Threat Level: green Handler on Duty: Rob VandenBrink

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Undersea cables out

Published: 2008-12-19
Last Updated: 2008-12-22 16:10:47 UTC
by Joel Esler (Version: 5)
1 comment(s)

We have received reports about 3 Undersea cables being cut in the Mediterranean Sea. 

Internet Traffic Report is noting some significant problems in Asia.  Look here.

Update: Okay, we are now receiving information about some sea cables being cut in the Mediterranean Sea (again), causing issues between Asia and Europe.  Please read this article on Bloomberg.

Apparently the SMW3, SMW4, and FLAG cables are down in the Alexandria, Egypt region. 

Fierce Telecom

Fibersystems.org

TimesofMalta.com

Associated Press

These are all great reports, thanks.

Update 2:  I've only received news about the Mediterranean cuts.  I have not received any information further than the initial article I posted about the Asia/NA cuts, so I am going to pull that article down. (Thanks BillH in the Comments section)

Final Update:  Thanks to several readers that wrote in with this article: here.  "We're working on it!"

-- Joel Esler http://www.joelesler.net

Keywords:
1 comment(s)

Hey, at least they are warning you!

Published: 2008-12-19
Last Updated: 2008-12-19 20:55:34 UTC
by Joel Esler (Version: 1)
0 comment(s)

Received an email from a reader today (thank you Florian!): 

It says that they ordered two "SPF-85H 8-Inch Digital Photo Frames w/1GB Internal Memory" today for Christmas, and promptly received this email shortly after:

--

Greetings from Amazon.com.

We have recently learned that Samsung has issued an alert affecting its SPF-85H 8-Inch Digital Photo Frame. Our records indicate that you have purchased one of the digital photo frames through the Amazon.com website and are therefore affected by this alert.

The alert involves the SPF-85H 8-Inch Digital Photo Frames w/1GB Internal Memory, designed to work with Windows-based PCs via a USB connector. They were sold between October and December 2008 for about $150.

The alert concerns discovery of the W32.Sality.AE worm on the installation disc SAMSUNG FRAME MANAGER XP VERSION 1.08, which is needed for using the SPF-85H as a USB monitor. If you are using Vista or a different version of Frame Manager, this issue does not affect you.

If your anti-virus software displays a Virus Alert after you have installed Samsung Frame Manger 1.08 using the installation CD, please perform the following procedure:

1. Quarantine or delete the W32.Sality.AE worm.

2. Uninstall the current version of Frame Manager 1.08 you installed from the install CD. (Click Start > Settings > Control Panel > Add or Remove Programs. Find and then click Frame Manager in the Add or Remove Programs dialog, and then click Remove.)

3. Download and install the updated version of Frame Manager XP 1.082 from the Samsung Download Center: www.samsung.com/us/support/download/supportDown.do?group=&type=&subtype=&model_nm=SPF-85H&language=&cate_type=all&dType=D&mType=SW&vType=L&prd_ia_cd=05200100&disp_nm=SPF-85H

4. After you install Samsung Frame Manager 1.082, reboot your computer to complete the process.

If these steps do not correct the problem, please call Samsung Service Hotline at 1.800.SAMSUNG (800-726-7864).

If you purchased this item as a gift for someone, please notify the recipient immediately and provide them with the information in the Samsung Alert concerning this issue.

We regret the inconvenience this alert has caused you but trust you will understand that the safety of our customers is our highest priority.

Thanks for shopping at Amazon.com.

Sincerely,

Customer Service
Amazon.com
http://www.amazon.com/

--

Hey, at least they are telling you!

 

-- Joel Esler http://www.joelesler.net

Keywords:
0 comment(s)

All the IE articles, all in one place

Published: 2008-12-19
Last Updated: 2008-12-19 17:22:03 UTC
by Joel Esler (Version: 1)
0 comment(s)

For those of you interested in reading all the IE documents, links, diary entries and such that we have posted over the past few days (weeks?), please see here:

0-day exploit for Internet Explorer in the wild -- Bojan Zdrnja

MSIE 0-day Spreading via SQL Injection -- Johannes Ullrich

The continuing IE sage -- workarounds -- Jim Clausing

Microsoft announces an out of band patch for IE zero day -- Donald Smith

Internet Explorer 960714 is released -- Donald Smith

IE bug being exploited by Word Documents -- Joel Esler

Happy reading!

-- Joel Esler http://www.joelesler.net

Keywords:
0 comment(s)

IE bug being exploited by Word Documents

Published: 2008-12-19
Last Updated: 2008-12-19 17:16:45 UTC
by Joel Esler (Version: 1)
0 comment(s)

We've published several articles over the past few days detailing the latest IE flaw.  However, now one of our readers (thanks roseman) writes in with an article posted over on ComputerWorld.

Turns out that this bug is now being exploited through Word documents.  While this is basically a simple evolution of the exploit method, I imagine that this is only the first or second evolution.  There are more to come I am sure.  We don't have any samples of this malware yet, so if you have any, we'd like a few examples.

-- Joel Esler http://www.joelesler.net

 

Keywords:
0 comment(s)

Firefox 2.0.0.20 released

Published: 2008-12-19
Last Updated: 2008-12-19 16:38:36 UTC
by Joel Esler (Version: 2)
0 comment(s)

Firefox (Mozilla) has just released version 2.0.0.20 in what, is possibly the last update to the 2.x codebase.  If you aren't already on 3.x, I suggest you upgrade.

However, for those of you that are still on Firefox 2.x, I suggest you grab your last meal:  http://www.mozilla.com/en-US/firefox/all-older.html

http://www.mozilla.org/security/announce/2008/mfsa2008-65.html

-- Joel Esler http://www.joelesler.net

Keywords:
0 comment(s)
Diary Archives