Hackin9

InfoSec News

(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 


Now .. where is nl.ai ?? Dot-ai is Anguilla, a speck of land in the Caribbean, to the east of Puerto Rico. And probably has nothing at all to do with what follows. Dot-nl-dot-ai, on the other hand, appears to be a free domain name registrar.
If you're into malware analysis, you've probably seen your fair share of .nl.ai domains recently. And not just these. Feeding nl.ai into RUS-CERTs Passive DNS collectorhttp://www.bfk.de/bfk_dnslogger.html?query=ns1.cd.am#resultgives us the name server for .nl.ai (one ns1.cd.am), which in turn shows a couple of other domains that are currently very familiar to the malware analyst. Like .c0m.li, and .cc.ai.
If you are blocking domains on your gateway or DNS server, blackholing these few
.cc.ai

.nl.ai

.c0m.li

.cd.am

.coom.in
might be a reasonable move, at least until someone in your business can show that they have a legitimate need to access one of the sub domains of these pseudo top level domains.Mind you, chances are that not all domains hosted there in fact are bad. But all the ones that I've seen in my logs so far: were.



(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
Scored an iPhone this holiday season? Or perhaps just delicious iTunes Store credit? We've assembled this list of the best iPhone games; if you're a gamer, these are the must-have apps for your device. Loosen your thumbs, loosen your wallet, and start playing.
 
MITKRB5-SA-2011-008 buffer overflow in telnetd [CVE-2011-4862]
 
[SECURITY] [DSA 2375-1] krb5. krb5-appl security update
 
[SECURITY] [DSA 2372-1] heimdal security update
 
Lighttpd Proof of Concept code for CVE-2011-4362
 
There are a variety of new technologies advancing in 2012 that you should investigate, if you aren't already doing so, to give your small business a leg up on the competition. These recent technologies are beginning to be widely adopted and will continue to drive business forward.
 
30 Days With the Cloud: Day 19
 
[ MDVSA-2011:194 ] icu
 
[ MDVSA-2011:193 ] squid
 
FreeBSD Security Advisory FreeBSD-SA-11:08.telnetd
 
FreeBSD Security Advisory FreeBSD-SA-11:07.chroot
 
A hacktivist group claims it stole credit card data from organizations that purchased the intelligence firm?s publications.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google
 

U.S. Department of Homeland Security National Cyber Security Division and ...
Sacramento Bee
SANS offers a myriad of free resources to the Infosec community including consensus projects, research reports, newsletters, and it operates the Internet's early warning system - the Internet Storm Center. At the heart of SANS are the many security ...

and more »
 
With the holidays behind us -- or at least winding down -- depending on what you celebrate, time is ticking away on the last few days of 2011. As you bag up the shredded wrapping paper, and start taking down your decorations, take a moment to ponder the year ahead as well.
 

US Department of Homeland Security National Cyber Security Division and Idaho ...
MarketWatch (press release)
SANS offers a myriad of free resources to the Infosec community including consensus projects, research reports, newsletters, and it operates the Internet's early warning system - the Internet Storm Center. At the heart of SANS are the many security ...

 
If you've spent more than a couple of hours on the Web you understand that the thing is choked with videos--from YouTube to Vimeo to news and entertainment sites. There's so much, in fact, that it's hard to watch everything you want to when you're sitting down in front of your computer. And because there is, it's not uncommon to seek ways to capture that video for later viewing on other devices or when an Internet connection isn't available.
 
Well, we erred in our 2011 predictions in not repeating a 2010 forecast that Carol Bartz would be ousted as Yahoo CEO -- it was bound to happen, we just called that one too early. Then again, we also predicted last year that Oracle would buy Salesforce.com and have decided not to repeat ourselves this year, so we'll see if we were just ahead on that one, too. Meanwhile, these are our predictions for the next 12 months:
 
Operator partnerships and small-scale mobile payment trials will start to bear fruit in 2012 and some analysts think Apple will make a play for our wallets. But mass-market acceptance will still allude the sector, according to analysts.
 
--
John Bambenek
bambenek \at\ gmail /dot/ com
Bambenek Consulting (c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
A state-by-state look at concentration of technical workers in the civilian workforce.
 
