Virtualization aims to totally change how we think of IT altogether. Against the backdrop of VMworld, we take a closer look at the key details.
The post VMworld: When IT grows up appeared first on We Live Security.
Virtualization aims to totally change how we think of IT altogether. Against the backdrop of VMworld, we take a closer look at the key details.
The post VMworld: When IT grows up appeared first on We Live Security.
The first unclassified cybersecurity Threat Report from the The Australian Cyber Security Centre has been released.
The post ACSC releases its first cybersecurity threat report appeared first on We Live Security.
Posted by Vulnerability Lab on Sep 03
Document Title:
===============
Zhone ADSL2+ 4P Bridge & Router (Broadcom) – Multiple Vulnerabilities
References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1591
Download: http://www.zhone.com/support/downloads/cpe/6218-I2/6218-I2_R030220_AnnexA.zip
Release Date:
=============
2015-09-03
Vulnerability Laboratory ID (VL-ID):
====================================
1591
Common Vulnerability Scoring…
New variants of the notorious Carbanak Trojan have surfaced in Europe and the United States, and researchers say that the malware now has its own proprietary communications protocol and the samples seen so far have been digitally signed. Carbanak has been in use for several years, and researchers at Kaspersky Lab earlier this year revealed the […]
The season finale of Mr. Robot left me asking myself many questions. The big question that most of the characters in the show asked themselves as well was: Where is Tyrell?
What exactly happened while Elliot was in Tyrell’s car? Did Tyrell execute the plan to bring down E Corp or did Elliot? Why is Angela now working for E Corp? Who really put that video of Elliot falling from the boardwalk on the James Bond-like sunglasses USB stick? Did Angela really have to go shopping for designer shoes after James Plouffe’s suicide? Does she not own more than one pair of high heels? Who is knocking on Elliot’s door at the end of the episode?
I admit, I initially stopped watching as the credits came, but then I read online that that was a big mistake. There is a scene that comes after the credits, which, of course, left me asking myself two more questions: Why is White Rose meeting with the CEO of E Corp? Does E Corp really know that Elliot is behind the take down?
However, one very important question that I have been asking myself for the last 15 years was finally answered in this episode. FSociety let the dogs out.
In addition to the numerous plot questions, I had two technical questions after watching the episode. I sat down with senior malware analyst, Jaromir Horejsi, who kindly answered my questions for me.
In the opening scene, Krista meets with her ex-boyfriend Michael, aka Lenny. Lenny needs more evidence to prosecute Elliot. “He was routing through something called proxies or something, out in Estonia, he’s untraceable,” Lenny told Krista.
Stefanie: What is a proxy? How did this process make Elliot untraceable?
Jaromir: A proxy, or proxy server, acts as the middleman when you request information from servers over the web. Proxies are used for a variety of reasons. Schools and commercial organizations sometimes use proxies to control which content is accessed within the school or organization. Proxies can also be used to circumvent geo-location content restrictions. In this case, the person’s true IP address is not revealed to the server the person is accessing, rather the person connects to the server via a proxy located in a different country.
In this case, Elliot used a proxy to anonymize his web traffic. The server that Elliot requests a web page from receives his request from an anonymizing proxy server, which in the example Lenny gives, was located in Estonia. The proxy server then forwards the web page to Elliot. If configured properly, anonymizing proxy servers delete all logs and traces of requests made ,in addition to keeping the user’s IP address anonymous.
At minute 14:35 Elliot tries to figure out what exactly happened. He mentions a simple program, a worm that can make data unreadable. Malware that took Darlene maybe two hours to code. He also mentions that Darlene encrypted everything with 256-bit AES and that because of this, it would take an incomprehensible amount of time to crack the encryption.
Stefanie: What is 256-bit AES and why is it so hard to decrypt?
Jaromir: AES is an encryption method that was established by the U.S. National Institute of Standards and Technology. AES is a symmetric-key algorithm, which means the key used to encrypt the data is the same key that can decrypt the data. The lengths of the encryption key can be three different lengths: 128, 192 and 256 bits.
A 256-bit AES key is made up of 256 bits, which are made up of 1s and 0s. Meaning the key has 2e256 possible combinations, making it impossible to crack. A year ago, a reddit user posted his calculations of how long it would take to crack a 256-bit AES encryption. Here are his results: “The universe itself only existed for 14 billion (1.4e10) years. It would take ~6.7e40 times longer than the age of the universe to exhaust half of the keyspace of a AES-256 key.”
I would like to thank all of the Avast experts who helped me understand the Mr. Robot hacks this season and look forward to discussing season two’s hacks with you
What did you think of the finale episode? Let us know us know in the comments below!
We look at the five top questions you should be asking before connecting to public Wi-Fi – while convenient, there are risks.
The post Public Wi-Fi security: Your questions answered appeared first on We Live Security.
