10.6.1 released with Flash fix, Leopard gets security update
By chris.foresman@arstechnica.com (Chris Foresman) on update
Apple has released a slew of OS updates this afternoon. Snow Leopard and Snow Leopard server get a bump to 10.6.1, including the latest Flash Player installer which caused quite a row last week. Security update 2009-005 is also available for client and server version of Leopard and Tiger.
Mac OS X Snow Leopard moves to version 10.6.1, just shy of two weeks since its initial release. It addresses a number of issues we reported on last week, such as printer driver compatibility, random issues with DVD playback, some issues with Mail and certain SMTP servers, and compatibility with Motion 4. It also includes the latest 10.0.32.18 version of Adobe's Flash Player plug-in, which might have gotten overwritten with a slightly older version if you had already updated Flash and then installed Snow Leopard. Snow Leopard Server 10.6.1 gets all these fixes as well as improved reliability of processes running under Grand Central Dispatch and a fix for servers with multiple network interfaces reporting a duplicate serial number in use.
CNET News - Security
Snow Leopard update fixes Adobe Flash issue
By Jim Dalrymple
Apple on Thursday released a relatively minor update for Mac OS X Snow Leopard that fixes an issue users had with the operating system that downgraded them to an older version of Adobe Systems' Flash Player.
(Credit: Apple)
When Apple released Snow Leopard on August 28, it included an older ...
Originally posted at News - Apple
Symantec tool calculates your data's value to thieves
By Elinor Mills
It's no secret that criminals are stealing credit card and bank account data and selling it underground. But most people would find it shocking to learn just how little their sensitive personal information costs.
Symantec on Thursday is launching its Norton Online Risk Calculator, ...
Originally posted at InSecurity Complex
Darknet - The Darkside
Ethical Hacking, Penetration Testing & Computer Security
One Of The World’s Most Prolific Music Piracy Groups Busted
By Darknet on rns busted
Seems like the Feds have been busy in recent year, all kinds of hackers, phishers an dnow pirates are getting arrested and imprisoned for some serious jailtime. The latest in this strung of busts is the music piracy ground RNS or Rabid Neurosis, very eminent in the scene in the late 90s/early 2000s. With P2P and people [...]
DarkReading - All Stories
DarkReading
New iPhone Anti-Phishing Feature Fails
Researchers discover iPhone OS 3.1's anti-phishing feature is not working properly
DarkReading - Security News
DarkReading
Fulton Innovation Partners with Sennco Solutions to Bring Wireless Power to Retail Security
Gomez to Present Web Performance Testing Best Practices Webinar Featuring Leading Market Research Firm
Federal Computer Week: Security News
Aides defend presidential powers in cybersecurity bill
Senate aides familiar with proposed comprehensive cybersecurity legislation say the bill would clarify the president’s authority for dealing with a cyberattack, not give the government sweeping new powers.
Contractors lose bid to suspend E-Verify enforcement
A second attempt to delay the E-Verify rule from becoming effective for federal contractors has failed
Do federal hiring processes discourage qualified applicants?
Although officials lament the shortage of qualified IT security professionals to fill critical roles in government ranks, one frustrated applicant complains that cumbersome hiring policies discourage those who want the jobs.
InformationWeek Security News
InformationWeek
Gov 2.0: Roadblocks Remain For Transparency
By J. Nicholas Hoover
Speaking at the Gov 2.0 Summit, federal CIO Vivek Kundra said infrastructure upgrades will likely be required.
Gov 2.0: FBI Official Fills In As Acting Cybersecurity Chief
By J. Nicholas Hoover
The FBI's Chris Painter steps in temporarily as federal CTO Aneesh Chopra expects a permanent appointee to be named in the "not too distant future.
InSecurity Complex
Keeping tabs on flaws, fixes, and the people behind them.
Phones at Burning Man: Can you hear me now?
By Elinor Mills
BLACK ROCK CITY, Nev.--Burning Man is not just an alternative culture event; it's increasingly a commercial cellular opportunity, and that has purists fuming.
For one week, participants leave behind their work and more mundane matters, and immerse themselves in an alternate reality, recharging their creative energy and drawing ...
