Share |

InfoSec News

A U.S. congressional committee has asked Sony Computer Entertainment to explain several issues surrounding the massive potential leak of information on customers of its PlayStation Network.
 
Reports surfaced Friday that the hackers behind last week's breach of Sony's PlayStation Network obtained millions of credit card numbers, but the evidence so far appears weak.
 
Microsoft Excel Axis Properties Remote Code Execution Vulnerability
 
PHP 'Intl' Extension 'NumberFormatter::setSymbol()' Function Denial of Service Vulnerability
 
The CERT Societe Generale (site is in French and English) has published a 6 Steps IRM Worm Infection cheat sheet (English only) freely available for download here. Feel free to contact us if you identify a bug or an error in these IRMs. [2]


[1] http://cert.societegenerale.com/en/publications.html

[2] http://cert.societegenerale.com/resources/files/IRM-1-Worm-Infection.pdf
-----------
Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu (c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
 
Mozilla Firefox/Thunderbird/SeaMonkey HTML Content Memory Corruption Vulnerability
 
Mozilla Firefox/Thunderbird/SeaMonkey Marquee Elements Memory Corruption Vulnerability
 
HP OpenView Storage Data Protector Multiple Remote Code Execution Vulnerabilities
 
[USN-1126-1] PHP vulnerabilities
 
ZDI-11-153: Embarcadero Interbase connect Request Parsing Remote Code Execution Vulnerability
 
ZDI-11-152: HP Data Protector Backup Client Service GET_FILE Directory Traversal Vulnerability
 
ZDI-11-151: HP Data Protector Backup Client Service bm Message Processing Remote Code Execution Vulnerability
 
After a devastating round of tornadoes in the south, many people have taken to Facebook to try to find the rightful owners of what could be precious photos and documents scattered by the storms.
 
Google and Oracle each submitted proposals on Friday to reduce the number of claims in their Java patent infringement lawsuit, which could help bring the case to a speedier conclusion.
 
Amazon's detailed postmortem and mea culpa about the partial outage of its cloud services platform last week blames a configuration error during a network upgrade for the problem.
 
ZDI-11-148: HP Data Protector Backup Client Service stutil Message Processing Remote Code Execution Vulnerability
 
ZDI-11-147: HP Data Protector Backup Client Service EXEC_INTEGUTIL Remote Code Execution Vulnerability
 
ZDI-11-146: HP Data Protector Backup Client Service EXEC_SCRIPT Remote Code Execution Vulnerability
 
ZDI-11-145: HP Data Protector Backup Client Service GET_FILE Remote Code Execution Vulnerability
 
Data Dynamics ActiveBar Actbar3.OCX ActiveX Control Multiple Insecure Methods Vulnerabilities
 
A day after Yahoo's email service suffered a partial outage, the company reported that about 1 million users were affected.
 
Though there were some concerns about tech company earnings this week as Microsoft, SAP and other bellwethers reported results, the IT sector has helped drive markets to a solid start for the second quarter.
 
Texas Comptroller Susan Combs took responsibility for a major breach of systems in her office, and outlined changes to be made to prevent similar incidents in the future.
 
Apple has purchased the domain "icloud.com," which it will use as the name of its new online music and storage locker service, several reports have claimed.
 
Yet another problem has cropped up preventing some Windows Phone 7 users from getting two software updates, adding a new chapter to the update saga that started in February.
 
Problems with two heaters prompted NASA to postpone Friday's scheduled final launch of the space shuttle Endeavour.
 
Mozilla has patched Firefox 4 for the first time, fixing eight flaws, including a major programming oversight that left the browser vulnerable to attack on Windows 7.
 
The royal wedding went off without a hitch Friday morning, and the Internet appeared to survive the event as well. Web traffic was high during the nuptials, but YouTube was able to stream the event live to millions around the world without choking (much). Twitter's fail whale managed to stay off the royal guest list, but online scammers are just getting started with their royal wedding scams and shenanigans. Here's a breakdown of the online highs and lows during Prince William's marriage to Catherine Middleton on Friday.
 
