Number: IRCNE2015102661
Date: 2015/10/19

According to “zdnets”, Adobe has patched a critical zero-day security flaw in Flash, which the company said was being used to launch "limited, targeted attacks."
The emergency patch, which also fixed two other vulnerabilities, landed on Friday, sooner than the company's forecast of some time this week.
The patch updates Flash for Windows and OS X to version 19.0.0.226, and version 11.2.202.540 for Linux.
Trend Micro researcher Peter Pi, who was credited with discovering the vulnerability, said in a blog post Friday that Russian hackers had used the flaw to target foreign affairs ministries by sending spearphishing emails that contained links to webpages hosting the exploit.
From there, hackers could remotely execute code on a target machine, potentially taking over the affected system.
The company recommended that users update immediately. Users of Google Chrome, Internet Explorer 10 and 11, and Microsoft Edge browser will receive the update automatically.

Number: IRCNE2015102660
Date: 2015/10/19

According to “itpro”, a Russian security researcher has developed a normal-looking USB stick that, if inserted into any computer, will destroy its motherboard and render it useless.
The USB Killer 2.0 has been made to look just like any USB stick used to store information. However, the stick discharges a negative 220-volt charge when it is plugged into a USB port. This is enough to completely wreck not only the USB port but the PC’s motherboard as well.
In a blog post, the researcher dubbed Dark Purple says the USB Killer could destroy anything with a USB port, such as televisions, routers, and modems. Even a smartphone connected using a USB on-the-go cable could be affected.
In a YouTube video, Dark Purple demonstrates how an ordinary Lenovo laptop can be affected. The notebook emits a buzzing noise before shutting off, presumed permanently.
However, despite the motherboard going to hardware heaven, the hard drive may still be intact with its contents readable. "It is extremely unlikely that the hard disk was damaged," said Dark Purple.
The previous incarnation USB Killer 1.0 could only manage a maximum voltage of 110V. The new version is twice as powerful and more innocent looking. The new USB stick took a week to develop the circuit implementation and a few months for parts to arrive. Dark Purple then developed and ordered printed circuit boards in China and made a “combat model”.
He said that a former colleague of his describes the USB stick as “an atomic bomb: cool to have, but cannot be applied”.

Number: IRCNE2015102659
Date: 2015/10/19

According to “computerworlduk”, Adobe released 69 security patches as part of its regularly scheduled update cycle on Tuesday fixing multiple vulnerabilities in Flash, Reader, and Acrobat. In that update, Adobe fixed 13 Flash flaws that could lead to information disclosure and remote code execution. While these updates should be applied immediately, administrators should remain on guard because attackers are currently exploiting a zero-day vulnerability affecting all versions of Flash Player, even the latest one.
Researchers uncovered the zero-day Flash exploit in the latest Pawn Storm cyber espionage campaign, Trend Micro researchers Brooks Li, Feike Hacquebord, and Peter Pi wrote in a blog post. The spear phishing emails contained links leading to the exploit and targeted several Ministries of Foreign Affairs around the world.
The URLs hosting the new Flash zero-day exploit are similar to the URLs seen in attacks that targeted North Atlantic Treaty Organization members and the White House in April.

Number: IRCNE2015102658
Date: 2015/10/19

According to “zdnet”, AT&T and Verizon's implementations of LTE are said to be vulnerable to "to several issues" that could result in eavesdropping, data spoofing, and over-billing for potentially millions of phones.
Android devices on these networks are at most risk because the software "does not have appropriate permissions model" for LTE networks.
T-Mobile customers were affected but the issue has since been "resolved," a spokesperson said.
Apple products are not affected.
LTE (also known as 4G) relies on packet switching, a common way of sending data across the internet, rather than the old method of circuit switching. This new method of sending data allows for new kinds of attacks, particularly against the Session Initiation Protocol (SIP), nowadays more commonly used in voice calls and instant messaging.
Researchers have found a method that exploits the way that SIP works, by spoofing phone numbers for calls or text messages. It's also possible for an attacker to obtain free bandwidth for more data-intensive activities, like video calling, without incurring any additional costs. In some cases, an attacker can establish multiple SIP sessions at the same time, which could lead to a denial-of-service attack on the network.
The advisory said each network was vulnerable to "one or more" of the issues. CERT, which published the advisory, said it was currently unaware of a practical fix to the issues.
The researchers said every version of Android was at risk, whereas other attacks were network dependent.
When contacted, a Google spokesperson said the company will fix the issue for Nexus devices as part of its November Monthly Security Update, but did not confirm which Android versions were affected.

