شماره: IRCNE2013101991
تاريخ: 29/07/92

اندونزي به عنوان بزرگترين منبع حملات اينترنتي از چين پيشي گرفت.
بنا بر گزارش شركت آكامايي، ترافيك حمله توليد شده توسط اندونزي در دومين سه‌ماهه سال 2013 تقريباً دوبرابر شده است. بنا بر اين گزارش، از ماه آوريل تا ژوئن سال جاري، ترافيك حمله توليد شده توسط اندونزي به 38% كل ترافيك حمله سراسر جهان رسيده است كه 17% نسبت به سه‌ماهه قبل از آن افزايش نشان مي‌دهد.
به اين ترتيب چين به مكان دوم توليد كنندگان ترافيك حمله جهان سقوط كرده است. البته درصد ترافيك حمله توليد شده توسط اين كشور ثابت باقي مانده و همچنان 33% از ترافيك حمله سراسر جهان از طريق اين كشور توليد مي‌شود.
ساير كشورهاي اصلي توليد كننده ترافيك حمله جهان به ترتيب عبارتند از ايالات متحده آمريكا، تايوان، تركيه، هند، روسيه، برزيل، روماني و كره جنوبي. اين ده كشور در مجموع توليد كننده 89% از حملات سراسر دنيا هستند.
البته نكته قابل توجه اين است كه اين نتايج بر اساس آدرس آي‌پي منبع حمله به دست آمده است و لزوماً نمي‌تواند مشخص كننده محل حمله كننده واقعي باشد.
اين گزارش همچنين بيان مي‌كند كه مشتريان اين شركت در سه‌ماهه دوم سال 2013 توسط 318 حمله DDoS هدف قرار گرفته‌اند كه اين ميزان 54% بيشتر از سه‌ماهه پيش از آن است.

شماره: IRCNE2013101990
تاريخ: 29/07/92

به گزارش شركت Arbor Networks، متوسط اندازه حملات DDoS همچنان در حال رشد است و نسبت به يك سال پيش حدود چهار برابر شده است.
آمارهاي اين شركت در نه ماه نخست سال 2013 نشان دهنده يك منحني صعودي با ميانگين اندازه حملات 3 تا 3.5 گيگابيت بر ثانيه است كه در سال 2012، در همين بازه زماني 1.48 گيگابيت بر ثانيه بوده است.
اگرچه در سه‌ماهه سوم هيچ حمله‌اي به حداكثر ثبت شده در ماه مارس يعني 300 گيگابيت بر ثانيه كه متعلق به Spamhaus بود نرسيده است، اما سيستم Atlas اين شركت يك حمله 191 گيگابيت بر ثانيه‌اي را در ماه آگوست ثبت كرده است كه نشان مي‌دهد ترافيك در حال حركت از 100 گيگابيت بر ثانيه به سمت 200 گيگابيت بر ثانيه است.
همچنين آمارهاي Arbor نشان مي‌دهد كه تقريباً نه حمله از هر ده حمله DDoS كمتر از يك ساعت به طول انجاميده‌اند، البته حملات بزرگتر مدت بيشتري نيز طول كشيده‌اند.
البته Spamhaus تنها مورد قابل توجه اين نوع حملات نبود. در ماه آگوست يك حمله بزرگ DDoS با اندازه نامشخص كد كشور cn چين را هدف قرار داد كه باعث قطع شدن دسترسي به اينترنت در اين كشور شد.

شماره: IRCNE2013101989
تاريخ: 29/07/92

گوگل اعلام كرده است كه حداقل تا آوريل 2015 به پشتيباني از مرورگر كروم بر روي ويندوز XP ادامه خواهد داد.
براي مايكروسافت سال 2014 سالي مهم از جهت چرخه حيات پشتيباني‌هاي اين شركت خواهد بود. ويندوز XP، ويندوز Exchange Server 2003 و Office 2003 سه محصول بسيار مشهور اين شركت هستند كه در سال 2014 عرضه به‌روز رساني امنيتي براي آنها پايان خواهد يافت.
ويندوز XP محصولي است كه بيشترين نگراني را در اين ميان به خود اختصاص داده است، چرا كه تعداد بسيار زيادي از كاربران به خصوص در خارج از ايالات متحده آمريكا، هنوز از اين سيستم عامل استفاده مي‌كنند. بسياري از اين كاربران نيز از مرورگر كروم بر روي سيستم خود استفاده مي‌كنند.
گوگل در اعلاميه خود عنوان كرده است كه مرورگرها اغلب به عنوان بردارهايي براي سوء استفاده از آسيب‌پذيري‌هاي سيستم عامل‌ها مورد استفاده قرار مي‌گيرند. بنابراين زماني كه عرضه اصلاحيه‌هاي ويندوز XP به پايان مي‌رسد، وجود يك مرورگر امن بر روي اين سيستم عامل از اهميت ويژه‌اي برخوردار خواهد بود. از آنجايي كه IE نيز پس از آن زمان بر روي ويندوز XP به‌روز نخواهد شد، استفاده از آن بسيار خطرناك خواهد بود.
مدير امنيت عمومي گوگل كروم نوشت كه هدف اين شركت اين است كه از كاربران كروم ويندوز XP در طول دوران گذار از اين سيستم عامل به سيستم عامل ديگر پشتيباني نمايد.

