InfoSec News

The FBI has launched an investigation into the "Here you have" worm, which disrupted corporate e-mail systems in the U.S. two weeks ago.
 
Fifty-seven percent of likely voters in the U.S. don't support any Internet regulation by the federal government, according to a new survey released by Broadband for America, an advocacy group with members including AT&T and Verizon Communications.
 
Advanced Micro Devices has lowered its revenue forecast for the third quarter due to weak demand for laptops in Western Europe and North America, the company said Thursday.
 
Seagate has clearly had a busy year with the launch of its GoFlex storage line. The latest entry in that line is the FreeAgent GoFlex 1.5TB portable drive, which packs half a terabyte more than the competition offers in a 2.5-inch design. The $250 drive (price as of September 23, 2010) comes with a USB 3.0 connector, too, which means that you don't have to foot the $30 bill for a cable (as you do with other models in the FreeAgent GoFlex series).
 
People are willing to adjust their ideas about privacy if they can benefit from revealing more of their personal information, the CEO of Infosys Technologies said Thursday.
 
IBM researchers have come up with a technique to view, record and study the behavior of atoms in real time, which could have a long-term impact on the way nanoscale chips and devices are built.
 
For the second day in a row, Facebook suffered an outage today, prompting a number of user complaints on other social sites, including Twitter.
 
Oracle has tapped longtime executive Charles Rozwat to head up oversight of its support organization, a job that now takes on added complexity due to the hardware products gained by the company's purchase of Sun Microsystems.
 
HTC is most likely to introduce a tablet computer after the rumored BlackPad from Research in Motion is launched, online odds maker Bookmaker.com predicts.
 
After taking some hits to his and his company's image in recent months, Facebook CEO Mark Zuckerberg may have just bought $100 million worth of good will.
 
Data store in cloud computing systems should be protected by the same privacy laws that protect information stored on personal computers, vendor executives told a Congressional committee Thursday.
 
Senior site editor Eric B. Parizo chides the grizzled security vets who are tired of news coverage about monthly and quarterly patches. Instead, he says, they should realize how critical it is.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google

Editing - Security - Patch - Advisories and Patches - Patches
 
New software called HyperSentry stealthily detects malware in the hypervisor running virtual environments and alerts administrators to respond to a compromise.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google

Malware - Security - Hypervisor - Malicious Software - Intrusion Detection Systems
 

Sick of news about the monthly patch process? You need it; here's why
SearchSecurity.com
There are many other good reasons why it's important for the industry at large to make use of the infosec news resources out there (though preferably ...

 
Microsoft has added new features to its online companion services for Microsoft Office and Windows
 
Nokia is partnering with AT&T to offer $10 million in prizes to mobile application developers targeting North American users, in yet another attempt from the mobile giant to make an impact in the U.S.
 
Dell has hired Cisco Systems veteran Dario Zamarian to lead its networking business, naming him as its first vice president dedicated to that division.
 
Marvell on Thursday announced a triple-core chip for tablets and smartphones that it says will deliver breakthrough graphics and application performance.
 
Microsoft's new Internet Explorer 9 browser will require Windows 7 Service Pack 1 (SP1), a not-yet-released major update to the operating system, the company said today.
 
Two new studies demonstrate why many companies are suffering from "buyer's remorse" after spending millions on traditional ERP rollouts.
 
The Acer Aspire 5741G-6983 is a tweener in the best possible sense of the word. It fits right between a great mainstream unit and a powerful gaming laptop. It has good input ergonomics, a nice 15.6-inch 1366 by 768 display, great everyday performance, and elegant styling. Throw in an AMD Mobility Radeon HD 5470 for smooth video and decent gaming frame rates and you have a laptop that can handle almost anything.
 
How can I possibly try to out-do the great diary Rob posted? I can't so I'm not even going to try.
Instead, and because it's been sl .. err, qu ... err ... not particularly eventful, not that we're superstitious or anything, here is a quick forensic challenge for everyone.
The first person to correctly identify this and tell me the three things that are wrong will win fame, fortune, the undying admiration of everyone who visits us and, best of all .. a ISC sticker!)


