|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Phishing preys on mobile devices; latest patches and vulnerabilities
From: Security Threat Watch Newsletter (NetworkComputing
update.networkcomputing.com)
Date: Mon Sep 11 2006 - 13:00:48 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Security Threat Watch
Number 148
Tuesday, September 11, 2006
Created for you by Network Computing & Neohapsis
Phishing has reared its ugly head again, this time in the mobile device
arena. "Security gurus at McAfee say they're seeing an uptick of
phishing attempts via SMS--a phenomenon that McAfee has dubbed
'SmiShing.'" According to the report, unsuspecting cell users might get
a text message warning them that they've signed up for a bogus
subscription service (such as online dating) and that they must follow a
URL to opt out. Once at the site, users are instructed to download a
malicious program that could steal personal data, turn their PCs into
malware-spewing zombies or worse. Once part of a zombie network, a PC
can be used to launch DoS attacks or send spam messages.
It was only a matter of time before phishing became more sophisticated
and evolved to attack mobile devices. Although most people would
instantly identify such messages as fraud, attackers prey on
unsuspecting users' fear of incurring premium rates on their cell phone
bills. Fear is a strong motivator, and phishing will be around as long
as it is still fruitful.
SmiShing can pose a threat to enterprise networks and present a serious
challenge to data security. As smartphones and other handheld mobile
devices such as BlackBerries become increasingly popular and more
prevalent in enterprise environments, it would be prudent for
enterprises to be proactive and educate their employees about the
potential risk. It also would be wise for IT departments to treat mobile
devices with the same security precautions as they do laptops and PCs.
The best advice to protect mobile devices from SmiShing is to be
cautious and aware that unsolicited SMS messages may contain URLs that
are malicious in nature.
AT&T last week said in a press release, "unauthorized persons illegally
hacked into a computer system and accessed personal data." The security
breach was only the first step in a more elaborate scam that
incorporated phishing messages sent in an attempt to trick AT&T
customers into revealing their social security numbers. The incident
demonstrates that thieves are branching out, and although they had some
customer data, they used a deceptive phishing scam to get the additional
information used in identity theft.
Until next issue,
- The Neohapsis Security Threat Watch Team
--- Advertisement
-----------------------------------------------------
This issue sponsored by EC-Council’s CEH Certification.
Certified Ethical Hacker is the most practical security certification you
can give your staff. Hire a Certified Ethical Hacker, or send your staff to
earn the certification.
For a free copy of “The 7 Habits of a Highly Malicious Hacker” visit:
--- TechCareers: The Job Hunt And Age Discrimination
-----------------------------------------------
By Rusty DAversa, TechCareers.com
Fighting discrimination is all about proving your value to the hiring
manager, says a career expert.
http://www.techcareers.com/content/article.asp?articleid=185303267
--- Advertisement
-----------------------------------------------------
NWC Podcasts
Listen to Network Computing's editors talk about today's most pressing
enterprise challenges with some of the IT industry's leading experts.
Tune in as we cover topics including security, collaboration,
convergence and more.
http://www.networkcomputing.com/podcasts
--- New Vulnerabilities
-----------------------------------------------
Below is a list of new vulnerabilities announced this week.
Vulnerabilities considered to be 'critical' involve highly-deployed
software, or carry a high-risk of system compromise. Note that
vulnerabilities not highlighted may still be of critical severity
to your environment.
