Subscribe to This Feed

Verizon publishes 2014 Data Breach Investigations Report: DHS Open Source Highlights April 23rd

By Kelli Tarala | April 23, 2014

Verizon published its 2014 Data Breach Investigations Report, focusing on cyber and physical data breaches across several industries. The report found 198 point of sale (POS) intrusions during 2013, with retail, accommodation, and food services industries the most targeted, among other findings.

Full Story:
http://news.softpedia.com/news/Verizon-Publishes-2014-Data-Breach-Investigations-Report-438708.shtml

Critical update makes P2P Zeus trojan even tougher to remove
Fortinet researchers found that the peer-to-peer (P2P) Zeus banking trojan recently received an update that also installs a rootkit driver, making the trojan difficult to remove from infected systems.

Full Story:
http://www.scmagazine.com/critical-update-makes-p2p-zeus-trojan-even-tougher-to-remove/article/34355

Supposedly patched router backdoor was simply hidden
A security researcher who discovered a backdoor vulnerability in several popular home routers found that the firmware update issued by manufacturer Sercomm does not close the vulnerability but instead hides the backdoor. The backdoor can then be opened after sending a specific network packet to the router from the local area network (LAN) or the Internet service provider (ISP), allowing attackers reset the device’s configuration, username, and password to default settings.

Full Story:
http://www.net-security.org/secworld.php?id=16721

Django 1.6.3 released to address 3 security issues
The developers of the Django framework for Python released new versions of the framework, closing three security vulnerabilities.

Full Story:
http://news.softpedia.com/news/Django-1-6-3-Released-to-Address-3-Security-Issues-438666.shtml

Oracle gives Heartbleed update, patches 14 products
Oracle released updates for five products April 21, closing vulnerabilities related to the Heartbleed vulnerability in OpenSSL.

Full Story:
http://threatpost.com/oracle-gives-heartbleed-update-patches-14-products/105576

Disclaimer: The above information largely has been reproduced from the DHS Open Source Daily Report, a full version of which can be found at http://www.dhs.gov/files/programs/editorial_0542.shtm.  Enclave Security, LLC and its agents used their best efforts in collecting and preparing the information published herein. However, Enclave Security, LLC, does not assume, and hereby disclaims, any and all liability for any loss or damage caused by errors or omissions, whether such errors or omissions resulted from negligence, accident, or other causes.

Topics: DHS Infrastructure Reports | No Comments »

Heartbleed causes HealthCare.gov to change users’ passwords: DHS Open Source Highlights April 22nd

By Kelli Tarala | April 22, 2014

Registered users of the U.S. national health insurance exchange Web site had their account passwords reset and were prompted to change their passwords as a precaution due to the Heartbleed vulnerability in OpenSSL. There was no indication that users’ personal information was at risk or any indication that the vulnerability had been used against the Web site.

Full Story:
http://politicalticker.blogs.cnn.com/2014/04/19/heartbleed-causes-healthcare-gov-to-change-users-passwords/

Heartbleed attack targeted enterprise VPN
Researchers at Mandiant identified a successful attack campaign that utilized the Heartbleed vulnerability in OpenSSL to target an undisclosed organization’s virtual private network (VPN) and obtain VPN session tokens. The attack began April 8, hijacked several active user sessions, and allowed the attackers to attempt to escalate their privileges within the organization.

Full Story:
http://www.darkreading.com/attacks-breaches/heartbleed-attack-targeted-enterprise-vpn-/d/d-id/1204592

Sophos names spam-relaying “dirty dozen” countries for Q1 2014
Sophos released its list of top spam-relaying countries for the first quarter of 2014, with the U.S. accounting for the most spam by volume at 16 percent of all spam, followed by Spain and Russia.

Full Story:
http://news.softpedia.com/news/Sophos-Names-Spam-Relaying-Dirty-Dozen-Countries-for-Q1-2014-438517.shtml

ICS-CERT warns of Heartbleed vulnerabilities in Siemens gear
The Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) issued an advisory warning that the Innominate mGuard firmware and several Siemens industrial control systems are vulnerable to the Heartbleed vulnerability in OpenSSL. Innominate issued a patch for the vulnerable firmware, while Siemens identified affected systems.

Full Story:
http://threatpost.com/ics-cert-warns-of-heartbleed-vulnerabilities-in-siemens-gear/105554

Reddit users discover iOS malware threat
Reddit users identified a piece of malware for iOS devices known as Unflod Baby Panda which can target jailbroken iOS devices. Researchers at SektionEins found that the malware listens to SSL traffic and searches for Apple ID information to steal.

