December 2017 – Page 11 – Computer Security Articles

December 19, 2017 admin

Fireside Chat with Security7: How this MSSP is Enhancing Security through the Cloud while Reducing Customer Costs

Credit to Author: John Maddison| Date: Tue, 19 Dec 2017 13:45:59 +0000

Security7 Networks is an MSSP focused on delivering security and compliance services to small- and medium-sized enterprises. The company, focusing on intelligence in depth, provides an innovative suite of products to help customers identify risk, improve their ability to defend against cyberthreats, and centralize visibility and control. For several years, Security7 has used Fortinet products to deliver cloud-based security services to its customers.

ComputerWorld Independent

December 19, 2017 admin

Windows 7 update guide: How 'security-only' and 'monthly rollups' differ

Credit to Author: Gregg Keizer| Date: Tue, 19 Dec 2017 04:52:00 -0800

It’s been more than a year since Microsoft ended the decades-old practice of letting customers choose which patches they apply, and instead instituted a cumulative update maintenance model for Windows 7 and its shadow-of-a-sibling, Window 8.1.

And yet some users still don’t grasp the new scheme.

“There are plenty of people who don’t know which kind of update they should use,” Chris Geottl, product manager with client security and management vendor Ivanti, said in a recent interview. “‘Which one should I do? What non-security features are included in the monthly rollup? There’s still some confusion.”

No wonder there.

Microsoft asked for a lot last year. It asked enterprise IT administrators to upend ingrained patching practices. It asked them to make radical changes to how they maintain Windows 7 deep into its lifecycle, when there were just three years and change remaining before retirement, a phase most admins probably thought they’d be coasting as they prepped for Windows 10. It asked customers to absorb new terminology. And it changed the rules more than once after the new process debuted.

To read this article in full, please click here

Security Wired

December 19, 2017 admin

In ‘Star Wars: The Last Jedi’, the Resistance Keeps Making the Same Tactical Mistake

Credit to Author: Angry Staff Officer| Date: Tue, 19 Dec 2017 12:00:00 +0000

The urge to fight one decisive battle has undone countless real-world rebellions—and those in the Star Wars universe as well.

Security Wired

December 19, 2017 admin

In _Star Wars: The Last Jedi_, the Resistance Keeps Making the Same Tactical Mistake

Credit to Author: Angry Staff Officer| Date: Tue, 19 Dec 2017 12:00:00 +0000

The urge to fight one decisive battle has undone countless real-world rebellions—and those in the Star Wars universe as well.

ScadaICS Schneider

December 18, 2017 admin

Web Platform with Angular & GraphQL

Credit to Author: Jean-Yves Couet| Date: Mon, 18 Dec 2017 21:56:26 +0000

Our team is on a #IIoT project with Angular, GraphQL, NodeJS, JEST, Mongoose, MongoDB, Microsoft Azure and IoTHub. All that around VSTS as Version Control, Build System, Tests management and… Read more »

The post Web Platform with Angular & GraphQL appeared first on Schneider Electric Blog.

ScadaICS Schneider

December 18, 2017 admin

LED Lighting and the Pitfalls of Power Quality Issues

Credit to Author: Shoumi Sen| Date: Mon, 18 Dec 2017 21:24:57 +0000

The LED won a Noble Prize. Specifically, the team behind inventing the blue light-emitting diode (LED) won the prestigious prize in 2014. Red and green LEDs had been around since… Read more »

The post LED Lighting and the Pitfalls of Power Quality Issues appeared first on Schneider Electric Blog.

Independent Securiteam

December 18, 2017 admin

SSD安全公告-QNAP QTS未经认证的远程代码执行漏洞

Credit to Author: SSD / Maor Schwartz| Date: Mon, 18 Dec 2017 08:04:57 +0000

漏洞概要以下安全公告描述了QNAP QTS的一个内存损坏漏洞，成功利用该漏洞会造成QNAP QTS 4.3.x和4.2.x版本（包括4.3.3.0299）未经验证的远程代码执行。威联通科技（QNAP Systems, Inc）专注于为企业，中小型企业，SOHO和家庭用户提供文件共享，虚拟化，存储管理和监控应用的网络解决方案。 QNAP QTS是标准的智能NAS操作系统，支持所有文件共享，存储，备份，虚拟化和多媒体QNAP设备。漏洞提交者一位安全研究者TRUEL IT（@truel_it）向 Beyond Security 的 SSD 报告了该漏洞厂商响应 QNAP已被告知该漏洞，并回复：“我们已经确认这个问题与最近的另一份报告相同，并已经发布了CVE-2017-17033。尽管这份报告是重复的，但我们仍然会在即将发布的安全公告中对两位报送者表示感谢。同时，在即将发布的QTS 4.2.6和4.3.3版本中将修复该漏洞。” CVE: CVE-2017-17033 漏洞详细信息由于缺乏适当的边界检查，可以通过特制的HTTP请求溢出堆栈缓冲区并劫持控制流以实现任意代码执行。 authLogin.cgi负责显示来自Web界面的系统信息，并且包含在用户提供的输入进行无限制的sprintf调用中。 authLogin.cgi二进制文件，位于QTS文件系统的/home/httpd/cgibin/目录中，可通过请求端点/cgi-bin/sysinfoReq.cgi进行访问。该二进制文件是QTS的一部分，并充当几个功能的包装器。易受攻击的调用位于handle_qpkg()（0x1C680）函数中，该函数由handle_sysInfoReq()（0x1D398）调用，以显示当前系统信息（型号名称，固件版本，ecc）。 [crayon-5a383ee2c6288334669193/] 通过向sysinfoReq.cgi发送一个HTTP请求，handle_sysInfoReq()（0x1D398）函数被触发，并且根据提供的参数，可以处理不同的进程步骤。 [crayon-5a383ee2c628f233726429/] 如果提供了qpkg HTTP参数，则调用handle_qpkg()（0x1C680）函数。 [crayon-5a383ee2c6292299287155/] handle_qpkg()函数不会验证用户提供的lang HTTP参数值。正如上面的代码路径所示，未经身份验证的攻击者可以为所述参数提供任意大小的值，然后通过sprintf()函数调用将其连接到静态大小（堆栈）缓冲区上的现有字符串。漏洞证明通过发送以下POST请求，我们将使堆栈溢出并用XXXX覆盖qpkg_all_info缓冲区的值，并用YYYY覆盖handle_qpkg()参数返回地址的值，从而造成崩溃。 [crayon-5a383ee2c6295336007302/] 产生以下崩溃： [crayon-5a383ee2c629a114636077/]

Independent Krebs

December 18, 2017 admin

The Market for Stolen Account Credentials

Credit to Author: BrianKrebs| Date: Mon, 18 Dec 2017 19:13:53 +0000

Past stories here have explored the myriad criminal uses of a hacked computer, the various ways that your inbox can be spliced and diced to help cybercrooks ply their trade, and the value of a hacked company. Today’s post looks at the price of stolen credentials for just about any e-commerce, bank site or popular online service, and provides a glimpse into the fortunes that an enterprising credential thief can earn selling these accounts on consignment.