* You are viewing the archive for August, 2010

Dept of State CISO to Speak at NoVA ISSA Chapter Meeting

If you happen to be near northern Virginia on 16 Sept 2010, you can catch the US Department of State’s CISO – John Streufert – speak at the Northern Virginia ISSA chapter meeting. John Streufert is interesting because he and his team are one of the first to break ranks with FISMA and create what they call a “continuous monitoring” security metrics program instead.I look forward to this presentation.References:http://www.issa-nova.org/default.aspxemail: david @ sharpesecurity.com website: http://www.sharpesecurity.com/Twitter: twitter.com/sharpesecurity

Share

Back to School Special on Fake AV

Emails were found circulating yesterday masquerading as school parking permit receipts. Below is an example:Parking Permit and/or Benefit Card Order Receipt – 396521 Parking Permit and/or Benefit Card Receipt for Date:Wed, 25 Aug 2010 16:43:59 +0200Grossmont-Cuyamaca Community College District Your Credit Card has been charged $40.00. “GROSSMONT-CUYA PARKING” will appear on your credit card statement. A summary of the contents of your order are shown below. Please note that each item will be mailed individually. ———————————————————————— Order # Description Amount ———————————————————————— 0GU843621 Student Fall Permit … Continue Reading

Share

Adobe Shockwave Player 11.5.8.612 Released

Adobe addresses 20 security issues in this update. The 20 relevant CVEs are listed in the link below.Adobe Shockwave player is a relatively easy upgrade to deploy, just remember to make sure all old versions of the player software get removed so that follow up vulnerability scans and your software asset inventory data are clean and show only fully patched versions.References: http://www.adobe.com/support/security/bulletins/apsb10-20.htmlemail: david @ sharpesecurity.com website: http://www.sharpesecurity.com/Twitter: twitter.com/sharpesecurity

Share

Google Chrome 5.0.375.127 Released

Google Chrome 5.0.375.127 has been released for Windows, Mac, and Linux. The update includes fixes for nine vulnerabilities, six of which are classified as critical.References:http://googlechromereleases.blogspot.com/2010/08/stable-channel-update_19.htmlhttp://sites.google.com/a/chromium.org/dev/Home/chromium-securityemail: david @ sharpesecurity.com website: www.sharpesecurity.comTwitter: twitter.com/sharpesecurity

Share

Writing a Social Media Policy

There are lots of ways to product a viable social media policy document. This article lays out one simple template. The links in the references section show other methods and ideas for accomplishing the same thing.EXAMPLEPolicyA broad general statement saying you disallow social media goes here if you don’t allow it at all. Otherwise, say that you permit the use of social media within certain guidelines. Specifically mention that people covered by this policy must protect themselves and the organization’s shareholders, brand, reputation, and assets. Indicate what actions failure to comply with the … Continue Reading

Share

Adobe Reader 9.3.4 and 8.2.4 Released for Windows and Apple Mac

Included in the changes in these releases are a fix the security issue reported last month by Charlie Miller at the Black Hat USA 2010 conference.The GDI object leak problem described here is still present in this latest release of Adobe Reader.References:http://www.adobe.com/support/security/bulletins/apsb10-17.htmlemail: david @ sharpesecurity.com website: www.sharpesecurity.comTwitter: twitter.com/sharpesecurity

Share

Have You Scanned Your Network for Any Vulnerable VxWorks Devices Yet?

VxWorks is an embedded operating system found on a wide variety of devices – including some things commonly found on enterprise networks like network storage devices, printers, external RAID controllers, and some other types of control devices. You should probably scan your networks using something like the new VxWorks scanning facility in Metasploit to be assured that you don’t have any vulnerable devices on your network. The links below will help you get started.References:Description of current issues with VxWorks:http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.htmlUS-CERT advisoryhttp://www.kb.cert.org/vuls/id/362332Wikipedia link describing VxWorks – includes list … Continue Reading

Share

Apple Quicktime Player 7.6.7 Released

Apple has released version 7.6.7 of their Quicktime Player for Windows. This version contains a security fix as described in the first link below.References:Security content: http://support.apple.com/kb/HT4290Download location: http://support.apple.com/kb/HT1222email: david @ sharpesecurity.com website: www.sharpesecurity.comTwitter: twitter.com/sharpesecurity

