ID: IRCNE2014012078
Date: 2014-01-18

According to “InternetNews”, a new study from Trustwave conducted by Osterman Research shows that for most organizations Web surfing is the top entry point for malware.
There are a number of different ways malware can be introduced into an enterprise. The report found that 74 percent of respondents got a malware infection through Web surfing. In contrast, 64 percent said email was the route by which they had been infected by malware. Only 14 blamed social media or Web 2.0 applications for malware infecting their networks.
Mike Park, managing consultant at Trustwave, told eSecurity Planet that infections from the Web are nothing new. Many enterprises have already tried to curtail Web-based attacks by restricting where employees and inside users can surf.

ID: IRCNE2014012077
Date: 2013-01-18

According to "zdnet", microsoft will keep on supplying signatures for Microsoft Security Essentials, but that doesn't mean it's a good idea to use Microsoft Security Essentials.
In fact, it's a bad idea to continue using Windows XP even now for plenty of reasons, but if you're not letting go of it, then one of the things you should do is to get a better antivirus program. There are plenty of them and nearly all of them have announced that they will support Windows XP for at least another year, usually at least 2 years.
This information comes from a survey of anti-malware vendors performed by AV-T est.org, a leading test lab for such software.
AV-T est continues to perform regular tests on these products on various operating systems including Windows XP. Among the products for which support will be extended for at least one more year are listed below. Some companies will continue support for consumers on Windows XP until 2017.

• AVG
• Avast
• Avira
• Bitdefender
• Comodo
• ESET
• Fortinet
• F-Secure
• Kaspersky Lab
• Kingsoft
• McAfee
• Microworld
• Panda Security
• Sophos
• Tencent
• Trend Micro

ID: IRCNE2014012076
Date: 2014-01-18

According to “ComputerWorldUK”, Security researchers from cybercrime intelligence firm IntelCrawler identified a PoS RAM (random access memory) scraping program dubbed Decebal that they believe was released on Jan. 3. The release shows that cybercriminals are increasingly interested in launching this type of attack.
The malware is written in VBScript (Visual Basic Scripting) in less than 400 lines of code. Despite looking fairly unsophisticated it can grab track 2 data -- data encrypted on the magnetic stripe of credit or debit cards -- from PoS memory and even contains routines to evade malware analysis tools, like antivirus sandboxes and virtual machines.
The use of a scripting language to create malware is not unusual in general, but is highly uncommon for this particular type of threat. Andrey Komarov, the CEO of IntelCrawler, said that this is the first time he's seen PoS malware written in VBScript.
Using this language does provide some benefits, like portability, as it works by default in all Windows versions since Windows 98 and doesn't require a separate interpreter. Many PoS systems run a version of Windows Embedded.
VBScript is also commonly used by Windows system administrators to automate different tasks and can be called by other scripts and programs, which could make this particular malware inconspicuous, Komarov said.
Decebal sends the stolen card data to a command-and-control server, particularly to a single 44-line PHP script running on a Web server that sorts the information and stores it.
Various text strings found in the malware code suggest its authors are likely Romanian, the IntelCrawler researchers said in a blog post. The name chosen by its creators also points in this direction, Decebal being the Romanian name of Dacian king Decebalus, an important figure in Romanian history.
Bogdan Botezatu, a senior e-threat analyst at Romanian antivirus firm Bitdefender, agreed with IntelCrawler's assessment of the malware's origins. "Most of the strings, functions and variable names are clearly Romanian words so chances are that the malware has been written by a Romanian citizen," he said Friday via email.
There were at least four separate strains of PoS RAM scraping malware developed in the past year, Botezatu said. "This shows a pattern, and we expect that cybercriminals will continue to use them as long as they work."

ID: IRCNE2014012075
Date: 2013-01-18

According to "cnet", in addition to compromising some of Microsoft's social-networking accounts, the Syrian Electronic Army also accessed a "small number" of employee e-mail accounts, the company confirmed Wednesday.
"A social engineering cyberattack method known as phishing resulted in a small number of Microsoft employee social media and e-mail accounts being impacted," a Microsoft spokesperson said in a statement to CNET. "These accounts were reset and no customer information was compromised. We continue to take a number of actions to protect our employees and accounts against this industrywide issue."
The Syrian Electronic Army -- a political hacking group that supports Syrian President Bashar Assad -- appears to be waging a war on Microsoft. Over the weekend, the group took control of the Twitter accounts of Xbox and Xbox Support, along with Xbox's Instagram account. The company's TechNet blog was also compromised.
A tweet sent by the group Wednesday indicated that its campaign against the tech giant was not over.

ID: IRCNE2014012074
Date: 2014-01-18

According to “ZDNet”, Less than three months until the end of support for Windows XP a stream of new information about the event continues.
Today we learned that after April 8 of this year you will no longer be able to download and perform a new installation of Microsoft Security Essentials. Microsoft made this announcement some time ago on a page about the end of XP support: "...after April 8, 2014, technical assistance for Windows XP will no longer be available, including automatic updates that help protect your PC. Microsoft will also stop providing Microsoft Security Essentials for download on Windows XP on this date."
After that date, users performing a new installation of Windows XP will need to use a third party antivirus product if they want antimalware protection.
Earlier today we learned that Microsoft will, until April 15 2015, continue to provide antivirus signatures for their Microsoft Security Essentials program for users on Windows XP. Microsoft has also said from the release of Windows XP that they will continue to support activations of new installations of Windows XP even after the end of formal support.
Microsoft will also continue for the next year to make changes in the antivirus engine itself. This was included in today's statement about the extension of signature updates:"To help organizations complete their migrations, Microsoft will continue to provide updates to our antimalware signatures and engine for Windows XP users through July 14, 2015."

ID: IRCNE2014012073
Date: 2013-01-18

According to "computerworld", Cisco Systems has released software updates for its Cisco Secure Access Control System (ACS) in order to patch three vulnerabilities that could give remote attackers administrative access to the platform and allow them to execute OS-level commands without authorization.
Cisco ACS is a server appliance that enforces access control policies for both wireless and wired network clients. It's managed through a Web-based user interface and supports the RADIUS (Remote Access Dial In User Service) and TACACS+ (Terminal Access Controller Access-Control System Plus) protocols.
Versions of the Cisco Secure ACS software older than 5.5 contain two vulnerabilities in the RMI (Remote Method Invocation) interface that's used for communication between different ACS deployments and listens on TCP ports 2020 and 2030.
There are no configuration workarounds available to mitigate these vulnerabilities, so updating the software to the new versions released by Cisco is recommended.

Related Link:
Backdoor exposed in Cisco small business devices

شماره: IRCNE2014012072
تاريخ: 25/10/92

اينتل تأكيد كرده است كه نام مك‎‌آفي به تاريخ خواهد پيوست. با ارائه نسخه‌هاي جديد محصولات آنتي‌ويروس اين شركت به بازار، محصولات اين شركت از اين پس با نام Intel Security عرضه خواهند شد.
اين اتفاق سه سال و نيم پس از خريد مك‌‌آفي توسط اينتل به قيمت 7.7 ميليارد دلار رخ داده و در مورد آن توسط مديرعامل اينتل اطلاع‌رساني شده است.
به گفته وي، اين تغيير نام در دنياي پيچيده امنيت اطلاعات سادگي به همراه خواهد داشت. هرچه برنامه‌ها و دستگاه‌هاي موبايل بخش مهمتري از زندگي ما را به خود اختصاص مي‌دهند، پيچيدگي امن نگه داشتن هويت‌هاي ديجيتال نيز افزايش مي‌يابد.
به گفته مدير عامل اينتل، هدف اين شركت اين است كه تلاش‌هاي خود براي امن ساختن دنياي ديجيتال را شدت دهد و در مقابل تهديدات اطلاعات محرمانه دستگاه‌هاي موبايل و دستگاه‌هاي پوشيدني بايستد.
بعلاوه وي به برنامه‌هاي اين شركت براي عرضه رايگان برخي عناصر محصولات امنيت موبايل مك‌،اي اشاره كرد.
در اواخر دهه 1990 نيز مك‌آفي Network General را خريداري كرد و شركت را به نام NAI (Network Associates Intrnational) تغيير نام داد، اما اين تغيير نام با موفقيت همراه نبود و پس از چند سال مجدداً به نام مك‌آفي بازگشت.

