Monday, October 27, 2008

Security News Feed Monday 10/27/08

Lots to go over today. First up: Clickjacking is fixed with the latest Adobe Flash (10.0). Upgrade ASAP!





Scary - weakness in Microsoft making Cisco vulnerable in some cases:
http://www.cisco.com/en/US/products/products_security_advisory09186a0080a183ba.shtml





October 27, 2008 Recent Stock Market Decline Causes Economic Cybercrime to Hit All Time High, According to PandaLabs
http://www.crime-research.org/news/27.10.2008/3641/







Tech Insight: Digital Forensics & Incident Response Go Live - 10/24/2008 3:45:00 PM






'Block the Vote' Tactics Go Online This Election - 10/22/2008 3:45:00 PM
Electronic Privacy Information Center predicts potential for spoofed Websites, fake VOIP call blasts, phishing, and DOS – to suppress voters






Microsoft Blue Hat: Researcher Demos No-Hack Attack - 10/21/2008 4:22:00 PM
Wealth of available online data on individuals, businesses can be used in targeted attacks






How To Save Yourself From Your Kids Online
Security expert Richard B. Lawhorn writes that as parents, we must adapt to new technologies our children are using, including those found on the Internet.
Read more







How to Prevent Cyber Espionage
Security expert Gadi Evron has plenty of experience helping governments fight cyber attacks. In this column, he offers a roadmap companies can use to prevent computer espionage.
Read more







Homeland Security Clears Secure Flight but Watchlists Remain
The Department of Homeland Security announced today the Final Regulations for the Secure Flight program. All airlines will now be required to collect date of birth and gender from customers and provide this information to the TSA for watchlist verification. A DHS Redress number, if previously issued, would also be collected. EPIC has warned in Congressional testimony that accuracy problems will continue to plague Secure Flight unless passengers are able to challenge the government's watchlist determinations. EPIC also recommended that the redress procedures be modified to limit data collection and to prescribe penalties for Privacy Act violations.
Posted by EPIC on October 22, 2008.Permanent link to this item.







Sharepoint Data Security Risks
by Jesper M. Christensen
Articles / Web Application Security
The challenges of securing data on Microsoft SharePoint sites, lists, pages and the information made available through data-links to backend systems (through BDC and manually created data-links).






Microsoft has head in the clouds with new Windows Azure OS
As expected, Microsoft announced a Windows-based "cloud OS" during the first day of PDC. Windows Azure offers virtualized computing, automated service management, and scalable storage and will compete against cloud-based offerings from Amazon and Google.
October 27, 2008 - 12:28PM CT - by Kurt Mackey






More News from RustockOctober 23, 2008
Rustock has now come up with another spamming template using CBS News.





Other Tools Terrrorists Might Use: Voice, Pencils, Fax Machines, Email, Mobile Phones, Etc.






US Customs Agents Can Search Letters at Airports
SAN FRANCISCO (CN) - The 9th Circuit upheld the right of U.S. Customs and Border Patrol agents to search an elderly man's FedEx package at an international airport, and to open and read letters containing sexually suggestive language apparently addressed to an 8-year-old Filipino girl.





Penn hacker sentenced, avoids child porn charges AP - Wed Oct 22, 4:17 AM ET
PHILADELPHIA - A federal judge questioned why a white Ivy League student found during a computer hacking probe with thousands of images of child pornography was not charged with that crime, sparing him a decade-long prison sentence that a black convicted child pornographer faced at the same hearing.






Study: Malware risks are growing exponentially CNET - Tue Oct 21, 8:02 PM ET
A new report from security services provider ScanSafe finds that companies are at increasing risk of having employees inadvertently download backdoors and password stealers onto corporate computers from Web sites that have malicious software hidden on them.






Treasury office faults IRS computer security AP - Thu Oct 16, 1:06 PM ET
WASHINGTON - Two new IRS computer systems that will eventually cost taxpayers almost $2 billion are being put into service despite known security and privacy vulnerabilities, a Treasury watchdog said in a report coming out Thursday.





AVG flags ZoneAlarm as malware CNET - Wed Oct 15, 6:37 PM ET
This post was updated at 3:30 p.m. PDT with comment Check Point.






Al-Qaeda-Affiliated Online Forums Discuss High Tech Tools For Cyber Terror By Grey McKenzie Today






FBI Busts Dark Market Internet Cyber Crime Website Trafficking In Stolen Financial Data By Grey McKenzie 10/22/2008






New European data protection rules likely years away
Europe's data-protection regulatory framework needs updating, but it will be two to three years...






Researchers find problems with RFID passport cards
RFID tags used in two new types of border-crossing documents in the U.S. are vulnerable to snooping... ...1






Separate proofs-of-concept released after rushed Windows fix
Dan Kaplan October 24, 2008
Public and private proof-of-concept code has emerged for the gaping Windows hole plugged by Microsoft on Thursday in an emergency update.






China's internet users lash out at Microsoft's anti-piracy system
Dan Raywood October 24, 2008
Chinese internet users have criticized what they deem to be Microsoft's violation of their right to privacy.






Android vulnerable to drive-by exploit






McAfee antes up against cybercrimeNews Brief, 2008-10-22
The security firm calls for more action from authorities, creates a cybercrime response unit and advisory council, and will hand out grants to anti-crime organizations.






Java Update Promises to Remove Older Versions
Sun Microsystems has released another version of its Java software client. The update, JRE6 Update 10, contains no new security fixes to the most recent version, JRE6 Update 7, but it does appear to fulfill a promise the company made long ago to stop littering users' PCs with outdated, insecure versions of the software.
http://voices.washingtonpost.com/securityfix/2008/10/java_update_promises_to_remove.html






Gimmiv worm feeds on latest Microsoft bug






Most common questions that we've been asked regarding MS08-067
Since the release we have received several great questions regarding MS08-067 (http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx), thus we decided to compile answers for them. We still want to encourage everyone to apply the update.

Can the vulnerability be reached through RPC over HTTP?

No, the vulnerability cannot be reached through RPC over HTTP. RPC over HTTP is an end-to-end protocol that has three roles: client, proxy and server. To be clear, this is different from standard RPC, and the two protocols do not interoperate. Moreover, the only way to hit the vulnerable code is through named pipes, so the Interface security callback will drop the connection when connecting through TCP/IP.

Using Outlook to connect to an Exchange server to access e-mail is a common scenario that uses RPC over HTTP; since the RPC over HTTP proxy is used the Exchange server is not exposed to external attacks.

Further information about RPC over HTTP:
http://msdn.microsoft.com/en-us/library/aa375384.aspx
Further information about using Exchange with RPC over HTTP:
http://technet.microsoft.com/en-us/library/aa996072(EXCHG.65).aspx

No comments: