InfoSec News

The PC era is giving way to a world centered on data, where devices and infrastructure are shaped by the information that users want to get from them, VMware President and CEO Paul Maritz said on Wednesday.
 
U.S. federal law enforcement authorities working in cooperation with their counterparts in more than 10 countries have disrupted the operations of two gangs responsible for distributing malicious scareware programs to more than 1 million people.
 
Cloud computing is widely perceived as a threat to Microsoft, because the maker of Windows and Microsoft Office earns the lion's share of its money selling licenses for packaged software.
 
Microsoft's BPOS cloud-hosted communication and collaboration suite suffered an outage on Wednesday, the latest in a string of technical problems in recent months.
 
A hacking group in the Netherlands promises to publish photos, phone numbers and addresses of LulzSec members in response to similar treatment by LulzSec.
 
The FBI has taken aim at two Latvian gangs that allegedly made tens of millions of dollars by sneaking fake virus warnings onto victims' computers and then charging them to clean up the mess.
 
Twitter has quite possibly become the widest, most insightful, and perpetually open window into the minds of the masses that the world has ever seen. All this tweeting can be invaluable for any number of uses -- but only if you know how to find what you need.
 

The Department of Justice and FBI on Wednesday said they broke up two international cybercrime rings that caused more than $74 million in losses to more than one million computer users through the sale of fake security software.

Two Latvians were arrested and more than 40 computers, servers and bank accounts were seized as part of Operation Trident Tribunal, an international law enforcement effort targeting cybercrime, according to the DOJ. Twenty-two computers and servers in the U.S. were seized in connection with the scareware scheme.

One of the criminal groups allegedly sold more than $72 million in fake antivirus software over a three-year period, using a variety of scams to trick nearly 960,000 computer users. Latvian authorities also executed seizure warrants for five bank accounts that allegedly were used to funnel the scam leaders’ profits.

The second group used a malicious online ad to spread rogue antivirus products, authorities said. After the ad began running on a Minneapolis news website, the suspects changed the code in the ad so visitors to the website were infected with malware that launched the scareware, according to court documents. The fake antivirus caused computers to freeze up and generate pop-up warnings; users who didn’t buy the rogue software were unable to access data and files on their computers. Prosecutors said the scam resulted in $2 million in losses. Peteris Sahurovs, 22, and Marina Maslobojeva, 23, were arrested in Latvia in connection with the scheme, authorities said.



Add to digg Add to StumbleUpon Add to del.icio.us Add to Google
 
A former employee of Baltimore Substance Abuse Systems Inc. compromised his boss computer during a presentation and replaced some of the content with pornographic material. It is customary to have policies in place that require terminated employees to be escorted out of the building by either a security officer or member of upper level administration.
However, when it comes of terminating employees, this case highlights the importance of having a solid corporate termination policy. The actions of this former employee embarrass the company during a presentation but what if he would have deleted business critical data and trashed the backups? Or copied the business critical data (i.e. financial data, client credit card data or employees information) and sold it to the highest bidder?
It is important to have a policy for limiting access to corporate technical resources after an employee has been terminated. Some basic step include: disabling user account(s), changing or locking all the passwords the former employee had access to, disabling corporate e-mail access and locking down access to their personal workstation.
An email from HR using a pre-configured template to all key stakeholders with a mean of reporting back to HR, confirming the work has been completed, would help prevent this kind of malicious activity. Of course, the account(s) should be monitored to detect potential unauthorized access. Do you have similar horror story to share?
[1] http://www.dailymail.co.uk/news/article-2006962/Fired-IT-manager-hacked-companys-swapped-boss-digital-presentation-porn.html?ito=feeds-newsxml

[2] http://www.baltimoresun.com/news/maryland/baltimore-city/bs-md-ci-computer-hacking-sentence-20110621,0,857376.story

[3] http://nakedsecurity.sophos.com/2011/06/22/hacker-ceo-presentation-porn/


-----------
Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu (c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
 
With sufficient bandwidth, video streaming would be rendered unnecessary, Vint Cerf says
 
EMC plans to hire 500 new workers by the end of 2015 to staff a new customer support facility in Utah.
 
Authorities in the U.K. today charged a 19-year-old with using a botnet he controlled to take down the website of a national police unit.
 
Websites belonging to the Brazilian government and energy giant Petrobras were knocked offline Wednesday in a series of cyberattacks.
 
Microsoft's BPOS cloud-hosted communication and collaboration suite suffered an outage on Wednesday, the latest in a string of technical problems in recent months.
 
In June of 2003, we ran a long article about organizational structures. We titled it "All Over the Map," which pretty much tells you what we concluded about how security was handled at the time: a bit like a ship with no home port, passing from executive to executive. The article had examples of security variously reporting to Human Resources, Facilities, Operations, Legal, and IT. Responsibility without authority was a theme.
 
