شماره: IRCNE2012021399
تاريخ: 23/11/90

با توجه به گزارش امنيت جهاني كه اين هفته توسط تحقيقات امنيتي شركت Trustwave منتشر شده است: بيشترين تعداد ويروس ها در هر روز بين ساعت 8 تا 9 صبح فرستاده مي شوند.
در گزارش آمده است: تعداد برنامه هاي اجرايي و ويروس هاي ارسال شده در ساعات اوليه صبح افزايش يافته است.
شركت Trustwave با استفاده از داده هاي جمع آوري شده در سال 2011 از بيش از 300 تحقيقات قانوني و پاسخ گوي حادثه در 18 كشور، به همراه تجزيه و تحليل 16 بيليون ايميل از سال 2008 تا سال 2011، گزارشي در خصوص امنيت و آسيب پذيري ها گردآوري كرده است.
اين شركت هم چنين نشان مي هد كه در كدام ماه سال بيشترين ويروس ها فرستاده شده اند و نتيجه مي گيرد كه ارسال ويروس در ماه سپتامبر به اوج خود رسيده است. بنا بر گزارش به طور كلي، 3 درصد از ويروس هاي فرستاده شده از طريق ايميل در ماه هاي اوت و سپتامبر ارسال شده است.
در گزارش آمده است، در اكثر محيط ها، زمان آسيب پذيري تا كشف آن حدود شش ماه طول مي كشد. بنابراين، ماه مارس 2012 بايد شلوغ ترين ماه براي پاسخ گويان حادثه و آشكار شدن رخنه ها باشد.

شماره: IRCNE2012021398
تاريخ: 23/11/90
محققان امنيتي از ترندميكرو يك نسخه تقلبي از بازي معروف Temple Run را در فروشگاه اندرويد كشف كردند.
قبل از آنكه برنامه كاربردي نصب و اجرا شود، ميانبرهايي بر روي صفحه اصلي گوشي هاي هوشمند آلوده شده ايجاد مي شوند. اگر بر روي دستگاه مبتني بر اندرويد فيس بوك نصب شده باشد، اين برنامه مخرب از كاربر مي خواهد قبل از اجراي بازي، برنامه كاربردي تقلبي را بر روي فيس بوك به اشتراك بگذارد. هم چنين از كاربر مي خواهد كه در فروشگاه اندرويد به اين برنامه كاربردي راي دهد. اين برنامه تقلبي قادر است با استفاده از تلفن همراه، تبليغاتي را نمايش دهد.
ترندميكرو، اين برنامه كاربردي را به عنوان بدافزار طبقه بندي مي كند و در حال حاضر به عنوانANDROIDOSFAKERUNA شناسايي شده است.

شماره: IRCNE2012021397
تاريخ: 23/11/90

ادوبي يك نسخه بتا از فلش پلير را براي فايرفاكس منتشر كرد. اين نسخه به دليل استفاده از معماري جديد sandbox، در برابر سوء استفاده از آسيب پذيري ها داراي حفاظت بهتري است.
با توجه به اظهارات پليئوس آهلي، يك محقق در تيم مهندسي نرم افزار ادوبي، طراحي sandbox در فلش فايرفاكس مشابه حالت حفاظت شده در Adobe Reader X است.
آهلي گفت: تكنولوژي sandbox ثابت كرده است كه با افزايش هزينه و پيچيدگي در شناسايي سوء استفاده ها، در حفاظت از كاربران بسيار موثر است.
ادوبي اظهار داشت: از زماني كه Adobe Reader X در نوامبر سال 2010 از sandbox خود پرده برداري كرد، تاكنون حتي يك سوء استفاده موفقيت آميز در مقابل جديدترين نسخه از اين نرم افزار ديده نشده است.
آهلي گفت: ما اميدواريم با sandbox فلش پلير براي فايرفاكس، شاهد نتايج مشابه با آخرين نسخه از نرم افزار Reader باشيم.
رئيس امنيتي ادوبي، برد آركين اظهار داشت كه اين شركت به زودي به روز رساني هاي امنيتي خودكار بي سر و صدا را براي فلش پلير اعمال مي كند.

ID: IRCNE2012021401
Date: 2012-02-12

A number of iTunes users are reportedly receiving refunds after having their iTunes Store accounts cleaned out by thieves, with the underlying issue of how it happened remaining unresolved.
Users posting on Apple's Support Community have been reporting that their iTunes accounts and information have been hacked, resulting in gift card and other purchases and changes to their personal information.
According to a report from The Global Mail, Apple's iTunes accounts have been susceptible to hacker attacks for some time. Users have been complaining for more than a year about a relatively similar issue -namely, an account is accessed without permission, any gift card credit available is spent on apps, and information, including PayPal account information, is used and/or changed.
Those are some serious issues. But Apple is only responding with a generic statement:
"Apple takes precautions to safeguard your personal information against loss, theft, and misuse, as well as against unauthorized access, disclosure, alteration, and destruction," the company said in a statement issued to The Globe and Mail. "Apple online services such as the Apple Online Store and iTunes Store use Secure Sockets Layer encryption on all Web pages where personal information is collected."
It's not uncommon for Apple to remain silent about potential issues involving its products or services. The company has said in the past that it likes to gather all the facts, investigate, and come up with a solution before issuing public statements about problems. But in the case of people's account information, some are calling for more transparency.
To Apple's credit, it seems most customers have been refunded their lost credits or balances without too much hassle.
While many will view a lack of response from Apple as a sign that there isn't a serious problem, many people posting comments seem to be concerned that Apple hasn't fixed the problem, and feel Apple is instead attempting to keep it quiet by issuing refunds to users.

