********************** SPONSORED BY SAINT Corporation ******************
SAINT is the FIRST product to receive USGCB validation by NIST. SAINT provides both FDCC and USGCB SCAP scanning policies. http://www.sans.org/info/96254
************************************************************************** TRAINING UPDATE
--SANS Security East 2012, New Orleans, LA January 17-26, 2012 11 courses. Bonus evening presentations include Advanced VoIP Pen Testing: Current Threats and Methods; and Helping Small Businesses with Security. http://www.sans.org/security-east-2012/
--SANS North American SCADA 2012, Lake Buena Vista, FL January 21-29, 2012 Gain the most current information regarding SCADA and Control System threats and learn how to best prepare to defend against them. Hear what works and what doesn't from peer organizations. Network with top individuals in the field of SCADA security. Return from the summit with solutions that you can immediately put to use in your organization. Pre-Summit courses: January 21-25, 2012 Summit: January 26-27, 2012 Post-Summit Courses: January 28-29, 2012 http://www.sans.org/north-american-scada-2012/
--SANS Monterey 2012, Monterey, CA January 30-February 4, 2012 6 courses. Bonus evening presentations include Who Do You Trust? SSL and TLS Under Attack; and IOS Programming Demo. http://www.sans.org/monterey-2012/
--SANS Phoenix 2012, Phoenix, AZ February 13-18, 2012 7 courses. Bonus evening presentations include Desktop Betrayal: Exploiting Clients Through the Features They Demand; and Windows Exploratory Surgery with Process Hacker. http://www.sans.org/phoenix-2012/
--SANS Secure Singapore 2012, Singapore, Singapore March 5-17, 2012 5 courses. Bonus evening presentations include Introduction to Windows Memory Analysis; and Why Our Defenses are Failing Us: One Click is All It Takes ... http://www.sans.org/singapore-2012/
--SANS 2012, Orlando, FL March 23-39, 2012 42 courses. Bonus evening presentations include Exploiting Vulnerabilities: 60 Minutes from Discovery to Exploit; Evolving Threats; and Harbinger of Evil: The Forensic Art of Finding Malware. http://www.sans.org/sans-2012/
More Stolen Stratfor Data Posted (December 30, 2011)
The group responsible for breaking into computer systems at Stratfor Global Intelligence and stealing data has posted another round of information to the Internet. The data are reportedly names and associated credit card numbers of people who have bought research information from Stratfor, as well as the user names and email addresses of people who have registered with the Stratfor website. Members of the loosely organized hacker group that calls itself Anonymous are believed to be responsible for the data theft and exposure. -http://www.computerworld.com/s/article/9223082/Hacking_group_releases_more_Strat for_subscriber_data?taxonomyId=17 [Editor's Note (Honan): The Tech Herald has an interesting analysis on the passwords that were leaked. Given the professional profile of the people using the Stratfor website I find it disheartening to see that many were using simple and easy to guess passwords -http://www.thetechherald.com/articles/Report-Analysis-of-the-Stratfor-Password-L ist]
************************** SPONSORED LINK ****************************
1) What devices are accessing what resources and by whom? Take the SANS first annual mobility survey and be entered to win a $250 American Express Card Giveaway when results are announced in late March at SANS 2012! Follow this link to the survey: http://www.sans.org/info/96259
GCHQ Will Offer Incentives to Retain Key Officers (December 31, 2011)
The UK government has approved a package of bonuses and incentives that will help GCHQ (the government communications headquarters) keep key officers who would otherwise be lured away to private companies like Microsoft and Google by large pay packages. Last year, GCHQ director Iain Lobban told MPs that he was having a difficult time retaining valuable staff in the face of lucrative offers from private companies. -http://www.dailymail.co.uk/news/article-2080841/Spies-bonuses-halt-Google-poache rs-pay-times-GCHQ.html
Facebook's White Hat Visa Debit Cards for Bug Hunters (December 31, 2011)
Facebook has started giving out White Hat Visa debit cards to bug hunters. Facebook began paying bounties for bugs in July 2011. Those reporting the flaws earn a minimum of US $500 and there is no maximum amount; to date, the largest sum Facebook has paid for a vulnerability is US $5,000. The bug hunters must abide by Facebook's responsible Disclosure Policy, which requires that they not publicly disclose the flaw until it has been fixed. -http://news.cnet.com/8301-1009_3-57350464-83/facebook-hands-out-white-hat-debit- cards-to-hackers/ [Editor's Note (Murray): I hope that this is not evidence that FaceBook has adopted late patching as a strategy, rather than as simply one tactic, for security; not evidence that they have given up on doing it right the first time. ]
