InfoSec News

(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
In his second inaugural address, President Barack Obama on Monday argued with certainty and forcefulness about the dangers of climate change and the role of technology in fighting it.
Oracle continues to encounter security issues with Java as the Java 7, Update 11 release is found to have two significant vulnerabilities.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google
Ganglia Unspecified PHP Code Execution Vulnerability
EMC Avamar Backup Client Insecure File Permissions Vulnerability
Iconic video game company Atari has filed for bankruptcy protection in the U.S. in an effort to separate operations from parent company Atari SA, which is based on France and has also filed for bankruptcy.
Cisco Linksys WRT54GL Router Multiple Security Vulnerabilities
Multiple SQL injection vulnerabilities in Cardoza Wordpress poll plugin
Re: EMC Avamar: World writable cache files
Many of the domain names used by a cybercriminal gang to control computers infected with the Virut malware were disabled last week in a coordinated takedown effort, Spamhaus, an organization dedicated to fighting spam, announced Saturday.
Two iPhone hackers hinted they're making progress towards developing a new jailbreak for the latest version of Apple's mobile operating system.
Research In Motion has renamed its web store BlackBerry World, as it gets ready to add more content ahead of the launch of the BlackBerry 10 operating system.
The World Wide Web Consortium (W3C) is bringing its technical and management staff to China for the first time as a way to increase collaboration between the nation's Internet industry and the Web standards group.
NoSuchCon CFP / 15-17 May 2013 / Paris, France
(AUSCERT#20131775e) AusCERT 2013 Call For Presentations - closing in 10 days
Mozilla Firefox and Microsoft Internet Explorer stall when using workaround from MS06-020 or MS06-069
[SECURITY] [DSA 2605-2] asterisk regression update
CA20121220-01: Security Notice for CA IdentityMinder [updated]
ESA-2013-008: EMC AlphaStor Multiple Vulnerabilities
[SE-2012-01] Java 7 Update 11 confirmed to be vulnerable
Recently-revised IETF I-Ds about IPv6 security
Firefox Foxit Reader Plugin 'npFoxitReaderPlugin.dll' Stack Based Buffer Overflow Vulnerability
php-Charts 'url.php' Arbitrary PHP Code Execution Vulnerability
Sony has expanded its portfolio of Android-based products with the Tablet Z, which is thinner and lighter than competing products from Apple and Google.
Online encyclopedia Wikipedia may encounter service disruptions as it is migrated to servers at a data center in Ashburn, Virginia.
Drupal Live CSS Module Arbitrary PHP Code Execution Vulnerability
Drupal RESTful Web Services Module Cross Site Request Forgery Vulnerability
Drupal Mark Complete Module Cross Site Request Forgery Vulnerability
Apple's new iMac features a redesigned case that tapers at the edges, an optional Fusion Drive for storage and an updated system architecture, making it a stylish all-in-one desktop computer. But there are some caveats, says Michael DeAgonia.
For this year's Pwn2Own contest, a total of $560,000 has been offered in prizes for the discovery of previously unknown exploits in browsers, Adobe plugins and Java

Xen 'xen_failsafe_callback()' Function Local Denial of Service Vulnerability
MoinMoin CVE-2012-6081 Multiple Arbitrary Code Execution Vulnerabilities
MoinMoin wiki CVE-2012-6080 Directory Traversal Vulnerability
MoinMoin CVE-2012-6082 Cross-Site Scripting Vulnerability
Kaspersky still considers Flame to be the cream of the espionage trojan crop despite Red October's sophistication. The C&C network for trojan is already closing down

Oracle Java Runtime Environment Multiple Unspecified Remote Code Execution Vulnerabilities
A critical hole in the Foxit Reader web browser plugin has now been closed with an updated version of the software available

Internet Storm Center Infocon Status