Hackin9

Beware of Super Bowl spam that may come to your email inbox this weekend. The big game is Sunday and the spam and phishing emails are pouring in complete with helpful links - back-ended by malware and/or credential harvesting of course.

Its worth a reminder friends and family if they see any emails about the Super Bowl that appears to be too good to be true to simply delete it. Be safe!


[1] http://www.google.com/safebrowsing/diagnostic?site=http://www.yoursuperbowlspace.com/torn/pigmentations/containments/papal/seen/bons.htm

-----------

Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 

Add PHP applications and the WordPress Web platform to the list of wares that may be susceptible to the critical Linux vulnerability known as Ghost.

As Ars reported Wednesday, the flaw resided in a variety of Linux distributions, including Centos/RHEL/Fedora 5, 6, and 7 Ubuntu 12.04, and possibly other versions. The buffer overflow made its way into those distributions through the GNU C Library, specifically in its gethostbyname() and gethostbyname2() function calls. The bug made it possible to execute malicious code by sending malformed data to various applications and services running on vulnerable systems. Proof-of-concept attack code was able to exploit the vulnerability in the Exim mail server, and researchers widely suspected clockdiff, procmail, and pppd were also susceptible.

Now, researchers from security firm Sucuri have expanded the list.

Read 2 remaining paragraphs | Comments

 
TYPO3 Content Rating Extbase Extension Multiple Input Validation Vulnerabilities
 
VMware vSphere Data Protection CVE-2014-4632 Certificate Validation Security Bypass Vulnerability
 
TYPO3 LDAP / SSO Authentication Extension Authentication Bypass Vulnerability
 
TYPO3 Content Rating SQL Injection and Cross Site Scripting Vulnerabilities
 
LinuxSecurity.com: Security Report Summary
 
LinuxSecurity.com: Security Report Summary
 
[security bulletin] HPSBOV03226 rev.2 - HP TCP/IP Services for OpenVMS, BIND 9 Server Resolver, Multiple Remote Vulnerabilities
 
Python Requests CVE-2014-1830 Information Disclosure Vulnerability
 
[SECURITY] [DSA 3147-1] openjdk-6 security update
 
[SECURITY] [DSA 3146-1] requests security update
 
LinuxSecurity.com: Security Report Summary
 
LinuxSecurity.com: Security Report Summary
 
ESA-2015-006: EMC Avamar Missing Certificate Validation Vulnerability
 
[SECURITY] [DSA 3145-1] privoxy security update
 
Vorbis Tools CVE-2014-9640 Local Denial of Service Vulnerability
 
Privoxy CVE-2015-1381 Multiple Memory Corruption Vulnerabilities
 
Privoxy CVE-2015-1382 Remote Denial of Service Vulnerability
 
PolarSSL 'asn1parse.c' Remote Code Execution Vulnerability
 

Posted by InfoSec News on Jan 30

http://www.nextgov.com/cybersecurity/2015/01/beware-unwitting-insider-threat/104097/

By Jack Moore
Nextgov.com
January 29, 2015

Rank-and-file federal employees and contractors unwilling to “embrace ‘The
Suck’ of security” may be the biggest threat posed to securing federal
agency networks.

“Accidental or careless” insiders -- employees who click on dubious email
attachments, plug in unsecured storage devices or leave laptops...
 

Posted by InfoSec News on Jan 30

http://www.wired.com/2015/01/chinas-new-rules-selling-tech-banks-us-companies-spooked/

By Davey Alba
Wired.com
01.29.15

Technology companies that want to sell equipment to Chinese banks will
have to submit to extensive audits, turn over source code, and build “back
doors” into their hardware and software, according to a copy of the rules
obtained by foreign companies already doing billions of dollar worth of
business in the country. The...
 

Posted by InfoSec News on Jan 30

http://www.intelligentutility.com/article/15/01/what-every-utility-should-know-about-new-physical-security-standard

By William E. Reiter
intelligentutility.com
Jan 29, 2015

On April 16, 2013, an incident in San Jose, California, led to development
of a new physical security standard for owners and operators of
transmission stations and substations.

In the 2013 incident, a sniper attack on a Pacific Gas & Electric
transmission substation...
 

Posted by InfoSec News on Jan 30

http://www.csoonline.com/article/2877972/security-leadership/3-things-csos-can-learn-from-cpos.html

By Maria Korolov
CSO
Jan 29, 2015

The role of the CSO and CIO has been changing dramatically as technology
becomes more and more vital to business strategies. Sometimes, it can be
hard to keep up.

Amol Joshi, SVP of business development at Redwood City, Calif.-based
Ivalua Inc., suggests that CSOs and CIOs can pick up a few tricks from
Chief...
 

Posted by InfoSec News on Jan 30

http://www.jamaicaobserver.com/news/OAS-hails-Jamaica-s-cyber-security-efforts_18310037

By Balford Henry
Senior staff reporter
jamaicaobserver.com
January 30, 2015

ASSISTANT secretary general of the Organisation of American States (OAS),
Ambassador Albert Ramdin, says that Jamaica has made a sound choice of a
model for its National Cyber Security Strategy (NCSS).

Speaking at the official launch of the strategy at the Jamaica Pegasus
hotel...
 
Symantec Encryption Management Server < 3.2.0MP6 - Remote Command Injection
 
NEW VMSA-2015-0002 VMware vSphere Data Protection product update addresses a certificate validation vulnerability
 
[SECURITY] [DSA 3144-1] openjdk-7 security update
 
Internet Storm Center Infocon Status