Independent – Page 231 – Computer Security Articles

Credit to Author: SSD / Maor Schwartz| Date: Wed, 22 Nov 2017 06:26:27 +0000

Vulnerabilities Summary The following advisory describes three (3) vulnerabilities found in Cambium Network Updater Tool and Networks Services Server. The Network Updater Tool is “a free-of-charge tool that applies packages to upgrade the device types that the release notes for the release that you are using list as supported. Because this tool is available, an … Continue reading SSD Advisory – Cambium Multiple Vulnerabilities

ComputerWorld Independent

November 22, 2017 admin

The best mobile threat defense is mobile threat detection

Credit to Author: Lucas Mearian| Date: Wed, 22 Nov 2017 03:34:00 -0800

As enterprises push ahead with mobile-first strategies – and employee smartphones and tablets increasingly becoming business tools – the importance of mobile threat defense (MTD) is growing.

Using mobile threat detection and defense, however, is no small task; the technology must cover applications, networks and device-level threats to iOS and Android phones and tablets to be effective.

“We talk about mobile threat defense, rather than detection – the reason being these solutions not only detect, but also can prevent and remediate threats,” said Dionisio Zumerle, research director for mobile security at Gartner.

The MTD market is growing in terms of adoption, and has started to attract attention from endpoint protection platform (EPP) vendors and in other related markets, according to a recent report from Gartner.

To read this article in full, please click here

Independent Securiteam

November 21, 2017 admin

SSD Advisory – DblTek Multiple Vulnerabilities

Credit to Author: SSD / Maor Schwartz| Date: Tue, 21 Nov 2017 12:14:39 +0000

Vulnerabilities summary The following advisory describes 2 (two) vulnerabilities found in DblTek webserver. DBL is “specialized in VoIP products, especially GoIPs. We design, develop, manufacture, and sell our products directly and via distributors to customers. Our GoIP models now cover 1, 4, 8, 16, and 32-channel in order to meet the wide range of market … Continue reading SSD Advisory – DblTek Multiple Vulnerabilities

Independent Securiteam

November 21, 2017 admin

SSD安全公告–GraphicsMagick多个漏洞

Credit to Author: SSD / Maor Schwartz| Date: Tue, 21 Nov 2017 08:58:38 +0000

漏洞概要以下安全公告描述了在GraphicsMagick中发现的两个漏洞。 GraphicsMagick是“图像处理方面的瑞士军刀。基础包中的源码共有267K行(根据David A. Wheeler统计)，它提供了强大而有效的工具和库，支持读，写超过88种主要图像处理格式，包括DPX，GIF，JPEG，JPEG-2000，PNG，PDF，PNM和TIFF等重要格式。在GraphicsMagick中发现的两个漏洞是：内存信息泄露堆溢出漏洞提交者一位独立的安全研究人员Jeremy Heng（@nn_amon）和Terry Chia（Ayrx）向 Beyond Security 的 SSD 报告了该漏洞厂商响应厂商已经发布了这些漏洞的补丁(15237:e4e1c2a581d8 and 15238:7292230dd18)。获取更多信息： ftp://ftp.graphicsmagick.org/pub/GraphicsMagick/snapshots/ChangeLog.txt 漏洞详细信息内存信息泄露 GraphicsMagick易受到magick/describe.c文件的DescribeImage函数中存在内存信息泄露漏洞影响。负责打印包含的IPTC配置文件信息的图像中的这一部分代码存在漏洞。该漏洞可以通过特制的MIFF文件触发。存在漏洞的代码路径如下： [crayon-5a14a6571e4e8110629866/] profile_length变量中的值在MIFF头中的profile-iptc = 8字段设置当访问profile [i]时，因为不检查i的值，所以会出现越界访问。如果断在describe.c第738行，在执行strncpy操作的时候我们可以获取到堆中的内容。 [crayon-5a14a6571e4f3204539767/] 0x08000a001c414141是我们植入MIFF文件中的payload。 [crayon-5a14a6571e4f8559265142/] 检查与payload相邻的值0x00007ffff690fba8，发现它其实是libc中main_arena结构中的一个地址。 [crayon-5a14a6571e4fc975205403/] 现在我们可以计算到libc base的偏移量 – 0x3c4b98 漏洞证明 $ python miff/readexploit.py [+] Starting local process ‘/usr/bin/gm’: pid … Continue reading SSD安全公告–GraphicsMagick多个漏洞

Independent Krebs

November 21, 2017 admin

Correcting the Record on vDOS Prosecutions

Credit to Author: BrianKrebs| Date: Tue, 21 Nov 2017 13:11:31 +0000

KrebsOnSecurity recently featured a story about a New Mexico man who stands accused of using the now-defunct vDOS attack-for-hire service to hobble the Web sites of several former employers. That piece stated that I wasn’t aware of any other prosecutions related to vDOS customers, but as it happens there was a prosecution in the United Kingdom earlier this year of a man who’s admitted to both using and helping to administer vDOS. Here’s a look at some open-source clues that may have led to the U.K. man’s arrest.

ComputerWorld Independent

November 20, 2017 admin

Symphony targets collaboration users outside financial services

Credit to Author: Matthew Finnegan| Date: Mon, 20 Nov 2017 11:03:00 -0800

Symphony has been called a ‘Bloomberg-killer’ since its launch in 2014 because it offers a cheaper alternative to the chat function in the popular data terminals long considered a mainstay for traders.

The secure messaging and collaboration platform started out as an in-house chat tool at Goldman Sachs, providing secure communications between employees and allowing them to easily share sensitive documents. Symphony is now valued at over $1 billion, according to reports, and has 235,000 subscribers, with users that range from traders and portfolio managers to salespeople and risk managers.

To read this article in full, please click here

Independent Krebs

November 20, 2017 admin

Fund Targets Victims Scammed Via Western Union

Credit to Author: BrianKrebs| Date: Mon, 20 Nov 2017 14:25:09 +0000

If you, a friend or loved one lost money in a scam involving Western Union, some or all of those funds may be recoverable thanks to a more than half-billion dollar program set up by the U.S. Federal Trade Commission.

ComputerWorld Independent

November 20, 2017 admin

Matrix Banker malware spreads to multiple industries | Salted Hash Ep 7

The Matrix Banker malware, first found in Latin America, is now gaining a foothold in diversified targets. Steve Ragan breaks down the threat with Justin Fier, director for cyber intelligence and analysis at Darktrace.