Monthly Archives: May 2015

Panda Security

Panda Security Uncovers Ongoing Attack Against Oil Tankers

Panda Security has released “Operation Oil Tanker: The Phantom Menace”, a groundbreaking report that details a malicious and largely unknown targeted attack on oil tankers.

First discovered by Panda Security in January 2014, the ongoing attack on oil cargos began in August 2013, and is designed to steal information and credentials for defrauding oil brokers.

Despite having been comprised by this cyber-attack, which Panda has dubbed “The Phantom Menace”, none of the dozens of affected companies have been willing to report the invasion and risk global attention for vulnerabilities in their IT security networks.

“The Phantom Menace” is one of the most unique attacks that PandaLabs has discovered. No antivirus engine was able to detect it when first triggered, primarily because the attackers used legitimate tools in conjunction with a number of self-made scripts to bypass any warnings that traditional AV software would detect. It was only discovered when a secretary opened a nonspecific attachment to an email – a type of file that Panda Security would later identify among ten different companies in the oil and gas maritime transportation sector.

“Initially this looked like an average non-targeted attack. Once we dug deeper, though, it became clear that this was a systematic, targeted attack against a specific sector in the oil industry,” said Luis Corrons, PandaLabs Technical Director of Panda Security, and report author. “We can limit the impact of this potentially catastrophic cyber-attack, but only if the victimized companies are willing to come forward”.

oil tanker, attack, phantom

Identifying the source of a cyber-attack is tremendously challenging

In most cases, identifying the source of a cyber-attack is tremendously challenging. Once discovered, however, “The Phantom Menace” had a telling weak spot: the FTP connection used to send out the stolen credentials. Through the FTP connection, PandaLabs was able to identify both an email address and name.

Panda Security stands ready to identify the individual to authorities, but without any credible reports being volunteered by the alleged victims, the authorities are unable to launch their investigations or make any arrests.

Panda Security hopes the release of its report will shed light on the potential damage of “The Phantom Menace” and encourage companies to take the necessary steps against the perpetrator.

To read “Operation ‘Oil Tanker: The Phantom Menace”, please visit here.

The post Panda Security Uncovers Ongoing Attack Against Oil Tankers appeared first on MediaCenter Panda Security.

CentOS

CESA-2015:1012 Important CentOS 5 thunderbirdSecurity Update

CentOS Errata and Security Advisory 2015:1012 Important

Upstream details at : https://rhn.redhat.com/errata/RHSA-2015-1012.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

i386:
017951e5e03b5565f74f4496298b8b7c9d231fd6011ba112f1ec81b755d24c90  thunderbird-31.7.0-1.el5.centos.i386.rpm

x86_64:
fb96c7d30dcefe60c58b718edac792610fa818b7705f2659e41c464a7e097087  thunderbird-31.7.0-1.el5.centos.x86_64.rpm

Source:
888bd17093cc65b0327c0c3d319585babde93413e4824866335d0c234abdcfea  thunderbird-31.7.0-1.el5.centos.src.rpm
Fedora

Fedora 21 Security Update: mingw-LibRaw-0.16.2-1.fc21

Resolved Bugs
1221249 – CVE-2015-3885 dcraw: input sanitization flaw leading to buffer overflow
1221254 – CVE-2015-3885 mingw-LibRaw: dcraw: input sanitization flaw leading to buffer overflow [fedora-all]<br
Update to version 0.16.2, see http://www.libraw.org/download#changelog for details.
Update to version 0.16.1, see http://www.libraw.org/download#changelog for details.
Security fix for CVE-2015-3885.

Fedora

Fedora 20 Security Update: kernel-3.19.8-100.fc20

Resolved Bugs
1218074 – CVE-2015-3636 kernel: ping sockets: use-after-free leading to local privilege escalation
1218110 – CVE-2015-3636 kernel: ping sockets: use-after-free leading to local privilege escalation [fedora-all]
1218662 – I/O errors, broken ncq trim since Samsung SSD update EXT0DB6Q
1205083 – [abrt] WARNING: CPU: 3 PID: 644 at drivers/net/wireless/iwlwifi/mvm/tx.c:952 iwl_mvm_rx_ba_notif+0x525/0x5c0 [iwlmvm]() [iwlmvm]
1208999 – iscsi issues on 3.19 kernel
1214030 – CVE-2015-3339 kernel: race condition between chown() and execve()
1204390 – [abrt] WARNING: CPU: 6 PID: 790 at drivers/media/v4l2-core/v4l2-ioctl.c:1025 v4l_querycap+0x41/0x70 [videodev]() [videodev]
1206036 – Impossible to reduce the display brightness under the new kernel – Toshiba Z30 laptop
1215989 – Backlight is non-responsive on Toshiba Satellite
1148612 – “hw csum failure” message flood after upgrading kernel to 3.16<br
The 3.19.8 update contains a number of important fixes across the tree
The 3.19.7 update contains a number of important updates across the tree
The 3.19.6 stable updates contains a number of important fixes across the tree

AVG

AVG Business: Volles Haus beim Auftakt der Roadshow 2015

Basel und Düsseldorf, 18. Mai 2015AVG (NYSE: AVG), der Online Security Anbieter für mehr als 200 Millionen aktive Nutzer, präsentiert seine neuen Produkte für Business-Anwender in Deutschland und in der Schweiz. Bei den Auftaktveranstaltungen seiner Partner-Roadshow 2015 in München, Stuttgart und Frankfurt am Main mit mehr als 100 Teilnehmern verzeichnete der Hersteller ein hohes Interesse an seinen Lösungen zum Remote Monitoring und Management. Für die kommenden Termine in Düsseldorf, Zürich und Basel sind noch wenige Plätze für kurzentschlossene Interessenten verfügbar.


Francois Tschachtli

Francois Tschachtli, Sales Director AVG Business DACH & Benelux (Quelle: AVG).

AVG Partner-Roadshow 2015 im Überblick
AVG Business zeigt auf seiner Roadshow Bestandspartnern und solchen die es werden möchten, wie sie mit den neuen Managed Services Mehrwert im Unternehmen schaffen können. Zudem steht eine Präsentation inklusive Live-Demonstration der Produkte aus dem Business-Portfolio auf dem Programm.

Deutschland

  • Mi, 20.05.2015 – Düsseldorf

Anmeldung online, telefonisch unter +49 211 586 99 200 oder per Mail an [email protected]

Schweiz

  • Di, 19.05.2015 – Zürich
  • Do, 21.05.2015 – Basel

Anmeldung online, telefonisch unter +41 61 317 25 25 oder per Mail an [email protected]

Über AVG
AVG ist ein Online Security Anbieter, der Software und Services für die Sicherheit von Geräten, Daten und Menschen herstellt. AVG hat mehr als 200 Millionen aktive Nutzer als Kunden. Die AVG-Produkte und Services für Endkunden bieten Internetsicherheit, Leistungsoptimierung, persönliche Privatsphäre und Identitätsschutz für den PC und mobile Endgeräte. Das AVG Business Portfolio für Sicherheit und einfachere Prozesse im Unternehmen ist über Managed Service Provider, Value Added Reseller und Händler erhältlich und enthält Lösungen zur IT-Administration, Überwachung und Reporting, integrierte Sicherheit und Mobile Device Management.

Alle Marken sind Eigentum ihrer jeweiligen Besitzer.

Ansprechpartner für die Presse:

Martina Krelaus
Akima Media
+49 89 17959 18-0
[email protected]