InfoSec News

The critical Flash Player flaw is being actively exploited in the wild on Windows systems.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google

Adobe Systems - Adobe Flash - Multimedia - Flash - Development Frameworks
 
-- Manuel Humberto Santander Pelez | http://twitter.com/manuelsantander | http://manuel.santander.name | msantand at isc dot sans dot org (c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
 

Infosec Island: Year One Staff Picks - Part 2
CIO (blog)
Our first year here at Infosec Island has been really exciting. The Island has really taken on a life of its own, with more contributions than we could have ...

 
With data losses mounting, universities are paying a big price for stolen information, according to a new report. A more proactive approach to security can mitigate the problem.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google

Data - Data breach - Security - Database - Data Warehousing
 
A flaw in the way ASP.NET framework implements AES encryption can be exploited by an attacker to view data inside cookies or on the Web server.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google

ASP.NET - Microsoft - Programming - Advanced Encryption Standard - NET
 
Verizon Communications has promoted Verizon Wireless CEO Lowell McAdam to president and COO of parent firm Verizon Communications, putting him in line to assume the CEO post when Ivan Seidenberg retires.
 
IBM announced Monday that it will acquire Netezza for approximately $1.7 billion in cash in an effort to expand its business analytics offerings.
 
Google has received an increased number of requests from Germans who want to omit their properties from its Street View imagery program.
 
Google added a two-factor authentication option to Google Apps on Monday, allowing enterprises to protect user accounts with a one-time code delivered through a mobile phone, in addition to the usual password.
 
Netezza's high-performance analytics capabilities will be added to IBM's offerings
 
Violin announced an array based on lower-performance but higher capacity MLC solid state drives (SSD) that is less expensive than its SLC SSD predecessor but still offers five times the performance of equivalent hard-disk drive arrays.
 
Keeping track of your work shouldn't be a job in itself, but sometimes it feels that way. Epiforge Software offers a free app that can help: The Grindstone task tracker lets you create and manage to-do lists and offers a few nifty ways that help you time how long you spend working on specific tasks. Unfortunately, though, Grindstone suffers from a bland user interface that makes using it sometimes feel a bit too much like work
 
Cirtas Systems announced its first product, a WAN accelerator that also acts as a local data cache with multiple tiers of storage, ranging from DRAM and SSDs to data replication to cloud-based storage services.
 
IBM announced Monday that it will acquire Netezza for approximately $1.7 billion in cash in an effort to expand its business analytics offerings.
 
Intermec launched a small rugged mobile computer whose size is comparable to a typical smartphone.
 
Adobe accelerated the delivery of a patch for a critical vulnerability in Flash and will ship the fix today, rather than next week as originally scheduled.
 
Facebook said it is not building a mobile phone, dismissing a TechCrunch story that it is working on software for a device from a hardware manufacturer.
 
Founded in 1970, Xerox PARC -- now just PARC -- has been home to some of computing's biggest advances, including GUIs, bitmapped displays and Ethernet networking.
 
Xerox PARC -- later just PARC -- has been the source of some of the biggest innovations in laser printing, personal computing, GUIs, networking, programming and more. To mark its 40th anniversary, employees provide a behind-the-scenes peek into PARC's culture and research projects, past and present.
 
Concerned about the loss of jobs, Ohio has become a focal point in the effort to stop offshoring and keep jobs in the U.S., something that has alarmed some IT firms in India.
 
InfoSec News: ACCU/Bletchley Autumn Lectures 2010: http://www.regonline.co.uk/builder/site/Default.aspx?eventid=890253
ACCU/Bletchley Autumn Lectures 2010 Saturday, 06 November 2010 08:30 - 19:00
Bletchley Park The Mansion Bletchley Park Milton Keynes MK3 6EB
ACCU is proud to announce its 2010 Security Conference at Bletchley Park [...]
 
InfoSec News: Cyber-criminals steal identity of one of the world's top security chiefs using Facebook: http://www.dailymail.co.uk/news/worldnews/article-1313381/Cyber-crooks-steal-identity-Ronald-K-Noble-worlds-security-chief--FACEBOOK.html
By Daily Mail Reporter 19th September 2010
The head of Interpol has warned that cybercrime is the 'most dangerous [...]
 
InfoSec News: MfD: BIS offers "tax-free money" for encryption system: http://www.praguemonitor.com/2010/09/14/mfd-bis-offers-tax-free-money-encryption-system
Czech News Agency 14 September 2010
Prague, Sept 13 (CTK) - The Czech counter-intelligence service (BIS) has offered "tax-free money" to the CircleTech private firm for an [...]
 
