Tuesday, February 26, 2013

Adobe Patches Flash Again to Protect FireFox Users Against Malware Attacks

Adobe Flash PlayerAdobe has released yet another emergency patch for Flash Player to fix three vulnerabilities, two of which cybercriminals are actively exploiting in attacks that target Firefox users.

The attacks are designed to trick users into clicking links pointing to a website rigged with malicious Flash (SWF) content. Adobe warns that the two vulnerabilities exploited in these attacks, CVE-2013-0643 (permissions issue with Flash Player Firefox sandbox) & CVE-2013-0648 (bug in ExternalInterface ActionScript feature) could allow an attacker to crash and take control of the affected system.

The third vulnerability, CVE-2013-0504 (buffer overflow) isn’t listed as a vulnerability actively being used in attacks, but it “can be used to execute malicious code.”

Naturally, Adobe recommends that users update their Flash Player to the latest version, regardless of their operating system or browser of choice.

Affected Flash Player Versions


Users can check what version of Flash Player they have installed by right-clicking on content running in Flash Player and selecting the 'About Adobe Flash Player' from the menu, or by visiting the About Flash Player page.

  • Adobe Flash Player 11.6.602.168 and earlier versions for Windows

  • Adobe Flash Player 11.6.602.167 and earlier versions for Macintosh

  • Adobe Flash Player 11.2.202.270  and earlier versions for Linux


New Flash Player Versions


Users can visit the Flash Player Download Center to download the latest version.

After updating their system, users should be running the following version of Flash Player:

  • Adobe Flash Player 11.6.602.171 (Windows & Mac)

  • Adobe Flash Player 11.2.202.273 (Linux)


[via Adobe Security Bulletin]

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet,  “Like” us on Facebook or add us to your circle on Google+

Monday, February 25, 2013

Researchers Find 0-Day Vulnerabilities in Java 7 Update 15

The Dangers of Java 7Security Exploration researchers have discovered a new set of 0-day vulnerabilities affecting Java 7 Update 15 and earlier.

An update posted on the Security Explorations website states that the company has notified Oracle of the vulnerabilities (referred to as issues 54 and 55), including proof-of-concept code for the company to review. Oracle confirmed successfully receiving the report and is now investigating the matter.

Hopefully Oracle will move to patch the bugs quickly since they can be used to completely bypass the Java security sandbox.

Adam Gowdiak, CEO of Security Explorations told Softpedia, “Both new issues are specific to Java SE 7 only. They allow abuse [of] the Reflection API in a particularly interesting way. Without going into further details, everything indicates that the ball is in Oracle's court. Again. “

Considering that cybercriminals recently used Java vulnerabilities in the watering hole attack that resulted in malware being installed on computers belonging to Facebook, Apple, Microsoft, and other companies, it may be wise for users to consider:

It's better to be safe than sorry.

Do you still have Java installed on your system?

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet,  “Like” us on Facebook or add us to your circle on Google+

Friday, February 22, 2013

Small Number of Microsoft Corp Computers Also Infected with Malware

Microsoft logoAlright, so you know how Facebook and Apple recently discovered that malware had silently been installed on some employees' computers after visiting the compromised iPhoneDevSDK website?

Well, it appears that Microsoft also experienced a “similar security intrusion,” which lead to a small number of computers, including some in their Mac business unit, being infected with malware using “techniques similar to those documented by other organizations.”

Microsoft says the investigation is ongoing, but so far there’s no evidence of customer data being affected by the attack.

[via Microsoft Security Response Center]

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet,  “Like” us on Facebook or add us to your circle on Google+

Buy of the Week: 15.6" HP EliteBook 8570p for $839!

HP Elitebook 8570pThe HP EliteBook 8570p blends modern design and precision engineering, yielding a beautiful product with a platinum color finish. The business rugged design means this laptop can withstand the rigors of business travel. Don't squint. Clearly see work documents, spreadsheets and graphics on the 15.6-inch diagonal HD display.

Featuring Intel Core i5 processor with vPro technology that help reduce IT maintenance costs by enabling remote configuration, diagnosis, isolation and repair of infected PCs. When your workload ramps up, your PC keeps up with added processor performance, thanks to Intel Turbo Boost technology.

Until March 1st, 2013, you can order a  HP EliteBook 8570p from Hyphenet for only $839 + shipping!

