Hackin9

InfoSec News

(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 

indeni to Demonstrate its Next Generation Security Monitoring Software Both ...
Houston Chronicle
Attendees at CPX Orlando and INFOSEC Europe will get a first-hand look at the proactive monitoring software the rest of the market is chasing. Companies wanting a close look and a chance to sit down one-on-one with the world's leading security ...

and more »
 
Wireshark released today version 1.6.6 and 1.4.12 that includes fixes for several vulnerabilities.
Highlights
Versions 1.6.6 include updates for the following protocols:
- ANSI A, BSSGP, DIAMETER, DTLS, GOOSE, GSM Management, GTP, HTTP, IAX2, IEEE 802.11, IPP, ISAKMP, ISO SSAP, MP2T, MPLS, MySQL, NTP, PacketBB, PGM, Radiotap, SSL, TCP, UDP, USB, WSP
The following new and updated capture file support is included in this update:
- Endace ERF, Pcap-NG, Tektronix K12
Versions 1.4.12 include updates for the following protocols:
- HTTP, ISAKMP, MySQL, PacketBB, PGM, TCP, UDP
The following new and updated capture file support is included in this update:
Endace ERF, Pcap-NG.
The updates are available here.
[1] http://www.wireshark.org/download.html

[2] http://www.wireshark.org/lists/wireshark-announce/201203/msg00000.html

[3] http://www.wireshark.org/lists/wireshark-announce/201203/msg00001.html
-----------
Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu (c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
-----------
Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu (c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
Software company Bluestacks is trying to close the gap between Microsoft's Windows and Google's Android OS with its App Player application, which was released in beta on Tuesday.
 
An AWOL U.S. Army soldier based in Pittsburgh is accused of stealing Microsoft co-founder Paul Allen's identity and using it attempt to steal money from Allen's Citibank account.
 
Netflix's streaming-video entertainment via the Internet has become so popular it now represents almost a third of peak downstream traffic in North America. It also represents an IT support challenge for Netflix, which is trying to balance use of cloud services with traditional internal IT and data centers.
 
Google is working on a number of advanced programming technologies to ease complex Web application development, a Google engineer revealed at a conference for software developers.
 
India's IT companies have been lobbying U.S. officials to improve access to work visas by touting the fact that they are hiring more U.S. workers.
 
U.S. lawmakers called on three large U.S. government agencies, including the Department of Energy, to start monitoring their IT purchases for possible malware, counterfeits or other security flaws, after a watchdog agency pointed out potential vulnerabilities in their IT supply-chain procedures.
 
Overview
Your vote counts!The ISC Poll https://isc.sans.edu/poll.html is a quick and easy way to weigh in and compare your answer to hundreds of others in the industry. A new poll is posted occasionally to gauge the opinion or interest of current events and topics. The latest poll is always in the right column of the homepage. You can jump to the poll page, vote/comment or view results directly from the box.
Features
Current Poll
https://isc.sans.edu/poll.html#results Each poll consists of a question and list of answers to choose from and generally a comment box for additional information about your answer. Choosing an answer and clicking the Vote button will automatically display the poll results and selected comments.
Archive Polls
https://isc.sans.edu/poll.html#poll_archive Previous poll questions are listed newest to oldest. Clicking the question will show poll results and selected comments.

Post suggestions or comments in the section below or send us any questions or comments in the contact form on https://isc.sans.edu/contact.html#contact-form
--

Adam Swanger, Web Developer (GWEB, GWAPT)

Internet Storm Center https://isc.sans.edu (c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
Apple today reacted to reports that the new iPad under-reports its battery status, saying a researcher's analysis was essentially correct but that that's how the tablet and its iOS software were designed.
 
RockYou will submit to third-party security audits for the next 20 years as part of a settlement of charges filed by the U.S. Federal Trade Commission in connection with a Dec. 2009 data breach that exposed email addresses and passwords belonging to over 30 million individuals.
 
The next round of 'meaningful use' healthcare rules require that patients begin using e-health records before hospitals and doctors' offices can qualify for reimbursements.
 
Executives at AstraZeneca, a global pharmaceutical company, know that it's not enough to provide social collaboration tools for their employees. Those tools need to be highly mobile.
 
Given that cloud computing is still emerging, it shouldn't come as a surprise that opinions vary widely on the best way to architect the storage. In fact, it seems likely that there is no such panacea -- different types of private cloud almost always require different approaches.
 
The U.S. National Telecommunications and Information Administration has identified 95 MHz of wireless spectrum now used by government agencies that could be used for commercial mobile service, but mobile operators may have to share the spectrum with the current inhabitants.
 
