Information Security News

Adscend Media, the defendant in lawsuits filed this week by Facebook and the Washington attorney general, on Friday denied the allegations in the complaints and shifted blame to its affiliates.

Juniper Networks' challenges are due to timing with new product rollouts and shifts in investments from customers and channel partners.

Salesforce.com customers are sounding off about the fact that an upcoming Analytics Edition of the CRM (customer relationship management) software will have an additional price tag, saying that the functionality it includes should be part of their base subscriptions.

The largest-ever Android malware campaign may have duped as many as 5 million users into downloading infected apps from Google's Android Market, Symantec said today.

Cisco is in the midst of a major initiative to better integrate its various collaboration products and to give their interfaces a uniform, consistent design in order to make them easier to use and more effective at helping employees work with each other.

This week's tsunami of tech earnings, led by Apple's jaw-dropping quarterly report, has given market watchers something to cheer about and also points to industry shifts around tablets and cloud computing.

Facebook scammers have started redirecting victims through Amazon's cloud in order to bypass malicious URL filters, according to security researchers from antivirus vendor F-Secure.

Mission Control and other snazzy new Lion features may have gotten all the press, but columnist Ryan Faas has uncovered a slew of lesser-known features that every OS X Lion user should know about.

The Internet juggernaut Facebook could file papers for an initial public offering as early as Wednesday, hoping to raise as much as US$10 billion, the Wall Street Journal reported Friday.

Apple reclaimed the top spot in a brand listing by collecting an estimated $900 million worth of traditional media, social media and Twitter coverage in the fourth quarter of 2011, a measurement company said today.

Aneesh Chopra, who has served for the past two-and-a-half years as the first CTO for the U.S. government, is stepping down in early February.

Symantec pcAnywhere Insecure File Permissions Vulnerability

Lawmakers in Hawaii quietly dropped a bill that would have required Internet service providers to collect the browsing histories of Internet users in the state and store the data for at least two years.

vBSEO 'proc_deutf()' Remote Code Execution Vulnerability

HP Diagnostics Server 'magentservice.exe' Remote Stack Buffer Overflow Vulnerability

AdaCore Security Advisory SA-2012-L119-003 Hash collisions in AWS

GovInfoSecurity.com

Push on for Comprehensive Infosec Bill
GovInfoSecurity.com
By Eric Chabrow, January 28, 2012. The White House wants Congress to enact comprehensive cybersecurity legislation this year, favoring an approach taken by the Democratic-led Senate than a more piecemeal path backed by the Republican-controlled House ...

and more »

Symantec researchers have uncovered additional clues that point to Chinese hacker involvement in attacks against a large number of Western companies, including major U.S. defense contractors.

Security researchers from antivirus vendor Trend Micro have come across a Web-based attack that exploits a known vulnerability in Windows Media Player.

Postfix Admin Multiple SQL Injection and Cross Site Scripting Vulnerabilities

Asterisk SRTP Video Denial Of Service Vulnerability

ComponentOne FlexGrid ActiveX Control Buffer Overflow Vulnerability

Mobile application supports Android smartphones and tablets with virus scanning and protection from Web threats and SMS attacks.

Businesses should disable pcAnywhere, says Symantec
Infosecurity Magazine (US)
Symantec has confirmed that sample source code provided by the hacker known as YamaTough to Infosec Island is genuine Norton AV source code from the 2006 version of its product. As yet, little else is known. Last January, Infosecurity magazine ...

and more »

On Monday I told you how to turn your PC into a DVR by connecting an inexpensive, antenna-powered TV tuner. I also said I'd be back on Wednesday to explain how to connect that PC to your TV. Then I plumb forgot.

A reader letter makes Gibbs sum up why SOPA and PIPA are such bad ideas.

We show you how to set it up and what kind of performance you can expect.

[ GLSA 201201-15 ] ktsuss: Privilege escalation

[HITB-Announce] Reminder: HITB2012AMS Call For Papers Closing Soon

Super Bowl XLVI (46) kicks off on February 5 at Lucas Oil Stadium in Indianapolis, Indiana, and no matter where you'll be that Sunday, you have plenty of ways to stream the big game to your PC, tablet, or smartphone so you can watch the Giants and the Patriots struggle for supremacy on your preferred device.

CloudPassage is launching a new security product for virtual servers in public clouds such as Amazon Web Services that it says takes care of the all-important need for security when using services from infrastructure providers.

