InfoSec News

When I saw the topic I was given for this month, I immediately burst out laughing as I have (while never violating an NDA) shared more than a few horror stories, complaints and tales of woe (from the perspective of both employee, and boss) with my fellow Handlers. In retrospect, some were not as bad as they seemed at the time, and some are far worse. In the end, as someone who has held positions from helpdesk to CISO of a global company I have a broad range of experiences to draw from in giving you my opinions on how to handle those impossible requests.



A few caveats before we begin:



This information is more suited for being used to deal with North American Style managers. Business culture in other areas is often different and these opinions may not be appropriate for those environments.



Please understand that I speak in generalizations as there are far too many variables to be specific.



This information is not meant to be used for legal or ethical issues. These are separate topics that have their own set of rules to follow.



We've all had a boss who makes impossible requests or demands.



When we get together either in the same physical room or virtually, through email, IM, chat rooms or the like, we trade war stories that, much like the fish who got away, seem to grow bigger every time the tale is told.



We pride ourselves on creative ways that we fulfilled or skirted the request, and at least once have imagined ourselves as the person who printed a day's worth of firewall logs on bright orange paper and dumped 600 pages on the boss' desk in response to a request for what we do all day.



When all is said and done, at the end of the day, the reality of the situation is still there and the impossible request still exists.



My personal belief is that impossible requests are often a sign of a manager who needs help with their management or technical skills. Especially in areas such as ours where promotion through technical excellence is common, people promoted into management often don't have the tools needed to make sure they, and their staff are not put into an impossible situation. This is not their fault. Similarly people who are trained in the art of management may not fully understand the technical aspect of the request and why it is, to you, impossible. Again, this is not their fault.



For the most part, it's not about you. Don't make the mistake of taking it personally and thinking your boss has it in for you or is trying to make you quit. if If a manager is intentionally making your life miserable you'll know it because truly impossible requests will only be part of the problem.



When you receive that impossible request, finding the reason for the request will prepare you for appropriate action. But you don't always have the time or the ability to gather this information and often need to react in a very short time period if not immediately.



What do you do?



The first thing is to make sure the request really is impossible. Many times even a brief examination of the task shows it's not. Take some time to cool down if you had an immediate negative emotional response.



After some analysis you will be in one of three different positions.



The task still seems impossible.



It's too close to tell.



It maybe possible after all.



Communication with your boss is crucial at this point and how you say what you need to say has more influence on the eventual outcome than you may know. Don't respond immediately with an email or by phone if at all possible. While either may be more comfortable, you really want face-to-face communication.



Regardless of the outcome of your analysis, ask your boss (face to face) for a meeting and discuss the request. Hopefully you know your boss well enough to know how to talk to him or her.



If you don't or you don't know what I'm talking about, Google 'personality types communication' and look at articles on identifying and communicating with the four basic personality types. If you can't find anything, feel free to contact me off-line and I'll point you to some specific resources.



During the meeting, be calm. Speaking loudly in a rushed manner with excited or worse yet, angry tones will do little more than raise your blood pressure and your manager's and may in fact make the situation worse. Finishing his or her sentences is also a bad idea.



Give your manager time to talk and wait a moment to compose your response. This is not the place for ready, fire, aim.



It has been said that you can say just about anything you want as long as you say it with a smile. Smile.



Now that you're in the meeting, you are calm and otherwise prepared, if the task is possible have a rough plan prepared outlining the solution. Problem solved, end of issue and you may even score some points if this isn't your typical behavior.



If the task still seems impossible you have two options.



One option is to tell to your boss straight out why the request can't be fulfilled. In my experience it is a rare manager that will listen to the blunt truth with little to no sugar-coating. Why? I'm not sure exactly because this is what I ask of my staff. Give me the facts as they exist. If you do receive an impossible request from a manager who wants the blunt truth, chances are the manager isn't very technical or may be technical but not particularly knowledgeable in your field. A calm discussion of the facts and providing a workable solution is usually enough to dispel whatever misunderstandings or misconceptions the manager had when making the impossible request, providing he or she has control of it.



