InfoSec News

A survey of 255 high-level IT managers and storage admins found that they have no plans to use big data analytics and showed that Fibre Channel drives no longer make up the bulk of purchases for enterprise storage capacity.
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Ross Levinsohn, who served as Yahoo's interim CEO for about two months until the company hired former Google executive Marissa Mayer on July 16, will leave the company on Tuesday.
Hewlett-Packard is extending its 3PAR enterprise storage offerings with an all-SSD version of the P10000 array.
A highly anticipated patent infringement case between Apple and Samsung Electronics will get under way in a California courtroom on Tuesday after each side spent Monday agreeing on a 10-person jury.
TEMENOS T24 R07.03 Authentication Bypass
TEMENOS T24 R07.03 Reflected Cross-Site Scripting
DataWatch Monarch Business Intelligence (BI) v5.1 Admin Section Blind XPath Injection
ISC DHCP Multiple Denial of Service Vulnerabilities
Apple's refusal to put into writing its operating system support policy leaves Snow Leopard users wondering whether their copy of OS X has been retired, security experts said today.
Security researchers disclosed critical vulnerabilities in routers from Chinese networking and telecommunications equipment manufacturer Huawei at the Defcon hackers conference on Sunday.
TCP/IP Protocol Stack Multiple Remote Denial Of Service Vulnerabilities
[SECURITY] [DSA 2517-1] bind9 security update
DataWatch Monarch Business Intelligence (BI) v5.1 client section stored cross-site scripting
DataWatch Monarch Business Intelligence (BI) v5.1 admin section stored cross-site scripting
DataWatch Monarch BI v5.1 admin section reflected cross-site scripting
Moxie Marlinspike and David Hulton gave a talk at Defcon 20 on a presentation on cracking MS-CHAPv2 with 100% success rate. This protocol is still very much in use with PPTP VPNs, and WPA2 Enterprise environments for authentication.
Moxie's recommendations [1]:
1- All users and providers of PPTP VPN solutions should immediately start migrating to a different VPN protocol. PPTP traffic should be considered unencrypted.

2- Enterprises who are depending on the mutual authentication properties of MS-CHAPv2 for connection to their WPA2 Radius servers should immediately start migrating to something else.
Knowing that MS-CHAPv2 can now be cracked, what alternatives are you considering to secure your now insecure communications? The two alternatives suggested by Moxie are [...] OpenVPN configuration, or IPSEC in certificate rather than PSK mode.
[1] https://www.cloudcracker.com/blog/2012/07/29/cracking-ms-chap-v2/

[2] https://github.com/moxie0/chapcrack
Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu (c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Oracle Sun Products Suite CVE-2012-1750 Local Solaris Vulnerability
OpenStack Compute (Nova) CVE-2012-3371 Denial Of Service Vulnerability
ocPortal 7.1.5 <= | Open URL Redirection Vulnerability
Spark IM Client Local Password Decryption
Oracle Sun Products Suite CVE-2012-3112 Remote Solaris Vulnerability
T-Mobile USA announced Monday that the 5.3-in. Samsung Galaxy Note will be available on Aug. 8 for $249.99, after a rebate with a two-year service plan.
Social network Google+, which turned a year old at the end of June, has seen its user base take a dramatic jump in the past six to seven months, according to comScore, an Internet traffic monitor.
A September launch of the next iPhone, as well as a new, smaller iPad would make it easier for Apple to erase the bad taste of the second quarter and beat its own lowered expectations this quarter, a Wall Street analyst said.
Lawyers for Apple and Samsung Electronics have begun choosing the 10 people that will make up the jury to which they will argue claims of patent infringement.

Cuckoo Sandbox keeps open source malware analysis moving
Network World
Between Black Hat, DefCon and BSides Las Vegas, a critical mass of the infosec universe is on hand and it always a great learning experience in addition to a great time. I wanted to highlight a few things you probably haven't read about yet that I ...