Symantec tool calculates your data's value to thieves
By Elinor Mills
It's no secret that criminals are stealing credit card and bank account data and selling it underground. But most people would find it shocking to learn just how little their sensitive personal information costs.
Symantec on Thursday is launching its Norton Online Risk Calculator, ...
McAfee Avert Labs
Cutting edge security research as it happens.......
Chinese Pharmacy Spam and Our Monthly Spam Report
By David Marcus on Web and Internet Safety
The recent onslaught of “Chinese pharmacy” spam and the DDoS attacks that took down Twitter, Facebook, and others have caused a frenzy of speculation about the Chinese government’s involvement in spam generation and acts of cyberterrorism. McAfee’s September 2009 Spam Report debunks these rumors and gets to the root of the cause. The report reveals the [...]
Searching for Malware Data Likely to Lead to More Malware
By Craig Schmugar on Web and Internet Safety
It’s been a while since I blogged about Google Trends being abused to serve malware. However, recent attention around Google search poisoning led to me to check on things. It seems the attackers are being more selective in the search terms that they target–favoring those that have something to do with computer security. Hunting for poisoned search [...]
Network World on Security
The latest security news, analysis, reviews and feature articles from NetworkWorld.com.
Apple fixes Flash snafu in Snow Leopard, patches 33 bugs in Leopard
Less than two weeks after Apple launched Snow Leopard, the company today issued the new operating system's first security update. In a separate upgrade, Apple patched 33 vulnerabilities in 2007's Leopard, and about half as many in the even older Tiger.
Symantec Calculates Your Identity's Black-Market Value
Symantec has unveiled a new tool that gathers some basic information about you and the links between your financial information and the Internet, then calculates what the value of your identity would be on the black market. The value it comes up with is sobering at best.
NSS Labs to do more security-product testing without vendor funding
For several years NSS Labs has mainly done vendor-sponsored testing of security products in its Austin, Texas evaluation lab, but the firm is now shifting its focus to do many more independent self-funded projects for test reports that will be labeled as such.
How much are you worth on the black market?
Ever wondered how much your online identity is worth to a cybercriminal? A new tool from Symantec Corp. will perform the calculation for you.
iPhone 3.1 Breaking Exchange E-Mail for iPhone 3G Users?
Reports suggest that a feature within Apple's brand new iPhone 3.1 software update is disabling corporate Microsoft Exchange e-mail access for some first-gen iPhone and iPhone 3G users, though owners of Apple newest smartphone, iPhone 3GS, seem to be unaffected.
Mozilla patches 10 Firefox 3.5 vulnerabilities
Mozilla on Wednesday patched 10 security vulnerabilities in Firefox 3.5, all but one ranked critical, as it delivered the first update that automatically checks for outdated versions of the popular Flash Player plug-in.
Symantec launches Norton 2010 security software
Symantec has unveiled its latest security software - Norton Internet Security 2010 and Norton AntiVirus 2010.
Phishing attacks fell by 45% in August
Phishing attacks in August were down 45 percent on the number reported in July, says Symantec.
Customers need to designate a specific backup cloud-services provider
There’s been a flurry of vendors offering up open APIs they say can be used by other vendors to promote interoperability in the cloud.
Man pleads guilty in Wal-Mart card phishing scheme
A Sacramento, California, man has pleaded guilty to charges for his role in an international scam that netted sensitive information on tens of thousands of Internet users and then used that data to open fraudulent Wal-Mart credit cards.
The Register - Security
Biting the hand that feeds IT
Apple unloads 47 fixes for iPhones, Macs and QuickTime
Monster security patch batch
Apple has issued fixes for more than 47 security bugs in the Mac, iPhone and QuickTime media player, some that allowed attackers to take complete control of the underlying device.…
Feds bust world's most prolific music piracy ring
Rabid Neurosis institutionalized
Six men have been accused of running the world's most prolific music piracy ring, an online crew federal prosecutors allege delivered more than 25,000 copyrighted albums, often before they were officially released.…
iPhone anti-phishing protection goes AWOL
It just doesn't work
An anti-phishing feature hyped by Apple marketers has gone AWOL from the iPhone, according to two independent researchers who say the feature simply does not work.…
Obama closes in on cybersecurity czar appointment
Former Clinton-era Pentagon official emerges as front runner
US President Barack Obama is reportedly close to appointing a new White House cybersecurity chief.…
Firefox update quells quartet of security vulns
Alka-seltzer patches also soothe stability wobbles
Mozilla pushed out a new version of Firefox on Wednesday fixing four security bugs and a number of stability issues.…
SANS Internet Storm Center, InfoCON: green
Firefox 3.5.3 and 3.0.14 has been released, (Thu, Sep 10th)
Thanks to all those who have sent in overnight submissions to alert us to the release of Firefox 3.5 ...(more)...
SearchSecurity: Security Wire Daily News
The latest information security news on IT threats, vulnerabilities and market trends from the award-winning SearchSecurity.com.
Trustwave acquires data loss prevention vendor Vericept
By Neil Roiter
MSSP and PCI compliance firm buys one of dwindling field of independent DLP vendors.
Security vendors can learn from ConSentry Networks demise
By Eric Ogren
The switch-oriented NAC vendor serves as a sad reminder that security often only has niche appeal, says security expert Eric Ogren.
SecuriTeam
Welcome to the SecuriTeam RSS Feed - sponsored by Beyond Security. Know Your Vulnerabilities! Visit BeyondSecurity.com for your web site, network and code security audit and scanning needs.
Windows Vista/7 : SMB2.0 NEGOTIATE PROTOCOL REQUEST Remote System Crash
Windows Vista now comes with SMB version 2. An attacker can remotly crash any Vista/Windows 7 machine with SMB2 enabled with no user interaction required.
Security - RSS Feeds
Security - RSS Feeds
Trustwave Buys Vericept for Data Loss Prevention
Trustwave acquires Vericept in a move to expand its footprint in data loss prevention and data security. Trustwave's purchase is in line with a string of buys in the DLP space over the past two years by companies ranging from McAfee to Symantec to Trend Micro.
- Security vendor Trustwave is buying its way into the data loss prevention space with the acquisition of Vericept. The financial details of the deal are under wraps. However, officials at Trustwave say the buy combines Vericepts data loss prevention (DLP) technology with Trustwaves portfolio of...
Security Fix
Brian Krebs on computer and Internet security
Clamping Down on the 'Clampi' Trojan
In Latest Warnings
Finding the notorious Clampi banking Trojan on a computer inside your network is a little like spotting a single termite crawling into of a crack in the wall: Chances are, the unwelcome little intruder is part of a much larger infestation. At least, that's the story told by two businesses which recently discovered Clampi infections, compromises that handed organized cyber gangs the access they needed to steal tens of thousands of dollars. In early August, attackers used Clampi to swipe the online banking credentials assigned to the Sand Springs Oklahoma School District. The thieves then submitted a series of bogus payroll payments, totaling more than $150,000, to accomplices they had hired throughout the United States. Sand Springs Superintendent Lloyd Snow said the district has since been able to get about half of those transfers reversed, while the district's bank graciously covered the rest of the loss. Initially, Snow said, suspicion
Updates Plug iPhone, QuickTime Security Holes
In New Patches
Apple has shipped a security update to fix multiple vulnerabilities in the iPhone and iPod Touch. The company also pushed out a patch to plug security holes in Windows and Mac versions of its QuickTime media player. The iPhone update -- version 3.1 -- includes at least 10 security fixes, and several minor new features, such as the ability to better organize apps in iTunes and to download ring tones wirelessly. Apple also issued an update for its iPod Touch (v. 3.1.1) that includes a short list of new features. The QuickTime update brings that software to version 7.6.4 and fixes at least four separate security problems. Apple users can grab the update via Software Update, while Windows users will need to use the bundled Apple Software Updates application. The iPhone and iPod Touch updates are only available through iTunes.
SecurityFocus News
SecurityFocus is the most comprehensive and trusted source of security information on the Internet. We are a vendor-neutral site that provides objective, timely and comprehensive security information to all members of the security community, from end users, security hobbyists and network administrators to security consultants, IT Managers, CIOs and CSOs.
