شماره: IRCNE2012041483
تاريخ: 11/02/91

مايكروسافت يك نقض را در سيستم بازيابي كلمه عبور Hotmail برطرف كرد. اين مشكل به هكرها اجازه مي داد تا كنترل حساب هاي كاربري ايميل هاي وبي را در اختيار بگيرند.
اين آسيب پذيري در قابليت بازيابي كلمه عبور Hotmail وجود دارد. هكرها قادر بودند تا از يك افزونه فايرفاكس با نام Tamper Data استفاده كنند تا خروجي درخواست بازيابي كلمه عبور را تفسير نمايند و پس از آن داده را تغيير دهند، حساب كاربري را قفل نمايند و دسترسي inbox آن را بدست آورند.
اوايل آوريل محققان امنيتي كامپيوتر، اين آسيب پذيري را كشف كردند و مساله را سريعا به مايكروسافت گزارش دادند. در حال حاضر مايكروسافت براي برطرف كردن اين مشكل، يك به روز رساني را منتشر كرده است.
اين شركت گفت: روز جمعه، ما براي كمك به حفاظت كاربران Hotmail، مشكل اين تابع بازيابي را برطرف كرديم و نيازي نيست كاربران هيچ اقدامي انجام دهند.
هنوز مشخص نيست كه چه تعداد از حساب هاي كاربري Hotmail ممكن است تحت تاثير اين آسيب پذيري قرار بگيرد.
گراهام كلولي، مشاور ارشد Sophos گفت: اگر كاربران Hotmail بدون هيچ توضيحي قادر نباشند وارد حساب خود شوند، در نتيجه اين امكان وجود دارد كه حساب هاي ايميل آن ها قرباني اين حمله شده باشد.
سال گذشته، حساب هاي كاربري ايميل هاي وبي گوگل، ياهو و كاربران Hotmail با يك سري از حملات سرقت هويت با انگيزه سياسي مواجه شدند. هكرها قادر بودند تا دسترسي حساب هاي ايميل هاي وبي را در اختيار بگيرند و پيام هاي سرقت هويت دستكاري شده خاص را براي هزاران نفر از قربانيان خود ارسال نمايند.

ID: IRCNE2012041483
Date: 2012-04-30

According to "techworld", Microsoft has fixed a flaw in Hotmail's password reset system that allowed hackers to take control of webmail accounts.
The vulnerability existed in Hotmail's password reset feature. Hackers were able to use a Firefox add-on called Tamper Data to intercept the outgoing HTTP request following a password reset request and modify the data, locking out the account holder and gaining access to their inbox.
Computer security researchers discovered the vulnerability in early April and told Microsoft about it soon afterwards. Microsoft said it has now issued an update to fix the bug.
“On Friday we addressed a reset function incident to help protect Hotmail customers, no action needed,” the company posted on its Security Response Twitter account.
It is not known is just how many Hotmail accounts may have been compromised by the bug.
Sophos senior technology consultant Graham Cluley said that if Hotmail users are inexplicably unable to log into their account, then it is possible their email account has fallen victim to this attack.
Last year, the webmail accounts of Google, Yahoo and Hotmail users were hit by a series of politically-motivated spearphishing attacks. Hackers were able to gain access to webmail accounts and send specially crafted phishing email messages to several thousand victims.