**** Highlighted critical vulnerabilities ****
Microsoft Word: remote code execution
**** Newly announced vulnerabilities this week ****
____Windows____
AOL ICQ Pro 2003b: remote overflow
http://archives.neohapsis.com/archives/vulnwatch/2006-q3/0032.html
Alt-N WebAdmin 3.2.5: privilege escalation
http://archives.neohapsis.com/archives/bugtraq/2006-09/0030.html
AnywhereUSB/5 1.80.00: client remote DoS by rogue server
http://archives.neohapsis.com/archives/bugtraq/2006-09/0026.html
AuditWizard 6.3.2: password disclosure
http://archives.neohapsis.com/archives/bugtraq/2006-09/0047.html
Easy Address Book Web Server 1.2: remote DoS
http://archives.neohapsis.com/archives/bugtraq/2006-09/0056.html
IBM Lotus Notes 6.5.4: remote overflow
http://archives.neohapsis.com/archives/vulnwatch/2006-q3/0034.html
Ipswitch Collaboration Suite: SMTP server stack overflow
http://archives.neohapsis.com/archives/bugtraq/2006-09/0100.html
Microsoft Word: remote code execution
http://archives.neohapsis.com/archives/bugtraq/2006-09/0034.html
http://archives.neohapsis.com/archives/bugtraq/2006-09/0075.html
____Network Devices____
Cisco IOS 12.2: GRE decapsulation vulnerability
http://archives.neohapsis.com/archives/cisco/2006-q3/0014.html
http://archives.neohapsis.com/archives/bugtraq/2006-09/0065.html
____CGI____
AckerTodo 4.0: XSS
http://archives.neohapsis.com/archives/bugtraq/2006-09/0106.html
AlstraSoft Template: remote PHP file inclusion
http://archives.neohapsis.com/archives/bugtraq/2006-09/0038.html
AnnonceV 1.1: remote PHP file inclusion
http://archives.neohapsis.com/archives/bugtraq/2006-09/0041.html
Annuaire 1Two 2.2: SQL tampering
http://archives.neohapsis.com/archives/bugtraq/2006-09/0016.html
Autentificator 2.01: SQL tampering
http://archives.neohapsis.com/archives/bugtraq/2006-09/0014.html
BLOG:CMS 4.1: SQL tampering
http://archives.neohapsis.com/archives/bugtraq/2006-09/0109.html
BinGoPHP News 3.01: remote PHP file inclusion
http://archives.neohapsis.com/archives/bugtraq/2006-09/0090.html
DokuWiki 2006-03-09: remote PHP file inclusion
http://archives.neohapsis.com/archives/bugtraq/2006-09/0097.html
Dyn CMS 6: remote PHP file inclusion
http://archives.neohapsis.com/archives/bugtraq/2006-09/0053.html
FlashChat 4.5.7: remote PHP file inclusion
http://archives.neohapsis.com/archives/bugtraq/2006-09/0050.html
GrapAgenda 0.1: remote PHP file inclusion
http://archives.neohapsis.com/archives/bugtraq/2006-09/0037.html
ICQ Toolbar 1.3: multiple vulnerabilities
http://archives.neohapsis.com/archives/vulnwatch/2006-q3/0033.html
http://archives.neohapsis.com/archives/bugtraq/2006-09/0096.html
MKPortal M1.1: XSS
http://archives.neohapsis.com/archives/bugtraq/2006-09/0093.html
MyBace Light: remote PHP file inclusion
http://archives.neohapsis.com/archives/bugtraq/2006-09/0057.html
PHPFusion 6.01.4: SQL tampering
http://archives.neohapsis.com/archives/bugtraq/2006-09/0086.html
PHPopenchat 3.0: remote PHP file inclusion
http://archives.neohapsis.com/archives/bugtraq/2006-09/0076.html
Revista 1.1.2: multiple vulnerabilities
http://archives.neohapsis.com/archives/bugtraq/2006-09/0013.html
RunCMS 1.4.1: SQL tampering
http://archives.neohapsis.com/archives/bugtraq/2006-09/0103.html
SL_Site 1.0: remote PHP file inclusion
http://archives.neohapsis.com/archives/bugtraq/2006-09/0099.html
SMF 1.1: SQL tampering
http://archives.neohapsis.com/archives/bugtraq/2006-09/0009.html
SQL-Ledger 2.6.17: multiple vulnerabilities
http://archives.neohapsis.com/archives/bugtraq/2006-09/0094.html
SSLinks 1.22: SQL tampering
http://archives.neohapsis.com/archives/bugtraq/2006-09/0015.html
Shadow Prmod 2.7.1: remote PHP file inclusion
http://archives.neohapsis.com/archives/bugtraq/2006-09/0098.html
SoftBB 0.1: multiple vulnerabilities
http://archives.neohapsis.com/archives/bugtraq/2006-09/0032.html
http://archives.neohapsis.com/archives/bugtraq/2006-09/0025.html
Tr Forum 2.0: multiple vulnerabilities
http://archives.neohapsis.com/archives/bugtraq/2006-09/0017.html
VBZooM 1.x: XSS
http://archives.neohapsis.com/archives/bugtraq/2006-09/0011.html
WM-News 0.5: remote PHP file inclusion
http://archives.neohapsis.com/archives/bugtraq/2006-09/0104.html
Wordpress 2.0.5: multiple vulnerabilities
http://archives.neohapsis.com/archives/bugtraq/2006-09/0072.html
ZIXForum 1.12: SQL tampering
http://archives.neohapsis.com/archives/bugtraq/2006-09/0045.html
e107 0.7.5: SQL tampering
http://archives.neohapsis.com/archives/bugtraq/2006-09/0010.html
in-link 2.3.4: remote PHP file inclusion
http://archives.neohapsis.com/archives/bugtraq/2006-09/0052.html
____Mobile Devices____
PDAapps Verichat 1.30bh: local password exposure
http://archives.neohapsis.com/archives/bugtraq/2006-09/0024.html
Shape Services IM+ v3.10: local password exposure
http://archives.neohapsis.com/archives/bugtraq/2006-09/0019.html
____Cross Platform____
Web Dictate 1.02: privilege escalation
http://archives.neohapsis.com/archives/bugtraq/2006-09/0022.html
--- Patches and Updates
-----------------------------------------------
The following contains a list of vendor patches and updates released
this week.
