Hackin9

BankInfoSecurity.com (blog)

InfoSec Spending: Playing Catchup
BankInfoSecurity.com (blog)
The federal government last year spent $13 billion on cybersecurity, and President Obama proposes spending $14 billion next year. Will the extra money make a difference? Perhaps. But it feels as if we'll never be fully secure regardless of how much ...

 
 

Cisco revealed a security vulnerability in a number of the company's network security virtual appliances that could give someone virtually unlimited access to them—default, pre-authorized keys for Secure Shell (SSH) sessions originally intended for "customer support" purposes. As Threatpost's Dennis Fisher reported, Cisco has released software patches that correct the problem, but there's no temporary workaround for systems that can't immediately be patched.

Cisco released an advisory on the vulnerability on June 25. There are two separate SSH key vulnerabilities for the Cisco Web Security Virtual Appliance (WSAv), Cisco Email Security Virtual Appliance (ESAv), and Cisco Security Management Virtual Appliance (SMAv).

The first is that these virtual machines, which run on VMware and KVM virtualization platforms, share a default authorized SSH key for remote login. "IP address connectivity to the management interface on the affected platform is the only requirement for the products to be exposed to this vulnerability," Cisco warned. "No additional configuration is required for this vulnerability to be exploited."

Read 3 remaining paragraphs | Comments

 

Samsung has promised to stop disabling Windows Update on hardware using its SW Update software.

The behavior came to light earlier this week after debugger and reverse engineer Patrick Barker began investigating why Windows Update kept getting disabled—checking for updates but never downloading or installing them—on a misbehaving machine. Barker discovered that Samsung's SW Update was downloading a program called Disable_Windowsupdate.exe which, true to its name, was disabling Windows Update each time the system started.

Samsung's statement today says that the company will soon stop doing it. The company said that "Samsung has a commitment to security and we continue to value our partnership with Microsoft. We will be issuing a patch through the Samsung Software Update notification process to revert back to the recommended automatic Windows Update settings within a few days. Samsung remains committed to providing a trustworthy user experience and we encourage customers with product questions or concerns to contact us directly at 1-800-SAMSUNG."

Read 1 remaining paragraphs | Comments

 

Posted by InfoSec News on Jun 26

http://www.cloudpro.co.uk/cloud-essentials/cloud-security/5177/evidentio-encourages-startups-to-boost-aws-security

By Clare Hopping
Cloud Pro
June 25, 2015

Evident.io has announced a startup and small business AWS Cloud Security
platform to help those without a dedicated security resource ensure their
Amazon cloud infrastructure is protected.

Adrian Sanabria, an analyst with 451 Research, commented: "The rise of
cloud computing has...
 
 
 

Posted by InfoSec News on Jun 26

https://fortune.com/sony-hack-part-1/

By Peter Elkind
Fortune.com
June 25, 2015

A cyber-invasion brought Sony Pictures to its knees and terrified
corporate America. The story of what really happened—and why Sony should
have seen it coming. A special three-part investigation.

On Monday, Nov. 3, 2014, a four-man team from Norse Corp., a small
“threat-intelligence” firm based in Silicon Valley, arrived early for an
11:30 a.m. meeting on...
 

Posted by InfoSec News on Jun 26

http://gizmodo.com/hacker-drama-mr-robot-is-scary-paranoia-inducing-and-1713408001

By Bryan Lufkin
Gizmodo
June 24, 2015

If you could hack into an evil corporation’s bank account and shuffle its
wealth to the 99%, would you? That’s the Anonymous-era quandary a young,
brilliant hacker grapples with in the new USA drama, Mr. Robot, which
premiers tonight at 10 p.m. I got a chance to hang out with the cast as
they were filming in New York....
 

Posted by InfoSec News on Jun 26

http://healthitsecurity.com/news/a-review-of-common-hipaa-technical-safeguards

By Elizabeth Snell
Health IT Security
June 26, 2015

HIPAA technical safeguards are just one piece of the larger health data
security plan that covered entities and their business associates must put
together. However, it is a very important aspect.