If you don't have a manager that responds well to this direct communication style then make sure to use positive wording. For example, I would certainly be able to do this if I had ... Just make sure what you're asking for is reasonable and will allow you to get the job done. If you come back later saying you need more of whatever you had better have a very good explanation as to why.



Speaking so directly to this sort of manager is a bad idea. You are often seen as being confrontational or worse yet, you are seen as challenging your boss' authority. Even if you win, you've lost. While you may have shown off your leet technical skills and immense knowledge you made the relationship between you and your boss worse.



Asking for help understanding the bigger picture during this meeting is always a good idea as it may give you additional information. Hopefully your manager will see your point and give you the resources needed.



Why do we get these requests?



It could be that the action was dictated by the business or it could be a request from your manager's boss. Most likely his hands are tied, and so are yours.



Maybe your manager is trying to make him- or herself look good for any one of a number of reasons. Help him or her. Explain the issue and a realistic solution. Your boss won't look good if the task truly can't be done, and they know it. Some people go so far as to imagine that another entry in their job description is Make my boss look good



Another possibility is that your boss is new to management and hasn't learned about mutiny. Explain (gently) to your boss that you want to get the job done but there are certain obstacles that are out of your control. Ask him or her to help you clear those obstacles. While stroking a manager's ego may seem unpalatable, sometimes it's the only way.



It may be that your manager is trying to show you (or someone else) that they are in control. This is a big problem. The chances of this boss acting on your concerns after a reasonable discussion are whatever comes just after zero. Document the request and your meeting and file it away somewhere safe so when you are called out for failing to complete the task you at least have a record showing that you knew the task would fail and communicated that to your boss but were ordered to do it anyway. It's not much, but it's something.



At this point it may be a tempting option to go over his or her head. Do you see that little red light blinking in the corner of your eye? That's your career dissipation light and it just went into overdrive.



Nobody likes to be run over like that. Trust me when I say that your working life at that company will be miserable until you leave.



Going to your Human Resources office is only marginally better. Your hostile workplace complaint will be taken, and your manager informed. Don't expect your boss to be nice and sweet and remove the impossible task from your shoulders.



At the end of the day unless you convince your boss otherwise, you need to fulfill that impossible request to the best of your ability and document the situation.



If this becomes the norm then maybe it's time to find a new position. Yes, times are tough but being miserable in a job you've come to hate is a terrible way to live. Life is too short to be that miserable.



I hope this has helped you learn at least a bit about dealing with (what seems like) an impossible request.



If you have any techniques you are particularly fond of, send them in and I'll post them.



I leave you with a quote to ponder which I firmly believe and have seen attributed to many different people.



Nothing is impossible, it just hasn't been done yet.
Christopher Carboni - Handler On Duty
isc dot chris at gmail dot com (c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
 
Facebook has filed lawsuits aimed at cracking down on a variety of scams that have been running wild on the social-networking site in recent months.
 
To compete with Apple's iPhone and the Android army, Microsoft needed to pull out all the stops to sell Windows Phone 7 to the masses. Windows Mobile has a miserable reputation as being not user-friendly and slow. Throw in the Microsoft Kin failure, and you've got a lot of skepticism surrounding Thankfully, Microsoft completely ditched the often frustrating, always sluggish Windows Mobile experience. Windows Phone 7 is a brand-new OS and Microsoft deserves a clean slate.
 
The game is on. Microsoft officially took its ubiquitous Office suite to the cloud this week with Office 365. And that, say industry watchers, is not good news for rival Google
 
With the newly-branded Office 365, announced this week, Microsoft has taken its BPOS service and added Office apps options. But the company repeated a longtime marketing habit with Office 365: a confusing array of versions and price points.
 
OpenStack, the open-source cloud management software project formed by hosting provider Rackspace, has met an initial development milestone, backers announced Thursday.
 