Linux Kernel 'drivers/char/tpm/tpm.c' Information Disclosure Vulnerability
 
Linux Kernel EFI Partition Denial of Service Vulnerability
 
Linux Kernel Signal Code Spoofing Local Denial of Service Vulnerability
 
InfoSec News: Advance Announcement: 2011 ACM Cloud Computing Security Workshop (CCSW) is back !: Forwarded from: noreply (at) crypto.cs.stonybrook.edu
2011 ACM Cloud Computing Security Workshop (CCSW) at CCS
October 21, 2011, SWISSOTEL Chicago http://crypto.cs.stonybrook.edu/ccsw11
Dear Colleagues,
CCSW is back! The past workshops were a tremendous success, with over [...]
 
InfoSec News: Unfollowed: How a (Possible) Social Network Spy Came Undone: http://www.wired.com/dangerroom/2011/04/unfollowed-how-a-possible-social-network-spy-came-undone/
[When the early information about this story was coming out, it was that @PrimorisEra might have been spotting and assessing targets for a KGB honey pot operation. [...]
 
InfoSec News: US-Russian dictionary defines cyber war, other concepts: http://gcn.com/articles/2011/04/28/us-russia-cyber-dictionary.aspx
By William Jackson GCN.com April 28, 2011
It is all very well to talk about cyberspace and cybersecurity, but what do they mean, exactly?
A U.S.-Russian effort is proposing common definitions. [...]
 
InfoSec News: ICANN taps DefCon founder for top security spot: http://www.v3.co.uk/v3-uk/news/2046681/icann-taps-defcon-founder-security-spot
By Shaun Nichols V3.co.uk 29 Apr 2011
The Internet Corporation for Assigned Names and Numbers (ICANN) has named Jeff Moss as its new chief security officer.
A security expert and respected member of the hacking community, Moss is best known for his roles in founding the DefCon and Black Hat security conferences. He has also worked in advisory positions for the US Department of Homeland Security.
The appointment of Moss will bring to ICANN a security head who is well-versed in the attitudes and techniques which have driven research in both security intrusions and detections in recent years.
The hiring also comes at a time when ICANN and other internet governance groups are working to roll out security measures such as DNSSEC.
[...]
 
InfoSec News: Teacher Passwords Stolen, Grades Hacked At 3 Seattle High Schools: http://www.kirotv.com/education/27708043/detail.html
By kirotv.com Webstaff April 28, 2011
SEATTLE -- Someone has stolen teacher passwords and changed grades in a Seattle Public Schools computer system, the district said in an email to teachers obtained Thursday by KIRO 7 Eyewitness News. [...]
 
Linux Kernel epoll Subsystem 'eventpoll.c' Multiple Local Denial of Service Vulnerabilities
 
ESA-2011-015: RSA, The Security Division of EMC, announces a fix for a security vulnerability in RSA Data Loss Prevention
 
RIM contines to struggle holding onto its worldwide mobile phone market share, according to the results of IDC research.
 
Do you own more than one iPad? Do they both have AT&T 3G capability? If so, beware. AT&T may become confused about your setup and charge you for a 3G plan you neither want nor have. I know this is so because it happened to me.
 
Barring bad weather, NASA's space shuttle Endeavour is prepped and ready to blast off on its final journey into space this afternoon.
 
Oracle Sun Solaris CVE-2011-0800 Local Vulnerability
 
Barring bad weather, NASA's space shuttle Endeavour is prepped and ready to blast off on its final journey into space this afternoon.
 
Advanced Micro Devices shot down rumors that it is pursuing an ARM license, saying it will stick to developing chips for tablets around the x86 architecture.
 

Posted by InfoSec News on Apr 29

http://www.v3.co.uk/v3-uk/news/2046681/icann-taps-defcon-founder-security-spot

By Shaun Nichols
V3.co.uk
29 Apr 2011

The Internet Corporation for Assigned Names and Numbers (ICANN) has
named Jeff Moss as its new chief security officer.

A security expert and respected member of the hacking community, Moss is
best known for his roles in founding the DefCon and Black Hat security
conferences. He has also worked in advisory positions for the US...
 

Posted by InfoSec News on Apr 29

http://www.kirotv.com/education/27708043/detail.html

By kirotv.com Webstaff
April 28, 2011

SEATTLE -- Someone has stolen teacher passwords and changed grades in a
Seattle Public Schools computer system, the district said in an email to
teachers obtained Thursday by KIRO 7 Eyewitness News.

The district's IT staff found the theft of network login passwords
"appears to have been going on for the last few weeks, possibly longer,"...
 

