We are having issues with our website at this time, and are looking into the cause.  Thanx for the feedback and supporting the ISC.

Update: The layout is back to normal. 

We have also heard from Android users about issues with SSL on our website. It appears that the Certificate Authority used to sign our SSL Certificate is not recognized by Android. We don't have a fix for this right now (short of getting a new certificate). This is a well known issue with Android and will hopefully be addressed by Google in future Android patches.


tony d0t carothers --gmail


(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
One well-known gang of hackers contributed to cyberattacks on South Korea on Tuesday, which coincided with the 63rd anniversary of the start of the Korean War, according to analysis from Symantec.
Microsoft is seeking permission to disclose "aggregate statistics" about the number of requests for data it receives under the U.S. Foreign Intelligence Surveillance Act, following a similar move by Google earlier this month.

Hackers penetrated network servers belonging to Opera Software, stole at least one digital certificate, and then used it to distribute malware that incorrectly appeared to be published by the browser maker.

The attack was uncovered, halted, and contained on June 19, according to a short advisory that Opera published Wednesday morning. While administrators have cleaned the system and have yet to find any evidence of any user data being compromised, the breach still had some troubling consequences.

"The attackers were able to obtain at least one old and expired Opera code signing certificate, which they have used to sign some malware," Wednesday's advisory stated. "This has allowed them to distribute malicious software which incorrectly appears to have been published by Opera Software or appears to be the Opera browser. It is possible that a few thousand Windows users, who were using Opera between June 19 from 1.00 and 1.36 UTC, may automatically have received and installed the malicious software."

Read 3 remaining paragraphs | Comments

EMC is giving enterprises greater control over how corporate data gets distributed and to whom, plus more mobile capabilities, with the latest update to its Syncplicity service.
In its ongoing challenge to attract more users to Windows 8, Microsoft is offering bits of its Bing Internet search service to boost the functionality of third-party Windows Store applications.
Dish Network has dropped its offer to buy Clearwire, probably clearing the path for a strengthened Sprint Nextel to complete its takeover of the struggling but spectrum-rich mobile operator.
Recent leaks about surveillance programs at the U.S. National Security Agency show an agency with little regard for the U.S. Constitution and laws on the books, two past NSA leakers said Wednesday.
Aurich Lawson

Ever since the National Security Agency's secret surveillance program came to light three weeks ago, implicated companies have issued carefully worded statements denying that government snoops have direct or wholesale access to e-mail and other sensitive customer data. The most strenuous denial came 10 days ago, when Apple said it took pains to protect personal information stored on its servers, in many cases by not collecting it in the first place.

"For example, conversations which take place over iMessage and FaceTime are protected by end-to-end encryption so no one but the sender and receiver can see or read them," company officials wrote. "Apple cannot decrypt that data. Similarly, we do not store data related to customers’ location, Map searches or Siri requests in any identifiable form."

Some cryptographers and civil liberties advocates have chafed at the claim that even Apple is unable to bypass the end-to-end encryption protecting them. After all, Apple controls the password-based authentication system that locks and unlocks customer data. More subtly, but no less important, cryptographic protections are highly nuanced things that involve huge numbers of moving parts. Choices about the types of keys that are used, the ways they're distributed, and the specific data that is and isn't encrypted have a huge effect on precisely what data is and isn't protected and under what circumstances.

Read 15 remaining paragraphs | Comments

Puppet CVE-2013-3567 Remote Code Execution Vulnerability
Drupal Apache Solr Autocomplete Module Cross Site Scripting Vulnerability
Less than a day before it was scheduled to go on sale, Nvidia has pushed back the launch date of its Shield gaming device until July.
Microsoft today briefly previewed an Office application designed for the Windows "Modern," née "Metro," user interface, and said it would launch the touch-enabled suite next year.
The improbable story of the data center saved by a fuel bucket brigade is not told with fondness, even if there is a sense of pride and humor in its retelling.
RETIRED: Mozilla Firefox/Thunderbird MFSA 2013-49 through -62 Multiple Vulnerabilities

Cisco has today released four vulnerability advisories:


Affecting Cisco ASA Next-Generation Firewall, Cisco Email Security Appliance, Cisco Content Security Management Appliance, and Cisco Web Security Appliance..