شماره: IRCNE2015102657
تاريخ: 07/25/94

يك روز پس از انتشار اصلاحيه هاي ماه اكتبر ادوب، اين شركت تاييد كرد كه يك آسيب پذيري جديد در فلش پلير شناسايي شده است كه تمامي نسخه هاي در حال اجرا بر روي سيستم عامل هاي ويندوز، مكينتاش و لينوكس را تحت تاثير قرار مي دهد.
اين شركت اعلام كرد كه به زودي يك اصلاحيه خارج از نوبت براي اصلاح آسيب پذيري پلاگين نرم افزار منتشر خواهد كرد. اين آسيب پذيري مي تواند باعث خرابي سيستم شده يا به طور بالقوه به مهاجمي اجازه دهد تا كنترل سيستم آلوده را در اختيار بگيرد. اين مشكل اوايل هفته گذشته توسط محققان ترند ميكرو شناسايي شده است.
شركت ادوب هشدار داد كه در حال حاضر از اين آسيب پذيري در حملات محدود و هدفمند استفاده مي شود.

Number: IRCNE2015102657
Date: 2015/10/17

According to “cnet”, a day after releasing its monthly security update, Adobe confirmed it has discovered a new vulnerability in Flash Player that affects every version running on the Windows, Macintosh and Linux operating systems.
Adobe said Thursday that it will issue an out-of-cycle security update next week to address the software plug-in's vulnerability, which it warned could crash and potentially allow an attacker to take control of the affected system. The bug was discovered earlier this week by researchers at Trend Micro.
"Adobe is aware of a report that an exploit for this vulnerability is being used in limited, targeted attacks. Adobe expects to make an update available during the week of October 19," the company said in its advisory.

شماره: IRCNE2015102656
تاريخ: 07/22/94

با توجه به شركت امنيتي Trustwave، ابزار منبع باز Magmi كه براي وارد كردن محتوي به پلت فرم تجاري الكترونيكي Magento استفاده مي شود داراي يك آسيب پذيري zero-day است.
آسيب پذيري پيمايش دايركتوري در برخي از نسخه هاي Magmi وجود دارد. اين آسيب پذيري مي تواند به مهاجم اجازه دهد تا به فايل هاي ديگر يا دايركتوري هاي ديگر در فايل سيستم دسترسي يابد.
آسي باراك، محقق امنيتي آزمايشگاه Trustwave نوشت: سوء استفاده موفقيت آميز از اين آسيب پذيري مي تواند منجر به دسترسي به اعتبارنامه هاي سايت Magento و كليدهاي رمزگذاري پايگاه داده شد.
باراك نوشت: اين شركت به طراحان Magmi و Magento نسبت به وجود چنين آسيب پذيري هشدار داده اند و اعلام كردند كه به نظر مي رسد 1700 وب سايت تحت تاثير آن قرار دارند.
باراك افزود: Magmi را مي توان از سايت هاي GitHub يا SourceForge دانلود كرد اما تنها نسخه موجود بر روي SourceForge آسيب پذيري دارد.
نسخه SourceForge ابزار Magmi نسخه 0.7.21 مي باشد كه آخرين بار در تاريخ دوم دسامبر 2014 اصلاح شده است اما نسخه GitHub ماه گذشته به روز رساني شده است و آسيب پذير نيست.

