Hackin9

InfoSec News


The rural Silicon Valley
ZDNet Australia
RT @ECCOUNCIL: Cybercrime golden age over in two years? http://t.co/0rCoszCl #infosec #hack #cybersecurity It's official. The SKA bid has ended in a three-way tie between Australia, South Africa and New Zealand: http://t.co/Wn1niauX ^LH Thats really ...

 
Cisco Systems owned up to some miscalculations in its video collaboration strategy but showed off some promising future capabilities in a briefing with media this week.
 
 
Rugged Operating System Backdoor Unauthorized Access Vulnerability
 
The U.S. Federal Communications Commission approved a rule change for part of the 800MHz band at a meeting on Thursday, opening the door for Sprint Nextel to use the band for its 4G LTE network.
 
The PCI Council will continue to issue recommendations for mobile payment security, according to Bob Russo, general manager of the PCI SSC.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google
 
Google this week received a somewhat rare accolade from a privacy rights group for publishing a detailed report on all the copyright related content removal requests it has received over the past year
 
Python PyCrypto Key Generation Weakness
 
Intuit's Quickbooks Online service suffered an outage this week that left "a small subset" of customers unable to access their data, but the company says the problems with the on-demand accounting software have now been fixed.
 
----------- Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu (c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
bsnes '.nes' File Buffer Overflow Vulnerability
 
Astronauts using a robotic arm on board the space station, grabbed hold of the unmanned Dragon cargo spacecraft while flying at speeds of 17,000 mph. It was the first time such a maneuver had taken place using a spacecraft from a commercial U.S. company.
 
The mayor of West New York, New Jersey, was arrested together with his son on Thursday, for allegedly hacking into a website that criticized him and his administration.
 
Absinthe 2.0, the jailbreak for iOS 5.1.1, is ready and available for download, the Jailbreak Dream Team announced at the Hack in the Box conference in Amsterdam on Friday.
 
Apple CEO Tim Cook has passed up about $75 million in dividend payments he would be due when his massive collection of more than 1 million shares vests in the next decade, according to a filing with the SEC.
 
A recent coding competition in the Boston area brought together IT professionals, medical workers and others with an interest in health IT to show how data analytics can improve health care.
 
Cisco is slowly killing off its Cius business tablet less than a year after it started shipping.
 
Putting your faith in the cloud can be a risky endeavor. A survey from earlier this year showed that of 600 large companies, only 27% were using public cloud Infrastructure-as-a-Service. Insider (registration required)
 
With the closing of Google's $12.5 billion acquisition of Motorola Mobility this week, talk of the possibilities for Android in the enterprise has spiked.
 
Microsoft has added ammunition to its aggressive battle to get users off Windows XP by citing a company-sponsored report that claims annual support costs for the older OS are more than five times that of Windows 7.
 
Microsoft is in the midst of an unprecedented, massive upgrade cycle for its enterprise software products, a refresh wave that represents a major challenge for CIOs and IT managers responsible for charting their companies' technology strategy.
 
CIOs and IT directors tracking the barrage of major upgrades for Windows and Office also need to stay tuned to the refresh cycle for Microsoft's servers and tools, including Windows Server 2012, SQL Server 2012, System Center 2012 and Visual Studio 11.
 
Microsoft Malware Protection Center (MMPC) posted a technical analysis of malware targeting an Adobe Flash Player (CVE-2012-0779) vulnerability to which Adobe released a critical patch update earlier this month (diary posted here). The technical analysis shows the process how the infection occurs when a malicious document is open. The technical analysis is posted here. Get the latest version of Flash Player here (Flash Player 11.2.202.233 and earlier is vulnerable).
[1] http://isc.sans.edu/diary/Adobe+Security+Flash+Update/13129

[2] http://blogs.technet.com/b/mmpc/archive/2012/05/24/a-technical-analysis-of-adobe-flash-player-cve-2012-0779-vulnerability.aspx

[3] http://get.adobe.com/flashplayer/
-----------
Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu (c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
GreHack 2012 - Call For Papers (Grenoble, France)
 
CFP: Hacktivity 2012, October 12-13, Budapest, Hungary
 
When I was about 10 years old, I decided it was time to graduate from the Scholastic Reader-approved books of my youth to what I determined was meatier, more adult fare. I checked out a book from the library about World War II--it may well have been one of those Time-Life overviews of the war that doubtlessly make serious historians cringe. But for a 10-year-old it was just the sort of stuff to spark an interest in history that continues to this day.
 
Sony released an iPhone app to access its streaming Music Unlimited service, part of its efforts to expand its online platforms to devices from rival manufacturers.
 
Google just released its transparency report disclosing data dating from July 2011. As an example, the report shows the number of requests it received over the past month; the number URL removal requests (1,255,402), by targeted domains (24,374), by copyright owners (1,314) and by reporting organizations (1,099). The full report is available here. A blog posted by Google Fred von Lohmann, Senior Copyright Counsel is available here.
[1] http://www.google.com/transparencyreport/removals/copyright/

[2] http://googleblog.blogspot.ca/2012/05/transparency-for-copyright-removals-in.html
-----------
Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu (c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
A Japanese robotics lab has developed a new emergency response prototype that will soon be put to work at the crippled Fukushima Daiichi nuclear plant in northern Japan.
 
There is a bipartisan push to automatically give green cards to foreign students pursing master's degrees and above in science, technology, engineering and math. The H-1B visa hasn't disappeared, and its use will be part of the green card debate. Here's a Q&A guide to what's going on.
 
The Executive Branch of the Minnesota state government uses cloud-hosted Microsoft email and collaboration software, first as part of BPOS and later, Office 365.
 
CIOs and IT directors tracking the barrage of major upgrades for Windows and Office also need to stay tuned to the refresh cycle for Microsoft's servers and tools, including Windows Server 2012, SQL Server 2012, System Center 2012 and Visual Studio 11.
 
Microsoft is in the midst of an unprecedented, massive upgrade cycle for its enterprise software products, a refresh wave that represents a major challenge for CIOs and IT managers responsible for charting their companies' tech strategy.
 
SimpleAir in Texas said Thursday it had settled its patent infringement litigation against Apple, and entered into a confidential license agreement by which Apple had taken a license to its patents.
 
The most popular language for Web apps, PHP tends to buckle under heavy loads -- unless you opt for cloud scaling and a NoSQL back end
 

Big Data bias
IT-Director.com
Its research was conducted at InfoSec, the security exhibition recently held in London. Now, as you might imagine this is a pretty specific audience, primarily consisting of IT security specialists, so the results of any research conducted with such a ...

and more »
 
Internet Storm Center Infocon Status