Hackin9

InfoSec News

When NewsGator Technologies decided to play in the nascent enterprise social collaboration market a few years ago with a product that worked only with Microsoft's SharePoint, it was making a big bet.
 

Business Insider

China Has Deployed 'Combat Ready' Patrols To The South China Sea
Business Insider
WATCH: The Lamborghini Gallardo Is An Absolute Beast On The Road · More · Latest · Video · The Hive · Data · Your News · BI Intelligence · Events · About BI · Events · BI Intelligence · Military & Defense Home · Troops · Hardware · INFOSEC · The Smoke ...

 
Some users of new Wi-Fi routers from Cisco's Linksys division complained this week that the company automatically updated the routers' firmware and pushed them toward a cloud-based administration service they didn't want.
 
A California court has granted Apple an injunction against Samsung over sales of its Galaxy Nexus smartphones in the U.S. The injunction was handed down on Friday afternoon by the same California court that earlier this week issued an injunction against sales of Samsung's Galaxy Tab 10.1.
 
When NewsGator Technologies decided to play in the nascent enterprise social collaboration market a few years ago with a product that worked only with Microsoft's SharePoint, it was making a big bet.
 
Google announced a new version of Android this week with some impressive new features, but it's unclear if it's done enough to solve a problem that has dogged its mobile OS: fragmentation.
 
Google is readying a new set of Analytics usage reports designed specifically for mobile applications, the company plans to announce at its I/O developer conference on Friday.
 
Dell completed its acquisition of Wyse Technology just last month and is now hiring, and not cutting, employees.
 
Tech stocks are ending the first half of the year on an upbeat note with news that enterprise spending on software lately has been relatively strong.
 
As Ive been working quite a bit with Splunk lately I decided to create a DShield for Splunk application that is now publicly available at Splunk base: http://splunk-base.splunk.com/apps/51609/splunk-for-dshield
The idea behind the application is to allow you to have you own, local copy of the DShield database so you can mine data as much as you want.
The application downloads the DShield data (the published All Sources IPs dump) once per day and indexes it into your local Splunk. Once the data has been indexed you can do all sorts of analytics and show top attackers, top attacked ports, their geographical information and much more.
The configuration allows you to specify when you want to download the DShield data (since its dumped once per day at 4 AM UTC you should also mirror the data once per day). You can also specify your own IP addresses or networks so the application will nicely list if your IPs have been detected in the attackers list (and, of course, you can change this into an alert).
This is shown in the main dashboard, besides the current Handler on Duty and Threatcon (which are retrieved in real time when you open the dashboard), as well as a panel showing last 10 ISC diaries (so you can jump to them from your local Splunk). The main dashboard is shown below:

Besides this, the application has the following dashboards:

* a dashboard showing top attackers, top attacked ports and protocols

* a dashboard showing Geo IP information about attackers, both in a table and using Google maps

* a search form that allows quick searching by IP address (or CIDR ranges), port or protocol

* a trend dashboard showing number of distinct IP addresses as well as total number of reports DShield received
Ihope you will find it useful if you have any questions or suggestions for improvement please let me know. Also, since Splunk has a free version that allows you to index up to 500 MB of data per day, you can use this for free.
--

Bojan

INFIGO IS (c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
Research in Motion's stock price plunged 19% early Friday following RIM's announcement late yesterday of a $518 million first quarter loss and that its BlackBerry 10 smartphone has been further delayed.
 
Linux Kernel NFS Client 'decode_getacl()' Incomplete Fix Remote Denial of Service Vulnerability
 
SWFUpload 'movieName' Parameter Cross Site Scripting Vulnerability
 
GIMP FIT File Format DoS
 
Irfanview Plugins JLS Decompression
 
---------------

Jim Clausing, GIAC GSE #26

jclausing --at-- isc [dot] sans (dot) edu (c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
CIO magazine editor in chief Maryfran Johnson looks at how some companies are tackling the complex task of making their tools and processes simpler
 
In the terrific little iOS Game Tiny Tower, developer Nimblebit tasked you with building a tower that reached into the clouds. The game maker must have decided that the only place to go was up, as its latest app--Pocket Planes--has you build an empire across the skies. The casual airline sim is a decent download for your iPhone or iPad, even if it never reaches the heights of Tiny Tower.
 