Expat XML Parsing Multiple Remote Denial of Service Vulnerability
 
[ MDVSA-2012:041 ] expat
 

Social networking security threats have taken a back seat to mobile security and targeted attacks directed at corporate networks in recent years. But there is news of two new Facebook attacks targeting users to spread spam and malware, and ultimately steal personal information, including account credentials.

A rogue Facebook application that lures the victim into using it to discover who has viewed their Facebook profile, has been detected on the social network. The application asks permission to access the profile and once granted, it begins posting to the victim’s wall, without explicit permission according to security firm Sophos.

The second Facebook attack is targeted at Brazilian users of Facebook. It uses malicious Google Chrome extensions that it presents as a tool to change the Facebook profile color or provide virus removal. Like the attack documented above, the tool can gain full control of the victim’s Facebook account, posting messages to spread spam and malware, according to a researcher at Kaspersky Lab.

The attacks are a reminder that enterprises need to have a social networking policy in place and should educate users about phishing and other threats designed to gain access to their Facebook account. If cybercriminals are attempting to steal account credentials from Facebook users, it’s very likely that a certain percentage of pilfered passwords are used for multiple accounts, including access to the victim’s corporate network.

Tom Cross, manager of threat intelligence and security on IBM’s X-Force team, told me it’s likely that well-funded and organized cyberattackers use social networks to design targeted social engineering attacks against enterprises. “You could get a comprehensive picture of an organization,” Cross said, by just examining an employee’s Facebook profile.

In addition, IBM’s 2011 X-Force Trend and Risk report, issued last week, found automated attacks moving to social networking platforms. “Frauds and scams that were successful years ago via email found new life on the social media forums,” according to the report. Attackers are designing phishing campaigns, typically phony friend requests, made to look like they were sent from social networks.

Malicious activity on Facebook is being constantly monitored by security vendors and Facebook’s internal security team, but attackers are still slipping through. Last October, Facebook released security data (.pdf) that shed light into malicious activity on the network. The company said it classifies 4% of the content shared on Facebook as spam. Of the spam, a tiny percentage is being used to direct users to malicious websites. Facebook says one in 200 users experience spam on any given day.

The most telling of all the statistics released by Facebook: About .06% of the more than 1 billion Facebook user logins each day are compromised. That means that 600,000 Facebook users have their accounts compromised each day. Facebook doesn’t define a “compromised account,” but acknowledged to Ars Technica that the statistic stems from accounts that are blocked if Facebook is not confident that the true owner logged in. They were likely the victim of a phishing scam, the Facebook spokesperson said.

Few people probably realize that Facebook offers a one-time-password service to users as well as an ID verification service that will send a text message to verify that the user login is genuine. Websense is one of several security vendors that partners with Facebook to provide URL filtering. The company also sells a Defensio Facebook monitoring service, kind of a content filtering engine that can detect spam and malicious content posted to an account.

Charles Renert, the new head of the Websense Security Labs, told me that most attackers are sticking to email, using it as a lure to send victim’s to malicious webpages. But phishing is shifting to Twitter, Facebook and other social networking platforms. Malicious links posted on Facebook lure the victim into thinking it’s a popular viral video, but then redirects them to a website hosting malware. Other links are less malicious, but still objectionable, Renert said. They send victims to spam sites peddling porn, pharmaceuticals and other items that the victim didn’t intend to see, he said. “They’re exploiting the trust element,” Renert said.



Add to digg Add to StumbleUpon Add to del.icio.us Add to Google
 

indeni to Demonstrate its Next Generation Security Monitoring Software Both ...
Virtual-Strategy Magazine
Attendees at CPX Orlando and INFOSEC Europe will get a first-hand look at the proactive monitoring software the rest of the market is chasing. Companies wanting a close look and a chance to sit down one-on-one with the world's leading security ...

and more »
 
Businesses are under pressure to enable collaboration beyond the corporate firewall as workers increasingly need to connect with remote colleagues as well as business partners, suppliers and consultants. The challenge to IT departments is that many employees are turning to email and consumer-grade file-sharing services to get their work done and exposing the enterprise to risk in the process.
 
Global spending onsoftware as a service will rise 17.9% this year to $14.5 billion, according to figures released Tuesday by analyst firm Gartner.
 
Lenovo announced an enterprise-focused app store for tablets running Android 3.1 or higher.
 
The U.S. National Telecommunications and Information Administration has identified 95 MHz of wireless spectrum now used by government agencies that could be used for commercial mobile service, but mobile operators may have to share the spectrum with the current inhabitants.
 
Open source cloud offerings have specific characteristics that provide benefits above and beyond proprietary offerings, two top officials at Red Hat said during a webinar today.
 
