شماره: IRCNE2014122390
تاريخ: 15/9/93

به نظر مي‌رسد كه اپل، به‌روز رساني اخير خود براي مرورگر وب سافاري را از سايت‌‎هاي دانلود و به‌روز رساني خود حذف كرده است.
اين به‌روز رساني كه روز چهارشنبه عرضه شده بود، مشكلات امنيتي را برطرف كرده و سافاري را به نسخه 8.0.1، 7.1.1 و 6.2.1 به‌روز كرده بود. در مجموع سيزده آسيب‌پذيري در اين به‌روز رساني برطرف شده بود كه بسياري از آنها جدي بودند، اما هيچ‌يك غيرمعمول نبودند. اغلب اين آسيب‌پذيري‌ها توسط خود اپل كشف شده بودند.
مدت كوتاهي پس از عرضه اين به‌روز رساني، كاربران شكايت كردند كه اين به‌روز رساني مشكلاتي ايجاد مي‌كند. خصوصاً كه به‌روز رساني اعلام مي‌كند كه كامل شده است، اما در حقيقت كامل نشده است و سافاري از سيستم پاك شده است. كاربران گزارش داده‌اند كه اپل به آنها مي‌گويد كه سيستم عامل OS X خود را مجدداً نصب نمايند تا سافاري را بازيابند.
اين به‌روز رساني هم‌اكنون در صفحه دانلودهاي اپل يا به‌روز رساني‌هاي نرم‌افزاري يا فروشگاه اپل وجود ندارد.

شماره: IRCNE2014112389
تاريخ: 15/09/93

شركت ادوب قصد دارد تا سه شنبه آينده چندين به روز رساني امنيتي را براي آكروبات و Reader منتشر نمايد.
نسخه هاي آسيب پذير Reader XI و Acrobat XI نسخه 11.0.09 و نسخه هاي پيش از آن مي باشند. هم چنين نسخه هاي آسيب پذير Reader X و Acrobat X نسخه 10.1.12 و نسخه هاي پيش از آن مي باشد.
شركت ادوب اعلام كرد كه اين به روز رساني ها چندين آسيب پذيري بحراني را برطرف مي نمايند اما در حال حاضر در مورد تعداد و ميزان بحراني بودن آن ها اطلاعاتي در دسترس نيست.

ID: IRCNE2014122392
Date: 2014-12-06

According to “ComputerWorldUK”, Facebook is adding a third antivirus engine to its service to help catch malicious content in the News Feed and messages sent by users.
Technology from Eset, based in Slovakia, will be added to a security mix that already includes F-Secure and Trend Micro, which Facebook partnered with in May, wrote Chetan Gowda, a software engineer with the company's Site Integrity team.
Antivirus programs have varying degrees of effectiveness, depending on whether they have up-to-date detection signatures and if other behavior-based detection techniques can pick up mischief.
Facebook appears to be betting that the more AV engines it runs, the better.
"A larger number of providers increases the chances that malware will get caught and cleaned up, which will help people on Facebook keep their information more secure," Gowda wrote.
Facebook can detect on its servers if a device may be infected and warn users they should run an anti-malware scan, Gowda wrote. F-Secure and Trend Micro built free version of their products that integrate with Facebook's site.
"You can run the scan, see the scan results and disable the software all without logging out of Facebook -- making it seamless and easy to clean up an infected device," he wrote.

Number: IRCNE2014122391
Date: 2014/12/06

According to “zdnet”, Microsoft has released their Advance Notification for the December 2014 security bulletins. There will be a total of seven bulletins, three of which will update critical vulnerabilities. The updates will be released at 1PM eastern time next Tuesday, December 9.
The three critical bulletins affect Internet Explorer, Office and Windows.
As is typical for Internet Explorer updates, all versions are affected (other than Server Core, which does not include Internet Explorer). All are rated critical on Windows desktop systems and moderate on Windows servers. Windows RT versions are also affected and the bug(s) rated critical on it.
A second critical update affects only Windows Vista, Windows 7, Windows Server 2003 and Windows Server 2008. It is rated critical for the desktop versions but moderate for the servers.
The third critical update affects Microsoft Office. Desktop x86 and x64 versions of all supported Office versions are affected and rated critical, as is Office for Mac 2011. Office 2013 RT is affected but rated Important. The vulnerability also affects SharePoint Server versions 2010 and 2013 and Office Web Apps versions 2010 and 2013, and is rated Important on all. The Office Compatibility Pack and Word Viewer are affected and rated Important.
There are two other Office updates, both rated important and both affecting all desktop x86 and x64 versions of all supported Office versions.
One bulletin, rated important, affects all supported versions of Microsoft Exchange: 2007, 2010 and 2013. It is an elevation of privilege bug.
A final update fixes an Information Disclosure vulnerability in all versions of Windows, including Server Core.
As usual, Microsoft will release a new version of the MSRT (Malicious Software Removal Tool) and also likely release some number of non-security updates.

