Internet Explorer steals the Patch Tuesday spotlight again

It’s hard to imagine that we are already three-fourths of the way through 2014—at least as measured by Microsoft Patch Tuesdays. Today, Microsoft released four new security bulletins, but only one of them is Critical. Guess which one?

Yes. Internet Explorer. Once again Microsoft’s web browser takes center stage as the most crucial of the Patch Tuesday security bulletins. Microsoft resolved a grand total of 42 separate vulnerabilities this month, but 37 of those 42 are addressed in MS14-052—the cumulative update for Internet Explorer. One of the flaws fixed by MS14-052 is publicly known and actively under attack in the wild, which is why this security bulletin is Critical.

“The bulletin fixes zero day vulnerability CVE-2013-7331, which can be used to leak information about the targeted machine,” says Qualys CTO Wolfgang Kandek in a blog post. “CVE-2013-7331 allows attackers to determine remotely through a webpage the existence of local pathnames, UNC share pathnames, intranet hostnames, and intranet IP addresses by examining error codes. This capability has been used in the wild by malware to check if anti-malware products or Microsoft’s Enhanced Mitigation Toolkit (EMET) is installed on the target system and allows the malware to adapt its exploitation strategy.”

Read more »


The game is not yet over for Gameover Zeus botnet

If you've ever watched a horror movie, you know the trope where the hero seemingly kills the monster, but as soon as he turns his back to walk away the monster regains consciousness and attacks again with renewed vigor. According to the latest report from F-Secure, that's the sort of scenario we might be looking at with the Gameover Zeus botnet.

Gameover Zeus, or GOZ, is a massive botnet that was effectively knocked out of commission through a concerted multinational effort dubbed “Operation Tovar” involving the U.S. Department of Justice, law enforcement, foreign government agencies, and private security companies. The botnet was the driving force behind CryptoLocker ransomware, which encrypts all the data on the compromised system and demands a ransom payment from the user to purchase the decryption key.

But according to Sean Sullivan, security advisor for F-Secure Labs, All Operation Tovar did was cut off the head of the botnet. The takedown took out the command-and-control structure, but compromised machines remain compromised, and the broader threat is still out there.

Read more »


Citrix ShareConnect extends the power of your PC to your tablet

In an ideal world, a tablet would be an extension of the PC—a device that is more portable, yet still enables users to continue work done while on the go. Tablets like the iPad and Samsung Galaxy Tab do work in that capacity to an extent, but not seamlessly. Citrix is changing things, though, with the launch of Citrix ShareConnect, which it calls a remote access innovation that extends the promise of mobile workspaces on any device.

How does Citrix plan to achieve that goal? Citrix ShareConnect enables users to access and edit files stored on their desktop PCs, or run processor-intensive or industry-specific desktop applications directly from an iPad or Android tablet.

With ShareConnect, users don’t have to figure out how to save or sync files or find compatible alternatives to get work done. Users can simply use the applications and data they always use and pick up where they left off as they switch from desktop to tablet and back again.

Read more »


Report: Businesses at risk from unreported mobile device theft

Part of a company embracing mobile devices is ensuring tools are in place to remotely wipe sensitive data from a smartphone or tablet if it is lost or stolen. A new study from Kaspersky Lab identifies an obvious and concerning fact, though—those tools offer little value if the missing device isn’t reported.

Kaspersky Lab surveyed nearly 4,000 IT professionals regarding mobile device security concerns. The results illustrate the challenges facing IT managers and an apparent disregard among users for securing mobile devices or protecting business data.

When a smartphone or tablet is lost or stolen, every minute counts. If the device wasn't locked at the time of its loss or theft, whoever is in possession of it may still be able to access the applications and data it contains. IT personnel can only take steps to lock down the device and erase sensitive data if they know the device has been compromised in the first place.

Read more »


Don’t blame iCloud yet for hacked celebrity nudes

Over the Labor Day weekend, hackers leaked nude images of a number of celebrities including "Hunger Games" star Jennifer Lawrence. The images appear to have been acquired from Apple’s iCloud. So, iCloud is obviously insecure and everyone should stop using it—right?

Let's just cool our jets. Yes, iCloud appears to have played a role in at least some of the hacked nude celebrity images, but details are still too sketchy to start connecting dots that indict the entire Apple cloud storage service.

Apple has issued a statement confirming that certain celebrity iCloud accounts were compromised but notes, "None of the cases we have investigated has resulted from any breach in any of Apple's systems including iCloud or Find my iPhone. We are continuing to work with law enforcement to help identify the criminals involved."

Read more »