WatchGuard Security Week in Review: Text Version

As you probably noticed, I did not post a WatchGuard Security Week in Review episode this week. An extremely busy travel schedule, and a day off to run a long distance race with the WatchGuard team, made it impossible for me to record and produce my weekly video. But don’t worry… The weekly security recap video will return next week with a special episode.

I am attending the Blackhat Vegas security conference next week. Blackhat Vegas and Defcon (which falls on the same week) are two of the biggest security conferences of the year. Security researchers often disclose major breaking research and vulnerabilities during these exciting shows. You can look forward to an “on the road” edition of my weekly video next Friday, and it’ll likely include some big stories from Blackhat.

In the meantime, I won’t leave you hanging for your weekly security news fix. Below, you’ll find a bulleted-list, which quickly summarizes many of this week’s most interesting security stories. See you next week.

  • Oracle Quarterly Patch Day, July 2012 – On Tuesday, Oracle posted their quarterly patch update for July. They fixed 87 security vulnerabilities in many of their popular products. If you use Oracle software, you should check their CPU advisory and apply the necessary updates.
  • Rumored Android botnet may just be Yahoo MitM attack – Last week’s video, warned you about a potential new botnet might affect Android devices. Microsoft and others noticed spam coming from Android devices via Yahoo, and thought an android botnet may be involved. It turns out these emails may be the result of a Man-in-the-Middle (MitM) attack on Yahoo email from public hotspots.
  • Android 4.1 Harder to Hack – Various researchers have pointed out that Google’s upcoming Android Jellybean update (4.1) will make Android devices harder to hack. This new version implements some OS memory protection features like Address Space Layout Randomization (ASLR) and Data Execution Prevention (DEP) to make memory corruption flaws, such as buffer overflows, harder to exploit.
  • Anonymous is targeting Oil Companies in the Arctic – Anonymous has pointed their guns at oil companies drilling in the Arctic, such as Exxon and Shell. So far they have stolen a bunch of email account credentials.
  • Possible Dropbox breach – Many Dropbox users have complained about spam to their Dropbox accounts, which has the company investigating for a potential network breach. Little else is known yet, but I’ll update you if they find anything relevant.
  • Facebook photo tag spam – Attackers are spamming out a new malware campaign on Facebook. It arrives as a message saying someone has tagged a photo of you on Facebook. If you interact with it, it tries to install malware on your computer. Be wary of any unusual Facebook photo tagging messages.
  • DHS warns of ICS vulnerabilities – The US Department of Homeland Security has warned of vulnerabilities in a popular Industrial Control System (ICS) application called Niagara. If you work at an organization that uses this software, you need to implement the recommended workarounds (see this article).
  • Grum botnet partially disabled – Researchers and authorities have shutdown two of the Command and Control (C&C) servers used by a huge botnet called Grum. The botnet still has two other C&C servers to fallback on, but hasn’t so far. This takedown has significantly lessened email spam, however, botherders often just rebuild their zombie networks. So I wouldn’t expect the spam decrease to last for long.
  • ITWallStreet.com data breach – Attackers claimed to have gained access to 50,000 user records from the IT Wall Street web site. If you use this site, you should changed your password, and monitor your accounts for identity fraud.

— Corey Nachreiner, CISSP (@SecAdept)

About Corey Nachreiner

Corey Nachreiner has been with WatchGuard since 1999 and has since written more than a thousand concise security alerts and easily-understood educational articles for WatchGuard users. His security training videos have generated hundreds of letters of praise from thankful customers and accumulated more than 100,000 views on YouTube and Google Video. A Certified Information Systems Security Professional (CISSP), Corey speaks internationally and is often quoted by other online sources, including C|NET, eWeek, and Slashdot. Corey enjoys "modding" any technical gizmo he can get his hands on, and considers himself a hacker in the old sense of the word.

5 Responses to “WatchGuard Security Week in Review: Text Version”

  1. Let me preface this by say, I’m a huge fan of TrueBlood however july 22nd episode is showing a bad direction the show is heading! First why would Russell get back on top again.. Roman should hav stayed longer..secondly why are the afro-americans either enslaved,(I.e.Tara) or alwaz doing stupid acts (I.e. Lafayette)and lastly this guy in Lillys new circle,(he’s very tall n dark)the only one bent over a bar,draining someone blood-by going down on her! Come on now,the directors, producers whoever,can at least make the african american characters hav more of a character and stronger positive look.. Its only about 3 altogether tht has a “major” part! PS please let sookie keep her powers and help save these maniacalvampires..pass this on to the producers,directors and actors.Thank you. And I know I’m not important,but it is something to think about,bcuz TrueBlood has a diverse group of followers.

Trackbacks/Pingbacks

  1. Oracle Releases Out-of-Cycle Update for Blackhat Database Server Flaw | WatchGuard Security Center - August 14, 2012

    […] you’re an Oracle administrator, hopefully you saw the text version of WatchGuard Security Week in Review a few weeks ago, where I mentioned Oracle’s big quarterly patch day for July 2012. If you […]

  2. Exchange Update Corrects Oracle Outside In Vulnerabilities | WatchGuard Security Center - August 14, 2012

    […] Oracle recently found a number of vulnerabilities in their Outside In libraries, which they fixed during their quarterly Critical Patch Update (CPU) last July. Early August, Microsoft realized Exchange was also affected by Oracle’s Outside […]

  3. Exchange Update Corrects Oracle Outside In Vulnerabilities - Arlington, Fort Worth, Dallas | Marjen Technology Group - September 29, 2015

    […] Oracle recently found a number of vulnerabilities in their Outside In libraries, which they fixed during their quarterly Critical Patch Update (CPU) last July. Early August, Microsoft realized Exchange was also affected by Oracle’s Outside In […]

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: