Information about vulnerabilities that may effect your computing

Windows 8 to get first ‘critical’ security update

/
Windows 8, available publicly for two weeks now, is getting its first security update Nov. 13. It includes three critical updates; Windows 8 RT, for Microsoft's Surface tablet, has one critical update.

Adobe Patches Flash Player in Masssive Security Update

/
Adobe Systems has fixed more than two dozen critical flaws in Flash Player for Windows, Macintosh, Linux and Android systems. The update is rated "critical" by Adobe, and was given the highest deployment priority rating for Windows users. Adobe is not aware of any exploits targeting the vulnerabilities, which impact Adobe Flash Player 11.4.402.278 and earlier for Windows, version 11.4.402.265 and earlier for Macs and version 11.2.202.238 and earlier for Linux. The update also impacts Flash Player 11.1.115.17 and earlier on Android 4.x versions and 11.1.111.16 and earlier on Android 3.x and 2.x.

“Internet Doomsday” for some, Get rid of DNSChanger Malware Now!

/
July 9, 2012, has been dubbed "Internet doomsday" and there is a chance you will not be able to access the Internet on your personal computer due to a malware called DNSChanger Trojan.

Microsoft XML Core Services Attack Activity – Microsoft Security Advisory (2719615)

/
Microsoft Security Advisory (2719615) warns of active attacks using a vulnerability in Microsoft XML Core Services. Microsoft Internet

Revir Malware for OS X Undergoes Revision

/
Recently a new PDF-based malware threat for OS X was discovered that displays a Chinese PDF file while it installs and runs its malicious code in the background. While the initial version of this malware (OSX/Revir.A) was detected over a week ago, the criminals developing the code are busy revising and refining it, and over the weekend a variant has been identified (OSX/Revir.B). As with all malware, new versions of these threats are likely to surface in the future, and as they do, expect malware detection utilities (including Apple's XProtect) to follow close behind and label them alphabetically as they appear.

Morto Computer Worm Infecting Computers via Remote Desktop Protocol (RDP)

/
A new worm called Morto has begun making the rounds on the Internet in the last couple of days, infecting machines via RDP (Remote Desktop Protocol). The worm is generating a large amount of outbound RDP traffic on networks that have infected machines, and Morto is capable of compromising both servers and workstations running Windows. If you have any questions or need assistance, please let me know and I will follow up with you. Additional Information: • http://threatpost.com/en_us/blogs/new-worm-morto-using-rdp-infect-windows-pcs-082811 • http://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Worm%3aWin32%2fMorto.A • http://blogs.computerworld.com/18870/morto_worm_spreading_fast_via_rdp?af

HD Moore “Bounty: 30 Exploits, $5,000.00, in 5 weeks”

/
The Metasploit team is excited to announce a new incentive for community exploit contributions: Cash! Running until July 20th, our Exploit Bounty program will pay out $5,000 in cash awards (in the form of American Express gift cards) to any community member that submits an accepted exploit module for an item from our Top 5 or Top 25 exploit lists. This is our way of saying thanks to the open source exploit development community and encouraging folks who may not have written Metasploit modules before to give it a try.

Threat Outbreak Alert: Fake Bin Laden Pictures E-mail Messages on May 13, 2011

/
Cisco Security Intelligence Operations has detected significant activity related to Portuguese-language spam e-mail messages that claim to contain pictures of Osama Bin Laden The text in the e-mail message instructs the recipient to open a .zip attachment to view the pictures. However, the .zip attachment contains a malicious .scr file that, when executed, attempts to infect the system with malicious code.

Apache Tomcat HTTP Server Directory Traversal

/
Apache Tomcat is the servlet container for JavaServlet and JavaServer Page Web applications. A vulnerability in Apache Tomcat HTTP server may allow for directory traversal attacks. The vulnerability is cause by a misconfiguration of certain modules. An attacker could craft a special URL to view directories and files on the HTTP server without authorization.

Stuxnet was a directed attack with insider knowledge expert says

/
Stuxnet appeared on the scene earlier this summer, though it was written more than a year ago. The code, its mechanics, the way it moved from system to system using Zero-Day vulnerabilities in Windows, everything about it was both frightening and shady. The hype given to it was justified, if only because it was a targeted payload, aimed at critical infrastructure.