Share

Apple iOS 4.0.2 Released for iPhone and iPod Touch. 3.2.2 for iPad

Apple has released iOS version 4.0.2 for the iPhone and iPod Touch. Version 3.2.2 was released for the iPad. These releases fix the two vulnerabilities exploited by jailbreakme.com.References:http://support.apple.com/kb/HT4291iOS 4.0.2 for iPhone 4iOS 4.0.2 for iPhone 3GSiOS 3.2.2 for iPademail: david @ sharpesecurity.com website: www.sharpesecurity.comTwitter: twitter.com/sharpesecurity

Share

Adobe ColdFusion Security Update Released

Adobe has released a security update for ColdFusion. The issue affects ColdFusion versions 9.0.1, 9.0, 8.0.1 and 8.0. The update patches for each version are available at the second link below.References:http://www.adobe.com/support/security/bulletins/apsb10-18.htmlhttp://kb2.adobe.com/cps/857/cpsid_85766.htmlemail: david @ sharpesecurity.com website: www.sharpesecurity.comTwitter: twitter.com/sharpesecurity

Share

AdobeFlash Media Server 3.5.4 or 3.0.6 Released

Adobe has released versions 3.5.4 and 3.0.6 of their Flash Media Server software. These new versions contain security-related updates according to the release notes.References:http://www.adobe.com/support/security/bulletins/apsb10-19.htmlemail: david @ sharpesecurity.com website: www.sharpesecurity.comTwitter: twitter.com/sharpesecurity

Share

Adobe Flash Player 10.1.82.76 and 9.0.280 Released

Adobe has released versions 10.1.82.76 and 9.0.280 of their Flash player product. These new versions contain security-related updates according to the release notes.References:http://www.adobe.com/support/security/bulletins/apsb10-16.htmlemail: david @ sharpesecurity.com website: www.sharpesecurity.comTwitter: twitter.com/sharpesecurity

Share

New FoxIt Version 4.1.1.0805 Released – Contains Security Fixes

According to the release notes, version 4.1.1.0805 of the Foxit Reader fixes a bug (new iPhone/iPad jailbreak issue) that can be used to remotely exploit a victim machine.References:http://www.foxitsoftware.com/announcements/2010861227.htmlDownload location: http://www.foxitsoftware.com/pdf/reader/addons.phpemail: david @ sharpesecurity.com website: www.sharpesecurity.comTwitter: twitter.com/sharpesecurity

Share

Security Fix Released for Citrix ICA Client

Citrix has released a fix for a remotely exploitable vulnerability in ICA Client versions 12.0.0.6410 and 11.2.0.31560 and all versions of the OnlinePlug-in for Windows for versions less than 12.0.3. Citrix recommends upgrading affected client installations to the latest version – which is currently 12.0.3.References:http://seclists.org/fulldisclosure/2010/Aug/50http://citrix.com/English/ss/downloads/details.asp?downlaodld=2301299&productId=186email: david @ sharpesecurity.com website: www.sharpesecurity.comTwitter: twitter.com/sharpesecurity

Share

New Adobe Reader Version due out Week of 16 – 20 August 2010

Adobe has announced that a security update will be released in the form of a new Adobe Reader version sometime in the week of 16 – 20 August 2010.References:http://www.adobe.com/support/security/bulletins/apsb10-17.htmlemail: david @ sharpesecurity.com website: www.sharpesecurity.comTwitter: twitter.com/sharpesecurity

Share

New NBISE Infosec Certs

I am surprised to see supportive comments from SANS’ Alan Paller in the threatpost.com link below, given that SANS might lose a profitable revenue stream from its own GIAC certification program if NBISE is successful in its goal “to supplant a hodge podge of private and industry certifications for IT security practitioners, including the CISSP and certificate programs run by the SANS Institute and other industry and private groups”. From the second and third links below, I see Alan Paller listed as a board member for NBISE.Are these proposed new NBISE certs intended to replace those from … Continue Reading

Share

RIM BlackBerry Security in India and the Middle East

The change in India might be a problem for some. If you have staff, offices, or contractors in any of the affected countries you might want to run these changes past your Legal/Compliance people.References:http://www.schneier.com/blog/archives/2010/08/uae_to_ban_blac.htmlhttp://www.reuters.com/article/idUSTRE67151F20100803http://www.ft.com/cms/s/0/38a8da8e-9d41-11df-a37c-00144feab49a.htmlhttp://finance.yahoo.com/news/UAE-says-BlackBerry-is-apf-959472235.html?x=0email: david @ sharpesecurity.com website: www.sharpesecurity.comTwitter: twitter.com/sharpesecurity

Share