Full Story:
http://www.theregister.co.uk/2014/04/18/reddit_users_discover_ios_malware_threat/

Major security flaws threaten satellite communications
Researchers at IOActive released a paper outlining critical vulnerabilities in satellite communication gear from several major manufacturers that could allow attackers to disrupt or eavesdrop on communications systems used in the maritime, energy, aeronautics, and media industries as well as those used by government and emergency services. Affected manufacturers were notified and details will not be publicly released until the second half of 2014 to allow manufacturers to close the vulnerabilities.

Full Story:
http://www.networkworld.com/news/2014/041814-major-security-flaws-threaten-satellite-280848.html

Disclaimer: The above information largely has been reproduced from the DHS Open Source Daily Report, a full version of which can be found at http://www.dhs.gov/files/programs/editorial_0542.shtm.  Enclave Security, LLC and its agents used their best efforts in collecting and preparing the information published herein. However, Enclave Security, LLC, does not assume, and hereby disclaims, any and all liability for any loss or damage caused by errors or omissions, whether such errors or omissions resulted from negligence, accident, or other causes.

Topics: DHS Infrastructure Reports | No Comments »

Hardware manufacturer LaCie suffered year-long data breach: DHS Open Source Highlights April 16th

By Kelli Tarala | April 16, 2014

Computer storage manufacturer LaCie stated that the FBI informed the company of a data breach where malware was used to gain access to customer transactions carried out on the company’s Web site. LaCie temporarily disabled the e-commerce portion of its Web site and will be resetting users’ passwords in response.

Full Story:
http://www.net-security.org/secworld.php?id=16693

RCE, information disclosure and XSS flaws found in PayPal Partner Program
A security researcher identified and reported a cross-site scripting (XSS) issue and an information disclosure issue that could be leveraged for remote code execution in the PayPal Partner Program’s payment processor Web site. The issues were later closed by PayPal.

Full Story:
http://news.softpedia.com/news/RCE-Information-Disclosure-and-XSS-Flaws-Found-in-PayPal-Partner-Program-Video-437634.shtml

Expert finds SQL injection, RCE vulnerabilities in Flickr Photo Books
A security researcher identified and reported a SQL injection vulnerability and a remote code execution vulnerability in Flickr’s Photo Books Web site that could allow an attacker to gain access to Flickr’s databases. Yahoo closed the vulnerabilities after a second report by the researcher.

Full Story:
http://news.softpedia.com/news/Expert-Finds-SQL-Injection-RCE-Vulnerabilities-in-Flickr-Photo-Books-Video-437724.shtml

Heartbleed: VMware starts delivering patches
VMware announced that it began issuing patches for its products affected by the Heartbleed OpenSSL vulnerability, with patches for all affected products expected by April 19.

Full Story:
http://www.net-security.org/secworld.php?id=16692

Flash SMS flaw in iOS can be exploited to make the lock screen unresponsive
A security researcher identified a Flash SMS flaw in iOS that can be used to make a device’s lock screen unresponsive, which could be used for ransom attacks. The flaw was fixed with the release of iOS 7.1 but devices running previous versions of the mobile operating system are vulnerable.

Full Story:
http://news.softpedia.com/news/Flash-SMS-Flaw-in-iOS-Can-Be-Exploited-to-Make-the-Lock-Screen-Unresponsive-437566.shtml

Disclaimer: The above information largely has been reproduced from the DHS Open Source Daily Report, a full version of which can be found at http://www.dhs.gov/files/programs/editorial_0542.shtm.  Enclave Security, LLC and its agents used their best efforts in collecting and preparing the information published herein. However, Enclave Security, LLC, does not assume, and hereby disclaims, any and all liability for any loss or damage caused by errors or omissions, whether such errors or omissions resulted from negligence, accident, or other causes.

Topics: DHS Infrastructure Reports | No Comments »

Cyber attacks are targeting Heartbleed flaw, says US CERT: DHS Open Source Highlights April 14th

By Kelli Tarala | April 14, 2014

The Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) issued a warning April 10 stating that attackers have begun exploiting the Heartbleed vulnerability in OpenSSL and advised affected entities to report any incidents involving the vulnerability.

Full Story:
http://www.scmagazineuk.com/cyber-attacks-are-targeting-heartbleed-flaw-says-us-cert/article/342274/

Expert shows that hackers can abuse Chrome speech recognition API flaw
A security researcher identified a vulnerability in an older version of Chrome’s speech recognition API that could be leveraged to obtain the transcript generated by the browser. The API was introduced in Chrome 11 but may still be used by some Web sites.

Full Story:
http://news.softpedia.com/news/Expert-Shows-That-Hackers-Can-Abuse-Chrome-Speech-Recognition-API-Flaw-437237.shtml

BlackBerry, Cisco products vulnerable to OpenSSL bug
BlackBerry reported that several of its software products are vulnerable to the Heartbleed OpenSSL vulnerability, though its phones were unaffected. Cisco also reported that many of its products, including video communications and phone systems, were also vulnerable.

Full Story:
http://threatpost.com/blackberry-cisco-products-vulnerable-to-openssl-bug/105406

Audit: State sold computers with Social Security numbers, tax info still on them
Washington officials quarantined computers, stopped sales, and established new guidelines after an audit released April 10 determined several State agencies likely gave away or sold roughly 1,800 computers out of 20,000 over the last 2 years containing confidential information, including Social Security numbers, medical records, and tax reforms. The auditors noted about 9 percent of all computers given away or sold held confidential information.

Full Story:
http://blogs.seattletimes.com/today/2014/04/audit-state-sold-computers-with-social-security-numbers-tax-info-still-on-them/

Disclaimer: The above information largely has been reproduced from the DHS Open Source Daily Report, a full version of which can be found at http://www.dhs.gov/files/programs/editorial_0542.shtm.  Enclave Security, LLC and its agents used their best efforts in collecting and preparing the information published herein. However, Enclave Security, LLC, does not assume, and hereby disclaims, any and all liability for any loss or damage caused by errors or omissions, whether such errors or omissions resulted from negligence, accident, or other causes.

Topics: Uncategorized | No Comments »

OpenSSL 1.0.1g released to prevent eavesdropping on communications: DHS Open Source Highlights April 9th

By Kelli Tarala | April 9, 2014

A new version of OpenSSL was released after security researchers from Codenomicon and Google Security identified and reported a vulnerability that exposes all data transmissions, encryption keys, usernames, passwords, and other content via a memory leak known as Heartbleed. The vulnerability affects a variety of applications and users are advised to update as soon as possible.

Full Story:
http://news.softpedia.com/news/OpenSSL-1-0-1g-Released-to-Prevent-Hackers-from-Eavesdropping-on-Communications-436397.shtml

Microsoft drops Windows XP support
Microsoft ended support April 8 for its Windows XP operating system, leaving the widely-used operating system vulnerable to any vulnerabilities identified in the future. The operating system is still used on a significant portion of systems, including personal computers, ATMs, medical systems, industrial control systems, and other critical infrastructure systems.

Full Story:
http://money.cnn.com/2014/04/08/technology/security/windows-xp/

Information disclosure flaw in Flickr fixed after two months
Yahoo fixed an information disclosure vulnerability in its Flickr photo sharing service which could have been exploited to reveal users’ names and email addresses.

Full Story:
http://news.softpedia.com/news/Information-Disclosure-Flaw-in-Flickr-Fixed-After-Two-Months-436497.shtml

Expert finds 8 files vulnerable to SQL injection in Yahoo HK promotions page
Yahoo removed vulnerable files from its Hong Kong promotions subdomain after a security researcher identified and reported several SQL injection vulnerabilities.

Full Story:
http://news.softpedia.com/news/Expert-Finds-8-Files-Vulnerable-to-SQL-Injection-in-Yahoo-HK-Promotions-Pages-436377.shtml

Google kills fake anti-virus app that hit No. 1 on Play charts
Google removed the Virus Shield app from its Google Play store after the app, which briefly was a top download, was found to be a fake app with no functionality. Appbrain estimated that the fake app generated around $40,000 from sales for its developer.

Full Story:
http://www.theregister.co.uk/2014/04/08/

Disclaimer: The above information largely has been reproduced from the DHS Open Source Daily Report, a full version of which can be found at http://www.dhs.gov/files/programs/editorial_0542.shtm.  Enclave Security, LLC and its agents used their best efforts in collecting and preparing the information published herein. However, Enclave Security, LLC, does not assume, and hereby disclaims, any and all liability for any loss or damage caused by errors or omissions, whether such errors or omissions resulted from negligence, accident, or other causes.

Topics: DHS Infrastructure Reports | No Comments »


« Previous Entries