Information Security News
Adobe has released security advisory APSB14-07 which is an update for Adobe Flash Player versions 188.8.131.52 and prior. It impacts both Windows and Mac versions, and those on Linux prior to 184.108.40.2066.
It addresses CVE-2014-0502 which is being exploited in the wild, and Adobe say you should update asap!
Details are available on the Adobe site.
www.tarkie.net(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Adobe has released an emergency update for its widely used Flash Player to combat active attacks that exploit a previously unknown security bug that hackers are actively exploiting to surreptitiously install malware on end-user computers.
The vulnerability, which affects the latest versions of Flash, was being exploited in drive-by attacks on the websites of at least three nonprofit organizations, according to a blog post published Thursday by researchers from security firm FireEye. Two of the institutions—the Peter G. Peterson Institute for International Economics and the Smith Richardson Foundation—focus on matters of national security and public policy. The targets, combined with the technical signatures of the attacks themselves, have led researchers to suspect that the attackers are the same ones behind similar campaigns from 2012. The FireEye researchers wrote:
This threat actor clearly seeks out and compromises websites of organizations related to international security policy, defense topics, and other non-profit sociocultural issues. The actor either maintains persistence on these sites for extended periods of time or is able to re-compromise them periodically.
This actor also has early access to a number of zero-day exploits, including Flash and Java, and deploys a variety of malware families on compromised systems. Based on these and other observations, we conclude that this actor has the tradecraft abilities and resources to remain a credible threat in at least the mid-term.
The vulnerability, which is indexed as CVE-2014-0502 under the common vulnerabilities and exposure system, allows attackers in certain cases to execute malicious code by overwriting the virtual function table pointer of a Flash object. In a testament to the growing effectiveness of modern exploit mitigation techniques, a protection known as address space layout randomization (ASLR) prevents the exploit from working on the vast majority of machines. ASLR vastly decreases the chances that a remote-code-execution attack will succeed by loading downloaded scripts in a different memory location each time the computer is rebooted. The attackers behind the campaign discovered by FireEye found a way to bypass ASLR on computers running older software. Specifically, PCs running Windows XP, Windows 7 with the now-unsupported 1.6 version of Oracle's Java, and Windows 7 with a now out-of-date version of Office 2007 or Office 2010 don't benefit from the protection of ASLR.
The scale and grandeur of the Winter Olympics in Sochi is estimated to have cost Russia an astronomical $46 billion. Two of its key telecom partners, Rostelecom and Megafon, pledged less than one percent: about $415 million total. But was that enough to turn a mountainous subtropical resort into a world-class connected site, with full LTE coverage for the first time in the Olympics' history? And perhaps more importantly, what behind-the-scenes technology keeps the Olympics running securely?
You've probably heard multiple accounts of everyday life horrors in Sochi, such as missing bulbs in hotel rooms, weird bathrooms, and dangerous manholes. But complaints about the cell coverage, Wi-Fi quality (even if it was provided that way), and overall connectivity have been nearly indiscernible in the Olympic buzz.
Digital surveillance fears, however, lingered across the board.
Infosec startup Ionic Security raises $25.5M from Google, Kleiner
Atlanta Business Chronicle (blog)
Infosec startup Ionic Security raises $25.5M from Google, Kleiner. Cloud wowed: Tom Noonan, from left, Ionic founder Adam Ghetti and Ionic CEO. Enlarge. Byron E. Small. Cloud wowed: Tom Noonan, from left, Ionic founder Adam Ghetti and Ionic CEO Steve ...
Microsoft has published a TechNet article detailing the availability of a "FixIt" for the current IE9/IE10 zero day which has been doing the rounds. Corporate users will presumably have to wait until the availability of the patch which Microsoft say will be released during the monthly patching cycle.
Microsoft released Advisory 2934088 : https://technet.microsoft.com/en-us/security/advisory/2934088
They have released a FixIt, another shim fix, that is available for download : https://support.microsoft.com/kb/2934088
Thanks to one of our regulars, and Swa for the overnight heads-up.
ISC Handler(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Posted by InfoSec News on Feb 20http://www.bloomberg.com/news/2014-02-19/israel-electric-opens-cyber-war-room-to-defend-against-power-grid-hacks.html
Posted by InfoSec News on Feb 20http://arstechnica.com/information-technology/2014/02/iranians-hacked-navy-network-for-4-months-not-a-surprise/
Posted by InfoSec News on Feb 20http://www.reuters.com/article/2014/02/18/us-hacking-snecma-idUSBREA1H1Z320140218
Posted by InfoSec News on Feb 20Forwarded from: cfp2014 (at) recon.cx
Posted by InfoSec News on Feb 20http://theaviationist.com/2014/02/17/cyber-war-at-red-flag/