Monday, November 17, 2014

Cyber Security News, Education and Vulnerability Patch Report for the Week of November 17, 2014




Cyber Crime

Sheriff’s department files held for ransom by malware: The “Cryptowall” malware demanded more than $500 from the Dickson County Sheriff’s Office to unlock its case files. UPI, November 13, 2014
Home Depot Breach Costs CUs $60M: The Home Depot data breach cost credit unions almost $60 million, nearly twice as much as the Target breach, according to survey results released by CUNA Thursday. CreditUnionTimes, October 30, 2014

Cyber Attack

How Cyber Crime Gang Targets Travelling Executives Through Hotel Wi-Fi: A stealth gang of cyber criminals have carefully targeted travelling executives through hotel Wi-Fi connections in Asia over the past four years and are still active today, according to a report from a leading security firm. ABC News, November 10, 2014

Cyber Privacy

Evidence implicates government-backed hackers in Tor malware attacks: A hacker who was surreptitiously injecting malicious code in downloads in to part of the Tor network has been linked to a series of government-sponsored cyber attacks. The Guardian, November 14, 2014
ISPs Removing Their Customers’ Email Encryption: Recently, Verizon was caught tampering with its customer’s web requests to inject a tracking super-cookie. Another network-tampering threat to user safety has come to light from other providers: email encryption downgrade attacks. In recent months, researchers have reported ISPs in the US and Thailand intercepting their customers’ data to strip a security flag—called STARTTLS—from email traffic. The STARTTLS flag is an essential security and privacy protection used by an email server to request encryption when talking to another server or client. Electronic Frontier Foundation, November 11, 2014

Financial Cyber Security

Default ATM passcodes still exploited by crooks: Once again, ATMs have been “hacked” by individuals taking advantage of default, factory-set passcodes. HelpNetSecurity, November 14, 2014

Cyber Warning

Homeland Security Warns iPod, iPhone Users To Watch Out For iOS 8 Masque Attack: Reiterating a software security firm’s warning to iOS users, the Department of Homeland Security’s U.S. Computer Emergency Readiness Team is asking PC and mobile device users to avoid downloading app outside of Apple’s App Store. TechTimes, November 13, 2014
Hackers exploit NFC phone payment technology: Several bugs in Near Field Communication (NFC) payment systems have been found by security experts. BBC, November 13, 2014
POS Malware Continues To Evolve: With a little over two weeks until the holiday shopping season kicks off in earnest, a picture of the evolution of point of sale (POS) malware has come into focus with a number of recent pieces of research of late. A common theme recurring throughout is that POS malware is increasingly maturing with different packages and families refined for specific attack scenarios. DarkReading, November 11, 2014
GONE IN 30 MINUTES: THE RISE OF MANUALLY HACKED EMAIL ACCOUNTS: Email hackers have long since learned how to automate their attacks in order to compromise as many accounts as possible in the shortest time frame. But sometimes the old-fashioned ways of doing things are the best and that is exactly what a new report from Google has discovered. Security-FAQs, November 10, 2014

Cyber Security Management

What We Mean by Maturity Models for Security: The aim is to assess the current state of security against a backdrop of maturity and capability to translate actions into goals that even non-security people can grasp. DarkReading, November 12, 2014

Cyber Security Management – Cyber Defense

Google’s VirusTotal puts Linux malware under the spotlight: As Linux malware matures, Google’s malware checker will give samples the same treatment as those uploaded for Windows. ZDNet, November, 12 2014

Cyber Security Management – Cyber Update

Adobe, Microsoft Issue Critical Security Fixes: Adobe and Microsoft today each issued security updates to fix critical vulnerabilities in their software. Microsoft pushed 14 patches to address problems in Windows, Office, Internet Explorer and .NET, among other products. Separately, Adobe issued an update for its Flash Player software that corrects at least 18 security issues. KrebsOnSecurity, November 11, 2014

Cyber Underworld

Network Hijackers Exploit Technical Loophole: Spammers have been working methodically to hijack large chunks of Internet real estate by exploiting a technical and bureaucratic loophole in the way that various regions of the globe keep track of the world’s Internet address ranges. KrebsOnSecurity, November 13, 2014

National Cyber Security

Steptoe Cyberlaw Podcast, Episode #42: An Interview with Orin Kerr: We share the program this week with Orin Kerr, a regular guest who knows at least as much as we do about most of these topics and who jumps in on many of them. Orin, of course, is a professor of law at George Washington University and well-known scholar in computer crime law and Internet surveillance. Lawfare, November 13, 2014
NOAA Blames China In Hack, Breaks Disclosure Rules: The National Oceanic and Atmospheric Administration finally confirms that four websites were attacked and taken down in September, but details are sketchy and officials want answers. DarkReading, November 13, 2014

