Computer criminal sentenced to 30 months in prison followed by 3 years of supervised release for renting botnet

Uncategorized
We've spoken many, many times about botnets and the many uses cyber criminals have for them and try to make the discussions as realistic as possible but it's always good to hear an instance where it's happening in 'real life'.  According to this article at the BBC, that's exactly what happened with Joshua Schichtel of Phoenix, Arizona.  Schichtel was convicted of renting his botnet of 72,000 computers for $1,500 to an unnamed buyer.  There's additional information in the article.  Suffice it to say, just because you don't 'do your banking online', that doesn't mean that your computer isn't a target.  Update.  Have good antivirus.  Update.  Don't do stupid things.  Update.  Then, update. "In a brief statement about the case, the US Department of Justice said Schichtel pleaded guilty to one count of…
Read More

September 2012 Patch Tuesday

Uncategorized
September will be a relatively light month overall but the Java vulnerability in Java 7 update 7 has really caused some waves. Microsoft On the Microsoft side, the September Patch Tuesday will be mercifully light, especially after the last two months.  There are two bulletins, one affecting the MS Developer Tools and one affecting Windows Server.  Additional details are available from Microsoft here. Adobe The latest updates from Adobe, as of right now, were released on 31 August.  Additional details are available from Adobe here. Java The big news this month has got to be Java.  We noted in late August that a vulnerability Java 7 update 6 was found and then confirmed that it was being *actively* exploited in the wild.  Oracle has posted Java 7 update 7 but there have been some…
Read More

Android Jelly Bean (v4.1) coming to Galaxy SIII and Note 10.1 ‘very soon’

Uncategorized
My fondness of the Android Operating System is nothing new (note, I do not *dislike* iOS [the Apple one or ios, the Cisco one], I just prefer Android and like the ability to do develoment 'stuff' directly on my phone and share it if I want) and my journey to the Samsung Galaxy SIII is familar to pretty much anyone that's watched our Facebook page for the last year or so (since the Galaxy SIII was announced).  Anyway, the next 'big thing' was just announced, albiet kindof vaguely.  According to this article, Jelly Bean (the latest version of Google's Android Operating System) is coming to the Galaxy SIII and Note 10.1 'very soon'.  There's a list of new features on the What's New page for Android (and there are some…
Read More

Cyber Tech Cafe mail server IP address blacklisted

Uncategorized
At some point yesterday, one of the Cyber Tech Cafe mail server IP Addresses was blacklisted and a large number of emails were rejected by receiving servers.  We have isolated the problem (we believe, more on this below) and have contacted the various blacklists to get de-listed but some email is still being rejected.  We expect that this will continue through the evening and, for some providers, through mid-day tomorrow.  We will continue monitoring this and will post when the issue has been resolved.  In the interim, we will try to keep everyone up-to-date on their tickets via phone and all updates are also posted to the Customer Service Center at http://helpdesk.cybertechcafe.net .   The problem appears to have been a routing glitch that allowed traffic from one of our…
Read More

Critical, ‘highly exploitable’ vulnerability found in JRE (Java Runtime Environment)

Uncategorized
According to this article from F-Secure, a new vulnerability has been found in the Java Runtime Environment and is currently being integrated into several toolkits.  The article is very well written, clear and to the point.  If you have JRE installed but don't need it / aren't using it, remote it.  If you do need it or are using it, at least disable the browser plug-in.   This is a vulnerability in the Java Runtime Environment so an attacker with an appropriate payload could attack Windows, Mac or Linux based machines. At this point, there are some questions as to whether or not Google Chrome is vulnerable but it still would not be a bad idea to disable the plug-in if you have it.
Read More

Critical vulnerability found in Adobe Flash Player (Windows, Mac, Android and Linux)

Uncategorized
On 21 August, Adobe released an update that addressed a critical vulnerability in the Adobe Flash Player.  All users are encouraged to install the update as soon as possible.  The vulnerability affects Flash across all supported platforms (including Android).  Additional details can be found at the link below.   https://www.adobe.com/support/security/bulletins/apsb12-19.html
Read More

Attacks against vulnerabilities patched in August Patch Tuesday already spotted in the wild

Uncategorized
We knew it was coming, but this article from Ars Technica does a good job of reminding folks of the importance of making sure that their updates are installed (and not just saying 'oh, I've got the automatic updates turned on', which isn't the same as making sure that they're installed).  The article points out not just the Microsoft vulnerabilities (about 26 of them) but also touches on the Adobe vulnerabilies and sings the praises of Google Chrome's Flash Player that gets automagically updated.  A good, quick read. Full Story
Read More

Backtrack 5 R3 released

Uncategorized
One of my favorite Linux distributions is Backtrack.  Backtrack is a penetration testing distribution and includes (among a *lot* of other things) the Metasploit framework, which is the tool that we typically use in demos for showing how easily an attacker can breach a network.  Metasploit includes tools to scan for hosts (computers / potential victims), check for vulnerabilities, exploit any available vulnerabilities and install software (viruses, malware, etc.) via those exploited vulnerabilities and then interact with the newly compromised systems (including using those systems to then compromise new systems).  By default, Metasploit is command line only, but Backtrack inlcudes a Graphical User Interface (GUI) that makes the process even easier.  It's tyipcally not a user-friendly tool for new users or those unfamiliar with security but it can be a…
Read More

iPhone 5 pre-orders on 12 September?

Uncategorized
According to iMore.com, we may see iPhone 5 pre-orders as early as 12 September with an official launch 9 days later on 21 September.  Not sure if this is a sure thing or not but, historically, this has been a good source of intel on all things i-whatever. http://www.imore.com/iphone-5-pe-orders-planned-september-12-second-release-wave-first-week-october
Read More