Hackin9
A federal court in Missouri has rejected an escrow firm's attempt to blame its bank for a $440,000 cyberheist in March 2010.
 
Microsoft on Tuesday announced that its BUILD 2013 developers conference will be held June 26-28 on Apple's home turf, San Francisco's Moscone Center.
 
A 28-year-old Romanian man was sentenced on Tuesday to five years in prison for his role in a phishing scheme, as part of a seven-year investigation by the U.S. Department of Justice.
 
Wells Fargo warned on Tuesday that its website is being targeted again by a distributed denial-of-service (DDOS) attack.
 

Sydney Morning Herald

Another US bank hit by cyber attack
Sydney Morning Herald
Wells Fargo & Co on Tuesday said its online banking website was experiencing an unusually high volume of traffic that it believes stems from a denial-of-service cyber attack. "The vast majority of customers are not impacted and customer information ...

and more »
 
If 2012 was the year of arcade, casino and hidden object games on Facebook, such as "Diamond Dash," "Bubble Witch Saga" and "Bubble Safari," the social network hopes 2013 will be the year of more immersive, strategy-oriented games.
 
A Spanish association of Linux users has filed a complaint with the European Commission over Microsoft's control of Windows 8 PC installs through the UEFI Secure Boot technology


 

Following up on Kevin Listons earlier post [How your Webhosting Account is Getting Hacked], there are some forms of abuse that can affect your hosted web site without anyone actually getting shell access. ISC reader Mark contacted us after he noticed a significant load on his Apache web server. Closer investigation revealed that his box was sending email like crazy. Even closer investigation revealed that the email being sent was one of those fake Wedding Invitation phishes that have been quite frequent this week.

Mark responded with a quick fix to stop the bleeding - he simply changed the permissions on the mail spool directory so that the web server user could no longer write to the folder, resulting in a tell-tale list of evidence in the Apache log:

[Tue Mar 26 01:05:49 2013] [error] [client 220.246.X.Y] postdrop: warning: mail_queue_enter: create file maildrop/548245.15300: Permission denied

[Tue Mar 26 01:05:49 2013] [error] [client 92.144.X.Y] postdrop: warning: mail_queue_enter: create file maildrop/583810.16922: Permission denied

[Tue Mar 26 01:05:50 2013] [error] [client 190.27.X.Y] postdrop: warning: mail_queue_enter: create file maildrop/54262.16780: Permission denied

The spammers were connecting from all over the place - more than 50 different IPs were seen in a matter of seconds. The quick fix gave Mark the time to hunt for the culprit - a PHP contact form that was configured improperly, and allowed mail relaying. Moral or the story, if the logs look like your web server is acting as a spam relay, it probably is. Keep a keen eye on those logs, and be careful with functionality that allows site visitors to bounce off your server, be it by sending email via a contact form, or by triggering queries through your server that run against a different site, like for example whois lookups. Where there is opportunity, abuse wont be far behind.


(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
Existing owners of Samsung's Galaxy S III will not be able to use the phone on T-Mobile's LTE network, which debuted Tuesday and will reach 200 million people by the end of this year.
 
 
A proposal in Congress to strengthen the penalties in the Computer Fraud and Abuse Act is a "giant leap in the wrong direction" for digital rights activists calling for changes in the law after the suicide of hacktivist Aaron Swartz earlier this year.
 
Most browser installations use outdated versions of the Java plug-in that are vulnerable to at least one of several exploits used in popular Web attack toolkits, according to security vendor Websense.
 
Microsoft confirmed Monday that Windows 8 users who upgrade the Calendar app will no longer be able to synchronize that schedule with the calendar included with Google Apps for Business, Academic or Government.
 
Yahoo announced that it is buying Summly, a company that developed an app that condenses information and makes it easily and quickly readable on mobile devices.
 
Pandora and Rosetta Stone have embraced social business tools and the cloud to cut costs, increase productivity and improve collaboration. Learn how these two companies overcame security concerns, gained executive buy-in and more.
 
Oracle has announced a batch of servers based on new Sparc processors and in the process has begun an expected shift toward converging its two families of Unix servers onto a single chip architecture.
 
If you're planning to sell or give away your iPad, then it is essential that your personal information and data be erased from it. If it's running sluggish after a few years, sometimes backing up your data, erasing it from the tablet and restoring it might improve performance.
 
In a set of announcements on Tuesday, T-Mobile USA said it would begin selling the iPhone 5 and other new phones, and announced that it had launched LTE service in seven cities. Here are some details in an FAQ.
 
FluxBB Password Reset Token Prediction Security Bypass Vulnerability
 
The SpaceX Dragon spacecraft safely splashed down in the Pacific Ocean, winding up a three-week mission to resupply the International Space Station.
 
Rural residents in North America may soon get a shot at better cellular coverage with an open-source technology being used in Antarctica, Mexico and Papua, Indonesia.
 
Security researchers from antivirus vendor Kaspersky Lab have identified a targeted email attack against human rights and political activists that distributed a custom Android Trojan app with information-stealing capabilities.
 