[SECURITY] [DSA 2394-1] libxml2 security update

The district court in Mannheim, Germany, has again sided with Apple in a patent suit brought by Samsung Electronics, saying on Friday that the company had not infringed on a second patent asserted by Samsung against the iPhone and iPad.

Apple has emerged as the No. 1 smartphone vendor worldwide in the fourth quarter of 2011, by a small margin, after losing ground to Samsung in the previous quarter, research firms Strategy Analytics and IHS iSuppli said Thursday.

Twitter can now remove tweets from users' feeds in specific countries while keeping them visible elsewhere, according to a post on the company's blog on Thursday.

Apache HTTP Server CVE-2012-0021 mod_log_config Denial Of Service Vulnerability

Offshore outsourcing companies continued to make up the majority of the top 10 H-1B visa users in 2011, according to new U.S. government data. These offshore firms have been adding employees by the thousands as revenues increase.

A reader (Thanks Jim!) mentioned earlier today that his SSHlogs were showing access attempts utilising elements of the reverse DNS name of the IPaddress being accessed. For example using isc.sans.org results in the userids isc, sans and org. This may be cause a number of hosting providers use the domain name itself as the userid for shell access for customers. In light of the breach at dreamhost earlier this week http://blog.dreamhost.com/2012/01/21/security-update/ this may be what is going on.
If you are noticing the same in your logs and you can share some log lines please send some in as I'd be interested in taking a peek.
Mark H
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

In case you missed it there is a vulnerability in the CISCOIronport telnet service. Details can be found here http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120126-ironport
To mitigate the risk (if you can't upgrade just yet) is to switch off telnet on the device and use SSHto manage it instead.
Mark H (c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

As reported earlier today, dana white had made a mistake of pissing off anonymous by calling them terrorist, which never goes down well. as a result the UFC scence is now starting to sufer from Dana's cocky mouth.

ZCompany Hacking Crew has defaced hundreds of websites in relation to Black day in Kashmir which symbols "No Lights, No Smiles... Only Black Day and Black Night.." and is held on the same day as republic day.

(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

The attacks which have left 50+ more sites defaced with the below message have been carried out by H3r0 and Magnum Sniper of Indishell team which have defaced thousands of websites todate.

Overview

Need to attribute information to ISC? Want to provide users with an avenue to visit the ISC site? Want to link directly to the ISC Stormcast, Infocon or other information? These methods and more are listed on out ISC Linkback Page! https://isc.sans.edu/linkback.html

Features

Various text only links and terms: ISC, Stormcast, Log Submission http://isc.sans.edu/linkback.html#text

Show an ISC image logo for your link back to ISC: Homepage, Stormcast http://isc.sans.edu/linkback.html#image

ISC Inforcon status image http://isc.sans.edu/linkback.html#other

Note

This works as DShield also. Just view the dshield.org url http://dshield.org/linkback.html

Don't see a link you'd like to use? Suggest in the comments section below or send any questions or comments in the contact form https://isc.sans.edu/contact.html

--

Adam Swanger, Web Developer (GWEB)

Internet Storm Center (http://isc.sans.edu) (c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Dana White, made a grave mistake, taking on the Internet hacktivisit giant, anonymous asking them to bring it on. Well as a result Dana White has now had all his personal details leaked online and been harassed like nothing else to a point he started fighting back and now has just gone quiet.

a young kid at the center of a massive breach on the popular smartphone app Grindr could be spare any sentence or conviction due to the fact no one within Australia has made a formal complaint about the breach. The hack which seen pretty much all the details of people leaked to various sources breached over a million accounts that allowed Mr nasty to control these accounts.

Well know wiki site provider wikispaces has been hacked and had a dump fo accounts leaked online by Netbashers. Netbashers have been making a load come today with already 2 big leaks, one that included a bollywood site and now this.

Netbashers are surely making this come back worth it, now leaking heaps of FTP accounts from a bollywood based website NineWinds.in. The accounts are fairly interesting to say the least, with universal music's account details being leaked as well as many other big name movies.

@psykonx from @Netbashers, who we have covered many many times before but they have been quiet for some time now have returned with thousands of accounts from a traffic exchange website called Just10time.com.

Companies are spending more time investigating the source of data breaches and their impacts than properly preparing for them, says a survey.

Google today dismissed concerns by a former senior federal IT official that its controversial new privacy policy would create problems for customers of Google Apps for Government.

Amid renewed reports of poor working conditions at factories making Apple products in China, it's unclear whether customers will demand change.

Bucking the trend of increasingly experimental desktop interfaces, the developers behind the Linux Mint are adopting a simpler desktop for the next version of the open-source Linux distribution.