ID: IRCNE2014122390
Date: 2014-12-06

According to “ZDNet”, User support discussions, though no official communications from Apple, indicate that the company has removed a recent update to the Safari web browser from its download and update sites.
The update, initially released on December 3, addressed security problems and updated Safari to versions 8.0.1, 7.1.1 and 6.2.1. There were a total of thirteen vulnerabilities, many of which were serious, but none unusual. Most of the vulnerabilities were credited internally to Apple.
Not long after its release, users complained that the update was causing problems. Specifically, the update said it had completed, but it hadn't, and in fact Safari had been removed from the system. Users report that Apple tells them to reinstall OS X In order to recover Safari:
As this is written, the update is not available in the Apple Downloads page or in Software Updates or the Mac App Store.

Number: IRCNE2014122389
Date: 2014/12/06

According to “zdnet”, Adobe has released Preliminary Notification of security updates to Acrobat and Reader next Tuesday, December 9. Microsoft schedules updates for Acrobat and Reader regularly on Patch Tuesday every three months.
The vulnerable versions of Reader XI and Acrobat XI are 11.0.09 and earlier. The vulnerable versions of Reader X and Acrobat X are 10.1.12 and earlier.
Adobe says that the updates address critical "vulnerabilities" in the software, but we do not yet know how many there are and how many are critical.

شماره: IRCNE2014112388
تاريخ: 10/9/93

ظرف چند روز گذشته به Sony Pictures گزارش شد كه تعدادي از فيلم‌هاي توليد اخير اين استوديو روي وب‌سايت‌هاي اشتراك فايل در حال انتشار است.
تنها چند روز پس از وقوع يك هك در اين كمپاني، نمايش نسخه‌هاي كپي غيرمجاز پنج فيلم به صورت آنلاين شروع شد كه در نتيجه آن، اين بازوي توليد فيلم و مجموعه‌هاي تلويزيوني سوني مجبور به غيرفعال كردن شبكه خود شد.
چهار فيلم جديد كه تا كنون عرضه نشده بودند در ميان اين فيلم‌ها وجود دارند كه قرار بود ماه بعد عرضه شوند.
سوني اعلام كرده است كه سرقت محتوا از Sony Pictures Entertainment يك مسأله مجرمانه است و اين شركت در حال همكاري با نهادهاي قانوني رسمي براي تحقيق در مورد اين سرقت است.
پيش از اين و در هفته گذشته يك گروه هكري به نام #GOP ادعا كرده بودند كه به داده‌هاي داخلي Sony Pictures از جمله اسرار اين شركت دست يافته‌اند و درصورت پاسخ ندادن به درخواست‌هاي آنها، اين داده‌ها را به صورت عمومي منتشر خواهند كرد.

ID: IRCNE2014112388
Date: 2014-12-01

According to “CNet”, Sony Pictures Entertainment's security woes escalated this weekend when it was reported that a handful of the studio's recently produced films were released to file-sharing websites.
The pirated copies of five movies began showing up online just days after a security breach reportedly forced the film and TV arm of Japanese tech and media conglomerate Sony to shut down its network.
Four unreleased titles are among the movies leaked online, including a remake of the musical "Annie" and "Mr. Turner," both of which are due to be released next month, according to Variety. Other movies released include "Fury," a Brad Pitt World War II drama released last month, and "Still Alice," a Julianne Moore movie due to be released in January.
Sony could not immediately be reached for comment but told Variety it was working with law enforcement officials on an investigation of the theft.
"The theft of Sony Pictures Entertainment content is a criminal matter, and we are working closely with law enforcement to address it," a Sony spokeswoman told the entertainment industry news site.
Earlier this week, a hacking group calling itself #GOP claimed to have obtained Sony Pictures' internal data, including its "secrets," and said it would release the data to the public if its demands were not met, according to reports. It is unclear what the hacker group is demanding.

