Archive for the ‘ISC’ Category
Posted in ISC on June 15th, 2010 by ISC Handler
Apple released today an advisory for multiple vulnerabilities discovered in Mac OS X. Impacted programs includes CUPS, Desktop Services, Folder Manager, Help Viewer, iChat, ImageIO, Kerberos, libcurl, Network Autorization, Open Directory, Printer Setup, Printing, Ruby, SMB File Server, Squirrelmail, and Wiki Server. Mac users: please download the Mac OS X Server v10.6.4 Update Mac mini (Mid 2010) at http://support.apple.com/downloads/DL1055/en_US/MacOSXSrvUp10.6.4MacminiMid2010.dmg. Better to patch quickly before an exploit goes outside the wild.
More information for the advisory at http://support.apple.com/kb/HT4188.
-- Manuel Humberto Santander Pelez | http://twitter.com/manuelsantander | http://manuel.santander.name | msantand at isc dot sans dot org
(c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
Tags: News |
Posted in ISC on June 15th, 2010 by ISC Handler
Reader Jack showed us notifications that the vulnerability for Microsoft Windows Help and Support Center is being exploited in the wild. More information for this vulnerability at http://www.microsoft.com/technet/security/advisory/2219475.mspx.
To fix this problem, please visit http://support.microsoft.com/kb/2219475and look for the Enable this fix image. It will download a MSI that unregisters the HCPprotocol as a workaround, because there is currently no patch available.
-- Manuel Humberto Santander Pelez | http://twitter.com/manuelsantander | http://manuel.santander.name | msantand at isc dot sans dot org
(c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
Tags: News |
Posted in ISC on June 15th, 2010 by ISC Handler
I live in a country where credit and debit card fraud is pretty high and unfortunately banks have not provided secure means to avoid credit and debitcard cloning. In USA, I have seen OTP devices to access online banking, but credit cards are pretty much the same. I learned that Mastercard will provide credit cards with OTP included. This is great news because will decrease bank fraud a lot.
More information athttp://www.slashgear.com/mastercard-trialling-smart-credit-cards-with-display-keypads-1089351/
-- Manuel Humberto Santander Pelez | http://twitter.com/manuelsantander | http://manuel.santander.name | msantand at isc dot sans dot org
(c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
Tags: News |
Posted in ISC on June 15th, 2010 by ISC Handler
Judy Novak posted on her blog an excellent article of IDS/IPS evations on TCP, showing a real example when linux runs on the destination host. Check it out at http://www.packetstan.com.
-- Manuel Humberto Santander Pelez | http://twitter.com/manuelsantander | http://manuel.santander.name | msantand at isc dot sans dot org
(c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
Tags: News |
Posted in ISC on June 14th, 2010 by ISC Handler
Reader Freddie showed us a Sophos report of an application that has gone rogue by spamming your contacts once you add it to your profile. The application claims to give you access to a video named Teacher nearly killed this boy.
Facebook users: please be careful on the links you visit and applications you add to your profile, even if they claim to give you access to shocking content like this one. Always use applications that comes from a trusted source or you might be helping without knowing a future malware to spread around the world.
More information at: http://www.sophos.com/blogs/gc/g/2010/06/14/teacher-killed-boy-rogue-spamming-facebook-app-large/
-- Manuel Humberto Santander Pelez | http://twitter.com/manuelsantander | http://manuel.santander.name | msantand at isc dot sans dot org
(c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
Tags: News |
Posted in ISC on June 14th, 2010 by ISC Handler
Reader Edward pointed us a interesting link showing there is a small lot of Olympus Stylus Tough 6010 shipped with a malware insidetheirinternal memory. More information at: http://www.sophos.com/blogs/gc/g/2010/06/08/olympus-stylus-tough-camera-carries-malware-infection/
-- Manuel Humberto Santander Pelez | http://twitter.com/manuelsantander | http://manuel.santander.name | msantand at isc dot sans dot org
(c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
Tags: News |
Posted in ISC on June 14th, 2010 by ISC Handler
I saw this interesting project that wants to create a python virtual machine to run inside a microcontroller without an underlying OS. This couldbe the gate to obtain soon a pythonhardware processor.
More information at:http://code.google.com/p/python-on-a-chip/
-- Manuel Humberto Santander Pelez | http://twitter.com/manuelsantander | http://manuel.santander.name | msantand at isc dot sans dot org
(c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
Tags: News |
Posted in ISC on June 14th, 2010 by ISC Handler
Are you a security professional that needs to learn the basis of metasploit but haven't found a source? Darknet consulting (http://darknet-consulting.com/) hasdone a nice video that shows how to use it.
Download the video here: http://darknet-consulting.com/video/vector2/meta101.wmv
-- Manuel Humberto Santander Pelez | http://twitter.com/manuelsantander | http://manuel.santander.name | msantand at isc dot sans dot org
(c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
Tags: News |
Posted in ISC on June 14th, 2010 by ISC Handler
I am a fan of modsecurity (http://www.modsecurity.org/) as a fast and cheap way to get decent protection for application layer attacks. But,as you know, risks are increasing andwhenthe risk analysisperformed to your organization shows that applicationdisruptions have a big impact tothe core business,it's time tostrengthen controls and think about delivering protection from the code itself. I have founduseful PHPIDS library, whichdetectsXSS, SQL Injection, header injection, directory traversal, DoS and LDAP attacks. Since it works from code, you can get the output and send it to your favorite alert vault to correlate security events.
Version 0.6.4 was recently released. Moreinformation athttp://php-ids.org/2010/06/06/phpids-0-6-4-is-ready/
Want to use same functionality in perl? Tryhttp://search.cpan.org/dist/CGI-IDS/lib/CGI/IDS.pm.It isbasedon php-ids.
-- Manuel Humberto Santander Pelez | http://twitter.com/manuelsantander | http://manuel.santander.name | msantand at isc dot sans dot org
(c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
Tags: News |
Posted in ISC on June 14th, 2010 by ISC Handler
Many researchers have tried unsuccessfuly to use artificial intelligence(AI)to program bots to interact with humans and gather information, because the human party detects the bot very soon and drop the conversation. Well, there is now a man-in-the-middle bot that relays messages between two people to avoid detection by the parties involved in the conversations. Also detects gender of the people involved in the conversation and alters the messages accordingly. Pretty cool stuff.
Want to read the paper? Check the following document: http://seclab.tuwien.ac.at/papers/autosoc-leet2010.pdf
-- Manuel Humberto Santander Pelez | http://twitter.com/manuelsantander | http://manuel.santander.name | msantand at isc dot sans dot org
(c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
Tags: News |