Monthly Archives: February 2016

Ubuntu

USN-2903-2: NSS regression

Leave a comment

Ubuntu Security Notice USN-2903-2

23rd February, 2016

nss regression

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 12.04 LTS

Summary

USN-2903-1 introduced a regression in NSS.

Software description

  • nss
    – Network Security Service library

Details

USN-2903-1 fixed a vulnerability in NSS. An incorrect package versioning
change in Ubuntu 12.04 LTS caused a regression when building software
against NSS. This update fixes the problem.

We apologize for the inconvenience.

Original advisory details:

Hanno Böck discovered that NSS incorrectly handled certain division
functions, possibly leading to cryptographic weaknesses. (CVE-2016-1938)

This update also refreshes the NSS package to version 3.21 which includes
the latest CA certificate bundle, and removes the SPI CA.

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 12.04 LTS:
libnss3-dev

2:3.21-0ubuntu0.12.04.2

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

LP: 1547147

Avast

Avast free Wi-Fi experiment fools Mobile World Congress attendees

Leave a comment

Travelers often connect to free Wi-Fi to save money Travelers often connect to free Wi-Fi to save money. image via www.shbarcelona.com

Avast Mobile Security researchers camped out at the Barcelona Airport, threw up a few fake Wi-Fi hotspots, and waited to see who would connect.

 

That’s already an interesting premise for an experiment, but this was the weekend when attendees of Mobile World Congress, “the world’s biggest and most influential mobile event” were arriving, making this not only interesting but fun! You would think with such a savvy group that the results would be rather ho-hum, but think again!

Thousands of smartphone users threw caution to the wind and connected to one of Avast’s bogus Wi-Fi hotspots, risking being spied on and hacked by cybercriminals.

Full Disclosure

GTA Firewall GB-OS v6.2.02 – Filter Bypass & Persistent Vulnerability

Leave a comment

Posted by Vulnerability Lab on Feb 24

Document Title:
===============
GTA Firewall GB-OS v6.2.02 – Filter Bypass & Persistent Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1713

Release Date:
=============
2016-02-24

Vulnerability Laboratory ID (VL-ID):
====================================
1713

Common Vulnerability Scoring System:
====================================
3

Product & Service Introduction:…

Full Disclosure

eFront 3.6.15.6 CMS – (Message Attachment) Persistent Cross Site Scripting Vulnerability

Leave a comment

Posted by Vulnerability Lab on Feb 24

Document Title:
===============
eFront 3.6.15.6 CMS – (Message Attachment) Persistent Cross Site Scripting Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1765

Release Date:
=============
2016-02-24

Vulnerability Laboratory ID (VL-ID):
====================================
1765

Common Vulnerability Scoring System:
====================================
4

Product & Service…

Full Disclosure

eFront Learning 3.6.15.6 CMS – (Forum) Persistent Title Web Vulnerability

Leave a comment

Posted by Vulnerability Lab on Feb 24

Document Title:
===============
eFront Learning 3.6.15.6 CMS – (Forum) Persistent Title Web Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1761

Release Date:
=============
2016-02-23

Vulnerability Laboratory ID (VL-ID):
====================================
1761

Common Vulnerability Scoring System:
====================================
3.7

Product & Service Introduction:…

Panda Security

10 cybersecurity basics that every business should tell its employees

Leave a comment

office

As much as a company wants to protect its confidential information, the reality is that it’s usually the employees who shoulder most of the responsibility. The weakest link in the chain is always the human – it looks for shortcuts, is easily tricked, and sometimes doesn’t take the cautions that it should.

This is why it is important that employees know what to do to keep the company’s data and systems safe. Although some may seem like common sense, it’s fundamental that everyone is made aware of the rules and policies – not all members of your team will have the same experience, so you need to start with the most basic.

10 cybersecurity basics that every business should tell its employees

1. Confirm the identity of all that request information

This is especially useful for receptionists, call-center employees or tech support, human resources, and other professionals whose work requires the handling of personal information. Attackers take advantage of the naivety and good faith or these workers to get information in the simplest and most obvious of ways: asking for it. They do this by pretending to be providers, customers, or other members of the company that have a legitimate reason to require the information.

It’s very important that your team knows these tactics and that they make sure that the person on the other end of the phone or email is who they say they are before any information is shared.

2. Always keep passwords safe

If we take care of our own personal passwords that we use daily then we should give even more care to the ones we use to access corporate information. First of all, follow recommended steps to creating a secure passwords: don’t use the same one for different accounts, avoid ones that contain obvious personal information (birthdays, phone numbers, pet’s name, favorite football team, etc.), and ensure that it is made up of numbers and letters, with a combination of upper and lower case letters for good measure.