CentOS Errata and Security Advisory 2015:1708 Important Upstream details at : https://rhn.redhat.com/errata/RHSA-2015-1708.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: d0c7cd0ab4dc74e06f81eea25702ae372b5185314cc740de0bfd4c1467e23572 libXfont-1.4.7-3.el7_1.i686.rpm 56c8af2cd14daecb5c232fc1857d9ff24392bdace0b749be37802393fcd22272 libXfont-1.4.7-3.el7_1.x86_64.rpm db382660e3e64a5576d5063fa19954eb957b82d3d2e32baf19eb0c26d4f704eb libXfont-devel-1.4.7-3.el7_1.i686.rpm ae204ce0915b0846d92f0464c84260e7486410565dc8f13bf75f350bb6a7011e libXfont-devel-1.4.7-3.el7_1.x86_64.rpm Source: e06340a5791527201c75f63c1646b8e1f913c8ec56ef5ac93b83bbb43ff910d6 libXfont-1.4.7-3.el7_1.src.rpm
CentOS Errata and Security Advisory 2015:1705 Important Upstream details at : https://rhn.redhat.com/errata/RHSA-2015-1705.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: 3c52fc07df91af417260ec7c29130f81f00a865c5bd3284c93129c9dcdc5e7bf bind-9.9.4-18.el7_1.5.x86_64.rpm 5e52f4486b1ed795198d23b0d3c8d5148158bc8cf3afbd2625dc87c4937fade9 bind-chroot-9.9.4-18.el7_1.5.x86_64.rpm 97984e4b2dc9ad73865ac219fa40602405b4c6caa1591e90427527f7208c9498 bind-devel-9.9.4-18.el7_1.5.i686.rpm e129f2cffbc8b78865ac4cb70bb6495ec6f6696973512da7940b9974a7baba11 bind-devel-9.9.4-18.el7_1.5.x86_64.rpm 37feef97c99d78c48cfa482cb74fe272fe32e1d3d2dc35fc3a93b66eb48e631f bind-libs-9.9.4-18.el7_1.5.i686.rpm 4d0e36862620019210239c57a7a19cf2a9e496882d40c02918038515d021da8e bind-libs-9.9.4-18.el7_1.5.x86_64.rpm c7742baecb76658ad077932b01b776a4d61bfb3d5e5094468240d7990d6f7729 bind-libs-lite-9.9.4-18.el7_1.5.i686.rpm 7de89035c55c74b6f3db7a69f2a45515e88769f0bd366cb4514fca9a4d335621 bind-libs-lite-9.9.4-18.el7_1.5.x86_64.rpm bf82732e738febb7bac091be60763080883504494066d378329f5d15a50c2abc bind-license-9.9.4-18.el7_1.5.noarch.rpm dbb2ab00757f4b7cd1f1165b5b0de8aafd8561b1c7fb992286b72339865bb9d0 bind-lite-devel-9.9.4-18.el7_1.5.i686.rpm 590e35f9fa11b348b14ef7d922cc8cc73fd650ad2dec77dc41b2fea47c08ec94 bind-lite-devel-9.9.4-18.el7_1.5.x86_64.rpm 6e7c4dd6e8f6c624a85ec7bac326987ac2db01e62ce6a9c3618e2cbb001873c8 bind-sdb-9.9.4-18.el7_1.5.x86_64.rpm ccbce6e7a229ba65a6427c9c0267ae997781d31703e1306489dde62f51cdc445 bind-sdb-chroot-9.9.4-18.el7_1.5.x86_64.rpm 9d3650eb70e0438b6922c85afe13d3afccb30600661cb71abdd32a6e88d1d38b bind-utils-9.9.4-18.el7_1.5.x86_64.rpm Source: 0c812dfb6be8e0e42aa4e929d45394a28377c3b6603eeb1a6c6a3a8940c820ab bind-9.9.4-18.el7_1.5.src.rpm
CentOS Errata and Security Advisory 2015:1706 Important Upstream details at : https://rhn.redhat.com/errata/RHSA-2015-1706.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: bba46a116e6b5186632655032db42a9ff77c7b0ef3076e21cb4805d8c1c88a8b bind-9.3.6-25.P1.el5_11.4.i386.rpm 4de4794280e628d8267ef18e2706cd2cf9928efa3f2088d8b208cf4362946e3c bind-chroot-9.3.6-25.P1.el5_11.4.i386.rpm 157ff53e52f56d2b53fe52a1e59bf775934ce43013b99287fea3314c713748a6 bind-devel-9.3.6-25.P1.el5_11.4.i386.rpm 088c619c002bb48d1f4b5f1349eb16ce76caf4f5caaef2839654c98ce16ac16f bind-libbind-devel-9.3.6-25.P1.el5_11.4.i386.rpm 840aa7dbbd9f434e04ebd8a0cdfbe5e78b5a93c5f576144ec7e5ec64410745b5 bind-libs-9.3.6-25.P1.el5_11.4.i386.rpm f9a1f759794832717f63ceef8bc83b455f456a59458e9e79ed4236dd008fb8d7 