Top mobile device makers including Apple and Samsung were sued on Tuesday by Graphics Properties Holdings, which is alleging that the smartphone vendors infringed on a single graphics-related patent in their smartphones and other consumer electronics.
 
phpMyVisites 'phpmv2/index.php' Multiple Cross Site Scripting Vulnerabilities
 
Re: CVE-2012-0037: libraptor - XXE in RDF/XML File Interpretation (Multiple office products affected)
 
[ MDVSA-2012:040 ] gnutls
 

indeni to Demonstrate its Next Generation Security Monitoring Software Both ...
PR Web (press release)
Attendees at CPX Orlando and INFOSEC Europe will get a first-hand look at the proactive monitoring software the rest of the market is chasing. We invite all attendees at both shows to come by and see exactly what indeni's next-generation monitoring can ...

and more »
 
Global spending on SaaS (software as a service) will rise 17.9 percent this year to US$14.5 billion, according to figures released Tuesday by analyst firm Gartner.
 
Verizon Wireless on Thursday will begin exclusive sales of the LG Lucid smartphone, offering it for $79.99 after rebate with a two-year agreement.
 
In a shock turnaround, members of the European Parliament's civil liberties committee voted on Tuesday to endorse a controversial data transfer agreement with the United States.
 
Two U.S. senators are calling for a federal investigation into the growing trend of employers seeking access to the social network pages of job applicants.
 
The single sign-on protocols that allow users to sign in to a range of websites with their Google or Facebook accounts suffer from security flaws that could allow scammers to log in as somebody else, security researchers have reported.
 
The Google I/O 2012 conference sold out its allotment of 5,500 tickets within 20 minutes today, a company executive said.
 
[waraxe-2012-SA#080] - Multiple Vulnerabilities in NextBBS 0.6.0
 
[ MDVSA-2012:039 ] libtasn1
 
[PRE-SA-2012-02] Incorrect loop construct and numeric overflow in libzip
 
[SECURITY] [DSA 2443-1] linux-2.6 security update
 
[SECURITY] [DSA 2442-1] openarena security update
 
[ MDVSA-2012:038 ] openssl
 
Matthew1471s ASP BlogX - XSS Vulnerabilities
 
Extension to Team Foundation Service platform lets developers build source code on Windows Azure cloud
 
IT is a fast-moving field--ideas arise, reach prototype, and go to market quicker than it takes for the average clinical trial to be cleared; yet this one concept within information security--defense requires greater visibility than can be obtained from any single network and to have a fighting chance we should reciprocally distribute data on the attacks and attackers we identify, remains an unresolved debate. I've heard the same thing in information security for quite some time: "We need to share more data."
 
Traffic amplification via Quake 3-based servers
 
SQL injection attack possible when connecting to PostgreSQL 9.1 with version 8.1 JDBC driver
 
[SECURITY] [DSA 2440-1] libtasn1-3 security update
 
CVE-2012-0037: libraptor - XXE in RDF/XML File Interpretation (Multiple office products affected)
 
Microsoft has released Windows Phone SDK 7.1.1, which allows developers to customize their apps for cheaper Windows Phones with less memory, and also run the development kit on Windows 8 machines, the company said in a blog post on Monday.
 
Traditional tower desktops have had a good run. All-in-one PCs--expensive upstarts just two or three years ago--have all but usurped the throne.
 
Two U.S. senators are calling for a federal investigation into the growing trend of employers seeking access to the social network pages of job applicants.
 
Desktop search? That's so last decade. Today, we've gone mobile--and so have search leaders Bing, Google, and Yahoo. In this active age, we're just as likely to turn to our smartphone to find what we want as we are to boot up our PC. And though many people consider Google the king of desktop search, things are not so clear-cut when it comes to mobile search, in part because delivering relevant blue links is only one aspect of a great mobile search experience.
 
A group of hackers claiming to be the reborn Lulz Security (LulzSec) took credit for an alleged compromise of MilitarySingles.com, a dating website for military personnel, and the leak of over 160,000 account details from its database.
 
Foxconn parent Hon Hai Precision Industry will acquire a stake of almost 10% in Japanese consumer electronics maker Sharp, and almost half of its LCD panel subsidiary Sharp Display Products, in a deal announced Tuesday.
 
DotCloud has become the latest platform-as-a-service provider to add features typically associated with infrastructure-as-a-service offerings, this time by enabling vertical scaling, the company said Tuesday.
 
Cisco will announce improvements on Tuesday to its Jabber IM, presence and video-conferencing product, as well as to its room-size "immersive" telepresence systems, as the networking giant continues to push its way into the workplace collaboration market.
 
