[SECURITY] [DSA 3335-1] request-tracker4 security update
Monthly Archives: August 2015
Bugtraq: RE: Windows Platform Binary Table (WPBT) – BIOS PE backdoor
RE: Windows Platform Binary Table (WPBT) – BIOS PE backdoor
Red Hat Security Advisory 2015-1621-01
Red Hat Security Advisory 2015-1621-01 – Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector, JBoss HTTP Connector, Hibernate, and the Tomcat Native library. It was found that the expression language resolver evaluated expressions within a privileged code section. A malicious web application could use this flaw to bypass security manager protections. It was found that Tomcat would keep connections open after processing requests with a large enough request body. A remote attacker could potentially use this flaw to exhaust the pool of available connections and preventing further, legitimate connections to the Tomcat server to be made.
Red Hat Security Advisory 2015-1622-01
Red Hat Security Advisory 2015-1622-01 – Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector, JBoss HTTP Connector, Hibernate, and the Tomcat Native library. It was found that the expression language resolver evaluated expressions within a privileged code section. A malicious web application could use this flaw to bypass security manager protections. It was found that Tomcat would keep connections open after processing requests with a large enough request body. A remote attacker could potentially use this flaw to exhaust the pool of available connections and preventing further, legitimate connections to the Tomcat server to be made.
HP Security Bulletin HPSBGN03386 1
HP Security Bulletin HPSBGN03386 1 – A potential security vulnerability has been identified with HP Central View Fraud Risk Management, Revenue Leakage Control, Dealer Performance Audit, Credit Risk Control, Roaming Fraud Control, and Subscription Fraud Prevention. The vulnerabilities could be exploited remotely and locally to allow disclosure of information. Revision 1 of this advisory.
HP Security Bulletin HPSBGN03393 1
HP Security Bulletin HPSBGN03393 1 – A potential security vulnerability has been identified with HP Operations Manager i (OMi) running on Linux and Windows. The vulnerability could be exploited remotely to execute code. Revision 1 of this advisory.
Panda Security makes your digital life easier and safer thanks to its new multi-device solutions
The new range of 2016 Consumer Solutions from Panda Security is now available. Panda Gold Security 2016, Panda Global Protection 2016, Panda Internet Security 2016, Panda Antivirus Pro 2016, Panda Mobile Security 2016, Panda Antivirus for Mac 2016, and Panda Free Antivirus 2016 make up the portfolio of Panda solutions for user protection on all devices.
In an increasingly global and multi-device environment, the 2016 Consumer Solutions range is designed to make the digital world easier and more secure. It allows you to shop and browse online safely; protects families against inappropriate content; keeps identities and confidential information safe. The monitoring and optimizing of different devices is now easier than ever with the new Panda products.
“We want the user to be able to perform any activity on the Internet without worrying about cybercriminals, malware or inappropriate content,” explains Hervé Lambert, Retail Product Marketing Manager at Panda Security. “Not all users are experts or have the same needs. Therefore, we offer various solutions that protect the devices and sensitive information of the user and his family.”
Multiplatform and multi-device solutions
All of the products in the new 2016 Consumer Solutions range, from the most basic to the most advanced, offer multiplatform protection, providing service on Windows (including Windows 10 compatibility), Android, Mac and even antitheft for iPhone and iPad.
“We continue to offer our customers a lightweight and effective protection. At anytime, anywhere and through any device, we go a step further to strengthen the trust our clients have placed in us after 25 years at the forefront of innovation”, states Hervé Lambert.
Panda Antivirus for Mac
Mac systems and iOS devices are also becoming victims of attacks and threats. Therefore, the new 2016 Consumer Solutions range includes Panda Antivirus 2016 for Mac, a complete protection against viruses and other Internet threats for Mac users. It offers updates, quarantine and the possibility to analyze your iOS devices from your Mac.
The entire range includes an app for iOS that allows for the remote location of the device in case of loss or theft.
Protection and performance
The new 2016 Consumer Solutions range is based on a new development of the Panda Collective Intelligence system, which offers greater protection capabilities with less response time.
“The most important industry tests validate the efficiency of our products. During the last 4 months, Panda Security has achieved the best protection rate in the Real World Protection Test by Av-Comparatives, detecting and blocking 99.9 % of threats”, claims Hervé Lambert.
Features of the 2016 Consumer Solutions range
- Data Shield to prevent the stealing of information relating to the devices. In addition Panda Global Protection 2016 and Panda Gold Protection 2016 allow for the safeguarding of files so no one can access them.
- Protection of Wi-Fi networks to display the computers on the network and detect intruders. It also allows for network audits to check its safety and potential vulnerabilities, and to block access from unknown computers.
- USB protection, providing immunization and a protective shield to analyze the USB when inserted into the device.
- Improved features such as Parental Control; application control, a highly effective protection against zero-day malware; PC recovery system, safe browsing, and password management and an easier, more intuitive interface (Panda Simplexity).
