News

Quote

The company plans to announce tomorrow that it's expanding its Xfinity Home Security service. Last year the company began testing the service in Houston. Now it's adding six more cities. Additional cities that will get the new service include parts of Philadelphia; Portland, Ore.; Jacksonville, Fla.; Sarasota/Naples, Fla.; Chattanooga, Tenn.; and Nashville.

The Xfinity Home Security service offers traditional home security features, such as police and fire alarm protection with 24-hour monitoring. It also offers some home automation functions, such as the ability to adjust thermostats and lights remotely. And when people are not home, they can also watch live video streams from wireless cameras that are positioned in and around their home.

The technology behind the system is slightly different from traditional home security systems from companies, such as ADT. The Comcast Xfinity Home Security system works over a broadband connection rather than a phone connection. And as a result it's able to offer the video service and remote management. The company uses cellular networks as a back up to the broadband connectivity to ensure uptime.

Quote

The volume of attacks that target the Android mobile operating system has increased by 400% since the summer of 2010. Also in that timeframe, one in 20 enterprise mobile devices has gone missing.

Those two findings come from the "Mobile Malicious Threats" report released Tuesday by Juniper Networks, which sells networking hardware and security products.

While significant, the four-fold increase in malware targeting Android isn't unexpected. "You don't have to be extraordinarily smart to write mobile malware these days because most devices don't have any security tools to stop the malware," said Dan Hoffman, chief mobile security evangelist at Juniper Networks, in a telephone interview.

Quote

Sony has announced the PlayStation Network has begun restoration today. The PSN will be restored in a series of phases with phase one restoring access to the PSN, online gaming for the PS3 and PSP, access to Netflix, Hulu, MLB.com and PlayStation Home. The remaining features, such as the ability to make purchases from the PSN Store will return soon.

Quote

As a wholly owned subsidiary of Intel, McAfee will become part of the company's Software and Services Group, run by senior vice president Renee James. McAfee president Dave DeWalt will report directly to James.

McAfee will continue to offer its own branded line of security products and maintain its own customers. The two companies said they're prepping the "first fruits" of their partnership to hit the market later this year.

The need for greater security across a greater array of devices was the driving force behind Intel's bid to pick up McAfee.

Pointing to the growing number of connected devices, from PCs to mobile phones to TVs to medical devices, the two companies have said that today's approach to security isn't enough. And with the mounting threat of cyberattacks, a new security framework that combines hardware, software, and services is needed.

Quote

Upon execution the ransomware will change the Desktop’s wallpaper to the “Warning! Piracy detected!” background.
...
It will then make sure the warnings appear every time the end user restarts PCs. In between, it will lock down the end user’s Desktop, featuring the “Copyright violation: copyrighted content detected” window

lsb_release -a

uname -r

Quote

Details follow:

Mathias Krause discovered that the Linux kernel did not correctly handle missing ELF interpreters. A local attacker could exploit this to cause the system to crash, leading to a denial of service. (CVE-2010-0307)

Marcelo Tosatti discovered that the Linux kernel's hardware virtualization did not correctly handle reading the /dev/port special device. A local attacker in a guest operating system could issue a specific read that would cause the host system to crash, leading to a denial of service. (CVE-2010-0309)

Sebastian Krahmer discovered that the Linux kernel did not correctly handle netlink connector messages. A local attacker could exploit this to consume kernel memory, leading to a denial of service. (CVE-2010-0410)

Ramon de Carvalho Valle discovered that the Linux kernel did not correctly validate certain memory migration calls. A local attacker could exploit this to read arbitrary kernel memory or cause a system crash, leading to a denial of service. (CVE-2010-0415)

Jermome Marchand and Mikael Pettersson discovered that the Linux kernel did not correctly handle certain futex operations. A local attacker could exploit this to cause a system crash, leading to a denial of service. (CVE-2010-0622, CVE-2010-0623)

Quote

Security Update 2007-009 (10.5.1) is recommended for all users and improves the security of the following components:

Core Foundation
CUPS
Flash Player Plug-in
Launch Services
perl
python
Quick Look
ruby
Safari
Samba
Shockwave Plug-in
Spin Tracer

Quote

Unless a school using the tool has firewalls on the borders of its network designed to block unsolicited Internet traffic -- and a great many universities do not -- that Web server is going to be visible and accessible by anyone with a Web browser. But wait, you say: Wouldn't someone need to know the domain name or Internet address of the Web server that's running the toolkit? Yes. However, anyone familiar enough with the file-naming convention used by the toolkit could use Google to search for the server. But surely there are ways a network administrator might keep this information from being available to the entire Web, right? Yes. The toolkit allows an administrator to require a username and password for access to the Web server. The problem is that the person responsible for running the toolkit is never prompted to create a username and password. What's more, while Apache includes a feature that can record when an outsider views the site, that logging is turned off by default in the MPAA's University Toolkit.