شماره: IRCNE2014212387
تاريخ: 9/9/93

بر اساس گزارش‌ها، هفته گذشته Sony Pictures هدف يك هك قرار گرفت كه در نتيجه آن كارمندان مجبور شدند يك روز كامپيوترهاي خود را خاموش كنند و استوديوي فيلم سازي را تعطيل كنند.
به گزارش هاليوود ريپورتر و به نقل قول از افراد داخل استوديو، Sony Pictures كه بازوي فيلم و تلويزيون شركت ژاپني سوني است، توسط گروهي كه خود را #GOP مي‌نامند هك شد. بنا بر گزارش‌ها اين هكرها ادعا كرده‌اند كه به داده‌هاي داخلي Sony Pictures از جمله اسرار اين شركت دست يافته‌اند و تهديد كرده‌اند كه درصورت پاسخ ندادن به خواسته‌هاي آنان، اين داده‌ها را به صورت عمومي منتشر خواهند كرد. مشخص نيست كه خواسته‌هاي اين گروه هكري چه بوده است.
سوني در مورد اين رخداد سكوت كرده است و فقط گفته است كه در مورد يك موضوع فناوري اطلاعات در حال تحقيق است.
به كارمندان Sony Pictures روز دوشنبه گفته شد كه سيستم‌هاي خود را خاموش كنند و به شبكه شركت يا ايميل دسترسي پيدا نكنند، همچنين Wi-Fi دستگاه‌هاي موبايل خود را نيز غيرفعال نمايند. مشخص نيست كه Sony Pictures هدف هكرها بوده است يا اينكه هكرها سعي در هدف قرار دادن شركت سوني داشته‌اند. به گزارش لوس‌آنجلس تايمز، Sony Pictures Animation، Sony Music Entertainment و ساير بخش‌هاي شركت سوني تحت تأثير اين هك قرار نگرفته‌اند.
اين هك آخرين رخداد از سلسله رخدادهاي امنيتي سوني بوده است. يك هفته پيش از اين رخداد نيز گروه هكري DerpTrolling، هزاران لاگين را كه ادعا مي‌كردند متعلق به شبكه پلي‌استيشن، 2K Games و Windows Live است منتشر كردند كه برخي گزارش‌ها معتقد بودند كه اين رخداد جعلي است.
در ماه آگوست شبكه پلي‌استيشن سوني توسط يك حمله DDoS از كار افتاد. اين شبكه بازي همچنين در سال 2011 هدف يك حمله جدي‌تر قرار گرفته بود كه در نتيجه آن داده‌هاي شخصي بيش از صدميليون مشتري شبكه پلي‌استيشن، Qriocity و سوني آنلاين لو رفت.

ID: IRCNE2014212387
Date: 2014-11-30

According to “CNet”, Sony Pictures was hit by a hack that forced employees to shut down their computers Monday and stay off the film studio's network, according to reports.
Sony Pictures, the film and TV arm of Japanese tech and media conglomerate Sony, was hacked at some point in the last two days by a group calling itself #GOP, reported The Hollywood Reporter, citing people within the studio. The hackers claimed to have obtained Sony Pictures' internal data, including its "secrets," and said they would release the data to the public if their demands were not met, according to reports. It is unclear what the hacker group is demanding.
Sony has kept quiet on the incident, saying only that it is investigating an "IT matter." Sony did not immediately respond to CNET's request for comment.
Sony Pictures employees were told Monday to shut down computers and not access corporate networks or email, as well as disable Wi-Fi on all mobile devices, reported Variety. It is unclear if Sony Pictures, which has produced films such as "The Amazing Spider-Man" and TV shows including "Shark Tank," was the target or if the hackers were attempting to go after Sony Corp. Sony Pictures Animation, Sony Music Entertainment and other parts of Sony Corp. were not affected by the hack, reported the Los Angeles Times.
This hack could be the latest in a string of embarrassing security breaches for Sony. Last week, hacker group DerpTrolling released thousands of what it claimed were user logins from PlayStation Network, 2K Games and Windows Live -- though some reports have suggested the leak may have been faked.
In August, Sony's PlayStation Network was taken down by a distributed denial of service (DDoS) attack, a common hacker technique that overwhelms a system with traffic and makes regular service temporarily unavailable. The gaming network was also the target of a more severe hack in 2011, which led to the exposure of the personal data of more than 100 million customers signed up for PlayStation Network, Qriocity, and Sony Online.