[ISN] Ankit Fadia Revealed

______________________________________________ Visit the InfoSec News Security Bookstore Best Selling Security Books and More! http://www.shopinfosecnews.org




Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] DHS bigwig ‘adamantly opposed’ to degree fetishism

http://www.theregister.co.uk/2013/02/26/no_degree_needed_for_infosec_pros/ By Jack Clark in San Francisco The Register 26th February 2013 RSA 2013 HR and in-house recruitment types should get rid of the myopic idea that to work in IT you must have been to university, says a Department of Homeland Security honcho. Many “corporate and government jobs actually require a college degree or equivalent work experience,” DHS deputy undersecretary for cybersecurity Mark Weatherford, told El Reg at security circus RSA on Monday. “I am adamantly opposed to that idea.” Though many of these jobs specify that equivalent experience is acceptable in lieu of a degree, “there’s still an expectation” among bureaucratic organizations that wannabe security workers will have gone to university. This expectation can make life difficult for candidates, Weatherford said, noting he’d been in interviews where otherwise sparkling candidates were probed about their lack of university experience. “They just melt,” he said. […] ______________________________________________ Visit the InfoSec News Security Bookstore Best Selling Security Books and More! http://www.shopinfosecnews.org


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Hacking Victim Bit9 Blames SQL Injection Flaw

http://www.cio.com/article/729401/Hacking_Victim_Bit9_Blames_SQL_Injection_Flaw By Jeremy Kirk IDG News Service February 25, 2013 Bit9 said a common Web application vulnerability was responsible for allowing hackers to ironically use the security vendor’s systems as a launch pad for attacks on other organizations. Based in Waltham, Massachusetts, the company sells a security platform that is designed in part to stop hackers from installing their own malicious software. In an embarrassing admission, Bit9 said earlier this month that it neglected to install its own software on a part of its network, which lead to the compromise. In a more detailed explanation on its blog on Monday, Bit9 said attackers gained access by exploiting a SQL injection flaw in one of its Internet-facing Web servers. A SQL injection flaw can allow a hacker to enter commands into a web-based form and get the backend database to respond. The compromise happened around July 2012, wrote Bit9’s CTO Harry Sverdlove. Once inside Bit9, the hackers accessed a virtual machine used to digitally sign code for Bit9, a security measure that verifies the company’s code is legitimate. […] ______________________________________________ Visit the InfoSec News Security Bookstore Best Selling Security Books and More! http://www.shopinfosecnews.org


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Server hack prompts call for cPanel customers to take “immediate action”

http://arstechnica.com/security/2013/02/server-hack-prompts-call-for-cpanel-customers-to-take-immediate-action/ By Dan Goodin Ars Technica Feb 22 2013 The providers of the cPanel website management application are warning some users to immediately change their systems’ root or administrative passwords after discovering one of its servers has been hacked. In an e-mail sent to customers who have filed a cPanel support request in the past six months, members of the company’s security team said they recently discovered the compromise of a server used to process support requests. “While we do not know if your machine is affected, you should change your root level password if you are not already using SSH keys,” they wrote, according to a copy of the e-mail posted to a community forum. “If you are using an unprivileged account with ‘sudo’ or ‘su’ for root logins, we recommend you change the account password. Even if you are using SSH keys we still recommend rotating keys on a regular basis.” The e-mail advised customers to take “immediate action on their own servers,” although team members still don’t know the exact nature of the compromise. Company representatives didn’t respond to an e-mail from Ars asking if they could rule out the possibility that customer names, e-mail addresses, or other personal data were exposed. It’s also unclear whether the company followed wide-standing recommendations to cryptographically protect passwords. So-called one-way hashes convert plain-text passwords into long unique strings that can only be reversed using time-consuming cracking techniques. This post will be updated if cPanel representatives respond later. […] ______________________________________________ Visit the InfoSec News Security Bookstore Best Selling Security Books and More! http://www.shopinfosecnews.org


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Annoying and laughable ‘hacker case’

http://english.peopledaily.com.cn/90883/8142350.html By Meng Yan and Zhou Yong People’s Daily Online February 25, 2013 Recently, Mandiant, a U.S. network security company released a report saying “China’s military is involved in the hacker attacks”. The Ministry of Foreign Affairs and the Department of Defense have responded to the relevant slanders. The U.S. companies and media successively created “hacker cases” with “no factual basis”. Their behavior is annoying and laughable. It’s laughable first because they are unprofessional. The conclusion “the attack source comes from China” is drawn merely based on the communication correlations of IP address. Is not that conclusion too naive? Second, U.S. media does not get tired of playing the same old tune. It is not difficult to find a sense of “deja vu” in their approach of hyping Chinese military network hackers. Two years ago, the United States referred to Shandong Lanxiang Vocational School as a “Chinese hacker camp” with military background, and listed an enterprise in Hebei Hengshui and a university in Henan Zhengzhou as “network militias”, which all resulted a mere joke. Now they play the exact same game again and, out of nowhere, claim that a troop stationed in Shanghai is the headquarters of hackers of the People’s Liberation Army. Regarding network attacks, China suffered a lot of harm. The United States does have no control over the attacks from its side. However, it constantly accuses China of attacking. It is not fair game. Fourth, their behavior is laughable because of their irresponsibility. China-US relations are one of the most important bilateral relations in the world today. Strategic mutual trust between the two powers is very important to the maintenance of world peace and development. Chinese law forbids hacker attacks that undermine Internet security. Chinese government applies stringent regulations on using the Internet. Chinese army never supports any kind of network hacker activity. However, some U.S. companies and media, for a variety of purposes, deliberately created and spread the “China hacker threat theory” which is undoubtedly destructive to the overall situation of China-US relations and extremely irresponsible. A U.S. company published a report saying China’s official has paid enough “due respect” by coming forward with a response. Indeed, there is no need to say anything to such ridiculous unprofessional hype. But because they are being too mean and irresponsible, we must laugh at any false accusation and set things straight. ______________________________________________ Visit the InfoSec News Security Bookstore Best Selling Security Books and More! http://www.shopinfosecnews.org


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Cyber-Attackers Most Often Target Nine Business Apps: Research Report

http://www.eweek.com/security/cyber-attackers-most-often-target-nine-business-apps-research-report/ By Robert Lemos eWEEK.com 2013-02-23 An analysis of exploit and malware traffic inside corporate networks found that social networks account for few attacks, while 97 percent of exploit traffic focused on 10 applications, nine of which were critical business applications. The analysis of log data from 3,056 companies underscores that internal corporate applications, not multimedia and social-networking applications, are the focus of attackers, said Matt Keil, a senior research analyst with Palo Alto Networks, which compiled the report. Attackers directed most of their malicious traffic at ports used for communication with Microsoft’s SQL and remote procedure calls (RPC), Web browsers and the Server Message Block (SMB) protocol, a common way of sharing access to file servers and printers, according to the report. The other network and application access protocols include Active Directory, Domain Name System (DNS), Microsoft Office Communicator, Microsoft SQL Monitor and Session Initiation Protocol (SIP). […] ______________________________________________ Visit the InfoSec News Security Bookstore Best Selling Security Books and More! http://www.shopinfosecnews.org


Facebooktwittergoogle_plusredditpinterestlinkedinmail