(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.


Firm Wins Patent for Novel Way to Detect Spearphishing
However, more than one in two (52 percent) infosec pros didn't believe execs in their organizations could spot a phishing scam, according to a survey released last week by Tripwire of 200 attendees at the RSA conference in San Francisco in February ...

The National Institute of Standards and Technology (NIST) has released the final version of a document outlining its process for developing cryptographic standards and guidelines. NIST Cryptographic Standards and Guidelines Development ...

Business Wire (press release)

Bomgar to Discuss Securing Vendor Access at InfoSec World 2016
Business Wire (press release)
Bomgar will demonstrate the importance of securing vendor access with a live hack exemplifying how third parties can unwittingly leave your network vulnerable to a cyberattack. Bomgar will exhibit at booth No. 217. Bomgar connects people and technology ...


A slide from Check Point's presentation on "SideStepper" showing a malicious server pushing a fraudulent application to an iOS 9 device—all thanks to MDM hacking and Apple enterprise developer certificates. (credit: Check Point Software Technologies Ltd.)

Security researchers at Check Point Software claim to have found a weakness in Apple's mobile device management (MDM) interface for iOS devices that could be exploited to gain complete access to devices. Dubbed "SideStepper," the approach could allow an attacker to hijack enterprise management functions and bypass Apple's application security.

By sending a link to a victim's device, someone could take control of the MDM software on the phone and push potentially malicious applications to the device as well as perform other configuration changes as a remote administrator. While Apple's security screening for the applications it allows into its App Store is rigorous, there is a backdoor left in the screening process: enterprise app stores. And new research by Check Point being presented at Black Hat Asia 2016 shows that even with security improvements in iOS 9, attackers can kick that backdoor in by hijacking the enterprise management connection.

As long as they've registered with Apple's enterprise developer program to get a software signing certificate, attackers can social engineer victims into consenting to install applications that expose nearly every aspect of their phone's settings and data simply by abusing enterprise policy settings.

Read 7 remaining paragraphs | Comments

Trend Micro (SSO) - (Backend) SSO Redirect & Session Vulnerability
Dorsa Web CMS - Multiple SQL Injection Vulnerabilities
Docker UI v0.10.0 - Multiple Persistent Vulnerabilities
WP External Links v1.80 - Cross Site Scripting Web Vulnerabilities
Hi Technology & Services CMS - SQL Injection Vulnerabilities
Cades (2016Q1) - (id) Multiple SQL Injection Vulnerabilities
Docker UI v0.10.0 - Multiple Client Side Cross Site Request Forgery Web Vulnerabilities
[SECURITY] [DSA 3538-1] libebml security update
[SECURITY] [DSA 3537-1] imlib2 security update
[SECURITY] [DSA 3536-1] libstruts1.2-java security update

ays ago, one of our readers posted a message in the general discussion forum about FIM (File Integrity Management) and, more precisely, which files/directories to monitor. Just a brief introduction for those who are not aware of File Integrity Monitoring: It">">This control is implemented via processes and enforced with tools. Like most of information security tools, its just a dumb tool! The challenge is to configure it in the right way to increase your chances to detect a malicious activity. Available tools are delivered with baselines for standard environments but must be fine tuned to match your own requirements.I think that it">">Basically, they are two types of data that you can">System files -">Data files - Those are the files used by your business">In the second case, its impossible to build a list of">Logging changes on sensitive department shares (HR, accounting, ">The implementation of a FIM has also side effects. A classic issue is patching systems. By replacing system files, patches can generate a huge amount of false positives.">">">">">">">">">">Xavier Mertens
ISC Handler - Freelance Security Consultant
PGP Key (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Peerlyst Blogger Explores a Recently Exposed Apple iMessage Vulnerability—and Its Implications for the Privacy-vs ...
Virtual-Strategy Magazine
As the go-to platform for information security professionals, a big part of Peerlyst's mission is providing inside perspective on cybersecurity news. For instance, Houmann's recent blog shares his own analysis, as well as perspective from respected ...

RE: Cisco Security Advisory: Cisco Firepower Malware Block Bypass Vulnerability
Internet Storm Center Infocon Status