شماره: IRCNE2012041482
تاريخ: 10/02/91

صبح امروز نخستين پروانه هاي فعاليت در نظام مديريت امنيت اطلاعات در دو زمينه خدمات آموزشي و خدمات مشاوره به پنج شركت اعطا شد.
اين مراسم كه از ساعت 10 صبح آغاز گرديد، با حضور آقايان مهندس حكيم جوادي (رئيس سازمان فناوري اطلاعات و معاون وزير ارتباطات و فناوري اطلاعات)، مهندس مهديون (مديرعامل شركت فناوري اطلاعات ايران)، مهندس رادكاني (معاون گسترش فناوري اطلاعات سازمان فناوري اطلاعات) و با حضور رسانه هاي گروهي و نمايندگان پنج شركت متقاضي برگزار شد.
طي اين مراسم، پروانه فعاليت ارائه خدمات مشاوره به چهار شركت «امن افزار گستر شريف»، «امن پردازان كوير»، «پرورش داده ها» و «نوآوران ارتباطات دوران» اعطا گرديد. همچنين پروانه فعاليت ارائه خدمات آموزشي نيز به شركت «پايه ريزان راهكارهاي فراگير» اعطا شد.
در ابتداي اين مراسم آقاي مهندس ميراسكندري، مديركل خدمات ارزش افزوده، فرآيند به انجام رسيده جهت گزينش اين شركت­ها را معرفي كرد. همچنين آقاي مهندس حكيم جوادي نيز به بيان اهميت اين موضوع و دلايل انجام اين كار پرداخت. سپس آقايان مهندس حكيم جوادي، مهندس مهديون و مهندس رادكاني، به سؤالات خبرنگاران در اين زمينه پاسخ گفتند. اين مراسم با اعطاي پروانه هاي فعاليت پنج شركت مذكور به پايان رسيد.

شماره: IRCNE2012041481
تاريخ: 09/02/91

اين هفته موزيلا به همراه انتشار فايرفاكس نسخه 12، يك مكانيسم به روز رساني بي سر و صدا را تنها براي كاربران ويندوز اعمال مي كند. هيچ تغييراتي بر روي كاربران مكينتاش و لينوكس اعمال نمي شود. در فايرفاكس نسخه 12 به جاي آن كه كاربر براي به روز رساني آخرين انتشار فايرفاكس به صورت دستي كليك نمايد، به روز رساني ها مي توانند بدون تاخير كاربر، به طور خودكار و بي سرو صدا در پس زمينه اعمال شوند.
لارنس مندل، مدير برنامه هاي موزيلا اظهار داشت: اين ويژگي از طريق يك فرآيند پس زمينه كه تنها در طول يك به روز رساني فعال مي شود، كار مي كند.
حركت به سوي فرآيند به روز رساني بي سر و صدا مساله اي است كه موزيلا از اواخر سال 2011 درباره آن صحبت مي كند. موزيلا در سال 2011 به سمت يك فرآيند به روز رساني سريع حركت كرد كه مرورگر فايرفاكس جديد هر شش هفته منتشر مي شد. اين فرآيندي بود كه براي كاربران بسيار دست و پاگير بود ولي در حال حاضر به روز رساني بي سر و صدا اين مساله را حل خواهد كرد.

Number: IRCNE2014072247
Date: 2014-07-12

According to “computerworld”, Oracle is planning to release 115 security patches for vulnerabilities affecting a wide array of its products, including its flagship database, Java SE, Fusion Middleware and business applications.
The update includes fixes for 20 weaknesses in Java SE, all of which can be exploited by an attacker remotely, without the need for login credentials, Oracle said in an announcement prior to Tuesday's patch release.
Some 29 fixes are for Oracle's Fusion Middleware suite, with 27 able to be exploited over a network without the need for authentication. Affected middleware components include BI Publisher, GlassFish Server, HTTP Server, JDeveloper, WebCenter Portal and WebLogic Server.
Six other patches are for Oracle's database. Two of the vulnerabilities can be exploited remotely without login credentials.
Another seven patches target Hyperion, one of Oracle's BI (business intelligence) products.
The update also includes fixes for security weaknesses in a range of Oracle applications, including E-Business Suite, Siebel CRM, PeopleSoft, Oracle Retail Applications and Primavera.
Oracle Virtualization will get 15 fixes, eight of which target vulnerabilities that can be exploited over the Internet without login credentials.Finally, some 10 fixes will ship for MySQL.

Number: IRCNE2014072240
Date: 2014-07-05

According to “computerworld”, a critical vulnerability found in a WordPress plug-in that has been downloaded over 1.7 million times allows potential attackers to take complete control of blogs that use it.
The flaw is located in the MailPoet Newsletters plug-in, previously known as wysija-newsletters, and was discovered by researchers from Web security firm Sucuri.
"This bug should be taken seriously; it gives a potential intruder the power to do anything he wants on his victim's website," Daniel Cid, Sucuri's chief technology officer, said in a blog post Tuesday. "It allows for any PHP file to be uploaded. This can allow an attacker to use your website for phishing lures, sending SPAM, hosting malware, infecting other customers (on a shared server), and so on!"
The vulnerability was patched in MailPoet version 2.6.7, released Tuesday, so all WordPress blog administrators should upgrade the plug-in to the latest version as soon as possible if they use it.

