Bitcoin: What is it, really? A digital currency? An investment? An Xbox game? For many people it's not clear, but that hasn't stopped venture capitalists from going gaga over it.

When thousands of access credentials and email addresses of Adobe customers were breached back in October,  we expected that phishing attacks that make use of the stolen information would follow. Surprisingly, it seems to have taken the bad guys quite a while to kick off anything serious - the only mails we got so far on a compromised address that we converted into an Adobe phishing honeypot were the usual spam emails peddling the usual goods. But today, Adobe themselves issued a warning http://blogs.adobe.com/psirt/2013/12/20/alert-adobe-license-key-email-scam/ suggesting that something more nefarious must be going on. If you have a sample of this email, please share via our contact form.

Since the Adobe and now the Target breach both affected about 40 million people .. odds are that half a million or so might be on both lists. So if you are getting an email from "Target" on the email address that you used for Adobe, you might want to be extra careful, too ...

(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Security company RSA was paid $10 million to use the flawed Dual_EC_DRBG pseudorandom number generating algorithm as the default algorithm in its BSafe crypto library, according to sources speaking to Reuters.

The Dual_EC_DRBG algorithm is included in the NIST-approved crypto standard SP 800-90 and has been viewed with suspicion since shortly after its inclusion in the 2006 specification. In 2007, researchers from Microsoft showed that the algorithm could be backdoored: if certain relationships between numbers included within the algorithm were known to an attacker, then that attacker could predict all the numbers generated by the algorithm. These suspicions of backdooring seemed to be confirmed this September with the news that the National Security Agency had worked to undermine crypto standards.

The impact of this backdooring seemed low. The 2007 research, combined with Dual_EC_DRBG's poor performance, meant that the algorithm was largely ignored. Most software didn't implement it, and the software that did generally didn't use it.

Read 4 remaining paragraphs | Comments



Security experts are calling for the removal of a National Security Agency employee who co-chairs an influential cryptography panel, which advises a host of groups that forge widely used standards for the Internet Engineering Task Force (IETF).

Kevin Igoe, who in a 2011 e-mail announcing his appointment was listed as a senior cryptographer with the NSA's Commercial Solutions Center, is one of two co-chairs of the IETF's Crypto Forum Research Group (CFRG). The CFRG provides cryptographic guidance to IETF working groups that develop standards for a variety of crucial technologies that run and help secure the Internet. The transport layer security (TLS) protocol that underpins Web encryption and standards for secure shell (SSH) connections used to securely access servers are two examples. Igoe has been CFRG co-chair for about two years, along with David A. McGrew of Cisco Systems.

Igoe's leadership had largely gone unnoticed until reports surfaced in September that exposed the role NSA agents have played in "deliberately weakening the international encryption standards adopted by developers." Until now, most of the resulting attention has focused on cryptographic protocols endorsed by the separate National Institute for Standards and Technology. More specifically, scrutiny has centered on a random number generator that The New York Times, citing a document leaked by former NSA contractor Edward Snowden, reported may contain a backdoor engineered by the spy agency.

