Monthly Archives: January 2017

NVD

CVE-2016-9553

The Sophos Web Appliance (version 4.2.1.3) is vulnerable to two Remote Command Injection vulnerabilities affecting its web administrative interface. These vulnerabilities occur in the MgrReport.php (/controllers/MgrReport.php) component responsible for blocking and unblocking IP addresses from accessing the device. The device doesn’t properly escape the information passed in the variables ‘unblockip’ and ‘blockip’ before calling the shell_exec() function which allows for system commands to be injected into the device. The code erroneously suggests that the information handled is protected by utilizing the variable name ‘escapedips’ – however this was not the case. The Sophos ID is NSWA-1258.

NVD

CVE-2016-9554

The Sophos Web Appliance Remote / Secure Web Gateway server (version 4.2.1.3) is vulnerable to a Remote Command Injection vulnerability in its web administrative interface. These vulnerabilities occur in MgrDiagnosticTools.php (/controllers/MgrDiagnosticTools.php), in the component responsible for performing diagnostic tests with the UNIX wget utility. The application doesn’t properly escape the information passed in the ‘url’ variable before calling the executeCommand class function ($this->dtObj->executeCommand). This function calls exec() with unsanitized user input allowing for remote command injection. The page that contains the vulnerabilities, /controllers/MgrDiagnosticTools.php, is accessed by a built-in command answered by the administrative interface. The command that calls to that vulnerable page (passed in the ‘section’ parameter) is: ‘configuration’. Exploitation of this vulnerability yields shell access to the remote machine under the ‘spiderman’ user account.

Panda Security

How to prevent phishing

How to prevent phishing and keep thieves away from your money

Phishing – a hacking technique using fraudulent emails to trick people into handing over their bank account details – continues to be a major threat to personal security. Because these techniques are so successful, criminal continually refine them, making it harder than ever to avoid them.

Fortunately, there are a few steps you can take to better protect yourself – and they are all quite simple.

1. Don’t click links

Phishing emails are so effective because it is very hard to tell them apart from the real thing – they look just like the emails your bank sends. They are also intended to scare you, suggesting that your account has been compromised and you must act immediately to protect yourself.

No matter how concerned you may be, you should never click the links in an email. Even if you are 100% certain that the message comes from your bank.

Instead, you should type the bank’s address yourself into the browser window to make sure you are visiting the correct website. Once successfully logged in, you will be able to access electronic versions of the messages your bank has sent you – including any alerts. If the message is not repeated here, you can safely assume that the email was fraudulent.

You should also bear in mind that all banks typically send printed letters through the post when there is a serious problem with your account.

2. Get educated

All of the banks provide guidance on what a real email looks like – here’s an example from Lloyds Bank. Take a few minutes to acquaint yourself with the information provided and you’ll save yourself a lot of stress in future.

And just to re-emphasise the importance of never clicking links in an email, here’s what Lloyds has to say;

We never link directly to our Internet Banking log on page, or a page that asks for security or personal details.

3. Protect your PC

Computer security software, like Panda Gold Protection, include tools to identify and block phishing emails before you can be tricked by them. It is absolutely essential that every PC, Mac and Android smartphone you own is protected by some form of security software to stop phishing (and other cyberattack techniques) compromising your devices.

Once installed, don’t forget to carry out a regular scan (once a week is ideal) to check to see whether any malware or viruses have breached your defences. Malware can be just as damaging as a phishing email, monitoring what you do on your computer, and stealing passwords for instance. Running a regular scan will give you a chance to identify and delete these malicious apps before you are too badly compromised.

Don’t panic

Protecting against phishing emails is generally just a case of using your common sense. No matter how scary an email looks, take a second to check your online account yourself. Don’t forget that you can always visit your local branch, or the phone banking service to confirm that everything is ok.

Take the first step towards protecting yourself against phishing emails by downloading a free trial of Panda Security now.

The post How to prevent phishing appeared first on Panda Security Mediacenter.

Hackers News

Police Arrest 5 Cyber Thieves Who Stole 3.2 Million From ATMs Using Malware

Law enforcement authorities from Europe and Russia have arrested five members of an international cyber criminal gang for stealing $3.2 million cash from ATMs using malware.

Three of the suspects, Andrejs Peregudovs (41), of Latvia, Niklae Penkov (34) of Moldova, and Mihail Colibaba (30) of Romania, were arrested in Taiwan by the Taiwanese Criminal Investigation Bureau last summer, have