Hackin9

Tax office on the hunt for new infosec chief
iT News
The Australian Taxation Office (ATO) has kicked off a hunt for a new IT security chief, who will advise chief technology officer Todd Heather on the agency's infosec strategy. It is offering up to $251,000 a year for an experienced security ...

and more »
 
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
The National Institute of Standards and Technology (NIST) has contributed to the development of a new standard for defining the performance of micromechanical sensors?a field that is expected to expand rapidly in coming decades as these ...
 
Microsoft Internet Explorer CVE-2013-7331 Information Disclosure Vulnerability
 
PHPIDS ReDoS Filters Security Bypass Vulnerability
 
[SECURITY] [DSA 3021-1] file security update
 
FreeBSD Security Advisory FreeBSD-SA-14:18.openssl
 

Overview of the September 2014 Microsoft patches and their status.

# Affected Contra Indications - KB Known Exploits Microsoft rating(**) ISC rating(*)
clients servers
MS14-052 Cumulative Security Update for Internet Explorer
Microsoft Windows, Internet Explorer

CVE-2013-7331 CVE-2014-2799 CVE-2014-4059 CVE-2014-4065 CVE-2014-4079 CVE-2014-4080 CVE-2014-4081 CVE-2014-4082 CVE-2014-4083 CVE-2014-4084 CVE-2014-4085 CVE-2014-4086 CVE-2014-4087 CVE-2014-4088 CVE-2014-4089 CVE-2014-4090 CVE-2014-4091 CVE-2014-4092 CVE-2014-4093 CVE-2014-4094 CVE-2014-4095 CVE-2014-4096 CVE-2014-4097 CVE-2014-4098 CVE-2014-4099 CVE-2014-4100 CVE-2014-4101 CVE-2014-4102 CVE-2014-4103 CVE-2014-4104 CVE-2014-4105 CVE-2014-4106 CVE-2014-4107 CVE-2014-4108 CVE-2014-4109 CVE-2014-4110 CVE-2014-4111
KB 2977629 Yes! Severity:Critical
Exploitability: 1
Critical Important
MS14-053 Vulnerability in .NET Framework Could Allow Denial of Service
Microsoft Windows, Microsoft .NET Framework

CVE-2014-4072
KB 2990931 No Severity:Important
Exploitability: 1
Important Important
MS14-054 Vulnerability in Windows Task Scheduler Could Allow Elevation of Privilege
Microsoft Windows

CVE-2014-4074
KB 2988948 No Severity:Important
Exploitability: 1
Important Important
MS14-055 Vulnerabilities in Microsoft Lync Server Could Allow Denial of Service
Microsoft Lync Server

CVE-2014-4068
CVE-2014-4070
CVE-2014-4071
KB 2990928 No Severity:Important
Exploitability: 1
Important Important
-align: center;">We will update issues on this page for about a week or so as they evolve.
We appreciate updates
US based customers can call Microsoft for free patch related support on 1-866-PCSAFETY
(*): ISC rating
  • We use 4 levels:
    • PATCH NOW: Typically used where we see immediate danger of exploitation. Typical environments will want to deploy these patches ASAP. Workarounds are typically not accepted by users or are not possible. This rating is often used when typical deployments make it vulnerable and exploits are being used or easy to obtain or make.
    • Critical: Anything that needs little to become "interesting" for the dark side. Best approach is to test and deploy ASAP. Workarounds can give more time to test.
    • Important: Things where more testing and other measures can help.
    • Less Urt practices for servers such as not using outlook, MSIE, word etc. to do traditional office or leisure work.
    • The rating is not a risk analysis as such. It is a rating of importance of the vulnerability and the perceived or even predicted threatatches.

       

-- 
Alex Stanford - GIAC GWEB & GSEC
Research Operations Manager,
SANS Internet Storm Center

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 

A variant of the infamous banking trojan Zeus has gone beyond targeting financial accounts, instead striving to collect another type of sensitive business data: customer information.

The variant, known as Dyre, is a banking trojan that first came to light in June when security companies warned that the Zeus knockoff found a way to bypass Web encryption, known as secure sockets layer (SSL). At the time, it targeted some of the largest global banks, such as Bank of America, Citibank, Natwest, RBS, and Ulsterbank. A recent version of Dyre, however, has begun targeting Salesforce, a popular cloud service for storing customer information, according to analyses.

Other cloud services could just as easily be targeted, according to security firm Adallom.

Read 6 remaining paragraphs | Comments

 

LockPath Helps Companies Comply With PCI DSS 3.0
Marketwired (press release)
OVERLAND PARK, KS--(Marketwired - September 09, 2014) - LockPath, a leader in innovative governance, risk, compliance (GRC) and information security (InfoSec) solutions announced today the release of the Keylight PCI DSS Compliance Solution.

and more »
 
Adobe Reader and Acrobat APSB14-20 Prenotification Multiple Vulnerabilities
 

Book Report: Cyberstorm by Matthew Mather
Network World
Palo Alto Networks' CTO Rick Howard, believes that one can gain a great deal of infosec knowledge by reading fiction and non-fiction on the subject. In fact, Rick has created a cybersecurity canon, which he describes as, “a list of must-read books ...

 
LinuxSecurity.com: Security Report Summary
 
LinuxSecurity.com: Updated jakarta-commons-httpclient packages that fix one security issue are now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Important security [More...]
 
LinuxSecurity.com: Several security issues were fixed in QEMU.
 
LinuxSecurity.com: CUPS could be made to expose sensitive information, leading to privilegeescalation.
 
LinuxSecurity.com: Updated nss packages that fix one security issue are now available for Red Hat Enterprise Linux 4 Extended Life Cycle Support. Red Hat Product Security has rated this update as having Critical security [More...]
 
Multiple ManageEngine Products CVE-2014-5005 Arbitrary File Upload Vulnerability
 

Infosec fact and fiction
ITWeb
Phoenix Distribution is currently the leading value-added distributor of software, accessories and peripherals across the African continent, covering software publishing, localisation and product distribution across multiple territories in multiple ...

and more »
 

AccessData and HP Extend Incident Response Services in the Wake of ...
CNNMoney
"HP chose ResolutionOne for its seamless integration into infosec environments, SIEM interoperability and threat feed consumption capabilities for collective intelligence, automated detection, analysis and resolution." "AccessData carries proven and ...

and more »
 
Cisco Security Advisory: Cisco Unified Computing System E-Series Blade Servers Cisco Integrated Management Controller SSH Denial of Service Vulnerability
 
IBM WebSphere Application Server (WAS) Integrated Solutions Console Login Page username Parameter Reflected XSS Security Vulnerability
 
[security bulletin] HPSBST03106 rev.1 - HP P2000 G3 MSA Array System running OpenSSL, Remote Unauthorized Access or Disclosure of Information
 

Infosec fact and fiction - Phoenix Distribution Press Office
ITWeb
However, despite this, there are many infosec myths that exist today, and surprisingly, many people still believe them. Simon Campbell-Young, CEO of Phoenix Distribution, says the first and most common misconception is: "It won't happen to me, because ...

 
Internet Storm Center Infocon Status