Landmark Leadership Conferences for IT Executives
 

The IT Blog



by Fred F. Farkel, Monday, August 26th, 2013

 

Guest column by Citadel Information Group

Weekend Vulnerability and Patch Report

The following software vulnerabilities and updates were announced last week. Citadel Information Group strongly recommends that readers update their computers and take other action as indicated.

Important Security Updates

Google Chrome: Google has released Google Chrome 29.0.1547.57 for Windows, Mac, Linux, and Chrome Frame to address multiple vulnerabilities. Updates are available from the program.

Current Software Versions

Adobe Flash 11.8.800.94 [Windows 7: IE9, Firefox, Mozilla, Netscape, Opera]

Adobe Flash 11.8.800.94 [Windows 8: IE]

Adobe Flash 11.8.800.94 [Macintosh OS X: Firefox, Opera, Safari]

Adobe Reader 11.0.03

Dropbox 2.0.25 [Citadel warns against relying on Dropbox security. We recommend files containing sensitive information be independently encrypted with a program like Axcrypt; encryption keys be at least 15 characters long; and the Dropbox password be at least 15 characters long and different from other passwords.]

Firefox 23.0.1 [Windows]

Google Chrome 29.0.1547.57 [Windows 7]

Google Chrome 28.0.1500.71 [Windows 8]

Internet Explorer 10.0.9200.16521 [Windows 7: IE]

Internet Explorer 10.0.9200.16519 [Windows 8: IE]

Java SE 7 Update 25 [Citadel recommends removing or disabling Java from your browser. Java is a major source of cyber criminal exploits. It is not needed for most internet browsing. If you have particular web sites that requires Java, Citadel recommends using a two-browser approach to minimize risk. If you normally browse the Web with Firefox, for example, disable the Java plugin in Firefox and use an alternative browser – such as Chrome, IE9, Safari, etc – with Java enabled to browse only the sites that require it.]

QuickTime 7.7.4

Safari 5.1.7  [Windows]

Safari 6.0.5 [Mac OS X]

Skype 6.7.0.102

Newly Announced Unpatched Vulnerabilities 

None 

For an updated list of previously announced Unpatched Vulnerabilities, please see the resources section of Citadel’s website.

For Your IT Department

Cisco Prime Central for HCS Assurance: Secunia reports multiple vulnerabilities in Cisco Prime Central for HCS Assurance which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerabilities are reported in versions 9.0 and 9.1. Update to version 9.2(1).

Cisco Unified Communications Manager (UCM): Secunia reports multiple vulnerabilities in Cisco Unified Communications Manager which can be exploited by malicious users to compromise a vulnerable device and by malicious people to cause a DoS (Denial of Service). Additional information is available from Secunia in Advisory 54604 and Advisory 54605.

McAfee Email Gateway: Secunia reports a vulnerability in McAfee Email Gateway, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is reported in version 7.5. Apply Email Gateway 7.5 Patch 1.

VMware Workstation and Player: Secunia reports a vulnerability in VMware Workstation and VMware Player which can be exploited by malicious, local users to gain escalated privileges. The vulnerability affects VMware Workstation versions 8.x and 9.x and VMware Player versions 4.x and 5.x running on Debian-based Linux platforms. Apply updates or workarounds.


If you are responsible for the security of your computer, Citadel’s Weekend Vulnerability and Patch Report is for you. We strongly urge you to take action to keep your workstation patched and updated.

If someone else is responsible for the security of your computer, forward our Weekend Vulnerability and Patch Report to them and follow up to make sure your computer has been patched and updated.

Vulnerability management is a key element of cyber security management. Cyber criminals take over user computers by writing computer programs that “exploit” vulnerabilities in operating systems (Windows, Apple OS, etc) and application programs (Adobe Acrobat, Office, Flash, Java, etc). When software companies find a vulnerability, they usually issue an update patch to fix the code running in their customer’s computers.

 

Citadel Information Group publishes our Weekend Vulnerability and Patch Report to alert readers to some of the week’s important updates and vulnerabilities. Our focus is on software typically found in the small or home office (SOHO) or that users are likely to have on their home computer. The report is not intended to be a thorough listing of updates and vulnerabilities.

Citadel Information Group … Delivering Information Peace of Mind ® to Business and the Not-for-Profit Community


The IT Summit would like to thank Citadel Information Group for allowing us to provide this information to you.

Read More | Comments Off on Weekend Vulnerability and Patch Report, August 25, 2013

by Fred F. Farkel, Monday, August 26th, 2013

 

Guest column by Citadel Information Group

Cyber Security News of the Week

Cyber Attack

How Hacktivists Have Targeted Major Media Outlets: From the Washington Post and CNN to the Twitter feeds of the Associated Press and Reuters, hacktivists have news outlets-and their social-media presence-in their crosshairs Dark Reading, August 21, 2013

Cyber Privacy

Latest NSA Revelations Could Help Pending Lawsuits:

Declassified secret U.S. court documents showing the National Security Agency (NSA) violated the Constitution in collecting the Internet communications of Americans could help lawsuits challenging the government surveillance. CIO, August 22, 2013

David Miranda, schedule 7 and the danger that all reporters now face: In a private viewing cinema in Soho last week I caught myself letting fly with a four-letter expletive at Bill Keller, the former executive editor of the New York Times. It was a confusing moment. The man who was pretending to be me – thanking Keller for “not giving a shit” – used to be Malcolm Tucker, a foul-mouthed Scottish spin doctor who will soon be a 1,000-year-old time lord. And Keller will correct me, but I don’t remember ever swearing at him. I do remember saying something to the effect of “we have the thumb drive, you have the first amendment”. The Guardian, August 19, 2013

Why It Will Be Difficult to Create Secure Email: Two major secure e-mail services shut down earlier this month, with the people who run them claiming that e-mail inherently lacks privacy, and to keep operating would give their clients a false sense of security. Bloomberg, August 19, 2013

Security Researcher Hacks Mark Zuckerberg’s Wall To Prove His Exploit Works: Earlier this week, security researcher Khalil Shreateh discovered a Facebook bug that allowed a hacker to post on anyone’s wall – even if they weren’t that person’s friend.

