InfoSec News

Microsoft is linking malicious software analysts with online advertising fraud experts in an effort to disrupt click fraud, a scam where advertisers pay for worthless clicks.
Lenovo has delayed shipment of the highly anticipated ThinkPad Tablet 2, which will now become available to buyers in December.
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Data scientists are in demand in this era of big data. IT hiring managers, however, are struggling in their search for qualified candidates (as even the candidates themselves may not realize they are a fit for the role). Here are five ways you can recruit data scientists.
Users of Amazon Web Services will soon be able to orchestrate workflows across different AWS services and their own internal resources, using a new orchestration engine called the AWS Data Pipeline.

-Kevin -- ISC Handler on Duty
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Malicious file attachments are typically used as the payload, according to a report issued this week by Trend Micro.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google
Credit card issuer Visa USA plans to create a global IT center in Austin, Texas, and hire about 800 workers to run it.
Internet and mobile communications were shut down on Thursday morning in war torn Syria.
Showing that it's serious about quickly phasing out its venerable iDEN network and traditional push-to-talk service, Sprint Nextel now plans to charge all subscribers on that system an extra $10 per month beginning Jan. 1.


Our feature this week introduces Dr. Ullrichs newest system addition addressing wide spread reports of SSH scans. This system collects logs you submit via a special API URL. We keep receiving reports from readers about wide spread ssh scans. This system was setup to get a better handle on these scans. http://isc.sans.edu/sshreports.html Reporting will be released as soon as there is enough information collected.


Reports are POSTed to https://isc.sans.edu/api/sshreports

Parameters are userid, authkey, data(tab-delimited log data)

XML status OK returned on successful submission

This only accepts data. Validation and processing are done at a later time

There is currently a PERL script to collect data from the kippo honeypot available at https://isc.sans.edu/kipposcript.pl

Post suggestions or comments in the section below or send us any questions or comments in the contact form on https://isc.sans.edu/contact.html#contact-form


Adam Swanger, Web Developer (GWEB, GWAPT)

Internet Storm Center https://isc.sans.edu
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Internet access in Syria has been shut off nationwide, and network watchers Akamai and Renesys have issued charts illustrating the dramatic traffic collapse.
NASA today blunted reports of a potentially history-making discovery on Mars.
In an interview this week, a Google executive called rival Facebook an outdated social network that is annoying the heck out of users with its ads.
The White House is all for the idea of a STEM visa, just not the one proposed in a bill proposed by House Republicans.
JRuby CVE-2012-5370 'MurmurHash2' Algorithm Hash Collision Denial of Service Vulnerability
Two major new technologies come together for the Cloud Computing and Big Data Workshop, hosted by the National Institute of Standards and Technology (NIST) at its Gaithersburg, Md., campus Jan. 15-17, 2013.Combining cloud computing and ...
One Laptop Per Child has cancelled plans to release its XO-3 tablet, although technology from that project could still be used in other products, OLPC Chairman Nicholas Negroponte said.
In a sign that the flip phone and walkie-talkie functionality are still popular with some workers, AT&T said it will sell the rugged Samsung Rugby III exclusively for $99.99 with a two-year agreement starting Dec. 14.
Federal investigator's assessment of the Medicare eHealth records program, shows a lack of fiscal oversight.
Microsoft on Thursday set pricing for its Surface Pro 10.6-in. tablet with a starting price of $899 for a 64 GB version and $999 for a 128 GB version.
Charles Johnson has a "nagging worry" about all those important messages stored in Gmail. He asked if there's a way to back them up locally to his hard drive.
Windows 8 has delivered no bump to flagging consumer PC sales in the U.S., a retail research analyst said.
Using AWS IAM tools to limit who has access to create and launch services should be essential to a cloud security strategy, say experts.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google

Kaspersky study finds huge security-knowledge gap among IT pros
CSO (blog)
I receive a lot of end-of-year wrap ups, threat studies and infosec prediction press releases in my inbox this time of year. As my colleague Bill Brenner has already mentioned many times in his Salted Hash blog, these often contain little new ...

The European Network and Information Security Agency has tested 30 free honeypots and recommended some for corporate use. The study is intended to increase the use of honeypots