____Linux____
Debian > DSA 1159-2: Mozilla Thunderbird
http://archives.neohapsis.com/archives/vendor/2006-q3/0093.html
Debian > DSA 1166-1: cheesetraceker
http://archives.neohapsis.com/archives/bugtraq/2006-09/0021.html
Debian > DSA 1167-1: Apache
http://archives.neohapsis.com/archives/bugtraq/2006-09/0023.html
Debian > DSA 1168-1: ImageMagick
http://archives.neohapsis.com/archives/bugtraq/2006-09/0033.html
Debian > DSA 1169-1: MySQL 4.1
http://archives.neohapsis.com/archives/bugtraq/2006-09/0036.html
Debian > DSA 1170-1: fastjar
http://archives.neohapsis.com/archives/bugtraq/2006-09/0067.html
Debian > DSA 1171-1: ethereal
http://archives.neohapsis.com/archives/bugtraq/2006-09/0112.html
Gentoo > GLSA 200509-09: Py2Play
http://archives.neohapsis.com/archives/bugtraq/2006-09/0048.html
Gentoo > GLSA200609-01: Streamripper
http://archives.neohapsis.com/archives/bugtraq/2006-09/0071.html
Gentoo > GLSA200609-02: GTetrinet
http://archives.neohapsis.com/archives/bugtraq/2006-09/0074.html
Gentoo > GLSA200609-03: OpenTTD
http://archives.neohapsis.com/archives/bugtraq/2006-09/0070.html
Gentoo > GLSA200609-04: LibXfont
http://archives.neohapsis.com/archives/bugtraq/2006-09/0069.html
Gentoo > GLSA200609-05: OpenSSL
http://archives.neohapsis.com/archives/bugtraq/2006-09/0089.html
Mandriva > MDKSA-2006:161: OpenSSL
http://archives.neohapsis.com/archives/linux/mandrake/2006-q3/0080.html
Mandriva > MDKSA-2006:162: PHP
http://archives.neohapsis.com/archives/linux/mandrake/2006-q3/0083.html
SUSE > SUSE-SA:2006:051: Apache2
http://archives.neohapsis.com/archives/linux/suse/2006-q3/0195.html
SUSE > SUSE-SR:2006:022: numerous packages
http://archives.neohapsis.com/archives/linux/suse/2006-q3/0196.html
SuSE > SUSE-SA:2006:050: ImageMagick
http://archives.neohapsis.com/archives/linux/suse/2006-q3/0192.html
Ubuntu > USN-338-1: MySQL
http://archives.neohapsis.com/archives/bugtraq/2006-09/0029.html
Ubuntu > USN-339-1: OpenSSL
http://archives.neohapsis.com/archives/bugtraq/2006-09/0031.html
Ubuntu > USN-340-1: ImageMagick
http://archives.neohapsis.com/archives/bugtraq/2006-09/0062.html
Ubuntu > USN-341-1: libxfont
http://archives.neohapsis.com/archives/bugtraq/2006-09/0080.html
Ubuntu > USN-342-1: PHP
http://archives.neohapsis.com/archives/bugtraq/2006-09/0084.html
rPath > rPSA-2006-0163-1: OpenSSL
http://archives.neohapsis.com/archives/bugtraq/2006-09/0051.html
____BSD____
FreeBSD > FreeBSD-SA-06:19: OpenSSL
http://archives.neohapsis.com/archives/bugtraq/2006-09/0077.html
FreeBSD > FreeBSD-SA-06:20: bind
http://archives.neohapsis.com/archives/bugtraq/2006-09/0108.html
____HP-UX____
SSRT051078: usermod
http://archives.neohapsis.com/archives/bugtraq/2006-09/0068.html
SSRT061202: Apache
http://archives.neohapsis.com/archives/bugtraq/2006-09/0046.html
____Cross Platform____
OpenPKG > OpenPKG-SA-2006.018: OpenSSL
http://archives.neohapsis.com/archives/bugtraq/2006-09/0059.html
OpenPKG > OpenPKG-SA-2006.019: bind
http://archives.neohapsis.com/archives/bugtraq/2006-09/0079.html
--- Advertisement
-----------------------------------------------------
Network Computing is coming to a city near you!