TechCrunch, August 18, 2013

Cyber Warning

‘Instagram for PC’ Application is a Marketing Scam: IDG News Service – An advertisement circulating on Facebook and Twitter for a desktop version of the photo-sharing application Instagram is a scam, according to security vendor Symantec. CIO, August 21, 2013

Cyber Warning – Online Bank Fraud

A Closer Look: Perkele Android Malware Kit: In March 2013 I wrote about Perkele, a crimeware kit designed to create malware for Android phones that can help defeat multi-factor authentication used by many banks. In this post, we’ll take a closer look at this threat, examining the malware as it is presented to the would-be victim as well as several back-end networks set up by cybercrooks who have been using mobile bots to fleece banks and their customers. KrebsOnSecurity, August 19, 2013

Cyber Security Management

How the Snowden Effect is Paralyzing CIOs: Whether you describe Edward Snowden as a hero or a criminal, there is no denying the impact that this self-described computer wizard is having on IT leaders. After all, if even the NSA can fall victim to a tech-savvy millennial, how can they defend their data? CIO, August 21, 2013

Cyber Security Management – Cyber Update

Cisco Patches Serious Vulnerabilities in Unified Communications Manager: IDG News Service – Cisco Systems has released new security patches for several versions of Unified Communications Manager (UCM) to address vulnerabilities that could allow remote attackers to execute arbitrary commands, modify system data or disrupt services. CIO, August 22, 2013

Cyber Security Management – Cyber Defense – PCI 3.0 Draft

PCI 3.0 Draft Guidelines Released: Version 3.0 of the PCI Data Security Standard is coming, and draft guidelines reflect the impact of recent retail breaches. PCI GM Bob Russo explains big changes to ensuring payment card security. BankInfoSecurity, August 19, 2013

Cyber Security Management – Cyber Insurance

Rise in data breaches drives interest in cyber insurance: CSO – Growing awareness of cyber threats and reporting requirements by regulators are driving a newfound interest in insurance products covering data breaches and other computing risks. NetworkWorld, August 15, 2013

National Cyber Security

White House Taps McAfee CTO for Cybersecurity Post: The Obama administration officially tapped a senior executive at the computer-security giant McAfee to be the Department of Homeland Security’s top cybersecurity official. The Wall Street Journal, August 19, 2013

Exit Interview: DHS’s Bruce McConnell: Though others deemed Bruce McConnell as one of the government’s most innovative security thought-leaders, he says his vision of how best to secure IT evolved during his just-ended 4-year tenure at DHS as a senior cybersecurity policymaker. GovInfoSecurity, August 12, 2013

Cyber Underworld

Ex-Soviet hackers play outsized role in cyber crime world: MOSCOW (Reuters) – If you want to hack a phone, order a cyber attack on a competitor’s website or buy a Trojan program to steal banking information, look no further than the former Soviet Union. Yahoo News, August 22, 2013

Cyber Research

A Hack-Proof Internet Exists, Thanks to Quantum Physics: Leave it to the quantum physicists at Los Alamos National Labs to have run for the past two years something that sounded like science fiction: a quantum Internet that promises perfectly secure online communications. BusinessWeek, May 13, 2013

Cyber Misc

Hackers Pay Bounty to Man Who Broke Into Zuckerberg’s Facebook Page: When Khalil Shreateh hacked into Mark Zuckerberg’s Facebook page over the weekend, the company declined to pay him the reward it normally offers to those who find security vulnerabilities. Facebook (FB) apparently frowns on testing hacks on real people, including the chief executive. Bloomberg, August 21, 2013  [Kudos to Marc Maiffret for making this happen.]

How Not to DDoS Your Former Employer: Pro tip: If you’re planning to launch a debilitating denial-of-service attack against your former employer, try not to “like” the Facebook page of the DDoS-for-hire Web service that you intend to use in the assault. KrebsOnSecurity, August 20, 2013


The IT Summit would like to thank Citadel Information Group for allowing us to provide this information to you.

Read More | Comments Off on Cyber Security News of the Week, August 25, 2013

by Fred F. Farkel, Monday, August 19th, 2013

 

Guest column by Citadel Information Group

Weekend Vulnerability and Patch Report

The following software vulnerabilities and updates were announced last week. Citadel Information Group strongly recommends that readers update their computers and take other action as indicated.

Important Security Updates

Apple AirPort: Apple has released updates for its AirPort Base Station Firmware. Update to 7.6.4  available through Apple’s website.

Apple iTunes: Apple has released updates for iTunes. Updates are available through iTunes or the iTunes website.

Microsoft Internet Explorer: Microsoft has released updates for Internet Explorer to fix at least 12 highly critical vulnerabilities. Updates are available through the browser.

Microsoft Patch Tuesday: Microsoft released several updates addressing at least 23 security vulnerabilities, some of which are highly critical, in Windows, Internet Explorer and more. Updates are available via Windows Update or from Automatic Update.

Mozilla Firefox: Mozilla has released version 23.0.1 of Firefox. Updates are available through Firefox browser.