Specifications for HP EliteBook 8570p

































































MFR# C6Z57UT#ABA
Product TypeNotebook
Display15.6" LED backlight
HD anti-glare 1366 x 768 / HD
ProcessorIntel Core i5 (3rd Gen) 3210M
2.5 GHz (3.1 GHz  / 3 MB Cache
RAM4 GB DDR3
Hard Drive500 GB HDD (7200 RPM)
Optical DriveDVD SuperMulti
Graphics ControllerIntel HD Graphics 4000
CameraIntegrated webcam (0.92 megapixel)
AudioStereo speakers,
stereo microphone
Networking802.11n, Bluetooth 4.0 EDR,
Gigabit Ethernet , Fax / Modem
Operating SystemWindows 7 Pro (64-bit)
SecurityTrusted Platform Module (TPM 1.2) Security Chip,
fingerprint reader, SmartCard reader
Environmental StandardsENERGY STAR Qualified,
EPEAT Gold
Warranty1 year HP warranty

Call (619) 325-0990 to order a HP EliteBook 8570p today!


Buy of the Week offer valid through March 1st, 2013.

Note: Shipping and taxes apply.

Looking for something else? Check out our monthly deals or contact us to get a quote on the product you're searching for.

NBC Website Safe to Visit Again, Said to Have Been Infected for 24hrs

NBC.com HomeNBC.com appears to be cleared of the malicious code performing drive-by-download attacks on unsuspecting visitors, but users should still make sure their antivirus programs are up-to-date and web filtering is enabled.

A NBC Universal spokeswoman told Reuters late Thursday that “a problem was identified and has been fixed,” but didn’t offer any details on what exactly happened.

The NBC spokeswoman did say that no NBC.com account information had been compromised, but could not confirm whether any users had been infected as a result of the hacking.

Although there have been reports that the site was compromised for only a few hours, antivirus firm ESET began receiving reports that the site had been infected as early as February 20th at 17:00 CET (8:00 AM PST).

There was a long period of inactivity until 12:00 PM CET on February 21st (3:00AM PST), which is when reports started flooding in. The cause of the gap is unclear, but it’s possible that the malicious iframe could have been pointing to a dead link.

The malicious iframes loaded compromised third-party websites housing the RedKit and Styx exploit kits, which would attempt to exploit Java and PDF vulnerabilities to drop a variety of malware.

ESET identified one of the dropped payloads as Win32/TrojanDownloader.Vespula.AY, a Trojan that downloads additional malware and another as Trojan.JS/Exploit.Agent.NCX. The Citadel banking Trojan & ZeroAccess were said to be some of the other pieces of malware dropped in the attack as well.

ESET users that attempted to visit NBC.com during the attack would be denied access by the antivirus to prevent infection. This block has since been lifted from the main NBC website since it has been cleaned up, but ESET warns that several other related sites may still be infected.

Keep Your PC Safe When Surfing the Web


As you can see, you don’t have to visit a “shady” website in order to have your PC infected with malware. Help keep your computer safe while surfing the web by:

  • Always running antivirus/anti-malware software and keep the virus definitions current. (And pay attention to blocked site warnings!)

  • Keeping your operating system and installed third-party software fully patched and up-to-date.

  • Removing or disabling Java browser plugins if they're not needed - Java vulnerabilities are often targeted in cyberattacks.

  • Exercising caution when clicking shortened or suspicious links and always do a little research before following them.

  • Not downloading or openings  files from unknown or untrusted websites (or emails, for that matter).


Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet,  “Like” us on Facebook or add us to your circle on Google+

Thursday, February 21, 2013

NBC Website Hacked & Dishing Out Malware to Visitors

NBCUpdate: NBC Website Safe to Visit Again, Said to Have Been Infected for 24hrs

Scan your computer if you went to NBC.com today, and be sure to avoid the NBC website until the coast is clear.

Hackers managed to inject malicious iframes into the NBC website, exposing visitors to third-party websites hosting Java and PDF exploits that drop malware if successfully executed.

The exploits are actively being served and cybercriminals have been continuously swapping out the malicious URLs, according to Hitman Pro blog.

Hitman Pro identified the malware being dropped as Citadel (which is a version of Zeus) & ZeroAccess, both of which have fairly low detection rates. Here are the MD5 hashes & VirusTotal results for the samples collected:

Being that NBC.com has been hacked and is actively serving exploits, users are strongly advised to avoid visiting the website.