The National Telecommunications and Information Administration is set to host the first of several meetings seeking input for its effort to develop new codes of conduct for handling private consumer date on the Internet and mobile networks.
 
The app store model popularized by Apple is gaining further adoption in the world of ERP (enterprise-resource-planning) software, with new stores announced this week by Syspro and Unit4.
 
Google yesterday claimed that its Chrome is the world's most popular browser, interceding for the first time in the dispute over browser usage share.
 
A U.S. judge may hold an evidentiary hearing to determine whether the U.S. Department of Justice acted improperly in blocking Megaupload customers' access to their files when seizing the file-sharing service's domain name and servers in January.
 
Google at its I/O conference is emphasizing its growing number of music, movies and TV shows available for Android tablets and smartphones through its Play store, and those entertainment options will be available on Google TV devices in the future, the company said this week.
 
tftp-hpa FTP Server 'utimeout' Option Remote Buffer Overflow Vulnerability
 
Vulnerabilities in Winlog 2.07.16
 
REWTERZ-20120629 - TEMENOS T24 Cross-Site Scripting (XSS) Vulnerability
 
Google is readying a new set of Analytics usage reports designed specifically for mobile applications, the company plans to announce at its I/O developer conference on Friday.
 
Google Chrome, released yesterday for the iPhone and iPad, has already snatched the top spot in Apple's App Store.
 
Research in Motion's stock price plunged 19% early Friday following RIM's announcement late yesterday of a $518 million first quarter loss and that its BlackBerry 10 smartphone has been further delayed.
 
To achieve higher download and upload speeds, vendors and operators are planning to use a number of different technologies over the coming years in both HSPA and LTE networks.
 

INTERCEDE GROUP PLC : Lord Green opens Intercede's new research and ...
4-traders
04/24, Smartphone solutions for mobile identity demonstrated at InfoSec. 04/23, Intercede, Deep-Secure and adept4 partner to launch secure email service. 04/05, Year end trading update. 03/27, Intercede® extends range of physical access control systems ...

 
Microsoft will reportedly support full upgrades to Windows 8 only from the three-year old Windows 7.
 
 
IBM Lotus Expeditor DLL Loading Arbitrary Code Execution Vulnerability
 
Eclipse IDE (CVE-2008-7271) Multiple Cross Site Scripting Vulnerabilities
 
The Digital Archery contest, devised by ICANN to determine which gTLD applications would be handled first, was canceled on Thursday, the chair of the gTLD Program Committee announced during the ICANN 44 summit in Prague. No alternative was announced.
 
There will be no certified implementations of Adobe Systems' Flash Player for Android 4.1, and on Aug. 15 the player will take a bow and no longer be available for download from Google's app store Play, Adobe said in blog post on Thursday.
 
Former T-Mobile USA CEO Philipp Humm has joined Vodafone Group as the chief executive of a new division covering northern and central Europe.
 
dtach Information Disclosure Vulnerability
 
IBM Rational ClearQuest 'cqole.dll' ActiveX Control Heap Buffer Overflow Vulnerability
 
Google+ reaches a major milestone this week. Google's fledgling social networking has hit its first birthday.
 
We showcase 11 apps for iPhone, Android and other devices that can help travelers with flights, hotels and sightseeing around the world.
 

Data Security Leader Vormetric Expands into European Market
Business Wire (press release)
Click to tweet: Data security leader @Vormetric announces EMEA expansion: http://bit.ly/KC5D11 #Infosec #security. Vormetric's move to establish a local presence in the EMEA region has been driven by a number of factors. Continued data breaches at ...

 

Business Insider

After Massive Media Attention The Army Wants To Help This Couple And Claims ...
Business Insider
Big, Beautiful Photos Of The Only Rolls-Royce Dealership In New York City · More · Latest · Video · The Hive · Data · Your News · BI Intelligence · Events · About BI · Events · BI Intelligence · Military & Defense Home · Troops · Hardware · INFOSEC ...

 

Data Security Leader Vormetric Expands into European Market
EON: Enhanced Online News (press release)
Click to tweet: Data security leader @Vormetric announces EMEA expansion: http://bit.ly/KC5D11 #Infosec #security. Vormetric's move to establish a local presence in the EMEA region has been driven by a number of factors. Continued data breaches at ...

 
IBM WebSphere Sensor Events Multiple Input Validation Vulnerabilities
 
Internet Storm Center Infocon Status