Category Archives: Security

aka infosec

Adobe, Flash, Patches and updates, Security

Flash 17.0.0.134 fixes eleven security bugs

March 13, 2015 jrivett Leave a comment

A new version of Flash was announced by Adobe yesterday. Flash 17.0.0.134 addresses at least eleven critical security vulnerabilities.

Anyone who uses a web browser with Flash enabled should install this update as soon as possible. That includes anyone who ever looks at any videos on Youtube.

Internet Explorer 10 and up will receive this Flash update via Windows Update, and Google Chrome will update itself.

Update 2015Mar27: That didn’t take long. At least one popular exploit kit (aka ‘set of hacking tools’) now includes a pre-packaged attack that targets one of the vulnerabilities fixed in Flash 17.0.0.134. If you use Flash, and you’re not in the habit of updating it, you should either stop using Flash or keep it up to date.

Microsoft, Patches and updates, Security, Windows 7

Microsoft update 3033929 causing problems

March 12, 2015 jrivett Leave a comment

One of the updates made available by Microsoft earlier this week is apparently causing problems on some Windows 7 computers. Details are sketchy at this point, but some users are reporting that their Windows 7 computers get into an infinite reboot loop after installing the KB3033929 update.

Microsoft is expected to release another update or pull the existing update soon. For now, anyone running Windows 7 should avoid this update.

Internet Explorer, Microsoft, Patches and updates, Security, Windows

Patch Tuesday for March 2015

March 10, 2015 jrivett Leave a comment

Today Microsoft announced fourteen updates for security vulnerabilities in Windows, Office, Exchange, and Internet Explorer. Five of the updates are flagged as Critical.

The bulletin summary gets into all the technical details. All you really need to know is that you should install these updates as soon as possible, especially if you use Internet Explorer.

One of the updates provides what is hoped will be a complete fix for a vulnerability that allowed the Stuxnet worm to spread. Microsoft published a fix for this vulnerability in 2010, but the fix was incomplete and the vulnerability remained largely intact.

SANS provides a breakdown of the new updates every month. The information is presented in a way that may be more appealing/useful to some readers.

Chrome, Google, Patches and updates, Security

Chrome 41.0.2272.76 fixes 51 security issues

March 4, 2015 jrivett Leave a comment

A new version of Chrome was released on Tuesday. Version 41.0.2272.76 includes fixes for at least 51 security vulnerabilities, as well as a number of other fixes related to stability and performance.

Internet, Internet crime, Malware, Privacy, Security

Ramnit botnet suppressed

March 1, 2015 jrivett Leave a comment

Europol, with assistance from Microsoft, Symantec, and Anubis Networks, has identified and seized the servers thought to be at the core of Ramnit‘s infrastructure.

Ramnit began operations in 2010, and has evolved from a simple worm to include advanced features for stealing personal/banking information and self-propagation. In its latest incarnation, Ramnit is capable of compromising infected computers in numerous ways. In 2012, Ramnit was used to gain access to 45,000 Facebook accounts.

Only time will tell whether this crackdown has actually succeeded in ridding the world of this particular piece of malware.

Internet, Privacy, Security

A depressing look at the future of the Internet

February 25, 2015 jrivett Leave a comment

If you’re feeling strong, Ars Technica has a report on the possible futures of the Internet. Tl;dr (aka ‘executive summary’): it’s not looking good; the scenario with the highest probability is this one:

The Internet becomes just like every physical domain of human existence: turf to fight over. Crime, espionage, embargoes, and full-blown nation-on-nation conflicts extend into the Internet.

Bleak.

Firefox, Patches and updates, Security

Another stealth Firefox release: version 36

February 25, 2015 jrivett Leave a comment

Mozilla quietly slipped a new version of Firefox to the public yesterday. Firefox 36.0 fixes at least 17 security issues, adds more HTML5 compatibility, and adds HTTP/2 functionality to the browser.

