Share |

InfoSec News

A lesson from the Stuxnet worm is that the private sector needs to be able to respond quickly to cyber-emergencies, said Janet Napolitano, secretary of U.S. Department of Homeland Security
 
Minnesota Senator Al Franken and the attorney general of Illinois have separately pressed Apple and Google to provide more information about the location data they collect about their end users.
 
An Iranian general who has been investigating the Stuxnet attack on Iran's nuclear program says the country has also been hit by a second targeted attack, called Stars.
 
Building out a robust app store will be key for attracting SharePoint cloud customers.
 
The U.S. Army is finalizing a software framework for Android-based devices that will let third-party software developers create interoperable mobile apps for combat soldiers. It's already being tested by the 82nd Airborne Division on a prototype device, dubbed the Joint Battle Command-Platform, or JBC-P Handheld.
 
An early beta release of Windows 8 has been leaked onto the Internet
 
Some BlackBerry PlayBook tablets that RIM released last Tuesday are suddenly failing to restart. Some even simply stop working while in use and do not restart.
 
Two men have sued Apple over the iPhone and iPad location tracking practice researchers made public last week, according to court documents.
 
[TOOL RELEASE] T50 - an Experimental Mixed Packet Injector ( v5.3)
 
Now that we're officially out of IPv4 addresses, a new marketplace has sprung up to buy and sell them (or rather, to broker transfers from one organization to another with dollar figures attached).Sites like www.depository.net, www.addrex.net and www.tradeipv4.com look like they'll be with us for a while.
Having said that, ARIN.NET continues to administer all transfers in North America (US, Canada and parts of the Caribbean), including transfers of addresses that were allocated by Internic, back before ARIN.NET existed (https://www.arin.net/about_us/media/releases/20110330.html). This is a good thing, since most ISPs won't route for an address block unless the registration is correct at the appropriate RIR (Regional Internet Registry == https://www.arin.net/knowledge/rirs.html)
I can't personally vouch for any of these sites. As always, evaluate the reputation of sites you do business on, and this certainly counts as business transactions! It's also important to run any transfer of address space through the RIR that has authority in your jurisdiction. You don't want to find that the addresses you thought you had are not in fact yours!



===============
Rob VandenBrink
Metafore (c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
 


The Sony PlayStation Network and Qriocity service have been down since Wednesday the 20th. Sony is still working on bringing them back online.Sony is communicating regularly on this - you can find their original and current updates here:
http://blog.us.playstation.com/2011/04/22/update-on-playstation-network-qriocity-services/
and
http://blog.us.playstation.com/2011/04/25/psn-update/
Reading between the lines, they seem to be following the methodology for Incident Response, commonly phrased in these steps that I learned in SEC504:

Preparation
Identification
Containment
Eradication
Recovery
Lessons Learned

Given that we're a number of days in, I hope that they are working on later phases of Eradication, making sure that the original attack vector is taken care of so that once they bring the service back online they won't see a recurrance of the event.
Hats off to them - they're doing all the right things, and communicating regularly with their client community as they do it ! I feel for them, given the length of the outage though.
===============
Rob VandenBrink
Metafore (c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
 
The two-day outage at one of Amazon's data centers has everyone questioning the reliability of infrastructure as a service offerings. Here are seven tips for limiting your risk in the event of cloud services failure.
 
Verizon Wireless on Monday said it is now offering enterprises BoxTone's mobile device management software.
 
The ranks of Wi-Fi-capable smartphones and tablets grows on a daily basis and users increasingly expect reliable Internet access everywhere they go, including retail operations.
 
An advisory committee recommends new steps the FCC can take to improve broadband deployment.
 
Several days after Amazon.com's cloud outage knocked some high-profile Web sites offline, the company said its cloud service was largely back up and running.
 
The long-awaited white iPhone 4 is more than just a smartphone of a different color, a Wall Street analyst said today.
 
Infor may be about to announce an acquisition of Lawson Software, about six weeks after news of its $1.8 billion offer for the ERP (enterprise resource planning) vendor came to light.
 
Documents revealed on the Web show a purported new Lenovo Android tablet for the enterprise market and a super-thin notebook with dramatically improved battery life.
 
As major life science companies look to increasingly outsource non-core activities, it is only natural that they would simultaneously seek to rationalize their outsourcing vendor portfolio as well.
 
A new look into Google's data centers shows extensive security measures and the destruction of old hard drives to prevent leakage of customer data.
 
Good security advice can be hard to find. Lots of experts offer help, but not all of their tips are accurate or up-to-date, and many address PC security only. That's where we come in, with a 12-step security program to keep your PC, smartphone, gadgets, and identity safe.
 
You know an industry has reached critical mass when vendors start developing software for it, and that time has come for medical marijuana.
 
Yahoo has acquired IntoNow, a start-up whose technology is designed to help television viewers discover programs and discuss them interactively with their friends.
 
For the last year or so governments have increased efforts to become more transparent by making information available about their agency decisions and operations, have increased public participation in government, and initiated plans and deployed nascent endeavors to collaborate and cooperate across all levels of government to better serve their constituents. Yes, these three are the Open Government mandates for federal agencies, but also, state and local governments have voluntarily embraced these tenets as well. Surprising in this economy of shrinking budgets, furloughed employees, and citizen demand for increasing information and services?
 
