Share |

InfoSec News



Normal
0




false
false
false

EN-AU
X-NONE
X-NONE









































































































































































/* Style Definitions */
table.MsoNormalTable
{mso-style-name:"Table Normal";
mso-tstyle-rowband-size:0;
mso-tstyle-colband-size:0;
mso-style-noshow:yes;
mso-style-priority:99;
mso-style-qformat:yes;
mso-style-parent:"";
mso-padding-alt:0cm 5.4pt 0cm 5.4pt;
mso-para-margin:0cm;
mso-para-margin-bottom:.0001pt;
mso-pagination:widow-orphan;
font-size:11.0pt;
font-family:"Calibri","sans-serif";
mso-ascii-font-family:Calibri;
mso-ascii-theme-font:minor-latin;
mso-fareast-font-family:"Times New Roman";
mso-fareast-theme-font:minor-fareast;
mso-hansi-font-family:Calibri;
mso-hansi-theme-font:minor-latin;
mso-bidi-font-family:"Times New Roman";
mso-bidi-theme-font:minor-bidi;}



With all the excitement in the media at the moment about vendors being able to track our every move*, Apple have released QA [1] on what data they actually track on the iPhone.

It's an interesting enough read and may calm the fears of some of being tracked. Or perhaps not.

The Internet Storm Center has published a number of stories on data being collected, in a delightful variety of ingenious ways, then sold to marketers to gain a better insight in to how to get the consumer to spend more money. This wealth of information from raw data has huge applications and, as an example, the Dutch Police took the initiative. They bought data from TomTom to place speed traps and cameras [2], which is a very sneaky idea and much more accurate for revenue generation that building them on busy roads. In case you were attempting new land speed records on Dutch roads, all the data purchase was anonymous, so you're safe from the digital arm of the law...

The part of this story that is thought-provoking comes from customer pressure on TomTom to stop doing this. TomTom have agreed and changed their policy on-selling the traffic data.

When many raise their voices in complaint, threaten to leave the service and create negative publicity does it make a different to the mega corporations? Or have we simply lost this battle all ready as we signed, check-boxed or clicked agree a EULA [3] giving our acceptance to track, monitor, use and sell any data generated.

I'll leave it up to you to decide if consumer power is one thing that can make a difference once you discover something is tracking your every move.

Of course, if you constantly updating your location in FourSquare, Facebook, Twitter et al while using your loyalty cards then you may not care in the first place.

[1] http://www.apple.com/pr/library/2011/04/27location_qa.html

[2] http://www.engadget.com/2011/04/27/tomtom-user-data-sold-to-danish-police-used-to-determine-ideal/

[3] http://www.webopedia.com/TERM/E/EULA.html



*Fancy that - I mean it's not like I'm carrying at least two items that bleat out my location every few seconds that are designed so people can get in contact wherever I am. Plus I pay a small fortune for the privilege to own the lovely, shiny devices - I could be my own privacy's own worst enemy. Hmmm.
Chris Mohan --- Internet Storm Center Handler on Duty (c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
 
In the wake of the RSA SecurID breach, a vendor survey finds a reduced level of confidence in the security provided by tokens.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google
 
Two Cisco security advisories have been published: Multiple Vulnerabilities in Cisco Unified Communications Manager and Cisco Wireless LAN Controllers Denial of Service Vulnerability





The details below have been taken from the Cisco's advisories:





Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified Communications Manager



Document ID: 112878



Advisory ID: cisco-sa-20110427-cucm



Revision 1.0



For Public Release 2011 April 27 1600 UTC (GMT)



+---------------------------------------------------------------------



Summary

=======



Cisco Unified Communications Manager (previously known as Cisco CallManager) contains the following vulnerabilities:



* Three (3) denial of service (DoS) vulnerabilities that affect Session Initiation Protocol (SIP) services

* Directory transversal vulnerability

* Two (2) SQL injection vulnerabilities



Cisco has released free software updates for affected Cisco Unified Communications Manager versions to address the vulnerabilities. A workaround exists only for the SIP DoS vulnerabilities.



This advisory is posted at

http://www.cisco.com/warp/public/707/cisco-sa-20110427-cucm.shtml





Affected Products

=================



Vulnerable Products

+------------------



The following products are affected by at least one of the vulnerabilities that are described in this advisory:



* Cisco Unified Communications Manager 6.x

* Cisco Unified Communications Manager 7.x

* Cisco Unified Communications Manager 8.x



Note: Cisco Unified Communications Manager version 5.1 reached end of software maintenance on February 13, 2010. Customers who are using Cisco Unified Communications Manager 5.x versions should contact your Cisco support team for assistance in upgrading to a supported version of Cisco Unified Communications Manager.



