InfoSec Daily Podcast Episode 837 [ 24:27 | 11.2 MB ] Play Now | Play in Popup | Download (190)

InfoSec Daily Podcast Episode 837 for February 1, 2013.  Tonight's podcast is hosted by Geordy Rostad, Boris Sverdlik, aricon and Justin Brown

Announcements

ShmooCon

When: February 15-17, 2013

Where: Washington DC

http://shmoocon.org

Spridel is going, Them is going, IronGeek is going, Bill is going.

CarolinaCon

When: March 15-17, 2013

Where: Raleigh, NC

http://carolinacon.org/

CactusCon
When: March 22, 2013
Where: Tempe, AZ
Cost: Free
http://www.cactuscon.com/
Call for Sponsors is Open
CFP closes January 31
 

BSidesROC

When: April 6, 2013

Where: Cathedral Hall inside the Rochester Auditorium Center

http://www.bsidesroc.com/speakers/

BSidesPuertoRico

When: April 5-7, 2013

Where: San Juan, Puerto Rico

http://bsidespr.org/

CFP is open

Cost: TBD.

BSides Orlando

When: April 13-14, 2013

Where: Orlando, FL

http://bsidesorlando.com/

CFP is open http://www.securitybsides.com/w/page/61141960/BSidesOrlandoCFP

AIDE 2013

When: April 15-19, 2013

Where: Huntington, WV

http://appyide.org

CFP is open and plain text emails Bill (dot) Gardner (at) marshall (dot) edu

Charlotte ISSA Summit
When: April 17 Training (Hands on Course)
When: April 18 Summit
https://www.charlotteissa.org/2013%20Annual%20Summit
CFP is open
Cost: $20 for members, $50 for partners, and $80 for Non-members
 

BSidesLondon

@bsideslondon

When: April 24, 2013

Where: London. England

http://www.securitybsides.com/w/page/59132020/BSidesLondon-2013

https://docs.google.com/spreadsheet/viewform?formkey=dGYyQzA0N1hlY2J0cDEwS2RYcUk5WFE6MQ#gid=0

Thotcon
When: April 25-27, 2013
Where: Chicago, IL
http://www.thotcon.org/schedule.html

BSidesMemphis

When: May 18, 2013

Where: Southwest Tennessee Community College

http://www.securitybsides.com/w/page/59761145/BsidesMemphis2013

BsidesLV 2013 “Science Fair”

http://blog.uncommonsensesecurity.com/2012/08/the-bsides-las-vegas-2013-innovation.html

DerbyCon 3

When: September 25-29, 2013

Where: Louisville, KY

http://derbycon.com

Call for Training is OPEN!

Tickets and CFP opens April 1, 2013

For easy use of the Amazon Affiliate link, use AffiliateFox. Configure it for amazon.com with infdaipod05-20, and for amazon.co.uk with infdaipod-21. Thanks for supporting the podcast!

Stories:

Source: http://www.theregister.co.uk/2013/01/31/java_security_update/

An application developer reports that the latest Java 7 update "silently" deletes Java 6, breaking applications in the process.

Java 7 update 11 was released two weeks ago to deal with an unpatched vulnerability which had gone mainstream with its incorporation into cybercrook toolkits such as the Blackhole Exploit Kit in the days beforehand. Attacks were restricted to systems running Java browser add-ons.

But Oracle's response appears to have caused some collateral damage.

JNBridge, which provides Java and .NET interoperability tools, reports that customers of software providers who use its technology came a cropper in cases where users had applied the latest Java update (Java 7u11). The software developer blogged about the issue here.

…

Source: http://www.theregister.co.uk/2013/02/01/symantec_responds_nyt_apt/

Symantec has taken the unusual step of commenting on a story about a customer, issuing a robust statement denying its anti-virus products were to blame for sophisticated targeted attack on the New York Times.

The Gray Lady revealed yesterday that it had been persistently attacked for four months by China-based cyber insurgents. They used classic APT-style techniques to breach defences before lifting New York Times staff passwords in an attempt to find out more information on an expose run by the paper into outgoing Premier Wen Jiabao.

…

Source: http://news.cnet.com/8301-1009_3-57566995-83/wall-street-journal-china-hackers-hit-us-too/

The Wall Street Journal said today that it's been the target of Chinese hackers stemming from its coverage of China, echoing reports from other news organizations.

Hackers infiltrated the newspaper's computer system through its Beijing bureau in order to monitor the paper's coverage of China, according to the report. Paula Keve, chief spokeswoman for the Journal's parent company, Dow Jones, issued a statement that said the hacks "are not an attempt to gain commercial advantage or to misappropriate customer information." The company completed a "network overhaul" on Thursday to increase security.

…

Source: http://allthingsd.com/20130201/twitter-hacked-250000-user-accounts-compromised/

Twitter disclosed on Friday evening that its systems had been attacked in the past week by an unidentified group of hackers. As a result of the the attack, the hackers may have had access to the usernames, email addresses and other sensitive information of nearly a quarter of a million twitter users.

“This week, we detected unusual access patterns that led to us identifying unauthorized access attempts to Twitter user data. We discovered one live attack and were able to shut it down in process moments later,” the company said in a blog post. “However, our investigation has thus far indicated that the attackers may have had access to limited user information – usernames, email addresses, session tokens and encrypted/salted versions of passwords – for approximately 250,000 users.”

On Friday evening, Twitter sent out emails to those users whose accounts may have been compromised, notifying them that the company had automatically reset their user passwords, and that they would need to create a new password in order to access the service again.

…

[END]

InfoSec Daily Podcast Episode 836 [ 41:57 | 19.21 MB ] Play Now | Play in Popup | Download (176)

InfoSec Daily Podcast Episode 836 for January 31, 2013.  Tonight's podcast is hosted by Justin Brown, Adrian Crenshaw, and Bill Gardner, with late arrival Themson Mester.

