Cyber Arms Intelligence Report for August 9th
A lot of different things going on this week. A couple of days ago, an unpatched kernel-level vulnerability that affects every current version of Windows was revealed. According to the report, “The bug resides in the “CreateDIBPalette()” function of a device driver known as “Win32k.sys.” It is exploited by pasting a large number of color values into an improperly allocated buffer, potentially allowing attackers to sneak in malicious payloads.
I will probably stop posting so many vulnerability warnings, unless it is a major one. There are just to many to keep up with. According to an article on InfoSec Island, there are New Vulnerabilities Discovered Twice per Second. Also, according to an article on Net-Security.org Anti-Virus is currently catching only about 19% of Malware attacks.
In other news, very interesting conference going on at CISCO this week. The 2010 CISCO Networking Academy Conference is being held in Santa Barbara. Topics include computer forensics, Cisco Packet Tracer, and IPv6 training.
Some other top stories from around the web:
U.S. Challenged By Global Cybersecurity
In a report published in July but released this week, the Government Accountability Office (GAO) said because of the number of federal organizations involved in shaping cybersecurity policy and processes, the United States has hurdles to overcome to present a united front to the world on the issue…
Securing a U.N. Climate Convention (Case Study)
StrikeForce began work months before the December 2009 conference, providing security assessment and testing of the entire cyber and physical environment in which the U.N. conference would take place.
India recruiting hackers for elite cyber offensive
India, one of the fastest growing technology economies in the world along with China, is taking a leaf out of the latter’s book by getting together top IT workers and “ethical hackers” from across the country to form an elite “cyber army”.
Seven myths about zero day vulnerabilities debunked
Another month, another zero day flaw has been reported, with malicious attackers logically taking advantage of the window of opportunity, by launching malware serving attacks using it. With vendor X putting millions of users in a “stay tuned mode” for weeks, sometimes even longer, the myths and speculations surrounding the actual applicability of zero day flaws within the cybercrime ecosystem, continue increasing.
And, last but not least:
Questions and Answers on the JailbreakMe Vulnerability
Q: What is this all about?
A: It’s about a site called jailbreakme.com that enables you to Jailbreak your iPhones and iPads just by visiting the site.
Q: So what’s the problem?
A: The problem is that the site uses a zero-day vulnerability to execute code on the device.
Q: So this is an iPhone problem?
A: No, it’s an iOS problem. Which means it affects iPhones, iPads and iPods.
Q: iPods too?
A: Yes, iPod Touch is affected. That’s the iPod that looks like an iPhone.
Q: Which versions of iPhones, iPads and iPod touches are affected?
A: All of them.
Q: So this affects all iPhone users in the whole world?