November 11th, 2009

Apple Safari exposes Windows to drive-by download attacks

Posted by Ryan Naraine @ 1:37 pm

Categories: Apple, Arbitrary Code Execution, Browsers, Data theft, Denial of Service (DoS), Exploit code, Malware, Microsoft, Passwords, Patch Watch, Pen testing, Responsible disclosure, Spyware and Adware, Vulnerability research

Tags: Apple Macintosh, Apple Safari, Microsoft Windows XP, Microsoft Windows Vista, Apple Inc., Attack, WebKit, Microsoft Windows, Apple Mac OS X, Apple Mac OS

Apple today shipped Safari 4.0.4 to fix a total of seven security flaws that expose Windows and Mac users to a wide range of malicious hacker attacks.

The high-priority update patches vulnerabilities that allow remote code execution (drive-by downloads) if a user simply surfs to a maliciously rigged Web site.  Some of the issues affect Microsoft’s new Windows 7 operating system.
Read the rest of this entry »

November 10th, 2009

Adobe plugs security hole in Photoshop Elements

Posted by Ryan Naraine @ 4:15 pm

Categories: Adobe, Arbitrary Code Execution, Browsers, Data theft, Denial of Service (DoS), Locally Running Web Servers, Patch Watch, Pen testing

Tags: Adobe Systems Inc., Adobe PhotoShop, Adobe PhotoShop Elements, Security, Patches, Ryan Naraine

Adobe has shipped a patch to cover a security vulnerability affecting its Photoshop Elements software product.

The flaw, rated moderate, affects Adobe Photoshop Elements versions 8.0 and 7.0. It could be exploited by a hacker with valid login credentials and/or physical access to execute arbitrary commands with elevated privileges. Read the rest of this entry »

November 10th, 2009

Microsoft patches Windows worm holes, drive-by download flaws

Posted by Ryan Naraine @ 11:22 am

Categories: Arbitrary Code Execution, Browsers, Data theft, Denial of Service (DoS), Exploit code, Malware, Microsoft, Patch Watch, Pen testing, Responsible disclosure

Tags: Attacker, Flaw, Window, Vulnerability, Severity, Microsoft Corp., Microsoft Windows, Security, Operating Systems, Software

As part of its scheduled batch of patches for November, Microsoft today issued six security bulletins with fixes for a total of 15 vulnerabilities affecting its Windows and Office product lines.

Three of the six bulletins are rated “critical,” meaning they can be used to launch remote code execution or worm attacks without any user action.  One of the Windows vulnerabilities could expose users to drive-by malware attacks via the browser, Microsoft warned.

Read the rest of this entry »

November 10th, 2009

Why is Apple meddling with my Windows AutoRun?

Posted by Ryan Naraine @ 6:46 am

Categories: Apple, Arbitrary Code Execution, Browsers, Data theft, Denial of Service (DoS), Digital rights management, Exploit code, Malware, Microsoft, Pen testing, Punditocracy, iPhone

Tags: Operating System, Apple Inc., Microsoft Windows, Apple iTunes, Digital Music, Digital Media, Operating Systems, Personal Technology, Consumer Electronics, Software

Guest editorial by Costin Raiu

In every system designed by man, there is always a balance between features, usability and security. While designing pretty, easy to use and secure systems is possible, quite often this is not what the users get, or worse, this is not what the users want.

The most popular example of this applies to Apple. Focusing on eye-catching designs and easy to use products, Apple is listed in almost every marketing book as a success story.

Interestingly, maybe their second most popular software product, Mac OS X (after iTunes) represents a curious blend between eye-catching, easy to use, flexible, usable and decently secure, modern operating system. Please notice how I avoided saying “secure” and instead, wrote “decently secure”. Read the rest of this entry »

November 3rd, 2009

Adobe Shockwave haunted by critical security holes

Posted by Ryan Naraine @ 12:12 pm

Categories: Adobe, Arbitrary Code Execution, Browsers, Data theft, Exploit code, Flash, Malware, Patch Watch, Pen testing, Responsible disclosure, Spam and Phishing, Viruses and Worms, Vulnerability research

Tags: Adobe Systems Inc., Shockwave, Vulnerability, Shockwave Player, Security, Ryan Naraine

Adobe today released a patch to fix several serious security flaws in its Shockwave Player software.

