Sign up for our Technology Newsletter 
Cisco Warns Of Bug In Virtual App
Cisco has warned of a default Secure Shell vulnerability in three of its virtual applications.
The flaw could allow attackers to decrypt traffic exchanged in the services, and has been detailed in a Cisco security advisory.
It affects Cisco’s Web Security Virtual Appliance (SMAv), Email Security Virtual Appliance and Security Management Virtual Appliance, which are already commercially available.
Cisco said that it “is not aware of any public announcements or malicious use of the vulnerabilities”, but warned that attackers who got hold of the private keys could decrypt communications with a man-in-the-middle attack.
The default private encryption keys were preinstalled on all three of the products, a move which is considered bad security practice.
“Successfully exploiting this vulnerability on Cisco SMAv allows an attacker to decrypt communication toward SMAv, impersonate SMAv, and send altered data to a configured content appliance,” the advisory said.
“An attacker can exploit this vulnerability on a communication link toward any content security appliance that was ever managed by any SMAv.”
Cisco has released a patch which deletes the preinstalled SSH keys and explains how customers can correct the problem.
The Cisco-sa-20150625-ironport SSH Keys Vulnerability Fix comes as part of several product upgrades, and must be manually installed from a command line interface.
Cisco’s advisory said that the patch is not required for physical hardware appliances, or for virtual appliance downloads or upgrades after 25 June.
Cisco revealed details of a new point of sale attack earlier this year that could part firms from money and customers from personal data.
The threat, called PoSeidon by the Cisco team, came at a time when eyes were on security breaches at firms like Target.
Cisco said in a blog post that PoSeidon is a threat that has the ability to breach machines and scrape them for credit card information.
Yet Another Retailer System Hacked
Women’s clothing retailer Bebe Stores has become the latest in a growing list of national retailers to be hit by an attack on its credit card payment system.
The company said Friday that the cardholder name, account number, expiration date, and verification code could have been stolen by hackers who apparently had access to the company’s payment processing system between Nov. 8 and 26.
The incident came to light in late November when Bebe said it noticed suspicious activity on computers that operate the payment processing system. Stores affected were the roughly 200 it operates in the U.S., Puerto Rico and the U.S. Virgin Islands.
“If you used a payment card at a U.S., Puerto Rico or U.S. Virgin Islands store during this time frame, you should review your account statements for any unauthorized activity,” it said in a message to customers.
The last couple of years have been bad ones for the safety of credit card data at major U.S. retailers. Millions of credit and debit card numbers have been compromised in breaches at retailers, including Target, Home Depot, PF Chang’s restaurants, Super Valu grocery stores, Neiman Marcus, UPS Store and others.
In many cases, the attacks were targeted at payment processing terminals and used sophisticated malware that stole card details as consumers swiped their cards. Many of the thefts were only discovered after the card numbers appeared for sale on Internet hacking forums.
Such was the case with Bebe Stores. First news of the hack came earlier this week through the closely followed Krebs on Security blog.
1 In 5 U.S. PCs Have No Antivirus Protection
Comments Off on 1 In 5 U.S. PCs Have No Antivirus Protection
Nearly a fifth of Windows PCs in the U.S. lack any active security protection, an antivirus vendor stated on Wednesday, citing numbers from a year-long project.
“The scale of this is unprecedented,” argued Gary Davis, the director of global consumer product marketing for McAfee, talking about the scope of his company’s sampling of PC security.
McAfee took measurements from scans of more than 280 million PCs over the last 12 months, and found that 19.3% of all U.S. Windows computers browsed the Web sans security software. Owners of those systems downloaded and used McAfee’s free Security Scan Plus, a tool that checks for antivirus programs and enabled firewalls.
Globally, the average rate was 17%, putting the U.S. in the top 5 most-unprotected countries of the 24 represented in the scans.
Of the unprotected PCs in the U.S., 63% had no security software at all, while the remaining 37% had an AV program that was no longer active. The latter were likely trial versions of commercial antivirus software that had expired.
Antivirus trials are a fact of life in the Windows world. Most new machines come with security software that runs for a limited time. Some new Dell PCs, for example, come with a 30-day trial of McAfee’s Security Center program.
VoIP Ideal Platform For Controlling Botnets
Comments Off on VoIP Ideal Platform For Controlling Botnets
Botnets and their masters can communicate with one other by calling into the same VoIP conference call and exchanging data using touch tones, researchers demonstrated at Defcon.
