« Archives in September, 2010

Oracle Debuts Unbreakable Enterprise Kernel for Oracle Linux

Oracle has announced the availability of the Unbreakable Enterprise Kernel for Oracle Linux, a fast, modern, reliable kernel that is optimized for Oracle software and hardware. “Today’s hardware innovations are fast and frequent, making it very important that the Linux distributions evolve quickly to leverage the latest hardware,” said Wim Coekaerts, senior vice president of Linux and Virtualization Engineering at Oracle.

Don’t let the hype fool you. What Oracle has done is not new or innovative. What they have done is actually learned to compile their own kernel. Oracle actually bad mouthed Redhat for being behind and slowing them up in the Linux development. Yet Oracle didn’t mind using Redhat’s entire code base and charging you for support. The “new” kernel version that Oracle is promoting has been in use by Ubuntu for over a year.

Thank you Oracle for your contributions to the Linux community!

MS emergency fix plugs ASP.Net web development hole

Microsoft has released an out-of-cycle patch designed to address a serious flaw in its ASP.Net web application development toolkit.

The vulnerability, which has been under active attack for several weeks, creates a mechanism for attackers to read any file on a web application server. Microsoft rates the flaw as only “important”, while independent security watchers such the the SANS Institute’s Internet Storm Center say that rating underestimates the risk posed by the flaw to online shops built using Microsoft’s developer tools. The ISC has raised the InfoCon status of the flaw from green to yellow.

Read more…

The Rise of PDF Malware

Symantec has released a report on PDF malware titled “The Rise of PDF Malware”. It’s an interesting read with some good statistics and trends on the use of PDF files to exploit vulnerabilities.

Ironically, it is distributed as a PDF file.

Get the report here.

Facebookers Beware

Fake Facebook password reset email leads to fake AV.
Attackers continue to abuse users of social networking sites with spam or malicious emails and posts. Facebook seems to be a favorite for most attackers as it has a huge user base, and attackers are almost guaranteed to get their message propagated quickly. You know how it is. Your wall continues to get littered with posts from all your friends and family to check something out that they should have never check out in the first place.

Any way, this latest campaign is yet another way to end up with a fake AV. The user is presented with an email message which suggests opening the attached zip file, in order to retrieve a newly-created password due to supposed changes made to the user’s Facebook account.

facebook_email

Don’t open it!

Hostage Taker Besieges Discovery Channel, Posts Demands on Web

I was just watching this on the news.

The authorities were negotiating Wednesday with an armed man who has taken an unknown number of hostages who might have an explosive or “metallic device” at the Discovery Channel’s headquarters in Silver Spring, Maryland.

Most of the hundreds of employees, including children at an on-site daycare center, have been evacuated, police said. The station was airing its normal broadcast and no injuries were reported.

Police identified the suspect as James Lee.

According to a Wednesday update on the savetheplanetprotest.com website believed run by Lee, the suspect demanded that the Discovery Channel broadcast its “commitment to save the planet.”

Read more…

A Trojan hits Adobe Air Tweetdeck

Hackers have updated a Trojan virus that bypasses sandbox insecurity on Adobe Air apps like Tweet Deck.

We thought Adobe had learned its lesson with the dependently exploitable Flash but it looks like Trojan attacks on Air say otherwise. Senior tech consultant at Sophos, Graham Cluley blogged yesterday about a fake Tweetdeck update that preys on Twitter users. Hackers used the bank holiday weekend to get users to click on loaded links for the fake critical Tweetdeck update that was a Trojan.

“The tweets are being posted from hacked Twitter accounts, and do not link to a legitimate update for TweetDeck”, said Cluley. “Instead, unsuspecting users are putting themselves at risk of infection by a Trojan horse.”

Twitter sent out a safety update yesterday, warning users not to download anything. “We’re sending password resets to accounts posting a fake TweetDeck update; don’t download that file!”

I know I watch Twitter for all my update news. Not.