Hackin9
Aerohive Networks sells not just enterprise Wi-Fi gear but also cloud-based software designed to make it easier to set up and manage a customer's entire wired and wireless network. Other wireless LAN vendors are moving in the same direction, including Cisco Systems, the biggest seller of enterprise Wi-Fi, which acquired Meraki Networks in 2012.
 

According to a new paper authored by two Google security engineers, 21 out of the world’s top 25 news organizations have been successfully hacked by state-sponsored actors.

Reuters reported on the duo's findings, which were presented on Friday at the Black Hat Asia security conference in Singapore.

Among targets of hacking attacks, journalists were “massively over-represented,” Shane Huntley, one of the paper's authors, told the news wire. Google has been monitoring such attacks, which are often sponsored by foreign governments that seek sensitive information held by journalistic enterprises, in many cases related to secretive corporate and governmental operations.

Read 6 remaining paragraphs | Comments

 
FFmpeg and Libav 'libavcodec/wmalosslessdec.c' Memory Corruption Vulnerability
 
FFmpeg and Libav 'libavformat/mpegtsenc.c' Buffer Overflow Vulnerability
 
FFmpeg and Libav 'msrle_decode_frame()' Function Out of Bounds Denial of Service Vulnerability
 
Forrester analyst Peter Burris says CIOs will need to work on two tracks: internal IT operations and the business systems focused on the customer experience.
 
Dell Research, a new division of the recently privatized Dell, is conducting early experiments with brain and body sensors to detect a person's mood for use in computers involved with education and communications. It could also be used to monitor a person's mood while driving or playing games.
 
Microsoft will no longer go through email messages and other personal data that users of its online services have stored on its servers, a decision taken after being sharply criticized for accessing a person's inbox as part of an internal investigation.
 
The latest firmware in some Philips smart TV models opens an insecure Miracast wireless network, allowing potential attackers located in the signal range to control the TV remotely and perform unauthorized actions.
 
The My Passport Pro comes in 2TB and 4TB models and can be set to RAID 0 or 1.
 
The never-ending legal battle between Apple and Samsung enters a new phase Monday when lawyers begin selecting a jury for a new trial that will address new complaints against a different set of phones.
 
Intel is making improvements to its smallest computer, called Edison, which is targeted at wearable devices and was introduced in January.
 

Developers of two popular smartphone apps—Fandango and Credit Karma—have been caught transmitting passwords, social security numbers, birth dates, and other highly sensitive user data over the Internet without properly encrypting it first, officials with the Federal Trade Commission said.

As a result, it was trivial for hackers to intercept the data when people used the apps on both Apple's iOS and Google's Android mobile operating systems, complaints filed by the FTC alleged. The complaints leveled charges of other shortcomings in the developers' security, including the failure to properly test and audit the safety of apps before making them available for download. The improper encryption, which security experts warn is akin to having no encryption at all, was allowed to persist for four years at Fandango. The company also failed to have an adequate process for receiving vulnerability reports from researchers and other third parties, FTC officials said.

Fandango has as many as 100 million downloads from the iOS App Store and Google Play market for Android. Among other things, the app allows users to buy movie tickets. Credit Karma has five million to 10 million downloads and allows users to monitor their credit scores.

Read 7 remaining paragraphs | Comments

 
Linux Kernel 'ip6_route_add()' Function Denial of Service Vulnerability
 
Deutsche Telekom CERT Advisory [DTC-A-20140324-002] update140328 - vulnerabilities in check_mk
 
openSUSE rubygems Unspecified Security Vulnerability
 
A place in your pocket is no longer enough for mobile gadget makers. Now, they want your body.
 
News, features, explainers, opinions and more about the Internet of Things
 
Several Mozilla employees yesterday took to Twitter to call for the resignation of their new CEO, JavaScript creator Branden Eich, for supporting California's Proposition 8 more than five years ago.
 
More so than Web-based applications, mobile apps tend to have security design flaws that attackers can exploit. (Insider; registration required)
 
Adobe Flash Player CVE-2014-0510 Unspecified Heap Based Buffer Overflow Vulnerability
 
Adobe Reader CVE-2014-0511 Use After Free Remote Code Execution Vulnerability
 
iStArtApp FileXChange v6.2 iOS - Multiple Web Vulnerabilities
 
LinuxSecurity.com: Security Report Summary
 
LinuxSecurity.com: ClamAV has been updated to a new version.
 
LinuxSecurity.com: Security Report Summary
 
LinuxSecurity.com: Security Report Summary
 
[SECURITY] [DSA 2887-1] ruby-actionmailer-3.2 security update
 
[SECURITY] [DSA 2888-1] ruby-actionpack-3.2 security update
 
BlackBerry continued to struggle during the company's fiscal fourth quarter, experiencing a huge drop in revenue and a $423 million net loss.
 
The thin client has been largely disappointing from the beginning, but a partnership between VMware and Nvidia may finally give the thin client the performance, scalability, security and price it needs to catch on.
 