bind-sdb-9.3.6-25.P1.el5_11.4.i386.rpm d8095ae46d01160f9dbe82762b8b2c00a6dc91846cb2f362dc1f8c38432c147d bind-utils-9.3.6-25.P1.el5_11.4.i386.rpm 5aa82705c9a3da0d61378003c49c6b384b1ed649cc55e982ae2a9056e2cf6adf caching-nameserver-9.3.6-25.P1.el5_11.4.i386.rpm x86_64: c308da83d5f57ea6aefc77a5ae0d6af76b0835dab55d6e06d2aaaeade5b2d422 bind-9.3.6-25.P1.el5_11.4.x86_64.rpm 10f51b1209242695ef78d9717b0954a1a53511f83ca2827e0ba5b8969636b39e bind-chroot-9.3.6-25.P1.el5_11.4.x86_64.rpm 157ff53e52f56d2b53fe52a1e59bf775934ce43013b99287fea3314c713748a6 bind-devel-9.3.6-25.P1.el5_11.4.i386.rpm 5bf1a1f68758dbb84f1e5f3a4b5055d6f0aab041355d0e02c4894f98da4723f3 bind-devel-9.3.6-25.P1.el5_11.4.x86_64.rpm 088c619c002bb48d1f4b5f1349eb16ce76caf4f5caaef2839654c98ce16ac16f bind-libbind-devel-9.3.6-25.P1.el5_11.4.i386.rpm 821d9a5b24aa6feeefb47e504bdee4ed13bfc1ceddc66ba269b23391373e5a78 bind-libbind-devel-9.3.6-25.P1.el5_11.4.x86_64.rpm 840aa7dbbd9f434e04ebd8a0cdfbe5e78b5a93c5f576144ec7e5ec64410745b5 bind-libs-9.3.6-25.P1.el5_11.4.i386.rpm a88cd1532c1a2014b5defd709c75bea6d36803f07aa04970b01b44fedcf46a1d bind-libs-9.3.6-25.P1.el5_11.4.x86_64.rpm 980d8292429f0a873bd57a657a9e8051c47bdeca2077f640901fadb00d1a79b3 bind-sdb-9.3.6-25.P1.el5_11.4.x86_64.rpm 5751ec2f6f313ce7794269be03a2c9ca57146739474b883298ac0471fc185e48 bind-utils-9.3.6-25.P1.el5_11.4.x86_64.rpm ab9869976e37f4144693efb8653cb2c7001edfed8dd9347abf5ed67d9fa8c837 caching-nameserver-9.3.6-25.P1.el5_11.4.x86_64.rpm Source: 6a45a7a6b9535bf75e9efe1e14abd1f71f4aef4cc298ff569bd3092c468a049d bind-9.3.6-25.P1.el5_11.4.src.rpm
CentOS Errata and Security Advisory 2015:1707 Important Upstream details at : https://rhn.redhat.com/errata/RHSA-2015-1707.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: 93518ae05069f07cee1d3c342811afff6dd9cde162e3b6718b9c5bd7ea01bbd1 bind97-9.7.0-21.P2.el5_11.3.i386.rpm 2d5bc214ecf7c70b65daf7b6972caa0f065db4ba48ead25628f7f1f5394e4388 bind97-chroot-9.7.0-21.P2.el5_11.3.i386.rpm bdcd6f99d94058974438d749db7efa81a2722ba0243fad11f721c625871b418b bind97-devel-9.7.0-21.P2.el5_11.3.i386.rpm f719d43543c8cc4e8228ab687af750b7c98f9d6f070da4e0801c85c580fd56c2 bind97-libs-9.7.0-21.P2.el5_11.3.i386.rpm 3898e53d5b8f3e4b1aa8e5569d243d1bb787eabad42f185fdb28edf45cbfcf8d bind97-utils-9.7.0-21.P2.el5_11.3.i386.rpm x86_64: 1578c42cc5e522954fb8d8a2e4e4f304cd7af44b77f057a1ee49dfcfc573ef8c bind97-9.7.0-21.P2.el5_11.3.x86_64.rpm 5e04566783c2cc1c423b7d1c3d990545abd864fd51e2a74e68df93396b55ed7b bind97-chroot-9.7.0-21.P2.el5_11.3.x86_64.rpm bdcd6f99d94058974438d749db7efa81a2722ba0243fad11f721c625871b418b bind97-devel-9.7.0-21.P2.el5_11.3.i386.rpm 07a3ff80544201f6792fabc697373c6e012abbc34f9803ef6b22d98b0e6b4784 bind97-devel-9.7.0-21.P2.el5_11.3.x86_64.rpm f719d43543c8cc4e8228ab687af750b7c98f9d6f070da4e0801c85c580fd56c2 bind97-libs-9.7.0-21.P2.el5_11.3.i386.rpm a5583bc99a031162392ad555e2fbb75b7e6c87fc524d60bd9ecce287be1b7e43 bind97-libs-9.7.0-21.P2.el5_11.3.x86_64.rpm 65cfdf01abb9b673bbb5940eee2212ce11677e5b048d57fc7447c0e6fc9abfe5 bind97-utils-9.7.0-21.P2.el5_11.3.x86_64.rpm Source: 2e05b776888819f6aa86cabf1a3a11bc87a0f07ccd8b21ac4406d4c2fc635609 bind97-9.7.0-21.P2.el5_11.3.src.rpm