United Airlines Passenger Data Exposed Online (December 30, 2011)
A woman who was attempting to check her available miles through the United Airlines mobile website found herself viewing information for other people's accounts. Each time she navigated to a different part of the website, she found another person's information. Exposed data included names, Mileage Plus numbers, future itineraries and confirmation codes. When she contacted United about the problem, the company suggested that perhaps someone had used her phone to navigate the site and had not logged off correctly, but no one else had used her phone. A United Airlines spokesperson said the company is looking into the matter but that the woman "didn't have access to sensitive personal information." -http://www.kvue.com/news/United-Passenger-Finds-dozens-of-account-passengers-inf o-online--136455568.html
Over 150 UK Police Officers Disciplined for Inappropriate Facebook Posts (December 30, 2011)
Police in the UK have been disciplined for inappropriate and offensive posts on Facebook. More than 150 officers have faced action for posting inappropriate photographs, using the social networking site to harass colleagues, and making racist comments. At least two officers have been fired for inappropriate Facebook activity. Details of the disciplinary action were obtained through a Freedom of Information Act request; the information includes formal complaints lodged against police officers from the UK and Wales between 2008 and 2010. A government review of police corruption in the UK "found a significant blurring between people's professional lives on social networking sites and their private lives." -http://www.securitynewsdaily.com/uk-police-inappropriate-facebook-behavior-1456/ -http://www.thesun.co.uk/sol/homepage/news/4028553/Cops-fired-over-Facebook-slurs .html [Editor's Note (Murray): Unless you have a policy and training, it is very unlikely that your employees are any better behaved than these officers. You may enjoy the advantage that you are not subject to disclosure under Freedom of Information. On the other hand you may be easier to sue than the police. ]
Hackerspace Global Grid Plans Satellites and Ground Stations (December 30, 2011 & January 1 & 2, 2012)
John Pescatore is Vice President at Gartner Inc.; he has worked in computer and network security since 1978.
Stephen Northcutt founded the GIAC certification and is President of STI, The Premier Skills-Based Cyber Security Graduate School, www.sans.edu.
Dr. Johannes Ullrich is Chief Technology Officer of the Internet Storm Center and Dean of the Faculty of the graduate school at the SANS Technology Institute.
Ed Skoudis is co-founder of InGuardians, a security research and consulting firm, and author and lead instructor of the SANS Hacker Exploits and Incident Handling course.
William Hugh Murray is an executive consultant and trainer in Information Assurance and Associate Professor at the Naval Postgraduate School.
Rob Lee is the curriculum lead instructor for the SANS Institute's computer forensic courses (computer-forensics.sans.org) and a Director at the incident response company Mandiant.
Rohit Dhamankar is a security professional currently involved in independent security research.
Tom Liston is a Senior Security Consultant and Malware Analyst for InGuardians, a handler for the SANS Institute's Internet Storm Center, and co-author of the book Counter Hack Reloaded.
Dr. Eric Cole is an instructor, author and fellow with The SANS Institute. He has written five books, including Insider Threat and he is a founder with Secure Anchor Consulting.
Ron Dick directed the National Infrastructure Protection Center (NIPC) at the FBI and served as President of the InfraGard National Members Alliance - with more than 22,000 members.
Mason Brown is one of a very small number of people in the information security field who have held a top management position in a Fortune 50 company (Alcoa). He is leading SANS' global initiative to improve application security.
David Hoelzer is the director of research & principal examiner for Enclave Forensics and a senior fellow with the SANS Technology Institute.
Alan Paller is director of research at the SANS Institute.
Marcus J. Ranum built the first firewall for the White House and is widely recognized as a security products designer and industry innovator.
Clint Kreitner is the founding President and CEO of The Center for Internet Security.
Brian Honan is an independent security consultant based in Dublin, Ireland.
David Turley is SANS infrastructure manager and serves as production manager and final editor on SANS NewsBites.
Please feel free to share this with interested parties via email, but no posting is allowed on web sites. For a free subscription, (and for free posters) or to update a current subscription, visit http://portal.sans.org/