InfoSec News

Oracle's lawsuit against SAP has taken an unexpected turn four days before trial was due to begin, with SAP saying it won't contest charges that it contributed to acts of copyright infringement by its TomorrowNow subsidiary.
 
A former IT staffer has been sentenced to a year and a day in prison for stealing sensitive information belonging to his co-workers and using the data to make money filling out online health surveys.
 
As China works to realize its ambitions in high-tech, the nation has been flexing its muscle on two fronts this month in ways that are getting attention from the U.S. government and industry.
 
Linux Kernel GFS2 Directory Rename NULL Pointer Dereference Local Denial of Service Vulnerability
 
Adobe Shockwave Player 'dirapi.dll' CVE-2010-4084 Memory Corruption Vulnerability
 
Linux Kernel CVE-2010-2240 Privilege Escalation Vulnerability
 
libHX 'HX_split()' Remote Heap-Based Buffer Overflow Vulnerability
 
I've always been a bit intimidated by video editing software. It overwhelms me, offering too many options and not enough explanations to guide a moviemaking novice like me. That's why I thought Microsoft's Windows Live Movie Maker 2011 (free) might be my perfect app, as it's designed for casual users like me. And while Movie Maker is easy enough to use, and produces generally pleasing results, it's also a bit limited--even by my standards.
 
Oracle's lawsuit against SAP has taken an unexpected turn four days before trial was due to begin, with SAP saying it won't contest charges that it contributed to acts of copyright infringement by its TomorrowNow subsidiary.
 
Linux Kernel CIFS DNS Lookup Cache Poisoning Vulnerability
 
Linux Kernel XSF 'SWAPEXT' IOCTL Local Information Disclosure Vulnerability
 
Linux Kernel CVE-2010-2066 Donor File Security Bypass Vulnerability
 
Linux Kernel XDR Implementation Local Buffer Overflow Vulnerability
 
Gateway's ID49C13u, a thin and sedately handsome all-purpose laptop, is a giant step forward for a company whose recent notebook PCs seemed stuck in the doldrums. Gateway has even included a glowing touchpad that pulses in hypnotic rhythms while you boot up.
 
Oracle Java SE and Java for Business CVE-2010-3566 ICC Profile Vulnerability
 
(c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
 
Mobile payments are starting to come to U.S. carriers in various forms after years of expectations, with AT&T announcing a trial with back-end service provider Boku a day after Sprint Nextel announced its Sprint Mobile Wallet.
 
Healthy sales of Windows 7, Office 2010 and Xbox 360 consoles propelled Microsoft to $5.41 billion in net income for its first fiscal quarter of 2011, a 51% increase from the same period a year ago.
 

Adobe released today APSA10-05 advisory, which shows a 0-day vulnerability that can be exploited remotely for Adobe Flash Player, Adobe Reader and Acrobat. Adobe says the update will exist hopefully by the Nov 15 week.

The following are the mitigation measures recommended by adobe:

Adobe Reader and Acrobat 9.x - Windows

Deleting, renaming, or removing access to the authplay.dll file that ships with Adobe Reader and Acrobat 9.x mitigates the threat for those products, but users will experience a non-exploitable crash or error message when opening a PDF file that contains Flash (SWF) content.

The authplay.dll that ships with Adobe Reader and Acrobat 9.x for Windows is typically located at C:Program FilesAdobeReader 9.0Readerauthplay.dll for Adobe Reader or C:Program FilesAdobeAcrobat 9.0Acrobatauthplay.dll for Acrobat.

Adobe Reader 9.x - Macintosh

1) Go to the Applications-Adobe Reader 9 folder.

2) Right Click on Adobe Reader.

3) Select Show Package Contents.

4) Go to the Contents-Frameworks folder.

5) Delete or move the AuthPlayLib.bundle file.

Acrobat Pro 9.x - Macintosh

1) Go to the Applications-Adobe Acrobat 9 Pro folder.

2) Right Click on Adobe Acrobat Pro.

3) Select Show Package Contents.

4) Go to the Contents-Frameworks folder.

5) Delete or move the AuthPlayLib.bundle file.

Adobe Reader 9.x - UNIX

1) Go to installation location of Reader (typically a folder named Adobe).

2) Within it browse to Reader9/Reader/intellinux/lib/ (for Linux) or Reader9/Reader/intelsolaris/lib/ (for Solaris).

3) Remove the library named libauthplay.so.0.0.0.

More information at http://contagiodump.blogspot.com/2010/10/potential-new-adobe-flash-player-zero.html

-- Manuel Humberto Santander Pelez | http://twitter.com/manuelsantander | http://manuel.santander.name | msantand at isc dot sans dot org (c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
 
OCZ today launched its next-generation PCI-express solid-state drive, which offers about three times the performance of SATA-based SSDs and up to 960GB of capacity.
 
Adobe Acrobat, Reader and Flash CVE-2010-3654 Remote Code Execution Vulnerability
 
A new variant of the Koobface worm that targets Mac OS X and Linux as well as Windows is spreading through Facebook, MySpace and Twitter, security researchers warned today.
 