Current Software Versions

Adobe Flash 11.8.800.94 [Windows 7: IE9, Firefox, Mozilla, Netscape, Opera]

Adobe Flash 11.8.800.94 [Windows 8: IE]

Adobe Flash 11.8.800.94 [Macintosh OS X: Firefox, Opera, Safari]

Adobe Reader 11.0.03

Dropbox 2.0.25 [Citadel warns against relying on Dropbox security. We recommend files containing sensitive information be independently encrypted with a program like Axcrypt; encryption keys be at least 15 characters long; and the Dropbox password be at least 15 characters long and different from other passwords.]

Firefox 23.0.1 [Windows]

Google Chrome 28.0.1500.95 [Windows 7]

Google Chrome 28.0.1500.71 [Windows 8]

Internet Explorer 10.0.9200.16521 [Windows 7: IE]

Internet Explorer 10.0.9200.16519 [Windows 8: IE]

Java SE 7 Update 25 [Citadel recommends removing or disabling Java from your browser. Java is a major source of cyber criminal exploits. It is not needed for most internet browsing. If you have particular web sites that requires Java, Citadel recommends using a two-browser approach to minimize risk. If you normally browse the Web with Firefox, for example, disable the Java plugin in Firefox and use an alternative browser – such as Chrome, IE9, Safari, etc – with Java enabled to browse only the sites that require it.]

QuickTime 7.7.4

Safari 5.1.7  [Windows]

Safari 6.0.5 [Mac OS X]

Skype 6.7.0.102

Newly Announced Unpatched Vulnerabilities 

None 

For an updated list of previously announced Unpatched Vulnerabilities, please see the resources section of Citadel’s website.

For Your IT Department

McAfee Data Loss Prevention: McAfee has released version 9.3 of its Data Loss Prevention to fix multiple unpatched vulnerabilities in previous versions. Apply updates.


If you are responsible for the security of your computer, Citadel’s Weekend Vulnerability and Patch Report is for you. We strongly urge you to take action to keep your workstation patched and updated.

If someone else is responsible for the security of your computer, forward our Weekend Vulnerability and Patch Report to them and follow up to make sure your computer has been patched and updated.

Vulnerability management is a key element of cyber security management. Cyber criminals take over user computers by writing computer programs that “exploit” vulnerabilities in operating systems (Windows, Apple OS, etc) and application programs (Adobe Acrobat, Office, Flash, Java, etc). When software companies find a vulnerability, they usually issue an update patch to fix the code running in their customer’s computers.

 

Citadel Information Group publishes our Weekend Vulnerability and Patch Report to alert readers to some of the week’s important updates and vulnerabilities. Our focus is on software typically found in the small or home office (SOHO) or that users are likely to have on their home computer. The report is not intended to be a thorough listing of updates and vulnerabilities.

Citadel Information Group … Delivering Information Peace of Mind ® to Business and the Not-for-Profit Community


The IT Summit would like to thank Citadel Information Group for allowing us to provide this information to you.

Read More | Comments Off on Weekend Vulnerability and Patch Report, August 18, 2013

by Fred F. Farkel, Monday, August 19th, 2013

 

Guest column by Citadel Information Group

Cyber Security News of the Week

Cyber Attack

Washington Post Site Hacked After Successful Phishing Campaign: The Washington Post acknowledged today that a sophisticated phishing attack against its newsroom reporters led to the hacking of its Web site, which was seeded with code that redirected readers to the Web site of the Syrian Electronic Army hacker group. According to information obtained by KrebsOnSecurity, the hack began with a phishing campaign launched over the weekend that ultimately hooked one of the paper’s lead sports writers. KrebsOnSecurity, August 15, 2013

Syrian Electronic Army hacks Washington Post Web site: The Washington Post’s Web site was disrupted Thursday morning by a hacker group sympathetic to Syrian President Bashar al-Assad that apparently launched a coordinated wave of attacks on American news outlets. The Washington Post, August 15, 2013

Source: New York Times Website Hit by Cyber Attack: The corporate and media sites of The New York Times (NYT) experienced a lengthy outage on Wednesday that a source close to the matter said appeared to be caused by a cyber attack, although the newspaper cited a scheduled maintenance update. Fox News, August 14, 2013

Cyber Privacy

N.S.A. Often Broke Rules on Privacy, Audit Shows: WASHINGTON – The National Security Agency violated privacy rules protecting the communications of Americans and others on domestic soil 2,776 times over a one-year period, according to an internal audit leaked by the former N.S.A. contractor Edward J. Snowden and made public on Thursday night. The New York Times, August 16, 2013

Baby Monitor Hack Highlights Manufacturers’ Security Shortfalls: CSO – The frightening experience of a Texas couple who discovered their toddler’s baby monitor had been hacked by an apparently demented man showcases the serious security lapses in consumer electronics, experts say. CSO, August 15, 2013

Identity Theft

Hackers Hit Energy Department – Again: The U.S. Department of Energy notified employees via an email Wednesday that hackers gained personal information, such as names and Social Security numbers, of 14,000 current and former agency employees as the result of a hack that occurred in late July. This is the second attack this year that involved a breach of employee data. The Wall Street Journal, August 15, 2013

Online Bank Fraud

71 Percent of U.S. Adults Would Change Banks If Hit by Fraud: According to the results of a recent Entersekt survey, 71 percent of U.S. adults would be at least somewhat likely to change banks if they became a victim of online banking fraud at their current bank (h/t Softpedia). eSecurity Planet, July 22, 2013