Mozilla Firefox SeaMonkey and Thunderbird 'LookupGetterOrSetter' Memory Corruption Vulnerability
 
GNU glibc Dynamic Linker '$ORIGIN' Local Privilege Escalation Vulnerability
 
Mozilla Firefox SeaMonkey and Thunderbird 'LD_LIBRARY_PATH' Local Privilege Escalation Vulnerability
 
Facebook Tuesday filed lawsuits against two individuals and a company for allegedly tricking users of the social network into revealing personal information.
 
Apple today released a revamped MacBook Air line with the first sub-$1,000 version, and previewed Mac OS X Lion, Mac App Store, and FaceTime for Mac.
 
Oracle Java SE and Java for Business CVE-2010-3573 Same Origin Bypass Vulnerability
 
Multiple Vendor TLS Protocol Session Renegotiation Security Vulnerability
 
MIT Kerberos GSS-API Checksum NULL Pointer Dereference Denial Of Service Vulnerability
 
Re: [Full-disclosure] Security-Assessment.com Advisory: Oracle JRE - java.net.URLConnection class - Same-of-Origin (SOP) Policy Bypass
 
Re: Security-Assessment.com Advisory: Oracle JRE - java.net.URLConnection class - Same-of-Origin (SOP) Policy Bypass
 
A Chandler, Ariz., man has pleaded guilty to charges related to his role in a pump-and-dump scam that inflated penny stock prices via spam and hacked computers.
 
Under a new deal with Microsoft, New York City employees will be able to access Microsoft Office cloud services
 
Clearwire said the a trial of its LTE technology in Phoenix produced speeds of more than 90 MBit/sec in specialized tests.
 
[CORE-2010-0819] LibSMI smiGetNode Buffer Overflow When Long OID Is Given In Numerical Form
 
Re: [Full-disclosure] Security-Assessment.com Advisory: Oracle JRE - java.net.URLConnection class - Same-of-Origin (SOP) Policy Bypass
 
Re: Security-Assessment.com Advisory: Oracle JRE - java.net.URLConnection class - Same-of-Origin (SOP) Policy Bypass
 
Joshua Corman, a research director at The 451 Group joins the editorial team in a discussion on how PCI has affected the security industry and a recent Verizon PCI survey.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google
 
Some of my favorite tools have been updated recently. GnuPG was recently updated to version 1.4.11. OSSECwas updated to version 2.5.1. Speaking of OSSEC, there are a number of bloggers out there participating in the 2nd Annual Week of OSSEC. Daniel Cid appears to be doing wrap-up posts every day with pointers to the various blog posts, so go check them out. Here are the wrap-ups for days 1, 2, and 3. There is some interesting stuff there for those who want to get the most out of OSSEC. I also wanted to point out an interesting tip on using wireshark/tshark to decode SSL traffic by Mark Baggett and (fellow new GSE) Doug Burks.
---------------

Jim Clausing, jclausing --at-- isc [dot] sans (dot) org

GIAC GSE #26 (c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
 
Over the last few years, the mobile devices in our lives have become much more complex and powerful, and as a result, more attractive as targets for malware authors. The iPhones, Androids, and Blackberries in our pockets (and the pockets of company executives)have more raw computing capabilities than the desktop machines of a few years ago (and the servers of a few years before that) and they run web browsers capable of running javascript or flash (hmm... haven't we seen issues with both of those technologies on other platforms?), plus they have built-in GPS capabilities that allow for tracking of our movements, and nearly constant access to the internet to potentially share that information (or any other data on the device) with the bad guys. Unfortunately, defensive capabilities have not kept pace. To make matters worse, because of their size, these new mobile devices are small enough that they are also much easier to misplace (or steal). For this reason, it is probably even more important to that the human being involved be even more vigilant than ever. In the following discussion, I also make a somewhat artificial distinction between personal and corporate use of mobile devices.
Corporate usage
For corporate mobile devices, Iwould urge a few measures (where possible)

Encryption - if the capability exists on the platform you are using, whole device encryption could provide some minimal protection to corporate (or personal)data on the device should it be lost or stolen.
Remote Wipe - the ability to remotely kill or wipe a device that has been lost or stolen should be enabled if it exists.
VPN - where possible, VPNback through the corporate environment (understanding all the issues discussed in yesterday's diaries apply here, too). This allows one to take advantage of proxies, firewalls, e-mail filtering of the corporate network. When possible, use the mobile device as a thin client to access data in the corporate network or in the cloudrather than keeping potentially sensitive data on the mobile device itself.

