.co.za/article_page.php?iArticleId=5604681
By Phil Hazlewood Independent Online 17 August 2010
Mumbai - The "cyberwar" between India and Pakistan has claimed another [...]
 
InfoSec News: 100 percent shred required for INFOSEC: http://www.schriever.af.mil/news/story.asp?id=123218236
By 2nd Lt Jeffery Brown 4th Space Operations Squadron 8/18/2010
SCHRIEVER AIR FORCE BASE, Colo. -- When people think of security two things that typically come to mind are law enforcement and personal security. [...]
 

Posted by InfoSec News on Aug 20

Forwarded from: cfp (at) ruxcon.org.au

RUXCON 2010 FINAL CALL FOR PAPERS

Ruxcon would like to announce the final call for papers for the sixth
annual Ruxcon conference.

This year the conference will take place over the weekend of 20th and
21st of November.

Ruxcon will be held at CQ, Melbourne, Australia.

The deadline for submissions is the 10th of October.

What is Ruxcon?

Ruxcon is the premiere technical computer security conference...
 

Posted by InfoSec News on Aug 20

http://www.theregister.co.uk/2010/08/20/windows_code_execution_vuln/

By Dan Goodin in San Francisco
The Register
20th August 2010

About 200 Windows applications are vulnerable to remote code-execution
attacks that exploit a bug in the way the programs load binary files for
the Microsoft operating system, a security researcher said Thursday.

The critical vulnerability, which has already been patched in Apple's
iTunes media player for Windows...
 

Posted by InfoSec News on Aug 20

http://news.cnet.com/8301-27080_3-20014175-245.html

By Elinor Mills
InSecurity Complex
CNet News
August 19, 2010

In the future, you may not have to buy antivirus software for your
laptops and mobile devices if Intel is able to live up to the promise of
integrating technology from acquisition target McAfee, experts said on
Thursday.

In announcing its plans to acquire security company McAfee for $7.68
billion, Intel executives said they...
 

Posted by InfoSec News on Aug 20

http://www.h-online.com/open/news/item/Root-privileges-through-Linux-kernel-bug-Update-1061563.html

The H Open Source
18 August 2010

According to a report (PDF) written by Rafal Wojtczuk, a conceptual
problem in the memory management area of Linux allows local attackers to
execute code at root level. The Linux issue is caused by potential
overlaps between the memory areas of the stack and shared memory
segments.

As a potential attack...
 

Posted by InfoSec News on Aug 20

http://opa.yale.edu/news/article.aspx?id=7696

August 18, 2010

New Haven, Conn. -- Yale School of Medicine today announced that it has
begun notifying approximately 1,000 individuals whose clinical health
information was contained on a laptop computer that was recently stolen.
There is no indication that any individual information on the computer
has been misused.

Yale and New Haven Police Departments have been working closely together
and...
 

Posted by InfoSec News on Aug 20

========================================================================

The Secunia Weekly Advisory Summary
2010-08-12 - 2010-08-19

This week: 44 advisories

========================================================================
Table of Contents:

1.....................................................Word From...
 

Posted by InfoSec News on Aug 20

http://www.computerworld.com/s/article/9180872/HP_s_Fortify_buy_puts_spotlight_on_obscure_but_important_niche

By Jaikumar Vijayan
Computerworld
August 18, 2010

Hewlett-Packard's move this week to buy Fortify software focuses
attention on the increasingly important, but still mostly underutilized
category of application security products, security experts say.

Privately-held Fortify will provide HP with a set of technologies for
on-premise...
 

Posted by InfoSec News on Aug 20

Forwarded from: Simon Taplin <simon.taplin (at) gmail.com>

http://www.ioltechnology.co.za/article_page.php?iArticleId=5604681

By Phil Hazlewood
Independent Online
17 August 2010

Mumbai - The "cyberwar" between India and Pakistan has claimed another
victim, with the hacking of a high-profile lawmaker's website that
experts say highlights the woeful lack of Internet security in South
Asia.

A group calling itself the Pakistan...
 

Posted by InfoSec News on Aug 20

http://www.schriever.af.mil/news/story.asp?id=123218236

By 2nd Lt Jeffery Brown
4th Space Operations Squadron
8/18/2010

SCHRIEVER AIR FORCE BASE, Colo. -- When people think of security two
things that typically come to mind are law enforcement and personal
security. However, one piece of security that is often overlooked and
seems so small, but could put lives in danger everyday is information
security.

Believe it or not, shredding can...
 

Telegraph.co.uk

Mergers Reflect a Greater Trend in IT-Infosec Synergy
GovInfoSecurity.com (blog)
The fact that two major IT vendors are acquiring information security companies - Intel purchasing McAfee and Hewlett Packard buying Fortify - reflects a ...
How will Intel buying McAfee affect the desktop virtualization industry?Brian Madden (blog)

all 2,109 news articles »
 

Internet Storm Center Infocon Status