BearHill - Simplifying Security

Newsroom

Archived News

ATIS Releases CALEA Standard for Broadband Providers
3–2007 ATIS announced today the release of its Standard on Lawfully Authorized Electronic Surveillance (LAES) for Internet Access and Services. The standard supports the ability of Internet access providers and Internet service providers to assist law enforcement agencies in intercepting Internet broadband data – and defines the communication-identifying information and content to be intercepted and reported, as well as the delivery format. Additionally, the standard provides for a “safe harbor” as specified in Section 107 of the Communications Assistance for Law Enforcement Act (CALEA). Source: ATIS

Microsoft Windows ANI header stack buffer overflow
3–2007 An unpatched buffer overflow vulnerability in the way Microsoft Windows handles animated cursor files is actively being exploited. Source: US-CERT

TJX Breach Totaled 45.6M Cards, Has Cost Retailer $5M to Date
3–2007 After more than two months of refusing to reveal the size and scope of its data breach, TJX Companies Inc. is finally offering more details about the extent of the compromise. In filings with the U.S. Securities and Exchange Commission yesterday, the company said 45.6 million credit and debit card numbers were stolen from one of its systems over a period of more than 18 months by an unknown number of intruders. The company has so far spent about $5 million in connection with the breach, although it is hard to say what other costs may be incurred, the company warned. It cited several lawsuits that have been filed against it since the breach was announced. Source: Computerworld

Apple Updates for Multiple Vulnerabilities
3–2007 Apple has released Security Update 2007-003 to correct multiple vulnerabilities affecting Apple Mac OS X and Mac OS X Server. The most serious of these vulnerabilities may allow a remote attacker to execute arbitrary code. Attackers may take advantage of the less serious vulnerabilities to bypass security restrictions or cause a denial of service. Source: US-CERT

Bots Infect More Than 1.2M Computers
3–2007 The number of compromised computers that are part of a centrally controlled bot net has tripled in the past two weeks, according to data gathered by the Shadowserver Foundation, a bot-net takedown group. The weekly tally of bot-infected PCs tracked by the group rose to nearly 1.2 million this week, up from less than 400,000 infected machines two weeks ago. The surge reversed a sudden drop in infected systems--from 500,000 to less than 400,000--last December. Source: SecurityFocus

Updates for QuickTime
3–2007 Apple QuickTime contains multiple vulnerabilities. Exploitation of these vulnerabilities could allow a remote attacker to execute arbitrary code or cause a denial-of-service condition. Source: US-CERT

Sun Solaris Telnet Worm
2–2007 A worm is exploiting a vulnerability (VU#881872) in the Sun Solaris telnet daemon (in.telnetd). Source: US-CERT

Arrests made in Stop & Shop data theft
2–2007 Police in Rhode Island have arrested four people in connection with a recent security breach at Stop & Shop Supermarket Cos. "These arrests stem from an ongoing investigation of the recent theft of credit and debit card account data through illegal tampering of Stop & Shop's electronic card transaction pin pad units," the company said in a statement today. Quincy, Mass.-based retailer Stop & Shop earlier this month said that PIN pads -- the devices customers use to swipe credit and debit cards to pay for purchases -- had been tampered with at six of the company's stores in Rhode Island and Massachusetts. As a result of the tampering, account and PIN numbers associated with some credit and debit cards were stolen in early February, the company said. Source: Computerworld

Sourcefire Snort DCE/RPC Preprocessor Buffer Overflow
2–2007 A stack buffer overflow vulnerability in the Sourcefire Snort DCE/RPC preprocessor could allow an unauthenticated, remote attacker to execute arbitrary code with the privileges of the Snort process. Source: US-CERT

Apple Updates for Multiple Vulnerabilities
2-2007 Apple has released Security Update 2007-002 to correct multiple vulnerabilities affecting Apple Mac OS X, Mac OS X Server, and iChat. The most serious of these vulnerabilities may allow a remote attacker to execute arbitrary code. Attackers may take advantage of the less serious vulnerabilities to bypass security restrictions or cause a denial of service. Source: US-CERT