Products Confirmed Not Vulnerable

+--------------------------------



Cisco Unified Communications Manager version 4.x is not affected by these vulnerabilities. No other Cisco products are currently known to be affected by these vulnerabilities.







Cisco Security Advisory: Cisco Wireless LAN Controllers Denial of Service Vulnerability



Document ID: 112916



Advisory ID: cisco-sa-20110427-wlc



Revision 1.0



For Public Release 2011 April 27 1600 UTC (GMT)



+---------------------------------------------------------------------



Summary

=======



The Cisco Wireless LAN Controller (WLC) product family is affected by a denial of service (DoS) vulnerability where an unauthenticated

attacker could cause a device reload by sending a series of ICMP packets.



Cisco has released free software updates that address this vulnerability.



There are no available workarounds to mitigate this vulnerability.



This advisory is posted at

http://www.cisco.com/warp/public/707/cisco-sa-20110427-wlc.shtml







Affected Products

=================



Vulnerable Products

+------------------



This vulnerability affects Cisco WLC software versions 6.0 and later. The following products are affected by the vulnerability described in

this Security Advisory:



* Cisco 2100 Series Wireless LAN Controllers

* Cisco WLC526 Mobility Express Controller (AIR-WLC526-K9)

* Cisco NME-AIR-WLC Modules for Integrated Services Routers (ISRs)

* Cisco NM-AIR-WLC Modules for Integrated Services Routers (ISRs)



Note: The Cisco NM-AIR-WLC have reached End-of-Life and End-of-Software Maintenance. Please refer to the following

document for more information:



http://www.cisco.com/en/US/prod/collateral/modules/ps2797/prod_end-of-life_notice0900aecd806aeb34.html



Chris Mohan --- Internet Storm Center Handler on Duty (c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
 
How can you ensure the stability of your data center while at the same time taking maximum advantage of the flexibility of virtualization?
 
Attachmate Group announced Wednesday that it has completed its $2.2 billion acquisition of Novell.
 
A free new PowerPivot App looks at how you're spending your time
 
The FCC should deny AT&T's proposed purchase of Qualcomm spectrum, consumer groups say.
 
With its Novell acquisition now closed, the company is looking to expand the customer base of Suse Linux
 
While it has been disturbing to see Internet threats become driven by financial gain, Stuxnet signals the arrival of something more worrisome: a new class of threat designed to seize and control critical infrastructure.
 
Google today patched 27 vulnerabilities in Chrome as it boosted the "stable" build of the browser to version 11 on Windows, Mac and Linux.
 
When it makes its final launch Friday, NASA's space shuttle Endeavour will carry a piece of equipment that will search space for some of the biggest mysteries of physics -- antimatter and dark matter.
 
Facebook is looking to hire 9,400 more employees in the next six years, according to reports.
 
Research in Motion moved to boost its mobile devices' calendar capabilities by buying Tungle, an enterprise scheduling application developer.
 
Gibbs lists the final five of his top ten networking tools
 
Late last year we bought a new car. And in doing so, I realized that the auto industry is undoubtedly one of the industries that has been severely disrupted by Apple in the past decade.
 
Apple will start selling the long-delayed white iPhone 4 on Thursday, the company said today.
 
Delicious, the social bookmarking service and Web 2.0 pioneer, will live on as part of a new Internet company run by YouTube founders Chad Hurley and Steve Chen.
 
Security vendor AppSec charges Oracle has been reporting inappropriate CVSS ratings for its database software
 
How virtualization technology is making the jump from the server realm into the application, mobile and database worlds.
 
Linux Kernel NFS Access Control List (ACL) Allocation Local Denial of Service Vulnerability
 
Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified Communications Manager
 
Cisco Security Advisory: Cisco Wireless LAN Controllers Denial of Service Vulnerability
 
[USN-1124-1] rsync vulnerability
 
Linux Kernel Validate 'map_count' Variable Local Security Bypass Vulnerability
 
Another Windows 8 pre-beta surfaced recently, and it is said to feature a ribbon-based user-interface similar to the one used in recent editions of Microsoft Office. Is Windows 8's ribbon interface a deal breaker or breakthrough for you?
 
Another Windows 8 pre-beta surfaced recently, and it is said to feature a ribbon-based user-interface similar to the one used in recent editions of Microsoft Office. Is Windows 8's ribbon interface a deal breaker or breakthrough for you?
 
Apple today denied that it tracks iPhone and iPad users, saying that "users are confused" about the issue.
 