Also, in a corporate context, it is important that employees avoid keeping the Wi-Fi code written down anywhere (like on a post-it, for example). Finally, and returning to the first point, never reveal your password to anyone that asks for it by phone or email, even if they claim to work in the technical department of your company or the company which provides the relevant service.

postit

3. Your hard drive is foolproof

Saving information related to your business or customers on the computer’s hard drive is, in general, a bad idea. Computers are prone to breaking down and are exposed to attacks that could lead to the loss of valuable information. Laptops are also susceptible to theft or loss. It’s better to ask employees to save files on the company’s servers – if there are any – or on a cloud service.

If they simply must save something on the hard drive, it is essential that they make a security copy every so often to be able to recover the file should anything happen.

4. Security copies don’t mean a thing if they’re lost

It, again, may seem like common sense, but it happens more often than you’d think. If workers are using a laptop and make copies on a USB, it is fundamental that don’t store them together or carry them around at the same time. Just think about it, if you lose your backpack or it is stolen, and both the laptop and USB are inside, well then you’ve lost both copies.

5. Storage and sharing of information via the Internet

As we said, the best solution when a company can’t store internally is to look for a cloud service, be it for storing originals or copies. In general, cloud service providers are better prepared than a small or medium business to face any type of incident, such as cyberattacks.

However, there are some risks associated with the use of online tools which are similar to the ones mentioned above. The security and confidentiality of data that is stored virtually depends on the password used by the employee, so it’s vital that this isn’t shared with anyone who may have malicious intentions. Also, documents should never be uploaded to personal accounts, the cloud service shouldn’t be accessed from unprotected computers or via insecure connections, etc.

6. Email

One of the main tools that cybercriminals use to sneak into an organization and steal information is email. If you employees have a corporate account, the first thing that you need to do is make sure that they don’t use it for personal reasons nor should they use it on public forums or public websites, for example. It’s very easy for the email to end up on a spam list which could mean receiving emails that are not only annoying, but could end up being dangerous.

In general, the best advice that you can give your employees about emails is that they never respond to an email that comes from an unknown or suspicious source. They should also avoid opening or downloading any attachments from these sources as they may contain malware which can affect not only their computer, but possible the company’s entire network.

email

7. Don’t install programs from unknown sources

Again, they should only trust in what they already know. It’s normal that companies restrict what employees can and can’t install on their computers through the operating system’s permissions. However, if they are able to run new software on their computers, you must ask them to avoid downloading from suspicious webpages. In fact, they shouldn’t even browse them. The web browser is also an access point for some criminals.

8. Be careful with social media

The most recent, and thus unknown, risk is social media. What workers get up to on Facebook or Twitter while at work could be damaging to the company, never mind resulting in lower productivity. Not long ago we warned of the alarming rise in the number of selfies taken in critical infrastructures, which were then found posted on Instagram.

9. A good antivirus

Before using any computer or mobile device, the first thing you should do is install a good antivirus. If this step is important for home users, its importance for corporate users is enormous. A security solution that is especially designed for businesses protects computers and company data in a multitude of circumstances, even when the employees commit an error.

10. The easiest way isn’t always the safest

This point isn’t just for the workers, but rather aimed at the employers: if you make things too difficult for them, they will find a way to work around your security measures. Everything that we’ve explained to you is common sense and very important, but don’t go overboard.

If you ask them to changer their password every week, prepare yourself for the inevitable deluge of post-its stuck to monitors. If accessing a tool that they use for their work becomes too complicated for security reasons, they will use a different one (or, worse yet, one they already have for personal use). If they don’t know how to save files how you’d like, they will find their own way, which might end up being insecure.

So, a middle ground between security and complexity is necessary so that your employees play their part and listen to these tips. They may be your greatest allies or your worst enemies, but only you can choose which.

The post 10 cybersecurity basics that every business should tell its employees appeared first on MediaCenter Panda Security.

Hackers News

How to Hack a Computer from 100 Meters by Hijacking its Wireless Mouse or Keyboard

Leave a comment

No matter how secure you think your computer might be, something malicious can always happen. As a Computer is an open book with right tools and talent.
The same is proved by a group of security researchers by hacking into a computer with no internet, and no Bluetooth devices.
Yes, it is possible for attackers to Hack Your Computer through non-Bluetooth devices such as your wireless mouse and

VMWare

UPDATE: VMSA-2016-0002.1- VMware product updates address a critical glibc security vulnerability

Leave a comment 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
               VMware Security Advisory

Advisory ID: VMSA-2016-0002.1
Synopsis:    VMware product updates address a critical glibc security
             vulnerability
Issue date:  2016-02-22
Updated on:  2016-02-23
CVE numbers: CVE-2015-7547
- ------------------------------------------------------------------------

1. Summary

   VMware product updates address a critical glibc security
   vulnerability


2. Relevant Releases (Affected products that have remediation available)

   ESXi 6.0 without patch ESXi600-201602401-SG
   ESXi 5.5 without patch ESXi550-201602401-SG
 
   VMware virtual appliances

3. Problem Description 

   a. glibc update for multiple products.

