Hackin9

Authentic8 Enhances Silo for Enterprise Information Security Researchers
SYS-CON Media (press release)
"These enhancements for infosec researchers are a direct response to the needs of our users. Silo is a platform and we will continue to enhance and extend its capabilities." "Our team has been using Toolbox for a while. The ability to launch a browser ...

and more »
 

Posted by InfoSec News on Oct 23

http://www.eweek.com/security/many-americans-say-they-will-avoid-breached-retailers-study-shows.html

By Robert Lemos
eWEEK.com
2014-10-22

Following security breaches, more retail stores may feel a slump from lack
of customer confidence, a new study suggests.

Retail stores hit by cyber-criminals have to worry about consumer
backlash, as customers are more likely to avoid compromised retailers,
according to a study released this week by...
 

Posted by InfoSec News on Oct 23

http://fas.org/blogs/secrecy/2014/10/offensive-cyber/

By Steven Aftergood
Federation of American Scientists
Oct. 22, 2014

A newly disclosed Department of Defense doctrinal publication acknowledges
the reality of offensive cyberspace operations, and provides a military
perspective on their utility and their hazards.

Attacks in cyberspace can be used “to degrade, disrupt, or destroy access
to, operation of, or availability of a target by a...
 

BRS Labs to Bring Ground Breaking Artificial Intelligence Analytics to AAPA's ...
Broadway World
The AISight Everywhere platform is a centralized system with modules for big data, intelligent video analytics, SCADA, InfoSec, and other core business functions. BRS Labs is headquartered in Houston, with offices in Washington DC, London, Sao Paulo ...

and more »
 

Posted by InfoSec News on Oct 23

http://www.detroitnews.com/story/business/autos/2014/10/22/automakers-working-prevent-vehicle-cyber-terrorism/17710785/

By Michael Wayland
The Detroit News
October 22, 2014

Right now is the time for automakers and federal regulators to address
potential “acts of terrorism” using connected vehicles, according to
former administrator of the government’s vehicle safety watchdog.

David Strickland, ex-head of the National Highway Traffic...
 

Posted by InfoSec News on Oct 23

http://www.qianhuaweb.com/content/2014-10/22/content_5280999.htm

[Google translation]

By Jiang Tao and Guo Junyu
China news agency
October 22, 2014

Chinese Foreign Ministry spokeswoman Hua Chunying the 22nd at a regular press
conference in Beijing, said the network security affairs consultation mechanism
between Japan and South Korea for the first time the meeting discussed the
fight against cybercrime and cyber-terrorism, emergency...
 
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 

We received the following vulnerability advisory for a remote code execution vuln identified and reported in Ciscos Ironport WSA Telnetd.

Vendor: Cisco
Product web page: http://www.cisco.com
Affected version: Cisco Ironport WSA - AsyncOS 8.0.5 for Web build 075
Date: 22/05/2014
Credits: Glafkos Charalambous
CVE: CVE-2011-4862
CVSS Score: 7.6
Impact: Unauthenticated Remote Code Execution with elevated privileges
Description: The Cisco Ironport WSA virtual appliances are vulnerable to an old FreeBSD telnetd encryption Key ID buffer overflow which allows remote attackers to execute arbitrary code (CVE-2011-4862).
Cisco WSA Virtual appliances have the vulnerable telnetd daemon enabled by default.

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4862
http://www.freebsd.org/security/advisories/FreeBSD-SA-11:08.telnetd.asc
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120126-ironport

Nice work by Glafkos but what you cant see is me shaking my head. *sigh*
Ill repeat the facepalm-inspiring statement again: Cisco WSA Virtual appliances have the vulnerable telnetd daemon enabled by default.
Still, with the telnets? And on by default?
From the related FreeBSD advisory:
The FreeBSD telnet daemon, telnetd(8), implements the server side of the
TELNET virtual terminal protocol. It has been disabled by default in
FreeBSD since August 2001, and due to the lack of cryptographic security
in the TELNET protocol, it is strongly recommended that the SSH protocol
be used instead.">Trying 192.168.0.160...
Connected to 192.168.0.160.
Escape character is ^]">| font-family: ">@holisticinfosec

) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
Apple Mac OS X QuickTime CVE-2014-4351 'm4a' File Handling Buffer Overflow Vulnerability
 
Apple Mac OS X CVE-2014-1391 Memory Corruption Vulnerability
 

A new security feature for Google’s services will help users better protect their data by requiring that they insert a USB security key to log in to their account.

