Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
Phishing preys on mobile devices; latest patches and vulnerabilities
From: Security Threat Watch Newsletter (NetworkComputingupdate.networkcomputing.com)
Date: Mon Sep 11 2006 - 13:00:48 CDT
Security Threat Watch
Tuesday, September 11, 2006
Created for you by Network Computing & Neohapsis
Phishing has reared its ugly head again, this time in the mobile device
arena. "Security gurus at McAfee say they're seeing an uptick of
phishing attempts via SMS--a phenomenon that McAfee has dubbed
'SmiShing.'" According to the report, unsuspecting cell users might get
a text message warning them that they've signed up for a bogus
subscription service (such as online dating) and that they must follow a
URL to opt out. Once at the site, users are instructed to download a
malicious program that could steal personal data, turn their PCs into
malware-spewing zombies or worse. Once part of a zombie network, a PC
can be used to launch DoS attacks or send spam messages.
It was only a matter of time before phishing became more sophisticated
and evolved to attack mobile devices. Although most people would
instantly identify such messages as fraud, attackers prey on
unsuspecting users' fear of incurring premium rates on their cell phone
bills. Fear is a strong motivator, and phishing will be around as long
as it is still fruitful.
SmiShing can pose a threat to enterprise networks and present a serious
challenge to data security. As smartphones and other handheld mobile
devices such as BlackBerries become increasingly popular and more
prevalent in enterprise environments, it would be prudent for
enterprises to be proactive and educate their employees about the
potential risk. It also would be wise for IT departments to treat mobile
devices with the same security precautions as they do laptops and PCs.
The best advice to protect mobile devices from SmiShing is to be
cautious and aware that unsolicited SMS messages may contain URLs that
are malicious in nature.
AT&T last week said in a press release, "unauthorized persons illegally
hacked into a computer system and accessed personal data." The security
breach was only the first step in a more elaborate scam that
incorporated phishing messages sent in an attempt to trick AT&T
customers into revealing their social security numbers. The incident
demonstrates that thieves are branching out, and although they had some
customer data, they used a deceptive phishing scam to get the additional
information used in identity theft.
Until next issue,
- The Neohapsis Security Threat Watch Team
This issue sponsored by EC-Council’s CEH Certification.
Certified Ethical Hacker is the most practical security certification you
can give your staff. Hire a Certified Ethical Hacker, or send your staff to
earn the certification.
For a free copy of “The 7 Habits of a Highly Malicious Hacker” visit:
--- TechCareers: The Job Hunt And Age Discrimination
By Rusty DAversa, TechCareers.com
Fighting discrimination is all about proving your value to the hiring
manager, says a career expert.
Listen to Network Computing's editors talk about today's most pressing
enterprise challenges with some of the IT industry's leading experts.
Tune in as we cover topics including security, collaboration,
convergence and more.
--- New Vulnerabilities
Below is a list of new vulnerabilities announced this week.
Vulnerabilities considered to be 'critical' involve highly-deployed
software, or carry a high-risk of system compromise. Note that
vulnerabilities not highlighted may still be of critical severity
to your environment.
**** Highlighted critical vulnerabilities ****
Microsoft Word: remote code execution
**** Newly announced vulnerabilities this week ****
AOL ICQ Pro 2003b: remote overflow
Alt-N WebAdmin 3.2.5: privilege escalation
AnywhereUSB/5 1.80.00: client remote DoS by rogue server
AuditWizard 6.3.2: password disclosure
Easy Address Book Web Server 1.2: remote DoS
IBM Lotus Notes 6.5.4: remote overflow
Ipswitch Collaboration Suite: SMTP server stack overflow
Microsoft Word: remote code execution
Cisco IOS 12.2: GRE decapsulation vulnerability
AckerTodo 4.0: XSS
AlstraSoft Template: remote PHP file inclusion
AnnonceV 1.1: remote PHP file inclusion
Annuaire 1Two 2.2: SQL tampering
Autentificator 2.01: SQL tampering
BLOG:CMS 4.1: SQL tampering
BinGoPHP News 3.01: remote PHP file inclusion
DokuWiki 2006-03-09: remote PHP file inclusion
Dyn CMS 6: remote PHP file inclusion
FlashChat 4.5.7: remote PHP file inclusion
GrapAgenda 0.1: remote PHP file inclusion
ICQ Toolbar 1.3: multiple vulnerabilities
MKPortal M1.1: XSS
MyBace Light: remote PHP file inclusion