ID :IRCNE2013101994
Date: 2013-10-21

IDG News Service - When a high-profile public figure living in Hong Kong hired the security company Trustwave to test if its experts could get his passwords, they turned to Facebook.
"We found out through Facebook who his wife was," said Jonathan Werrett, a managing consultant for Trustwave's SpiderLabs in Hong Kong. "We found out through her likes -- her public likes -- that she ran a pilates studio. We could then send a phishing email to her based around the fact that she ran a pilates studio that was hiring."
The computer she was using was a hand-me-down from her husband. The passwords he wanted to protect were in the Apple computer's keychain, so the hacking exercise "turned out to be a lot easier than we otherwise expected," Werrett said.
Mining small details from Facebook has become even easier with Graph Search, the site's new search engine that returns personalized results from natural-language queries. Graph Search granularly mines Facebook's vast user data: where people have visited, what they like and if they share those same preferences with their friends.
Graph Search immediately prompted warnings from security experts, who said its powerful data aggregation abilities could make people uncomfortable even though the exposed data is public.
"Maybe people will think twice before commenting on someone's drunken photos," expert said.

ID: IRCNE2013101993
Date: 2013-10-21

According to "techworld", VMware has warned that its popular virtualisation and cloud management products have security vulnerabilities that could lead to denials of service for customers using ESX and ESXi hypervisors and management platforms including vCenter Server Appliance and vSphere Update Manager.
To exploit the vulnerability an attacker would have to intercept and modify management traffic. If successful, the hacker would compromise the hostd-VMDBs, which would lead to a denial of service for parts of the program.
VMware released a series of patches that resolve the issue. More information about the vulnerability and links to download the patches can be found here.
The vulnerability exists in vCenter 5.0 for versions before update 3; and ESX versions 4.0, 4.1 and 5.0 and ESXi versions 4.0 and 4.1, unless they have the latest patches.
Users can also reduce the likelihood of the vulnerability causing a problem by running vSphere components on an isolated management network to ensure that traffic does not get intercepted.

ID: IRCNE2013101992
Date: 2013-10-21

According to “CNet”, Apple has said time and again in the wake of the NSA snooping scandal that it cannot read user iMessages. But new research has shown that it's theoretically possible.
Security firm QuarksLab on Thursday issued a white paper describing a method by which a hacker or Apple itself could access iMessages. The white paper states that Apple could intercept messages between sender and recipient and make them believe that their communication is secure. In order to do so, however, Apple would need to disrupt the encryption between communications and effectively change how iMessages works.
Back in June, Apple issued a statement on its site discussing its "commitment to customer privacy" in the wake of revelations about the National Security Agency. The company said at the time that iMessages are kept entirely secure.
"Conversations which take place over iMessage and FaceTime are protected by end-to-end encryption so no one but the sender and receiver can see or read them," Apple wrote in June. "Apple cannot decrypt that data. Similarly, we do not store data related to customers' location, Map searches or Siri requests in any identifiable form."
In a statement sent to All Things Digital in response to the new research, Apple spokeswoman Trudy Muller said that Apple would have to jump through hoops to achieve access to iMessages and that it has no desire to do so.
"The research discussed theoretical vulnerabilities that would require Apple to re-engineer the iMessage system to exploit it, and Apple has no plans or intentions to do so," Muller told All Things Digital.

ID: IRCNE2013101991
Date: 2013-10-21

According to “CNet”, in a somewhat nefarious climb to the top, Indonesia overtook China to become the top source of Internet attacks.
Attack traffic from Indonesia nearly doubled in the second quarter of 2013, according to Akamai's latest report published Wednesday. From April to June, attack traffic out of Indonesia spiked to 38 percent, a 17 percent increase from the previous quarter, according to the report.
Indonesia claims the dubious top spot from China, which dropped to No. 2 on Akamai's list. China's share remained roughly consistent, Akamai said, with 33 percent of attack traffic originating from the country in the second quarter.
Rounding out the top 10 on Akamai's list of attack traffic by country: the United States, Taiwan, Turkey, India, Russia, Brazil, Romania, and South Korea. These ten countries were the source of 89 percent of attacks, said Akamai. In total, Akamai observed attack traffic originating from 175 unique countries/regions in the second quarter, two fewer than in the first quarter.
Akamai noted in the report that its "methodology captures the source IP address of an observed attack and cannot determine attribution of an attacker." Which basically means, the actual attackers aren't always in the country where their attack traffic is originating.
The security section of the report also said Akamai customers reported being targeted by 318 DDoS attacks in the second quarter, 54 percent more than the prior quarter.