The FCC should deny AT&T's proposed purchase of Qualcomm spectrum, consumer groups say.
 
HP OpenView Storage Data Protector Multiple Remote Code Execution Vulnerabilities
 
diafan.CMS Cross Site Scripting Vulnerability
 
Verizon this morning acknowledged that its 4G LTE network was not working for users across the US after reports trickled in overnight about a nationwide outage.
 
Enterprises are challenged to keep pace with mounting unstructured file data. While NAS represents the optimal choice for storing such data, the strain to scale NAS economically while preserving application performance is like trying to use your fingers to plug holes in a dam that has sprouted thousands of leaks.
 
Stop. Don't look up. Don't look outside of the box, the rectangle holding this text. Can you tell me which browser you're using? Did you choose it yourself for all the right reasons? Can you explain why you're trusting your precious HTML-encoded content to this browser, the way a major league batter can explain why maple or ash and a thin or thick barrel is absolutely the right choice for sending that ball into the bleachers? Are you sure this browser is the best choice for the tags and the metadata hurling toward your computer?
 
NGS00068 Patch Notification: LibAVCodec AMV Out of Array Write
 
B-Sides Vienna | NinjaCon 11 Call For Participation
 
Re: Stored XSS vulnerability in diafan.CMS
 
[security bulletin] HPSBMA02667 SSRT100464 rev.2 - HP SiteScope, Cross Site Scripting (XSS) and HTML Injection
 
Our manager is surprised how little his company's developers know about making their software safer.
 
The London 2012 Olympics sales website crashed offline last night, after people rushed to buy tickets during the final hours before the deadline.
 
Nokia will outsource its Symbian software activities to Accenture, transferring 3,000 employees to the company in the process, as it moves its focus to making phones running on Microsoft's Windows Phone operating system.
 
[SECURITY] [DSA 2225-1] asterisk security update
 
[security bulletin] HPSBMA02654 SSRT100441 rev.1 - HP OpenView Storage Data Protector, Remote Execution of Arbitrary Code
 
WordPress 'press-this.php' Remote Security Bypass Vulnerability
 
7T Interactive Graphical SCADA System ODBC Service Remote Stack Based Buffer Overflow Vulnerability
 
CenturyLink has agreed to buy hosting company Savvis for about US$2.5 billion in cash and shares, the companies announced Wednesday.
 
Advantech Studio ISSymbol ActiveX Control Multiple Buffer Overflow Vulnerabilities
 
Federal authorities will remotely uninstall the Coreflood botnet Trojan from some infected Windows PCs over the next four weeks.
 
All it takes is a credit card to spin up a SaaS application. But consider how you integrate with that cloud app, or you'll be condemned to create another silo
 
Iron Mountain is considering selling off its entire digital business and getting out of the software development business to refocus on its roots in delivering storage services.
 
Joostina Multiple Components SQL Injection Vulnerability
 
InfoSec News: USENIX WOOT '11 Submission Deadline Approaching: Forwarded from: Lionel Garth Jones <lgj (at) usenix.org>
I'm writing to remind you that the submission deadline for the 5th USENIX Workshop on Offensive Technologies (WOOT '11) is approaching.
Please submit all work by May 2, 2011, at 11:59 p.m. PDT. [...]
 
InfoSec News: USENIX HotSec '11 Submission Deadline Extended: Forwarded from: Lionel Garth Jones <lgj (at) usenix.org>
I'm writing to remind you that the submission deadline for the 6th USENIX Workshop on Hot Topics in Security has been extended.
Please submit all work by 11:59 p.m. EST on May 12, 2011.
HotSec takes a broad view of security and privacy and encompasses research on new security ideas and problems. Cross-discipline papers identifying new security problems or exploring approaches not previously applied to security will be given special consideration. All submissions should propose new directions of research, advocate non-traditional approaches, report on noteworthy experience in an emerging area, or generate lively discussion around an important topic.
Topics of interest include, but are not limited to the following:
* Large-scale threats * Network security * Hardware security * Software security * Physical security * Programming languages * Applied cryptography * Privacy * Human-computer interaction * Emerging computing environment * Sociology * Economics
Attendance will be limited to 35-50 participants, with preference given to the authors of accepted position papers/presentations.
Submission guidelines and more information can be found at http://www.usenix.org/hotsec11/cfpb
HotSec '11 will take place Tuesday, August 9, 2011, in San Francisco, CA. It is co-located with the 20th USENIX Security Symposium, which will take place August 10-12, 2011.
We look forward to your submissions.
Patrick McDaniel, Pennsylvania State University HotSec '11 Program Chair hotsec11chair (at) usenix.org
 
InfoSec News: Court order cripples Coreflood botnet, says FBI: http://www.computerworld.com/s/article/9216190/Court_order_cripples_Coreflood_botnet_says_FBI
By Gregg Keizer Computerworld April 26, 2011
Although the Federal Bureau of Investigation (FBI) said a federal temporary restraining order has crippled the Coreflood botnet in the U.S. [...]
 
