|
Check this page frequently for the latest Information Security and Virus News Important News PHISHING EMAILS a phishing emails asking you to fill in personal information has be sent to many USF Health email addresses. These email does not come from USF Health IS as evidenced by the return address. Please do not reply with the requested information.
Adobe Issues Updates for Multiple Products (May 14, 2013) Adobe has issued security updates to address critical flaws in Reader, Acrobat, Flash Player, and ColdFusion. The updates for Reader and Acrobat address a total of 27 vulnerabilities, 24 of which could be exploited to execute arbitrary code. The updates for Flash address 13 vulnerabilities, and a hotfix for ColdFusion addresses two flaws. http://www.zdnet.com/adobe-unleases-critical-patches-for-coldfusion-reader-and-flash-7000015414/
Microsoft Patch Tuesday Includes Fix For IE8 Zero-Day (May 14, 2013) On Tuesday, May 14, Microsoft released 10 security bulletins to address a total of 33 vulnerabilities in various products. Included in this patch of patches is a fix for a zero-day flaw in Internet Explorer 8 (IE8) for which Microsoft issued an advisory less than two weeks ago. Two of the bulletins are rated critical; both address security issues in IE.
Mozilla Releases Firefox 21 (May 15, 2013) Mozilla has released Firefox 21, which addresses 13 security issues in the previous version of the browser. Firefox 21 also introduces a feature called "Health Report" which lets users see information about the browser's performance, including start-up times, total running time, and crashes, as well as the number of plug-ins, add-ons, and bookmarks. Mozilla has also released Firefox 21 for Android. http://www.zdnet.com/firefox-21-release-adds-to-social-api-closes-security-holes-7000015429/ http://download.cnet.com/8301-2007_4-57584463-12/firefox-21-adds-a-new-health-report/
Critical Linux Kernel Flaw Patched, Exploit Code Released (May 15, 2013) Last month, developers quietly issued a patch for a vulnerability in the Linux kernel's performance counters subsystem that has been present for more than two years. The flaw could be exploited to give users with restricted accounts root access to vulnerable machines. Earlier this week, exploit code for the flaw was made publicly available, underscoring the vulnerability's severity. The Linux kernel patch issued last month did not specify that it was addressing a critical flaw. Those responsible for systems with untrusted accounts should find out from their distributors when a patch will be available.
Microsoft Releases New Version of Problematic Patch (April 23 & 24, 2013) Microsoft has released an updated version of MS13-036, a security bulletin that included a patch that was reportedly causing problems for some users. The original update, issued on April 9, was reportedly causing some PCs to crash. Microsoft pulled the patch on the 12th. Users who have automatic updates enabled will have the patch updated automatically. http://www.zdnet.com/microsoft-issues-new-version-of-patch-pulled-on-patch-tuesday-7000014473/ http://www.scmagazine.com/microsoft-issues-replacement-for-botched-patch/article/290377/ http://www.h-online.com/security/news/item/Microsoft-patches-the-patch-1848659.html
Siri Retains Query Data for Two Years (April 19, 2013) Apple has revealed that it retains information about questions users ask Siri for as long as two years, although the company does try to anonymize the data. Siri queries are sent to Apple's servers, where they are assigned an identifier - not an AppleID or email address - that links the voice files to the device from which they were sent. After six months, the identifier is removed, but the query data are retained to help Apple with product testing and improvement. The disclosure of Apple's data retention practices comes in response to pressure from American Civil Liberties Union (ACLU) lawyer Nicole Ozer, who said that that Apple does not do enough to let customers know their privacy rights. http://www.wired.com/wiredenterprise/2013/04/siri-two-years/ http://www.zdnet.com/apple-stores-your-voice-data-for-two-years-7000014216/
Yet Another Java Vulnerability Surfaces (April 22 & 23, 2013) A reflection API vulnerability in the most recently patched version of Java could be exploited to bypass the sandbox feature. The attack would require that users click "yes" to allow an application to execute on their computers. Oracle has been notified. The flaw affects all versions of Java SE 7 as well as the java Runtime Environment (JRE) Plugin software, the Java Development Kit (JDK), and Server JRE. Oracle released a security update for Java (Java 7, Update 21) just last week. http://www.theregister.co.uk/2013/04/23/java_reflection_api_an_insecure_mess/