Pass the word to your family & friends!

Update: NBC Website Safe to Visit Again, Said to Have Been Infected for 24hrs

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet,  “Like” us on Facebook or add us to your circle on Google+

So, the McDonald’s “African-American Tax” Hoax is Back

McDonaldsSome of you may have already seen it (depending on how gullible your Facebook friends are), but judging from the recent warning from Sophos, it appears as if the McDonald’s “Black Tax” hoax is back.

If you see the image below, don’t fret: McDonald’s isn’t charging African-American customers an extra $1.50 per transaction “as an insurance measure due to a recent string of robberies.”

It’s not true, it’s just a 4chan prank gone wrong.

McDonald's Black Tax Hoax Image



PLEASE NOTE:
As an insurance measure due in part to a recent string of robberies, African-American customers are now required to pay an additional fee of $1.50 per transaction.

Thank you for your cooperation,
McDonald’s Corporation
(800) 225-5532

History of McDonald’s “Black Tax” Hoax


According to Gawker, the hoax image originated from 4chan ~2007, was posted on McServed.com in June of 2010 and somehow went viral in June of 2011.

Of course this created a field day for McDonald’s PR team as Twitter users retweeted the picture & shared their thoughts in 140 characters or less. McDonald’s took to its social media accounts to reassure everyone it was a fake image, but some people just weren’t buying it.

Still, the phone number listed on the phony flyer should be a hint – it’s actually the customer satisfaction line for KFC!

If you see anyone sharing this image, be sure to clue them in on what’s going on, and try not to spread the hoax any further.

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet,  “Like” us on Facebook or add us to your circle on Google+

Wednesday, February 20, 2013

Adobe Patches 0-Day Flaws in PDF Reader & Acrobat

Adobe Reader PatchAdobe has released an emergency patch to fix two critical vulnerabilities in Adobe Reader & Acrobat 9.5.3, X and XI that cybercriminals are actively exploiting in targeted attacks.

The vulnerabilities in question, CVE-2013-0640CVE-2013-0641 are the same ones that FireEye researchers spotted early last week.

Users are advised to update Adobe Reader and Acrobat as soon as possible due to the ongoing attacks. The exploit discovered by FireEye is the first to bypass the built-in sandbox security feature in Reader and Acrobat.

How to Update Adobe Reader


To update Adobe Reader, users can:

  • Use the program’s built-in update mechanism, which is set to run automatic update checks on a regular schedule by default.

  • Check for updates manually by going to Help -> Check for Updates…

  • Manually download and apply the update:



How to Update Adobe Acrobat


To update Adobe Reader, users can:

  • Use the program’s built-in update mechanism, which is set to run automatic update checks on a regular schedule by default.

  • Check for updates manually by going to Help -> Check for Updates…

  • Manually download and apply the update:

    • Windows (Acrobat Standard, Pro & Pro Extended Users)

    • Mac OS X (Acrobat Pro)




Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet,  “Like” us on Facebook or add us to your circle on Google+

Apple Issues Java Patch & Malware Removal Tool Following Malware Attack

Apple Java UpdateGo ahead and take a moment to check for software updates on your Mac if you haven’t done so already.

Apple did as promised yesterday and released a Java security update & malware removal tool after finding that their own company computers fell victim to a Java-based drive-by-download attack.

According to the security advisory, the update addresses a slew of Java vulnerabilities in Java 1.6.0_37, “the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox.” Users applying the patch will be updated to Java version 1.6.0_41.

Also included in the update is a malware removal tool that Apple says will remove the most common variants of malware: “If malware is found, it presents a dialog notifying the user that malware was removed. There is no indication to the user if malware is not found. This update is available for systems that installed Java 6.”

As previously stated, the update can be applied by selecting 'Software Update' on your Mac's menu bar or fetched from Apple Downloads and applied manually:

Have you updated your Mac yet?

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet,  “Like” us on Facebook or add us to your circle on Google+

Tuesday, February 19, 2013

iPhone Developer Forum Linked to Facebook, Apple Malware Attacks

Warning!If you’re like me, you’ve probably been wondering what websites Facebook and Apple employees were surfing prior to the discovery of malware in their company machines.

How else could the rest of us do our best to avoid the same fate? [On that note, do not visit the website I am about to mention as it could still be infected. It is being disclosed as a warning.]