In the years to come Wi-Fi may take over the enterprise and not need access points, an Interop panel concludes
 
Verizon Wireless will pay $25 million to the U.S. government and will offer its mobile customers a tool to block their phones from Web access in a settlement with the U.S. Federal Communications Commission over unexpected fees on customers' bills.
 
Italian prosecutors have opened an investigation into Google for allegedly violating the country's privacy laws through the data collected for the Internet company's Street View service, newspapers reported Thursday.
 
Free Joke Script Multiple SQL Injection Vulnerabilities
 
Job outsourcing has been a key election issue. Will Tuesday's results affect the H-1B visa debate?
 
Virgin America has started implementing Google's cloud-based Gmail system to replace the Microsoft Exchange 2003 collaboration system the airline has used since 2005.
 
WP-Lytebox 'main.php' Local File Include Vulnerability
 
Version 2.0 of PCI DSS will take effect in January and won't receive changes for three years.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google
 
The prospects of ever seeing a white iPhone 4 on store shelves are getting dimmer by the minute as new rumors suggest Apple has ditched plans for the snowy handset. One new theory is that Apple is just going to string along white iPhone 4 fans until it's time for iPhone 5 and then drop the Wonder Bread version altogether. Adding to the iPhone snowstorm is the suggestion that Apple recently pulled the white iPhone 4 option from its online retail store. It's hard to know for sure whether the Albinophone has gone the way of the dodo, but here's what the Web is saying.
 
Virgin America has started implementing Google's cloud-based Gmail system to replace the Microsoft Exchange 2003 collaboration system the airline has used since 2005.
 
Mobilizing enterprise apps is nothing new, yet beyond e-mail and a few other horizontal applications, it's still a niche market. But combining the cloud with the newest generation of smartphones is just starting to change that.
 
Box.net, a provider of cloud-hosted content management software for businesses, is lifting its storage ceiling for individual users and groups to make file sharing easier and more convenient.
 
GNU glibc 'ld.so' ELF Header Parsing Remote Integer Overflow Vulnerability
 
[USN-1011-2] Thunderbird vulnerability
 
AIMP 'MP3' File Remote Stack Buffer Overflow Vulnerability
 
Adobe today confirmed that hackers are exploiting a critical unpatched bug in Flash Player, and promised to patch the vulnerability in two weeks.
 
Version 2.0 of the Payment Card Industry Data Security Standard was released Thursday by the PCI Security Standards Council, which acknowledges that mobile payment technologies haven't been addressed yet.
 
One of the first places people often turn to when searching for antivirus protection for their new computer is Symantec's Norton suite of security tools. The company is now looking to extend that protection beyond the PC to your mobile phone through its Norton Mobile Security app. This app, although currently in beta, adds an extra layer of protection to your phone well above just having a lock screen.
 
The French competition authority closed a case against Google on Thursday after the company promised to better inform users of its Adwords search advertising service of its policies, and to provide advance warning of any changes.
 
Oracle announced late Wednesday that it has taken a 10.2 percent stake in Mellanox Technologies, maker of Infiniband interconnects for servers and storage systems.
 
nSense-2010-002: Teamspeak 2 Windows client
 
[ MDVSA-2010:213 ] xulrunner
 
Re: Secunia PSI Insecure Library Loading Vulnerability
 
Motorola reported growth in sales and profit for the third quarter, helped by the sale of an increasing number of Android-based smartphones, the company said.
 
Sprint Nextel subscribers will be able to link their credit cards and other traditional payment methods to a mobile purchasing system coming next month.
 
[USN-1011-1] Firefox vulnerability
 
A massive takedown operation conducted by Dutch police and security experts earlier this week does not appear to have completely dissolved the Bredolab botnet, but it is unlikely to recover.
 
China is unveiling a new supercomputer on Thursday that incorporates thousands of graphics chips and can reach a sustained performance of 2.5 petaflops, making it one of the fastest systems in the world.
 
Linux Kernel VIDIOCSMICROCODE IOCTL Local Memory Overwrite Vulnerability
 
Linux Kernel 915 GEM IOCTL Local Memory Overwrite Vulnerability
 

Washington Post

National Archives Info-sec Lacking, Audit Found
HSToday
The National Archives and Records Administration (NARA), which is responsible for preserving access to government documents and other ...
Weak Infosec Places Historic Papers in JeopardyGovInfoSecurity.com

all 229 news articles »
 
China is using its dominance of the rare metals production business to cut exports, raise prices and to get U.S. electronics makers to open more plants in the country.
 
Depending on who wins -- and which party controls Congress -- the debate over the H-1B visa program could either get more rancorous or lead to real reform.
 
Symantec has been forced to write off $10 million in revenue after a glitch in its sales system prevented some consumers from activating their Norton antivirus software at the time they bought it.
 
Oracle Java SE and Java for Business 'defaultReadObject' Remote Code Execution Vulnerability
 
Oracle Java SE and Java for Business CVE-2010-3574 Remote Networking Vulnerability
 
Microsoft has implemented a product activiation process for Office for the Mac that's far more strict than that used for Windows users.
 