The post Panda Security makes your digital life easier and safer thanks to its new multi-device solutions appeared first on MediaCenter Panda Security.
Mr. Robot Review: wh1ter0se.m4v
via: USA Networks Mr. Robot airs on Wednesdays at 9/10 central on USA
This week’s episode answered A LOT of questions — we met the infamous White Rose and found out why the Dark Army backed out of the planned takedown of Steel Mountain a few episodes ago, we found out why Cisco blackmailed Ollie into infecting AllSafe with malware and we (kind of) found out who Mr. Robot and Darlene really are! Although many of my questions were answered in this episode, I also found myself asking “what?” and “why?” throughout it. What is a honeypot? What is reverse engineering and why is Tyrell talking to Mr. Robot? Why is Tyrell happy about Fsociety hacking E Corp?
I turned to my colleague Ivan Jedek, malware analyst at Avast, to get some answers to my questions.
At 11 minutes into the show, Gideon has a meeting with Tyrell to tell him that AllSafe is determined to find the hackers that hacked into E Corp. He explains to Tyrell that AllSafe has air gapped E Crop’s private network, implemented a honey pot and reconfigured all firewalls. Tyrell cuts Gideon off to question the honeypot and Gideon explains that a specific server was involved in the last FSociety hack, CS30. He explains that if there is a chance hackers are in the network, honeypot will ensure they cannot cause damage. They will log in to the decoy server they set up thinking they are in they’re in E Corp’s main network — he is personally keeping tabs of all the traffic.
Stefanie: What is a honeypot and what is it used for?
Ivan: A honeypot is a trap to catch cyberattackers. It comes from the idea that you can lure a bear by attracting it with a honey pot. As Gideon explained in this scene, a honeypot is a decoy. In this case, Gideon set up a honeypot to look like an E Corp server appearing to be connected to the company’s network. In reality, it is isolated and, like Gideon explains to Tyrell, is being monitored for unauthorized access.
At 14:26, we see the AllSafe employees frantically trying to get to the bottom of the malware attack that hit them and Elliot tells Ollie he is trying to reverse engineer the malware.
Stefanie: What is reverse engineering? Is it something that you guys in Avast’s Virus Lab do often?
Ivan: Reverse engineering is when you take something apart to see how it was built or put together. In this case, Elliot is disassembling the malware to see what it does and where it came from. We do reverse engineer malware in the Virus Lab, but we don’t wear lab coats when we do this! If we receive a virus sample that our system didn’t automatically detect, for example, then we like to reverse engineer the sample to find out how it works — then, we can create a detection for it to send to our users. Sometimes we reverse engineer malware because we find interesting or to observe how a certain malware family is progressing
During Elliot’s meeting with White Roe, Elliot learns that by targeting Terry Colby, he opened a vulnerability and raised Gideon’s suspicion. Elliot puts the pieces of the puzzle together and realizes that the Dark Army targeted AllSafe with malware to monitor Gideon, which lead to the Dark Army’s discovery of the honeypot, which is why they pulled out of the deal to take down Steel Mountain. When Elliot leaves the meeting, he is on a mission to take down the honeypot so that FSociety can access the Steel Mountain network to take down E Corp. Elliot goes back to the AllSafe office and in the meantime, Darlene has sent 100 MMS to get Gideon’s phone, which forces him to charge his phone and leave it unattended while a video made by FSociety plays in the AllSafe conference room. While everyone is watching the video, Elliot gets the security token and logs into Gideon’s account to submit a request to take down the honeypot.
Stefanie: Why send all those MMS? What is a security token?
Ivan: Elliot had Darlene send Gideon’s 100 large MMS files to overload his phone and drain his battery. This caused Gideon to charge his phone and allowed Elliot to take it while the video distracted the company. A security token is a temporary password that is sent to a device. The token helps prove one’s identity, as it is sent to a separate device. In this case, Gideon set up two-factor authentication on his AllSafe account so that an additional, temporary password would be sent to his phone whenever anyone attempted to log into his account.
Stefanie: Interesting! Do you also happen to know the reason why Tyrell and Mr. Robot met?
Ivan: That I do not know! I guess we will have to wait till next week to find out.
What did you think of this week’s episode? Let us know in the comments below!
Debian Security Advisory 3335-1
Debian Linux Security Advisory 3335-1 – It was discovered that Request Tracker, an extensible trouble-ticket tracking system is susceptible to a cross-site scripting attack via the user an group rights management pages and via the cryptography interface, allowing an attacker with a carefully-crafted key to inject JavaScript into RT’s user interface. Installations which use neither GnuPG nor S/MIME are unaffected by the second cross-site scripting vulnerability.
SAP Security Notes August 2015
SAP has released the monthly critical patch update for August 2015. This patch update closes 22 vulnerabilities in SAP products, 15 have high priority, some of them belong to the SAP HANA security area. The most popular vulnerability is cross site scripting.