Asynchronous turn-based games--those apps in which you and an opponent trade turns in a game that unfolds at a pace of your choosing--have proven to be a popular addition to the iOS App Store. But Disc Drivin' may prove that even the most popular format has its limitations.
A Google researcher has discovered that Ubisoft's Uplay DRM opens a backdoor allowing attackers to remotely take control of a system. Ubisoft has issued an update to close the hole

Researcher Peter Hannay's man-in-the-middle attack exploited an SSL handing flaw to remotely wipe Android and iOS mobile devices via Exchange server.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google

CA, INC. : CA Technologies Korea Inks Managed Service Provider Partnership ...
Seoul, July 30, 2012 - CA Technologies Korea (CA: NASDAQ) today announced it has entered into a Managed Service Provider (MSP) partnership with SK Infosec. Under the agreement, SK Infosec will provide its customers in Korea, China, Hong Kong and ...

Just weeks after announcing the deal, Microsoft has closed its acquisition of Perceptive Pixel (PPI), whose large-scale, multitouch displays Microsoft plans to use to boost its collaboration, meetings and presentation products.
Security researcher Michael Coppola demonstrated how small and home office (SOHO) routers can be compromised and turned into botnet clients by updating them with backdoored versions of vendor-supplied firmware.
[ MDVSA-2012:110-1 ] mozilla
[ MDVSA-2012:119 ] bind
[slackware-security] bind (SSA:2012-209-01)
More than 3 million copies of OS X Mountain Lion have been downloaded since its debut last week, Apple said today.
I had high hopes that we might actually see a federal cybersecurity bill this year. Foolish me! (Of course, by the time this is published I may have been proven wrong--but I doubt it). Lieberman-Collins bill looked like it might go somewhere...but it didn't. CISPA even passed the House before it ran into the stone wall of another house (white). Now there are grumblings in the Senate that may doom any other cybersecurity legislation that comes up this year. What a shame.
Microsoft Surface tablets will go on sale on Oct. 26, the same day that Windows 8 becomes available, the company disclosed in a 10-K report filed on July 26 with the Securities and Exchange Commission.
A third party can increase risk, so your contract should address this possibility.
Panasonic said it has developed a new system for artificial photosynthesis that can remove carbon dioxide from the air almost as well as plants do, as part of the company's push to join an industry-wide trend toward greener tech.
Oracle said Monday it has inked a deal to buy software-defined networking vendor Xsigo Systems, in a move that will support Oracle's ongoing foray into cloud computing. Terms of the acquisition, which is expected to close within a few months, were not disclosed.
BIND has released 4 new versions that takes care of 2 security issues. They can be downloaded here.


New security bulletins

CVE-2012-3868: High TCP Query Load Can Trigger a Memory Leak in BIND 9
CVE-2012-3817: Heavy DNSSEC Validation Load Can Cause a Bad Cache Assertion Failure in BIND9

[1] http://www.isc.org/downloads/all

[2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3817

[3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3868
Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu (c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
One Laptop Per Child is redesigning its venerable XO-1.75 laptop, by adding a touchscreen, the nonprofit organization said in a blog post.
The U.S. has been shipping application development work offshore for years, but cloud computing may help make America a data center services exporter.
More and more companies are creating private social networks that help their employees learn from each other and drive the business forward. Here are tips from four companies that are finding success with internal social networks.
Microsoft on Monday announced new keyboards and mice optimized for tablets and laptops running the Windows 8 operating system.
A Taiwanese university has sued Apple for alleged patent infringement in its Siri voice assistant, as part of an initiative to help Taiwan's local electronic firms fight back against intellectual property disputes brought by their foreign rivals.
App Store malware that can't actually do anything malicious, a Mac trojan which is not in the wild, a worm that plays AC/DC songs, a false alarm from F-Secure, another password leak, and more Flame secrets revealed

Three of the technologies that received a Microsoft award are designed to prevent the exploitation of Return Oriented Programming vulnerabilities. Some of them can already be tested with EMET

A security researcher has managed to save a modified device driver to Apple's Thunderbolt to Ethernet adapter which causes the system to load a rootkit on booting

Documents submitted to a California court as part of the patent battle between Apple and Samsung Electronics provide a fascinating look at the iPhone and iPad designs considered by Apple before the devices went on sale.
Internet Storm Center Infocon Status