Cyber Warning

Android Malware Being Delivered Via Ad Networks: Attackers are using mobile ad network software installed on smartphones to push malicious JavaScript and take control of devices. InformationWeek, August 13, 2013

XP’s retirement will be hacker heaven: Hackers will bank bugs until after Microsoft retires Windows XP in April 2014; expect attacks, say security experts. ComputerWorld, August 12, 2013

Android Trojan Banking App Targets Master Key Vulnerability: Sluggish Android updates put users at risk. Could rising public awareness of the flaw lead carriers and device makers to patch more quickly? InformationWeek, August 6, 2013

Cyber Security Management

PCI DSS 3.0 Change Highlights: WAKEFIELD, Mass., 15 August 2013 – Today the PCI Security Standards Council (PCI SSC), an open, global forum for the development of payment card security standards published PCI Data Security Standard (PCI DSS) and Payment Application Data Security Standard (PA-DSS) 3.0 Change Highlights as a preview of the new version of the standards coming in November 2013. The changes will help companies make PCI DSS part of their business-as-usual activities by introducing more flexibility, and an increased focus on education, awareness and security as a shared responsibility. DarkReading, August 15, 2013

Cyber Security Management – Cyber Update

Microsoft Patches Plug 23 Security Holes: Microsoft has issued security updates to fix at least 23 distinct vulnerabilities in its Windows operating systems and other software. Three of the patch bundles released today address flaws rated “critical,” meaning that malware or miscreants can use them to break into Windows PCs without any help from users. KrebsOnSecurity, August 13, 2013

Cyber Security Management – Cyber Insurance

On Alert Against Cybercrime: Cybersecurity was something Ciena Corp.’s chief financial officer could usually delegate when he joined the network provider six years ago. Now, he spends as much as 10% of his time making sure Ciena and its technologies are protected from hackers, cutthroat competitors and other potential cybercriminals. The Wall Street Journal, August 13, 2013

Critical Infrastructure

Chinese Hacking Team Caught Taking Over Decoy Water Plant: A Chinese hacking group accused this February of being tied to the Chinese army was caught last December infiltrating a decoy water control system for a U.S. municipality, a researcher revealed on Wednesday. MIT Technology Review, August 2, 2013

Cyber Underworld

An Interview With A Digital Drug Lord: The Silk Road’s Dread Pirate Roberts (Q&A): Most black market drug lords don’t give interviews. But the Dread Pirate Roberts isn’t most drug lords. His website, the Silk Road, is designed to allow anyone to buy and sell drugs with the crypto-currency Bitcoin, using the anonymity software Tor to protect their identity. And those same anonymity protections have made Roberts confident enough in his security that he’s even been willing to write about his illicit business under his pseudonym on Silk Road’s user forums and even give short comments to reporters in the past. Forbes, August 14, 2013

Buying Battles in the War on Twitter Spam: The success of social networking community Twitter has given rise to an entire shadow economy that peddles dummy Twitter accounts by the thousands, primarily to spammers, scammers and malware purveyors. But new research on identifying bogus accounts has helped Twitter to drastically deplete the stockpile of existing accounts for sale, and holds the promise of driving up costs for both vendors of these shady services and their customers. KrebsOnSecurity, August 14, 2013

Cyber Research

CRACKING CRYPTO JUST GOT A LITTLE EASIER: Starting with the Black Hat conference, researchers, engineers and hackers have been unveiling new weaknesses and attacks in different cryptographic implementations that threaten the security of communication and commerce on the Web. ThreatPost, August 15, 2013

Remotely Assembled Malware Blows Past Apple’s Screening Process: Mystery has long shrouded how Apple vets iPhone, iPad, and iPod apps for safety. Now, researchers who managed to get a malicious app up for sale in the App Store have determined that the company’s review process runs at least some programs for only a few seconds before giving the green light. MIT Technology Review, August 15, 2013

Cyber Misc

Disruptions: As New Targets for Hackers, Your Car and Your House: Imagine driving on the freeway at 60 miles per hour and your car suddenly screeches to a halt, causing a pileup that injures dozens of people. Now imagine you had absolutely nothing to do with the accident because your car was taken over by hackers. The New York Times, August 11, 2013

A Travel-Hack Mystery: How Can You Redeem Stolen Airline Miles?: Hackers love credit card numbers, sure, but frequent flier miles? US Airways (LCC) is notifying some members of its Dividend Miles loyalty program that miles have been stolen from some 7,700 compromised accounts. The breach was discovered on July 12, the airline said in a regulatory filing mandated under a North Carolina identity-protection law. US Airways’s largest hub is in Charlotte. Bloomberg, August 9, 2013


The IT Summit would like to thank Citadel Information Group for allowing us to provide this information to you.

Read More | Comments Off on Cyber Security News of the Week, August 18, 2013

by Fred F. Farkel, Monday, August 12th, 2013

 

Guest column by Citadel Information Group

Weekend Vulnerability and Patch Report

The following software vulnerabilities and updates were announced last week. Citadel Information Group strongly recommends that readers update their computers and take other action as indicated.

Important Security Updates

D-Link DIR-645: D-Link has released version 1.04B05 to fix several moderately critical vulnerabilities reported in previous versions. Updates are available at D-Link’s website.

Mozilla Firefox: Mozilla has released version 23.0 of Firefox. Updates are available through Firefox browser. See unpatched highly critical vulnerabilities below in versions prior to 23.0.

