SymmetricalDataSecurity: January 2016

Sunday, January 31, 2016

Bugtraq: WP-Comment-Rating XSS Vulnerability

WP-Comment-Rating XSS Vulnerability

from SecurityFocus Vulnerabilities http://ift.tt/1Twd6S2

Bugtraq: OpenXchange | Information Disclosure

OpenXchange | Information Disclosure

from SecurityFocus Vulnerabilities http://ift.tt/1Twd6RY

Bugtraq: VMWare Zimbra Mailer |Â DKIM longterm Mail Replay vulnerability

VMWare Zimbra Mailer |Â DKIM longterm Mail Replay vulnerability

from SecurityFocus Vulnerabilities http://ift.tt/1NL5BPJ

Bugtraq: [SECURITY] [DSA 3460-1] privoxy security update

[SECURITY] [DSA 3460-1] privoxy security update

from SecurityFocus Vulnerabilities http://ift.tt/1NL5Bzt

Saturday, January 30, 2016

New Books, and Even Audio and Video Courses, Added to Library Sale

from TaoSecurity http://ift.tt/1SjGbkz

Google Wants to Fly Drones Over Your Head to Deliver High Speed 5G Internet

Would you enjoy If Drones hovering outside your window or above your head, just because it is offering you High-Speed Internet Service? Most Americans may simply prefer to "Shoot Down" unwelcome items. Well, Google is working on a similar secret project, codenamed Project Skybender, to beam faster internet service, as fast as 5G, from the air. Google is currently testing multiple

from The Hacker News http://ift.tt/1KMiEkb

Bugtraq: FreeBSD Security Advisory FreeBSD-SA-16:11.openssl

FreeBSD Security Advisory FreeBSD-SA-16:11.openssl

from SecurityFocus Vulnerabilities http://ift.tt/1KM8X5g

Friday, January 29, 2016

WhatsApp to Share your Personal Data With Facebook

Recently the Facebook-owned messaging app dropped its $1 annual subscription fee to make WhatsApp Free for Lifetime. Now, WhatsApp has plans to introduce a new feature that would allow its users to integrate their Facebook accounts with the most widely used messaging app.  So far, the social media giant has been focusing on its own messaging platform, Messenger and both

from The Hacker News http://ift.tt/1nuhrIS

Bugtraq: [security bulletin] HPSBHF03419 rev.3 - HPE Networking Products, Remote Denial of Service (DoS), Unauthorized Access

[security bulletin] HPSBHF03419 rev.3 - HPE Networking Products, Remote Denial of Service (DoS), Unauthorized Access

from SecurityFocus Vulnerabilities http://ift.tt/1OVGAFH

FTC Announces Enhancements to IdentityTheft.gov

Original release date: January 29, 2016

The Federal Trade Commission (FTC) has upgraded its IdentityTheft.gov site to provide improved help to victims of identity theft. Enhancements include more personalized response plans for consumers, automatic generation of documents to aid in recovery, and better integration of the site with the FTC's consumer complaint system. Resources are also available for those who want to avoid becoming victims of identity theft.

Consumers are encouraged to visit FTC's IdentityTheft.gov site and review US-CERT's tip on Preventing and Responding to Identity Theft for more information.

This product is provided subject to this Notification and this Privacy & Use policy.

from US-CERT: The United States Computer Emergency Readiness Team http://ift.tt/1PFSel7

Linux Kernel Zero-Day Privilege Escalation Vulnerability – CVE-2016-0728

On January 20, 2016, a new Linux Kernel zero-day vulnerability was disclosed by Perception Point . The vulnerability has the potential to allow attackers to gain root on affected devices by running a malicious Android or Linux application. Our investigation is ongoing; however, at this time we have not identified any Cisco products as exploitable. Should this change, we will publish a Security Advisory on the Cisco Security Portal. Additional Background: The Linux Kernel Zero-Day vulnerability has been present in Linux kernel [...]

from Security – Cisco Blog http://ift.tt/1m2jKBH

Video: Pulse Secure VP says multi-factor authentication won't kill the password

In an interview with ZDNet, Pulse Secure VP of Strategy Kevin Sapp talks about balancing security risks and user access to protect networks.