US-CERT is warning of a backdoor in network printers manufactured by Samsung that allows attackers to take complete control of the systems and also gives them access to other parts of the network
Research in Motion Thursday released an upgraded version of its mobile management software designed to help its users prepare for a "simple and straightforward upgrade" to the BlackBerry Enterprise Service 10 release slated for early next year.
But iOS app sales still outpace Android app sales 4 to 1
Apple's App Store generates four times the revenue of Google Play, but Google's sales of apps are growing fast in South Korea, Japan and India, according to a new monthly index.
Cisco is planning to acquire network planning tools vendor Cariden Technologies for $141 million, in its third announced acquisition this month.
Safend Data Protector Multiple Vulnerabilities
Wordpress Plugin Simple Gmail Login Stack Trace Vulnerability
ideo Lead Form Plugin Cross-Site Scripting Vulnerabilities which affects Wordpress URL
This is where we give key peripherals, components, and networking products their due. The competition was particularly fierce in the router market this year, as companies jockeyed for position in both the nascent 802.11ac space and the more established 802.11n segment.
After months of experimenting, Dell took the wraps off a thin-and-light XPS 13 laptop with the Ubuntu Linux 12.04 LTS, an OS that is code-named Precise Pangolin.
eGroupWare 'menuaction' Parameter Cross Site Scripting Vulnerability
Xen 'TMEM hypercall' Multiple Security Vulnerabilities
[ MDVSA-2012:175 ] libssh
Re: rssh security announcement
A plan by a satellite carrier to make better use of its spectrum could open up an extra channel for Wi-Fi in the U.S., though how and when consumers would get to use it isn't yet clear.
Among the issues that Congress and the president can tackle are taxation, STEM education and the need for a national standard on data breaches.
A photo kiosk that can track user behavior using a Microsoft Kinect-like sensor and mine social data could help marketers gain valuable information about audiences at sporting events.
A novel technique based on MapReduce could let hackers hijack computing resources used by cloud-based mobile browsers and use them anonymously, according to security researchers from North Carolina State University and the University of Oregon.
Research In Motion has introduced the BlackBerry Dev Alpha C, a smartphone that developers can use to test their applications and get ready for the launch of the BlackBerry 10 QWERTY device next year.
Social media analytics service PeopleBrowsr said it has won a temporary restraining order in a California court against Twitter's decision to end its four-year old arrangement to supply data to the company.
CMScout IBrowser TinyMCE Plugin Local File Include Vulnerability
Collabtive Cross Site Scripting and HTML Injection Vulnerabilities
Joomla Community Builder Enhenced Local File Include and Arbitrary File Upload Vulnerabilities
Google has acquired Incentive Targeting which offers a software-as-a-service platform for promotional campaigns to the grocery industry.
A Microsoft executive said the company has sold 40 million licenses for Windows 8, essentially matching the first month performance of Windows 7 in late 2009. Analysts put the numbers in context.
Apple's iPhone 5 appears to have cleared the last hurdle in a series of Chinese regulatory checks, opening the way for the device to finally be sold in one of the company's largest markets.
Samsung Electronics will close a security hole in the firmware of some of its printers by issuing an update on Friday, and said they could be protected by disabling SNMP.
Google has updated the versions of Chrome in the Stable, Developer and Beta channels. Chrome for Android and iOS have also been updated, with the latter adding support for Apple's Passbook

Eaton Network Shutdown Module Arbitrary PHP Code Execution Vulnerability

Poll: 20 free infosec tools
CSO (blog)
I'm working on a slideshow for January that will outline 20 free infosec tools, and I need your help. I have my thoughts on what should make the list, but want to hear from you as well. So tell me, what are some free infosec tools you simply can't live ...

A multinational survey more than 3,000 workers revealed that they believe their IT shops turn a blind eye toward the use of mobile devices for business purposes, either because theyre unaware of it or because theyre actively ignoring it.
It has been widely expected over the past year or two that IBM's India workforce was on track to exceed its U.S. workforce, if it hadn't exceeded it already.
Apple QuickTime CVE-2012-3753 Buffer Overflow Vulnerability

Blancco to Participate in IA12 IT Security Summit
Einnews Portugal
As a holder of CESG certification for many years, Blancco exceeds the highest security specifications detailed in the HMG Infosec Standard No: 5, the security standard applied to government computer systems in the UK. This year, Blancco celebrates its ...

and more »

Posted by InfoSec News on Nov 29


By Mathew J. Schwartz
November 28, 2012

Some Samsung printers and Dell-branded printers manufactured by Samsung
are vulnerable to being taken over remotely by an attacker.

That warning was made Monday by the U.S. Computer Emergency Readiness
Team (CERT), which said that the affected printers "contain a hardcoded...

Posted by InfoSec News on Nov 29


November 29, 2012

Police have smashed a Romanian organised crime gang that allegedly
hacked into the computer systems of small businesses, with credit card
details of 30,000 Australians used in $30 million worth of illegal
transactions around the world.

An Australian Federal Police and Romanian...

Posted by InfoSec News on Nov 29


By Beth Walsh
Clinical Innovation + Technology
Nov 27, 2012

The University of Arkansas for Medical Sciences (UAMS) is notifying
approximately 1,500 patients of a medical records breach involving a
resident physician who was terminated in 2010.

UAMS in Little Rock, Ark., recently discovered that a former resident
kept some patient lists and...

Posted by InfoSec News on Nov 29


By Robert McMillan

When you’re starting off as an anthropologist, you aim is to explore a
subculture your peers have yet to uncover, spending years living with
the locals and learning their ways.

That’s what Gabriella Coleman did. She went to San Francisco and lived
with the hackers.

Coleman, an anthropologist who teaches at McGill University, spent...

Posted by InfoSec News on Nov 29


By John Grady
November 28, 2012

To protect critical networks and national security, the House and Senate
are weighing cyber defense legislation and the Obama administration is
considering regulations requiring information sharing between government
agencies and private businesses. But who should be in charge -- even
inside the Pentagon --...
phpCAS 'cURL' API Security Bypass Vulnerability
OpenDNSSEC 'cURL' API Security Bypass Vulnerability
Internet Storm Center Infocon Status