New version of wireshark is available. More details here http://www.wireshark.org/
Adobe Patch Tuesday Prerelease (Reader/Acrobat) http://www.adobe.com/support/security/bulletins/apsb12-08.html
Microsoft April Patch Tuesday Pre-Announcement (6 Patches): http://technet.microsoft.com/en-us/security/bulletin/ms12-apr

Another OS X Java Patch

Published: 2012-04-06
Last Updated: 2012-04-06 16:33:36 UTC
by Johannes Ullrich (Version: 1)
1 comment(s)

Only a couple days after releasing the critically late Java patch (2012-001), Apple released another Java update. At this point, Apple's site doesn't mention what this new patch fixes, or why it was released. But eventually, you may see details at http://support.apple.com/kb/HT1222 . Too bad that Apple isn't getting its security house in order. It appears that OS X has reached a level of market penetration that would require a company with a meaningful security response capability behind it.

Just a couple of additional pointers for OS X security:

- Sophos is making a free Antivirus product for OS X. I am running it for a few months now without bad side effects. http://www.sophos.com/en-us/products/free-tools/sophos-antivirus-for-mac-home-edition.aspx

- You can try and enable "Gatekeeper" on OS X Lion. This feature will prevent unsigned software from running. This feature will be fully integrated once the next version of OS X (Mountain Lion, OS X 10.8) arrives, but has been included in OS 10.7.3 . To activate it, you need to run: sudo spctl --enable . Expect it to complain about a lot of "normal" software as most OS X software right now is not yet signed. (but you can always allow it to still run). 

Otherwise: Keep good backups... 

------
Johannes B. Ullrich, Ph.D.
SANS Technology Institute
Twitter

Keywords: java os x patch
1 comment(s)

Social Share Privacy

Published: 2012-04-06
Last Updated: 2012-04-06 16:00:29 UTC
by Johannes Ullrich (Version: 1)
0 comment(s)

For quite a while now, we used the "Add This" toolbar to allow readers to quickly share articles with various social networks. As a security site, we talk a lot about the risks of social networks, but we can't ignore them. Our mission is to get the word out about current security issues. Social media are becoming an important tool to assist us with that.

At the same time, we are very aware of the privacy issues. Lucky for us, the german technology website Heise Online came up with a great solution. The "Social Sharing Privacy" toolbar we are using as of today will not leak any data about you to social networks or companies like "Add This" until you explicitly turn on the toolbar. If you would like to share a story via Twitter/Facebook/Google , you will first need to turn on the toolbar (which will load the actual images from the respective sites) and then you are able to "share".

I hope this will not prevent too many of you from sharing our stories to your social media accounts. We will still tweak the toolbar a bit. Please let us know if you see issues with specific browsers (we are usually testing with Safari on OS X, Firefox on Linux and sometimes even with IE on Windows).

Plugins for popular tools like Wordpress are available.

Social sharing privacy source code: http://www.heise.de/extras/socialshareprivacy/
This blog post helped me quite a bit: http://benjamin-steininger.de/2011/12/07/extending-heise-socialshareprivacy-to-pass-a-dynamic-title-to-twitter/

 

 

------
Johannes B. Ullrich, Ph.D.
SANS Technology Institute
Twitter

0 comment(s)
ISC StormCast for Friday, April 6th 2012 http://isc.sans.edu/podcastdetail.html?id=2449

Comments

What's this all about ..?
password reveal .
<a hreaf="https://technolytical.com/">the social network</a> is described as follows because they respect your privacy and keep your data secure:

<a hreaf="https://technolytical.com/">the social network</a> is described as follows because they respect your privacy and keep your data secure. The social networks are not interested in collecting data about you. They don't care about what you're doing, or what you like. They don't want to know who you talk to, or where you go.

<a hreaf="https://technolytical.com/">the social network</a> is not interested in collecting data about you. They don't care about what you're doing, or what you like. They don't want to know who you talk to, or where you go. The social networks only collect the minimum amount of information required for the service that they provide. Your personal information is kept private, and is never shared with other companies without your permission
https://thehomestore.com.pk/
<a hreaf="https://defineprogramming.com/the-public-bathroom-near-me-find-nearest-public-toilet/"> public bathroom near me</a>
<a hreaf="https://defineprogramming.com/the-public-bathroom-near-me-find-nearest-public-toilet/"> nearest public toilet to me</a>
<a hreaf="https://defineprogramming.com/the-public-bathroom-near-me-find-nearest-public-toilet/"> public bathroom near me</a>
<a hreaf="https://defineprogramming.com/the-public-bathroom-near-me-find-nearest-public-toilet/"> public bathroom near me</a>
<a hreaf="https://defineprogramming.com/the-public-bathroom-near-me-find-nearest-public-toilet/"> nearest public toilet to me</a>
<a hreaf="https://defineprogramming.com/the-public-bathroom-near-me-find-nearest-public-toilet/"> public bathroom near me</a>
https://defineprogramming.com/
https://defineprogramming.com/
Enter comment here... a fake TeamViewer page, and that page led to a different type of malware. This week's infection involved a downloaded JavaScript (.js) file that led to Microsoft Installer packages (.msi files) containing other script that used free or open source programs.
distribute malware. Even if the URL listed on the ad shows a legitimate website, subsequent ad traffic can easily lead to a fake page. Different types of malware are distributed in this manner. I've seen IcedID (Bokbot), Gozi/ISFB, and various information stealers distributed through fake software websites that were provided through Google ad traffic. I submitted malicious files from this example to VirusTotal and found a low rate of detection, with some files not showing as malware at all. Additionally, domains associated with this infection frequently change. That might make it hard to detect.
https://clickercounter.org/
Enter corthrthmment here...

Diary Archives