from Latest topics for ZDNet in Security http://ift.tt/1ZZ9pUI

Bugtraq: Cross-Site Request Forgery (CSRF) Vulnerability in ManageEngine Network

Cross-Site Request Forgery (CSRF) Vulnerability in ManageEngine Network

from SecurityFocus Vulnerabilities http://ift.tt/1RRlQT8

Bugtraq: [security bulletin] HPSBGN03533 rev.1 - HP Enterprise Cloud Service Automation and Codar, Remote Unauthorized Modification

[security bulletin] HPSBGN03533 rev.1 - HP Enterprise Cloud Service Automation and Codar, Remote Unauthorized Modification

from SecurityFocus Vulnerabilities http://ift.tt/1P2eTZD

Bugtraq: ManageEngine Eventlog Analyzer v4-v10 Privilege Esacalation

ManageEngine Eventlog Analyzer v4-v10 Privilege Esacalation

from SecurityFocus Vulnerabilities http://ift.tt/1ntdPqz

HSBC Banking Customers Vent Anger After DDoS Scuppers Service

Access to key online banking systems still not 100%

from http://ift.tt/1TrNZQ6

Bugtraq: [security bulletin] HPSBHF03510 rev.1 - HP Integrated Lights-Out 2/3/4, Remote Unauthorized Modification

[security bulletin] HPSBHF03510 rev.1 - HP Integrated Lights-Out 2/3/4, Remote Unauthorized Modification

from SecurityFocus Vulnerabilities http://ift.tt/1VvxaT7

Bugtraq: [security bulletin] HPSBHF03539 rev.1 - HPE VCX running OpenSSH or BIND, Remote Denial of Service (DoS)

[security bulletin] HPSBHF03539 rev.1 - HPE VCX running OpenSSH or BIND, Remote Denial of Service (DoS)

from SecurityFocus Vulnerabilities http://ift.tt/1VvxcKG

Bugtraq: [security bulletin] HPSBOV03540 rev.1 - HPE OpenVMS TCPIP Bind Services and OpenVMS TCPIP IPC Services for OpenVMS, Remote Disclosure of Information, Execution of Code, Denial of Service (DoS)

[security bulletin] HPSBOV03540 rev.1 - HPE OpenVMS TCPIP Bind Services and OpenVMS TCPIP IPC Services for OpenVMS, Remote Disclosure of Information, Execution of Code, Denial of Service (DoS)

from SecurityFocus Vulnerabilities http://ift.tt/1TrNZQg

This Week in Security News

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days.

Below you’ll find a quick recap of topics followed by links to news articles and/or our blog posts providing additional insight. Be sure to check back each Friday for highlights of the goings-on each week!

Wendy’s Probes Reports of Credit Card Breach

Wendy’s, the nationwide chain of fast-food restaurants, says it is investigating claims of a possible credit card breach at some locations. The acknowledgment comes in response to questions from KrebsOnSecurity about banking industry sources who discovered a pattern of fraud on cards that were all recently used at various Wendy’s locations.

Hackers Hit Israel’s Energy Sector with a Severe Cyber Attack

Israel’s Electricity Authority has been under a “sever cyberattack” since Monday, according to the country’s energy minister. Yuval Steinitz told The Times of Israel a virus had been identified in the energy department, and software that was already in place was working to neutralize it.

Survey Finds 91% of IT Security Execs Say Their Company’s Sensitive Data Is Vulnerable

A recent survey of 1,114 senior IT security executives at large enterprises worldwide has found that fully 91 percent of respondents feel their company’s sensitive data is either somewhat, very, or extremely vulnerable to both internal and external threats.

One In Three Americans Had Their Health Records Breached In 2015

At least 111 million individuals’ data was compromised due to hacking or information technology problems in 2015, according to a report released Wednesday by cloud security company Bitglass, based on numbers made available by the U.S. Department of Health and Human Services.