Personal usage
For personal devices, the biggest thing is to remember that the defenses on these mobile devices are even slimmer than on our home PCs and laptops.

Fight the urge to do things like banking, that might reveal information that could be used for identity theft, from your mobile device.
Don't click on links sent via IM, Facebook, SMS

General usage
In general, there are a few things that should probably be done all the time to protect yourself and your personal and corporate information (and they may increase your battery life, too).

Turn off the GPS and data (3G/4G/wifi) capabilities when you aren't actually using them.
If anti-virus software exists for your platform install it. It probably won't protect you from much, but if it stops even one attack, that's better than nothing.
If at all possible, don't mix corporate and personal use on the same mobile device.

I've been starting to think about mobile malware lately, and frankly, it worries me. So, what are you doing to secure your mobile devices (both corporate and personal)?
---------------

Jim Clausing, jclausing --at-- isc [dot] sans (dot) org

GIAC GSE #26 (c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
 
Apple today revamped its lightest laptop, the MacBook Air, slimming it down, ditching the hard drive for solid-state storage and introducing a smaller model that sports an 11.6-in. screen.
 
Oracle Java SE and Java for Business CVE-2010-3568 Remote Java Runtime Environment Vulnerability
 
Oracle Java SE and Java for Business CVE-2010-3562 Remote 2D Vulnerability
 
Oracle Java SE and Java for Business CVE-2010-3571 ICC Profile Vulnerability
 
Oracle Java SE and Java for Business CVE-2010-3572 Remote Sound Vulnerability
 
---------------

Jim Clausing, jclausing --at-- isc [dot] sans (dot) org (c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
 
---------------

Jim Clausing, jclausing --at-- isc [dot] sans (dot) org (c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
 
Google is working with the Israel Antiquities Authority to make the 2,000-year-old Dead Sea Scrolls available online.
 
Speaking at Interop New York, Red Hat CEO derided the current model of selling commercial software
 
More than 20% of clicks on pay-per-click (PPC) ads in the third quarter were unintended or malicious, resulting in wasted marketing money that drew Web site visitors with no interest in the product or service advertised and no intention to buy.
 
Oracle Java SE and Java for Business CVE-2010-3551 Remote Networking Vulnerability
 
Oracle Java SE and Java for Business CVE-2010-3557 Remote Swing Vulnerability
 
Oracle Java SE and Java for Business CVE-2010-3541 Remote Networking Vulnerability
 
Oracle Java SE and Java for Business CVE-2010-3548 Remote JNDI Vulnerability
 
Joshua Corman, a research director at The 415 Group joins the editorial team in a discussion on how PCI has affected the security industry and a recent Verizon PCI survey.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google
 
Verizon Wireless defended its $600 price tag for the Samsung Galaxy Tab, which goes on sale Nov. 11, noting that no service contract is required and that the device comes with embedded 3G cellular service along with Wi-Fi.
 
The other day, my wife asked me how to copy a PowerPoint presentation to a flash drive so she could take it with her to school. I was a little shocked. My very own wife doesn't know how to do this? I've failed as a husband!
 
Adobe Flash Player and AIR (CVE-2010-2214) Unspecified Memory Corruption Vulnerability
 
Adobe Flash Player and AIR (CVE-2010-2215) Unspecified Clickjacking Vulnerability
 
Linux Kernel Reliable Datagram Sockets (RDS) Protocol Local Privilege Escalation Vulnerability
 
Winamp 5.581 and Prior Multiple Buffer Overflow Vulnerabilities
 
Oracle should piggyback on Microsoft's update service to boost users' chances of running a patched version of Java, a security expert said.
 
XSS vulnerability in sNews
 
SQL Injection in 4site CMS
 
News, Infocus, Columns, Vulnerabilities, Bugtraq ...
 
