InfoSec News

Sprint Nextel is ending unlimited data plans for all devices except smartphones, bringing the era of all-you-can-eat mobile data in the U.S. nearer to a close.
TeamSHATTER Security Advisory: Buffer Overflow in Oracle Database (CTXSYS.DRVDISP.TABLEFUNC_ASOWN function)
TeamSHATTER Security Advisory: SQL Injection Vulnerability in Oracle DROP INDEX for spatial datatypes
TeamSHATTER Security Advisory: Database Vault Account Management Vulnerabilites
TYPO3 pdf_generator2 Extension Remote Commend Execution and Remote File Disclosure Vulnerabilities
Oracle Database Server Database Vault 'DV_ACCTMGR' Privileges Remote Security Bypass Vulnerability
Oracle Database 'CTXSYS.DRVDISP' Local Privilege Escalation Vulnerability
Oracle Database CVE-2011-3512 SQL Injection Vulnerability
Business Intelligence tools, mobile apps and cloud application platforms are areas that will evolve and create significantly more business value between today and 2014, according to a new Forrester report on enterprise technology trends. Insider (registration required)
Experts from security vendor ESET warn that TDL4, one of the most sophisticated pieces of malware in the world, is being rewritten and improved for increased resilience to antivirus detection.
Verizon Communications reported gains in both revenue and net income for the third quarter of 2011, driven largely by growth in the company's mobile business.
Salesforce.com is rolling out a set of consulting and integration services aimed at SAP customers that want to build "social enterprises" with Salesforce.com's Force.com platform.
Did you know that Apple co-founder Steve Jobs hated Android, Google's mobile operating system? I mean, really, really hated Android. How about the fact that the Apple II's design was inspired by a kitchen appliance and that Jobs never truly respected Microsoft co-founder Bill Gates as an innovator? That's just a taste of some of the nuggets about Jobs that are packed into the book Steve Jobs by noted biographer Walter Isaacson.
Google seems to have accidentally given users a preview of an upcoming Gmail redesign.
Against a backdrop of economic uncertainty, a raft of third-quarter earnings reports this week from some of the biggest players in IT showed that while tech sales remain strong overall, there are some weak spots that are stirring concerns among market watchers.
Cisco TelePresence Video Communication Server 'User-Agent' HTTP Header HTML Injection Vulnerability
[ MDVSA-2011:158 ] phpmyadmin
inCommand Technologies, Inc. Cross-site Scripting Vulnerability
Apple iOS Free Type Font Document Multiple Memory Corruption Vulnerabilities
VUPEN Security Research - Microsoft Internet Explorer "X-UA-COMPATIBLE" Use-after-free Vulnerability
[ MDVSA-2011:157 ] freetype2
Metasploit 4.1.0 Web UI stored XSS vulnerability
Wi-Fi on college campuses is nothing new, but the University of Massachusetts at Amherst recently finished one of the biggest 802.11n deployments ever, providing wireless access to some 12,000 student dormitory residents.
Civil liberties groups have broadly welcomed a resolution by the European Parliament’s Industry Committee on Thursday that puts pressure on law-makers to come up with tougher rules in favor of net neutrality.
Acer reported loss for the second quarter in a row, as the Taiwanese company struggles with sagging PC sales and the rise of tablets.
Now in developer preview, the flagship Microsoft IDE promises a better UI, code review, and HTML5 support
If you're not content with simply surfing or watching videos on your iPad, we've found 5 cool and useful tech add-ons.
Less than a week after it announced plans for a new platform called BBX for its smartphones and tablet, Research In Motion is facing the threat of legal action from a software company in Albuquerque, New Mexico, that claims that BBx is the trademark of software it sells.
Facebook, the U.S. Department of Labor, and some other organizations are partnering to help jobless people in the country find employment through social networks.
The federal government's central website for posting thousands of federal job openings, USAjobs.gov, has seen performance problems since the government took it back this month from Monster.com, which had been running the site for years under a contract.
More than 30% of BlackBerry users in large companies said in September, a month before a global service outage, that they were looking to use a different smartphone model in 2012.
From retail chains to electric utilities to manufacturers, a growing number of U.S. corporations are harnessing the power of social networks to modernize how their employees communicate with each other, business partners and customers -- making these firms more nimble in the marketplace and leaving their less Facebook-savvy rivals trailing.
The Wall Street Journal reported Thursday that Microsoft is preparing a new bid to buy struggling Yahoo, which has prompted widespread speculation in the blogosphere.
HP Power Manager 'formExportDataLogs' Buffer Overflow Remote Code Execution Vulnerability
Oracle Java SE CVE-2011-3548 Remote Java Runtime Environment Vulnerability

Posted by InfoSec News on Oct 21

Forwarded from: c7five <c7five (at) thotcon.org>


This is just a quick note to tell you that the THOTCON 0x3 call for papers
(CFP) is now open! We are also looking for after party sponsors again this
year. If you know a company that would be interested please let them know. 


Posted by InfoSec News on Oct 21


By Brendan Kearney
The Post and Courier
October 20, 2011

Several, if not tens of thousands, of Wells Fargo customers received
portions of other customers’ bank statements in the mail Wednesday,
potentially a massive security breach for the San Francisco-based bank.

A spokesman at the bank’s headquarters reached Thursday morning had not
heard of the...

Posted by InfoSec News on Oct 21


McClatchy Newspapers
Oct. 20, 2011

MIAMI -- The mystery of Radio/TV Marti's encrypted broadcasts to Cuba,
which fueled Havana complaints of a U.S. "cyber war" against the
communist government, has been solved.

Think baseball.

The mystery began Oct. 10, when a Website that tracks U.S. government
spending on Cuba programs reported...

Posted by InfoSec News on Oct 21


By Jim Finkle
The Sydney Morning Herald
October 21, 2011

Hackers used the stock exchange's DirectorDesk app to spy on others.

Hackers who infiltrated the Nasdaq's computer systems installed
malicious software on the exchange's computers that allowed them to spy
on scores of directors of publicly held companies,...

Posted by InfoSec News on Oct 21


By J. Nicholas Hoover
October 20, 2011

Cloud computing will make the intelligence community more secure and
efficient, NSA director and U.S. Cyber Command commander Gen. Keith
Alexander said Thursday.

In a speech in Baltimore before security professionals and a subsequent
interview with InformationWeek and other media, Alexander touted the
cloud as a key part...

Posted by InfoSec News on Oct 21


The Secunia Weekly Advisory Summary
2011-10-13 - 2011-10-20

This week: 73 advisories

Table of Contents:

1.....................................................Word From Secunia...

Posted by InfoSec News on Oct 21


By Thomas Watson
Canadian Business
October 20, 2011

Most business schools offer a variety of specialities, from marketing
and accounting to corporate finance. But there is a school in Europe
with an MBA program in what faculty members call “defence against the
dark arts.” The institution in question is well-known to its stated
enemies—greedy corporate executives who...
Internet Storm Center Infocon Status