We Should Be Concerned About Our Nuclear Cybersecurity

The Nuclear Threat Initiative’s security index rightly criticizes other countries for failing to address the threat of cyberattack against their nuclear facilities but overlooks the failings of our own country. However, the report assigns the United States a perfect cybersecurity score.

The SEC Is Working To Ensure Firms Are Implementing Cybersecurity Policies

As part of an effective cybersecurity policy, advisers need to pay more attention to password authentication, fingerprint scanners and other technologies to protect their data. Yet, passwords still remain an issue among users across the Internet.

Computer scores big win against humans in ancient game of Go

Computers just got even more scarily smart. A program designed by Google (GOOG) researchers has become the first to defeat a professional human player at the ancient Asian game of Go.

Please add your thoughts in the comments below or follow me on Twitter; @ChristopherBudd.

from Trend Micro Simply Security http://ift.tt/1nD18do
via IFTTT

Multiple Vulnerabilities in OpenSSL (January 2016) Affecting Cisco Products

On January 28, 2016, the OpenSSL Project released a security advisory detailing two vulnerabilities.

Multiple Cisco products incorporate a version of the OpenSSL package affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to conduct man-in-the-middle attacks on the SSL/TLS connection.

This advisory will be updated as additional information becomes available.

Cisco will release software updates that address these vulnerabilities.

Workarounds that mitigate these vulnerabilities are not available.

This advisory is available at the following link:
http://ift.tt/1PYw2TV

from Cisco Security Advisory http://ift.tt/1PYw2TV

Bugtraq: [security bulletin] HPSBGN03542 rev.1 - HPE Operations Manager for Windows using Java Deserialization, Remote Arbitrary Code Execution

[security bulletin] HPSBGN03542 rev.1 - HPE Operations Manager for Windows using Java Deserialization, Remote Arbitrary Code Execution

from SecurityFocus Vulnerabilities http://ift.tt/1PJOZQ3

Bugtraq: Netlife Photosuite Pro - Client Side Cross Site Scripting Vulnerability

Netlife Photosuite Pro - Client Side Cross Site Scripting Vulnerability

from SecurityFocus Vulnerabilities http://ift.tt/1P1N1ok

UK Sites Pummelled by DDoS Storm in Q4

Attacks spiked over 20% from previous quarter, says Imperva

from http://ift.tt/1PJIs7Q

Government Start-up Support Creates a "Very Exciting Time"

UK government security start-up plan is “another important support mechanism to help develop early stage companies.”

from http://ift.tt/1VvkrQn

HSBC fights off denial of service attack on its internet banking systems

Banking giant says it has successfully defended against the attack and that customer transactions are not affected.

from Latest topics for ZDNet in Security http://ift.tt/1nT92iz

TalkTalk on Ropes Again After Indian Call Centre Staff Arrested

Trio accused of using customer data to launch follow-up fraud attacks

from http://ift.tt/1nsttSQ

What They’re Not Telling You About Global Deduplication

By Rachel Holdgrafer, Content Business Strategist, Code42 When it comes to endpoint backup, is global deduplication a valuable differentiator? Not if data security and recovery are your primary objectives. Backup vendors that promote global deduplication say it minimizes the amount of data that must be stored and provides faster upload speeds. What they don’t say is […]

The post What They’re Not Telling You About Global Deduplication appeared first on Cloud Security Alliance Blog.

from Cloud Security Alliance Blog http://ift.tt/1Tro4bs

Bugtraq: ProjectSend multiple vulnerabilities

ProjectSend multiple vulnerabilities

from SecurityFocus Vulnerabilities http://ift.tt/1nT5JI8

Police Using Planes Equipped with Dirtbox to Spy on your Cell Phones

The Anaheim Police Department of California — Home of Disneyland — admitted that they used special Cell Phone surveillance technology, known as DirtBox, mounted on aircraft to track millions of mobile users activities. More than 400 pages of new documents [PDF] published Wednesday revealed that Local Police and federal authorities are using, DRTBox, an advanced version of Dirtbox developed

from The Hacker News http://ift.tt/1WRxCw9

Android bugs made up 10 percent of Google's $2m bounty payouts - in just five months

