Monthly Archives: February 2017

Full Disclosure

SEC Consult SA-20170207 :: Path Traversal, Backdoor accounts & KNX group address password bypass in JUNG Smart Visu server

Posted by SEC Consult Vulnerability Lab on Feb 07

SEC Consult Vulnerability Lab Security Advisory < 20170207-0 >
=======================================================================
title: Path Traversal, Backdoor accounts & KNX group address
password bypass
product: JUNG Smart Visu Server
vulnerable version: Firmware v1.0.804/1.0.830/1.0.832
fixed version: Firmware v1.0.900
CVE number: –
impact: Critical…

Avast

Avast 2017 protects you from ransomware and other cyber threats

When two creative, technologically advanced teams come together to create something, the result is outstanding. That is exactly what has happened in the last few months since Avast acquired AVG Technologies. As the product manager for Avast 2017, it is with great pleasure that I tell you about our redesigned, next-gen security software. On behalf of the entire team, I can say with confidence that the Avast 2017 collection of products – Avast Free Antivirus, Avast Pro Antivirus, Avast Internet Security and Avast Premier – is the most lightweight, state-of-the-art protection that we have ever launched.
Download Avast Free Antivirus

Here are some of the features that we you to know about:

Panda Security

Your Smart TV Has Been Hijacked. To Continue, Please Pay Ransom

Cybercriminals that specialize in ransomware, which affects thousands of computers and mobile devices every year, are ramping up their attacks against businesses. It is here that they can get their hands on valuable information and large sums of cash. This particular kind of malware, which hijacks devices and demands a ransom for their return, has managed to conquer another kind of technology: smart TVs.

Last December, the American developer Darren Cauthon announced on Twitter that a family member’s television had fallen victim to one of these attacks. As Cauthon explained, it all came about after the victim had installed an app to watch movies on the Internet, apparently from a third-party website.

The television in question was an LG model that came out in 2014 that is compatible with Google TV, a version of Android tailored to televisions. Once it had infiltrated the device, the malicious software demanded a ransom of $500 dollars to unlock the screen, which simulated a warning from the Department of Justice.

The appearance of the false message would lead you to believe that it’s a version of the ransomware known as Cyber.police, also known as FLocker. Ordinarily this ransomware affects smartphones with Google’s operating system. After hijacking the device, the malware collects information from the user and the system, including contact information and the location of the device, to be sent encrypted to cybercriminals.

To avoid paying the ransom, Cauthon unsuccessfully attempted to restore the television set to factory values, but eventually had to resort to the manufacturer’s own services to return it to a state prior to the installation of the malware. Although his relative managed to regain control of the machine without paying any sum to the criminals, he did end up having to pay the manufacturer $340 for the service, not much less than the ransom itself.

The Cauthon case has not caught security experts by surprise, given that last summer a team of researchers had warned of FLocker’s activity on smart TVs. In addition to the United States, ransomware attacks have been reported on smart TVs in Japan.

LG’s post-2014 model are no longer compatible with Google TV, but rather use WebOS, an open source operating system based on Linux. However, new attacks should not be ruled out, as cybercriminals continually refine their tools, which are increasingly focused on infecting Internet of Things devices at business and in the household.

The post Your Smart TV Has Been Hijacked. To Continue, Please Pay Ransom appeared first on Panda Security Mediacenter.

Security

Ubuntu Security Notice USN-3175-2

Ubuntu Security Notice 3175-2 – USN-3175-1 fixed vulnerabilities in Firefox. The update caused a regression on systems where the AppArmor profile for Firefox is set to enforce mode. This update fixes the problem. Multiple memory safety issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code. JIT code allocation can allow a bypass of ASLR protections in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code. Nicolas GrAgoire discovered a use-after-free when manipulating XSL in XSLT documents in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code. Atte Kettunen discovered a memory corruption issue in Skia in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code. Various other issues were also addressed.

Security

Red Hat Security Advisory 2017-0257-01

Red Hat Security Advisory 2017-0257-01 – AAA-JDBC is an extension which allows to store authentication and authorization data in relational database and provides these data using standardized oVirt AAA API similarly to already existing AAA-LDAP extension. Security Fix: When updating a password in the rhvm database the ovirt-aaa-jdbc-tool tools fail to correctly check for the current password if it is expired. This would allow access to an attacker with access to change the password on accounts with expired passwords, gaining access to those accounts.