DarkFiber Consulting - IT Managed Services » Cyber Security

Oracle Releases Critical Patch Update for January 2010

DarkFiber Consulting — Thu, 28 Jan 2010 02:08:42 +0000

Oracle has released its Critical Patch Update for January 2010 to address 24 vulnerabilities across several products. This update contains the following security fixes:

10 for Oracle Database
3 for Oracle Application Server
3 for the Oracle Applications Suite
1 for PeopleSoft and JD Edwards Suite
5 for the BEA Products Suite
2 for the Oracle Primavera Products Suite

DarkFiber Consulting encourages users and administrators to review the January 2010 Critical Patch Update and apply any necessary updates to help mitigate the risks. Additional information can be found in DarkFiber Consulting Technical Cyber Security Alert TA10-012A.

Tags: Address, Bea, Critical Patch, Cyber Security, Database Application, Database Server, Jd Edwards, Necessary Updates, Oracle, Oracle Application Server, Oracle Applications Suite, Oracle Database, Oracle Server, Peoplesoft, Primavera Products, Security Fixes, Server Applications, Suite 1, Vulnerabilities

Federal Bureau of Investigation Warns Public of Fraudulent Spam Email

DarkFiber Consulting — Wed, 14 Oct 2009 10:06:54 +0000

The Federal Bureau of Investigation (FBI) has released information warning the public about fraudulent email messages purporting to come from the FBI or the Department of Homeland Security. These email messages contain a malicious attachment that claims to provide an intelligence report or bulletin, but in reality attempts to launch malware on the user’s system.

More information regarding these messages can be found in the Federal Bureau of Investigation’s New E-Scams and Warnings web site.

To help protect against this type of attack, DarkFiber Consulting recommends that users avoid opening attachments contained in unsolicited email messages. Additional tips regarding email attachments can be found in the DarkFiber Consulting Cyber Security Tip – Using Caution with Email Attachments.

Tags: Attempts, Caution, Cyber Security, Department Of Homeland, Department Of Homeland Security, Email Attachments, Email Messages, Email Tips, Fbi, Federal Bureau Of Investigation, Homeland Security, Intelligence Report, Investigation Fbi, Malicious Attachment, Opening Attachments, S System, Scams, Security Tip, Spam Email, Unsolicited Email

Microsoft Releases Two Out-of-Band Security Bulletins and a Security Advisory

DarkFiber Consulting — Fri, 31 Jul 2009 04:06:08 +0000

Microsoft has released two out-of-band security bulletins. The first bulletin, MS09-034, is a cumulative security update for Internet Explorer that addresses several vulnerabilities. These vulnerabilities may allow a remote attacker to execute arbitrary code. The second bulletin, MS09-035, addresses vulnerabilities in the Visual Studio Active Template Library (ATL). Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code.

Additionally, Microsoft has released security advisory 973882 to provide specific guidance for developers, IT professionals, consumers, and home users regarding the vulnerabilities in Active Template Library (ATL).

DarkFiber Consulting encourages users and administrators to review Microsoft Security Bulletins MS09-034 and MS09-035 and Microsoft Security Advisory 973882 and apply any necessary updates or workarounds to help mitigate the risks. Additional information can be found in Technical Cyber Security Alert TA09-209A.

Tags: Active Template Library, Arbitrary Code, Atl, Attacker, Consumers, Cumulative Security Update, Cyber Security, Developers, Guidance, Home Users, Internet Explorer, Microsoft, Microsoft Security Advisory, Microsoft Security Bulletins, Necessary Updates, Visual Studio, Workarounds

Adobe Reader, Acrobat and Flash Player Vulnerability

DarkFiber Consulting — Fri, 31 Jul 2009 04:06:06 +0000

Adobe has released a security advisory to address a vulnerability in Adobe Reader and Acrobat 9.1.2 and Flash Player 9 and 10. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial-of-service condition.

DarkFiber Consulting encourages users and administrators to review the security advisory and implement the following workarounds until a fix is available:

Disable Flash in Adobe Reader 9 on Windows platforms by renaming the following files: “%ProgramFiles%\Adobe\Reader 9.0\Reader\authplay.dll” and “%ProgramFiles%\Adobe\Reader 9.0\Reader\rt3d.dll”.

Disable Flash Player or selectively enable Flash content as described in the Securing Your Web Browser Document.

Additional information regarding this vulnerability can be found in Technical Cyber Security Alert TA09-204A.

DarkFiber Consulting will provide additional information as it becomes available.