Brief: Apple shutters flaws in QuickTime, iPhone
Apple shutters flaws in QuickTime, iPhone
TaoSecurity
Richard Bejtlich's blog on digital security and the practices of network security monitoring, incident response, and forensics.
Information Security Position in GE Aviation
By Richard Bejtlich
My colleagues in GE Aviation are looking for a candidate for a client computing architect. The focus will be Microsoft Windows platforms. According to the hiring manager, the following are desired:
- 50% leadership / 50% technical mix
- Strong leadership, program management, and influence skills
- Strong communication skills; the candidate will work with business and Corporate teams
- Security and technical skills, such as a strong command of Windows features and defenses
If interested, search for job 1055733 at ge.com/careers or go to the job site to get to the search function a little faster. Please do not contact me directly. Thank you.
Copyright 2003-2009 Richard Bejtlich and TaoSecurity (taosecurity.blogspot.com and www.taosecurity.com)
Open Source Vulnerability Disclosure with FreeBSD
By Richard Bejtlich
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=============================================================================
FreeBSD-SA-09:11.ntpd Security Advisory
The FreeBSD Project
Topic: ntpd stack-based buffer-overflow vulnerability
Category: contrib
Module: ntpd
Announced: 2009-06-10
Credits: Chris Ries
Affects: All supported versions of FreeBSD.
Corrected: 2009-06-10 10:31:11 UTC (RELENG_7, 7.2-STABLE)
2009-06-10 10:31:11 UTC (RELENG_7_2, 7.2-RELEASE-p1)
2009-06-10 10:31:11 UTC (RELENG_7_1, 7.1-RELEASE-p6)
2009-06-10 10:31:11 UTC (RELENG_6, 6.4-STABLE)
2009-06-10 10:31:11 UTC (RELENG_6_4, 6.4-RELEASE-p5)
2009-06-10 10:31:11 UTC (RELENG_6_3, 6.3-RELEASE-p11)
CVE Name: CVE-2009-1252
For general information regarding FreeBSD Security Advisories,
including descriptions of the fields above, security branches, and the
following sections, please visit.
We very clearly see all affected FreeBSD versions which are not end of life.
I. Background
The ntpd(8) daemon is an implementation of the Network Time Protocol (NTP)
used to synchronize the time of a computer system to a reference time
source.
Autokey is a security model for authenticating Network Time Protocol
(NTP) servers to clients, using public key cryptography.
II. Problem Description
The ntpd(8) daemon is prone to a stack-based buffer-overflow when it is
configured to use the 'autokey' security model.
III. Impact
This issue could be exploited to execute arbitrary code in the context of
the service daemon, or crash the service daemon, causing denial-of-service
conditions.
The Background, Problem Description, and Impact are very clear.
IV. Workaround
Use IP based restrictions in ntpd(8) itself or in IP firewalls to
restrict which systems can send NTP packets to ntpd(8).
Note that systems will only be affected if they have the "autokey" option
set in /etc/ntp.conf; FreeBSD does not ship with a default ntp.conf file,
so will not be affected unless this option has been explicitly enabled by
the system administrator.
The workaround is NOT the "solution." Using an IP firewall does not make the FreeBSD "unaffected." The vulnerability is present with or without a firewall.
V. Solution
Perform one of the following:
1) Upgrade your vulnerable system to 6-STABLE, or 7-STABLE, or to the
RELENG_7_2, RELENG_7_1, RELENG_6_4, or RELENG_6_3 security branch
dated after the correction date.
2) To patch your present system:
The following patches have been verified to apply to FreeBSD 6.3, 6.4,
7.1, and 7.2 systems.
a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility.
[FreeBSD 6.3]
# fetch http://security.FreeBSD.org/patches/SA-09:11/ntpd63.patch
# fetch http://security.FreeBSD.org/patches/SA-09:11/ntpd63.patch.asc
[FreeBSD 6.4 and 7.x]
# fetch http://security.FreeBSD.org/patches/SA-09:11/ntpd.patch
# fetch http://security.FreeBSD.org/patches/SA-09:11/ntpd.patch.asc
b) Execute the following commands as root:
# cd /usr/src
# patch # cd /usr/src/usr.sbin/ntp/ntpd
# make obj && make depend && make && make install
# /etc/rc.d/ntpd restart
VI. Correction details
The following list contains the revision numbers of each file that was
corrected in FreeBSD.