Mozilla Firefox SeaMonkey and Thunderbird CVE-2010-3176 Multiple Memory-Corruption Vulnerabilities
 
Mozilla Firefox and Thunderbird CVE-2010-3175 Multiple Memory-Corruption Vulnerabilities
 
Mozilla Firefox and SeaMonkey Gopher Parser Cross Site Scripting Vulnerability
 
Microsoft .NET Framework ASP.NET Padding Oracle Information Disclosure Vulnerability
 
Re: VSR Advisories: Linux RDS Protocol Local Privilege Escalation
 
XSS vulnerability in sNews
 
NOD32 virus version 3918 is quarantining important Windows files
 
The "Conflicker" worm is set to trigger on April 1st. We provide the basic links you need to be prepared or to remove it.
 
Conflicker updates its self to include a keylogger and tools to find passwords and finanacial data.
 
So many people have asked for our help with infected computers that we put together this review of free online malware scanners.
 
FoxNews is reporting that a Hacker is attempting extort $10 million from the State of Virginia
 
The Mozilla Firefox browser experiences it`s first ever Zeroday exploit. (Fixed)
 
Researchers at the Black Hat security conference on Thursday showed an iPhone security flaw which exploits a weakness in SMS text messaging to take control of the device.
 
Guide for Applying the Risk Management Framework to Federal Information Systems: A Security Life Cycle Approach
 
This publication approves the XTS-AES mode of the AES algorithm for data on storage devices.
 
Ninthchamber asked the Office & Business Software forum why OpenOffice files don't always open in Microsoft Office.
 
Starbucks has set up an information portal accessible only via the free Wi-Fi hotspots in its U.S. coffee shops. The Starbucks Digital Network, created in partnership with Yahoo, will provide free online access to content including news stories that wouldn't normally be free, the company said.
 
Recently I wanted to order something that would include a company logo imprinted on the side. I had no trouble creating the logo, but the company wanted it in EPS format--something that few programs outside of Adobe Photoshop can create. (Freeware favorite Paint.NET can't do it; neither can GIMP.)
 
Server virtualization is already saving you money. So why not save some more? Forrester Research shares thee recommended changes.
 
Verizon Wireless will put the 7-inch Samsung Galaxy Tab running Android 2.2 on sale Nov. 11 for $599.99, the carrier said
 
Business video is expanding, both from dedicated meeting rooms out to small client devices and from large enterprises down to small businesses, in a movement that Cisco Systems plans to tap into for significant growth over the next several years.
 
U.S. Attorney General Eric Holder is visiting Beijing this week to discuss how China -- a hotbed for counterfeit goods and piracy -- can better coordinate its efforts with the U.S. to stop intellectual property rights violations.
 
Internal CIO training programs aim to keep the IT knowledge where it does the most good -- in-house.
 
IBM has developed a new rootkit-detection system designed to make it easier to detect malicious attacks on virtualized data centers.
 
The Dell EqualLogic PS6010XVS with automated storage tiering leverages fast SAS or faster SSD storage depending on workload
 
Users are bringing a new tool to their ongoing effort to get to get vendors to improve delivery of software maintenance -- a 'code of conduct for IT maintenance.'
 
A look at what Apple is likely to announce today -- and what they ought to be updating in OS X.
 
Internet shopping mall operator Rakuten has asked Japan's Fair Trade Commission to examine an Internet search deal between Yahoo Japan and Google, it said Wednesday.
 
InfoSec News: Hacker hits Kaspersky website: http://www.computerworld.com/s/article/9191921/Hacker_hits_Kaspersky_website
By Robert McMillan IDG News Service October 19, 2010
Scammers who try to trick victims into downloading fake antivirus software can strike almost anywhere. On Sunday they hit the website of [...]
 