      The glibc library has been updated in multiple products to resolve 
      a stack buffer overflow present in the glibc getaddrinfo function.
  
      The Common Vulnerabilities and Exposures project (cve.mitre.org)
      has assigned the identifier CVE-2015-7547.

      VMware products have been grouped into the following four
      categories:
      
      I) ESXi and ESX Hypervisor
      Versions of ESXi and ESX prior to 5.5 are not affected because
      they do not ship with a vulnerable version of glibc.
      ESXi 5.5 and ESXi 6.0 ship with a vulnerable version of glibc and
      are affected. 
      See table 1 for remediation for ESXi 5.5 and ESXi 6.0.
    
      II) Windows-based products
      Windows-based products, including all versions of vCenter Server 
      running on Windows, are not affected.

      III) VMware virtual appliances
      VMware virtual appliances ship with a vulnerable version of glibc
      and are affected. 
      See table 2 for remediation for appliances.
      
      IV) Products that run on Linux
      VMware products that run on Linux (excluding virtual appliances)
      might use a vulnerable version of glibc as part of the base
      operating system. If the operating system has a vulnerable version
      of glibc, VMware recommends that customers contact their operating
      system vendor for resolution.  
      
      WORKAROUND

      Workarounds are available for several virtual appliances. These are 
      documented in VMware KB article 2144032.

      RECOMMENDATIONS

      VMware recommends customers evaluate and deploy patches for
      affected products in Table 1 and 2 below as these patches become
      available. In case patches are not available, customers are
      advised to deploy the workaround.

      Column 4 of the following tables lists the action required to
      remediate the vulnerability in each release, if a solution is
      available.

      Table 1 - ESXi
      ==============

      VMware           Product    Running  Replace with/
      Product          Version    on       Apply Patch 
      ==============   =======    =======  =============
      ESXi             6.0        ESXi     ESXi600-201602401-SG
      ESXi             5.5        ESXi     ESXi550-201602401-SG
      ESXi             5.1        ESXi     Not affected
      ESXi             5.0        ESXi     Not affected


      Table 2 - Products that are shipped as a virtual appliance. 
      =============================================================

      VMware           Product   Running  Replace with/
      Product          Version   on       Apply Patch 
      ==============   =======   =======  ================
      VMware virtual   All       Linux    See VMware KB article 2144032
      appliances
     
 
4. Solution

   ESXi
   ----
   Downloads:
   https://www.vmware.com/patchmgr/findPatch.portal

   Documentation:
   http://kb.vmware.com/kb/2144057 (ESXi 6.0)
   http://kb.vmware.com/kb/2144357 (ESXi 5.5)

   VMware virtual appliances
   -------------------------
   Refer to VMware KB article 2144032


5. References
   
   VMware Knowledge Base article 2144032
   http://kb.vmware.com/kb/2144032

   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7547

- ------------------------------------------------------------------------

6. Change Log

   2016-02-22 VMSA-2016-0002
   Initial security advisory in conjunction with the release of ESXi 5.5
   patches and patches for virtual appliances as documented in VMware
   Knowledge Base article 2144032 on 2016-02-22.
   
   2016-02-23 VMSA-2016-0002.1
   Updated security advisory in conjunction with the release of ESXi 6.0
   patches on 2016-02-23.

- ------------------------------------------------------------------------

7. Contact

   E-mail list for product security notifications and announcements:
   http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce

   This Security Advisory is posted to the following lists:

    security-announce at lists.vmware.com
    bugtraq at securityfocus.com
    fulldisclosure at seclists.org

   E-mail: security at vmware.com
   PGP key at: http://kb.vmware.com/kb/1055

   VMware Security Advisories
   http://www.vmware.com/security/advisories

   Consolidated list of VMware Security Advisories
   http://kb.vmware.com/kb/2078735

   VMware Security Response Policy
   https://www.vmware.com/support/policies/security_response.html

   VMware Lifecycle Support Phases
   https://www.vmware.com/support/policies/lifecycle.html

   Twitter
   https://twitter.com/VMwareSRC

   Copyright 2016 VMware Inc.  All rights reserved.

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.8.3 (Build 4028)
Charset: utf-8

wj8DBQFWzUH1DEcm8Vbi9kMRAqzdAJ41gK0ZwrJ3VwuulRWe3oJp7eE4KgCfaCXz
uQ+wfohFVtr188M0qMbFfj8=
=ciJr
-----END PGP SIGNATURE-----
NVD

CVE-2015-8277

Leave a comment

Multiple buffer overflows in (1) lmgrd and (2) Vendor Daemon in Flexera FlexNet Publisher before 11.13.1.2 Security Update 1 allow remote attackers to execute arbitrary code via a crafted packet with opcode (a) 0x107 or (b) 0x10a.