Adrien de Beaupré
Intru-shun.ca Inc.
My SANS Teaching Schedule

(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
A new study from consulting firm Infosys shows consumers globally are far more relaxed about sharing their private data than we knew and far more relaxed than they should be

Australia's banks quietly swatting trojan
The Age
Australia's banks work around the clock to swat malware that steals from customers' accounts. Photo: Simon Rankin. Australia's banks have been quietly working with a Russian security and forensics firm to swat a nasty banking trojan crafted in the ...

and more »
The National Institute of Standards and Technology (NIST) has published a mobile device management guide for federal agencies seeking secure methods for workers to use smart phones and tablets.Employees want to be connected to work ...
Oracle VM VirtualBox 'tracepath' Local Denial of Service Vulnerability
Don't leave your network in the dark when you leave a job. Here are the dos and don'ts for announcing a career change on LinkedIn and other social networking sites.
Microsoft today shipped Windows 8.1, the free upgrade to Windows 8, with CEO Steve Ballmer calling it "a refined blend" of what many critics had called a jarring disconnect between its two radically different user interfaces.
Microsoft kicked off its Build conference in San Francisco this week by releasing a preview of the next version of its Visual Studio IDE, as well as updates to other development tools.
Mobile payments company Square has launched an online marketplace, an offering that an analyst said is similar to those from eBay, Amazon and Etsy, where merchants can sell products to consumers.
U.S. consumers should be able to reclaim control of their personal data from data brokers, websites and other companies, a member of the U.S. Federal Trade Commission said Wednesday.
Developers find Firefox OS the most compelling among new smartphone OSes, generating more interest than Tizen and BlackBerry 10, even though no commercial products have been launched for it yet.

For the past two years, a tight-lipped and little talked about unit within the Metropolitan Police has been conducting blanket surveillance of British citizens' public social media conversations. Following an unintentional leak and a detailed investigation, we are finally able to see some of the capabilities of this 17-man team—some of which are truly alarming.

The PRISM scandal engulfing US and UK intelligence agencies has blown the debate wide open over what privacy means in the digital age and whether the Internet risks becoming a kind of Stasi 2.0. The extent of the UK's involvement in this type of mass surveillance—which already appears exhaustive—shows just what a potential intelligence goldmine social media data can be.

But the monitoring of our online trail goes beyond the eavesdroppers in GCHQ.

Read 26 remaining paragraphs | Comments

Ransomware is starting to make itself at home in the Android scene: a new kind of malware uses pornographic content to extort money from users

Sprint announced it will soon sell two Windows Phone 8 smartphones that run over fast LTE, the HTC 8XT and the Samsung ATIV S Neo.
The Duvamis social network went online less than a month ago with a mission of keeping the identity of its posters from other users -- and site operators.
[SECURITY] [DSA 2716-1] iceweasel security update
Business intelligence experts and IT executives share their tips on how BI software can improve your bottom line and make your organization more efficient.
Spanish operator Telefonica is worried about the Android-iOS smartphone duopoly, and has joined with Microsoft in a marketing blitz that it hopes will convince consumers to pick up smartphones based on Windows Phone.
Manufacturing giant Foxconn Technology Group is on track with its goal to a create a 'million robot army', and already has 20,000 robotic machines in its factories, said CEO Terry Gou on Wednesday.
A recent targeted attack that used Chinese malware compromised over 1,000 computers belonging to dozens of South Korea organizations, according to researchers from Israeli security firm Seculert.
CIOs use their unique position--which allows them to see the broad array of interactions among employees, customers and business partners--a(c)to streamline business processes and make their companies more competitive
Oracle CEO Larry Ellison and Salesforce.com CEO Marc Benioff have had their share of public differences, but the jibes will likely be stowed away on Thursday, when the two conduct a press conference to discuss the recently announced, nine-year technology partnership between the companies.
Over three quarters of Android threats are malicious apps that send SMS messages to premium rate numbers and could be mitigated by a protection feature present in Android 4.2, according to researchers from networking vendor Juniper Networks.
Long the purview of financial firms looking for an edge as they make lightning-fast transactions, in-memory technology is starting to catch the attention of many firms that conduct real-time analysis.
LinuxSecurity.com: Updated curl packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate [More...]
LinuxSecurity.com: Konstantin Belousov and Alan Cox discovered that insufficient permission checks in the memory management of the FreeBSD kernel could lead to privilege escalation. [More...]
LinuxSecurity.com: Firefox could be made to crash or run programs as your login if itopened a malicious website.
LinuxSecurity.com: An updated thunderbird package that fixes several security issues is now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having [More...]
LinuxSecurity.com: Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having critical [More...]
Multiple XSS Vulnerabilities in Xaraya
RETIRED: php-Charts 'index.php' Arbitrary PHP Code Execution Vulnerability
OpenSSH CVE-2010-5107 Denial of Service Vulnerability
The suspected China-based hackers known as the "Comment Crew" are back at it again, a development likely to contribute to continued tensions between the U.S. and China over cyberattacks.
There's a lot to like in Windows Server 2012 R2, but the key question centers around how Microsoft will handle licensing, our reviewer says. That alone might be the gating factor for the eventual success of this OS release.
Pluggable databases bring a new level of efficiency and ease to database consolidation, while a wealth of other new features address performance, availability, and more
Microsoft today must deliver on expectations that have been mounting since the sluggish start of Windows 8 eight months ago, analysts said.
Google has begun to publish statistics about malware and phishing that it has detected as part of its Safe Browsing programme, breaking the data down to internet system level and showing that malware and contaminated links can be found everywhere

