Hackin9
Apple sold a record 51 million iPhones in the fourth quarter of 2013, but acknowledged it underestimated the appeal of the flagship iPhone 5S, making some analysts question the company's two-model strategy.
 
Infamous journalist Stephen Glass was portrayed by Hayden Christensen in Shattered Glass, a 2003 movie about his brief career at The New Republic. Chloe Sevigny played Caitlin Avey, a character modeled on one of Glass' coworkers.

In 1998, The New Republic published a story about a hacker throwing a tantrum. 15-year-old Ian Restil, featured in a story called "Hack Heaven," was shouting at executives from a major software firm called Jukt Electronics.

"I want more money," said Restil. "I want a Miata. I want a trip to Disney World. I want X-Man comic [book] number one. I want a lifetime subscription to Playboy and throw in Penthouse. Show me the money! Show me the money!"

"It's pretty amazing that a 15-year-old could get a big-time software firm to grovel like that," marveled the writer, Stephen Glass.

Read 14 remaining paragraphs | Comments

 

Infosec keen uni students face April 1 deadline for (ISC)2 scholarships
CSO Magazine
Future information security professionals keen to enhance their skills have until April 1 to apply for a number of scholarships being offered by information security peak body (ISC)2 and available to recipients worldwide. The scholarships – which ...

 
Technology companies will be allowed to reveal more details about government data requests under a tentative agreement with the U.S. Department of Justice.
 
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
The early Wi-Fi standards that opened the world's eyes to wire-free networking are now holding back the newer, faster protocols that followed in their wake, Cisco Systems said.
 
PernixData FVP clusters server-side flash to improve virtual machine performance and reduce SAN latency
 
With the purchase of artificial intelligence company DSeepMind Technologies, Google may be taking steps to add extra smarts to everything from search to robots to the Internet of Things.
 
Apple set two records for itself in the first quarter of its 2014 fiscal year, selling 51 million iPhones and reporting revenue of US$57.6 billion, with a net profit of $13.1 billion.
 
Android represented more than half of U.S. smartphone sales in the last quarter of 2013, while the iPhone's share dropped to 43.9%, said Kantar WorldPanel ComTech.
 
The bring-your-own-device trend will only get more nerve-wracking for IT managers in 2014 because of the 30% annual growth expected for smartphones purchased under a BYOD approach, and the further emergence of Windows Phone as a third platform behind Android and iOS.
 
Once seen as a valuable differentiator for career advancement, the intrinsic worth of an MBA degree is now a hotly debated subject in the enterprise.
 
Spy agencies including the U.S. National Security Agency have been working together to extract personal information, including location data and address books, from mobile apps as part of a globe-spanning effort to thwart terrorist plots, according to newly disclosed documents provided by former NSA contractor Edward Snowden.
 

Reading log isn’t the most enjoyable thing in Network/Security Analysis, sometimes it’s impossible to get something useful from log without using a log parser .In this diary I am going to talk about one of my best log analysis tool.

 

MANDIANT HIGHLIGHTER

“MANDIANT Highlighter is a log file analysis tool. Highlighter provides a graphical component to log analysis that helps the analyst identify patterns. Highlighter also provides a number of features aimed at providing the analyst with mechanisms to weed through irrelevant data and pinpoint relevant data.”[i]

 

Installation:

1-Download Mandiant Highlighter from https://www.mandiant.com/resources/download/highlighter

2- Launch MandiantHighlighter1.1.3 and click Next

 

Highlighter Usage

Now let’s have some examples of using Mandiant Highlighter:

Let’s say that you have a snort log file and you would like to check for all MS-SQL related alerts:

  1. Go to File menu and select Open file.

      2-open snortsyslog

 

3-Type MS-SQL in the keyword field

4-Click on Highlight ,Now Highlighter will highlights MS-SQL in the snortsyslog

6-If you would like to filter the snortsyslog just to display MS-SQL related alerts:

  • Highlight MS-SQL
  • Right-click and select “Show Only”

7-Now let say that you are not interested in Priority:3 events  

a)right click on Priority: 3

b)Select Remove

In the next diary I will discuss some other advance options in Mandiant Highlighter



[i] Mandiant High-lighter User Guide.






(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
Stratasys today announced the first 3D printer that can not only print using a number of materials -- hard, soft, flexible -- but also with a wide range of colors.
 
The Android ecosystem and wearable technology will probably get a boost from the patent deal Google and Samsung have struck, but the agreement is unlikely to have an influence on Samsung's intellectual property disputes with Apple, analysts said Monday.
 
