InfoSec News

The FCC is making it easier to launch in-flight Internet services on planes in the U.S. by setting up a standard approval process for onboard systems that use satellites.
Apple has dropped its patent-infringement accusations against the Galaxy S III Mini, a mid-market Android smartphone that Samsung Electronics says it is not selling in the U.S.
CubeCart 5.0.7 and lower versions | Insecure Backup File Handling
[SECURITY] [DSA 2592-1] elinks security update
[SECURITY] [DSA 2591-1] mahara security update
SonicWall Email Security 7.4.1.x - Persistent Web Vulnerability
Log Analyzer 3.6.0 - Cross Site Scripting Vulnerability
Installing an SSD in your PC, be it a laptop or a desktop, is one of the easiest and most effective ways to boost the machine's overall performance. The change won't be merely noticeable--it will startle you. Your system will boot more quickly, windows and menus will jump open, and programs and data will load much, much faster.
Security researchers from antivirus vendor Trend Micro have uncovered a piece of backdoor-type malware that infects Java-based HTTP servers and allows attackers to execute malicious commands on the underlying systems.
If your PC lacks a SATA 6-gigabits-per-second interface, you can't get top performance out of any of the latest consumer-grade solid-state drives. Such drives bump up against the 6-gbps limit of that bus, while the older second-generation SATA interface maxes out at just 3 gbps. Apricorn's Velocity x2 should remove that roadblock for you.
In the second of three parts, The H continues its look at what people were reading in 2012, month by month. From broke reCAPTCHAs and OpenOffice debuts to Java 0days and phones with freedom, it's all in The H Roundup of 2012

Toshiba is developing a tiny digital camera module similar to the Lytro camera, which shoots tens of thousands of individual photos and then allows the user to pick the point of focus.
Verizon's attempt to secure a patent for a so-called 'snooping technology,' which in this case would let television advertisers target individual viewers based on what they're doing or saying in front of their sets, capped another challenging year for privacy advocates.
Fail2ban CVE-2012-5642 Arbitrary Log Content Injection Vulnerability

Posted by InfoSec News on Dec 28


By Bill Gertz
Washington Free Beacon
December 27, 2012

Computer hackers traced to China carried out an advanced cyberespionage
attack against one of America’s most elite foreign policy web groups --
the website of the Council on Foreign Relations (CFR).

According to private computer-security forensic specialists, the hacking
incident involved...

Posted by InfoSec News on Dec 28


By Hugo Gye
Mail Online
27 December 2012

The MI6 codebreaker who was found dead inside a holdall probably locked
himself inside the bag, according to police.

An inquest into the death of Gareth Williams found that he could have
been the victim of foul play, as the coroner expressed doubts that he
could have...

Posted by InfoSec News on Dec 28

Forwarded from: Simon Taplin <simon (at) simontaplin.net>


By Ronen Bergman

Iran is actively trying to hack Israel's critical online systems, the
head of the Shin Bet's new SIGINT (Signals Intelligence) unit told
Yedioth Ahronoth in an exclusive interview.

The Israel Security Agency officials said that aside from the hundreds
of thousands of...

Posted by InfoSec News on Dec 28


By Han Yeong-ik
Korea JoongAng Daily
Dec 28, 2012

The end of the line for a famed fugitive Korean hacker surnamed Shin
came in mid-December, when police in the Philippines found him in
Batangas Province, led to him by the earlier arrest of one of his

Shin, 39, who became famous for hacking the servers of Hyundai Capital
in the first half of 2011, was...

Posted by InfoSec News on Dec 28


By Peter Sayer
IDG News Service
December 26, 2012

A power station in the south of Iran has been hit by a cyberattack, an
Iranian news agency reported Tuesday, citing a local civil defense
official. But now agency and official are in dispute over whether he
really made the remarks.

The Iranian Students News Agency (ISNA)...
Mahara Multiple Remote Vulnerabilities
Mahara XML External Entity CVE-2012-2239 Information Disclosure Vulnerability
Mahara Multiple Cross Site Scripting Vulnerabilities
HP said in a legal filing Thursday that the U.S. Department of Justice is investigating its $10.3 billion acquisition of enterprise search company Autonomy, which HP alleges inflated its value through accounting tricks.
FalconPL 'cURL' API Security Bypass Vulnerability
Real Networks RealPlayer Multiple Security Vulnerabilities
Internet Storm Center Infocon Status