As usual, I learned about the new version from a non-Mozilla source, this time a post on the CERT alerts blog. There was no announcement at all on the Mozilla blog.

The release notes and security advisories (aka known vulnerabilities) pages provide additional details on the new release.

Update 2015Feb25: I did receive an email alert from Mozilla that could conceivably be considered an announcement for the new version. The Firefox download page includes a ‘Get Firefox news’ signup form, and I was able to confirm the email I received was sent via this mechnism. Sounds good, right? Not really. The email talks exclusively about Firefox’s new(ish) ‘Hello’ chat feature. It never mentions anything about a new version, or even the version in which ‘Hello’ first appeared. It only says that if you want to try it, you should install the latest version of Firefox.

Adware, Internet, Security

Superfish/Komodia update

February 24, 2015 jrivett Leave a comment

News about the recent Lenovo/Superfish/Komodia security issue keeps getting worse.

The Komodia software at the core of Superfish is even more of a security concern than was originally thought. Not only is its root certificate’s password trivially easy to crack, and common to all Superfish installs, it engages in some certificate validation trickery by which invalid certificates are simply deemed valid – without any warning to the user. Worse still, Komodia hides itself using rootkit techniques normally associated with the worst kinds of malware.

To top off this tale of ever-increasing woe, Komodia has been discovered in at least twelve more applications, including some that are supposed to make users more secure, like Comodo’s PrivDog and Lavasoft’s Ad-Aware Web Companion.

The companies involved in this mess are still scrambling. Lenovo has apologized for their actions, and has published Superfish removal instructions. Superfish is still denying there’s a problem. Komodia’s web site is off line, supposedly because of a DDoS attack, but that may be a smokescreen. Lavasoft has provided information about its use of Komodia, and will be issuing an update for Web Companion that will remove Komodia.

Stay tuned; this is likely to get much worse before it gets better.

Update 2015Feb27: The EFF has uncovered evidence showing that Superfish-related attacks have already occurred. Meanwhile, a hacker group briefly took over a Lenovo domain, causing corporate email to be misdirected. This was apparently done in the spirit of revenge against Lenovo for its actions in relation to Superfish.

Update 2015Feb28: Lenovo is now fully in damage control mode. They just released a statement patting themselves on the back for handling this problem so well, and they are promising to include less crapware on future computers. I wonder how long that promise will last.

Update 2015Mar08: It looks like Lenovo hasn’t done nearly enough to resolve this issue. It’s still possible to buy a new Lenovo laptop with Superfish installed.

Adware, Chrome, Google, Internet, Malware, Security, Spam and scams

Google beefs up protection against unwanted software

February 24, 2015 jrivett Leave a comment

A recent post on Google’s Online Security Blog describes security improvements to the Chrome browser, Google’s search engine, and Google’s advertising platform. The changes should make it easier for users to stay away from web sites known to contain unwanted (and presumed harmful) software.

Chrome now detects when you are about to visit a web site known to contain unwanted software, and displays a large red warning message.

Google’s search engine now decreases ranking for sites known to contain unwanted software. That means these kinds of sites should be less likely to appear in the first few pages of Google search results.

Google now checks all advertisements provided by its AdWords system, and disables any with links to sites with unwanted software. Additional details are available on Google’s Advertising Policies site. Google’s primary source of income is AdWords, so it’s comforting to see that they’re willing to take a financial hit (however small) to protect users.

Internet, Miscellany, Security

Analysis shows people are using stronger passwords

February 21, 2015 jrivett Leave a comment

A recent post on Ars Technica provides an interesting look at the strength of passwords.

People seem to be getting the message about using strong passwords, because the worst passwords are being used less frequently. For example, the notoriously bad password ‘123456’ was used in less than 1% of the sample data, down from 8.5% in previous studies.

But while these findings are encouraging, it’s important to recognize that the data is likely skewed, because it is mostly obtained from public dumps of data taken from compromised systems.

boot13