Current Software Versions

Adobe Flash 11.8.800.94 [Windows 7: IE9, Firefox, Mozilla, Netscape, Opera]

Adobe Flash 11.8.800.94 [Windows 8: IE]

Adobe Flash 11.8.800.94 [Macintosh OS X: Firefox, Opera, Safari]

Adobe Reader 11.0.03

Dropbox 2.0.25 [Citadel warns against relying on Dropbox security. We recommend files containing sensitive information be independently encrypted with a program like Axcrypt; encryption keys be at least 15 characters long; and the Dropbox password be at least 15 characters long and different from other passwords.]

Firefox 23.0 [Windows]

Google Chrome 28.0.1500.95 [Windows 7] 

Google Chrome 28.0.1500.71 [Windows 8] 

Internet Explorer 10.0.9200.16521 [Windows 7: IE]

Internet Explorer 10.0.9200.16519 [Windows 8: IE]

Java SE 7 Update 25 [Citadel recommends removing or disabling Java from your browser. Java is a major source of cyber criminal exploits. It is not needed for most internet browsing. If you have particular web sites that requires Java, Citadel recommends using a two-browser approach to minimize risk. If you normally browse the Web with Firefox, for example, disable the Java plugin in Firefox and use an alternative browser – such as Chrome, IE9, Safari, etc – with Java enabled to browse only the sites that require it.]

QuickTime 7.7.4

Safari 5.1.7  [Windows]

Safari 6.0.5 [Mac OS X]

Skype 6.7.0.102

Newly Announced Unpatched Vulnerabilities 

Mozilla Firefox: Secunia reports at least 12 highly critical unpatched vulnerabilities in versions prior to 23.0 of Mozilla Firefox. Mozilla has released version 23.0 of Firefox. Updates are available through Firefox browser.

VLC Media Player: Secunia reports several unpatched vulnerabilities in version 2.0.8 of VLC’s Media Player. Other versions may also be affected. There is no official solution currently available.

For an updated list of previously announced Unpatched Vulnerabilities, please see theresources section of Citadel’s website.

For Your IT Department

None


If you are responsible for the security of your computer, Citadel’s Weekend Vulnerability and Patch Report is for you. We strongly urge you to take action to keep your workstation patched and updated.

If someone else is responsible for the security of your computer, forward our Weekend Vulnerability and Patch Report to them and follow up to make sure your computer has been patched and updated.

Vulnerability management is a key element of cyber security management. Cyber criminals take over user computers by writing computer programs that “exploit” vulnerabilities in operating systems (Windows, Apple OS, etc) and application programs (Adobe Acrobat, Office, Flash, Java, etc). When software companies find a vulnerability, they usually issue an update patch to fix the code running in their customer’s computers.

 

Citadel Information Group publishes our Weekend Vulnerability and Patch Report to alert readers to some of the week’s important updates and vulnerabilities. Our focus is on software typically found in the small or home office (SOHO) or that users are likely to have on their home computer. The report is not intended to be a thorough listing of updates and vulnerabilities.

Citadel Information Group … Delivering Information Peace of Mind ® to Business and the Not-for-Profit Community


The IT Summit would like to thank Citadel Information Group for allowing us to provide this information to you.

Read More | Comments Off on Weekend Vulnerability and Patch Report, August 11, 2013

by Fred F. Farkel, Monday, August 12th, 2013

 

Guest column by Citadel Information Group

Cyber Security News of the Week

Cyber Attack

Dutch DNS server ‘hack’: Thousands of sites serve up malware: Thousands of Dutch websites served up malware this week after what was initially thought to be a DNS server hack at SIDN, the Dutch administrator of the .nl domain extension. ZDNet, August 9, 2013

Cyber Crime

‘Possible’ loss of user information in Crytek security breach: Crytek took down four of its websites due to “suspicious activity” over the weekend. According to a statement from Crytek, the security breach “may have resulted in some users’ login data being compromised.” Joystiq, August 5, 2013

Cyber Crime – Online Bank Fraud

$1.5 million Cyberheist Ruins Escrow Firm: A $1.5 million cyberheist against a California escrow firm earlier this year has forced the company to close and lay off its entire staff. Meanwhile, the firm’s remaining money is in the hands of a court-appointed state receiver who is preparing for a lawsuit against the victim’s bank to recover the stolen funds. KrebsOnSecurity, August 7, 2013

Cyber Privacy

Encryption App Silent Circle Shuts Down E-Mail Service ‘To Prevent Spying’: The business of protecting consumers from prying government eyes has suddenly become a pre-emptive one for Silent Circle. The communications encryption firm said Friday that it was shutting down its e-mail service to prevent spying, a day after competitor Lavabit suspended its core email service. Lavabit’s founder had suggested in a letter to customers that he had been the subject of a U.S. government investigation and gag order. Forbes, August 9, 2013

President Moves to Ease Worries on Surveillance: President Obama on Friday sought to take control of the roiling debate over the National Security Agency’s surveillance practices, releasing a more detailed legal justification for domestic spying and calling for more openness and scrutiny of the N.S.A.’s programs to reassure a skeptical public that its privacy is not being violated. The New York Times, August 9, 2013

N.S.A. Said to Search Content of Messages to and From U.S.:  The National Security Agency is searching the contents of vast amounts of Americans’ e-mail and text communications into and out of the country, hunting for people who mention information about foreigners under surveillance, according to intelligence officials.The New York Times, August 8, 2013

Cyber Warning

Google Play store suffers from malware: (MoneyWatch) Is there a risk of malware on mobile phones? In general, the answer has been “yes, but it’s not a serious concern.” As time goes on, though, the risk appears to be increasing. CBS News, August 9, 2013

Blogs, Other Content Management Sites Targeted by Password Thieves:  Brute force attacks to pry login credentials from content management sites like blogs have been growing as more data robbers use a short-term gain for a bigger pay-off later on. CSO, August 8, 2013