As it turns out, sources close to the Facebook hacking investigation revealed to AllThingsD that iPhoneDevSDK[dot]com, an iPhone developer forum frequented by iOS development teams of we-known companies, was the website likely used to conduct drive-by-download attacks against Facebook and Apple employees.

The malicious code embedded on the iPhoneDevSDK website exploited a zero-day vulnerability within Oracle’s Java browser plugin in order to plant malware on the machines of Facebook (& possibly Apple) employees.

This type of attack is commonly referred to as a “watering hole” attack. Instead of pursuing victims using poisoned emails, attackers inject malicious code into a website frequented by their targeted demographic. In this case, the targeted demographic happened to be the mobile developers for various companies, including Facebook.

That being said, if you or someone you know has recently visited iPhoneDevSDK, you may want to check if Java is installed on your system. If you do, there's a good chance your system has been compromised. Now would be a good time to check out Apple's security patch related to this attack, as they bundled a malware removal tool with it.

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet,  “Like” us on Facebook or add us to your circle on Google+

Apple's Computers Infected with Malware Thanks to Java-based Exploit

Zero-day Java ExploitApparently Apple made a bad decision to skip over their own machines when they blocked Java browser plugins on OS X systems last month.

Reuters reports that the fruit-themed company admitted that malware managed to infect a handful of company computers after employees visited a website for software developers that had been compromised.

The website in question was housing an exploit that took advantage of a zero-day Java browser plugin vulnerability in order to drop malware on OS X systems.

The vulnerability appears to be the same one used in recent attacks against Facebook and hundreds of other companies, including defense contractors.

Apple says that they have isolated the infected machines from their network and that there is no evidence that any data has been stolen. The company is working with law enforcement to determine the source of the malware.

Apple machines have been shipped Java-free since OS X Lion, and Apple has taken many steps to protect users from Java-based attacks. The company says it plans on releasing a tool later on today that Mac users can use to detect and remove the malware used in this recent attack.

Do you have Java installed on your computer?

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet,  “Like” us on Facebook or add us to your circle on Google+

Friday, February 15, 2013

Buy of the Week: Intel Desktop Board DH77EB for $99!

Intel Desktop Board DH77EB - Media SeriesThe board is featured with DVI-I, HDMI and DisplayPort connectors and supports dual independent display for processors with Intel HD Graphics. The Intel Desktop Board DH77EB supports Intel HD Graphics with the Lucidlogix Virtu Universal software, which combines best-in-class media processing features of the Intel Core processors with the 3D gaming performance of graphics add-in cards.

Until Februrary 22nd, 2013, you can order a Intel Desktop Board DH77EB from Hyphenet for only $99, plus shipping!

Specifications for Intel Desktop Board DH77EB





























































MFR# BOXDH77EB
Product TypeMotherboard - micro ATX
Chipset TypeIntel H77 Express
Processor Socket1 x LGA1155 Socket
Compatible ProcessorsCore i5, Core i3, Core i7
Max RAM Size 32 GB
RAM Supported4 DIMM slots - DDR3 , non-ECC
Storage Ports2 x SATA-600 (RAID),
3 x SATA-300 (RAID),
1 x eSATA-300
USB / FireWire Ports 2 x USB 3.0
+ 4 x USB 2.0
+ ( 2 x USB 3.0 + 6 x USB 2.0 via headers )
AudioHD Audio (10-channel)
LAN Gigabit Ethernet
Microsoft Certification Compatible with Windows 7
Environmental Standards ENERGY STAR Qualified
Warranty 3 years warranty

Call (619) 325-0990 to order a Intel Desktop Board DH77EB today!


Buy of the Week offer valid through February 22nd, 2013.

Note: Shipping and taxes apply.

Looking for something else? Check out our monthly deals or contact us to get a quote on the product you're searching for.

Thursday, February 14, 2013

Security Bug in iOS 6.1 Allows Lockscreen Bypass

iOS 6If you’re protective over the information stored in your iPhone, you may want to keep a closer eye on it, especially if you’re running iOS 6.1 and expect the lockscreen to keep prying eyes out.

Somehow, someway a YouTube user named videodesbarraquito found a way to bypass the lockscreen on an iPhone 5 running iOS 6.0.1, 6.0.2, or 6.1 and gain access to contacts, call history, photos (by trying to add a photo to a contact), and the phone app to make calls.