The update, which is rated “critical,” addresses a total of five documented vulnerabilities.  The most serious flaw could allow remote code execution attacks against Windows and Mac users. Read the rest of this entry »

October 22nd, 2009

Metasploit + Rapid7 shakes up pen-test landscape

Posted by Ryan Naraine @ 10:21 am

Categories: Arbitrary Code Execution, Botnets, Browsers, Complex Attacks, Exploit code, Locally Running Web Servers, Malware, Metasploit, Microsoft, Patch Watch, Pen testing

Tags: Penetration Testing, Microsoft Corp., Exploit, R7, Immunity, Marketing Research, Marketing, Ryan Naraine

Guest Editorial by Nick Selby

With the acquisition of Metasploit (MS) by Rapid7 (R7), the dynamics within the small penetration testing market have changed. We believe that more competition will challenge each of the three main penetration testing software vendors in different ways, and that this new competitive landscape will quickly inure to the benefit of end users and buyers.

To radically simplify, the dynamics have been that Core Security sat at the top of the marketplace in terms of price, scale and enterprise usability; Immunity Security cleaned up at the lower end of the enterprise market and dominated for vendors and professional services types, who also used MS as a free tool. Read the rest of this entry »

October 22nd, 2009

Gaping security hole in Time Warner cable routers

Posted by Ryan Naraine @ 9:11 am

Categories: Arbitrary Code Execution, Browsers, Complex Attacks, Data theft, Exploit code, Java, Mobile (In)Security, Passwords, Patch Watch, Pen testing, Phishing, Responsible disclosure

Tags: Security, Time Warner Inc., Router, Network, Time Warner Cable Inc., Chen, Routers & Switches, Network Technology, Networking, Ryan Naraine

A gaping security hole in cable modems distributed to Time Warner/Road Runner customers could potentially be exploited remotely to access private networks and possibly capture and manipulate private data.

That’s the warning issued by David Chen, a blogger and start-up founder who discovered he could trivially access a customer’s  of Time Warner’s SMC8014 series cable modem/Wi-Fi router combo by simply disabling JavaScript in the browser to access hidden features in the router’s admin interface. Read the rest of this entry »

October 20th, 2009

GAO report: NASA at 'high risk' of data breach

Posted by Ryan Naraine @ 5:29 am

Categories: Anti Virus, Arbitrary Code Execution, Botnets, Complex Attacks, Data theft, Exploit code, Locally Running Web Servers, Passwords, Patch Watch, Pen testing, Punditocracy, Responsible disclosure

Tags: NASA, General Accounting Office, Audior, Security, Strategy, Management, Ryan Naraine

The U.S. Government Accountability Office (GAO) has painted a bleak picture of the NASA’s IT security posture.

An audit of the space agency’s computer systems found weaknesses in several critical areas, especially in the way NASA implemented access controls like user accounts, passwords and the encryption of sensitive data. Read the rest of this entry »

October 19th, 2009

Microsoft: Human error caused critical SMB2 vulnerability

Posted by Ryan Naraine @ 9:35 am

Categories: Adobe, Arbitrary Code Execution, Browsers, Complex Attacks, Data theft, Denial of Service (DoS), Exploit code, Flash, Hackers, Malware, Microsoft, Mozilla, Open source, Pen testing, Punditocracy, Responsible disclosure

Tags: Analysis Tool, Vulnerability, Bug, Microsoft Corp., Humans, Microsoft Windows, Microsoft Windows 7, Productivity, Operating Systems, Security

Microsoft is blaming human error for one of the critical SMB v2 vulnerabilities that exposed Windows users to remote code execution attacks and argues that it’s near impossible to catch these types of bugs with existing code review tools and techniques.

According to a post-mortem of the issue by Redmond security guru Michael Howard (right), the company detected the vulnerable code “very late” in the Windows 7 development process but argued that there are no static analysis tools or SDL requirements that would spot this type of human error.

Read the rest of this entry »

October 19th, 2009

Commonwealth fined $100k for not mandating antivirus software

Posted by Dancho Danchev @ 8:11 am

Categories: Anti Virus, Botnets, Browsers, Data theft, Hackers, Malware, PCI, Passwords, Pen testing, Privacy, Rootkits

Tags: Electronic Banking, Antivirus Software, Commonwealth Financial Network, Banking, Security, Viruses And Worms, Financial Services, Dancho Danchev

According to a recently published SEC cease-and-desist order, the Commission has recently fined Commonwealth Financial Network $100,000, for not mandating antivirus software on the computers of its representatives, leading to a security incident which took place in November 2008, allowing the cybercriminal behind the attack to place eighteen unauthorized purchase orders, resulting in $523,000 of unauthorized purchases.

Despite Commonwealth’s brisk reaction which greatly minimized the financial impact of the compromised accounts, the incident took place shortly after a representative contacted the IT Help Desk indicating a malware infection might have taken place without receiving “follow-up” attention:

Read the rest of this entry »