Hackin9

InfoSec News

Don Weber of InGuardians is releasing his smart meter hacking tool, but only to utilities, vendors and vendor-vetted researchers.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google
 
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
A tool for testing if web application firewalls (WAFs) are vulnerable to around 150 protocol-level evasion techniques was released at the Black Hat USA 2010 security conference on Wednesday.
 
Analysts say new Symantec CEO Steve Bennett must foster innovation, better leverage its assets and meet Wall Street expectations.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google
 
Mac security vendor Intego identified the Crisis Trojan, a new Mac OSX Trojan, as a likely future weapon for targeted attacks against Apple endpoints.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google
 
Despite new technologies and better software security, experts say cybercriminals are instead focusing on targeted social engineering attacks.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google
 
Cyber-espionage operations across the Internet are extensive yet highly targeted, says a malware researcher speaking this week at the Black Hat Conference in Las Vegas.
 
I was once called into a multinational oil company which wanted advice on a situation. One of their employees called them, because a coworker was displaying unusual behaviors. An investigation was performed, and it was learned that the coworker was giving information to a Chinese intelligence operative. At another company, an employee stopped a person from tailgating them into a facility and it turns out the tailgater was responsible for stealing more than a dozen laptops from company facilities.
 
Cloud computing services from outside the U.S. are trying to exploit perceived weaknesses in privacy laws to drive business away from U.S. providers, according to some representatives of the tech industry.
 
Mountain Lion upgrades can take as little as 13 minutes and as long as almost an hour, a New York City Apple reseller said today.
 
The analysis environment aims to provide free access to millions of malware samples, according to Rodrigo Branco, who is unveiling the system at Black Hat 2012.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google
 
Apple looked in part to Sony for inspiration in designing its first iPhone, even having an internal designer produce "Sony-like" mock-ups of cell phones that carried the name of the Japanese electronics company, according to internal Apple documents submitted to a California court.
 
Hoping to capitalize on the excitement around the pending Windows 8 launch, Microsoft has announced this year's dates for its premier developer conference, Build 2012, which will be held Oct. 30 through Nov. 2 on the company's Redmond, Washington, corporate campus.
 

#BSidesLV: 'How I broke into the InfoSec world with only a tweet and an email'
CSO (blog)
Sometimes, all you have to do to land an infosec job is display your communication skills on Twitter and WordPress. That and a follow-up email did the trick for Providence Health and Services security analyst Michael Fornal, who gave a talk on it this ...

 
After a disappointing Wall Street debut, all eyes will be on Facebook on Thursday when it makes its first quarterly earnings report as a public company.
 
Microsoft today launched a security toolkit preview that includes anti-exploit technologies created by one of the three finalists in the company's $250,000 BlueHat Prize contest.
 
Google and the European Commission could hammer out a search antitrust settlement within months, with both sides now working on the details of an agreement, EU Competition Commissioner Joaquin Almunia said Wednesday.
 
The latest version of Mac OS X, Mountain Lion, is now available. Will you be upgrading to Apple's new operating system?
 
Security specialist Symantec has sacked its CEO, Enrique Salem, as first quarter profits plummet 10%

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google
 
Cross-Site Scripting (XSS) in Redaxo
 
[slackware-security] libpng (SSA:2012-206-01)
 
Even if you don't plan to upgrade to Mountain Lion, as of today Safari 6 is available as an update for older versions of OS This new version includes numerous security fixes and improvements.
For a (long) list of fixed bugs, the the Apple security announcement [1]. There are also some new security related features:

extensions can now figure out if you are in private browsing mode, which should make it easier for extensions to avoid leak.
the https in https urls is highlighted more, and the lock with more information about the certificate is placed right next to it.
The safe password feature got redone, but it doesn't look like Safari will suggest new passwords unless you run Mountain Lion.


[1]http://support.apple.com/kb/HT5400
------

Johannes B. Ullrich, Ph.D.

SANS Technology Institute

Twitter (c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
[ MDVSA-2012:111 ] libgdata
 
APPLE-SA-2012-07-25-1 Safari 6.0
 
Detecting and stopping malicious attacks on computer networks is a central focus of computer security these days. The National Institute of Standards and Technology (NIST) is asking for comments on two updated guides on malicious ...
 
A new guide from the National Institute of Standards and Technology (NIST) describes a 'scoring system' that computer security managers can use to assess the severity of security risks arising from software features that, while ...
 
Security software vendor Symantec said that Enrique Salem, its president and chief executive officer, had stepped down immediately after the company reported that its revenue for the quarter ended June 29 grew 1% year-over-year to $1.7 billion.
 
HP's LeftHand P4000 Virtual SAN Appliance offers a wealth of flexibility with a few caveats
 
Oracle is going after users of Microsoft's SQL Server with a new tool for migrating data from SQL Server to its own MySQL database, the vendor announced Wednesday.
 