Mozilla Firefox CVE-2011-2369 HTML Injection Vulnerability
 

Playing War Games
Internet Evolution
That was the fruitful question posed by security expert Bruce Schneier at Infosec 2011 in London last month. As Schneier pointed out, we don't yet have a clear definition of cyberwar, just a ragbag of examples of different kinds of attacks -- DOS ...

 
Analysts parsing what Microsoft revealed of Windows 8 recently are split on how big the company's gambling with its operating system. One key issue is if its "touch-first" plan - aimed at getting Windows on tablets in the Post-PC era -- will alienate enterprise users. Do you like the direction Microsoft is going with Windows 8?
 
Pentaho revamps the user interface for its flagship business intelligence software.
 
Simon Crosby, the former CTO of Citrix Systems' data center and cloud business, has formed a startup called Bromium that will aim to solve security problems in a cloud environment.
 
Critical fixes planned for Windows, Internet Explorer and Adobe Reader.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google
 
A a survey of 583 U.S companies, 90% of the respondents said their companies' computers were breached at least once by hackers over the past 12 months.
 
Corporate managers should prepare to let the new generation of tech-savvy workers use social networking tools to help in the daily business decision-making process.
 
HTB23016: Kofax e-Transactions Sender Sendbox ActiveX Control Insecure Method
 
HTB23017: XSS in FanUpdate
 
HTB23015: Easewe FTP ActiveX Control Multiple Insecure Methods
 
RIM has cut its sales target for PlayBook tablets in the second quarter to one-third of its original estimate, according to Taiwan-based suppliers cited in a report.
 
A federal judge yesterday denied Samsung's request to see samples of Apple's next-generation iPhone and iPad, court documents show.
 
Mozilla Firefox CVE-2011-2370 Security Bypass Vulnerability
 
Mozilla Firefox WebGL Invalid Write Remote Code Execution Vulnerability
 
[ MDVSA-2011:111 ] mozilla
 
Re: Perfect PDF products distributed with vulnerable MSVC++ libraries
 
[ MDVSA-2011:111 ] mozilla
 
[ MDVSA-2011:111 ] mozilla
 
IBM's Steve Mills oversees 100,000 employees and products that generate $40 billion in revenue for IBM.
 
Box.net has integrated its cloud-hosted content management application with Google's Docs online office productivity suite.
 
Nokia Wednesday said it has finalized an agreement with Accenture to develop the Symbian mobile OS as the company retrenches.
 
RETIRED: Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2011-19 through -28 Multiple Vulnerabilities
 
Mozilla Firefox WebGL Out of Bound Read Information Disclosure Vulnerability
 
Voice phone communication and email are still preferred by Americans over social networks, texting and other messaging modes for reaching out to family, friends and co-workers, according to a new survey of 2,300 adults.
 
Isis officials named Austin as their second 2012 launch market for the carrier-backed venture that relies on Near Field Communication-ready smartphones to help consumers buy goods from merchants.
 
If you don't want to waste older internal hard drives, one of these 10 drive docks can help you expand your external storage.
 
A new bill in the U.S. House of Representatives would require mobile providers to detail minimum data speeds and give other information to customers.
 
The free virtualizatin systems scores high, as does a new PC maintenance tool Slimware. The Syllable operating system, not so much.
 
SlideShare, a site for posting, viewing, rating and commenting on business presentations, documents and videos, is deepening its integration with LinkedIn, the professional networking site.
 
Elpida Memory and subsidiary Akita Elpida Memory said Wednesday that they have developed technology to mass-manufacture a four-layer DRAM package just 0.8 millimeters thick that can be used to pack more memory into thinner mobile phones and tablets.
 
Apple may face scrutiny from an Indian regulator for alleged anticompetitive behavior in connection with iPhone 4 sales in India.
 
The Indigo release train features work from 62 project teams and emphasizes Java and modeling
 
As the number of attacks on federal systems increases, more government agencies are realizing the importance of computer forensics.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google
 
H3C ER5100 Authentication Bypass Vulnerability
 
Linux Kernel 'taskstats.c' Local Denial of Service Vulnerability
 
Oracle said it entered into an agreement to acquire FatWire Software, a privately held company that specializes in software for businesses to manage their websites.
 
Unnoticed in the Tuesday release of Firefox 5 was Mozilla's decision to retire Firefox 4, the browser it shipped just three months ago.
 
Firefox, Opera, and a horde of mobile upstarts give iPhone, iPad, and Android users plenty of alternatives
 
The hacking group known as LulzSec pledged to continue their online rampage Tuesday, a day after U.K. police arrested a man allegedly affiliated with the group.
 
Winlog Pro Malformed Packet Stack Buffer Overflow Vulnerability
 
Siemens Tecnomatix FactoryLink Multiple Security Vulnerabilities
 
Internet Storm Center Infocon Status