Microsoft Updates for Multiple Vulnerabilities
2–2007 Microsoft has released updates that address critical vulnerabilities in Microsoft Windows, Internet Explorer, Office, Works, Malware Protection Engine, Visual Studio, and Step-by-Step Interactive Training. Exploitation of these vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service on a vulnerable system. Source: US-CERT

TJX Faces Lawsuit Over Data Breach
1–2007 The fallout over TJX's massive data breach continued Monday, when a West Virginia woman filed a class action lawsuit against the company. She accuses the retailer of negligence for not doing enough to secure customer data and for keeping quiet about the breach for a month. Source: SearchSecurity.com

Cisco IOS is Affected by Multiple Vulnerabilities
1–2007 Several vulnerabilities have been discovered in Cisco's Internet Operating System (IOS). A remote attacker may be able to execute arbitrary code on an affected device, cause an affected device to reload the operating system, or cause other types of denial of service. Source: US-CERT

Sun Updates for Multiple Vulnerabilities in Java
1-2007 The Sun Java Runtime Environment contains multiple vulnerabilities that can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Source: US-CERT

T.J. Maxx hack exposes consumer data
1-2007 Intruders accessed systems used to process and store customer transaction data, Framingham, Mass.-based TJX said in a statement. The retailer has identified some customer information that was taken, but the full extent of the data theft and number of affected customers is yet unknown, it said. Source: CNET News.com

Oracle Releases Patches for Multiple Vulnerabilities
1–2007 Oracle has released patches to address numerous vulnerabilities in different Oracle products. The impacts of these vulnerabilities include remote execution of arbitrary code, information disclosure, and denial of service. Source: US-CERT

MIT Kerberos Vulnerabilities
1–2007 The MIT Kerberos administration daemon contains two vulnerabilities that may allow a remote, unauthenticated attacker to execute arbitrary code. Source: US-CERT

Microsoft Updates for Multiple Vulnerabilities
1-2007 Microsoft has released updates that address critical vulnerabilities in Microsoft Windows, Internet Explorer, Outlook, and Excel. Exploitation of these vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service on a vulnerable system. Source: US-CERT

Apple QuickTime RTSP Buffer Overflow
1-2007 Apple QuickTime contains a buffer overflow in the handling of RTSP URLs. This can allow a remote attacker to execute arbitrary code on a vulnerable system. Source: US-CERT

UCLA: Hacker May Have Accessed 800,000 Students' Personal Data
12-2006 The University of California, Los Angeles alerted about 800,000 current and former students, faculty and staff on Tuesday that their names and certain personal information were exposed after a hacker broke into a campus computer system. Source: Foxnews.com

Mozilla Addresses Multiple Vulnerabilities
12-2006 The Mozilla web browser and derived products contain several vulnerabilities, the most severe of which could allow a remote attacker to execute arbitrary code on an affected system. Source: US-CERT

Microsoft Updates for Multiple Vulnerabilities
12-2006 Microsoft has released updates that address critical vulnerabilities in Microsoft Windows, Visual Studio, Microsoft Outlook Express, Microsoft Media Player, and Microsoft Internet Explorer. Exploitation of these vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service on a vulnerable system. Source: US-CERT

Akamai hacker pleads guilty
12-2006 John Bombard, the Florida man who launched a distributed denial-of-service attack against caching company Akamai Technologies in June 2004, pleaded guilty Wednesday to two counts of intentionally accessing a protected computer without authorization. Source: CNET News.com

Apple Releases Security Update to Address Multiple Vulnerabilities
11-2006 Apple has released Security Update 2006-007 to correct multiple vulnerabilities affecting Mac OS X, Mac OS X Server, Safari web browser. Vulnerabilities in OpenSSL, gzip, and other products are also addressed. The most serious of these vulnerabilities may allow a remote attacker to execute arbitrary code. Attackers may take advantage of the less serious vulnerabilities to bypass security restrictions or cause a denial of service. Source: US-CERT