InfoSec News: Hotel room security check: http://bobarno.com/thiefhunters/2010/08/hotel-room-security-check/
By Bambi Vincent Aug 18 2010
Bob and I sleep more nights in hotels than in our own home and, to date, we have never been ripped off in a hotel room. True, we use a certain amount of care, but our laptops are usually left out and sometimes valuables are more hidden than locked. We stay in hotels ranked from six stars to no stars, depending on our sponsors and our intentions. In each hotel room, we make a quick and automatic assessment of risks and adjust our behavior to correspond. We have never walked out of a hotel* because of safety issues; we simply adopt the necessary precautions.
We evaluate several pivotal points:
The room key: we prefer electronic card keys. Old-fashioned metal keys can be copied, and where might copies be floating around? Electronic locks are usually recoded after each guest. Most electronic locks save records of whose keys have recently gained entry. Authorized keys are registered to their users. So if a guest reports a problem, security can tap into records stored in the lock’s mechanism and see the last ten or so entries, be they housekeeping, an engineer, a minibar man, or the guest himself.
Electronic key cards should not be marked with a room number. They’re usually given in a folder which identifies the room. Leave the folder in the room when you go out and carry just the un-numbered magnetic card. If you lose the key, the safety of your room won’t be compromised.
Some hotels still use metal keys attached to a big fat ornament and expect guests to leave keys at the front desk when going out. I’m not fond of this method for several reasons. First, I prefer privacy and anonymity rather than announcing my comings and goings. In some hotels, anyone can look at the hooks or pigeonholes behind the desk and know if a room is occupied or empty. Second, I don’t care for the delay entailed in asking for the key on returning. I could just take the thing with me, but its design discourages that. So third, I don’t want to haul around a chunk of brass the size of a doorknocker. And finally, these keys are usually well identified with the name of the hotel and room number. Losing it would expose one to substantial risk. When possible, Bob and I remove the key from its chunk and just carry it, re-attaching it before check-out. At other times, we go traditional and turn in the key as the hotel suggests.
[...]
 
InfoSec News: N.Korean Hackers 'Snooping Around G20 Summit Venue': http://english.chosun.com/site/data/html_dir/2010/10/20/2010102000897.html
Oct. 20, 2010
Evidence points to North Korean hackers attempting to gather information about water supply and drainage systems, pathways of toxic materials, and traffic control near the venue of the G20 Summit in Seoul, according to the Cyber Terror Response Center of the National Police Agency.
"We detected suspicious moves surrounding the G20 Summit recently and tracked down the hackers to a server in North Korea," a government official said Tuesday.
The government is trying to find out whether this was part of an attempt to obstruct the hosting of the G20 Summit in Seoul.
 
InfoSec News: Incidence Of Cybertheft Surpasses Incidence Of Physical Theft For The First Time, Study Says: http://www.darkreading.com/security/attacks/showArticle.jhtml?articleID=227900305
By Tim Wilson DarkReading Oct 19, 2010
Incidence of theft of information and electronic data at global companies has overtaken physical theft for the first time, according to a study released yesterday. [...]
 
InfoSec News: Government Ready For Cybersecurity Deadline, Officials Say: http://www.informationweek.com/news/government/security/showArticle.jhtml?articleID=227900157
By J. Nicholas Hoover InformationWeek October 18, 2010
When the federal government flips the switch to replace the government's arduous paper-based cybersecurity compliance process with a web-based [...]
 
InfoSec News: SCADA security just got more serious: http://www.controlenguk.com/article.aspx?ArticleID=37383
Control Engineering UK 19 October 2010
There are reports that a new, more powerful, Stuxnet virus could be unleashed very soon as code is posted on the internet for anyone to copy. Manufacturing, infrastrucure and engineering industries are, therefore being urged to take even tighter preventative measures to protect themselves and not to delay doing this.
David Robinson, UK and Ireland country manager, Norman Data Defense said: ‘It was just a matter of time before the Stuxnet code was published on the web for anyone, with even the most basic knowledge of coding, to alter and potentially wreak havoc on the industry. Now is the time to review IT security, no matter how small the risk. This is big news.’
The news has been flooded with the recent security breach of a major automation company reportedly caused by the Stuxnet virus being carried on a USB memory stick. “This new type of virus has a boot file built-in and now that the code is in the hands of any malware writer it could mutate very quickly,” said Robinson.
However, it is not just memory sticks that can spread this virus. Anyone with a laptop or a device that connects remotely to a wireless network inside a company’s firewall, is putting that company at risk. It will just be a matter of time before Stuxnet, or its successors, are evolved attacking any control systems or any other system that the user connects an infected laptop or portable device to.
[...]
 
