Hackin9
U.S. Customs and Border Protection can search travelers' laptops and other electronic devices without a show of reasonable suspicion, according to a federal judge's dismissal of a 2010 lawsuit on Tuesday.
 
Cloud computing has proven to be one of the great disruptive technologies of our time, and the effects of its increasing adoption and maturation will ripple out through 2014. Here are 10 predictions for how the cloud will impact IT in the coming year.
 

Dell, others named in NSA spying program
SC Magazine Australia
Applebaum told the 30c3 audience that he expects the InfoSec community to now search systems for evidence of the NSA malware in use. “A lot of malware researchers will have a lot to say about this in the future,” he said. Indeed, Applebaum referred to ...

 
The U.S. National Security Agency was developing in 2008 a software implant for Apple iPhones that allowed the agency to take almost total control of the device, including retrieving text messages and voicemail and remotely turning on its microphone and camera, according to a report by Der Spiegel.
 
Windows' error- and crash-reporting system sends a wealth of data unencrypted and in the clear, information that eavesdropping hackers or state security agencies can use to refine and pinpoint their attacks, a researcher said today.
 

A few readers have written asking about odd denials when trying to use Juniper VPNs.  Turns out they released a Product Support Notification (subscription required) about their host check feature which fails on endpoints that have a local date set 12/31/2013 or later.  There are working on a fix but as a workaround, you can change the local date on the PC, disable host checker verification all together or create a manual host checker process that disables checking firewall, anti-virus and/or anti-spyware predefined checks.  Juniper plans to release a fix some time between 12/31 and 1/3/14.

--
John Bambenek
bambenek \at\ gmail /dot/ com
Bambenek Consulting

(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
LinuxSecurity.com: Multiple vulnerabilities have been discovered in Drupal, a fully-featured content management framework: vulnerabilities due to optimistic cross-site request forgery protection, insecure pseudo random number generation, code execution and incorrect security token validation. [More...]
 
LinuxSecurity.com: A vulnerability in Xfig could result in execution of arbitrary code or Denial of Service.
 
LinuxSecurity.com: Multiple vulnerabilities have been found in the HP Linux Printing and Imaging System: Insecure temporary files, insufficient permission checks in PackageKit and the insecure hp-upgrade service has been disabled. [More...]
 
LinuxSecurity.com: Peter McLarnan discovered that the internationalization component of Ruby on Rails does not properly encode parameters in generated HTML code, resulting in a cross-site scripting vulnerability. This update corrects the underlying vulnerability in the i18n gem, as provided by [More...]
 
2013 was the year we learned we must encrypt our data if we don't want the likes of the U.S. National Security Agency or the U.K. Government Communications Headquarters reading it as it crosses the Internet.
 
JBoss Fuse Management Console CVE-2013-4372 Multiple HTML Injection Vulnerabilities
 
Linux Kernel CVE-2013-3226 Local Information Disclosure Vulnerability
 
Archos announced smartwatches starting at under $83 and an Android tablet specially designed to make home automation a breeze.
 
Facebook remained the most popular social networking destination among U.S. adults online, but users are also turning to other websites for their daily social fix.
 
Linux Kernel CVE-2013-6368 Local Privilege Escalation Vulnerability
 
Companies have to fully confront the privacy issues they face and rethink their policies from the bottom up.
 
Instead of scaring businesses away from using hosted services, as some experts predicted, the leaking of classified documents detailing NSA data collection activities are driving some long overdue changes in enterprise and service provider security and privacy concerns.
 
OpenStack Glance '/var/log/glance' Insecure File Permissions Vulnerability
 
Microsoft Windows 'Win32k.sys' CVE-2013-3903 Denial Of Serivce Vulnerability
 

Posted by InfoSec News on Dec 31

http://www.computerworld.com/s/article/9245053/Target_confirms_customer_PINs_were_taken_in_breach_maintains_data_is_safe

By Chris Kanaracus
IDG News Service
December 27, 2013

Target has confirmed that hackers obtained customer debit card PINs
(personal identification numbers) in the massive data breach suffered by
the retailer during the busy holiday shopping season, but says customers
should be safe, as the numbers were encrypted.

Some 40...
 

Posted by InfoSec News on Dec 31

http://www.wired.com/threatlevel/2013/12/nsa-hacking-catalogue/

By Kim Zetter
Threat Level Wired.com
12.30.13

While most Americans spend their time shopping Amazon, Target and
Apple.com, the National Security Agency’s elite team of hackers spends its
time shopping a secret high-end catalog of custom tools designed to
subvert firewalls, servers, and routers made by U.S. firms, impersonate a
GSM base station to intercept mobile phone calls,...
 

Posted by InfoSec News on Dec 31

http://news.techworld.com/security/3495137/bbc-server-took-over-by-russian-cybercriminal/

By Sam Shead
Techworld
30 December 2013

A Russian hacker gained access to a BBC server over the Christmas period
and attempted to sell access to it to other cybercriminals, reports
suggest.

US firm Hold Security told Reuters and the Financial Times that it had
spotted the hacker advertising the exploit on an underground cybercrime
forum.

The BBC’s...
 

Posted by InfoSec News on Dec 31

http://www.defenseone.com/threats/2013/12/china-top-foreign-investor-us-firms-critical-national-security/75899/

By Tim Fernholz
Quartz
December 23, 2013

China overtook the United Kingdom last year as the country that received
the most scrutiny of its US investments, according to the US government.

The Committee on Foreign Investment in the US (CFIUS) is charged with
reviewing mergers, acquisitions, and other transactions where a foreign...
 

Posted by InfoSec News on Dec 31

http://www.darkreading.com/attacks-breaches/attackers-wage-network-time-protocol-bas/240165063

By Kelly Jackson Higgins
Dark Reading
December 30, 2013

Attackers have begun exploiting an oft-forgotten network protocol in a new
spin on distributed denial-of-service (DDoS) attacks, as researchers
spotted a spike in so-called NTP reflection attacks this month.

The Network Time Protocol, or NTP, syncs time between machines on the
network, and...
 
Microsoft Windows Local Procedure Call CVE-2013-3878 Local Privilege Escalation Vulnerability
 
Microsoft Windows CVE-2013-5056 Use-After-Free Remote Code Execution Vulnerability
 
libgadu SSL Certificate Validation CVE-2013-4488 Security Bypass Vulnerability
 
[SECURITY] [DSA 2830-1] ruby-i18n security update
 
[security bulletin] HPSBMU02959 rev.1 - HP Service Manager WebTier and Windows Client, Cross-Site Scripting (XSS), Execution of Arbitrary Code and other Vulnerabilities
 
Internet Storm Center Infocon Status