InfoSec News: China Implicated In Hacking Of SMB Online Bank Accounts: http://www.darkreading.com/advanced-threats/167901091/security/attacks-breaches/229402294/china-implicated-in-hacking-of-smb-online-bank-accounts.html
By Kelly Jackson Higgins Darkreading April 26, 2011
This time it wasn't an "advanced persistent threat" associated with [...]
 
InfoSec News: Is Iran just seeing Stars?: http://www.csoonline.com/article/680599/is-iran-just-seeing-stars-
By Robert Lemos CSO April 26, 2011
An Iranian official caused a stir Monday, claiming the nation's cybersecurity experts found another digital attack aimed at the Islamic country's systems. [...]
 
InfoSec News: Police: Wireless network hacker targeted Seattle-area businesses: http://www.seattlepi.com/local/article/Police-Wireless-network-hacker-targeted-1344185.php
By LEVI PULKKINEN SEATTLEPI.COM STAFF April 19, 2011
Law officers have moved to seize a Seattle man's car they claim was used in a "wardriving" spree that saw Seattle-area wireless networks hacked [...]
 
Symphony 'token' Parameter SQL Injection Vulnerability
 

Posted by InfoSec News on Apr 27

http://www.computerworld.com/s/article/9216190/Court_order_cripples_Coreflood_botnet_says_FBI

By Gregg Keizer
Computerworld
April 26, 2011

Although the Federal Bureau of Investigation (FBI) said a federal
temporary restraining order has crippled the Coreflood botnet in the
U.S., Microsoft today took the unusual step of pushing a second version
of its monthly malware cleaner to Windows users to again quash the
botnet.

Coreflood made the...
 

Posted by InfoSec News on Apr 27

http://www.darkreading.com/advanced-threats/167901091/security/attacks-breaches/229402294/china-implicated-in-hacking-of-smb-online-bank-accounts.html

By Kelly Jackson Higgins
Darkreading
April 26, 2011

This time it wasn't an "advanced persistent threat" associated with
China: Instead, a fraud alert issued by the FBI today implicates China
in a cybercrime operation that bilked U.S.-based small to midsize
businesses of $11...
 

Posted by InfoSec News on Apr 27

http://www.csoonline.com/article/680599/is-iran-just-seeing-stars-

By Robert Lemos
CSO
April 26, 2011

An Iranian official caused a stir Monday, claiming the nation's
cybersecurity experts found another digital attack aimed at the Islamic
country's systems.

Calling the attack "Stars," Gholam-Reza Jalali, the director of Iran's
Passive Defense Organization, said that the attack was camouflaged as a
government file...
 

Posted by InfoSec News on Apr 27

http://www.seattlepi.com/local/article/Police-Wireless-network-hacker-targeted-1344185.php

By LEVI PULKKINEN
SEATTLEPI.COM STAFF
April 19, 2011

Law officers have moved to seize a Seattle man's car they claim was used
in a "wardriving" spree that saw Seattle-area wireless networks hacked
and harvested for information.

In filings with the U.S. District Court at Seattle, investigators
contend the 1988 Mercedes sedan was a...
 

Posted by InfoSec News on Apr 27

Forwarded from: Lionel Garth Jones <lgj (at) usenix.org>

I'm writing to remind you that the submission deadline for the 5th
USENIX Workshop on Offensive Technologies (WOOT '11) is approaching.

Please submit all work by May 2, 2011, at 11:59 p.m. PDT.

WOOT provides a forum for high-quality, peer-reviewed papers discussing
tools and techniques for attack. Submissions should reflect the state of
the art in offensive computer...
 

Posted by InfoSec News on Apr 27

Forwarded from: Lionel Garth Jones <lgj (at) usenix.org>

I'm writing to remind you that the submission deadline for the 6th
USENIX Workshop on Hot Topics in Security has been extended.

Please submit all work by 11:59 p.m. EST on May 12, 2011.

HotSec takes a broad view of security and privacy and encompasses
research on new security ideas and problems. Cross-discipline papers
identifying new security problems or exploring...
 
Subtitle Processor '.m3u' File Buffer Overflow Vulnerability
 


Internet Storm Center Infocon Status