[ISN] InfoSec News Mailing List

Canadian IT Exec Accused Of Stealing Customer Database

InfoSec News: Canadian IT Exec Accused Of Stealing Customer Database: http://www.darkreading.com/security/attacks/showArticle.jhtml?articleID=212201246
By Tim Wilson DarkReading Dec 01, 2008
An IT manager of a Canadian direct marketing firm has been accused of absconding with a copy of the company's customer database. [...]

Fraunhofer SIT certifies BlackBerry security

InfoSec News: Fraunhofer SIT certifies BlackBerry security: http://www.heise-online.co.uk/news/Fraunhofer-SIT-certifies-BlackBerry-security--/112084
heise online UK 27 November 2008
Two years ago, the Fraunhofer Institute for Secure Information Technology (SIT) in Darmstadt presented the first results of a study commissioned by Research in Motion (RIM). [...]

Remote SCADA for mobile users

InfoSec News: Remote SCADA for mobile users: http://www.pacetoday.com.au/Article/Remote-SCADA-for-mobile-users/432504.aspx
By Sarah Falson PACE 01 December 2008
CitectSCADA users can now access plant and security information from their SCADA network via their PDA, thin-client terminal or laptop [...]

CBS website bitten by iFrame hack

InfoSec News: CBS website bitten by iFrame hack: http://www.techworld.com/security/news/index.cfm?newsID=107833
By John E. Dunn Techworld 01 December 2008
TV network CBS has become the latest big name to have it website used to host malware, a security company has reported.
It appears that Russian malware distributors were able to launch another iFrame attack on a sub-domain of the cbs.com site so that it was serving remote malware to any visitors. A user's vulnerability to the malware attack launched by the site hack would depend on a number of factors, including the type of security used on a PC, the operating system, and possibly the browser version.
"This saga confirms our many previous warnings that obfuscated code posing a serious threat to Internet users' PCs, said Finjan CTO, Yuval Ben-Itzhak, who has devoted a fair amount of time in recent months to finding these hacks.
"Our Threats Reports have continued to identify the increasing use of code obfuscation as a means of bypassing traditional signature-based solutions in order to propagate malware," Ben-Itzak continued, taking a pop at the anti-virus products against which his company in part competes.
[...]

Easter Bunny Continues to Compromise US Military Computers

InfoSec News: Easter Bunny Continues to Compromise US Military Computers: Forwarded from: "J. Oquendo" <sil (at) infiltrated.net>
More humorous news from the "Chinese invades the US Infrastructure" front. I don't know about anyone else, but imagine me stating: "I saw Tom Jones steal my car but I can't be sure it was Tom Jones... [...]

Join IANS for the Pacific Information Security Forum on December 2-3, 2008

InfoSec News: Join IANS for the Pacific Information Security Forum on December 2-3, 2008: Join IANS for the Pacific Information Security Forum on December 2-3, 2008 at the San Francisco Marriott in San Francisco, CA.
Information Security Forums employ a unique discussion format borrowed from the Harvard Business School teaching method. IANSâ€™ Faculty [...]

Cyber-attack on Defense Department computers raises concerns

InfoSec News: Cyber-attack on Defense Department computers raises concerns: http://www.latimes.com/news/nationworld/nation/la-na-cyberattack28-2008nov28,0,6441140.story
By Julian E. Barnes Los Angeles Times November 28, 2008
Reporting from Washington -- Senior military leaders took the exceptional step of briefing President Bush this week on a severe and [...]

Linux Advisory Watch: November 28th, 2008

InfoSec News: Linux Advisory Watch: November 28th, 2008: +----------------------------------------------------------------------+ | LinuxSecurity.com Weekly Newsletter | | November 28th, 2008 Volume 9, Number 48 | | | [...]

Iran executes IT expert who spied for Israel

InfoSec News: Iran executes IT expert who spied for Israel: http://www.timesonline.co.uk/tol/news/world/middle_east/article5258057.ece
By Uzi Mahnaimi in Tel Aviv The Sunday Times November 30, 2008
A COMPUTER expert has been executed in Iran after he confessed to working for Mossad, the Israeli intelligence service. [...]

Secunia Weekly Summary - Issue: 2008-48

InfoSec News: Secunia Weekly Summary - Issue: 2008-48: ========================================================================
The Secunia Weekly Advisory Summary 2008-11-20 - 2008-11-27
This week: 60 advisories [...]

Stolen laptop leads to drug bust

InfoSec News: Stolen laptop leads to drug bust: http://www.gbtribune.com/localnews.php?sid=da637b7
By SUSAN THACKER gbtribune.com 11/27/2008
Security software built into a stolen laptop computer led police to a Hoisington residence on Tuesday. Authorities not only found the computer, but they also uncovered what appears to be a methamphetamine lab.
Detective Denton Doze at the Great Bend Police Department said the $9,000 computer, along with hand tools and power tools, was stolen during a burglary reported last Friday at the My Town project, 1419 Main Street.
The first time someone went online with the missing laptop, the manufacturer tracked it through the e-mail and notified police. Detective Doze got a search warrant for the residence of Dennis L. Price at 413 Maple Street in Hoisington. The Hoisington Police Department, including Chief Kenton Doze (the Great Bend detective's brother), and the Barton County Sheriff's Office were involved in executing the warrant. Their search began around 11 a.m. Tuesday.
"The computer was on the living room floor," Detective. Doze said. During the search for the missing hand tools, suspected drugs were found and it was Hoisington Police Chief Kenton Doze's turn to get a search warrant.
[...]