You're invited to our Data Center Expert Series
November 28 - Washington DC, December 1 - Atlanta, GA
December 5 - Los Angeles, CA, December 7 - Dallas, TX
Seating is limited.
REGISTER NOW FOR COMPLIMENTARY REGISTRATION:
https://secure.pnmi.com/nwcdata/?source=DC5&keycode=newsletter
--- Sign Off
----------------------------------------------------------
If this e-mail was passed to you, and you would like to begin receiving
our free security e-mail newsletter on a weekly basis, we invite you to
subscribe today by forwarding this message to [subscribe_stwupdate.networkcomputing.com].
Or you can subscribe directly here:
http://www.networkcomputing.com/go/stw.jhtml
To manage all aspects of your subscription and newsletter account,
simply use the URL below. You'll need your e-mail address and
password to log in. If you don't have your password, you can generate
a new one using the same URL. Once logged in, you can change your
e-mail address and password as well as select specific platforms for
which you'd like to receive information on patches and vulnerabilities.
If you have any questions regarding this system, please don't hesitate
to e-mail us at stwnwc.com.
http://stwpref.update.networkcomputing.com/CMP/NWC/prefctr.asp
Put Us On Your White List
Don't let an over-eager e-mail filter bounce the Network Computing
Security Threat Watch newsletter! Our address:
NetworkComputingupdate.networkcomputing.com
needs to be in your address book or on your anti-spam white list. Ask your
admin or ISP how to do this, or check your anti-spam utility documentation.
Important subscription contacts:
CMP Media LLC
600 Community Drive
Manhasset, NY 11030
Unsubscribe to Network Computing's newsletters.
http://www.networkcomputing.com/newsletters/unsubscribe.html
Sign up for your own issue of this newsletter.
http://www.networkcomputing.com/newsletters/subscriptions.html
Subscribe to Network Computing's newsletters.
http://www.networkcomputing.com/newsletters/subscriptions.html
Still not receiving your own FREE subscription to Network Computing
magazine?
http://networkcomputingsubscriptions.com/customerservice/
ADDITIONAL SUBSCRIPTION CONTACT:
Please send an e-mail message to mailto:newsletterscmp.com if you need
assistance changing your e-mail address, unsubscribing from this
newsletter, or require additional assistance with your subscription.
Please be sure to include the name of this newsletter in your message.
Missed an issue? You can find all back issues of Security Threat Watch
(as well as Security Alert Consensus and Security Express) online.
http://archives.neohapsis.com/
Note: To better serve you we use dynamic URLs within our advertisments,
which allow us to see how many readers click on a given ad. We do not
share this information, or your personal information, with any outside
party. Concerned about the privacy of your information relative to these
tracking URLs? Please refer to our privacy policy.
http://www.doubleclick.net/us/corporate/privacy
We'd like to know what you think about the newsletter and what
information you'd like to see in future editions. E-mail your comments
to (stwnwc.com).
To unsubscribe from this newsletter, forward this message to
[unsubscribe_stwupdate.networkcomputing.com].
Copyright (c) 2006 Network Computing, a CMP Media LLC publication. All
Rights Reserved. Distributed by Network Computing
(http://www.networkcomputing.com). Powered by Neohapsis Inc., a
Chicago-based security assessment and integration services consulting
group (infoneohapsis.com | http://www.neohapsis.com/).
This message powered by DARTmail
http://www.doubleclick.net/us/corporate/privacy
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]