Thursday, February 26, 2015

HSTS support for Internet Explorer

Last Tuesday, Microsoft provides a new security feature with HSTS for its web browser Internet Explorer. HSTS stands for HTTP Strict Transport Security that provides secure browsing over the internet. HSTS aids users to protect from MitM attacks that can remove TLS out of communications with a server. According to Microsoft, it works with the IE running on Windows 10 platform. There are two methods used by HSTS for securing connections. One way allows that websites can register to be hard-coded by IE and other browsers to redirect HTTP traffic to HTTPS while the other way, sites not on the preloaded list can enable HSTS via the Strict-Transport-Security HTTP header. <more>

Google's new scanner for cloud platform

Google rolled out a security scanner to reveal security vulnerabilities found in Google App Engine Web applications. Security is still a major worry for most of the IT professionals. The scanner looks into the application also checking all the links and apply multiple scenarios to test the application. Google Security Engineering Manager, Rob Mann told that scanner cannot be used with App Engine Managed VMs, Google Compute Engine or any other resources. Although the scanner has some limitation, but still it aids software developers to look for security flaws that might affect the application. Company also recommends a manual security review by a Web app security professional as scanners don't provide guarantee against security flaws. <more>

Thursday, February 19, 2015

Facebook launches ThreatExchange for sharing threat information

Social media giant Facebook has launched a new platform for sharing security threat information called 'ThreatExchange'. It's a good opportunity for organizations to share their threat information so that they can counter the breach altogether. Although many vendors shared the information through private channels, but it is limited due to multiple constraints as there is no formal platform that can provide organization to share their experiences which would be helpful to organization that could be victims of such familiar breaches later. <more>

High risk Group Policy flaw PATCHED in Windows

February's Patch Tuesday addresses a critical vulnerability related to Group Policy that made Windows machines at high risk. Group policy is highly used in corporate networks as it is a feature that provides utility for organizations to centrally manage Windows systems, applications, and user settings in Active Directory environments. This decade-old security flaw was identified by JAS Global Advisors and simMachines that has occurred due to a design flaw in the Group Policy. Microsoft addresses this vulnerability under MS15-014 security bulletin. <more>

Tuesday, February 10, 2015

Adobe Flash Player out-of-band update

Adobe rolls out latest version of Flash Player rectifying around 18 security flaws, among them a patch for 0-day exploit as well. This security update is an out-of-cycle update as Adobe normally releases security patches with Microsoft Patch Tuesday. The 0-day issue covers under CVE-2015-0313, a security flaw using an exploit kit a drop a malware on the victims machine through malvertising campaigns. Adobe advisory addresses FOUR use-after-free issues, SIX memory corruption issues, TWO type confusion issues, TWO heap buffer overflow, THREE null pointer deference and a buffer overflow. Most of the vulnerabilities allow remote execution of arbitrary code except in such cases where there is a null pointer deference that crashes the vulnerable application. Security updates are released for Windows, Linux and Macintosh OS X platforms. <more>

0-day in the Fancybox-for-WordPress Plugin

WordPress - the most popular open-source blogging tool and a content management system (CMS) is under attacked by hackers that targets Fancybox plugin used in WordPress. Security researchers from Sucuri issued an alert regarding the affected plugin that allows attackers to inject a malformed iframe into websites. FancyBox is used for exhibit images, HTML content and multimedia that mounts on top of Web pages. It is one of the most widely used WordPress plugins - around 600,000 times has been downloaded from the official website. According to Sucuri researchers, it's a high risk vulnerability that allows malware to be loaded on the affected website that uses that out-dated plugin. It is in user's interest to apply the security update on earliest basis. <more>

Friday, February 6, 2015

'glibc' CRITICAL flaw affecting Linux systems

Linux users are on a high risk due to a security flaw in a core library component that is used by almost all Linux distributions. This critical vulnerability allows remote attackers to execute arbitrary code due to a buffer overflow in the glibc (GNU C) library. Shell access to the machine can be taken by sending a malformed message to an email application. Security researchers from Qualys identified the issue and claim that this issue has been there for the last 14 years. glibc 2.17 and 2.18 eradicated this issue. But still several Linux distributions has not implemented yet. Affected OS are Debian 7 (wheezy), Red Hat Enterprise Linux 6 and 7, CentOS 6 and 7; and Ubuntu 12.04. <more>

BlackPhone Text Message Security flaw!!

Fully secured BlackPhone is vulnerable to remote code execution vulnerability due to an error in the SilentText secure messaging application. The flaw is quite critical as it allows intruders to decrypt messages, read contact information, collect location data and even execute malicious code on the phone. Security researcher Mark Dowd from Azimuth Security has identified this flaw that targets SilentText. Company has responded promptly and released the patch so that users can update the firmware to avoid any mishap. <more>