Microsoft said it had renamed its SkyDrive online storage services as OneDrive, picking a name six months after striking a deal with a British broadcaster that had taken the American firm to trademark court.
 
Klout is now entering its fifth year. Is the social media scoring service an important indicator of online influence? Or is it just a meaningless number?
 
Gigabit Wi-Fi is starting to appear in mobile devices, so we got our hands on three smartphones and two laptops running the 802.11ac standard and put them to the test. Though you won't see anywhere near Gigabit speeds in real-world environments, our testing proves that 802.11ac can offer increased throughput over 802.11n.
 
Eleven people were charged in the U.S., India, China and Romania for their suspected involvement with websites offering email hacking services.
 
LinuxSecurity.com: Multiple vulnerabilities were found in Exim, the worst of which leading to remote execution of arbitrary code with root privileges.
 
LinuxSecurity.com: A vulnerability in CEDET could result in privilege escalation.
 
LinuxSecurity.com: Multiple vulnerabilities have been found in the Oracle JRE/JDK, allowing attackers to cause unspecified impact.
 
LinuxSecurity.com: A vulnerability in VIPS could result in privilege escalation.
 
LinuxSecurity.com: A vulnerability in Tomboy could result in privilege escalation.
 
LinuxSecurity.com: A vulnerability in GNU TeXmacs could result in privilege escalation.
 
LinuxSecurity.com: Updated graphviz packages fix security vulnerabilities: Multiple buffer overflow vulnerabilities in graphviz due to an error within the yyerror() function (lib/cgraph/scan.l) which can be exploited to cause a stack-based buffer overflow via a specially [More...]
 
LinuxSecurity.com: Updated hplip packages fix security vulnerabilities: It was discovered that the HPLIP Polkit daemon incorrectly handled temporary files. A local attacker could possibly use this issue to overwrite arbitrary files (CVE-2013-6402). [More...]
 
LinuxSecurity.com: Updated augeas packages fix security vulnerabilities: Multiple flaws were found in the way Augeas handled configuration files when updating them. An application using Augeas to update configuration files in a directory that is writable to by a different user (for [More...]
 
LinuxSecurity.com: Updated perl-Proc-Daemon package fixes security vulnerability: It was reported that perl-Proc-Daemon, when instructed to write a pid file, does that with a umask set to 0, so the pid file ends up with mode 666, allowing any user on the system to overwrite it [More...]
 
Microsoft Bing for Android Unspecified Arbitrary Code Execution Vulnerability
 
Dell Kace 1000 Systems Management Appliance DS-2014-001 Multiple SQL Injection Vulnerabilities
 
Multiple Generel Electric Products 'gefebt.exe' Shell Upload Vulnerability
 
CS-Cart Multiple Cross Site Scripting Vulnerabilities
 
Media Library Categories Multiple Cross Site Scripting Vulnerabilities
 
WordPress Soundcloud Is Gold 'width' Parameter Cross Site Scripting Vulnerability
 

Altcoins will DESTROY the IT industry and spawn an infosec NIGHTMARE
Register
Analysis Much has been written about how Bitcoin will affect libertarian society, banks, money and government, but there are some other effects that bear consideration: what it will do to the IT industry. Imagine you've always lusted after the highest ...

and more »
 
We billion-plus customers would like the next head honcho in Redmond to address these dozen action items
 
Emerson Network Power Avocent MergePoint Unity 2016 KVM Directory Traversal Vulnerability
 
Cisco TelePresence System Arbitrary Command Execution Vulnerability
 
Baidu is testing new search engines for users outside China that will target markets in Brazil, Egypt and Thailand to start with.
 
Documents linked with law enforcement inquiries appear to have been stolen in recent phishing attacks on certain employee email accounts, Microsoft said.
 
Detroit, a city in bankruptcy and dealing with a shrinking population, hopes to turn itself around with the help of 50,000 employment-based green cards.
 
Logitech is turning to what it knows best with its latest in-office videoconferencing system: Rather than a standalone hardware and software platform, the ConferenceCam CC3000e is essentially a peripheral.
 
For all his talk of "devices and services," when Steve Ballmer hands over the reins to a new CEO, he will leave an economic powerhouse that prints money by making software, but makes little on anything else.
 
[ MDVSA-2014:022 ] augeas
 
[ MDVSA-2014:021 ] perl-Proc-Daemon
 
[ MDVSA-2014:024 ] graphviz
 
[ MDVSA-2014:023 ] hplip
 
Google has acquired DeepMind Technologies, an artificial intelligence company in London, reportedly for US$400 million.
 
Internet Storm Center Infocon Status