CVS:
Branch Revision
Path
- -------------------------------------------------------------------------
RELENG_6
src/contrib/ntp/ntpd/ntp_crypto.c 1.1.1.3.8.3
RELENG_6_4
src/UPDATING 1.416.2.40.2.9
src/sys/conf/newvers.sh 1.69.2.18.2.11
src/contrib/ntp/ntpd/ntp_crypto.c 1.1.1.3.8.1.2.2
RELENG_6_3
src/UPDATING 1.416.2.37.2.16
src/sys/conf/newvers.sh 1.69.2.15.2.15
src/contrib/ntp/ntpd/ntp_crypto.c 1.1.1.3.20.2
RELENG_7
src/contrib/ntp/ntpd/ntp_crypto.c 1.1.1.3.18.3
RELENG_7_2
src/UPDATING 1.507.2.23.2.4
src/sys/conf/newvers.sh 1.72.2.11.2.5
src/contrib/ntp/ntpd/ntp_crypto.c 1.1.1.3.18.2.2.1
RELENG_7_1
src/UPDATING 1.507.2.13.2.9
src/sys/conf/newvers.sh 1.72.2.9.2.10
src/contrib/ntp/ntpd/ntp_crypto.c 1.1.1.3.18.1.2.2
- -------------------------------------------------------------------------
Subversion:
Branch/path Revision
- -------------------------------------------------------------------------
stable/6/ r193893
releng/6.4/ r193893
releng/6.3/ r193893
stable/7/ r193893
releng/7.2/ r193893
releng/7.1/ r193893
- -------------------------------------------------------------------------
Administrators and users have multiple options to fix the system. Not listed is using FreeBSD Update to perform a binary update, which I personally prefer. Furthermore, using this information, we can determine exactly what the problem is.
First, we can download http://security.freebsd.org/patches/SA-09:11/ntpd.patch and see the patch itself in clear text.
Second, we can visit the http://www.freebsd.org/cgi/cvsweb.cgi/src/contrib/ntp/ntpd/ntp_crypto.c CVS tree for ntp_crypto.c to find the vulnerable code. We can then review changes between vulnerable and patched versions ourselves.
VII. References
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1252
The latest revision of this advisory is available at
http://security.FreeBSD.org/advisories/FreeBSD-SA-09:11.ntpd.asc
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (FreeBSD)
iEYEARECAAYFAkovjOwACgkQFdaIBMps37KRpwCfaQF9q8KhElv6LqgFv3DX2h9c
hbEAn2Q0X8Qv8r5OySnhlAw2pMxlxkXK
=Mh2u
-----END PGP SIGNATURE-----
Overall, I prefer this level of transparency. If you think that exposing this level of information is "bad for security," consider the following.
- First class intruders know about vulnerabilities before anyone else because they are constantly performing funded research to find them. They produce and test their own exploits.
- Second class intruders only need a hint to direct their resources towards identifying vulnerabilities. In other words, once they hear of a weakness in a protocol or service, they swing their attention to that target and develop exploits. They produce and test their own exploits.
- Third class intruders know how to reverse engineer vulnerabilities from binary patches released by the vendor. They produce and test their own exploits.
- Fourth class intruders use exploits leaked from higher classes to determine if systems are vulnerable. They test others' exploits.
- Administrators without Blue and Red teaming capabilities have to trust that the vendor is honest and competent. They can't test anything so they don't know if they are really vulnerable or not, pre- or post-patch.
So, keeping source code hidden only really hinders fourth class intruders to a certain degree, and it definitely hinders administrators who lack Blue and Red capabilities.