Android is shaping up to become one of the more lucrative sources of payments for security researchers in Google's bounty scheme.

from Latest topics for ZDNet in Security http://ift.tt/1JLhPx8

Exclusive: School Websites Contain Pornographic and Gambling Links

A number of school websites contain pages which feature links to gambling, counterfeit goods and pornographic material.

from http://ift.tt/1JLcbuY

SANS: Israel CNI Attack Didn’t Take Out Power Grid

Misreported attack was a ransomware blitz against electric authority’s PCs

from http://ift.tt/1ZYdhFk

Kaspersky Lab Awarded Full Marks from AV-TEST for Small Business Endpoint Protection on Windows 10

Kaspersky Lab has topped the list of endpoint protection products in the most recent review with independent IT security institute AV-TEST, receiving full marks for its Kaspersky Small Office Security product.

from http://ift.tt/1WRgney

Critical OpenSSL Flaw Allows Hackers to Decrypt HTTPS Traffic

The OpenSSL Foundation has released the promised patch for a high severity vulnerability in its cryptographic code library that let attackers obtain the key to decrypt HTTPS-based communications and other Transport layer security (TLS) channels. OpenSSL is an open-source library that is the most widely used in applications for secure data transfers. Most websites use it to enable Secure

from The Hacker News http://ift.tt/1KeDWfe

Thursday, January 28, 2016

Bugtraq: [security bulletin] HPSBHF03538 rev.1 - HPE iMC Service Health Manager (SHM) and iMC PLAT running Adobe Flash, Remote Code Execution, Denial of Service (DoS)

[security bulletin] HPSBHF03538 rev.1 - HPE iMC Service Health Manager (SHM) and iMC PLAT running Adobe Flash, Remote Code Execution, Denial of Service (DoS)

from SecurityFocus Vulnerabilities http://ift.tt/1JKpBHz

Bugtraq: [security bulletin] HPSBHF03535 rev.3 - HPE iMC Service Health Manager (SHM) and iMC PLAT running Adobe Flash, Multiple Remote Vulnerabilities

[security bulletin] HPSBHF03535 rev.3 - HPE iMC Service Health Manager (SHM) and iMC PLAT running Adobe Flash, Multiple Remote Vulnerabilities

from SecurityFocus Vulnerabilities http://ift.tt/1JKpBHu

Bugtraq: CVE-2015-7521: Apache Hive authorization bug disclosure

CVE-2015-7521: Apache Hive authorization bug disclosure

from SecurityFocus Vulnerabilities http://ift.tt/1JKpEmK

OpenSSL Releases Security Advisory

Original release date: January 28, 2016

OpenSSL versions 1.0.2f and 1.0.1r have been released to address vulnerabilities in prior versions. Exploitation of these vulnerabilities may allow a remote attacker to obtain sensitive information.

US-CERT encourages users and administrators to review the OpenSSL Security Advisory and apply the necessary update. For more information, please see Vulnerability Note VU#257823.

This product is provided subject to this Notification and this Privacy & Use policy.

from US-CERT: The United States Computer Emergency Readiness Team http://ift.tt/1QI2RJx

Cisco Unity Connection User Search Cross-Site Scripting Vulnerability

A vulnerability in the HTTP web-based management interface of Cisco Unity Connection could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the affected system's web interface.

The vulnerability is due to insufficient input validation of a user-supplied value. An attacker could exploit this vulnerability by convincing a user to click on a specific link.

Cisco has not released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.

This advisory is available at the following link: http://ift.tt/1PlLM79

from Cisco Security Advisory http://ift.tt/1PlLM79

Cisco Small Business 500 Series Switches Denial of Service Vulnerability

A vulnerability in the web-based GUI of the Cisco Small Business 500 Series Stackable Managed Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.

The vulnerability is due to insufficient handling of HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device.

Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available.