ID: IRCNE2012021400
Date: 2012-02-12

According to "cnet", Apple offers a number of options for securing your data on a Mac, including enabling FileVault for whole disk encryption in Lion, and encrypted disk images for securing collections of documents.
In addition, as with other software developers, Apple has included options to secure individual documents for some of its programs, such as those in its iWork productivity suite.
To do this in iWork, create or open a document in Pages, Numbers, or Keynote, and then open the inspector window by clicking its icon in the toolbar or by pressing Option-Command-I. Then select the "Document" section in the inspector and check the option to require a password to view the document. After supplying a your password and confirming it, the document will now require you supply this password whenever it is opened.
While Apple uses 128-bit AES encryption in its password-protected documents, unless you use a good password, then it is quite feasible that the password can be cracked.
Recently to help forensic agencies, password decryption company Passware described its ability to recover Apple's FileVault 2 encryption keys from system memory using FireWire's Direct Memory Access (DMA) features.
ElcomSoft's tool is not only designed to work against iWork documents, but also is used to guess the passwords for Office documents, Windows and Unix log-ons, PDF documents, and numerous other technologies.
To help avoid this, it is best to ensure the passwords you use are high-quality, and are not patterned in ways that might be easy to guess. If you need help in choosing a good password to use for a document or system service, Apple does offer a password assistant as part of its security framework that can be invoked through programs built with this framework.

ID: IRCNE2012021399
Date: 2012-02-12

According to "cnet", the number of viruses sent out each day peaks between 8 a.m. and 9 a.m. EST, according to the Global Security Report released by security research firm Trustwave this week.
"The number of executables and viruses sent in the early morning hours increased," reads the report.
Using real-world data collected in 2011 from more than 300 incident response and forensic investigations in 18 countries, along with analyzing 16 billion e-mails from 2008 to 2011, Trustwave compiled this in-depth report that looks at security trends, vulnerabilities, and more.
Trustwave also looked into which month of the year more viruses were sent and concluded that viruses shot up in August and reached a peak in September. Overall, 3 percent of viruses sent through e-mail came in August and September.
"The time from compromise to detection in most environments is about six months," reads the report. "Therefore, if these methods were successful, March 2012 should be a busy month for incident responders and breach disclosures."

ID: IRCNE2012021398
Date: 2012-02-12

According to "zdnet", Security researchers from TrendMicro have spotted a fake version of popular game Temple Run, currently available at Android’s Market.
Once the application is installed and run, it creates shortcuts on an infected smartphone’s homepage. If the Android-based device has Facebook installed, it asks the user to share the fake app on Facebook before playing the game. It would also prompt the user to rate the application in the Android Market. It also is capable of displaying ads using the mobile notification.
TrendMicro classified the application as malware due to the aggressive advertising methods used in it. It’s currently detected as ANDROIDOS_FAKERUN.A.

ID: IRCNE2012021397
Date: 2012-02-12

According to "zdnet", Adobe has released a beta version of Flash Player for Firefox, which has better protection against vulnerability exploits because of a new sandboxed architecture.
According to Peleus Uhley, a researcher in Adobe’s secure software engineering team, the design of the Firefox Flash sandbox is similar to the Protected Mode mitigation fitted into Adobe Reader X.
Uhley said sandboxing technology has proven very effective in protecting users by increasing the cost and complexity of authoring effective exploits.
Ever since Adobe Reader X unveiled its sandbox in November 2010, Adobe says it has “not seen a single successful exploit in the wild” against the newest version of that sofware.
“We hope to see similar results with the Flash Player sandbox for Firefox once the final version is released later this year,” Uhley said.
Separately, Adobe security chief Brad Arkin says the company is moving to silent auto security updates for Flash Player “soon.”

شماره: IRCNE2012021396
تاريخ: 21/11/90

سه شنبه آينده مايكروسافت قصد دارد، نه بولتن امنيتي را براي برطرف كردن حداقل 21 رخنه مستند شده در سيستم عامل ويندوز منتشر كند.
در سه شنبه اصلاحيه اين ماه، رخنه هاي امنيتي بسيار خطرناك در مايكروسافت ويندوز، مايكروسافت آفيس، مرورگر IE و .NET/Silverlight برطرف مي شوند.
بولتن اينترنت اكسپلورر داراي رتبه " بسيار مهم" است و به دليل خطر حملات اجراي كد از طريق حملات drive-by downloads،داراي به روز رساني با اولويت بالا در نظر گرفته مي شود.
با توجه به يك اخطاريه از مايكروسافت، براي اعمال بسياري از به روز رساني ها، نياز به يك راه اندازي مجدد است. اين نه بولتن روز سه شنبه، 14 فوريه منتشر خواهد شد.

ID: IRCNE2012021396
Date: 2012-02-10

According to "zdnet", Microsoft plans to ship nine security bulletins next Tuesday with fixes for at least 21 documented flaws in the Windows operating system.
This month’s Patch Tuesday batch will cover dangerous security holes in Microsoft Windows, Microsoft Office, the Internet Explorer browser and .NET/Silverlight.
The Internet Explorer bulletin is rated “critical” and should be considered a high-priority update because of the risk of code execution attacks via drive-by downloads.
According to an advance notice from Microsoft, most of the updates will require a restart once the patches are applied.
The nine bulletins will be releaed on Tuesday, February 14 at approximately 10 a.m. PST.