Cyber Sunshine

Identity theft conviction nets 9 years in prison for organized cybercrime member: Tony Soprano had nothing on the made men of, an organized cybercrime ring that federal prosecutors say stole more than $50 million in an identity theft and credit card scam. Consumer Affairs, November 13, 2014

Weekend Vulnerability and Patch Report, November 17, 2014

Important Security Updates

Adobe Flash Player: Adobe has released version to fix at least 18 highly critical vulnerabilities reported in previous versions. Updates are available from Adobe’s website. Updates are also available for AIR.
Dropbox: Dropbox has released version 2.10.50 for its file hosting program. Updates are available at Dropbox’s website. [See Citadel's warning below]
Google Chrome: Google has released Google Chrome version 38.0.2125.122. Updates are available from within the browser or from Google Chrome’s website.
Microsoft Patch Tuesday: Microsoft’s Patch Tuesday released 9 updates to address at least 24 vulnerabilities, some of which are highly critical within Windows, Internet Explorer, Office, Word, .NET, Windows Flash Player, Sharepoint, and other Microsoft products.
Mozilla Firefox: Mozilla has released version 33.1.1 for Firefox. Updates are available within the browser or from Mozilla’s website.
Mozy Free Edition: Mozy has released version 2.28.0. Updates are available on Mozy’s website.
Siber Systems RoboForm: Siber Systems has released version 7.9.11 of Roboform. Updates are available from within the program, look for the “Check New Version” button on the Options menu or download from the Roboform website.
Skype: Skype has released Skype Updates are available from the program or Skype’s website.

Current Software Versions

Adobe Flash [Windows 7: IE]
Adobe Flash [Windows 7: Firefox, Mozilla]
Adobe Flash [Windows 8: IE]
Adobe Flash [Macintosh OS X: Firefox, Opera, Safari]
Adobe Reader 11.0.09
Dropbox 2.10.50 [Citadel warns against relying on Dropbox security. We recommend files containing sensitive information be independently encrypted with a program like Axcrypt; encryption keys be at least 15 characters long; and the Dropbox password be at least 15 characters long and different from other passwords.]
Firefox 33.1.1
Google Chrome 38.0.2125.122
Internet Explorer 11.0.9600.17420
Java SE 8 Update 25 [Citadel recommends removing or disabling Java from your browser. Java is a major source of cyber criminal exploits. It is not needed for most internet browsing. If you have a particular web site that requires Java, Citadel recommends using a two-browser approach to minimize risk. If you normally browse the Web with Firefox, for example, disable the Java plugin in Firefox and use an alternative browser — such as Chrome, IE9, Safari, etc — with Java enabled to browse only the sites that require it.]
QuickTime 7.7.6
Safari 5.1.7 
Safari 7.1 [Mac OS X]

Newly Announced Unpatched Vulnerabilities

For an updated list of previously announced Unpatched Vulnerabilities, please see the resources section of Citadel’s website.

For Your IT Department

Cisco Multiple Products: Secunia reports Cisco has released an update to fix 6 moderately critical vulnerabilities in Unified Intelligent Contact Management Enterprise. Please contact the vendor for details about an update as the bug report CSCup24074 indicates a fixed status, however, no dedicated fixed versions are mentioned. Secunia reports a security issue and 2 unpatched moderately critical vulnerabilities in Cisco’s Unified IP Phones 7900 Series. No official solution is currently available.
Novell GroupWise: Secunia reports an unpatched security issue in Novell’s GroupWise reported in versions 8.x, 2012 and 2014. No official solution is available.
Novell Open Enterprise Server: Secunia reports an update to Novell’s Open Enterprise Server to fix 3 highly critical vulnerabilities. Apply patch oes11sp1-MozillaFirefox-9814.
If you are responsible for the security of your computer, Citadel’s Weekend Vulnerability and Patch Report is for you. We strongly urge you to take action to keep your workstation patched and updated.
If someone else is responsible for the security of your computer, forward our Weekend Vulnerability and Patch Report to them and follow up to make sure your computer has been patched and updated.
Vulnerability management is a key element of cyber security management. Cyber criminals take over user computers by writing computer programs that “exploit” vulnerabilities in operating systems (Windows, Apple OS, etc) and application programs (Adobe Acrobat, Office, Flash, Java, etc). When software companies find a vulnerability, they usually issue an update patch to fix the code running in their customer’s computers.
Citadel publishes our Weekend Vulnerability and Patch Report to alert readers to some of the week’s important updates and vulnerabilities. Our focus is on software typically found in the small or home office (SOHO) or that users are likely to have on their home computer. The report is not intended to be a thorough listing of updates and vulnerabilities.
Copyright © 2014 Citadel Information Group. All rights reserved.'s Security Recruiter Blog