InfoSec News

Facebook has raised $1.5 billion in its latest funding round, putting its total valuation at $50 billion and leaving no doubt about its swift ascent in recent years to become a major Internet player and challenger to Google.
 
If you're a criminal looking for full control of the Web used by the U.S. Army's Communications-Electronics Command (CECOM), you can get it for just under US$500.
 
Sybase EAServer Multiple Vulnerabilities
 
An intellectual property expert has uncovered 43 instances where it appears that Google copied Java code without permission in the most recent versions of the Android operating system.
 
After Google's ground-shaking decision to change CEOs, the company should explain soon to customers and partners how its plans for the enterprise will evolve after Larry Page takes over in April from Eric Schmidt.
 
Despite a pedigree of ominous-looking, utilitarian forerunners and a name that conjures up memories of a bad Matthew McConaughey WWII submarine movie, Lenovo's IdeaPad U260 takes the company's laptops somewhere they've never been before--the queue for this year's style and design awards.
 
Todd Miller Sudo 'Runas_Alias' Supplementary Group Local Privilege Escalation Vulnerability
 
dpkg Patches Directory Traversal Vulnerability
 
Facebook has raised US$1.5 billion in its latest funding round, putting its total valuation at $50 billion and leaving no doubt about its swift ascent in recent years to become a major Internet player and challenger to Google.
 
A recent lawsuit filed by Sony Computer Entertainment Inc. against several security researchers for allegedly jailbreaking the company's PS3 hardware is evoking howls of protest from the Electronic Frontier Foundation (EFF).
 
AT&T may be getting ready to systematically give away its 3G MicroCell indoor base stations to some subscribers who are likely to have very poor coverage in their homes.
 
Eric Schmidt's exit as the CEO of Google won't affect the dynamics of the company's battles with Apple in the smartphone and tablet wars, analysts said today.
 
Qualcomm criticized patent reform efforts taking shape in Congress.
 
Todd Miller Sudo Group ID Change Security Vulnerability
 
Oracle Database Server Database Vault Local Information Disclosure Vulnerability
 
Oracle Database Vault Cross-Site Request Forgery Vulnerability
 
[ MDVSA-2011:018 ] sudo
 
A recent lawsuit filed by Sony Computer Entertainment Inc. against several security researchers for allegedly jailbreaking the company's PS3 hardware is evoking howls of protest from the Electronic Frontier Foundation (EFF).
 
Verizon today aired its first video advertisement for the iPhone 4, which it will start selling on Feb. 10
 
Company's Enterprise Virtualized Mobility (EVM) technology will help support employee-owned mobile phones
 
Adobe Flash Player CVE-2010-3645 Remote Memory Corruption Vulnerability
 
An intellectual property expert has uncovered 43 instances where it appears that Google copied Java code without permission in the most recent versions of the Android operating system.
 
Mozilla has blocked a Skype add-on for Firefox, saying it caused more then 40,000 crashes of the browser last week and seriously slowed page loading.
 
Adobe Flash Player (CVE-2010-2167) Multiple Heap Buffer Overflow Vulnerabilities
 
Adobe Flash Player (CVE-2009-3793) Remote Code Execution Vulnerability
 
First, get your emotions in check, and see things from her point of view.
 
As the mobile workforce increasingly uses tablets and smartphones, a nonprofit group hopes to use the devices to reduce paperwork and cut printing costs.
 
While Chinese President Hu Jintao knew he'd face some tough questions when he came to the United States this week, he probably figured most of them would come from Barack Obama and members of Congress. But you can add Microsoft CEO Steve Ballmer to that list.
 
[ GLSA 201101-08 ] Adobe Reader: Multiple vulnerabilities
 
[ GLSA 201101-09 ] Adobe Flash Player: Multiple vulnerabilities
 
[ MDVSA-2011:017 ] tetex
 
With Steve Jobs now out on another medical leave, we offer the 12 most notable hits Apple has produced under his first tenure (1977-85), to his successful return from 1997 to today.
 
Apple has pulled the online profile of a company whose CIO was convicted last month of embezzling more than $500,000 from his employer.
 
Jobs takes his leave, iPad hackers hope for reprieve
 
[ MDVSA-2011:016 ] t1lib
 
Verizon has filed a lawsuit challenging the authority of the FCC to impose the net neutrality rules approved last month. The question boils down to interpreting the powers granted to the FCC by Congress, and Verizon is hoping to find a sympathetic court that sees things its way.
 
[TEHTRI-Security] CVE-2010-2599: Update your BlackBerry
 
[security bulletin] HPSBMA02622 SSRT100342 rev.1 - HP Business Availability Center (BAC) and Business Service Management (BSM), Remote Cross Site Scripting (XSS)
 
[security bulletin] HPSBUX02623 SSRT100355 rev.1 - HP-UX Running Kerberos, Remote Unauthorized Modification
 
London DEFCON - DC4420 - Tuesday 25th January 2011 - SOCIAL
 
Businesses are better off deploying multivendor networks, no matter what Cisco and other large network vendors may tell you, according to a recent report from Gartner.
 
Twitter has been resetting passwords for accounts that started distributing links promoting fake antivirus software in an attack that used Google's Web address shortening service to conceal the links' destination.
 
Should revenge assaults be just another security tool large IT shops use to counter cyber attacks?
 
InfoSec News: Secunia Weekly Summary - Issue: 2011-03: ========================================================================
The Secunia Weekly Advisory Summary 2011-01-13 - 2011-01-20
This week: 90 advisories [...]
 