This advisory is available at the following link: http://ift.tt/1nqV1bk

from Cisco Security Advisory http://ift.tt/1nqV1bk

Bugtraq: [SECURITY] [DSA 3459-1] mysql-5.5 security update

[SECURITY] [DSA 3459-1] mysql-5.5 security update

from SecurityFocus Vulnerabilities http://ift.tt/1P0qYOX

Customer Perspective: Five Questions with the Norman Alan Company

Businesswoman preparing presentation on graphical screens

The Norman Alan Company has built its name over the past 11 years by providing a common sense approach to IT for its customers. Founded in 2004, the IT support company focuses its efforts on small businesses which may have been poorly served in the past. Making a name for itself in the Pittsburgh metro area mainly through customer referrals, the Norman Alan Company now provides remote IT support, server monitoring, and internet security to over 300 customers.

Always looking for ways to improve its service offering, the firm became a Trend Micro Managed Service Provider Partner in 2014 in a bid to provide more robust cyber security for its customers. It uses several Microsoft Hyper-V virtualized servers to run its helpdesk software and a main application used for all customer information. The majority of its customers are PC-based businesses with just one or two servers.

Trend Micro chatted to Jeff Kochis, founding member of the Norman Alan Company and 20-year IT veteran, about his firm’s key security challenges.

What are the main customer IT trends you’re seeing?

An increasing number of small businesses are looking at investing in cloud-based platforms. For example, those who once used Windows Small Business Servers are now moving to Microsoft Office 365. It’s a trend repeated all over the US as organizations look to leverage the greater flexibility, business agility and anticipated cost savings that cloud computing could offer them.

What are the challenges associated with this?

Unfortunately, the bad guys are well aware that businesses are flocking to the cloud in ever greater numbers. Small businesses traditionally have fewer resources to throw at the problem so the security of data on PCs, laptops and mobile devices is a concern. Cybercriminals know this, of course, and smaller firms are often seen as a softer target – the path of least resistance.

For us, finding the right security software at the right price for our clients can be a major challenge. We need to ensure from a support perspective that they understand the limitations of cloud-based apps but also that they’re fully protected.

Why Trend Micro?

After 10 years with a well-known security software company, it just wasn’t working any more. Increasing numbers of client machines were getting infected, so we ran a test – setting up a demo machine to visit infected sites. The security solution we had in place did nothing to alert us there was anything wrong with the machine – it just couldn’t detect newer, more advanced malware.

That’s when we came across Worry-Free Business Security from Trend Micro. Unlike our previous solution it would prevent access to those infected sites and immediately alert us something wasn’t right. It was simply a matter of a solution that worked versus a solution that didn’t work. And once our customers found out all the additional features and added protection they were going to get, they were happy to make the switch.

How was deployment?

Deployment has been absolutely seamless for our customers. They have access to a range of security features – including defense against viruses, spyware, and other malware, such as advanced targeted attacks and spear-phishing. Threats are blocked in the cloud in real time by Trend Micro Smart Protection Network. And web reputation prevents access to URLs that pose security risks, while URL filtering controls the websites employees can access.

Worry-Free Business Security also makes it easy for us to manage all of our customers from one console. Even when we hit a few snags on implementation, the Trend Micro guys responded amazingly quickly. In fact, the channel sales representative and support staff have been fantastic. They always get back to us quickly, keep us in the loop, uncover the issue, and resolve it within an hour or two.

What have the results been like?

All of the frustrations we had with our previous security provider have just melted away. We’re more efficient as a company because we waste less time on hold to fix orders, fix licenses, and get tech support. And we have that single pane of glass to manage all our customers. The switch over to Trend Micro was seamless for our clients. In fact, the only thing they’ve probably noticed is that they’re not losing business time any more due to security incidents.

