DarkFiber Consulting – IT Managed Services

SSL and TLS Vulnerable to Man-in-the-middle Attacks

December 10th, 2009 . by DarkFiber Consulting

DarkFiber Consulting is aware of reports of publicly available exploit code for a vulnerability within the SSL and TLS protocols. Reports indicate that exploitation of this vulnerability may allow an attacker to conduct a man-in-the-middle attack, allowing an attacker to inject plaintext into the beginning of the application protocol stream.

DarkFiber Consulting encourages OpenSSL users and administrators to review the OpenSSL 0.9.8l release and apply any updates.

DarkFiber Consulting has not received any reports of active exploitation and will continue to provide additional information as it becomes available.

Microsoft Releases Fix It for SMB Vulnerability

October 14th, 2009 . by DarkFiber Consulting

Microsoft has released Microsoft Knowledge Base Article 975497 to address a previously reported vulnerability in Microsoft Sever Message Block (SMB). This vulnerability may allow an attacker to execute arbitrary code or cause a denial-of-service condition.

DarkFiber Consulting encourages users and administrators to review Microsoft Knowledge Base Article 975497 and Microsoft Security Advisory 975497 and apply the Fix it tool or workarounds. Microsoft Knowledge Base Article 975497 addresses the vulnerability that was previously reported in the “Microsoft Releases Security Advisory 975497” Current Activity entry.

DarkFiber Consulting is aware that exploit code for this vulnerability has been made publicly available as part of the Metasploit Framework. Users and system administrators are strongly encouraged to apply the Microsoft Fix it solution or other workarounds until a patch is released.

U.S. Federal Reserve Fraudulent Email Scam

November 13th, 2008 . by DarkFiber Consulting

DarkFiber Consulting is aware of public reports of a fraudulent email scam circulating via messages that falsely appear to be from the U.S. Federal Reserve. These email messages contain information about a phishing scam and links for users to follow to obtain additional information about the scam. If a user follows the links, they will be redirected to a malicious website where a PDF exploit is used to install malicious code on the affected system.

DarkFiber Consulting encourages users to do the following to help mitigate the risks:

Microsoft Updates Security Advisory 951306

October 14th, 2008 . by DarkFiber Consulting

In April 2008, Microsoft released Security Advisory 951306 to alert users of a vulnerability in Microsoft Windows. This vulnerability may allow local users, or users who can legitimately run code in the context of IIS or SQL Server, to operate with elevated privileges. Recently, Microsoft Security Response Center (MSRC) posted several blog entries indicating that the Security Advisory was updated to reflect the availability of public exploit code. A patch or update is not available to correct this issue.

DarkFiber Consulting encourages users and administrators to do the following to help mitigate the risks:

Oracle Releases Security Advisory for WebLogic Plug-in Vulnerability

July 29th, 2008 . by DarkFiber Consulting

Oracle has released a Security Advisory to address a vulnerability in the WebLogic plug-in for Apache. Exploitation of this vulnerability may allow a remote, unauthenticated attacker to compromise the confidentiality or integrity of WebLogic Server applications or cause a denial-of-service condition. The advisory indicates that exploit code for this vulnerability is publicly available.

DarkFiber Consulting encourages users to review the Oracle Security Advisory and implement the workarounds listed in the document to help mitigate the risks. At this time, a patch or update is not available.

DarkFiber Consulting will provide additional information as it becomes available.