On Monday, employees at Sony Pictures Entertainment—the television and movie subsidiary of Sony Corp.—discovered that their internal corporate network had been hijacked. A message from an individual or group claiming responsibility appeared on corporate systems, pledging to release sensitive corporate data taken from the network by 11pm GMT on Monday.

Twitter accounts associated with promoting several movies, including Starship Troopers, were briefly hijacked by the attackers. The attackers posted to at least three Twitter feeds, leaving the same message: “You, the criminals including [Sony Pictures CEO] Michael Lynton will surely go to hell. Nobody can help you.” The image posted with the message shows a digitally edited image of Lynton’s head in a dark, hellish landscape.

As of this morning, the network at many Sony offices still appears to be down. Based on information reportedly shared by employees, it could be down for weeks before being restored. The Twitter accounts appear to be back under Sony Pictures’ control.

Read 5 remaining paragraphs | Comments

[SECURITY] [DSA 3077-1] openjdk-6 security update
[security bulletin] HPSBGN03202 rev.1 - HP CMS: Configuration Manager running OpenSSL, Remote Disclosure of Information

The 12-step program for information security
In order to comply with executives' demands that they be demonstrably in compliance with SOX, as well as with a new alphabet soup of other new regulations affecting the legal and healthcare industries, the infosec community helped the standards agency ...

MantisBT 'view_all_set.php' Multiple SQL Injection Vulnerabilities
Linux Kernel 'espfix64' Local Denial of Service Vulnerability

The 12-step program for information security
In order to comply with executives' demands that they be demonstrably in compliance with SOX, as well as with a new alphabet soup of other new regulations affecting the legal and healthcare industries, the infosec community helped the standards agency ...

and more »
[ MDVSA-2014:229 ] libvncserver

(ISC)2 board chairman: 'We've definitely turned it around'
(ISC)2 has, in terms of its membership, remained focused on a highly qualified group of experienced infosec pros. Do some of these new initiatives from other organizations put (ISC)2 at risk of losing its influence by not doing more to cater to those ...



Remote Code Execution in Popular Hikvision Surveillance DVR
As Johannes Ullrich of the SANS Institute Infosec Handlers Diary Blog notes and Threatpost has reported on in the past, researchers have witnessed Hikvision DVRs being exploited by “The Moon” worm, bitcoin miners, and code scanning for Synology disk ...

and more »
LinuxSecurity.com: Updated libvncserver packages fix security vulnerabilities: A malicious VNC server can trigger incorrect memory management handling by advertising a large screen size parameter to the VNC client. This would result in multiple memory corruptions and could allow remote [More...]
LinuxSecurity.com: Multiple vulnerabilities has been discovered and corrected in phpmyadmin: * Multiple XSS vulnerabilities (CVE-2014-8958). [More...]
LinuxSecurity.com: Security Report Summary
LinuxSecurity.com: Squid could be made to crash if it received specially crafted networktraffic.
CVE-2014-5439 - Root shell on Sniffit [with exploit]
Moodle 'lib/phpunit/bootstrap.php' Path Disclosure Vulnerability
Adobe Flash Player CVE-2014-8439 Remote Code Execution Vulnerability
Moodle 'forum_get_discussions()' Function Security Bypass Vulnerability


Industry downplays Regin after Belgacom hack
News of an extremely advanced malware attack on Belgacom, members of the European Union and a well-known Belgian cryptographer, has been downplayed by stakeholders in the information security (infosec) industry. A whitepaper released by infosec ...
Regin: The super-spyware the security industry has been silent aboutRegister

all 599 news articles »
Сross-Site Request Forgery (CSRF) in xEpan
WordPress Server Side Request Forgery Security Bypass Vulnerability
WordPress Password Reset Email Security Bypass Vulnerability
WordPress Cross Site Request Forgery Vulnerability
phpMyAdmin CVE-2014-8960 Cross Site Scripting Vulnerability
phpMyAdmin CVE-2014-8958 Multiple Cross Site Scripting Vulnerabilities
phpMyAdmin Error Reporting Feature Information Disclosure Vulnerability
phpMyAdmin CVE-2014-8959 Local File Include Vulnerability
[ MDVSA-2014:228 ] phpmyadmin

Posted by InfoSec News on Nov 26

Forwarded from Ming Li <ming.li (at) usu.edu>

*Call For Papers*


The 8th ACM Conference on Security and Privacy

in Wireless and Mobile Networks

ACM WiSec '15

New York City, NY, USA

June 22nd — 26th 2015



ACM WiSec 2015...

Posted by InfoSec News on Nov 26


By Violet Blue
Zero Day
ZDNet News
November 25, 2014

If the bug is dangerous enough, it gets a name. Heartbleed's branding
changed the way we talk about security, but did giving a bug a logo make
it frivolous... or is this the evolution of infosec?

Criminals, such as bank robbers, are often named because there are too
many to keep track of. Just...

Posted by InfoSec News on Nov 26


By Steve Ragan
Salted Hash
Nov 25, 2014

On Monday, Sony Pictures was forced to disable their corporate network
after attackers calling themselves the GOP (Guardians of Peace) hijacked
employee workstations in order to threaten the entertainment giant. Now,
new information suggests that the GOP had...

Posted by InfoSec News on Nov 26


By Jeremy Kirk
IDG News Service
Nov 25, 2014

Home Depot spent $43 million in its third quarter dealing with the fallout
of one of the largest ever data breaches, highlighting the costly nature
of security failures.

The retailer said in a regulatory filing on Tuesday that it expects $15
million of that cost will be reimbursed by a $100...
Wireshark NCP Dissector CVE-2014-8712 Denial of Service Vulnerability
Wireshark SigComp Dissector CVE-2014-8710 Remote Denial of Service Vulnerability
[SECURITY] [DSA 3076-1] wireshark security update
[security bulletin] HPSBUX03166 SSRT101489 rev.1 - HP-UX running PAM libpam_updbe, Remote Authentication Bypass
[security bulletin] HPSBGN03203 rev.1 - HP CMS: UCMDB Browser running OpenSSL, Remote Disclosure of Information
[security bulletin] HPSBGN03201 rev.1 - HP Asset Manager running SSLv3, Remote Disclosure of Information
Internet Storm Center Infocon Status