A package weighing in at just under 2GB is causing a stir on a range of online forums. It contains the source code for what was the most expensive online banking malware in existence, able to insert itself into the MBR of hard drives

LotusCMS Multiple PHP Code Execution Vulnerabilities
[SECURITY] [DSA 2714-1] kfreebsd-9 security update
[Full-disclosure] Magnolia CMS multiple access control vulnerabilities
Earlier this month, Apple unveiled iOS 7, the successor to the mobile OS that powers iPhones, iPads and iPod touch models. Not everyone is sold on the new look and feel, including columnist Alex Burinskiy.
php-Charts Arbitrary PHP Code Execution Vulnerability

Posted by InfoSec News on Jun 26


By Kelly Jackson Higgins
Dark Reading
June 25, 2013

A newly discovered attack tool used by multiple groups of Chinese-speaking
attackers has infected more than 1,000 machines in South Korea -- mainly
universities and other academic institutions.

The so-called PinkStats malware family has been in use over the past four
years, targeting various...

Posted by InfoSec News on Jun 26


By Jim Bronskill
The Canadian Press
June 24, 2013

OTTAWA - Canada's privacy czar has singled out several federal departments for
their lacklustre approach to data breaches, citing a need for better reporting,
security and tracking protocols.

Privacy commissioner Jennifer Stoddart's office has compiled a preliminary list

Posted by InfoSec News on Jun 26


By Brian Prince

From mobile security to cryptography, the Black Hat conference is slated
to introduce some 35 new zero-day vulnerabilities.

In another month, security researchers, IT professionals and hackers of
all stripes will descend on Las Vegas for the annual Black Hat security

Black Hat USA 2013 is expected...

Posted by InfoSec News on Jun 26


[Look back ten years for an example of BYOD, and what happens when employees
leave - http://www.wired.com/techbiz/media/news/2003/08/60052 - WK]

By Lisa Schmeiser
June 25, 2013

The bring your own device (BYOD) trend is gaining steam, thanks to the cost
benefits and increased productivity that can come from allowing employees to...
Novell Client for Windows 'nicm.sys' Local Privilege Escalation Vulnerability
South Korean operator SK Telecom said it launched an LTE-Advanced network on Wednesday, offering speeds of up to 150Mbps on an upgraded version of Samsung's Galaxy S4 handset.
O3b Networks, a company backed by Google and other investors, has launched its first satellites that aim to provide low-cost and high-speed connectivity to parts of the world that do not have fiber infrastructure.
The suspected China-based hackers known as the "Comment Crew" are back at it again, a development likely to contribute to continued tensions between the U.S. and China over cyberattacks.
cURL/libcURL 'curl_easy_unescape()' Heap Memory Corruption Vulnerability
Internet Storm Center Infocon Status