All it takes to slip past the lockscreen is a systematic sequence of emergency phone call making (and quickly cancelling), power button pushing and voilĂ ! You’re in.

How someone would possibly figure that out is beyond me, although I guess it's not all that farfetched since iOS 4.1 suffered from a similar bug a few years back.

The folks over at The Verge couldn’t resist temptation, tested the routine on a pair of UK iPhone 5s running iOS 6.1 and found that it actually worked. The Verge reached out to Apple for a comment, but no word back yet.

Update: A spokesperson for Apple told AllThingsD, "Apple takes user security very seriously. We are aware of this issue, and will deliver a fix in a future software update."

Better keep a closer eye on your iPhone until then.

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet,  “Like” us on Facebook or add us to your circle on Google+

Adobe Confirms 0-Days in PDF Reader & Acrobat, Says Patch in the Works

Adobe AcrobatAdobe has confirmed the existence of two critical vulnerabilities (CVE-2013-0640, CVE-2013-0641) in Adobe Reader and Acrobat that are actively being exploited in targeted attacks.

FireEye researchers first spotted the exploit earlier this week, and revealed attacks involved a malicious PDF disguised as an international travel visa application that would drop 2 DLLs onto the target system upon successful execution.

Although these attacks appear to target Windows users, Adobe’s security advisory notes that the vulnerabilities affect Adobe Reader & Acrobat for other operating systems:

  • Adobe Reader XI (11.0.01 and earlier) for Windows and Macintosh

  • Adobe Reader X (10.1.5 and earlier) for Windows and Macintosh

  • Adobe Reader 9.5.3 and earlier 9.x versions for Windows, Macintosh and Linux

  • Adobe Acrobat XI (11.0.01 and earlier) for Windows and Macintosh

  • Adobe Acrobat X (10.1.5 and earlier) for Windows and Macintosh

  • Adobe Acrobat 9.5.3 and earlier 9.x versions for Windows and Macintosh


Protect Yourself


Adobe is currently working on a patch to fix the security holes, and advises users to enable Protected View in the meantime:

  • Menu -> Edit

  • Selecting Preferences

  • Clicking Security (Enhanced)

  • Pick “Files from potentially unsafe locations”


Adobe also advised enterprise administrators that they can protect Windows users across their organization by enabling Protected View in the registry and propagating that setting via GPO or any other method. (More information on that here.)

Aside from that, try not to open any suspicious PDF files sent from untrusted sources (for instance, an unsolicited email).

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet,  “Like” us on Facebook or add us to your circle on Google+

Jawbone Intructs MyTALK Users to Reset Passwords Following Hack

JawboneIf you were wondering whether or not that email from Jawbone stating that your MyTALK account password was disabled following a security breach was legitimate, it is.

Hackers recently broke into Jawbone’s systems and stole “limited user information,” entailing names, email addresses and encrypted password, from an undisclosed number of MyTALK accounts.

Jawbone was able to stop the attack after “several hours” and reset the passwords for all accounts believed to be compromised by the attack. There has been no evidence that the lifted information was used to access the affected accounts.

Either way, owners of affected MyTALK accounts will have to change their account password. It would also be a good idea to update any other site accounts that share the same password. Situations like these are the reason why it’s never a good idea to use the same password for multiple accounts.

For the record, here’s a copy of the email being sent to MyTALK users:
Hello [name],

We are writing to inform you of an important security matter. We recently learned that login information for your Jawbone MyTALK account was compromised by an isolated attack on our system.

In the course of this attack, limited user information related to your MyTALK account—specifically your name, email address, and an encrypted version of your password (not the actual letters and numbers in your password)—was compromised. We took immediate action to protect your login information. Based on our investigation to date, we do not believe there has been any unauthorized use of login information or unauthorized access to information in your account.

To help protect your account, we have disabled your old MyTALK password and you can no longer use it. Please reset your MyTALK password by following the instructions below. To help ensure that your information remains safe, we recommend that you do not choose the same password that you use to log in anywhere else, and change your password on other sites where your old MyTALK password is used.

Steps to reset your password:

Copy and paste this URL into your web browser: https://jawbone.com/user/reset

Type in your email address and click the Reset Password button

You will receive an email with instructions to complete the password reset

We sincerely apologize for any inconvenience this may have caused. The security of your personal information is a top priority for us. We take security very seriously and will continue to take steps to keep your account information safe.

If you need help resetting your password, please contact Customer Support by emailing support@jawbone.com.