Quote

Case in point: A hacker's diversion of traffic from a California county government Web site to a porn purveyor spiraled into IT chaos yesterday after a countermeasure applied from Washington essentially "deleted the ca.gov domain." Order was restored only after seven hours of frenzied coast-to-coast communications and a "forced propagation" of ca.gov network systems, according to Jim Hanacek, public information officer for the California Department of Technology Services. "We don't for sure have the whole picture, but as we understand it, there was some event at the Transportation Authority of Marin Country where their site got hacked," Hanacek told me this afternoon. Traffic was being redirected from that site to one featuring pornography.

Quote

A computer program was used to access the employers' section of the website using stolen log-in credentials. Symantec said the log-ins were used to harvest user names, e-mail addresses, home addresses and phone numbers, which were uploaded to a remote web server. The stolen data could be used to send phishing and spam e-mails. "This remote server held over 1.6 million entries with personal information belonging to several hundred thousands of candidates, mainly based in the US, who had posted their resumes to the Monster.com website," reported Symantec.

Quote

Safari's security model prevents JavaScript in remote web pages from modifying pages outside of their domain. A race condition in page updating combined with HTTP redirection may allow JavaScript from one page to modify a redirected page. This could allow cookies and pages to be read or arbitrarily modified. This update addresses the issue by correcting access control to window properties. Credit to Lawrence Lai, Stan Switzer, and Ed Rowe of Adobe Systems, Inc. for reporting this issue.

Quote

According to the Chinese Internet Security Response Team (CISRT), users of Norton Antivirus, Norton Internet Security 2007 and Norton 360 who installed an antivirus signature update released by Symantec on May 17 could not reboot their PCs. The update reportedly mistook two Windows system files--"netapi32.dll" and "lsasrv.dll"--as the Backdoor.Haxdoo Trojan horse. The two files were subsequently quarantined. CISRT said the flawed Symantec update only affects users of the Simplified Chinese version of Windows XP Service Pack 2 that have been patched with a particular Microsoft software fix available since November 2006. CISRT noted that this issue has been "huge." According to CCTV.com, which is part of China's largest national TV network, the problem has affected millions of PCs and was not completely resolved as of Wednesday.

Quote

DHS has maintained that the Real ID concept is not a national identification database. While it's true that the system is not a single database per se, this is a semantic dodge; according to the DHS document, Real ID will be a collaborative data-interchange environment built from a series of interlinking systems operated and administered by the states. In other words, to the Department of Homeland Security, it's not a single database because it's not a single system. But the functionality of a single database remains intact under the guise of a federated data-interchange environment. The DHS document notes the "primary benefit of Real ID is to improve the security and lessen the vulnerability of federal buildings, nuclear facilities, and aircraft to terrorist attack." We know now that vulnerable cockpit doors were the primary security weakness contributing to 9/11, and reinforcing them was a long-overdue protective measure to prevent hijackings. But this still raises an interesting question: Are there really so many members of the American public just "dropping by" to visit a nuclear facility that it's become a primary reason for creating a national identification system? Are such visitors actually admitted?

Quote

The number of Web sites engineered to exploit the problem has jumped considerably since the vulnerability was publicly disclosed by Microsoft on March 29. It will likely continue to rise until patches are applied across corporate and consumer PCs, said Ross Paul, senior product manager for Websense.

Quote

Microsoft says you have to buy Vista because it makes you much safer online than XP, or any of its previous operating systems. Do you believe that?
Thompson: Consumers should not be confused. Vista is not a security solution. Vista is an operating system, and Vista provides some very important advances from Microsoft's perspective and for the industry's point of view on building a more stable, more reliable, more secure operating platform, but people still need the efficacy that comes with the products that Symantec and others in the industry build, and so we should not be confused by the marketing rhetoric with what Vista is. It's a hopefully much better product than XP or any of its predecessors, but it's not a security solution.