PHPFusion 6.01.4: SQL tampering
PHPopenchat 3.0: remote PHP file inclusion
Revista 1.1.2: multiple vulnerabilities
RunCMS 1.4.1: SQL tampering
SL_Site 1.0: remote PHP file inclusion
SMF 1.1: SQL tampering
SQL-Ledger 2.6.17: multiple vulnerabilities
SSLinks 1.22: SQL tampering
Shadow Prmod 2.7.1: remote PHP file inclusion
SoftBB 0.1: multiple vulnerabilities
Tr Forum 2.0: multiple vulnerabilities
VBZooM 1.x: XSS
WM-News 0.5: remote PHP file inclusion
Wordpress 2.0.5: multiple vulnerabilities
ZIXForum 1.12: SQL tampering
e107 0.7.5: SQL tampering
in-link 2.3.4: remote PHP file inclusion
PDAapps Verichat 1.30bh: local password exposure
Shape Services IM+ v3.10: local password exposure
Web Dictate 1.02: privilege escalation
--- Patches and Updates
The following contains a list of vendor patches and updates released
Debian > DSA 1159-2: Mozilla Thunderbird
Debian > DSA 1166-1: cheesetraceker
Debian > DSA 1167-1: Apache
Debian > DSA 1168-1: ImageMagick
Debian > DSA 1169-1: MySQL 4.1
Debian > DSA 1170-1: fastjar
Debian > DSA 1171-1: ethereal
Gentoo > GLSA 200509-09: Py2Play
Gentoo > GLSA200609-01: Streamripper
Gentoo > GLSA200609-02: GTetrinet
Gentoo > GLSA200609-03: OpenTTD
Gentoo > GLSA200609-04: LibXfont
Gentoo > GLSA200609-05: OpenSSL
Mandriva > MDKSA-2006:161: OpenSSL
Mandriva > MDKSA-2006:162: PHP
SUSE > SUSE-SA:2006:051: Apache2
SUSE > SUSE-SR:2006:022: numerous packages
SuSE > SUSE-SA:2006:050: ImageMagick
Ubuntu > USN-338-1: MySQL
Ubuntu > USN-339-1: OpenSSL
Ubuntu > USN-340-1: ImageMagick
Ubuntu > USN-341-1: libxfont
Ubuntu > USN-342-1: PHP
rPath > rPSA-2006-0163-1: OpenSSL
FreeBSD > FreeBSD-SA-06:19: OpenSSL
FreeBSD > FreeBSD-SA-06:20: bind
OpenPKG > OpenPKG-SA-2006.018: OpenSSL
OpenPKG > OpenPKG-SA-2006.019: bind
Network Computing is coming to a city near you!
You're invited to our Data Center Expert Series
November 28 - Washington DC, December 1 - Atlanta, GA
December 5 - Los Angeles, CA, December 7 - Dallas, TX
Seating is limited.
REGISTER NOW FOR COMPLIMENTARY REGISTRATION:
--- Sign Off
If this e-mail was passed to you, and you would like to begin receiving
our free security e-mail newsletter on a weekly basis, we invite you to
subscribe today by forwarding this message to [subscribe_stwupdate.networkcomputing.com].
Or you can subscribe directly here:
To manage all aspects of your subscription and newsletter account,
simply use the URL below. You'll need your e-mail address and
password to log in. If you don't have your password, you can generate
a new one using the same URL. Once logged in, you can change your
e-mail address and password as well as select specific platforms for
which you'd like to receive information on patches and vulnerabilities.
If you have any questions regarding this system, please don't hesitate
to e-mail us at stwnwc.com.
Put Us On Your White List
Don't let an over-eager e-mail filter bounce the Network Computing
Security Threat Watch newsletter! Our address:
needs to be in your address book or on your anti-spam white list. Ask your
admin or ISP how to do this, or check your anti-spam utility documentation.
Important subscription contacts:
CMP Media LLC
600 Community Drive
Manhasset, NY 11030
Unsubscribe to Network Computing's newsletters.
Sign up for your own issue of this newsletter.
Subscribe to Network Computing's newsletters.
Still not receiving your own FREE subscription to Network Computing
ADDITIONAL SUBSCRIPTION CONTACT:
Please send an e-mail message to mailto:newsletterscmp.com if you need
assistance changing your e-mail address, unsubscribing from this
newsletter, or require additional assistance with your subscription.
Please be sure to include the name of this newsletter in your message.
Missed an issue? You can find all back issues of Security Threat Watch
(as well as Security Alert Consensus and Security Express) online.
Note: To better serve you we use dynamic URLs within our advertisments,
which allow us to see how many readers click on a given ad. We do not
share this information, or your personal information, with any outside
party. Concerned about the privacy of your information relative to these
We'd like to know what you think about the newsletter and what
information you'd like to see in future editions. E-mail your comments
To unsubscribe from this newsletter, forward this message to
Copyright (c) 2006 Network Computing, a CMP Media LLC publication. All
Rights Reserved. Distributed by Network Computing
(http://www.networkcomputing.com). Powered by Neohapsis Inc., a
Chicago-based security assessment and integration services consulting
group (infoneohapsis.com | http://www.neohapsis.com/).
This message powered by DARTmail