Google has released updates for its Google+ apps for iPhone and Android.
 
A Spanish association of Linux users today accused Microsoft of anti-competitive practices, charging that Windows 8's Secure Boot blocks users from installing rival operating systems on new PCs.
 
[security bulletin] HPSBOV02852 SSRT101108 rev.1 - HP SSL for OpenVMS, Remote Denial of Service (DoS), Unauthorized Disclosure of Information, Unauthorized Modification
 
ESA-2013-016: EMC Smarts Network Configuration Manager
 
Amid an array of industry innovations announced today, T-Mobile USA said it will sell the iPhone 5 starting April 12 for $579, with the option of paying $99 down and $20 a month for 24 months.
 
Renesas Electronics' latest system-on-a-chip has eight ARM processing cores to help next-generation, in-car infotainment systems handle multiple streams of 1080p video and augmented reality apps.
 

Malware used to spy on Tibetan activists and other ethnic groups in China is nothing new. But a new Trojan discovered by researchers at Kaspersky Labs has widened the scope of this digital espionage and intimidation. The malware uses a combination of e-mail hacking, "spear phishing," and a Trojan built specifically for Android smartphones. Kaspersky claims this is the first discovery of a targeted attack that uses mobile phone malware.

On March 25, the e-mail account of a Tibetan activist was hacked and then used to distribute Android malware to the activist's contact list. The e-mail's lure was a statement on the recent conference organized by the World Uyghur Congress that brought together Chinese democracy activists and Tibet, Southern Mongolia, and East Turkestan human rights activists. The e-mail claimed to have an attachment that was a joint letter from WUC, the Unrepresented Nations and Peoples Organization, and the Society for Threatened Peoples. If the targets opened the attachment, however, they received malware packaged in an Android APK file.

When opened, the Trojan installs an app called "Conference" on the Android devices' desktops. If the app is launched, it displays a fake message from the chairman of the WUC—while sending back a message to a command and control server to report its successful installation. The malware provides a backdoor to the device via SMS messages sent by the server. On command, it returns the phone's contact lists, call logs, data about the smartphone, its geo-location data, and any SMS messages stored on it to a server via a Web POST upload.

Read 2 remaining paragraphs | Comments

 
Video: Keith Barker of CBT Nuggets shows how to use the Mandiant Redline memory analysis tool to conduct threat assessments, defeat rootkits.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google
 
A U.S. judge dismissed a lawsuit that sought to punish Chinese Internet company Baidu for blocking pro-democracy works on its search engine. One legal expert said the case was more of a publicity stunt than an actual legal challenge to China's online censorship.
 
SynConnect PMS SQL Injection Vulnerability
 
Microsoft won't back away from a radical overall of Windows, and is determined to kill the decades-old, decades-rich desktop, analysts agreed today.
 
The robotic arm on the International Space Station released the SpaceX Dragon early this morning, sending the capsule on its way home.
 
Report OWASP WAF Naxsi bypass Vulnerability
 
[security bulletin] HPSBPV02855 SSRT100512 rev.1 - HP ProCurve 1700-8(J9079A) and 1700-24(J9080A) Switches, Cross Site Request Forgery (CSRF)
 
Adobe Reader CVE-2013-2550 Local Security Bypass Vulnerability
 
OpenStack Nova CVE-2013-1838 Denial of Service Vulnerability
 
OpenStack Glance CVE-2013-1840 Information Disclosure Vulnerability
 
Aeolus Conductor CVE-2012-6118 Remote Security Bypass Vulnerability
 
[SECURITY] [DSA 2652-1] libxml2 security update
 
During his recent visit to India, Ashar Aziz, founder of security vendor FireEye, spoke extensively to CIO Magazine on why it has now become imperative for Indian CISOs to align with their company's vision to fight next-generation threats.
 
A great pair of headphones is all you need to enjoy music from your portable device, but for those moments when you want to share your tunes with friends, a speaker is a better option. And a compact model that connects using Bluetooth lets you enjoy that experience anywhere your legs will carry you, without the hassle of wires. Whether you're looking for an eye-catching design, innovative features, or just great sound quality, we've got options for you as we take a look at four popular models.
 
InFocus has announced a 55-inch touchscreen PC with Windows 8, which has an upgradeable design that is uncommon in all-in-one PCs.
 
Foxconn's Hon Hai Precision Industry posted record annual profits last year, a sign that production of Apple products remains strong despite heightened competition from rival electronics vendors.
 
HP Linux Imaging and Printing CVE-2013-0200 Insecure Temporary File Creation Vulnerability
 
Red Hat Enterprise Virtualization Manager CVE-2012-6115 Local Information Disclosure Vulnerability
 
Linux Kernel Multiple Local Information Disclosure Vulnerabilities
 
Oracle Java SE CVE-2013-1488 Unspecified Remote Code Execution Vulnerability
 
LinuxSecurity.com: Brad Hill of iSEC Partners discovered that many XML implementations are vulnerable to external entity expansion issues, which can be used for various purposes such as firewall circumvention, disguising an IP address, and denial-of-service. libxml2 was susceptible to these [More...]
 
