Hackin9

WhatsApp offers encryption for users' privacy
Daily News & Analysis
Even if hackers are able to crack the encryption code, they will not be able to decipher anything," said A Kaul, assistant vice president for technology at Indian Infosec Consortium, a body of information security professionals. But what has surprised ...

and more »
 

WhatsApp offers encryption for users' privacy
Daily News & Analysis
Even if hackers are able to crack the encryption code, they will not be able to decipher anything," said A Kaul, assistant vice president for technology at Indian Infosec Consortium, a body of information security professionals. But what has surprised ...

and more »
 
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
[security bulletin] HPSBST03568 rev.1 - HP XP7 Command View Advanced Edition Suite including Device Manager and Hitachi Automation Director (HAD), Remote Server-Side Request Forgery (SSRF)
 
[security bulletin] HPSBGN03569 rev.2 - HPE OneView for VMware vCenter (OV4VC), Remote Disclosure of Information
 
Cisco Security Advisory: Cisco Prime Infrastructure and Evolved Programmable Network Manager Remote Code Execution Vulnerability
 
Cisco Security Advisory: Cisco Prime Infrastructure and Evolved Programmable Network Manager Privilege Escalation API Vulnerability
 

Adobe issued a security advisory yesterday about a critical vulnerability (CVE-2016-1019) in Adobe Flash Player 21.0.0.197 and earlier.The vulnerability affects all OSes (Windows, Mac, Linux and Chrome OS).

As Adobe says, it could cause a crash and potentially allow an attacker to take control of the affected system. Well, strike that potentially since it is being actively exploited in the wild.
The good news is that the current version of Flash Player (21.0.0.182) at the moment prevents exploitation of the vulnerability (at least with exploits that are currently circulating).

In any case, Adobe should release the patch tomorrow (7.4.) so patch as soon as you can to be sure that the vulnerability has been completely mitigated (and of course, use an addon such as NoScript).

Adobe offers a handy web page to check which version you have currently installed at http://www.adobe.com/software/flash/about/, while the original advisory is available at https://helpx.adobe.com/security/products/flash-player/apsa16-01.html

--
Bojan
@bojanz
INFIGO IS

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 

SANS to Provide Online Access to New ICS Security Training
PR Newswire (press release)
BETHESDA, Md., April 6, 2016 /PRNewswire-USNewswire/ -- SANS Institute, the global leader in information security training, today announced its ICS515: ICS Active Defense and Incident Response is now available OnDemand. This popular course ...

and more »
 

Enlarge / An e-mail targeting a retail company to deliver point-of-sale malware. (credit: Proofpoint)

For the past decade, spear phishing—the dark art of sending personalized e-mails designed to trick a specific person into divulging login credentials or clicking on malicious links—has largely been limited to espionage campaigns carried out by state-sponsored groups. That made sense. The resources it takes to research the names, addresses, and industries of large numbers of individuals was worth it when targeting a given organization that had blueprints or some other specific piece of data prized by the attacker. But why go through the trouble to spread crypto ransomware or banking trojans to the masses when a single scam e-mail could do the trick?

Since the beginning of the year, that truism has begun to unravel. According to researchers at security firm Proofpoint, a single threat actor, dubbed TA530, has been targeting executives and other high-level employees in an attempt to trick them into installing an assortment of malware—including the CryptoWall ransomware program that encrypts valuable data and demands a hefty fee to undo the damage. Other malware spread in the campaign includes the Ursnif ISFB banking trojan and the Ursnif/RecoLoad point of sale reconnaissance trojan targeting businesses in the retail and hospitality industries. Targeted executives typically have titles of chief financial officer, head of finance, senior vice president, and director.

According to a blog post published Tuesday:

Read 2 remaining paragraphs | Comments

 
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
 
SQL Injection in SocialEngine
 
RE: FortiManager & FortiAnalyzer 5.x (Appliance Application) - (filename) Persistent Web Vulnerability
 
[slackware-security] subversion (SSA:2016-097-01)
 
op5 v7.1.9 Remote Command Execution
 
CA20160405-01: Security Notice for CA API Gateway
 
Re: [SE-2012-01] Broken security fix in IBM Java 7/8
 
Internet Storm Center Infocon Status