This gives the botmasters — whose top goals include remaining anonymous — the ability to issue orders from random payphones and disposable cellular phones, say researchers Itzik Kotler and Iftach Ian Amit of security and risk-assessment firm Security Art.
Using phones and the public phone networks eliminates one of the prime tools bot fighters have: taking down the domains of botnets’ command and control servers, the researchers say. If the botmaster isn’t using a command and control server, it can’t be taken down.
In fact, the botmaster can communicate with the zombie machines that make up the botnet without using the Internet at all if the zombies are within a corporate network. So even if a victim company’s VoIP network is segregated from the data network, there is still a connection to the outside world.
In addition to its stealth, the VoIP tactic employs technology that readily pierces corporate firewalls and uses only traffic that is difficult for data loss prevention software to peer into. The traffic is streamed audio, so data loss prevention scanners can’t recognize patterns of data they are supposed to filter, the researchers say.
The downsides of VoIP as a command channel are that it severely limits the number of zombie machines that can be contacted at once, and the rate at which stolen data can be sent out of a corporate network is limited by the phone system. But Kotler and Amit say the connections are plenty big to send commands in.
During their demo at the conference, the pair had an Asterisk open source IP PBX stand in as the corporate PBX. A virtual machine representing a zombie computer on a corporate network called via TCP/IP through the PBX and into a corporate conference call. A BlackBerry, representing the botmaster dialed in over the public phone network to the same conference call.
TI Chip Goes 1080p On Android Devices
Texas Instruments on Tuesday said its OMAP chip had been certified to unlock full 1080p movies from Netflix for Google’s Android 2.3 based devices, which includes smartphones and tablets.
TI’s on-chip security feature, called M-Shield, will be able to decode 1080p high-definition movie streaming from Netflix, stated Fred Cohen, director of the OMAP user experience team at TI. A security layer unlocks the encoded video, which can then be viewed on smartphones and tablets or TV sets connected through an HDMI (high-definition multimedia interface) port.
The purpose of having this technology is to provide end-to-end security for protected video content, Cohen said. Movie studios are making more high-definition 1080p content available and are adamant about protecting their product, which are considered premium content.
The on-chip feature minimizes the ability to copy content, as it is easy to take control of a rooted Android device, Cohen said. It’s easy for users to access memory where the stream is temporarily stored, and then write the movie to another device.
“You have to protect those devices,” Cohen said. “We have implemented a firewall.”
TI’s security technology is to provide a security layer so devices get access to high-definition movies, Cohen said.
Netflix provides different levels of security certification depending on features such as the video quality and resolution, Cohen said. Netflix did not return a request for comment on whether it was streaming 1080p video content to mobile devices, or whether chip makers required certification to unlock secure 1080p content.
Benefits of Cloud Computing
In a nutshell Cloud Computing is the process of having on-demand hosted computing services provided outside your own network environment through a vendor’s Public or Private Data Center. Cloud Computing can be broken into three distinct categories. They are SaaS (Software as a Service), IaaS (Infrastructure as a Service), and PaaS (Platform as a Service).
Even though the concepts of Cloud Computing have been around for years, it still remains in its infancy. However, its adoption rate has been rather explosive lately, due in part to its seamlessness and ease of information integration.Cloud Computing has many benefits for medium and small businesses by way of collaboration and Productivity. For instance users will have the ability to work on the same projects in real-time from any location whether it’s the office, at home or an overseas location, at any time. The office never closes.
Another reason Cloud Computing has become so enticing is businesses can cut expenses on hardware and IT staffing to support the very same services as if they were on-site (Break/Fix issues are resolved by the vendor and the customer is never aware since services are redundant). Security is also enhanced because leading vendors adhere to higher levels of security features that are cost prohibitive to most medium and small businesses. In these days of high profile data breaches added security is must have.
Businesses should also consider their IT teams will not have a steep learning curve adapting to Cloud based services, since most user environment applications are similar in design to those they are accustomed to using today. Another added convenience is that Cloud Computing rids businesses of the old and costly software licensing requirement for every application/user. Cloud Computing allows the business to buy services on a time/usage metric.
If your business is looking to stay agile and save money, Cloud Computing may be the right direction to move.