Cyber Security Management

Database security: Protecting the company’s crown jewels: Dr. Stahl Quoted For network crackers, state-sponsored attackers, criminal hackers and politi- cal hacktivists, there are few goals more coveted than to breach a target’s corporate database. Attackers looking for confidential data, personal information, financial records, intellectual property or other marketable data know that the proverbial golden goose lies at the center of myriad network moats, fire- walls, authentication servers, honey pots, false breadcrumbs and sink holes. SC Magazine, August 2013

Organizations ignore social media when it comes to business continuity planning: New study finds while many organizations are incorporating business continuity management into their risk program, they are still failing to use social media channels as part of their plan CSO, August 8, 2013

Securing the Village

FBI’s New iGuardian Portal Aims to Ease Cybercrime Reporting: An online portal launched by the FBI to gather information about cyber threats from companies could be an important step in fighting cyber crime, but information sharing between government and private industry remains a challenge, according to security pros. CIO, August 5, 2013

Critical Infrastructure

White House to offer companies cybersecurity incentives: With incentives, the government aims to entice power utilities, water infrastructure, and transportation networks to sign onto its upcoming Cybersecurity Framework. CNet, August 6, 2013

Cyber Underworld

Anatomy Of A Russian Cybercrime Ecosystem Targeting Android: DEF CON 21 – Las Vegas – Ten Russia-based crime gangs are behind the majority of text-messaging toll fraud campaigns that can net affiliate marketers of the scams up to $12,000 a month, researchers said here yesterday. DarkReading, August 3, 2013

Cyber Misc

Update: Researchers say Tor-targeted malware phoned home to NSA: Malware planted on the servers of Freedom Hosting-the “hidden service” hosting provider on the Tor anonymized network brought down late last week-may have de-anonymized visitors to the sites running on that service. This issue could send identifying information about site visitors to an Internet Protocol address that was hard-coded into the script the malware injected into browsers. And it appears the IP address in question belongs to the National Security Agency (NSA). ArsTechnica, August 5, 2013

Firefox Zero-Day Used in Child Porn Hunt?: A claimed zero-day vulnerability in Firefox 17 has some users of the latest Mozilla Firefox browser (Firefox 22) shrugging their shoulders. Indeed, for now it appears that this flaw is not a concern for regular, up-to-date Firefox end users. But several experts say the vulnerability was instead exposed and used in tandem with a recent U.S. law enforcement effort to discover the true Internet addresses of people believed to be browsing child porn sites via the Tor Browser – an online anonymity tool powered by Firefox 17. KrebsOnSecurity, August 4, 2013

MIT Students Release Program To 3D-Print High Security Keys: When lock maker Schlage imprinted the words “do not duplicate” across the top of the keys for their high-security Primus locks, they meant to create another barrier to reproducing a piece of metal that’s already beyond the abilities of the average hardware store keymaker. One group of hackers, of course, took it instead as a direct challenge.Forbes, August 3, 2013

Cyber Sunshine

Latvia to extradite cyber-crime suspect to US: Latvia has agreed to extradite a programmer to the United States to stand trial for his alleged role in a global cyber-theft ring that broke into a million computers. Aljazeera, August 6, 2013


The IT Summit would like to thank Citadel Information Group for allowing us to provide this information to you.

Read More | Comments Off on Cyber Security News of the Week, August 11, 2013

by Fred F. Farkel, Monday, August 5th, 2013

 

Guest column by Citadel Information Group

Weekend Vulnerability and Patch Report

The following software vulnerabilities and updates were announced last week. Citadel Information Group strongly recommends that readers update their computers and take other action as indicated.

Important Security Updates

Adobe Digital Editions: Adobe has released version 2.0.1 of its Digital Editions to fix a highly critical vulnerability in previous versions. Updates are available through Adobe’s website.

Foxit Reader: Foxit has released version 6.0.6.0722. The update is available throughFoxit’s website.

Google Chrome: Google has released version 28.0.1500.95 of Chrome to fix at least 6 highly critical vulnerabilities. Updates are available through the browser or Google’s website.

HP LaserJet Pro: HP has released version 20130703 for some of its LaserJet Pro Printers to fix a vulnerability. Updates are available through HP’s website.

Skype: Skype has released version 6.7.0.102. The update is available through Skype’s website.

Current Software Versions

Adobe Flash 11.8.800.94 [Windows 7: IE9, Firefox, Mozilla, Netscape, Opera]

Adobe Flash 11.8.800.94 [Windows 8: IE]

Adobe Flash 11.8.800.94 [Macintosh OS X: Firefox, Opera, Safari]

Adobe Reader 11.0.03

Dropbox 2.0.25 [Citadel warns against relying on Dropbox security. We recommend files containing sensitive information be independently encrypted with a program like Axcrypt; encryption keys be at least 15 characters long; and the Dropbox password be at least 15 characters long and different from other passwords.]

Firefox 22 [Windows]

Google Chrome 28.0.1500.95 [Windows 7] 

Google Chrome 28.0.1500.71 [Windows 8] 

Internet Explorer 10.0.9200.16521 [Windows 7: IE]

Internet Explorer 10.0.9200.16519 [Windows 8: IE]

Java SE 7 Update 25 [Citadel recommends removing or disabling Java from your browser. Java is a major source of cyber criminal exploits. It is not needed for most internet browsing. If you have particular web sites that requires Java, Citadel recommends using a two-browser approach to minimize risk. If you normally browse the Web with Firefox, for example, disable the Java plugin in Firefox and use an alternative browser – such as Chrome, IE9, Safari, etc – with Java enabled to browse only the sites that require it.]

