Security Simplified ! - A Kaapagam Technologies IT Security Blog

Ramnit Malware

30. September 2013 10:55 by CA in Malware

The Ramnit worm appeared in 2010. Within a year more than eight million PCs were infected worldwide. Initially the malware was just file infector spread by removable drives. Later it became better known for stealing user data via browser injection, targeting banking or game users.


Ramnit is still prevalent and old domains are regularly updated. Some of the domains have already been “sinkholed” (redirected to communicate only with a controlled server and not with its malicious developers) by other security researchers.


iPhone 5s Fingerprint Reader Hack

24. September 2013 11:06 by CA in Hack

On September 10th Apple announced the new iPhone 5s. With many new upgrades, there was one new additional feature that particularly drew the interest of both the media and consumer. It was the announcement of the new fingerprint biometrics


Apple’s Touch ID® is an easier way for the consumer to activate the feature and secure the contents of the device. As with all security related software, it is just a matter of time before someone breaks the code and designs a work-around. Ten days after the launch, the hacking team known as Computer Chaos Club (CCC) designed a work-around for the new fingerprint security system. The interesting thing is that the process CCC used to compromise the Touch ID security is an update to a well-known technique known in security circles for years.


Microsoft IE Zero Day Flaw Affects All Versions

18. September 2013 11:45 by CA in Hack, Vulnerability

Microsoft is reporting an unpatched vulnerability in all versions of Internet Explorer. All versions of IE, other than those running on Windows Server, are vulnerable. This includes Internet Explorer 11 on Windows 8.1 and RT.


The vulnerability comes from a memory corruption bug which could lead to remote code execution. Microsoft says that they are aware of targeted attacks exploiting this vulnerability on Internet Explorer 8 and 9. Exploits such as these are often version-specific, even if the vulnerability affects multiple versions.


The Fix It solution is available from this link. To apply it, click the Fix It icon above the Fix This Problem link. Applying this solution may limit some functionalities of IE, so if you run into problems after applying this interim patch, you can click the Fix It icon to the right of that “enable” button to reverse the update.


Patch Tuesday : Outlook 2013 Update Problem

12. September 2013 19:59 by CA in Software Updates & Patches

Microsoft pulled back an Office 2013 UI update for Outlook (KB2817630) from the Windows update servers. The update was meant to improve usability of Outlook 2013, but in certain conditions rendered the Navigation pane in Outlook unusable.


The update KB2817630 applies only to Office 2013 and is unrelated to security bulletin MS13-068, which applies only to Microsoft Office 2007 and 2010, and which we continue to recommend as a high priority security update.


PATCH TUESDAY : Patches Patches Patches – Microsoft & Adobe

11. September 2013 19:53 by CA in Software Updates & Patches

Adobe and Microsoft each separately released a raft of updates to fix critical security holes in their software. Adobe pushed patches to plug holes in Adobe Acrobat/Reader and its Flash and Shockwave media players. Microsoft released 13 patch bundles to fix at least 47 security vulnerabilities in Windows, Office, Internet Explorer and Sharepoint.


Microsoft Patch Details

Four of the 13 bulletins Microsoft released today earned the company’s “critical” rating, meaning that on balance they address vulnerabilities that can be exploited by miscreants or malware to break into vulnerable systems without any help from users. 

For enterprises and those who need to prioritize the installation of updates, Microsoft recommends installing the Outlook, Internet Explorer and SharePoint Server fixes as soon as possible. The Sharepoint update addresses some ten vulnerabilities, including one that Microsoft says was publicly disclosed prior to today’s patch batch.