ID: IRCNE2014012061
Date: 2013-01-11

According to "zdnet", Microsoft has released the advance notification for their January Patch Tuesday updates. In an unusual, but not unprecedented development, none are rated critical. There are also only 4 updates to be released.
Bulletin 1 affects all supported versions of Microsoft Word and the Word Viewers. Bulletin 2 affects only Windows XP SP3 and Windows Server 2003 SP2. [UPDATE: Bulletin 2 addresses a vulnerability which had, in November, been reported as being exploited in the wild.]
Bulletin 3 affects Windows 7 SP1 and Windows Server 2008 R2 SP1. Bulletin 4 affects all supported versions of Microsoft Dynamics AX.
As usual, Microsoft will also release a new version of the Microsoft Windows Malicious Software Removal Tool and potentially non-security updates to products.

ID: IRCNE2013122036
Date: 2013-12-07

According to “ITPro”, Microsoft continues to fight against botnets by smashing a network which was using 2 million machines around the world.
The software giant filed a lawsuit in Texas and won a judge's order directing internet service providers to block all traffic to 18 internet addresses that were used to direct fraudulent activity to the infected machines.
Law enforcement in many European countries served warrants at the same time, seizing servers expected to contain more evidence about the leaders of the ZeroAccess crime ring, which was devoted to "click fraud."
Microsoft said the botnet had been costing advertisers on Bing, Google and Yahoo an estimated $2.7 million monthly.
Such rings use networks of captive machines, known as botnets, in complicated schemes that force them to click on ads without the computer owners' knowledge. The schemes cheat advertisers on search engines including Microsoft's Bing by making them pay for interactions that have no chance of leading to a sale. Microsoft said the botnet had been costing advertisers on Bing, Google and Yahoo an estimated $2.7 million monthly.
The coordinated effort marks the eighth time Microsoft has moved against a botnet and a rare instance of it doing serious damage to one that is controlled with a peer-to-peer mechanism, where infected machines give each other instructions instead of relying on a central server that defenders can hunt down and disable.
But the ZeroAccess botnet still had a weakness. The code in the infected machines told them to reach out to one of the 18 numeric Internet addresses for details on which ads to click.
For now, at least, the fraud by this network has stopped, said Microsoft Assistant General Counsel Richard Boscovich.
The operators of the botnet are believed to be in Russia, while the author of the malicious software distributed on it could be based elsewhere, Boscovich said.

ID: IRCNE2013061874
Date: 2013-06-18

According to "computerworld", Oracle is set to release a patch set for Java SE that targets 40 security vulnerabilities.
Thirty-seven of the weaknesses can be exploited over a network without requiring an attacker to have a username or password, Oracle said.
Affected products covered in the patch batch, which is set for release Tuesday, include Java SE as well as a number of versions of JDK (Java Development Kit), JRE (Java Runtime Environment) and the JavaFX rich-client development platform, according to Oracle's announcement.
Oracle is recommending that customers apply the patches as soon as possible "due to the threat posed by a successful attack."
The Java SE patch set comes after Oracle released some 128 fixes for its database, middleware and applications in April.

ID: IRCNE2012081587
Date: 2012-08-20

According to "infosecurity-magazine", a full 65% of businesses do not protect the sensitive data in their databases from unauthorized employees and consultants, according to a survey conducted by GreenSQL.
“Most organizations do not control which information is exposed to DBAs [database administrators]. As a database administrator, they must have full control of the database in order to maintain it, but if the DBA’s computer is exposed, it can view any information in the database”, said David Maman, co-founder and chief technology officer at GreenSQL
Only 12% deploy dynamic data masking solutions in their production environments, according to the survey.
Maman explained GreenSQL's dynamic data masking solution applies rules to enforce access, making sure those who need to access certain parts of the sensitive data have it while those who should not see anything will not be able to. It ensures that the data never leaves the database in its original form, preventing information theft.