Copyright 2003-2009 Richard Bejtlich and TaoSecurity (taosecurity.blogspot.com and www.taosecurity.com)
Microsoft Updates MS09-048 to Show XP Vulnerable to 2 of 3 CVEs
By Richard Bejtlich
This is an important development. It is significant to acknowledge that an operating system is vulnerable despite the potential to add a countermeasure. In other words, countermeasures do not remove vulnerabilities.
The company also updated the FAQ:
If Windows XP is listed as an affected product, why is Microsoft not issuing an update for it?
By default, Windows XP Service Pack 2, Windows XP Service Pack 3, and Windows XP Professional x64 Edition Service Pack 2 do not have a listening service configured in the client firewall and are therefore not affected by this vulnerability. The denial of service attacks require a sustained flood of specially crafted TCP packets, and the system will recover once the flood ceases. This makes the severity rating Low for Windows XP. Additionally, Windows XP Service Pack 2 and later operating systems include a stateful host firewall that provides protection for computers against incoming traffic from the Internet or from neighboring network devices on a private network.
Windows XP is not affected by CVE-2009-1925.
As you can see, Microsoft is sticking with the "firewall" defense (and they forgot to remove the "not affected by this vulnerability" language from version 1.0 of the bulletin. This is still not acceptable.
Microsoft did clarify that CVE-2009-1925, TCP/IP Timestamps Code Execution Vulnerability, does not apply to Windows XP. That is good news.
So, what can you do? I would like to hear from anyone who is testing XP SP2 or SP3 for TCP/IP Zero Window Size Vulnerability - CVE-2008-4609 and TCP/IP Orphaned Connections Vulnerability - CVE-2009-1926. How does XP respond? Thus far @jkrage mentioned blue screens for the two DoS conditions. Can anyone else reproduce this? If yes, how?
Thank you.
Copyright 2003-2009 Richard Bejtlich and TaoSecurity (taosecurity.blogspot.com and www.taosecurity.com)
Yahoo! News: Security News
Security News
Straight to the Spam Folder: Astonishing E-Mail Messages You'll Never Open (PC World)
In technology
PC World - Spamming is an underappreciated art form. In fact, "hated" may be a more accurate adjective.
Race is On to Patch Critical Windows Flaw (PC World)
In technology
PC World - Security experts are concerned about the potential impact of a new security hole affecting the Windows operating system. The potential exists to create a worm that would allow an attacker to take complete control of vulnerable systems without any user interaction--a jackpot for malware developers.
Zero Day
Tracking the hackers
Apple plugs 33 Mac OS X security holes, updates Flash on Leopard
By Ryan Naraine on Responsible disclosure
Apple today shipped another Mac OS X mega-update with fixes for at least 33 serious security problems affecting Mac OS X users.
iPhone's anti-phishing protection offers inconsistent results
By Dancho Danchev on iPhone
Apple’s iPhone OS 3.1 update includes a new fraud warning feature which is at least theoretically, supposed to warn users when visiting fraudulent websites in Safari Mobile. However, due to a flawed implementation in the update mechanism, the feature — enabled by default — is offering inconsistent results based on the tests performed by security company [...]
Citizens Financial sued for insufficient E-Banking security
By Dancho Danchev on Viruses and Worms
If a fraudulent transaction ever takes place on one of your bank accounts due to their compromise, who’s to blame - the bank, for not providing you as a customer with state-of-the-art security mechanisms that could have prevented it, or you, as a customer whose insecure online behavior led to the compromise at the first [...]
Cutwail botnet spamming 'IRS unreported income' themed malware
By Dancho Danchev on Web 2.0
Researchers from MX Logic — now part of McAfee — have intercepted a new malware campaign spammed by the Pushdo/Cutwail botnet, that’s using an ‘IRS unreported income‘ notices in an attempt to trick the recipients into downloading a tax-statement.exe executable. The Pushdo/Cutwail botnet remains among the most aggressively spamming cybercrime platforms, with the latest campaign traffic [...]
[Sponsored]
Mozilla patches 'drive-by download' security flaws
By Ryan Naraine on Responsible disclosure
Mozilla has released a new version of its flagship Firefox browser to fix 10 vulnerabilities that put Web surfers at risk of code execution attacks.
Posts
No comments:
Post a Comment