InfoSec News: MI5 chief: Cyber spying 'relatively straightforward' to beat: http://www.theregister.co.uk/2010/09/17/mi5_cyber/
By Chris Williams The Register 17th September 2010
Jonathan Evans, the head of MI5, has claimed the internet has made the threat of espionage by foreign countries higher than ever before, but insisted it is "relatively straightforward" to block attempts to steal data.
"The overall likelihood of any particular entity being the subject of state espionage has probably never been higher, though paradoxically many of the vulnerabilities exploited both in cyber espionage and traditional espionage are relatively straightforward to plug if you are aware of them," he said.
The common sense call is relevant to ongoing work by the year-old Office of Cyber Security in the Cabinet Office to improve basic information security across government and in businesses.
MI5, officially known as the Security Service, is responsible for counter-espionage. Evans has previously written to the bosses of big British companies to warn them of the threat online, particularly from hackers with links to the Chinese intelligence services.
Cyber security is a key issue for the ongoing Strategic Defence and Security Review, which is due to report next month. Following the first national Cyber Security Strategy last year, efforts to protect UK networks and data are expected to receive a large budget boost, against a background of cuts to other areas of defence and security.
[...]
 
InfoSec News: Cyberattacks suspected on Defense Ministry, police agency websites: http://www.japantoday.com/category/crime/view/cyberattacks-suspected-on-defense-ministry-police-agency-websites
Japan Today 19th September 2010
TOKYO -- The Defense Ministry and the National Police Agency possibly came under cyberattacks between Wednesday and Friday as it temporarily [...]
 
Google Monday added a two-step verification process to its hosted Google Apps software, a move aimed at improving security for business users.
 
Yahoo is opening a data center in upstate New York that uses a radical new design to reduce energy costs by 40 percent, the company said Monday.
 

Posted by InfoSec News on Sep 19

http://www.regonline.co.uk/builder/site/Default.aspx?eventid=890253

ACCU/Bletchley Autumn Lectures 2010
Saturday, 06 November 2010 08:30 - 19:00

Bletchley Park
The Mansion
Bletchley Park
Milton Keynes
MK3 6EB

ACCU is proud to announce its 2010 Security Conference at Bletchley Park

All the proceeds from this conference will be shared equally between the
Bletchley Park Trust and The National Museum of Computing to help with
the upkeep of the...
 

Posted by InfoSec News on Sep 19

http://www.dailymail.co.uk/news/worldnews/article-1313381/Cyber-crooks-steal-identity-Ronald-K-Noble-worlds-security-chief--FACEBOOK.html

By Daily Mail Reporter
19th September 2010

The head of Interpol has warned that cybercrime is the 'most dangerous
criminal threat we will ever face' after fraudsters stole his identity
on Facebook.

Security chief Ronald K. Noble revealed that two fake accounts were
created in his name and used to find the...
 

Posted by InfoSec News on Sep 19

http://www.praguemonitor.com/2010/09/14/mfd-bis-offers-tax-free-money-encryption-system

Czech News Agency
14 September 2010

Prague, Sept 13 (CTK) - The Czech counter-intelligence service (BIS) has
offered "tax-free money" to the CircleTech private firm for an
encryption system, the daily Mlada fronta Dnes (MfD) writes Monday.

CircleTech co-owner Jiri Satanek succeeded in recording three meetings
with BIS officers secretly, the...
 

Posted by InfoSec News on Sep 19

http://www.theregister.co.uk/2010/09/17/mi5_cyber/

By Chris Williams
The Register
17th September 2010

Jonathan Evans, the head of MI5, has claimed the internet has made the
threat of espionage by foreign countries higher than ever before, but
insisted it is "relatively straightforward" to block attempts to steal
data.

"The overall likelihood of any particular entity being the subject of
state espionage has probably never...
 

Posted by InfoSec News on Sep 19

http://www.japantoday.com/category/crime/view/cyberattacks-suspected-on-defense-ministry-police-agency-websites

Japan Today
19th September 2010

TOKYO -- The Defense Ministry and the National Police Agency possibly
came under cyberattacks between Wednesday and Friday as it temporarily
became difficult for people to access their websites, government
officials said.

The government is looking into the attacks given that a hackers’ group...
 
Oracle CEO Larry Ellison unveiled his company's entry into the private cloud computing system battles on Sunday, upping the competitive stakes between Oracle and rivals like IBM and Hewlett-Packard.
 
The first release of Oracle's long-awaited, next-generation Fusion Applications will be generally available in the first quarter of 2011, CEO Larry Ellison said during a keynote address at the OpenWorld conference in San Francisco on Sunday.
 

Internet Storm Center Infocon Status