Threat Level: green Handler on Duty: Pedro Bueno

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
New version of wireshark is available. More details here http://www.wireshark.org/
Adobe Patch Tuesday Prerelease (Reader/Acrobat) http://www.adobe.com/support/security/bulletins/apsb12-08.html
Microsoft April Patch Tuesday Pre-Announcement (6 Patches): http://technet.microsoft.com/en-us/security/bulletin/ms12-apr

Another OS X Java Patch

Published: 2012-04-06
Last Updated: 2012-04-06 16:33:36 UTC
by Johannes Ullrich (Version: 1)
1 comment(s)

Only a couple days after releasing the critically late Java patch (2012-001), Apple released another Java update. At this point, Apple's site doesn't mention what this new patch fixes, or why it was released. But eventually, you may see details at http://support.apple.com/kb/HT1222 . Too bad that Apple isn't getting its security house in order. It appears that OS X has reached a level of market penetration that would require a company with a meaningful security response capability behind it.

Just a couple of additional pointers for OS X security:

- Sophos is making a free Antivirus product for OS X. I am running it for a few months now without bad side effects. http://www.sophos.com/en-us/products/free-tools/sophos-antivirus-for-mac-home-edition.aspx

- You can try and enable "Gatekeeper" on OS X Lion. This feature will prevent unsigned software from running. This feature will be fully integrated once the next version of OS X (Mountain Lion, OS X 10.8) arrives, but has been included in OS 10.7.3 . To activate it, you need to run: sudo spctl --enable . Expect it to complain about a lot of "normal" software as most OS X software right now is not yet signed. (but you can always allow it to still run). 

Otherwise: Keep good backups... 

------
Johannes B. Ullrich, Ph.D.
SANS Technology Institute
Twitter

Keywords: java os x patch
1 comment(s)

Social Share Privacy

Published: 2012-04-06
Last Updated: 2012-04-06 16:00:29 UTC
by Johannes Ullrich (Version: 1)
0 comment(s)

For quite a while now, we used the "Add This" toolbar to allow readers to quickly share articles with various social networks. As a security site, we talk a lot about the risks of social networks, but we can't ignore them. Our mission is to get the word out about current security issues. Social media are becoming an important tool to assist us with that.

At the same time, we are very aware of the privacy issues. Lucky for us, the german technology website Heise Online came up with a great solution. The "Social Sharing Privacy" toolbar we are using as of today will not leak any data about you to social networks or companies like "Add This" until you explicitly turn on the toolbar. If you would like to share a story via Twitter/Facebook/Google , you will first need to turn on the toolbar (which will load the actual images from the respective sites) and then you are able to "share".

I hope this will not prevent too many of you from sharing our stories to your social media accounts. We will still tweak the toolbar a bit. Please let us know if you see issues with specific browsers (we are usually testing with Safari on OS X, Firefox on Linux and sometimes even with IE on Windows).

Plugins for popular tools like Wordpress are available.

Social sharing privacy source code: http://www.heise.de/extras/socialshareprivacy/
This blog post helped me quite a bit: http://benjamin-steininger.de/2011/12/07/extending-heise-socialshareprivacy-to-pass-a-dynamic-title-to-twitter/

 

 

------
Johannes B. Ullrich, Ph.D.
SANS Technology Institute
Twitter

0 comment(s)
ISC StormCast for Friday, April 6th 2012 http://isc.sans.edu/podcastdetail.html?id=2449
Diary Archives