InfoSec News

Mozilla Firefox CVE-2012-5837 Developer Toolbar Cross Site Scripting Vulnerability
Mozilla Firefox CVE-2012-4210 Style Inspector Remote Code Execution Vulnerability
Symantec had spotted another odd piece of malware that appears to be targeting Iran and is designed to meddle with SQL databases.
Drupal Printer, email and PDF versions Cross Site Scripting Vulnerability
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-5836 Denial of Service Vulnerability
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-5835 Integer Overflow Vulnerability
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-5833 Memory Corruption Vulnerability
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-4208 Security Bypass Vulnerability
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-4204 Heap Buffer Overflow Vulnerability
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-5842 Multiple Memory Corruption Vulnerabilities
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-5843 Multiple Memory Corruption Vulnerabilities
Goatse Security hacker Andrew Auernheimer has been convicted for exploiting faulty security in one of AT&T's web sites to illegally obtain approximately 120,000 email addresses. He now faces 5 years in prison

Social engineering allowed hackers to get a Flame-like malware onto the Élysée Palace's systems where it stole strategy documents in the run up to the French Presidential election

RETIRED: Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2012-91 through -106 Multiple Vulnerabilities
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-4216 Use After Free Memory Corruption Vulnerability
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-4214 Use After Free Memory Corruption Vulnerability

From the Associated Press via The Washington Post (http://www.washingtonpost.com/world/europe/greek-police-arrest-man-on-suspicion-of-theft-of-9-million-personal-data-files-on-greeks/2012/11/20/72dc5c64-331a-11e2-92f0-496af208bf23_story.html)

The report cites a 9 million record value and notes that Greece currently has a population of around 10 million (WolframAlpha tells me that the 2010 estimate is 11.2M.) The WP article also wisely notes that 9M value is from a data-file that hasnt been de-duplicated.

This number is expected to down-- possibly drastically, depending on the time periods covered by the data (this is me guessing now.) For example if the 9M records covered 9 years, there could be an overlap for every year reducing the file down to 1M (still pretty bad.) Once youve reduced the data down to the Name/Address/Tax-ID number triples youre still not done. Typographical errors will have to be dealt with, and the possibility of Tax-ID number re-use.

The interesting questions are of course: where did these data come from and how did the man access them? Lessons Learned reports arent very effective if theyre kept internally. However it is reasonable to expect to wait until after the trial for those reports to become public.
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

InfoSec, structural engineering, and the Security Architecture Playbook
ComputerworldUK (blog)
Japan suffered a devastating disaster of unspeakable proportions last year. A massive earthquake on the eastern coast of the country triggered a deadly tsunami which caused the flooding of the Fukushima nuclear power plant. Three dominos fell at once, ...

[ MDVSA-2012:174 ] libtiff
[slackware-security] mozilla-thunderbird (SSA:2012-326-03)
[slackware-security] mozilla-firefox (SSA:2012-326-02)
[slackware-security] seamonkey (SSA:2012-326-01)
Google has added indoor floor plans to the Web version of its Maps service, allowing any device with a browser to show the way in airports, rail stations, shopping malls and museums in nine countries.
Samsung Electronics has alleged that three recent products from Apple, including the iPad mini, infringe on its patents.
A court in California has ordered Apple to produce without delay an unredacted version of its recent patent agreement with HTC, after Samsung Electronics said the agreement was relevant to its patent infringement dispute with Apple.
Facebook users will no longer be allowed to vote on proposed policy changes at the company because their comments weren't good enough.
Vulnerability merchants ReVuln are claiming to be in the possession of a 0day remote execution vulnerability for SCADA systems by several companies such as General Electric, Rockwell Automation, Schneider Electric and Siemens

Oracle Java SE CVE-2012-5067 Remote Java Runtime Environment Vulnerability
Oracle Java SE CVE-2012-1533 Remote Java Runtime Environment Vulnerability
Oracle Java SE CVE-2012-3159 Remote Java Runtime Environment Vulnerability
Facebook users will no longer be allowed to vote on proposed policy changes at the company because their comments weren't good enough.
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-5838 Memory Corruption Vulnerability
Oracle Solaris CVE-2012-1692 Local Vulnerability
Researchers at TU Berlin have discovered that the default WPA2 password on some Belkin models is not secure. Anyone in range of the router can in principle work out the WPA2 password

Mozilla Firefox/SeaMonkey/Thunderbird CVE-2012-5841 Cross Site Scripting Vulnerability
NetIQ Privileged User Manager 'ldapagnt_eval()' Remote Code Execution Vulnerability
WordPress FireStorm Professional Real Estate Plugin 'id' Parameter SQL Injection Vulnerability
Internet Storm Center Infocon Status