QuickTime 7.7.4

Safari 5.1.7  [Windows]

Safari 6.0.5 [Mac OS X]

Skype 6.7.0.102

Newly Announced Unpatched Vulnerabilities 

None

For an updated list of previously announced Unpatched Vulnerabilities, please see theresources section of Citadel’s website.

For Your IT Department

Cisco Multiple Products: Secunia reports that Cisco has released updates for multiple products, including Cisco’s Unified Computing System, WebEx Meetings Server, Application and Content Networking System, Wide Area Application Services, and others. Apply appropriate updates.  

McAfee Firewall Enterprise: McAfee has released an update for its Firewall Enterprise to fix a moderately vulnerability. Update to version 8.3.1P02.

VMware ESXi: Secunia reports VMware has released a partial fix for ESXi to fix at least 3 less critical vulnerabilities reported in versions 5.1, 5.0, 4.1, and 4.0. Apply patches if available.

VMware ESX Server: Secunia reports VMware has released a partial fox for ESX Server to fix at least 6 moderately critical reported in versions 4.1 and 4.0. Apply patches if available.


If you are responsible for the security of your computer, Citadel’s Weekend Vulnerability and Patch Report is for you. We strongly urge you to take action to keep your workstation patched and updated.

If someone else is responsible for the security of your computer, forward our Weekend Vulnerability and Patch Report to them and follow up to make sure your computer has been patched and updated.

Vulnerability management is a key element of cyber security management. Cyber criminals take over user computers by writing computer programs that “exploit” vulnerabilities in operating systems (Windows, Apple OS, etc) and application programs (Adobe Acrobat, Office, Flash, Java, etc). When software companies find a vulnerability, they usually issue an update patch to fix the code running in their customer’s computers.

 

Citadel Information Group publishes our Weekend Vulnerability and Patch Report to alert readers to some of the week’s important updates and vulnerabilities. Our focus is on software typically found in the small or home office (SOHO) or that users are likely to have on their home computer. The report is not intended to be a thorough listing of updates and vulnerabilities.

Citadel Information Group … Delivering Information Peace of Mind ® to Business and the Not-for-Profit Community


The IT Summit would like to thank Citadel Information Group for allowing us to provide this information to you.

Read More | Comments Off on Weekend Vulnerability and Patch Report, August 4, 2013

by Fred F. Farkel, Monday, August 5th, 2013

 

Guest column by Citadel Information Group

Cyber Security News of the Week

Cyber Crime

Hackers steal identity info of 72,000 at U of Delaware: NEWARK, Del. – A cyberattack on a University of Delaware computer system exposed more than 72,000 people to identity theft and could cost the school millions of dollars – and the full extent of the security breach hasn’t been determined. USA Today, July 31, 2013

New Retail Breach Reported: Harbor Freight Tools, a U.S.-based chain of 400 retail tool stores, has reported a breach against its payment processing system. BankInfoSecurity, July 23, 2013

Identity Theft

Criminal Investigations of Identity Theft Increasing at U.S. IRS: The U.S. Internal Revenue Service opened 1,100 criminal investigations of tax fraud by June 30 this year, exceeding the 2012 total with three months remaining in the fiscal year. Bloomberg, August 2, 2013

Cyber Privacy

XKeyscore: NSA tool collects ‘nearly everything a user does on the internet’: A top secret National Security Agency program allows analysts to search with no prior authorization through vast databases containing emails, online chats and the browsing histories of millions of individuals, according to documents provided by whistleblower Edward Snowden. The Guardian, July 31, 2013

Public gets first look at once-secret court order on NSA surveillance: WASHINGTON – The public got its first look at the secret court order that authorized the government’s vast collection of records of domestic telephone calls as the Obama administration moved Wednesday to try to boost public confidence in the National Security Agency’s program. LA Times, July 31, 2013

Edward Snowden’s not the story. The fate of the internet is: The press has lost the plot over the Snowden revelations. The fact is that the net is finished as a global network and that US firms’ cloud services cannot be trusted. The Guardian, July 27, 2013

Cyber Threat

5 scariest cybersecurity threats at Black Hat, Defcon: An annual show-and-tell of some of the most alarming security breaches currently known is underway at two hacker conferences being held in Las Vegas this week. Cybersecurity researchers, hackers, government agencies and privacy advocates converge at Black Hat and Defcon to share the results of some shocking research. CBS, July 31, 2013

Cyber Warning

5 Top Targets for Today’s Hackers: Black Hat USA bills itself as “the show that sets the benchmark for all other security conferences.” While most conferences tend to over-promote themselves, given the activity at this year’s show, that actually might be something of an understatement. Forbes, August 2, 2013

Black Hat: How to Create a Massive DDoS Botnet Using Cheap Online Ads: The bad news is if you click on the wrong online ad, your browser can be immediately enlisted in a botnet carrying out a denial of service attack to take down Web sites. CIO, August 1, 2013

JAVASCRIPT AND TIMING ATTACKS USED TO STEAL BROWSER DATA: LAS VEGAS-Security researchers have been warning about the weaknesses and issues with JavaScript and iframes for years now, but the problem goes far deeper than even many of them thought. A researcher in the U.K. has developed a new technique that uses a combination of JavaScript-based timing attacks and other tactics to read any information he wants from a targeted user’s browser and sites the victim is logged into. The attack works on all of the major browsers and researchers say there’s no simple fix to prevent it. ThreatPost, August 1, 2013