You probably saw by now that Apple unleashed Mountain Lion earlier today. If you are lucky to make it past the overloaded App store, you may already be installing it. But some of you may not be as daring, and there are some reasons to be cautious like with any major update like this. OS X includes some interesting new security features:
One important feature, Gatekeeper, implements iOS like restrictions to install software. This feature may be turned off by an administrator, but you should consider leaving it on by default. It will prevent users from installing unauthorized software. Just like in iOS, the software has to be signed by a valid Apple developer certificate. Further, you can limit software to be installed from the app store only. In OS X Lion, the command line utility spctl can be used to test this feature. Mountain Lion added a GUI configuration tool to the standard OS X settings dialog. Also see our prior diary about this tool [1].
The Roaring Apps website maintains a pretty good list of Mountain Lion compatible applications [2]. Most security tools I use appear to be compatible (Sophos Anti Virus, Kaspersky Anti Virus, Little Snitch, 1Password...). But note that RoaringApps.com is crowd sourced. To make sure, you should check the software publisher's website.
OS X 10.8 also includes a password safe feature, and improved privacy controls. For details, see Apple's list of security features [3].
Make sure to first update ALL software on your system. Various vendors released Mountain Lion specific updates as late as today.-)
[1] http://isc.sans.edu/diary.html?storyid=12631

[2]http://roaringapps.com/

[3]http://www.apple.com/osx/what-is/security.html


------

Johannes B. Ullrich, Ph.D.

SANS Technology Institute

Twitter (c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
Apple launched OS X Mountain Lion, the ninth version of the 11-year-old Mac operating system.
 
With its new operating system, Mountain Lion, Apple continues its practice of cross-pollinating between OS X and iOS, as it cherry-picks the best features for users, whether they're at a desk or on the go. Michael deAgonia offers a detailed look.
 
Apple's new Mac operating system is all about the ecosystem.
 
ARM showed strong growth in an otherwise weak semiconductor market, with robust demand for smartphone and tablet processors driving profit and revenue growth in the second quarter, the company said on Wednesday.
 
Security software vendor Symantec said Wednesday that Enrique Salem, its president and chief executive officer, had stepped down with immediate affect, after the company reported that its revenue for the quarter ended June 29 grew 1% year-over-year to $1.7 billion.
 
Microosft published an unusual knowledge base article today, warning users of certain versions of Microsoft Exchange and Sharepoint server of a remote code execution vulnerability introduced by Oracle's Outside In libraries that are included with these products. [1]
Affected Products:
Microsoft Exchange Server 2007

Microsoft Exchange Server 2010

FAST Search Server 2010 for Sharepoint
Oracle provided a patch for this issue in it's July patch release [2]. The issue si covered by Oracles Fusion Middleware fix. Outside in library version 8.3.7.77 and earlier is vulnerable. The fixed version is 8.3.7.171 (US Cert also mentions 8.3.5.6369 as fixed).
As a work around, you could disable the transcoding service, but it will no longer allow you to preview attachments. Or you could disable the advanced filter pack on FAST Search Server 2010 for SharePoint.
Oracle's Outdside In libraries are able to decode over 500 different file formats [3]. The libraries are used to be able to index content inside files like PDFs and other common file types.
It is very likely, that not only Microsoft's software is including this library. US-CERT provides a list of software that they identified.
[1]http://technet.microsoft.com/en-us/security/advisory/2737111

[2]http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html

[3]http://www.kb.cert.org/vuls/id/118913
------

Johannes B. Ullrich, Ph.D.

SANS Technology Institute

Twitter (c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
Java vulnerabilities are increasingly exploited by attackers to infect computers, and the problem could become worse if Oracle doesn't do more to secure the product and keep its installation base up to date, according to security researchers who will talk about Java-based attacks at the Black Hat USA 2012 security conference.
 
Facebook is setting up an engineering team in London that is expected to focus on its platform and mobile development, a company spokesman said on Wednesday.
 
If your mobile device doesn't come with cellular broadband, there are several ways you can add it -- but there are advantages and disadvantages to each method.
 
Microsoft released the technology preview of a new security toolkit that uses defenses inspired by one of the contestants of its BlueHat Prize security competition, the company said on Wednesday.
 
Taiwanese electronics manufacturer Foxconn Technology Group said it was in exploratory talks with Indonesian officials over serving its domestic market in some capacity, but does not have immediate plans to build factories in the country.
 
Sixty days since Dell completed the acquisition of thin-client company Wyse, the business unit is moving forward with plans to release new thin clients designed to work with Microsoft's upcoming Windows 8 OS.
 
Apple on Tuesday announced record sales of its iPad tablet, but missed Wall Street's consensus on total revenue.
 
VMware's decision to buy the network virtualization company Nicira will likely be cited as a starring example of why Silicon Valley remains the world's engine of innovation.
 
iRobot and InTouch Health unveiled a human-sized robot that allows clinicians and nurses to remotely communicate and evaluate a hospital patient's health.
 
 
Foursquare is rolling out the pilot for a new program, called Promoted Updates, which will charge merchants to send recommendations to users about their products or services, the company said Tuesday.
 
Internet Storm Center Infocon Status