Telenav today launched Scout for Apps, a free service for mobile Web and app developers that allows them to offer their customers free, turn-by-turn GPS navigation that is voice-guided.
 
The Dutch High Tech Crime Team has arrested a 17-year-old suspected of compromising customer account data on hundreds of servers belonging to telecommunications operator KPN.
 
Data crunching can be useful for a wide range of analyses; we look at 8 tools that can make it easier to sort your numbers and show them off to their best advantage.
 
Bull has unveiled a new transaction processing application platform, Libert TP, which it says will allow businesses to move legacy applications from Cobol or C to a Java environment at their own pace.
 
Windows 8 users will be able to set which version of Internet Explorer 10 automatically opens Web pages when links are clicked, Microsoft said Monday.
 
Compare tools for functionality, skill level and more.
 
OpenSSL CMS PKCS #7 Decryption CVE-2012-0884 Security Bypass Vulnerability
 
Pidgin 'msn_oim_report_to_user()' Denial of Service Vulnerability
 
Pidgin XMPP Protocol Denial of Service Vulnerability
 

The new Oxford Cyber Security Centre
Infosecurity Magazine
As the information security industry becomes more coveted, Wendy M. Grossman takes a look at the university courses available to aspiring and competing infosec professionals on both sides of the Atlantic A US university researcher has devised an ...

and more »
 
When major Canadian telecommunications company wanted to change how it handles employee training, it turned to social networking.
 
The connection between adults with autism and computer programming has become the basis of a unique nonprofit technology company in Texas.
 
With many colleges offering online classes as part of their curricula, students are increasingly turning to mobile devices to supplement live sessions with teachers and classmates alike.
 
Facebook claimed it found on the computers of Paul D. Ceglia the original StreetFax contract which had assigned work to its founder Mark Zuckerberg, while a work order that Ceglia claimed as the basis for his ownership of a stake in Facebook was allegedly a forgery.
 
Hewlett-Packard filed Monday for a pretrial ruling that Oracle is contractually required to offer future versions of its software on the Itanium platform, claiming that an agreement between HP and Intel ensured that the Itanium was not an end-of-life processor as claimed by Oracle.
 

Posted by InfoSec News on Mar 27

http://news.cnet.com/8301-1009_3-57404815-83/hackers-steal-passwords-from-military-dating-site

By Elinor Mills
Security
CNET News
March 26, 2012

Hackers broke into the database for a military dating Web site and stole
passwords, e-mail addresses, and other information from nearly 171,000
accounts, according to a post on the Pastebin site this weekend:

"The website http://www.militarysingles.com/ was recently closed day ago
or so, so we...
 

Posted by InfoSec News on Mar 27

http://www.networkworld.com/news/2012/032612-open-source-vulnerabilities-257645.html

By Ellen Messmer
Network World
March 26, 2012

A study of how 31 popular open-source code libraries were downloaded
over the past 12 months found that more than a third of the 1,261
versions of these libraries had a known vulnerability and about a
quarter of the downloads were tainted.

The study was undertaken by Aspect Security, which evaluates software...
 

Posted by InfoSec News on Mar 27

http://www.govtech.com/public-safety/Report-Hacking-Lands-Florida-Wastewater-Official-in-Hot-Water.html

Government Technology
March 26, 2012

The former chief financial officer of Florida’s Key Largo Wastewater
Treatment District is over his head in cybercrime after being arrested
and charged with hacking the district’s computer system.

Sal Zappulla is facing at least 21 felony counts as a result of his
alleged hacking, according to The...
 

Posted by InfoSec News on Mar 27

http://www.theatlanticwire.com/technology/2012/03/microsofts-superhero-cyber-crime-fighting-unit/50318/

By Rebecca Greenfield
The Atlantic Wire
March 26, 2012

When Microsoft's not making software or technological marvels in its
labs, it's fighting crimes with its Digital Crimes Unit. This morning we
learned about one of its missions, from The New York Times, which sounds
more like a scene in a movie than something that goes on at a...
 

Posted by InfoSec News on Mar 27

http://www.v3.co.uk/v3-uk/news/2163744/financial-services-firms-fear-shamed-anonymous

By Alastair Stevenson
V3.co.uk
27 Mar 2012

Professionals in the financial services sector view reputational damage
as one of the worst consequences of a successful cyber attack, a new
report from PricewaterhouseCoopers (PwC) has revealed.

Based on the responses of 3,877 companies across 78 countries, PwC found
that half of the respondents from the banking...
 
IBM WebSphere Application Server Hash Collision Denial Of Service Vulnerability
 
IBM WebSphere Application Server 'iscdeploy' Script Insecure File Permissions Vulnerability
 
Internet Storm Center Infocon Status