LinuxSecurity.com: Ruby could be made to hang if it received specially crafted input.
 
LinuxSecurity.com: Updated axis packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate [More...]
 
LinuxSecurity.com: GNOME Online Accounts could be made to expose sensitive information overthe network.
 
LinuxSecurity.com: Several security issues were fixed in OpenSSL.
 
Wireshark RTPS And RTPS2 Dissectors CVE-2013-2480 Multiple Denial of Service Vulnerabilities
 
Wireshark Mount Dissector CVE-2013-2481 Denial of Service Vulnerability
 
T-Mobile USA hopes to rock the wireless industry today with detailed plans to sell the iPhone and other phones on an unsubsidized basis with no-contract, unlimited data plans.
 
An exploit for MongoDB which allows code to be remotely injected and executed is in the wild and a Metasploit module is coming. MongoDB 2.4 is immune because of its switch to the V8 JavaScript engine


 
Jenkins CVE-2013-0329 Cross Site Request Forgery Vulnerability
 
Jenkins CVE-2013-0327 Cross Site Request Forgery Vulnerability
 
Ericsson has sued Indian mobile handset vendor Micromax in an Indian court, alleging infringement of eight of its patents without payment of any consideration.
 
A deal that would have made electronics giant Foxconn a major shareholder in Japan display maker Sharp has fallen apart, though the companies remain close partners in the complex global electronics supply chain.
 
SSSD CVE-2013-0287 Remote Security Bypass Vulnerability
 
A U.S. judge dismissed a lawsuit that sought to punish Chinese Internet company Baidu for blocking pro-democracy works on its search engine. One legal expert said the case was more of a publicity stunt than an actual legal challenge to China's online censorship.
 
Artificial intelligence, a field of programming employed by video game developers to make characters smarter and improve their decisions, still has a ways to go before it actually yields intelligent characters.
 
Foxconn's Hon Hai Precision Industry posted record annual profits last year, a sign that production of Apple products remains strong despite heightened competition from rival electronics vendors.
 
"The Croods" is the most sophisticated 3D film to date from DreamWorks, having taken 15 million more compute hours to render and 250TB of storage to make
 
Linux Kernel Netlink Interface Multiple Information Disclosure Vulnerabilities
 
ActFax Server Multiple Remote Buffer Overflow Vulnerabilities
 
Microsoft Windows CVE-2013-2556 ASLR Security Bypass Vulnerability
 
Microsoft Windows CVE-2013-2554 Security Bypass Vulnerability
 

Posted by InfoSec News on Mar 25

http://portlandtribune.com/pt/9-news/134769-ohsu-warns-stolen-laptop-had-patient-information

By Pamplin Media Group
25 March 2013

Oregon Health & Science University is contacting more than 4,000 patients whose
medical information was on a doctor’s laptop computer stolen in late February
from a rented vacation home in Hawaii.

OHSU officials said the laptop taken during a burglary included information in
an email program on 4,022...
 

Posted by InfoSec News on Mar 25

http://rt.com/usa/bohemian-blair-powell-guccifer-811/

RT.com
March 26, 2013

Attending the elusive Bohemian Grove retreat should be a priority for former UK
Prime Minister Tony Blair, News Corp executive Andrew Knight allegedly writes
in an email to US Gen. Colin Powell obtained by RT.

The mysterious computer hacker known only as Guccifer has once again supplied
RT with a trove of presumed personal emails in which the private correspondence...
 

Posted by InfoSec News on Mar 25

http://www.wired.com/threatlevel/2013/03/stuxnet-act-of-force/

By Kim Zetter
Threat Level
Wired.com
03.25.13

A cyberattack that sabotaged Iran’s uranium enrichment program was an “act of
force” and was likely illegal, according to research commissioned by NATO’s
cyberwarfare center.

“Acts that kill or injure persons or destroy or damage objects are
unambiguously uses of force” and likely violate international law, according to...
 

Posted by InfoSec News on Mar 25

http://www.zdnet.com/uk-intelligence-agency-stores-passwords-in-plain-text-7000013113/

By Michael Lee
Securify This!
ZDNet.com
March 26, 2013

There are some government agencies that most would expect to have a fair grasp
of security, even for those systems that are not core to their operations.
That's what we thought with the Australian Tax Office's Publication Ordering
System, but sadly, we were proven wrong.

University student...
 

Posted by InfoSec News on Mar 25

http://oakridgetoday.com/2013/03/25/y-12-security-breach-wsi-leaves-oak-ridge/

By John Huotari
Oak Ridge Today
March 25, 2013

After 13 years of protecting federal facilities, WSI Oak Ridge has left the
Secret City.

Friday was the last day for many employees at WSI, and the contract ended
Sunday, spokeswoman Courtney Henry said.

Formerly known as Wackenhut Services Inc., the company once provided up to
1,000 security police officers and...
 
HP Intelligent Management Center 'mibFileUpload' Servlet Remote Code Execution Vulnerability
 
Internet Storm Center Infocon Status