Threat Level: green Handler on Duty: Manuel Pelaez

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

You encrypt your laptops, but what about portable media?

Published: 2013-01-12
Last Updated: 2013-01-12 17:41:01 UTC
by Stephen Hall (Version: 1)
3 comment(s)

As a data loss control many organisations now ensure that laptops are mitigated by installing full disk encryption or by having a partition / area of disk which is encrypted.

However, laptops are not the only way to pick up and carry out of your organisation the data which you are meant to be protecting. Various products also address this space of the toolset to mitigate data loss risk.

Walter has e-mailed in with the heads up that various Canadian news media are highlighting a report that a portable disk containing 583,000 Canadians who were clients of the Canada Student Loans program from 2000 to 2006 has been lost. If you were lucky enough to borrow money through this program but you were from Quebec, Nunavut and the Northwest you were lucky this time. The data lost includes:

  • Student names, social insurance numbers, dates of birth, contact information and loan balance of Canada Student Loan borrowers.
  • Personal contact information for 250 Human Resources and Skills Development Canada(HRSDC)employees.

So when doing the risk assessment of your organisations data loss mitigation please consider the end to end lifecycle of the data and how that data can move to and from your staff members hands. That can also include portable media which, if allowed at all through a technology or physical security control, should be access controlled and any data be encrypted when data is allowed to be written to it.

Steve

Keywords: DLP
3 comment(s)

Oracle Patch Tuesday Pre-Release

Published: 2013-01-12
Last Updated: 2013-01-12 17:19:30 UTC
by Stephen Hall (Version: 1)
1 comment(s)

Oracle has published the pre-release information for this coming Tuesday's Oracle Patch Tuesday.

Of special note this months is Oracle's CVSS2 scoring of a 10.0 for Mobile Server of Oracle Database Mobile/Lite Server.

A large number of products are patched this month including:

  • Oracle Database 11g Release 2, versions 11.2.0.2, 11.2.0.3
  • Oracle Database 11g Release 1, version 11.1.0.7
  • Oracle Database 10g Release 2, versions 10.2.0.3, 10.2.0.4, 10.2.0.5
  • Oracle Database Mobile Server, version 11.1.0.0
  • Oracle Database Lite Server, version 10.3.0.3
  • Oracle Access Manager/Webgate, versions 10.1.4.3.0, 11.1.1.5.0, 11.1.2.0.0
  • Oracle GoldenGate Veridata, version 3.0.0.11.0
  • Management Pack for Oracle GoldenGate, version 11.1.1.1.0
  • Oracle Outside In Technology, version 8.3.7, 8.4
  • Oracle WebLogic Server, versions 9.2.4, 10.0.2, 10.3.5, 10.3.6, 12.1.1
  • Application Performance Management versions 6.5, 11.1, 12.1.0.2
  • Enterprise Manager Grid Control 11g Release 1, version 11.1.0.1
  • Enterprise Manager Grid Control 10g Release 1, version 10.2.0.5
  • Enterprise Manager Plugin for Database 12c Release 1, versions 12.1.0.1, 12.1.0.2
  • Oracle E-Business Suite Release 12, versions 12.0.6, 12.1.1, 12.1.2, 12.1.3
  • Oracle E-Business Suite Release 11i, version 11.5.10.2
  • Oracle Agile PLM Framework, version 9.3.1.1
  • Oracle PeopleSoft HRMS, versions 9.0, 9.1
  • Oracle PeopleSoft PeopleTools, versions 8.51, 8.52
  • Oracle JD Edwards EnterpriseOne Tools, versions 8.9, 9.1, SP24
  • Oracle Siebel CRM, versions 8.1.1, 8.2.2
  • Oracle Sun Product Suite
  • Oracle VM Virtual Box, versions 4.0, 4.1, 4.2
  • Oracle MySQL Server, versions 5.1.66 and earlier, 5.5.28 and earlier

Steve

Keywords: Oracle
1 comment(s)

Java 0-day impact to Java 6 (and beyond?)

Published: 2013-01-12
Last Updated: 2013-01-12 14:09:45 UTC
by Stephen Hall (Version: 1)
9 comment(s)

The ISC has covered Java recently a number of times with Johannes's commentary and the January 2013 OUCH! heads-up by Adam of the issues with Java 7 update 10 and the current 0-day doing the rounds.

However, the guys over at Immunity have released their analysis (PDF) of the MBeanInstantiator.findClass 0-day. Other than the excellent review of the 0-day they comment that:

"This vulnerability affects JDK 6 (at least from update 10 and greater) up to the latest JDK 7 update 10. The comments in the source code state that these classes MBeanInstantiator and JmxMBeanServer are available since JDK 5, but we did not check versions before JDK 6 update 10. "

So, this tells us that if you are using JDK 6 this 0-day likely now includes you as a potential target, and maybe even if you have systems with JDK 5 installed.

Let's hope Oracle patching this one soon, and if the article is correct, completely this time.

Steve

Keywords: 0 Day Java
9 comment(s)
Diary Archives