Announcements

ShmooCon

When: February 15-17, 2013

Where: Washington DC

http://shmoocon.org

Spridel is going, Them is going, IronGeek is going, Bill is going.

CarolinaCon

When: March 15-17, 2013

Where: Raleigh, NC

http://carolinacon.org/

CactusCon
When: March 22, 2013
Where: Tempe, AZ
Cost: Free
http://www.cactuscon.com/
Call for Sponsors is Open
CFP closes January 31
 

BSidesROC

When: April 6, 2013

Where: Cathedral Hall inside the Rochester Auditorium Center

http://www.bsidesroc.com/speakers/

BSidesPuertoRico

When: April 5-7, 2013

Where: San Juan, Puerto Rico

http://bsidespr.org/

CFP is open

Cost: TBD.

BSides Orlando

When: April 13-14, 2013

Where: Orlando, FL

http://bsidesorlando.com/

CFP is open http://www.securitybsides.com/w/page/61141960/BSidesOrlandoCFP

AIDE 2013

When: April 15-19, 2013

Where: Huntington, WV

http://appyide.org

CFP is open and plain text emails Bill (dot) Gardner (at) marshall (dot) edu

Charlotte ISSA Summit
When: April 17 Training (Hands on Course)
When: April 18 Summit
https://www.charlotteissa.org/2013%20Annual%20Summit
CFP is open
Cost: $20 for members, $50 for partners, and $80 for Non-members
 

BSidesLondon

@bsideslondon

When: April 24, 2013

Where: London. England

http://www.securitybsides.com/w/page/59132020/BSidesLondon-2013

https://docs.google.com/spreadsheet/viewform?formkey=dGYyQzA0N1hlY2J0cDEwS2RYcUk5WFE6MQ#gid=0

Thotcon
When: April 25-27, 2013
Where: Chicago, IL
http://www.thotcon.org/schedule.html

BSidesMemphis

When: May 18, 2013

Where: Southwest Tennessee Community College

http://www.securitybsides.com/w/page/59761145/BsidesMemphis2013

BsidesLV 2013 “Science Fair”

http://blog.uncommonsensesecurity.com/2012/08/the-bsides-las-vegas-2013-innovation.html

DerbyCon 3

When: September 25-29, 2013

Where: Louisville, KY

http://derbycon.com

Call for Training is OPEN!

Tickets and CFP opens April 1, 2013

For easy use of the Amazon Affiliate link, use AffiliateFox. Configure it for amazon.com with infdaipod05-20, and for amazon.co.uk with infdaipod-21. Thanks for supporting the podcast!

Stories::

Source: http://reviews.cnet.com/8301-13727_7-57566866-263/popular-security-utilities-for-os-x-put-to-the-test/

Even though the prevalence of threats for the Mac remains relatively minimal, malware on OS X has raised its ugly head a bit in the past few years. Some in the Mac community have been affected by threats such as the Flashback malware, DNSChanger, and the MacDefender Trojan, among others. As a result, while the most effective way of keeping a Mac secure is to follow safe browsing and computing practices, you may also be considering using anti-malware utilities. But which ones perform best?

Recently, Mac security analyst Thomas Reed attempted to tackle this question in part by putting a number of popular antivirus utilities to the test. To do so, Reed took a collection of 128 malware samples that included both recent active malware threats and extinct threats, and ran a number of popular antivirus utilities to see how they managed this collection. Arguably, the sample size of 128 might not be enough to give a complete assessment of these programs' capabilities, but it should be adequate enough for comparative purposes.

….

Source: http://www.nytimes.com/2013/01/31/technology/chinese-hackers-infiltrate-new-york-times-computers.html?_r=0

For the last four months, Chinese hackers have persistently attacked The New York Times, infiltrating its computer systems and getting passwords for its reporters and other employees.

After surreptitiously tracking the intruders to study their movements and help erect better defenses to block them, The Times and computer security experts have expelled the attackers and kept them from breaking back in.

The timing of the attacks coincided with the reporting for a Times investigation, published online on Oct. 25, that found that the relatives of Wen Jiabao, China’s prime minister, had accumulated a fortune worth several billion dollars through business dealings.

Security experts hired by The Times to detect and block the computer attacks gathered digital evidence that Chinese hackers, using methods that some consultants have associated with the Chinese military in the past, breached The Times’s network. They broke into the e-mail accounts of its Shanghai bureau chief, David Barboza, who wrote the reports on Mr. Wen’s relatives, and Jim Yardley, The Times’s South Asia bureau chief in India, who previously worked as bureau chief in Beijing.

…

Source: http://www.theregister.co.uk/2013/01/30/oracle_java_security_analysis/

Oracle has broken its silence to admit there are security issues with Java in web browsers – but it insists the tech is solid on servers and within mobile and desktop apps.

In a blog post published on Friday, Oracle noted the "media firestorm" around the recent Java vulnerability, admitting users may have been left "frustrated with Oracle's relative silence on the issue".

Oracle released a new version of Java 7 (Java 7u11) on 13 January designed to plug a zero-day vulnerability that has been exploited in the wild. The update was important because the exploit for the bug had been "weaponised" and bundled in widely available black-market hacking toolkits in the week prior to Oracle's emergency out-of-band update.

In an advisory, Oracle explained that the update switched default Java security settings to "High" so that users will be prompted to allow cryptographically self-signed, or completely unsigned, Java applets to run.

The security flap generated plenty of publicity, especially after the US Department of Homeland Security warned that despite the updates, Java remained a weak target in browsers. Several antivirus firms, including F-Secure and Sophos, advised users to disable Java plugins for their main browser to minimise exposure to future attacks.

…

[END]