ID: IRCNE2013101990
Date: 2013-10-21

According to “TechWworld”, the average size of DDoS attacks is still climbing with the number breaching 20Gbps around four times the level seen a year ago, according to Arbor Networks.
The firm’s numbers of the first three quarters of 2013 show a rising curve with average attack sizes reaching 3-3.5Gbps, compared to 1.48Gbps for the same period in 2012. For the year as a whole, the average was now 2.64Gbps.
Although no attack in the third quarter reached the extreme scale of March’s humungous 300Gbps Spamhaus super-DDoS, the firm’s Atlas system did record one of 191Gbps in August, which suggests that the new traffic ceiling is shifting from 100Gbps to 200Gbps.
Probably more significant was the more than fourfold rise in the number of attacks over the 20Gbps threshold compared to 2012 with three months of the year still left to run, Arbor said.
Arbor also found that almost nine out of ten DDoS attacks lasted for less than an hour although larger ones usually went on for much longer.
Spamhaus hasn’t been the only significant incident. A major DDoS of unknown size on the China’s .cn country code top level domain in August briefly disrupted Internet access in the country.

ID: IRCNE2013101989
Date: 2013-10-21

According to “ZDNet”, Google has announced that it will continue to support the Chrome browser on Windows XP until at least April 2015, one year after Microsoft will end support for it.
For Microsoft, 2014 is an important year for Microsoft support lifecycles. Windows XP, Windows Exchange Server 2003 and Office 2003 are three of the very popular products for which Microsoft will stop providing security updates.
Windows XP is the one that has raised the most concern, as a significant number of users still rely on it, especially outside the US. Many of these users are Chrome users.
In announcing their extended support period, Google pointed out that browsers are often used as vectors for exploiting vulnerabilities in operating systems, so a secure browser will become all the more important on Windows XP once the patches stop. Internet Explorer on Windows XP will no longer be patched, so using it will become more dangerous.
Mark Larson, Director of Engineering and Superintendent of Public Safety for Google Chrome, who wrote the blog, said that the company's goal is to support Chrome XP users "during this transition process" from XP to something else. Microsoft has been calling the last few years the transition period, and it's possible that by indulging XP users with continued support that Google will delay that transition.

شماره: IRCNE2013101987
تاريخ: 27/07/92

به‌روز رساني حياتي اوراكل در نوبت سه‌ماهه خود عرضه شده است و شامل 127 ترميم امنيتي است كه 51 مورد آن مربوط به جاوا مي‌باشد.
اين نخستين بار است كه جاوا به همراه ساير محصولات اوراكل از جمله E-Business Suite، MySQL و Primavera Products Suite اصلاح شده است. پيش از اين جاوا هر چهار ماه يكبار به‌روز رساني مي‌شد.
به‌روز رساني حياتي ماه اكتبر شامل ترميم‌هايي براي مجموعه‌اي از برنامه‌هاي نرم‌افزاري است كه تمامي آنها در خانواده محصولات مرتبط با enterprise server قرار دارند:

• Oracle Database
• Oracle Fusion Middleware
• Oracle Enterprise Manager
• Oracle Applications - E-Business Suite
• Oracle Applications - Oracle Supply Chain, PeopleSoft Enterprise, Siebel and iLearning Products Suite
• Oracle FLEXCUBE Products Suite
• Oracle Health Sciences Products Suite
• Oracle Retail Products Suite
• Oracle Primavera Products Suite
• Oracle Java
• Oracle MySQL

مهمترين ترميم‌ها در اين مجموعه متعلق به جاوا هستند كه علت آن، تعداد زياد مشتريان اين محصول در سراسر جهان است. از ميان 51 اصلاحيه جاوا، 50 اصلاحيه مربوط به Java Applets و Java WebStart مي‌باشد كه زماني كه شما اين برنامه‌ها را در مرورگر خود اجرا مي‌كنيد، مورد استفاده قرار مي‌گيرند. بسياري از متخصصين امنيتي بر اين باورند كه درحاليكه جاوا برنامه مفيدي است، اما بايد در مرورگرها غيرفعال گردد، چرا كه خطر امنيتي زيادي به همراه دارد.
نكته نگران كننده اين است كه 12 آسيب‌پذيري اصلاح شده در اين به‌روز رساني داراي بيشترين درجه اهميت حياتي هستند.
اگرچه برخي نسخه‌هاي جاوا خود را به‌روز رساني مي‌كنند، اما ساير نسخه‌ها اين كار را انجام نمي‌دهند. بنابراين لازم است نسخه تحت اجراي سيستم عامل خود را بررسي نماييد. اوراكل تأكيد كرده است كه كاربران هرچه سريع‌تر اين به‌روز رساني‌ها را اعمال نمايند.
به‌روز رساني حياتي بعدي اوراكل در تاريخ 14 ژانويه 2014 عرضه خواهد شد.