Tags: Acrobat Adobe, Address, Adobe Acrobat, Adobe Reader, Arbitrary Code, Attacker, Cyber Security, Denial Of Service, Dll Reader, Flash Content, Flash Player 9, Flash Reader, Programfiles, Reader Acrobat, Vulnerability, Windows Platforms, Workarounds

Adobe Releases Security Updates for Adobe Reader and Acrobat

DarkFiber Consulting — Thu, 02 Jul 2009 21:50:53 +0000

Adobe has released security updates to address multiple vulnerabilities that affect versions of Reader and Acrobat up to and including Reader 9.1.1 and Acrobat 9.1.1. These vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition.

DarkFiber Consulting encourages users and administrators to review Adobe Security Bulletin APSB09-07 and apply any necessary updates to help mitigate the risks. Additional information regarding these vulnerabilities can be found in Technical Cyber Security Alert TA09-161A.

Tags: Acrobat Adobe, Acrobat Reader, Acrobat Security, Address, Adobe Acrobat, Adobe Reader, Adobe Updates, Arbitrary Code, Attacker, Cyber Security, Denial Of Service, Necessary Updates, Reader Acrobat, Security Bulletin, Security Updates, Vulnerabilities

Microsoft Releases June Security Bulletin

DarkFiber Consulting — Thu, 02 Jul 2009 21:50:52 +0000

Microsoft has released an update to address vulnerabilities in Microsoft Windows, Office, and Internet Explorer as part of the Microsoft Security Bulletin Summary for June 2009. These vulnerabilities may allow an attacker to execute arbitrary code, operate with elevated privileges, or obtain sensitive information.

DarkFiber Consulting encourages users and administrators to review the bulletins and follow best-practice security policies to determine which updates should be applied. Additional information regarding these vulnerabilities can be found in Technical Cyber Security Alert TA09-160A.

Tags: Address, Arbitrary Code, Attacker, Bulletins, Cyber Security, Internet Explorer, Microsoft, Microsoft Office, Microsoft Security Bulletin, Microsoft Windows, Privileges, Security Policies, Vulnerabilities, Windows Office

Malicious Code Spreading Through USB Flash Drive Devices

DarkFiber Consulting — Fri, 21 Nov 2008 05:00:29 +0000

DarkFiber Consulting is aware of public reports of an increase in malicious code propagating via USB flash drive devices. Currently, there are two popular methods by which USB flash drives are being infected with malicious code. Please note that these are not the only two methods available.

The first of these methods is referred to as simple file copy. This means that the malicious code initially resides on an infected computer and copies itself to all the storage devices connected to the affected computer. This method requires the user to access the USB flash drive and execute the malicious code.

The second method is referred to as AutoRun.inf modification. This means that the malicious code alters or creates an autorun.inf file on targeted storage devices connected to the affected computer. When an infected USB flash drive is connected to another computer, the malicious code can be automatically executed with no additional user interaction.

DarkFiber Consulting encourages users to do the following to help mitigate the risks:

Install antivirus software and keep the virus signatures up to date.
Do not connect an unknown or untrusted USB drive to your computer.
Disable AutoRun or AutoPlay features for removable media.
Review the Using Caution with USB Drives Cyber Security Tip for more information on protecting your USB flash drive.
Review The Dangers of Windows AutoRun Vulnerability Analysis Blog entry for more information regarding AutoRun.

Tags: Additional User, Caution, Computer Code, Cyber Security, Infected Computer, Interaction, Malicious Code, Removable Media, Security Tip, Storage Devices, Usb Devices, Usb Drive, Usb Drives, Usb Flash Drive, Usb Flash Drives, Virus Signatures, Vulnerability Analysis

DNS Cache Poisoning Public Exploit Code Available

DarkFiber Consulting — Fri, 25 Jul 2008 14:37:00 +0000

DarkFiber Consulting is aware of publicly available exploit code for a cache poisoning vulnerability in common DNS implementations. Exploitation of this vulnerability may allow an attacker to cause a nameserver’s clients to contact the incorrect, and possibly malicious hosts for particular services. As a result, web traffic, email and other important network data could be redirected to systems under the attacker’s control.

DarkFiber Consulting strongly urges administrators to patch affected systems immediately. Please review the following DarkFiber Consulting documents for further details:

Current Activity – DNS Implementations Vulnerable to Cache Poisoning
Current Activity – NAT/PAT Affects DNS Cache Poisoning Mitigation
Vulnerability Note VU#800113 – Multiple DNS implementations vulnerable to cache poisoning
Technical Cyber Security Alert TA08-190B – Multiple DNS implementations vulnerable to cache poisoning

DarkFiber Consulting will provide additional information as it becomes available.

Tags: Affected Systems, Attacker, Current, Cyber Security, Dns Cache, Email, Important Network, Malicious Hosts, Mitigation, Nameserver, Nat Pat, Vulnerability Note, Web Traffic