This Fake Charger Will Hide A Trojan In Your iPhone’s Facebook App: Apple AAPL +1.29% takes great pains to protect its air-tight iOS app store from the malware that plagues PCs. But get physical access to the device’s data port-with, for instance, a carefully spoofed charger-and those app store protections can be bypassed in seconds.Forbes, July 31, 2013

Bogus Chrome, Firefox extensions pilfer social media accounts: IDG News Service – Trend Micro has found two malicious browser extensions that hijack Twitter, Facebook and Google+ accounts. CIO, July 30, 2013

Don’t Get Sucker Pumped: Gas pump skimmers are getting craftier. A new scam out of Oklahoma that netted thieves $400,000 before they were caught is a reminder of why it’s usually best to pay with credit versus debit cards when filling up the tank.KrebsOnSecurity, July 29, 2013

Cyber Security Management

Universities Putting Sensitive Data at Risk via Unsecure Email: Colleges and universities are putting the financial and personal information of students and parents at risk by allowing them to submit such data to the school in unencrypted email. CIO, July 30, 2013

Cyber Security Management – Cyber Defense

Carriers rush to fix SIM card vulnerability – by hacking into them: A bug that could have allowed hackers to exploit a vulnerability in millions of SIM cards, commonly used in mobile phones and other cellular equipment, has been fixed, according to the security researcher who first discovered the flaw. ZDNet, August 2, 2013

Securing the Village

VERIS: A New Database for Sharing Security Incident Information: A new community database has been launched by Verizon to help bridge the uncertainty gap in data breach information: what we know and what we need to know. Based on VERIS, it is designed to facilitate the secure sharing of incident information for the good of all.InfoSecurity, August 2, 2013

Government Gets Closer To Launching CyberSecurity Framework: The federal government and private industry are getting close to releasing a cybersecurity framework that will provide both private and public-sector entities with a way to assess how resilient their computer networks are to cyber attack and the steps needed to make improvements. Information Week, July 30, 2013

CROWDSOURCE TOOL AIMS TO IMPROVE AUTOMATED MALWARE ANALYSIS: When a new piece of malware surfaces, it’s typically analyzed eight ways from Sunday by a long list of antimalware and other security companies, government agencies, CERTs and other organizations who try to break it down and classify its capabilities. There’s a lot of duplicated effort there, and a group of researchers is building a new tool called CrowdSource that is designed to take advantage of the existing analysis capabilities in the community and perform automated malware analysis to provide rich reports on each new sample. ThreatPost, July 30, 2013

National Cyber Security

NSA Director Heckled At Conference As He Asks For Security Community’s Understanding: When NSA Director Keith Alexander appeared at the Las Vegas security conference Black Hat Wednesday morning, he hoped to mend the NSA’s reputation in the eyes of thousands of the conference’s hackers and security professionals. It didn’t go exactly as planned. Forbes, July 31, 2013

Critical Infrastructure

Industrial Control Systems Targeted By Malicious Attackers, Research Shows: IDG News Service – Attackers are actively targeting Internet-connected industrial control systems (ICS) in an effort to compromise their operation, according to data collected from a global network of honeypot systems that simulate water pumps. CIO, August 1, 2013

Scada Experts Simulate ‘Catastrophic’ Attack: LAS VEGAS – BLACK HAT USA – SCADA experts here today demonstrated just how easy it is to commandeer the antiquated networking protocols used in an oil-well pumping station and other SCADA environments, causing a simulated oil tank to nearly overflow using spoofed commands to the programmable logic controller (PLC). DarkReading, August 1, 2013

Cyber Law

Parties Inch Closer to Agreement on Federal Cyberlaw: Whether the voluntary approach to developing cybersecurity protection standards for business use carries through to compliance with those standards remains an open question. The private sector may be comfortable with the emphasis on a voluntary approach so far, and thus be hopeful that any eventual legislation will retain that approach. Still, a bit of caution remains. ECommerceTimes, July 31, 2013

Cyber Underworld

Russia’s Massive Android Malware Industry Revealed: Mobile security company Lookout released a report today at DefCon that reveals the amazing size, scope, and complexity of Android malware operations in Russia. The report found the bulk of this Russian malware wasn’t coming from lone individuals in basements, but well-oiled malware producing machines. PC Magazine, August 2, 2013

Mail from the (Velvet) Cybercrime Underground: Over the past six months, “fans” of this Web site and its author have shown their affection in some curious ways. One called in a phony hostage situation that resulted in a dozen heavily armed police surrounding my home. Another opened a $20,000 new line of credit in my name. Others sent more than $1,000 in bogus PayPal donations from hacked accounts. Still more admirers paid my cable bill for the next three years using stolen credit cards. Malware authors have even used my name and likeness to peddle their wares.KrebsOnSecurity, July 30, 2013

Cyber Research

RESEARCHERS HACK GPS, $80M YACHT VEERS OFF COURSE: A 213-foot luxury yacht veered off course while cruising in the Mediterranean Sea this summer after a radio navigation research team led by global positioning systems expert Todd Humphreys of the University of Texas Austin built a custom-made device capable of overriding the ship’s GPS receivers with spoofed signals. ThreatPost, July 30, 2013

NEW SOFTWARE OBFUSCATION THROWS WRENCH INTO REVERSE ENGINEERING:Researchers at UCLA said they’ve developed a game-changing obfuscation mechanism that will put a dent in hackers’ efforts to reverse engineer patches and understand how an underlying piece of software works. ThreatPost, July 30, 2013


The IT Summit would like to thank Citadel Information Group for allowing us to provide this information to you.

Read More | Comments Off on Cyber Security News of the Week, August 4, 2013