Announced on Tuesday, the optional Security Key technology requires that a Chrome user take two additional steps to sign in to their Google account: plug a small key into the USB port on their computer and tap a button. The process is a simpler and more secure version of the 2-Step Verification process that Google offers to security-conscious users. With 2-Step Verification, users receive a code from Google on their phone or in e-mail that they must enter into Google’s site to complete the login process.

Users that opt for the Security Key technology will have to purchase a special USB key, which typically costs less than $20.

Read 10 remaining paragraphs | Comments

 
Linux Kernel 'ext4/file.c' Local Denial of Service Vulnerability
 
Bugzilla CVE-2014-1571 Information Disclosure Vulnerability
 
Bugzilla 'realname' Parameter Security Bypass Vulnerability
 
Drupal Site Banner Module Cross Site Scripting Vulnerability
 
Drupal Marketo MA Module Multiple Cross Site Scripting Vulnerabilities
 
Splunk 'Referer' Header Cross Site Scripting Vulnerability
 
Drupal TableField Module Cross Site Scripting Vulnerability
 

Profile of Matt Hartley
Dark Reading
Matt Hartley has held a variety of responsibilities at iSIGHT Partners including leading government programs, managing technology partnerships, and leading a team launching new service offerings. Previously, he was a Senior Program Manager of ...

 
The National Institute of Standards and Technology (NIST) has published the final version of the US Government Cloud Computing Technology Roadmap, Volumes I and II. The roadmap focuses on strategic and tactical objectives to support the ...
 
LinuxSecurity.com: Updated wireshark packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Moderate security [More...]
 
LinuxSecurity.com: Updated wireshark packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Moderate security [More...]
 
LinuxSecurity.com: Multiple vulnerabilities has been found and corrected in the Linux kernel: The try_to_unmap_cluster function in mm/rmap.c in the Linux kernel before 3.14.3 does not properly consider which pages must be locked, [More...]
 
LinuxSecurity.com: Updated bugzilla packages fix security vulnerabilities: If a new comment was marked private to the insider group, and a flag was set in the same transaction, the comment would be visible to flag recipients even if they were not in the insider group (CVE-2014-1571). [More...]
 
LinuxSecurity.com: Updated perl and perl-Data-Dumper packages fixes security vulnerability: The Dumper method in Data::Dumper before 2.154, allows context-dependent attackers to cause a denial of service (stack [More...]
 
LinuxSecurity.com: Updated mediawiki packages fix security vulnerability: MediaWiki before 1.23.4 is vulnerable to cross-site scripting due to JavaScript injection via CSS in uploaded SVG files (CVE-2014-7199). [More...]
 
LinuxSecurity.com: Updated python packages fix security vulnerability: Python before 2.7.8 is vulnerable to an integer overflow in the buffer type (CVE-2014-7185). [More...] _______________________________________________________________________
 
LinuxSecurity.com: Updated rsyslog packages fix security vulnerability: Rainer Gerhards, the rsyslog project leader, reported a vulnerability in Rsyslog. As a consequence of this vulnerability an attacker can send malformed messages to a server, if this one accepts data from untrusted [More...]
 
LinuxSecurity.com: New openssh packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix a security issue. [More Info...]
 
LinuxSecurity.com: Updated qemu-kvm packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Low security [More...]
 
LinuxSecurity.com: Updated rsyslog5 and rsyslog packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6 respectively. Red Hat Product Security has rated this update as having Moderate security [More...]
 
LinuxSecurity.com: Security Report Summary
 
File Manager v4.2.10 iOS - Code Execution Vulnerability
 
iFunBox Free v1.1 iOS - File Include Vulnerability
 

BRS Labs to Bring Ground Breaking Artificial Intelligence Analytics to AAPA's ...
Business Wire (press release)
The AISight Everywhere™ platform is a centralized system with modules for big data, intelligent video analytics, SCADA, InfoSec, and other core business functions. BRS Labs is headquartered in Houston, with offices in Washington DC, London, Sao Paulo, ...

and more »
 
Internet Storm Center Infocon Status