شماره: IRCNE2015102655
تاريخ: 07/22/94

شركت مايكروسافت يك اصلاحيه امنيتي را براي تمامي نسخه هاي پشتيباني شده ويندوز منتشر كرد. اين شركت نرم افزاري در بولتن امنيتي ماه اكتبر خود اعلام كرد: ويندوز ويستا و نسخه هاي پس از آن از جمله ويندوز 10، بايد اصلاحيه منتشر شده اين شركت را در اسرع وقت دريافت كنند. اين اصلاحيه مربوط به برطرف كردن آسيب پذيري جدي اجراي كد از راه دور در IE مي باشد.
مرورگر مايكروسافت Edge تحت تاثير اين آسيب پذيري قرار ندارد.
اصلاحيه MS15-106، يك آسيب پذيري را در چگونگي مديريت IE درخصوص اشياء در حافظه برطرف مي كند. در صورت سوء استفاده از اين آسيب پذيري، مهاجم مي تواند به ماشين آلوده دسترسي يابد، دسترسي يكسان با كاربر لاگين شده را بدست آورد و كارهايي از قبيل نصب برنامه يا حذف داده ها را انجام دهد. سيستم هاي سرور ويندوز نيز تحت تاثير اين آسيب پذيري قرار دارند.
دو اصلاحيه ديگر MS15-108 و MS15-109 ساير آسيب پذيري هاي امنيتي را در ويندوز اصلاح مي كنند.
هم چنين شركت مايكروسافت سه اصلاحيه ديگر MS15-107، MS15-110 و MS15-111 را براي رفع مشكلات مهم منتشر كرد.

Number: IRCNE2015102654
Date: 2015/10/10

According to “computerworld”, Apple on Thursday removed several apps from its store that it said could pose a security risk by exposing a person's Web traffic to untrusted sources.
The company recommended deleting the apps but did not name them, which may make it hard for people to know which apps put their data at risk.
The apps in question installed their own digital certificates on a person's Apple mobile device. It would enable the apps to terminate an encrypted connection between a device and a service and view the traffic, which is a potential security risk.
Most websites and many apps use SSL/TLS (Secure Socket Layer/Transport Security Layer), a protocol that encrypts data traffic exchanged with a user. SSL/TLS is a cornerstone of Web security, ensuring data traffic that is intercepted is unreadable.
It is possible in some cases to interfere with an encrypted connection. Many enterprises that want to analyze encrypted traffic for security reasons will use SSL proxies to terminate a session at the edge of their network and initiate a new one with their own digital certificate, allowing them to inspect traffic for malicious behavior.
Apple checks applications to ensure that malicious ones are not offered in its store. Those checks are in large part the reason why Apple has had fewer problems with malicious mobile applications in its store.

شماره: IRCNE2015102654
تاريخ: 07/18/94

هفته گذشته، شركت اپل تعدادي برنامه كاربردي را از فروشگاه خودش جمع آوري كرد زيرا اين برنامه ها مي توانستند يك مخاطره امنيتي را با افشاي ترافيك وب افراد به منابع نامعتبر افشاء كنند.
شركت اپل اعلام كرد كه برخي برنامه هاي كاربردي را حذف كرده است اما به نام آن ها اشاره اي نكرد در نتيجه كاربران نمي دانند كه كدام برنامه داده آن ها را در معرض خطر قرار مي دهد.
برنامه هاي حذف شده گواهينامه هاي ديجيتالي خود را بر روي دستگاه تلفن همراه اپل كاربر نصب مي كردند. اين امر برنامه را قادر مي ساخت تا مانع رمزگذاري ارتباط بين دستگاه و سرويس شود در نتيجه ترافيك قابل مشاهده بود.
اغلب وب سايت ها و برنامه هاي كاربردي از پروتكل SSl/TLS براي رمزگذاري استفاده مي كنند تا ترافيك داده ها قابل خواند نباشند. در برخي موارد امكان مداخله در ارتباط رمزگذاري شده وجود دارد. بسياري از شركت هايي كه مي خواهند ترافيك رمزگذاري شده را براي دلايل امنيتي بررسي كنند از پروكسي هاي SSL براي خاتمه دادن به نشست در لبه شبكه و ايجاد نشست جديد با گواهينامه هاي ديجيتالي خود استفاده مي كنند و اين كار باعث مي شود تا ترافيك را براي شناسايي رفتارهاي خرابكارانه بررسي كنند.
شركت اپل برنامه هاي كاربردي را بررسي مي كند تا اطمينان دهد كه برنامه هاي مخرب بر روي فروشگاه آن قرار ندارد. اين بررسي ها باعث شده است تا مشكلات و برنامه هاي مخرب عديده اي براي برنامه هاي ارائه شده در فروشگاه به وجود آيد.