Yes, it's small and has a modest processor. But with a full-size keyboard, top-tier design and construction, and speedy onboard flash memory in place of a hard drive, the tiny new MacBook Air is a standout laptop.
 
Apache 'mod_proxy_http' Timeout Handling Information Disclosure Vulnerability
 
Apache HTTP Server Multiple Remote Denial of Service Vulnerabilities
 
Apache APR-util 'apr_brigade_split_line' Denial of Service Vulnerability
 
Subversion Server 'SVNPathAuthz' Restriction Security Bypass Vulnerability
 
PostgreSQL Multiple Security Vulnerabilities
 
Intel is working with a group of Taiwanese companies and a government research center on a project that aims to slash the cost of a data center by nearly half.
 
InfoSec News: Has WikiLeaks landed in cyberattack crosshairs?: http://news.cnet.com/8301-13578_3-20020835-38.html
By Declan McCullagh Politics and Law CNet News October 27, 2010
Forget China or Al Qaeda. In a twist that would have been inconceivable even a few months ago, the WikiLeaks.org Web site is being proposed as the first public target for a U.S. [...]
 
InfoSec News: Vietnam Is Riskiest Country Domain, Study Says: http://www.darkreading.com/security/vulnerabilities/showArticle.jhtml?articleID=228000195
By Tim Wilson DarkReading Oct 27, 2010
The world’s most heavily trafficked Web domain -- .com -- is also now the riskiest, according to McAfee’s fourth annual "Mapping the Mal Web [...]
 
InfoSec News: 460th Space Wing wraps up first ever Cyber Lightning exercise: http://www.afspc.af.mil/news/story.asp?id=123228183
By Master Sgt. J. LaVoie 460th Space Wing Public Affairs 10/27/2010
Working under a carefully planned and escalating contested cyber environment on Oct. 15 members of the 460th Space Wing successfully [...]
 
InfoSec News: Credit card 'flash attack' steals up to $500,000 a month: http://www.theregister.co.uk/2010/10/27/credit_card_flash_attacks/
By Dan Goodin in San Francisco The Register 27th October 2010
Credit card fraudsters may have pocketed as much as $500,000 over the past month by pursuing a new type of attack that exploits a major blind [...]
 
InfoSec News: Hackers shopping malware network: http://www.washingtontimes.com/news/2010/oct/26/hackers-shopping-malware-network/
By Shaun Waterman The Washington Times October 26, 2010
A hacker group calling itself the Iranian Cyber Army is assembling a network of infected computers, and selling it to cybercriminals to [...]
 

Posted by InfoSec News on Oct 27

http://www.afspc.af.mil/news/story.asp?id=123228183

By Master Sgt. J. LaVoie
460th Space Wing Public Affairs
10/27/2010

Working under a carefully planned and escalating contested cyber
environment on Oct. 15 members of the 460th Space Wing successfully
completed its first ever exclusively cyber-focused exercise at Buckley
Air Force Base, Colo.

"Exercise Cyber Lightning" was designed to test the wing' s capability
to operate in a...
 

Posted by InfoSec News on Oct 27

http://www.theregister.co.uk/2010/10/27/credit_card_flash_attacks/

By Dan Goodin in San Francisco
The Register
27th October 2010

Credit card fraudsters may have pocketed as much as $500,000 over the
past month by pursuing a new type of attack that exploits a major blind
spot in payment processors' defenses, an analyst said.

The "flash attacks" recruit hundreds of money mules who go to ATMs
throughout the US and almost...
 

Posted by InfoSec News on Oct 27

http://www.washingtontimes.com/news/2010/oct/26/hackers-shopping-malware-network/

By Shaun Waterman
The Washington Times
October 26, 2010

A hacker group calling itself the Iranian Cyber Army is assembling a
network of infected computers, and selling it to cybercriminals to
spread spam and malicious software, according to security researchers.

Aviv Raff, of the computer security firm Seculert, told The Washington
Times that the group was...
 

Posted by InfoSec News on Oct 27

http://news.cnet.com/8301-13578_3-20020835-38.html

By Declan McCullagh
Politics and Law
CNet News
October 27, 2010

Forget China or Al Qaeda. In a twist that would have been inconceivable
even a few months ago, the WikiLeaks.org Web site is being proposed as
the first public target for a U.S. government cyberattack.

After the shadowy, document-leaking organization distributed nearly
400,000 classified documents from the Iraq war on Friday,...
 

Posted by InfoSec News on Oct 27

http://www.darkreading.com/security/vulnerabilities/showArticle.jhtml?articleID=228000195

By Tim Wilson
DarkReading
Oct 27, 2010

The world’s most heavily trafficked Web domain -- .com -- is also now
the riskiest, according to McAfee’s fourth annual "Mapping the Mal Web
report," released yesterday.

In an analysis of more than 27 million websites designed to identify the
most dangerous, McAfee found that 56 percent of the...
 


Internet Storm Center Infocon Status