000000000 EB 52 90 4E 54 46 53 20 20 20 20 00 02 08 00 00

000000010 00 00 00 00 00 F8 00 00 01 00 01 00 00 00 00 00

000000020 00 00 00 00 80 00 80 00 FF FD FF 00 00 00 00 00

000000030 00 00 0C 00 00 00 00 00 DF FF 0F 00 00 00 00 00

000000040 F6 00 00 00 01 00 00 00 01 8A F4 BC D1 F4 BC FA

000000050 00 00 00 00 FA 33 C0 8E D0 BC 00 7C FB 68 C0 07

000000060 1F 1E 68 66 00 CB 88 16 0E 00 66 81 3E 03 00 4E

000000070 54 46 53 75 15 B4 41 BB AA 55 CD 13 72 0C 81 FB

000000080 55 AA 75 06 F7 C1 01 00 75 03 E9 D2 00 1E 83 EC

000000090 18 68 1A 00 B4 48 8A 16 0E 00 8B F4 16 1F CD 13

0000000A0 9F 83 C4 18 9E 58 1F 72 E1 3B 06 0B 00 75 DB A3

0000000B0 0F 00 C1 2E 0F 00 04 1E 5A 33 DB B9 00 20 2B C8

0000000C0 66 FF 06 11 00 03 16 0F 00 8E C2 FF 06 16 00 E8

0000000D0 40 00 2B C8 77 EF B8 00 BB CD 1A 66 23 C0 75 2D

0000000E0 66 81 FB 54 43 50 41 75 24 81 F9 02 01 72 1E 16

0000000F0 68 07 BB 16 68 70 0E 16 68 09 00 66 53 66 53 66

000000100 55 16 16 16 68 B8 01 66 61 0E 07 CD 1A E9 6A 01

000000110 90 90 66 60 1E 06 66 A1 11 00 66 03 06 1C 00 1E

000000120 66 68 00 00 00 00 66 50 06 53 68 01 00 68 10 00

000000130 B4 42 8A 16 0E 00 16 1F 8B F4 CD 13 66 59 5B 5A

000000140 66 59 66 59 1F 0F 82 16 00 66 FF 06 11 00 03 16

000000150 0F 00 8E C2 FF 0E 16 00 75 BC 07 1F 66 61 C3 A0

000000160 F8 01 E8 08 00 A0 FB 01 E8 02 00 EB FE B4 01 8B

000000170 F0 AC 3C 00 74 09 B4 0E BB 07 00 CD 10 EB F2 C3

000000180 0D 0A 41 20 64 69 73 6B 20 72 65 61 64 20 65 72

000000190 72 6F 72 20 6F 63 63 75 72 72 65 64 00 0D 0A 42

0000001A0 4F 4F 54 4D 47 52 20 69 73 20 6D 69 73 73 69 6E

0000001B0 67 00 0D 0A 42 4F 4F 54 4D 47 52 20 69 73 20 72

0000001C0 65 73 02 63 6F 6D 73 65 64 00 0D 0A 50 72 65 73

0000001D0 73 20 43 74 72 6C 2B 41 6C 74 2B 44 65 6C 20 74

0000001E0 6F 20 72 65 73 74 61 72 74 0D 0A 00 00 00 00 00

0000001F0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00


UPDATE:
Surprisingly, we don't yet have a winner.
It is the first sector of a drive so the item have been identified properly, and AA 55h is indeed missing from the end of the sector, so two problems remain to be found.
Yes, you could just load it into EnCase or something similar and have it spit out results to you, but what fun would that be? :)
Hint: I know it says NTFS when you convert the hex to ASCII, but the question is what is wrong with this. Be specific.

Christopher Carboni - Handler On Duty - isc dot chris at gmail dot com (c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
 
Tiered data pricing is coming soon to Verizon Wireless customers, Verizon Communications CEO Ivan Seidenberg said at an investor conference early today.
 
The FCC has voted to open up unused spectrum in the television band to unlicensed wireless broadband devices, a move that will give U.S. residents access to "super Wi-Fi," the agency's chairman said.
 
Financial analysts at Baron Funds are using iPads to stay connected in the office, but setting up the Wi-Fi network the tablets needed wasn't easy.
 
Microsoft is warning users that hackers are exploiting the unpatched bug in ASP.Net to hijack encrypted Web sessions.
 
NBC's new sitcom Outsourced, which takes place at a call center in India, has riled audiences on both sides of the offshoring debate, from those who say the show stereotypes Indians to anti-offshoring activists who say it makes light of a serious issue. CIO.com got a sneak peek of the pilot episode and provides a "fact check" on what the show gets right and wrong about offshore call center work.
 
If you're scratching your head about why users are ignoring security policy, maybe it's time to review your mistakes - and share them with people
 
Researchers are seeing an uptick in the number of spam-related domains from Russian registrars, a sign that cybercriminals are choosing those providers due to lax enforcement.
 
Sony Ericsson won't start updating its Android-based Xperia X10 smartphones until the end of October, according to a Thursday blog post.
 
Verizon has a good thing going with its Droid branding for its lineup of Android-powered smartphones. The branding and advertising is distinctive (if, um, slightly disconcerting), and from all indications, the Droid-branded phones are selling well.
 
Dell said it is considering the development of devices beyond PCs that would stream Internet content to regular television sets.
 
Keep prying eyes out of your online life. These Firefox add-ons can protect your privacy in the face of keyloggers, tracking networks, cross-site scripting attacks and the dreaded 'zombie cookies.'
 
A problem that affected account access for some Facebook users Wednesday has been fixed, Facebook said via its Twitter feed.
 
Today's Web browsers have different security pros and cons, and none offers a magic bullet against threats. Here's how to keep your Web surfing secure
 
The JEDEC Solid State Technology Association has created two new standards to measure endurance and reliability of SSDs, leveling the playing field among vendors.
 
Those who attended Oracle CEO Larry Ellison's keynote address at the OpenWorld conference on Wednesday hoping to learn a wealth of new detail about the vendor's long delayed Fusion Applications likely left disappointed, but plenty of vital information was available throughout the week for those interested enough to pursue it.
 

Internet Storm Center Infocon Status