InfoSec News


Vale Atque Ave
Network World
My new home is called "InfoSec Perception" and is being run by the nice folks at InfoSec Reviews in England. Except for having to switch to UK spelling (not hard for a former Canadian), the content will be in exactly the same style as what you have ...

 
Five chip makers, including Intel, IBM, Samsung Electronics, GlobalFoundries and Taiwan Semiconductor Manufacturing Co. have committed investment of US$4.4 billion in research and development in the state of New York over the next five years, to develop new 450-millimeter chip wafer technology, the state's governor Andrew M. Cuomo said on Tuesday.
 
U.K. company Sensible Cloud on Tuesday began offering software designed to help companies take greater advantage of the benefits of cloud computing.
 
Facebook has an internal tool for developing mobile applications primarily using HTML5, which eventually should allow it to bring every feature of its Web platform onto mobile devices.
 
CloudSigma, the European infrastructure-as-a-service provider, is bringing its offering to the crowded U.S. market.
 
Visitors to MySQL.com were treated to theBlackHole exploit kit which quietly served malware to Windows users.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google
 
The third iteration of the widely acclaimed Building Security in Maturity Model documents software security initiatives at 42 enterprises.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google
 
Some readers have been writing in saying they are seeing parts of their network drop peering for unknown reasons. The reason is that Saudi Telecom was sending out routes with invalid attribute #128 (a private attribute).



NANOG posting showing private attribute discussion.

http://www.gossamer-threads.com/lists/nanog/users/144466

This was triggering a Juniper peering issue the PSN information below requires a juniper login.

http://www.juniper.net/alerts/viewalert.jsp?txtAlertNumber=PSN-2011-09-380actionBtn=Search

Juniper is (was) following RFC 4274 http://www.ietf.org/rfc/rfc4271

When any of the conditions described here are detected, a

NOTIFICATION message, with the indicated Error Code, Error Subcode,

and Data fields, is sent, and the BGP connection is closed (unless it

is explicitly stated that no NOTIFICATION message is to be sent and

the BGP connection is not to be closed). If no Error Subcode is

specified, then a zero MUST be used.



Starting with Junos 10.2, Juniper added the ability to allow you to

completely ignore or drop the path attributes of your choice:



http://www.juniper.net/techpubs/en_US/junos10.4/topics/task/configuration/bgp-drop-path-attributes-configuring.html

http://www.juniper.net/techpubs/en_US/junos10.4/topics/task/configuration/bgp-ignore-path-attributes-configuring.html
There is some fairly new work being done in an IETF routing working group to allow for minor miscommunication between peers without dropping the session and all of your neighbors routes. It is still early but given the issues we have seen with things like this lately it is a good step forward as is Juniper's new abilities. (c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
Great news for Internet security. Microsoft has effectively killed off the Kelihos botnet which has about 42-45Knodes. The signature to remove the botnet agent from infected machine is added to the Malicious Software Removal Tool which will be rolled out to users taking automatic updates. Microsoft also took a proactive approach on the legal front, filing for court order to get Verisign (the domain registrar for the malicious domains) to take down the malicious domains related to the botnet operations.
Great to see the Digital Crimes Unit at Microsoft being so proactive about shutting down malware.
More info on this,
http://blogs.technet.com/b/mmpc/archive/2011/09/26/operation-b79-kelihos-and-additional-msrt-september-release.aspx

http://www.computerworld.com/s/article/9220321/Striking_a_domain_provider_Microsoft_kills_off_a_botnet?taxonomyId=82pageNumber=1 (c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
Chalk up another big partnership win for Microsofts Hyper-V from the world of virtual, programmable switching. NEC's OpenFlow-based network fabric, ProgrammableFlow, will be integrated with Windows Server 8 and Hyper-V when Windows Server 8 becomes available, NEC says.
 
GM subsidiary OnStar has reversed a planned change to its privacy policies that would have let it collect and share GPS tracking and other data from vehicles -- even after users stopped subscribing to OnStar.
 
Violin Memory released an upgrade to an all-flash memory array, doubling the capacity, as well as a new higher-end line of arrays that store up to 20TB per 3U shelf with an aggregate of 4GBps throughput.
 
SSL/TLS Protocol Initialization Vector Implementation Information Disclosure Vulnerability
 
This week I was invited to attend a gathering at Collabworks, an organization focused on the virtual enterprise. Collabworks believes that the kinds of savings and efficiencies that virtualization has brought to IT can be brought to entire companies by reorganizing workplaces along the lines of what has happened in IT (virtualization to remove dependencies, focus on service outputs rather than processes, and use of specialized external resources rather than internal employees). As IT only accounts for around three percent of total corporate costs, if Collabworks' theory is right, there's clearly great opportunity for enterprises.
 
Salaries for engineers have been increasing, despite a weak economy and a higher-than-normal rate of unemployment for this group, according to the IEEE-USA.
 
Microsoft today said it will issue a Windows security update to plug a long-known hole in the protocol that secures websites.
 