Read 7 remaining paragraphs | Comments


Google executives showed up at the Homestead Miami Speedway in Florida to show support for their new team and to get a look at the Atlas robot, built by Boston Dynamics, and one of the stars of the challenge.
T-Mobile USA looks set to reveal the next step in its "un-carrier" plan at January's CES in Las Vegas.
The downturn in the PC industry may soon reach rock bottom, where it could stabilize even as cheap tablets stay hot, an analyst said today.
IBM has reached into its software portfolio to provide a more sophisticated scheduler for the OpenStack deployments it builds for its customers.
LinuxSecurity.com: A vulnerability has been discovered and corrected in php: The asn1_time_to_time_t function in ext/openssl/openssl.c in PHP before 5.3.28, 5.4.x before 5.4.23, and 5.5.x before 5.5.7 does not properly parse (1) notBefore and (2) notAfter timestamps in X.509 [More...]
LinuxSecurity.com: Laurent Butti and Garming Sam discored multiple vulnerabilities in the dissectors for NTLMSSPv2 and BSSGP, which could lead to denial of service or the execution of arbitrary code. [More...]
LinuxSecurity.com: Updated munin packages fix security vulnerabilities: The Munin::Master::Node module of munin does not properly validate certain data a node sends. A malicious node might exploit this to drive the munin-html process into an infinite loop with memory exhaustion [More...]
LinuxSecurity.com: Multiple vulnerabilities was found and corrected in Wireshark: The dissect_sip_common function in epan/dissectors/packet-sip.c in the SIP dissector in Wireshark 1.8.x before 1.8.12 and 1.10.x before 1.10.4 does not check for empty lines, which allows remote attackers [More...]
LinuxSecurity.com: Updated pixman packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having [More...]
LinuxSecurity.com: Updated xorg-x11-server packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having [More...]
LinuxSecurity.com: Horizon could be made to expose sensitive information over the network.
LinuxSecurity.com: An updated ca-certificates package that fixes one security issue is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate [More...]
LinuxSecurity.com: Updated nss packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate [More...]
LinuxSecurity.com: Updated kernel packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 5.9 Extended Update Support. The Red Hat Security Response Team has rated this update as having moderate [More...]
LinuxSecurity.com: Keystone access controls could be circumvented via EC2-style tokens.
LinuxSecurity.com: libjpeg and libjpeg-turbo could be made to expose sensitive information.

Credit and debit card accounts stolen in the massive data breach that recently hit retail giant Target are flooding the underground markets frequented by criminals, who are paying as much as $100 per card, according to KrebsonSecurity reporter Brian Krebs.

In a post published Friday, Krebs said he first learned of the breach after a fraud analyst at a major bank said his team bought a large number of the bank's cards on a well-known "card shop." The analyst's team was then able to work its way backward and independently confirm Target had been breached. Krebs went on to break the story, and Target eventually confirmed that about 40 million cards may have been compromised during a breach that extended from November 27 to December 15. In Friday's post, Krebs continued:

There are literally hundreds of these shady stores selling stolen credit and debit cards from virtually every bank and country. But this store has earned a special reputation for selling quality “dumps,” data stolen from the magnetic stripe on the backs of credit and debit cards. Armed with that information, thieves can effectively clone the cards and use them in stores. If the dumps are from debit cards and the thieves also have access to the PINs for those cards, they can use the cloned cards at ATMs to pull cash out of the victim’s bank account.

At least two sources at major banks said they’d heard from the credit card companies: More than a million of their cards were thought to have been compromised in the Target breach. One of those institutions noticed that one card shop in particular had recently alerted its loyal customers about a huge new batch of more than a million quality dumps that had been added to the online store. Suspecting that the advertised cache of new dumps were actually stolen in the Target breach, fraud investigators with the bank browsed this card shop’s wares and effectively bought back hundreds of the bank’s own cards.

When the bank examined the common point of purchase among all the dumps it had bought from the shady card shop, it found that all of them had been used in Target stores nationwide between Nov. 27 and Dec. 15. Subsequent buys of new cards added to that same shop returned the same result.

Krebs's account is consistent with the findings of fraud prevention service Easy Solutions. On Thursday, the company reported that its Detect Monitoring Service (DMS) had recently sensed some unusual activity.

Read 3 remaining paragraphs | Comments


Oracle is set to acquire business-to-consumer marketing software vendor Responsys for $1.5 billion in a bid to flesh out its own capabilities as well as strike back at rivals such as Salesforce.com and Microsoft.
BlackBerry is turning to Foxconn, the world's largest contract manufacturer of electronics, to jointly develop and produce some models of handset, the two companies said on Friday.
The rover that NASA's Jet Propulsion Lab has competing in DARPA's Robot Challenge today is something of a distant cousin to the robotic rover working on Mars.
After six months of contentious debate over U.S. National Security Agency surveillance programs, prompted by leaks from former government contractor Edward Snowden, the third week in December may have marked a major turning point.
BlackBerry's new CEO says he is "very interested" in trying to replicate some of the company's signature security and enterprise productivity on rival platforms.