SEC Consult SA-20140328-0 :: Multiple vulnerabilities in Symantec LiveUpdate Administrator
 
[SECURITY] [DSA 2889-1] postfixadmin security update
 
Easy FileManager 1.1 iOS - Multiple Web Vulnerabilities
 
Lazybone Studios WiFi Music 1.0 iOS - Multiple Vulnerabilities
 
[oCERT-2014-003] LibYAML input sanitization errors
 
ESA-2014-016: EMC VPLEX Multiple Vulnerabilities
 
BlackBerry continued to struggle during the company's fiscal fourth quarter, experiencing a huge drop in revenue and a $423 million net loss.
 

While looking at the latest honeypot data for what is happening with Synology devices, I did notice one particular agressive IP connecting to a number of our honeypot IPs. At first, I figured it may just be a new Shodan scan (got tons of them in the honeypot). But when I connected to port 443 using openssl, I saw a rather interesting SSL certificate being sent:

$ openssl s_client -connect a.b.c.d:443
CONNECTED(00000003)
depth=0 C = CN, ST = ZheJiang, L = HangZhou, O = HIKVISION, OU = DVRNVR, 
CN = www.hikvision.com, emailAddress = [email protected]
verify error:num=18:self signed certificate
verify return:1
depth=0 C = CN, ST = ZheJiang, L = HangZhou, O = HIKVISION, OU = DVRNVR, 
CN = www.hikvision.com, emailAddress = [email protected]
verify return:1
GET ---
Certificate chain
 0 s:/C=CN/ST=ZheJiang/L=HangZhou/O=HIKVISION/OU=DVRNVR/CN=www.hikvision.com/[email protected]
   i:/C=CN/ST=ZheJiang/L=HangZhou/O=HIKVISION/OU=DVRNVR/CN=www.hikvision.com/[email protected]

This certificate appears to be associated with a DVR sold in conjunction with security camera systems [1]. Usually these systems run some form of Linux, so I guess it is to expected that given a weak password, these systems get mistaken for a Linux server and exploited just like one.

Right now, if I am real lucky I may be able to get a hold of the owner of the DVR, but it looks like a Chinese residential IP so not getting my hopes up too high.

[1] http://www.hikvision.com/en/us/index.asp

------
Johannes B. Ullrich, Ph.D.
SANS Technology Institute
Twitter

(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
Microsoft's new Office for iPad apps vaulted to the top of the free application chart on Apple's App Store shortly after their Thursday debut.
 
WordPress Felici Theme 'uploadify.php' Arbitrary File Upload Vulnerability
 
The Tokyo District Court has granted a bankruptcy examiner six more weeks to assess the convoluted situation surrounding failed Bitcoin exchange Mt. Gox.
 
A U.S. judge has ruled that the Chinese search engine Baidu has the right to block pro-democracy works from its query results, dismissing a lawsuit that sought to punish the company for Internet censorship.
 
With the launch of Office for iPad yesterday, Microsoft again effectively cut Apple out of most of the revenue stream by making the apps free to download.
 
A little-known U.S. space plane quietly broke its own space endurance record this week as its current unmanned mission surpassed 469 days in space.
 

Posted by InfoSec News on Mar 28

http://www.networkworld.com/news/2014/032714-solutionary-280149.html

By Ellen Messmer
Network World
March 27, 2014

Failures in patch management of vulnerable systems have been a key enabler
of cybercrime, according to the conclusions reached in Solutionary’s
annual Global Threat Intelligence Report out today, saying it sees botnet
attacks as the biggest single threat.

The managed security services provider, now part of NTT, compiled a...
 

Posted by InfoSec News on Mar 28

http://healthitsecurity.com/2014/03/27/how-will-windows-xp-end-of-support-affect-health-it-security/

By Patrick Ouellette
Health IT Security
March 27, 2014

As is the case with most pending vendor support deadlines, the upcoming
end of Microsoft Windows XP support on April 8, 2014 has been a polarizing
topic in the enterprise and healthcare spaces. There are some
organizations that may be unaware that Microsoft will no longer be
providing...
 

Posted by InfoSec News on Mar 28

http://dealbook.nytimes.com/2014/03/26/law-firms-scrutinized-as-hacking-increases/

By MATTHEW GOLDSTEIN
Dealbook
The New York Times
MARCH 26, 2014

A growing number of big corporate clients are demanding that their law
firms take more steps to guard against online intrusions that could
compromise sensitive information as global concerns about hacker threats
mount.

Wall Street banks are pressing outside law firms to demonstrate that their...
 

Posted by InfoSec News on Mar 28

http://blogs.wsj.com/digits/2014/03/27/new-firm-pitches-cybersecurity-for-less-well-heeled/

By DANNY YADRON
Digits
The Wall Street Journal
March 27, 2014

Last week, we wrote about military contractors pitching banks and energy
companies on big-ticket anti-hacking technology -- not something everyone
can afford.

Now some big-name former Washington officials are backing a new
cybersecurity company that seeks to help less-well-heeled clients....
 

Posted by InfoSec News on Mar 28

http://arstechnica.com/tech-policy/2014/03/feds-want-an-expanded-ability-to-hack-criminal-suspects-computers/

By Cyrus Farivar
Ars Technica
March 27, 2014

The United States Department of Justice wants to broaden its ability to
hack criminal suspects’ computers according to a new legal proposal that
was first published by the Wall Street Journal on Thursday.

If passed as currently drafted, federal authorities would gain an expanded
ability...
 
Internet Storm Center Infocon Status