Trend Micro has reduced the amount of work related to antivirus products by a good 25%. Call volumes are down for those customers who have switched over to Trend Micro. What’s more, I’ve found a company that really understands my business needs and that I’ve been able to build an excellent working relationship with. Trend Micro provides a product that actually works and someone to talk to who makes you feel like you are important to the company.

from Trend Micro Simply Security http://ift.tt/1JIJAXd
via IFTTT

Bugtraq: New Era Company CMS - (id) SQL Injection Vulnerability

New Era Company CMS - (id) SQL Injection Vulnerability

from SecurityFocus Vulnerabilities http://ift.tt/1RP1sSt

Bugtraq: Trend Micro Direct Pass - Filter Bypass & Persistent Web Vulnerability

Trend Micro Direct Pass - Filter Bypass & Persistent Web Vulnerability

from SecurityFocus Vulnerabilities http://ift.tt/20uXWhI

USN-2883-1: OpenSSL vulnerability

Ubuntu Security Notice USN-2883-1

28th January, 2016

openssl vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

Ubuntu 15.10

Summary

OpenSSL could be made to expose sensitive information over the network.

Software description

openssl - Secure Socket Layer (SSL) cryptographic library and tools

Details

Antonio Sanso discovered that OpenSSL reused the same private DH exponent
for the life of a server process when configured with a X9.42 style
parameter file. This could allow a remote attacker to possibly discover the
server's private DH exponent when being used with non-safe primes.

Update instructions

The problem can be corrected by updating your system to the following package version:

Ubuntu 15.10:: libssl1.0.0 1.0.2d-0ubuntu1.3

To update your system, please follow these instructions: http://ift.tt/17VXqjU.

After a standard system update you need to reboot your computer to make
all the necessary changes.

References

CVE-2016-0701

from Ubuntu Security Notices http://ift.tt/1NDa6Mq

Panda Security Spotted Over 300 Million Malware Samples in 2015

That’s over a quarter of all malware ever recorded

from http://ift.tt/1Qv679g

Employee Retention is Critical to Solving the Security Skills Shortage

A report from AlienVault shows that the competition for good security employees doesn't stop at the point of hire.

from http://ift.tt/1PlbqJn

DDoS Attacks Hit Record 500 Gbps in 2015

Arbor report claims multi-vector threats are not the norm

from http://ift.tt/1PlbrwP

Respecting Privacy, Safeguarding Data and Enabling Trust

Data Privacy Day is January 28, and this year’s theme examines issues around respecting privacy, protecting data and enabling trust. Today more than ever, any global company is a digitized company, which means that every company is grappling with challenges around privacy, security and trust. As a result, these challenges are no longer an IT-only responsibility and now must be addressed by everyone: vendor, customer, partner, board member and end-user alike. While many security and privacy trends facing global companies [...]

from Security – Cisco Blog http://ift.tt/1nAy0Dx

Google Chrome gets ready to mark all HTTP sites as 'bad'

Google's push for all websites to be HTTPS has so far been all carrot. But the company is now using its big stick: a large red cross through every website that doesn't offer an encrypted connection.

from Latest topics for ZDNet in Security http://ift.tt/1SljKtn

Bugtraq: HCA0005 - Liberty Global - Horizon HD STB - predictable WiFi passphrase

HCA0005 - Liberty Global - Horizon HD STB - predictable WiFi passphrase

from SecurityFocus Vulnerabilities http://ift.tt/20uRqHU

Serious Cybersecurity Challenges Ahead in 2016

By Phillip Marshall, Director of Product Marketing, Cryptzone By now you’ll have settled into the New Year, looking ahead at what’s to come as we move swiftly through January. However, there are numerous unsettling predictions that mean 2016 is a year of many serious cybersecurity challenges – from new types of hacks, skills shortages to increased […]

The post Serious Cybersecurity Challenges Ahead in 2016 appeared first on Cloud Security Alliance Blog.

from Cloud Security Alliance Blog http://ift.tt/1PHz44I

Hackers launch cyberattack against cPanel systems

If you are a user of the web hosting account service, change your password now.

from Latest topics for ZDNet in Security http://ift.tt/1nQXe0b

Kaspersky Lab DDoS Intelligence Report Shows Decrease in Global Reach of Attacks, Increase in Sophistication

Kaspersky Lab has published its DDOS Intelligence Report for Q4 2015*. The reporting period was marked by a decrease in the number of countries where resources are targeted as well as by new attack channels used by cybercriminals to disable resources

from http://ift.tt/1WPlID9