Security Simplified ! - A Kaapagam Technologies IT Security Blog

Cisco fixes vulnerabilities on its Web, email, content security appliances

28. June 2013 10:01 by CA in Software Updates & Patches

Cisco has released patches for its networking appliance users and customers in order to address a number of security flaws that could allow hackers to remotely execute commands or disrupt critical processes.

 

The vulnerabilities affected the underlying Cisco IronPort AsyncOS software for a number of the company's different appliances, including Cisco's Web Security Appliance, Email Security Appliance, and its Content Security Management Appliance.

More...

It’s time to Update : Apple's OS X and Safari

6. June 2013 12:49 by CA in IT Security, Software Updates & Patches

Apple has published updates for all supported versions of OS X, namely Mountain Lion (10.8), Lion (10.7) and Snow Leopard (10.6).

 

The operating system part of this update fixes numerous holes in eleven distinct parts of OS X. This includes patches for security vulnerabilities in components that are themselves responsible for security. Affected components include Directory Services (remote code execution), OpenSSL (information disclosure) and SMB (information disclosure).

More...

Mactans – A Malicious Charger that can infect iPhones

4. June 2013 14:45 by CA in Hack, IT Security

Scientists Billy Lau, Yeongjin Jang and Chengyu Song have invented a dangerous new “malicious charger” called Mactans, capable of infecting iPhones with any malware they choose under one minute

 

The Team will debut their evil plug at the Black Hat USA conference, which starts at the end of July. Describing their discovery, the team said: "Apple iOS devices are considered by many to be more secure than other mobile offerings. In evaluating this belief, we investigated the extent to which security threats were considered when performing everyday activities such as charging a device. The results were alarming.

 More...

Microsoft EMET (Enhanced Mitigation Experience Toolkit) 4.0 – Making Life Difficult for Hackers

2. June 2013 17:47 by CA in IT Security

EMET is a toolkit provided by Microsoft to configure security controls on Windows systems making it more difficult for attackers to successfully launch exploits.

 

EMET doesn't take the place of antivirus or patch management, but it does provide an important set of safeguards against not only existing exploits, but also against future 0-day exploits which have yet to be developed or released. Even the best signature-based antivirus programs don't do a good job at protecting from 0-days.

 

EMET allows administrators to exercise fine-grained control over Windows' built-in security features in Windows 7 and higher, including: 

 

 More...

Mimikatz - Steal Windows Credentials in Clear text

1. June 2013 17:30 by CA in Hack, IT Security

In a recent update, the Metasploit framework added a very interesting tool called mimikatz to its massive tool repository. The tool enables you to steal Windows credentials - The key feature of this tool is that it steals the credentials in clear text instead of just the password hashes.


If you do any research on the Windows authentication process you will quickly find out that Windows does not store a clear text version of your password. Windows only stores a hashed version of your password. Mimikats collects the credentials from the WDigest dll. The HTTP digest authentication and Simple Authentication Security Layer (SASL) authentication modules use the WDigest dll. Both of these authentication modules require the user's plain text password. Mimikatz takes advantage of this and is able to extract the credentials in clear text.
More...

Drupal Hacked, Millions of accounts exposed

1. June 2013 14:05 by CA in IT Security

Hackers are believed to have compromised the accounts of millions of users operating or developing the Drupal open-source content management system (CMS).

The Drupal Association says an individual or group has gained unauthorised access to the accounts on its Drupal.org and groups.drupal.org sites. Information exposed includes user names, email addresses, country information and hashed passwords.

Websites running the Drupal CMS, however, are not believed to be affected, Drupal Association executive director Holly Ross said. More...

Hackers inject Malware backdoor in Apache webservers

1. May 2013 16:02 by CA in Malware

According to researchers at security firms ESET and Sucuri, A new threat is targeting Apache webservers. (Apache is the most widely-used webserver in the world). The threat is a highly advanced and stealthy backdoor being used to drive traffic to malicious websites carrying Blackhole exploit packs. Researchers have named the backdoor Linux/Cdorked.A, and have described it as the most sophisticated Apache backdoor to date.

 

“The Linux/Cdorked.A backdoor does not leave traces on the hard-disk other than a modified httpd file, the daemon (or service) used by Apache. All information related to the backdoor is stored in shared memory on the server, making detection difficult and hampering analysis” said Pierre-Marc Bureau, ESET security intelligence program manager.

 More...