Original release date: March 03, 2015 The National Security Agency (NSA)’s Information Assurance Directorate has released a report on Defensive Best Practices for Destructive Malware. This report details several steps network defenders can take to detect, contain and minimize destructive malware infections
Original release date: March 02, 2015 The Federal Trade Commission (FTC) has released an advisory describing the top 10 reported imposter scams for 2014. Scam operators often impersonate individuals, companies, and organizations to entice targets to participate in fraudulent financial transactions
The RedHat security team has released an advisoryon a Samba vulnerabilityeffecting Samba version 3.5.0 through 4.2.0rc4. It can be exploited by a malicious Samba client, by sending specially-crafted packets to the Samba server. No authentication is required to exploit this flaw.
Original release date: February 20, 2015 Lenovo consumer personal computers employing the pre-installed Superfish Visual Discovery software contain a critical vulnerability through a compromised root CA certificate. Exploitation of this vulnerability could allow a remote attacker to read all encrypted web browser traffic (HTTPS), successfully impersonate (spoof) any website, or perform other attacks on the affected system. US-CERT recommends users and administrators review Vulnerability Note VU#529496 and US-CERT Alert TA15-051A for additional information and mitigation details
VU#529496: Komodia Redirector with SSL Digestor fails to properly validate SSL and installs non-unique root CA certificates and private keys
Vulnerability Note VU#529496 Komodia Redirector with SSL Digestor installs non-unique root CA certificates and private keys Original Release date: 19 Feb 2015 | Last revised: 20 Feb 2015 Overview Komodia Redirector with SSL Digestor installs non-unique root CA certificates and private keys, making systems broadly vulnerable to HTTPS spoofing Description Komodia Redirector SDK is a self-described “interception engine” designed to enable developers to integrate proxy services and web traffic modification (such as ad injection ) into their applications. With the SSL Digestor module, HTTPS traffic can also be manipulated.
Vulnerability Note VU#787252 Microsoft Windows domain-configured client Group Policy fails to authenticate servers Original Release date: 13 Feb 2015 | Last revised: 13 Feb 2015 Overview Microsoft Windows domain-configured client Group Policy fails to authenticate servers over Universal Naming Convention (UNC) paths. Description Microsoft has released MS15-011 , detailing a critical flaw in which Windows domain-configured client Group Policy fails to authenticate servers over Universal Naming Convention (UNC) paths
Original release date: February 10, 2015 Microsoft has released updates to address vulnerabilities in Windows as part of the Microsoft Security Bulletin Summary for February 2015.
Vulnerability Note VU#669156 Topline Systems Opportunity Form vulnerable to information disclosure Original Release date: 05 Feb 2015 | Last revised: 05 Feb 2015 Overview Topline Systems Opportunity Form contains an information disclosure vulnerability. Description CWE-200 : Information Exposure Topline Systems Opportunity Form is a macro-enabled Excel spreadsheet that contains connection strings to a public-facing database. By running procedures included in the spreadsheet, user names, email addresses, and passwords are exposed in plain text.
If you want the best network defenses, you need to stay abreast of the latest information security news; but I realize most IT folks don’t have the time to stay informed on their own. Let our weekly video do the heavy lifting, and quickly share the biggest infosec news. This episode, from last week, covers the latest evidence of a nation state malware campaign, a warning about an adult site spreading malware, news of a critical Linux vulnerability, and more