Hackin9

InfoSec News

Move over, big-screen TVs, cell phones and tablets, because cars might steal the show at next week's International CES.
 

We have received a report from Melvin indicating that he discovered an issue with a D-Link WBR-1310 Version D Release 4.13 router expired when a computer could no longer get a new lease from the router. According to D-Links website, this router would no longer be supported after January 2012 and the year reset to 2002 (valid year is 2002-2012). The D-link router needs to be a DHCP-client to the ISPs DHCP-server. If you are still using this model, when the DHCP lease expires, your router will no longer be serving the correct date and will need to be replaced. DD-WRT isnt an option because this model isnt supported. If you have already already encountered this issue, let us know via our contact page.

[1] http://www.dd-wrt.ca/site/support/router-database

-----------

Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 

Adobe released a security advisory which identifies three vulnerabilities (CVE-2013-0625, CVE-2013-0629, CVE-2013-0631) affecting ColdFusion for Windows, Macintosh and Unix. They have received reports that these vulnerabilities are actively being exploited. Adobe is currently planning to release a fix for January 15, 2013.

Additional information and mitigations options available here.

[1] http://www.adobe.com/support/security/advisories/apsa13-01.html

-----------

Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
Bleeding edge technology isn't always the best, notes Mike Elgan. The best technology is the one you actually use.
 
In the week ending 5 January - News from the 29C3 conference, Ubuntu for phones, Awesome 3.5, Samsung readying a Tizen smartphone, and Nouveau support for GeForce chipsets


 
Internet Storm Center Infocon Status