10 tips for building secure mHealth apps
There are a number of tools within the infosec community that can be openly leveraged to help mitigate risks. Despite being relatively new, the iMAS library provides iOS developers with a set of easy-to-use tools to accomplish various security tasks in ...

and more »
Robots, 3-D printers and wearable tech are indeed cool, but they should raise red flags for IT leaders. Here's how these emerging technologies will cause operations, privacy and user policy headaches for CIOs in 2014.
Cisco NX-OS Command Line Interface (CLI) Local Arbitrary File Access Vulnerability

"Информзащита": Приглашает принять участие в Infosec CTF
RB.ru - деловая сеть
Соревнования по информационной безопасности Infosec CTF пройдут с 20-го по 23-е декабря 2013-го года. Организатором является компания "Информзащита", техническим партнером - Check Point Software Technologies. Победителю ...
«Информзащита» приглашает принять участие в Infosec CTFDailyComm.ru

all 3 news articles »
A team of engineers, students and professors from Worcester Polytechnic Institute spent hours last night working in a garage normally reserved for NASCAR pit crews, tweaking code and making sure their robot can climb a steep flight of stairs.
Two Seattle-area men, including a former senior manager in Microsoft's finance department, were charged Thursday with 35 criminal counts of illegal insider trading by U.S. prosecutors and face up to 20 years in prison.
The International Trade Commission has ruled against InterDigital in a complaint that alleged Huawei, Nokia, ZTE had infringed the company's patents.
Verizon Communications will report on law-enforcement requests for information on its customers that it received in 2013, following similar moves that major online companies have made but rival AT&T has not.
One of the first companies that announced an ARM server chip, Calxeda, has folded operations and is now pursuing ways to repurpose or sell its intellectual property.
A pair of eBay profiteers are trying to cash in on the shortages of Apple's new Vader-esque Mac Pro desktop computer by pricing their machines at nearly double the retail value.
Avoid these benchmarking boners if you want to get useful data from your system tests.

Posted by InfoSec News on Dec 20


By Antone Gonsalves
December 19, 2013

The Target security breach that left millions of debit and credit card holders
at risk of becoming victims of fraud left experts pondering the question of how
such a massive theft might have occurred.

Theories varied, but the scant details released by the retailer Thursday left
some experts...

Posted by InfoSec News on Dec 20


By Brittany Ballenstedt
December 19, 2013

The Homeland Security Department has opened up more than 100 volunteer
positions across the country to college students pursuing a degree in a
cybersecurity-related field.

The 2014 Secretary’s Honors Program Cyber Student Volunteer Initiative
will provide unpaid student...

Posted by InfoSec News on Dec 20


By Aliyana Traison
Dec. 19, 2013

An Iran-linked hacker group calling itself the Islamic Cyber Resistance
claims it infiltrated the servers of the Israel Defense Forces earlier
this week and extracted the personal details of top army officers.

The group posted the information, which it says includes job titles,
passwords, postal and email addresses, phone numbers...

Posted by InfoSec News on Dec 20


Dec 20,2013

HANGZHOU -- Two Chinese hackers, previously imprisoned for creating a
notorious computer virus, stood trial again on Thursday for allegedly
running online gambling games.

A court in Lishui City, east China's Zhejiang Province, heard the case
against 26 people including Zhang Shun and Li Jun, creators of "joss-stick
burning panda" that...

Posted by InfoSec News on Dec 20


By Dan Goodin
Ars Technica
Dec 19 2013

An online poker service that deals solely in Bitcoin has issued a
mandatory password reset one day after someone published login credentials
for more than 42,000 enthusiasts of the card game and digital currency.

An advisory published Thursday by Seals with Clubs warns, "Our database...

Channel Pro

2014 Predictions: Information Security
Channel Pro
For the channel, even customers with reduced IT budgets still managed to find cash for information security products. According to analyst Canalys, even though global InfoSec spending had a healthy six percent growth, EMEA was the slowest-growing ...

and more »
RealPlayer 'RMP' File Processing Remote Heap Buffer Overflow Vulnerability
PDFCool Studio CVE-2013-4986 Buffer Overflow Vulnerability
Wordpress prettyPhoto Plugin Cross Site Scripting Vulnerability
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Internet Storm Center Infocon Status