Over the next few weeks, HealthITSecurity.com will discuss some common
examples of all three HIPAA safeguards, and...
 

Posted by InfoSec News on Jun 26

http://www.theatlantic.com/international/archive/2015/06/hackers-cyber-china-russia/396812/

By MOISÉS NAÍM
The Atlantic
June 25, 2015

This month, two years after his massive leak of NSA documents detailing
U.S. surveillance programs, Edward Snowden published an op-ed in The New
York Times celebrating his accomplishments. The “power of an informed
public,” he wrote, had forced the U.S. government to scrap its bulk
collection of phone...
 

Posted by InfoSec News on Jun 26

http://www.wired.com/2015/06/arms-control-pact-security-experts-arms/

By Kim Zetter
Security
Wired.com
June 24, 2015

SECURITY RESEARCHERS SAY a proposed set of export rules meant to restrict
the sale of surveillance software to repressive regimes are so broadly
written that they could criminalize some research and restrict legitimate
tools that professionals need to make software and computer systems more
secure.

Critics liken the software...
 

Posted by InfoSec News on Jun 26

http://nationalmirroronline.net/new/efcc-arraigns-two-for-hacking-into-banks-internet-network/

By Matthew Irinoye
National Mirror
June 25, 2015

The Economic and Financial Crimes Commission, EFCC yesterday arraigned two
men for allegedly attempting to hack into the internet network of
Enterprise Bank Plc. The suspects include Ola Lawal, Abass Ajide while the
third person Olumide Kayode was said to be at large.

The defendants who were...
 

 This afternoon, Eric Saldarriaga, a private investigator from Astoria, New York, will be sentenced in federal court for his part in a conspiracy to hack into the e-mail accounts of more than 50 individuals as part of his investigations. (He has pled guilty.) Among his victims are two prominent critics of the Church of Scientology, both of whom were recently featured in the book and HBO documentary film Going ClearUpdate: Saldarriaga received a sentence of three months imprisonment, three years of supervised probation, and a $1,000 fine.

Who were Saldarriaga's clients? That remains unclear; court documents haven't revealed it, and the transcripts of his guilty plea are still held by the court awaiting redaction. But both Scientology critics are now convinced that it was the church which set Saldarriaga on them. "There can be no doubt that one of Mr. Saldarriaga’s clients is Scientology," Mike Rinder, a former Scientology official and one of the victims notified by the US Attorney's Office, said in a written statement sent to the court.

Ars attempted to get a comment from a church of Scientology spokesperson, but did not receive a response in time for publication. We will update this story if we receive comment.

Read 16 remaining paragraphs | Comments

 
LinuxSecurity.com: Several security issues were fixed in Python.
 
LinuxSecurity.com: Updated kvm packages that fix one security issue are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Important security [More...]
 
LinuxSecurity.com: An updated Adobe Flash Player package that fixes one security issue is now available for Red Hat Enterprise Linux 5 and 6 Supplementary. Red Hat Product Security has rated this update as having Critical security [More...]
 
LinuxSecurity.com: Updated kernel packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 5.6 Long Life. Red Hat Product Security has rated this update as having Important security [More...]
 
LinuxSecurity.com: Updated nss and nss-util packages that fix one security issue, several bugs and add various enhancements are now available for Red Hat Enterprise Linux 6 and 7. [More...]
 
LinuxSecurity.com: Updated chromium-browser packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having Important security [More...]
 
LinuxSecurity.com: Several security issues were fixed in Tomcat.
 
LinuxSecurity.com: Updated php55-php packages that fix multiple security issues are now available for Red Hat Software Collections 2. Red Hat Product Security has rated this update as having Important security [More...]
 
LinuxSecurity.com: Updated rh-php56-php packages that fix multiple security issues are now available for Red Hat Software Collections 2. Red Hat Product Security has rated this update as having Important security [More...]
 
LinuxSecurity.com: Several security issues were fixed in Tomcat.
 
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
Internet Storm Center Infocon Status