Category: Research & Alerts

Less is, umm, less?, (Tue, Nov 25th) 0

Less is, umm, less?, (Tue, Nov 25th)

Following vulnerabilities discovered in tools many Linux and Information Security enthusiasts use such as the strings command and the bash shell, a new series of issues have been discovered in the less command. Less is used to paginate output, and can be used to view the text contents of a file one page at a time.

TA14-329A: Regin Malware 0

TA14-329A: Regin Malware

Original release date: November 25, 2014 Systems Affected Microsoft Windows NT, 2000, XP, Vista, and 7 Overview On November 24, 2014, Symantec released a report on Regin, a sophisticated backdoor Trojan used to conduct intelligence-gathering campaigns. At this time, the Regin campaign has not been identified targeting any organizations within the United States.

Guest diary: Detecting Suspicious Devices On-The-Fly, (Tue, Nov 25th) 0

Guest diary: Detecting Suspicious Devices On-The-Fly, (Tue, Nov 25th)

If you apply classic hardening rules (keep the patch level, use an AV, enable the firewall and use them with due diligence), modern operating systems are more and more difficult to compromise today. Extra tools like EMET could also raise the bar. On the other side, networks are more and more populated with unknown/personal devices or devices which provide multiple facilities like storage (NAS), printers (MFP), VoIP, IP camera, …

Docker Releases Security Advisory 0

Docker Releases Security Advisory

Original release date: November 24, 2014 Docker has released a critical security advisory to address vulnerabilities in Docker versions prior to version 1.3.2, one of which could allow an attacker to escalate privileges and execute remote code on an affected system.   US-CERT encourages users and administrators to review Docker’s Security Advisory and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.