DarkFiber Consulting - IT Managed Services » Exploit

SSL and TLS Vulnerable to Man-in-the-middle Attacks

DarkFiber Consulting — Thu, 10 Dec 2009 18:49:43 +0000

DarkFiber Consulting is aware of reports of publicly available exploit code for a vulnerability within the SSL and TLS protocols. Reports indicate that exploitation of this vulnerability may allow an attacker to conduct a man-in-the-middle attack, allowing an attacker to inject plaintext into the beginning of the application protocol stream.

DarkFiber Consulting encourages OpenSSL users and administrators to review the OpenSSL 0.9.8l release and apply any updates.

DarkFiber Consulting has not received any reports of active exploitation and will continue to provide additional information as it becomes available.

Tags: Application Protocol, Attacker, Exploit, Man In The Middle Attack, Protocol Stream, Protocols, Vulnerability

Microsoft Releases Fix It for SMB Vulnerability

DarkFiber Consulting — Wed, 14 Oct 2009 10:06:53 +0000

Microsoft has released Microsoft Knowledge Base Article 975497 to address a previously reported vulnerability in Microsoft Sever Message Block (SMB). This vulnerability may allow an attacker to execute arbitrary code or cause a denial-of-service condition.

DarkFiber Consulting encourages users and administrators to review Microsoft Knowledge Base Article 975497 and Microsoft Security Advisory 975497 and apply the Fix it tool or workarounds. Microsoft Knowledge Base Article 975497 addresses the vulnerability that was previously reported in the “Microsoft Releases Security Advisory 975497” Current Activity entry.

DarkFiber Consulting is aware that exploit code for this vulnerability has been made publicly available as part of the Metasploit Framework. Users and system administrators are strongly encouraged to apply the Microsoft Fix it solution or other workarounds until a patch is released.

Tags: Addresses, Arbitrary Code, Attacker, Denial Of Service, Exploit, Knowledge Base Article, Message Block, Metasploit Framework, Microsoft, Microsoft Knowledge Base, Microsoft Knowledge Base Article, Microsoft Releases Security Advisory, Microsoft Security Advisory, System Administrators, Tool, Vulnerability

U.S. Federal Reserve Fraudulent Email Scam

DarkFiber Consulting — Fri, 14 Nov 2008 00:04:48 +0000

DarkFiber Consulting is aware of public reports of a fraudulent email scam circulating via messages that falsely appear to be from the U.S. Federal Reserve. These email messages contain information about a phishing scam and links for users to follow to obtain additional information about the scam. If a user follows the links, they will be redirected to a malicious website where a PDF exploit is used to install malicious code on the affected system.

DarkFiber Consulting encourages users to do the following to help mitigate the risks:

Do not follow unsolicited links.
Use caution when visiting untrusted websites.
Install antivirus software and keep the virus signatures up to date.
Refer to the Recognizing and Avoiding Email Scams (pdf) document for more information on avoiding email scams.
Refer to the Avoiding Social Engineering and Phishing Attacks document for more information on social engineering attacks.

Tags: Caution, Email Information, Email Messages, Email Scam, Email Scams, Exploit, Federal Reserve, Malicious Code, Malicious Website, Phishing Attacks, Phishing Scam, Social Engineering, Untrusted, Virus Signatures

Microsoft Updates Security Advisory 951306

DarkFiber Consulting — Tue, 14 Oct 2008 17:53:48 +0000

In April 2008, Microsoft released Security Advisory 951306 to alert users of a vulnerability in Microsoft Windows. This vulnerability may allow local users, or users who can legitimately run code in the context of IIS or SQL Server, to operate with elevated privileges. Recently, Microsoft Security Response Center (MSRC) posted several blog entries indicating that the Security Advisory was updated to reflect the availability of public exploit code. A patch or update is not available to correct this issue.

DarkFiber Consulting encourages users and administrators to do the following to help mitigate the risks:

Review the updated Security Advisory 951306 and apply the suggested workarounds.
Review the MSRC blog entries from October 9, 2008 and October 13, 2008.

Tags: April, Exploit, Microsoft, Microsoft Security Response Center, Microsoft Updates, Microsoft Windows, Msrc, Privileges, Security Advisory, Security Response Center, Vulnerability

Oracle Releases Security Advisory for WebLogic Plug-in Vulnerability

DarkFiber Consulting — Wed, 30 Jul 2008 04:23:16 +0000

Oracle has released a Security Advisory to address a vulnerability in the WebLogic plug-in for Apache. Exploitation of this vulnerability may allow a remote, unauthenticated attacker to compromise the confidentiality or integrity of WebLogic Server applications or cause a denial-of-service condition. The advisory indicates that exploit code for this vulnerability is publicly available.

DarkFiber Consulting encourages users to review the Oracle Security Advisory and implement the workarounds listed in the document to help mitigate the risks. At this time, a patch or update is not available.

DarkFiber Consulting will provide additional information as it becomes available.

Tags: Address, Apache, Attacker, Confidentiality, Denial Of Service, Exploit, Integrity, Oracle, Oracle Security, Security Advisory, Server Applications, Vulnerability, Weblogic, Workarounds