Posted by InfoSec News on Apr 29

Forwarded from: noreply (at) crypto.cs.stonybrook.edu

2011 ACM Cloud Computing Security Workshop (CCSW) at CCS

October 21, 2011, SWISSOTEL Chicago
http://crypto.cs.stonybrook.edu/ccsw11

Dear Colleagues,

CCSW is back! The past workshops were a tremendous success, with over
100 people in the audience, multiple sponsors (NSF, Microsoft), 4-5
invited talks (Leendert van Doorn, Eric Grosse, Michael Waidner,
Whitfield Diffie, Ian Foster, Peter...
 

Posted by InfoSec News on Apr 29

http://www.wired.com/dangerroom/2011/04/unfollowed-how-a-possible-social-network-spy-came-undone/

[When the early information about this story was coming out, it was that
@PrimorisEra might have been spotting and assessing targets for a
KGB honey pot operation. Which had me wondering, what have we learned
since Robin Sage? - WK - @c4i

http://science.dodlive.mil/2010/07/21/the-dangers-of-friending-strangers-the-robin-sage-experiment/ ]

By...
 

Posted by InfoSec News on Apr 29

http://gcn.com/articles/2011/04/28/us-russia-cyber-dictionary.aspx

By William Jackson
GCN.com
April 28, 2011

It is all very well to talk about cyberspace and cybersecurity, but what
do they mean, exactly?

A U.S.-Russian effort is proposing common definitions. The EastWest
Institute and the Information Security Institute of Moscow State
University have released a report with definitions for 20 key
cybersecurity concepts, the beginning of...
 
Re: HTB22827: File Content Disclosure in Wikipad
 
[security bulletin] HPSBMA02668 SSRT100474 rev.1 - HP OpenView Storage Data Protector, Remote Execution of Arbitrary Code
 

Hackers posting on underground forums claim the data stolen from the PlayStation Network includes user names, addresses, dates of birth, credit card numbers, expiration dates and card verification value numbers (CVV). Brian Krebs of Krebs on Security linked to a host of screenshots from hacker forums from his Twitter feed that illustrates the dialogue on the forum. Other reports claim that hackers are boasting they have credit card information from more than 2 million customers.

Sony, meanwhile, has yet to confirm the data was actually stolen, but says some of the accessed data was encrypted. From a Sony FAQ on its website:

“All of the data was protected, and access was restricted both physically and through the perimeter and security of the network. The entire credit card table was encrypted and we have no evidence that credit card data was taken. The personal data table, which is a separate data set, was not encrypted, but was, of course, behind a very sophisticated security system that was breached in a malicious attack.”

Sony shut down the popular gaming network for more than a week after the breach was detected April 17.

A class-action suit against Sony was filed yesterday in San Francisco alleging damages from the breach. The complaint seeks payment for damages, payment of credit monitoring fees and refunds from Sony and Qriocity its movie and game-streaming service provider, Bloomberg reported yesterday.

Legislators have also chimed in. Rep. Ed Markey (D-MA) and Rep. Mary Bono Mack (R-CA) want more details from Sony on the breach and Mack says the incident could prompt introduction of another consumer data protection bill. Sony says it is in the process of upgrading the security of its network infrastructure and has hired an unnamed security company, working in conjunction with law enforcement, to conduct forensics investigations.

A recent Ponemon Institute report on the cost of a data breach estimates the cost at $214 per lost record, a 5% jump over the last report. More than 77 million records may have been breached in the Sony attack.




Add to digg Add to StumbleUpon Add to del.icio.us Add to Google
 
Mozilla Firefox fixes multiple flaws which could let remote users execute arbitrary code, access information and access restricted resources.


Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. [1]
http://www.mozilla.org/security/announce/2011/mfsa2011-12.html
-----------
Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu (c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
 
Sony may offer users some form of compensation for the outage, now in its 8th day.
 
The city of Taipei is demanding that Sony provide details about any leak of PlayStation Network user data following an intrusion last week or face fines.
 

Infosec: Anti-spam, anti-virus measures are IT's top concern, finds research
ITWeb (blog)
Spam and virus protection are top e-mail priorities, with three in four businesses still not keen on cloud. Mimecast, a leading supplier of cloud-based e-mail security, continuity and archiving, has today released research revealing that IT teams are ...

 
Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2011-12 through -18 Multiple Vulnerabilities
 


Internet Storm Center Infocon Status