The European Parliament on Tuesday revised EU rules on the export of so-called dual-use technologies with an aim of restricting those that can be used to violate human rights.
 
Two U.S. lawmakers have called on the U.S. Federal Trade Commission to investigate the use of so-called supercookies on many websites, saying that use of the hard-to-remove tracking tools may be an unfair business practice.
 
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
Kraft, Whirlpool, Motorola Solutions and other employers are pioneering BYOT policies to drive productivity and reduce costs. Here's why your employees want this and what you need to do to make it happen.
 
Microsoft on Tuesday began its rollout of the Windows Phone 7.5 "Mango" update to smartphones.
 
Novell GroupWise Internet Agent HTTP Interface Stack Buffer Overflow Vulnerability
 
iDefense Security Advisory 09.26.11: Novell GroupWise iCal TZNAME Heap Overflow Vulnerability
 
Sprint on Sunday will launch a new rugged wireless phone along with a next-generation push-to-talk service called Sprint Direct Connect that offers speedy data capabilities.
 
More than a third of all Android phones in the U.S. are equipped with 4G and the number is rapidly increasing, according to a study by app analytics firm Localytics.
 
Apple today announced an Oct. 4 event on its Cupertino, Calif. campus to unveil its newest iPhone.
 
A controversial trade agreement targeting counterfeiters and copyright infringers is scheduled to be signed this Saturday in Tokyo, the Office of the U.S. Trade Representative has announced.
 
Microsoft has opened a front in its ongoing battle against Internet scammers, using the power of a U.S. court to deal a knockout blow to an emerging botnet and taking offline a provider of free Internet domains.
 
Many of the world's largest smartphone makers have agreed to make NFC smartphones that will work over the Isis mobile wallet network.
 
Secunia Research: Novell GroupWise Internet Agent "TZNAME" Parsing Vulnerability
 
openEngine 2.0 'id' Blind SQL Injection vulnerability
 
Novell GroupWise 'TZNAME' Variable Parsing Remote Code Execution Vulnerability
 
Secunia Research: Novell GroupWise Internet Agent HTTP Interface Buffer Overflow
 
OCZ's latest SSD, the Synapse, works in conjunction with a computer's regular hard drive to boost performance.
 
How one CIO freed up his IT team, saved money and let a bunch of lawyers decide what device they would use for work.
 
Helped by advanced antenna technology, Nokia Siemens Networks is pushing HSPA (High-Speed Packet Access) download speeds to 336M bps (bits per second) during a demonstration at the PT/Expo Comm show in Beijing.
 
NGS00109 Patch Notification: ImpressPages CMS Remote code execution
 
[security bulletin] HPSBUX02702 SSRT100606 rev.4 - HP-UX Apache Web Server, Remote Denial of Service (DoS)
 
Re: PunBB 1.3.6 bug
 
What's your multiple? Do you know?
 
Intermec, which has made its name over four decades as a provider of rugged mobile devices mainly for service delivery and warehouse use, is moving quickly into mobile management software and services.
 
Hackers have found a new hook to trick people into opening malicious attachments: send emails that purport to come from office printers, many of which now have the ability to email scanned documents.
 
Sony said Tuesday it will sell a screen attachment for its Vaio laptops that allows users to view 3D movies and images without glasses.
 
Craig Mundie, Microsoft's chief research and strategy officer, doesn't speak Chinese. But on Tuesday he did, via a life-like virtual avatar shown at the company's offices in Beijing that can simulate his voice and speak in other languages.
 
Atlassian JIRA Cross Site Scripting and HTML Injection Vulnerabilities
 
PC vendor Lenovo has formed a joint venture with laptop contract manufacturer Compal Electronics to build and operate a new factory in China, as part of a move to keep up with product sales, Lenovo announced Tuesday.
 
Al-Qaida's top-tier Al-Shamukh chat forum is facing an ongoing electronic attack, that has rendered the forum totally unreachable, according to a terrorism expert.
 
Nokia has started shipping the N9, its first and last smartphone based on the MeeGo operating system, the company said on Tuesday.
 
A coastal region of Japan due for a major earthquake and possible tsunamis has implemented a cloud-based disaster management system run by Salesforce.com.
 
GM subsidiary OnStar's plan to collect and share GPS tracking and other data from vehicles even after their owners stop subscribing to its service, has prompted an outcry from some lawmakers.
 
Apple has updated the bare-bones antivirus protection included with Mac OS X to detect a Trojan horse that poses as a PDF document.
 
Agile and other modern development methods mean programmers need to move fast -- but ops often won't let them
 
Vanira CMS 'vtpidshow' Parameter SQL Injection Vulnerability
 
Adobe ColdFusion Multiple Cross Site Scripting Vulnerabilities
 
The lead architect of NASA's cloud platform, which spun off into the open-source OpenStack cloud operating system, is launching a new company and product aimed at helping enterprises more easily build private clouds.
 
Internet Storm Center Infocon Status