InfoSec News: Lynn: Cyberspace is the New Domain of Warfare: http://www.defense.gov/news/newsarticle.aspx?id=6131
By Cheryl Pellerin American Forces Press Service Oct. 18, 2010
With the creation of the U.S. Cyber Command in May and last week’s cybersecurity agreement between the departments of Defense and Homeland [...]
 

Posted by InfoSec News on Oct 19

http://www.computerworld.com/s/article/9191921/Hacker_hits_Kaspersky_website

By Robert McMillan
IDG News Service
October 19, 2010

Scammers who try to trick victims into downloading fake antivirus
software can strike almost anywhere. On Sunday they hit the website of
Kaspersky Lab, a well-known antivirus vendor.

Someone took advantage of a bug in a Web program used by the
Kasperskyusa.com website and reprogrammed it to try and trick visitors...
 

Posted by InfoSec News on Oct 19

http://bobarno.com/thiefhunters/2010/08/hotel-room-security-check/

By Bambi Vincent
Aug 18 2010

Bob and I sleep more nights in hotels than in our own home and, to date,
we have never been ripped off in a hotel room. True, we use a certain
amount of care, but our laptops are usually left out and sometimes
valuables are more hidden than locked. We stay in hotels ranked from six
stars to no stars, depending on our sponsors and our intentions....
 

Posted by InfoSec News on Oct 19

http://english.chosun.com/site/data/html_dir/2010/10/20/2010102000897.html

Oct. 20, 2010

Evidence points to North Korean hackers attempting to gather information
about water supply and drainage systems, pathways of toxic materials,
and traffic control near the venue of the G20 Summit in Seoul, according
to the Cyber Terror Response Center of the National Police Agency.

"We detected suspicious moves surrounding the G20 Summit recently...
 

Posted by InfoSec News on Oct 19

http://www.darkreading.com/security/attacks/showArticle.jhtml?articleID=227900305

By Tim Wilson
DarkReading
Oct 19, 2010

Incidence of theft of information and electronic data at global
companies has overtaken physical theft for the first time, according to
a study released yesterday.

According to the latest edition of the Kroll Annual Global Fraud Report,
the amount lost by businesses to fraud rose from $1.4 million to $1.7
million per $1...
 

Posted by InfoSec News on Oct 19

http://www.informationweek.com/news/government/security/showArticle.jhtml?articleID=227900157

By J. Nicholas Hoover
InformationWeek
October 18, 2010

When the federal government flips the switch to replace the government's
arduous paper-based cybersecurity compliance process with a web-based
one next month, agencies will be ready for the move, federal officials
said Friday, despite a survey released this month that showed misgivings
about...
 

Posted by InfoSec News on Oct 19

http://www.controlenguk.com/article.aspx?ArticleID=37383

Control Engineering UK
19 October 2010

There are reports that a new, more powerful, Stuxnet virus could be
unleashed very soon as code is posted on the internet for anyone to
copy. Manufacturing, infrastrucure and engineering industries are,
therefore being urged to take even tighter preventative measures to
protect themselves and not to delay doing this.

David Robinson, UK and...
 

Posted by InfoSec News on Oct 19

http://www.defense.gov/news/newsarticle.aspx?id=6131

By Cheryl Pellerin
American Forces Press Service
Oct. 18, 2010

With the creation of the U.S. Cyber Command in May and last week’s
cybersecurity agreement between the departments of Defense and Homeland
Security, DOD is ready to add cyberspace to sea, land, air and space as
the latest domain of warfare, Deputy Defense Secretary William J. Lynn
III said.

“Information technology...
 


Internet Storm Center Infocon Status