BadNews Malware Snuck Into Google Play Apps (April 20 & 22, 2013) Malware known as BadNews has been downloaded from Google Play at least two million times. BadNews was found to have been hidden in at least 32 separate apps from four different developers. The malware was added to the apps after they had been submitted to Google Play. Infected Android devices connect to remote servers every four hours to send harvested data, including device phone numbers and unique serial numbers. The remote servers also instruct infected devices to install a Trojan horse program called AlphaSMS that sends text messages to numbers that incur charges. Google has removed the infected apps. http://www.theregister.co.uk/2013/04/22/android_malware_badnews/
Microsoft: Web Based Threats More Prevalent Than Network Threats (April 17 & 18, 2013) According to Microsoft's Security Intelligence Report, web-based threats pose a greater risk to enterprise networks than do worms that spread through the network. This is the first time in four years that Conficker has not topped the list of threats to enterprise networks. That position is now occupied by IframeRef malware. http://www.darkreading.com/vulnerability/microsoft-worms-and-rogue-av-dying-web-t/240153128
Study Says Home Routers Vulnerable to Attacks (April 17 & 18, 2013) Many widely used home routers are easy to hack into, according to a study by a company called Independent Security Evaluators. A test found 13 of the most popular home routers had easily remotely exploitable vulnerabilities that could be used to snoop on or modify network traffic. All of the routers tested were using the most recent firmware and were tested with their out-of-the box default configurations. http://news.cnet.com/8301-1009_3-57579981-83/top-wi-fi-routers-easy-to-hack-says-study/
Apple Updates Safari and Java (April 17 & 18, 2013) Apple's most recent update for Safari includes functionality that allows users to decide whether to enable the Java plug-in on a site-by-site basis. The new feature is available in the latest versions of Safari 5 and 6. Apple has also released an update for the Java browser plug-in that addresses 21 vulnerabilities. The updates address remote code execution vulnerabilities in the browser and in Java. http://www.zdnet.com/apples-latest-safari-updates-add-site-by-site-java-plugin-controls-7000014207/ http://www.v3.co.uk/v3-uk/news/2261946/apple-releases-security-updates-for-safari-and-java
Oracle Issues Quarterly Patch Update and Java Update (April 16 & 18, 2013) On Tuesday, April 16, Oracle released its quarterly Critical Patch Update to address 128 vulnerabilities in a variety of the company's products. The company also issued a critical security update for Java that addresses 42 vulnerabilities, the majority of which are remotely exploitable. Nineteen of the 42 flaws have been given the highest severity rating. http://news.cnet.com/8301-1009_3-57579845-83/oracle-preps-128-security-patches-java-gets-42/ http://www.theregister.co.uk/2013/04/17/oracle_java_security_update/ http://www.theregister.co.uk/2013/04/16/oracle_critical_patch_april/ --"Magic" Malware Spreading in the UK (April 17 & 18, 2013) Malware known as Magic communicates with an as-yet unknown custom protocol. Thousands of computers in the UK have been infected across a variety of sectors, including finance, education, and telecommunications. While Magic's purpose is not clear, it is likely to have been designed for espionage, as it has been active on computers for nearly a year. It can establish a backdoor on infected machines, steal data, and inject HTML into browsers. Researchers who have examined Magic say that the malware has additional capabilities that it has not yet used, suggesting that those behind the operation may be conducting reconnaissance for a larger attack. http://www.theregister.co.uk/2013/04/18/magic_malware_menaces_uk/ Android Trojan Spreading Through Spam (April 8, 2013) The Cutwail botnet is sending out spam that attempts to infect Android devices with a Trojan horse program. The malware, which is being called Stels, also takes steps to infect other operating systems. When users click on the provided link in messages that appear to be from legitimate sources, such as the Internal Revenue Service (IRS), a script checks to see if the user is on an Android device. If Android is detected, users are shown an Adobe Flash Update page, which installs the malware. If the user is not on an Android device, the script redirects them to a webpage that serves up the Blackhole exploit kit. http://www.h-online.com/security/news/item/Botnet-now-spreading-Android-trojans-1837356.html http://www.scmagazine.com/android-trojan-spreads-through-cutwail-spam-botnet/article/287554/
|
|
Print Friendly 
|
USF Home > USF Health Home
> Information Systems > Security > Information Security Alerts
|
USF Home > USF Health Home
> Information Systems > Security > Information Security Alerts