Information Security News
by michael kors discount
by michael kors outlet online
An OSX update that fixes a situation where the hostname in a certificate is not checked against the actual hostname. This vulnerability means that anyone with a valid certificate can impersonate any host - lots of attack applications in this, when combined with MITM or DNS hijack attacks
An absolute TON of updates for IOS, which should be no surprise in a new version. The highlights include updates to the Root Certificates, fixes for code exploit issues from malicious PDF and Movie files, and a bypass for the password retry limit, allowing a malicious app to brute force the device unlock code.
Also some fun fixes for several cross site scripting issues within Webkit (which is the provider for browser functions in IOS)
Attack vectors for these include buffer overflows, misses on bounds checking and some fun kernel mode attacks!
As always, watch for the full details on Apple's Security Update Page, found here ==> http://support.apple.com/kb/HT1222
Apple Touch ID: Do security advantages outweigh risks?
Tom is a security researcher for the InfoSec Institute and an IT professional with over 30 years of experience. He has written three books, Just Enough Security, Microsoft Virtualization, and Enterprise Security: A Practitioner's Guide (to be publish ...
The amount of press that Apples IOS 7 update has gotten today has had an unintended consequence - everyone seems to be pulling it down the instant they see that it's available.
This is triggering IPS Sensors and causing real DOS conditions due to the traffic involved - an unintended "apple - zooka"
<<updated content follows>>
Our readers are reporting up to a doubling of wireless traffic, and similar increases on overall internet bandwidth usage! That's more Apple-y goodness than we bargained for today !
Swa, one of our handlers, indicates that this can be easily resolved for a corporate network by enabling the Apple Caching Service and/or Software Update Server on a single OSX Server in the network, which serves as the update "broker" for all clients on the netowrk. (thanks for the screenshot Swa). The Caching Server will serve up all Apple content (including updates), while the Update Server will only server up Updates.
I'm not sure how these services interact with the Service Discovery features in mDNS - if anyone has details on this we'd appreciate your insight in the comments field for this story!
The basics of setting up your Caching Server can be found in the "Mac Management Basics" guide, found here ==> http://training.apple.com/pdf/Mac_Management_Basics_10.8.pdf
Generally, just enabling the Caching Server is enough, but advanced settings for the caching server can be found here ==> http://support.apple.com/kb/HT5590
by pandora bracelet
by Dan Goodin
Trying to prevent the kind of leaks carried out by former contractor Edward Snowden, National Security Agency officials will now tag sensitive documents and data with digital identifiers that limit access to select intelligence analyst, according to a published report. The measure is one of several security reforms being implemented three months after the publication of reams of highly classified reports documenting the agency's expansive surveillance programs.
In addition to allowing sensitive materials to be accessed only people who have a documented need to review them, the tags will allow NSA leaders to better track what individuals do with the data, National Public Radio reported Wednesday. "Could someone today do what [Snowden] did? No," NSA CTO Lonny Anderson told the news service.
Another reform the NSA has implemented is designed to remove anonymity from the network. "If you've got privileged access to our network, like a systems administrator [has], if you're being given a privilege that very few people have, you're not going to do anything alone," Anderson said. Additionally, NSA security officers are now limiting the options employees have for storing data on their own thumbdrives and other storage devices. As of June, when Snowden reportedly handed over documents to reporters, some NSA computers were equipped with USB ports that connected with thumbdrives. That has since changed.
Apple IOS 7 is available today (just posted in fact). While the major push for this is support for the new iPhone platforms, we can expect functional and security changes that will affect all ios platforms, among them:
I'm sure several of these new features are worth a story all on their own - stay tuned!
We've all seen the flurry of app updates over the past few weeks, as everyone gets their app ready for the new OS. Before updating, you should check to see that all of your apps will support the new operating system. For instance, I still use Stanza as a reader app for my fiction library. Since it was officially moved to unsupported status by Amazon, I think it's smart for me to (finally) change readers before I upgrade.
This update comes at an interesting time for a couple of my clients. Since going to a BYOD model, they now have thousands of i-devices ontheir networks, unmanaged and for the mostly owned by their users (or their visitors). Ibn most organizations, at just under 1GB the bandwidth overhead of for this update shouldn't be an issue, but one client in my list is in that "thousands of Apple devices" list and is also on my "bandwidth constrained" list. I can see this update affecting their business applications, both by stressing their already maxed out WAN and also by adding to their already over-capacity internet uplink. We're changing their QOS to de-prioritize "all things Apple" for today. Once we can characterize what this update looks like on the network, we'll make the ACL more specific to just deprioritize the update traffic. Now that the update is posted, I'll be firing up TCPDUMP and doing just that !
=============== Rob VandenBrink Metafore(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
We continue to see web applications deployed to manage datacenter functions. And I'm sorry to say, we continue to see security issues in these applications - some of them so simple a quick run-through with Burp or ZAP would red-flag them.
In that theme, today Cisco posts updates to DCNM (Cisco Prime Data Center Network Manager). The issues resolved are not so simple as I describe above (they are more complex than a simple scan to detect or exploit), but they do involve remote command execution and authentication bypass - two things most folks should have problems with in a Data Center Network Manager.
The advisory is here ==> http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130918-dcnm
As per usual, a valid service contract is required to obtain the update. My clients do have Cisco contracts, but I'm not sure how thrilled I am that you need to pay maintenance to fix security issues so fundamental.
Scientists have developed a technique to sabotage the cryptographic capabilities included in Intel's Ivy Bridge line of microprocessors. The technique works without being detected by built-in tests or physical inspection of the chip.
The proof of concept comes eight years after the US Department of Defense voiced concern that integrated circuits used in crucial military systems might be altered in ways that covertly undermined their security or reliability. The report was the starting point for research into techniques for detecting so-called hardware trojans. But until now, there has been little study into just how feasible it would be to alter the design or manufacturing process of widely used chips to equip them with secret backdoors.
In a recently published research paper, scientists devised two such backdoors they said adversaries could feasibly build into processors to surreptitiously bypass cryptographic protections provided by the computer running the chips. The paper is attracting interest following recent revelations the National Security Agency is exploiting weaknesses deliberately built-in to widely used cryptographic technologies so analysts can decode vast swaths of Internet traffic that otherwise would be unreadable.
Update security policies to protect VMs
Five differences exist that you should add to your policies and standards (Olzak, 2011, InfoSec Institute): Group VMs according to data classification, as discussed above. Ensure monitoring tools see packets internal to VMs managed by the same hypervisor.
by gucci outlet online
by jimmy choo outlet
by security surveillance blog
Posted by InfoSec News on Sep 18http://www.telegraph.co.uk/news/worldnews/southamerica/brazil/10316711/Brazilian-hackers-confuse-Nasa-with-NSA-in-revenge-attack.html
Posted by InfoSec News on Sep 18http://healthitsecurity.com/2013/09/17/how-can-healthcare-providers-prevent-medical-identity-fraud/
Posted by InfoSec News on Sep 18http://rt.com/news/nsa-snowden-life-russia-954/
Posted by InfoSec News on Sep 18http://www.slate.com/blogs/future_tense/2013/09/17/nsa_paid_french_hacker_company_vupen_for_software_exploits.html
Posted by InfoSec News on Sep 18http://www.computerworld.com/s/article/9242476/China_based_hacking_group_behind_hundreds_of_attacks_on_U.S._companies
SANS Institute Cyber Security Summit to Help Healthcare Organizations Balance ...
SANS offers a myriad of free resources to the InfoSec community including consensus projects, research reports, and newsletters; and it operates the Internet's early warning system - the Internet Storm Center. At the heart of SANS are the many security ...