InfoSec News: Soundminer Android Malware Listens, Then Steals, Phone Data: http://www.csoonline.com/article/656264/soundminer-android-malware-listens-then-steals-phone-data
By Jeremy Kirk IDG News Service January 20, 2011
Researchers have developed a low-profile Trojan horse program for Google's Android mobile OS that steals data in a way that is unlikely to [...]
 
InfoSec News: Moderators note: Hire Me! and more...: Just a quick note, I am currently in Chicago helping care for an elderly parent, and I'm looking for a new security opportunity. I'm listed on LinkedIn at: http://www.linkedin.com/in/williamknowles but please drop me a note if you're aware of something that would be a good fit to my [...]
 
InfoSec News: Mysterious "Spy" Computer In Parliament Works Differently Than Being Reported, Tech Expert Says: http://www.grapevine.is/News/ReadArticle/Mysterious-Spy-Computer-In-Parliament-Works-Differently-Than-Being-Reported-Tech-Expert-Says
By Paul Nikolov The Reykjavik Grapvine 20.1.2011
An unmarked computer found in a spare room of parliament, and connected [...]
 
InfoSec News: London 2012 Olympics faces increased cyber attack threat: http://www.guardian.co.uk/uk/2011/jan/19/london-2012-olympics-cyber-attack
By Owen Gibson sports news correspondent guardian.co.uk 19 January 2011
London Olympics organisers today warned of the increased danger of cyber attacks that could fatally undermine the technical network that supports [...]
 
InfoSec News: THOTCON 0x2 Confirmed Speakers, and Tickets On Sale NOW!!!: http://www.thotcon.org/
THOTCON (pronounced \ˈthȯt\ and taken from THree - One - Two) is a small venue hacking conference based in Chicago IL, USA. This is a non-pr ofit, non-commercial event looking to provide the best conference possible on a very limited budget. [...]
 
InfoSec News: Cyber criminals abandon 'dogs' for new, sophisticated attack methods: http://gcn.com/articles/2011/01/20/cybersecurity-reports-new-methods.aspx
By William Jackson GCN.com Jan 20, 2011
On the surface, it appears that progress is being made in the struggle for cybersecurity. Several large spammers have been shut down, the [...]
 
Company lays out technology road map for 2011 that banks on enterprises seeking enhanced integration with core systems and traditional controls.
 
Western Digital's new 3TB internal hard drive offers a huge amount of storage -- but there's a catch.
 
Why, with Google going gangbusters, would company leaders decide Eric Schmidt needs to step aside as chief executive? One analyst's speculation: To better position itself to take on Facebook.
 

Posted by InfoSec News on Jan 21

http://www.csoonline.com/article/656264/soundminer-android-malware-listens-then-steals-phone-data

By Jeremy Kirk
IDG News Service
January 20, 2011

Researchers have developed a low-profile Trojan horse program for
Google's Android mobile OS that steals data in a way that is unlikely to
be detected by either a user or antivirus software.

The malware, called Soundminer, monitors phone calls and records when a
person, for example, says their...
 

Posted by InfoSec News on Jan 21

http://www.grapevine.is/News/ReadArticle/Mysterious-Spy-Computer-In-Parliament-Works-Differently-Than-Being-Reported-Tech-Expert-Says

By Paul Nikolov
The Reykjavik Grapvine
20.1.2011

An unmarked computer found in a spare room of parliament, and connected
directly to parliament's internet system, was most certainly planted
there, a computer expert told the Grapevine. However, he says, the media
has a few misconceptions about the matter.

The...
 

Posted by InfoSec News on Jan 21

http://www.guardian.co.uk/uk/2011/jan/19/london-2012-olympics-cyber-attack

By Owen Gibson
sports news correspondent
guardian.co.uk
19 January 2011

London Olympics organisers today warned of the increased danger of cyber
attacks that could fatally undermine the technical network that supports
everything from recording world records to relaying results to
commentators.

The London Organising Committee of the Olympic Games (Locog) said it was...
 

Posted by InfoSec News on Jan 21

http://www.thotcon.org/

THOTCON (pronounced \ˈthȯt\ and taken from THree - One - Two) is a small
venue hacking conference based in Chicago IL, USA. This is a non-pr
ofit, non-commercial event looking to provide the best conference
possible on a very limited budget.

THOTCON 0x2 will be held in Chicago, IL on Friday, April 15th, 2011.

The event will be limited to 10 main talks and 300 attendees.

It will be held at a location only to be...
 

Posted by InfoSec News on Jan 21

http://gcn.com/articles/2011/01/20/cybersecurity-reports-new-methods.aspx

By William Jackson
GCN.com
Jan 20, 2011

On the surface, it appears that progress is being made in the struggle
for cybersecurity. Several large spammers have been shut down, the
number of vulnerabilities reported to the National Vulnerability
Database was down in 2010, and an international investigation broke up
an online criminal ring that had stolen millions of...
 

Posted by InfoSec News on Jan 21

========================================================================

The Secunia Weekly Advisory Summary
2011-01-13 - 2011-01-20

This week: 90 advisories

========================================================================
Table of Contents:

1.....................................................Word From...
 
Microsoft Windows Fax Cover Page Editor Double Free Memory Corruption Vulnerability
 

Webroot: Webroot Provides Channel Partners with Enhanced Email Security ...
MyNewsdesk (press release)
... service continues to maintain the highest detection rates and functionality for our customers,” said Steve Malone, Director at Infosec Technologies. ...

and more »
 
Google's decision to change CEOs, announced on the same day it reported yet another blockbuster quarter, begs the question of whether the company is trying to fix something that isn't broken.
 


Internet Storm Center Infocon Status