شماره: IRCNE2014012071
تاريخ:25/10/92

آكروبات و reader براي ويندوز و مكينتاش به روز رساني شدند. در اين به روز رساني سه آسيب پذيري برطرف شده است. يكي از اين آسيب پذيري ها در اولويت اول قرار دارد و در حال حاضر در حال سوئ استفاده شدن مي باشد. شركت ادوبی به مديران شبكه توصيه مي كند كه بسته هاي به روز رساني را در اسرع وقت (كمتر از 72 ساعت) نصب نمايند.
نسخه هاي جديد Adobe Reader و آكروبات X و XI نسخه 10.1.9 و 11.0.06 است. سريعترين راه به روز رساني استفاه از گزينه Help و انتخاب بررسي به روز رساني ها در اين نرم افزار ها مي باشد.
اين شركت به روز رساني هايي براي نرم افزار فلش پلير، Adobe AIR و AIR SDK and Compilerبراي ويندوز، مكينتاش و لينوكس منتشر كرده است. آسيب پذيري هايي كه در اين به روز رساني ها برطرف شدند مي توانند به مهاجم اجازه دهند تا از محافظت هاي امنيتي فلش عبور نمايند و كنترل سيستم را در اختيار بگيرند.
نسخه جديد فلش پلير براي ويندوز و مكينتاش بر روي IE، نسخه 12.0.0.38، براي تمامي نسخه هاي كروم نسخه 12.0.0.41 و براي تمايم نسخه هاي مروگرهايي مانند فايرفاكس نسخه 12.0.0.43 مي باشد. هم چنين فلش پلير 11 براي ويندوز و مكينتاش به نسخه 11.7.700.260 و براي لينوكس به نسخه 11.2.202.335 به روز رساني شده است.

شماره: IRCNE2014012070
تاريخ:25/10/92

روز گذشته شركت مايكروسافت چهار بولتن امنيتي را براي توضيح شش آسيب پذيري در محصولات خود معرفي كرد و هم چنين به منظور برطرف نمودن آنها، بسته هاي به روز رساني را منتشر كرد.
از سپتامبر سال 2011 تاكنون، اولين مرتبه است كه تمامي به روز رساني ها غير بحراني مي باشند و از سپتامبر سال 2012 نيز اولين مرتبه است كه تنها چهار به روز رساني منتشر شده است.
چهار بولتن منتشر شده كه تمام آن ها در رده امنتيي مهم قرار دارند به شرح زير مي باشند:

• MS14-001: آسيب پذيري هايي در مايكروسافت ورد و برنامه هاي كاربردي آفيس وب مي توانند منجر به اجراي كد از راه دور شوند.
• MS14-002: آسيب پذيري در هسته ويندوز مي تواند منجر به گرفتن بالاترين حق دسترسي شود. كاربري با اعبتارنامه ورودي معتبر كه يم تواند به طور محلي به سيستم متصل شود مي تواند با اجراي برنامه اي بالاترين حق دسترسي را بدست آورد. اين آسيب پذيري تنها ويندوز XP و ويندوز سرور 2003 تحت تاثير قرار مي دهد.
• توجه: اين آسيب پذيري در ماه نوامبر گزارش شده است.
• MS14-003: آسيب پذيري در درايورهاي حالت هسته ويندوز مي تواند منجر به گرفتن بالاترين حق دسترسي شود. اين آسيب پذيري ويندوز 7 و ويندوز سرور 2008 را تحت تاثير قرار مي دهد. كاربر بايد داراي اعتبارنامه ورودي معتبر باشد و بايد بتواند به صورت محلي وارد سيستم شود.
• MS14-004: آسيب پذيري در Microsoft Dynamics AX مي تواند منجر به ايجاد حمله انكار سرويس شود.

شركت مايكروسافت تعدادي به روز رساني غيرامنيتي نيز شامل نسخه جديدي از ابزار Windows Malicious Software Removal منتشر كرده است.

مطالب مرتبط:
اصلاح چهار آسيب‌پذيری در اصلاحيه ماه ژانويه مايكروسافت

ID: IRCNE2014012072
Date: 2014-01-15

According to “ITPro”, Intel has confirmed the McAfee name will be consigned to the history books, as the chipmaker seeks to bring all its security products under one brand.
The firm’s product are set to be re-branded as Intel Security, as new versions of its anti-virus products are brought to market.
The move was announced by Intel CEO Brian Krzanich during his keynote address at CES in Las Vegas yesterday, and comes nearly three-and-a-half years after Intel acquired McAfee for $7.7 billion.
In a statement, Krzanich said the rebrand will help bring some simplicity to the complex world of information security.
“The complexity of keeping digital identities safe grows as mobile applications and devices become a more important part of our daily lives,” he said.
“Intel’s intent is to intensify our efforts dedicated to making the digital world more secure, and staying ahead of threats to private information on mobile and wearable devices.”
Furthermore, Krzanich confirmed plans to offer “elements” of McAfee’s mobile security products for free, with further details on this expected in due course.
Graham Cluley, an independent information security expert, also pointed out that McAfee has been rebranded before, albeit unsuccessfully.
“Back in the late 1990s, when McAfee Associates acquired Network General, the firm was rebranded NAI (Network Associates International), but the rebrand was a failure, and after a few years they reverted to the McAfee name,” he told.