In his book "Predictably Irrational," Dan Ariely cites a study conducted at an upscale Menlo Park grocery store (speaking of which, how irrational is it that the Kindle version of this book costs $9.99, while the paperback version costs only $9.29 ... but I digress). The two professors published a paper based on the outcome of the study. Its title: Choice is Demotivating.
 
Apple iPhone owners had to wade through rivers of confusing, even contradictory, information last week regarding location tracking data. CIO.com's Bill Snyder sets the record straight and offers some useful tips.
 
Kaspersky Labs has confirmed that the kidnapped son of founder Eugene Kaspersky was freed unharmed from his captors by Russian law enforcement officials as well as the company's own security personnel.
 
An Iranian general who has been investigating the Stuxnet attack on Iran's nuclear program says the country has also been hit by a second targeted attack, called Stars.
 
Wordtrainer '.ord' File Buffer Overflow Vulnerability
 
Microsoft PowerPoint Invalid 'TimeColorBehaviorContainer' Record Remote Code Execution Vulnerability
 
Microsoft ATL/MFC Trace Tool 'dwmapi.dll' DLL Loading Arbitrary Code Execution Vulnerability
 
Uncle Sam has tapped the Android OS to be all that it can be. According to the U.S. Army's blog, the Defense Department has picked Google's Android smartphone OS to power a new military communication device: the Joint Battle Command-Platform, or JBC-P Handheld.
 
It looks almost brand new, doesn't it? (OK, ignore the missing key; that's a repair for another day.) Using cheap and simple materials that you can find in any hardware store, you too can repair chips and repaint your laptop to make it look practically brand new. To get started, all you need are the appropriate tools and an afternoon!
 
AT-TFTP Server Remote Denial of Service Vulnerability
 
[DSECRG-11-018] Kaspersky administration Kit - Remote code execution via SMBRelay
 
XSS in Webmin 1.540 + exploit for privilege escalation
 
[ACM CCS'11] Reminder: Deadline Approaching (May 6, 2011)
 
The Acer Iconia Tab A500 is the latest in the parade of Android 3.0 tablets, and with a price that undercuts Apple's iPad 2 by $50, the $450 Iconia Tab (price as of 4/23/2011) distinguishes itself in a crowded field. This tablet earns props for its many strengths, such as its inclusion of both a USB port and a microSD Card slot, support for Dolby Mobile audio, and for its custom home screen widgets that help organize applications. However, while the Iconia Tab goes far toward the goal of replacing a laptop, it still falls short -- in part due to its own hardware constraints, and in part due to software.
 
Barnes & Noble today announced Version 1.2 of its Nook Color tablet, which includes access to a new app store and a built-in email feature. The upgrade also has Android 2.2 (Froyo) and Adobe Flash Player.
 
When communications problems crop up, network pros use performance management and network troubleshooting tools get to the root of the issue.
 
Bad things can happen to virtual systems -- even good ones. Here's what to do about it.
 
An AppleInsider report by Kasper Jade Friday quotes Concord Securities analyst Ming-Chi Kuo as claiming that new MacBook Air models are on the horizon.
 
It may be a blessing as much as a curse, but Hrelic faces much the same challenges as his peers in non-IT literate workplaces
 
[security bulletin] HPSBMA02667 SSRT100464 rev.1 - HP SiteScope, Cross Site Scripting (XSS) and HTML Injection
 
[security bulletin] HPSBMA02666 SSRT100434 rev.1 - HP Network Automation Running on Linux, Solaris, and Windows, Remote Information Disclosure
 
[ MDVSA-2011:077 ] krb5
 
AST-2011-005: File Descriptor Resource Exhaustion
 
Quora is an increasingly popular social network for asking and answering questions on topics ranging from how Britney Spears was discovered to how to flee Tokyo following an earthquake. But the venture funded start-up, which was formed by a couple of ex-Facebook execs, also is filled with plenty of crowdsourced expertise about work-related topics for IT pros, such as whether Cisco will buy EMC, how the iPad might be used at work and how to improve Ubuntu.
 
WordPress WP-reCAPTCHA Plugin HTML Injection and Cross Site Request Forgery Vulnerabilities
 
In the month since Firefox 4's launch, the browser has racked up 100 million downloads, Mozilla said last weekend.
 
Bad things can happen, even to good virtual systems. Here's what to do about it.
 
These services let you connect to another computer over the Internet without much hassle in setting things up. Which option gives you the most (remote) control for your money?
 
Whether developing, testing, or deploying your apps in the cloud, you have to unlearn some beliefs and learn new ones to make it work
 
HP SiteScope Cross Site Scripting and HTML Injection Vulnerabilities
 

Infosec: Cloud computing 'explodes' the security perimeter
IDG News Service
Cloud computing makes the argument for protecting data, rather than the perimeter, stronger, according to encryption solutions provider SafeNet. Cloud computing makes the argument for protecting data, rather than the perimeter, stronger, according to ...

and more »
 
Successful technology startups are usually keen to draw attention to their hot products, not to their internal use of IT. But companies such as Groupon, Box.net, Zendesk and SlideShare can offer CIOs lessons from what they've accomplished with limited resources, a blank slate for IT infrastructure and their finger on the pulse of the latest IT tools and services.
 


Internet Storm Center Infocon Status