Microsoft Security Updates for Windows, Internet Explorer, and Adobe Flash
11-2006 Microsoft has released updates that address critical vulnerabilities in Microsoft Windows, Internet Explorer, and Adobe Flash. Exploitation of these vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service on a vulnerable system. Source: US-CERT

Mozilla Updates for Multiple Vulnerabilities
11-2006 The Mozilla web browser and derived products contain several vulnerabilities, the most serious of which could allow a remote attacker to execute arbitrary code on an affected system. Source: US-CERT

Illinois county election site hacked
11-2006 The Chicago Tribune reported that hackers broke into the Web site for the Election Commission in DuPage County, Ill., and made some not-so-nice modifications to the list of voter qualifications. Source: CNET News.com

Oracle Updates for Multiple Vulnerabilities
10-2006 Oracle has released patch to address numerous vulnerabilities in different Oracle products. The impacts of these vulnerabilities include remote execution of arbitrary code, information disclosure, and denial of service. Source: US-CERT

Microsoft Updates for Vulnerabilities in Windows, Office, and Internet Explorer
10-2006 Microsoft has released updates that address critical vulnerabilities in Microsoft Windows, Internet Explorer, and Microsoft Office. Exploitation of these vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service on a vulnerable system. Source: US-CERT

Multiple Vulnerabilities in Apple and Adobe Products
10-2006 Apple has released Security Update 2006-006 and Mac OS X 10.4.8 Update to correct multiple vulnerabilities affecting Mac OS X, OS X Server, Safari, Adobe Flash Player, and other products. The most serious of these vulnerabilities may allow a remote attacker to execute arbitrary code. Impacts of other vulnerabilities include bypass of security restrictions and denial of service. Source: US-CERT

California Man Pleads Guilty to Bot Attack
05-2006 Christopher Maxwell, a Vacaville, Calif., resident, was accused of intentionally damaging a computer he was not authorized to access and using it to commit fraud. Maxwell and a group of co-conspirators created a network of bots, or automated programs, using more than 13,000 commandeered computers, or zombies. Some of the computers affected by Maxwell's efforts included those at Northwest Hospital in Seattle. As the bot network scanned the hospital computers to load adware, network traffic increased to such an extent that it interrupted communications of the hospital's surgical team, diagnostic imaging services and laboratory services, according to the complaint.
Source: CNET News.com

Millions of Blogs Knocked Offline by DDoS Attack
05-2006 About 10 million LiveJournal and TypePad blogs were offline or barely reachable for several hours on Tuesday as the result of a massive denial-of-service attack.
Source: ZDNet

Wells Fargo Warns of Possible Data Theft
05-2006 Wells Fargo, the second-largest U.S. mortgage lender, Friday said a computer containing confidential data about mortgage customers and prospective customers is missing and may have been stolen.
Source: CNET News.com

Oracle Products Contain Multiple Vulnerabilities
04-2006 Oracle products and components are affected by multiple vulnerabilities. The impacts of these vulnerabilities include remote execution of arbitrary code, information disclosure, and denial of service.
Source: US-CERT

Aetna Laptop Stolen Containing with Data on 38,000 Members
04-2006 Health insurer Aetna on Wednesday said a laptop computer containing personal information on about 38,000 of its members was stolen from an employee's car.
Source: ZDNet

Mozilla Products Contain Multiple Vulnerabilities
04-2006 The Mozilla web browser and derived products contain several vulnerabilities, the most serious of which could allow a remote attacker to execute arbitrary code on an affected system.
Source: US-CERT

Microsoft Windows and Internet Explorer Vulnerabilities
04-2006 Microsoft has released updates that address critical vulnerabilities in Microsoft Windows and Internet Explorer. Exploitation of these vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service on a vulnerable system.
Source: US-CERT