NTT DoCoMo said Tuesday it will form a joint venture with Samsung, Fujitsu, NEC and two other Japanese companies to design and sell chips for high-speed mobile networks based on the LTE (Long Term Evolution) standard.
 
A federal judge in Delaware has cancelled a Feb. 14 trial of an antitrust case filed against Intel in 2009, after plaintiff New York state asked the court to allow its transfer to a New York state court.
 
Having been the largest consumer of flash memory, Apple will gain a leg up on competitors with its purchase of Anobit, since the deal will enable the company to use the cheapest chips in its products while maintaining a high level of resilience and performance.
 
In a year of surging private cloud activity and major build-outs in public cloud capacity, the cloud's promised simplification remains elusive
 

Posted by InfoSec News on Dec 27

http://www.networkworld.com/news/2011/122211-windows8-authentication-254372.html

By Tim Greene
Network World
December 22, 2011

The Windows 8 feature that logs users in if they touch certain points in a
photo in the right order might be fun, but it's not very good security,
according to the inventor of RSA's SecurID token.

"I think it's cute," says Kenneth Weiss, who now runs a three-factor
authentication business...
 

Posted by InfoSec News on Dec 27

http://www.computerworld.com/s/article/9222932/Plans_to_migrate_LAPD_to_Google_s_cloud_apps_dropped

By Jaikumar Vijayan
Computerworld
December 22, 2011

After more than two years of trying, the City of Los Angeles has abandoned
plans to migrate its police department to Google's hosted email and office
application platform saying the service cannot meet certain FBI security
requirements.

As a result, close to 13,000 law-enforcement...
 

Posted by InfoSec News on Dec 27

========================================================================

The Secunia Weekly Advisory Summary
2011-12-15 - 2011-12-22

This week: 40 advisories

========================================================================
Table of Contents:

1.....................................................Word From Secunia...
 

Posted by InfoSec News on Dec 27

http://www.kval.com/news/local/State-Stolen-laptop-had-private-info-on-3000-local-people-136106658.html

By KVAL News
Dec 22, 2011

SPRINGFIELD, Ore. - A laptop computer believed to be stolen from the Department
of Human Services Gateway Center in Springfield contained private information
for approximately 3,000 individuals.

DHS has notified involved individuals by e-mail and is notifying others through
this media alert that they may be at...
 

Posted by InfoSec News on Dec 27

http://www.nytimes.com/2011/12/26/technology/26iht-hack26.html

By KEVIN J. O'BRIEN
The New York Times
December 25, 2011

BERLIN -- It may be tempting to view the illegal interception of
telephone voice mails, a practice that has roiled Britain and the News
Corp. media empire of Rupert Murdoch, as an arcane tool employed by
scofflaw journalists with friends in Scotland Yard.

But according to a study to be presented Tuesday, cellphone...
 

Posted by InfoSec News on Dec 27

http://www.newscientist.com/article/mg21228440.700-dotdashdiss-the-gentleman-hackers-1903-lulz.html

By Paul Marks
NewScientist
27 December 2011

A century ago, one of the world’s first hackers used Morse code insults
to disrupt a public demo of Marconi's wireless telegraph

LATE one June afternoon in 1903 a hush fell across an expectant audience
in the Royal Institution's celebrated lecture theatre in London. Before
the crowd, the...
 

Posted by InfoSec News on Dec 27

http://www.telegraph.co.uk/news/uknews/phone-hacking/8969865/Phone-hacking-serving-female-Scotland-Yard-officer-52-held-on-corruption-claims.html

By Andrew Hough, and Mark Hughes
The Telegraph
21 Dec 2011

The 52-year-old, who has not been named, was arrested at her home in
Essex under Operation Elveden, the Metropolitan Police operation
investigating inappropriate payments to police for information.

Sources said she is a member of the...
 

Posted by InfoSec News on Dec 27

http://www.csmonitor.com/USA/2011/1226/Intelligence-firm-Stratfor-reels-after-data-breach.-What-did-hackers-get

By Mark Trumbull
Staff writer
The Christian Science Monitor
December 26, 2011

The risks of cyber break-ins were exposed again over the holiday weekend
as the firm Strategic Forecasting, known as Stratfor, faced an intrusion
by hackers that compromised client data and credit card numbers.

The private firm provides analysis of...
 
Internet Storm Center Infocon Status