Sendmail Race Condition Vulnerability
03-2006 A race condition in Sendmail may allow a remote attacker to execute arbitrary code.
Source: US-CERT

Adobe Macromedia Flash Products Contain Vulnerabilities
03-2006 There are critical vulnerabilities in Macromedia Flash player and related software. Exploitation of these vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service on a vulnerable system.
Source: US-CERT

Microsoft Office and Excel Vulnerabilities
03-2006 Microsoft has released updates that address critical vulnerabilities in Microsoft Office and Excel. Exploitation of these vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service on a vulnerable system.
Source: US-CERT

Apple Mac Products are Affected by Multiple Vulnerabilities
03-2006 Apple has released Security Update 2006-001 to correct multiple vulnerabilities affecting Mac OS X, Mac OS X Server, Safari web browser, and other products. The most serious of these vulnerabilities may allow a remote attacker to execute arbitrary code. Impacts of other vulnerabilities include bypassing security restrictions and denial of service.
Source: US-CERT

Apple Mac OS X Safari Command Execution Vulnerability
02-2006 Apple Safari is a web browser that comes with Apple Mac OS X. The default configuration of Safari allows it to automatically "Open 'safe' files after downloading" Due to this default configuration and inconsistencies in how Safari and OS X determine which files are "safe," Safari may execute arbitrary shell commands as the result of viewing a specially crafted web page.
Source: US-CERT

Microsoft Windows, Windows Media Player, and Internet Explorer Vulnerabilities
02-2006 Microsoft has released updates that address critical vulnerabilities in Windows, Windows Media Player, and Internet Explorer. Exploitation of these vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service on a vulnerable system.
Source: US-CERT

Multiple Vulnerabilities in Mozilla Products
02-2006 Several vulnerabilities exist in the Mozilla web browser and derived products, the most serious of which could allow a remote attacker to execute arbitrary code on an affected system.
Source: US-CERT

Winamp Playlist Buffer Overflow
02-2006 America Online has released Winamp 5.2 to correct a buffer overflow vulnerability. Exploitation of this vulnerability could allow a remote attacker to execute arbitrary code with the privileges of the user.
Source: US-CERT

Oracle Products Contain Multiple Vulnerabilities
01-2006 Oracle products and components are affected by multiple vulnerabilities. The impacts of these vulnerabilities include remote execution of arbitrary code, information disclosure, and denial of service.
Source: US-CERT

Apple QuickTime Vulnerabilities
01-2006 Apple has released QuickTime 7.0.4 to correct multiple vulnerabilities. Exploitation of these vulnerabilities could allow a remote attacker to execute arbitrary code or cause a denial-of-service condition.
Source: US-CERT

Microsoft Windows, Outlook, and Exchange Vulnerabilities
01-2006 Microsoft has released updates that address critical vulnerabilities in Windows, Outlook, and Exchange. Exploitation of these vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service on a vulnerable system
Source: US-CERT

Update for Microsoft Windows Metafile Vulnerability
01-2006 Microsoft Security Bulletin MS06-001 contains an update to fix a vulnerability in the way Microsoft Windows handles images in the Windows Metafile (WMF) format.
Source: US-CERT

Microsoft Windows Metafile Handling Buffer Overflow
12-2005 Microsoft Windows is vulnerable to remote code execution via an error in handling files using the Windows Metafile image format. Exploit code has been publicly posted and used to successfully attack fully-patched Windows XP SP2 systems. However, other versions of the the Windows operating system may be at risk as well.
Source: US-CERT

Microsoft Internet Explorer Vulnerabilities
12-2005 Microsoft has released updates that address critical vulnerabilities in Internet Explorer (IE). A remote, unauthenticated attacker could exploit these vulnerabilities to execute arbitrary code or cause a denial of service on an affected system.
Source: US-CERT