Sincerely,

Jawbone

[via Engadget]

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet,  “Like” us on Facebook or add us to your circle on Google+

Wednesday, February 13, 2013

New Adobe PDF Reader & Acrobat 0-Day Exploit Spotted

Adobe Acrobat PDFFireEye is warning users not to open PDF files sent from unknown/untrusted sources following the discovery of a a new zero-day vulnerability that’s actively being exploited in-the-wild.

The attack begins with a booby-trapped PDF - which may be masquerading as an application for an international travel visa -that drops 2 DLL files on the target machine should the exploit code be executed successfully.

“The first DLL shows a fake error message and opens a decoy PDF document, which is usually common in targeted attacks “ FireEye researchers explain in a Tuesday blog post, "The second DLL in turn drops the callback component, which talks to a remote domain. "

Zheng Bu, Senior Director of Security Research at FireEye told Threatpost that this exploit is the first to bypass the sandbox in Adobe Reader X and higher.

FireEye notified Adobe of the bug, and has agreed to avoid posting technical details of the zero-day until further notice. FireEye was able to successfully execute this attack in Adobe Reader 9.5.3, 10.1.5 and 11.0.1.

Adobe is currently investigating the bug and will release an update once they have more information.

Until then, be sure that you do not open PDF files from unknown or untrusted sources.

Update: Adobe has confirmed the vulnerabilities discovered by FireEye & promises to release a patch soon.

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet,  “Like” us on Facebook or add us to your circle on Google+

Friday, February 8, 2013

Buy of the Week: SonicWALL TZ 105 Wireless-N Security Appliance for $377!

This offer expired on 2/15/2013.

SonicWALL TZ 105 Wireless-N Security ApplianceThe Dell SonicWALL TZ 105 is the secure Unified Threat Management (UTM) firewall available for small offices, home offices and small retail deployments.

Until Februrary 15th, 2013, you can order a SonicWALL TZ 105 Wireless-N Security Appliance from Hyphenet for only $377, plus shipping!

Specifications for SonicWALL TZ 105 Wireless-N Security Appliance

















































MFR# 01-SSC-6944
Device TypeSecurity appliance
Enclosure TypeExternal
RAM (Installed)256 MB
Flash Memory Installed32 MB
Data Link ProtocolEthernet, Fast Ethernet,
IEEE 802.11b, IEEE 802.11g,
IEEE 802.11n
Network / Transport ProtocolTCP/IP, PPTP, UDP/IP,
L2TP, ICMP/IP, IPSec, PPPoE, DHCP
Remote Management ProtocolSNMP 2, HTTP, HTTPS, CLI
PerformanceStateful throughput : 200 Mbps
Gateway anti-virus throughput : 40 Mbps
IPS throughput : 60 Mbps
Unified Threat Management (UTM) throughput : 25 Mbps
VPN throughput (3DES/AES) : 75 Mbps
Connection rate : 1000 connections per second
CapacityConnection / user qty : 8000
SSL VPN peers : 1
Nodes : unlimited
DPI connections : 8000
Authenticated users (internal database) : 150
Maximum number of access points : 1
VoIP ProtocolsSIP, H.323 v3, H.323 v4,
H.323 v1, H.323 v2, H.323 v5

Call (619) 325-0990 to order a SonicWALL TZ 105 Wireless-N Security Appliance today!


Buy of the Week offer valid through February 15th, 2012.

Note: Shipping and taxes apply.

Looking for something else? Check out our monthly deals or contact us to get a quote on the product you're searching for.
This offer expired on 2/15/2013.

Adobe Updates Flash Player to Fix Vulnerabilities Used in Ongoing Attacks

Adobe Flash PlayerIt’s time to update Adobe Flash Player!

Adobe released an emergency patch for Adobe Flash Player to address two vulnerabilities (CVE-2013-0633 & CVE-2013-0634) that are actively being exploited by cybercriminals to spread malware.

Attacks using the CVE-2013-0633 vulnerability involve tricking Windows users into opening a booby-trapped Word document (.doc) containing malicious Flash (SWF) content. The malicious Word documents arrive as an email attachment.

The second vulnerability, CVE-2013-0634 is being exploited in drive-by-download attacks using malicious Flash content and pose a threat to both Windows & Mac OS X users.

Adobe recommends that Linux and Android users update their software even though Windows & OS X are the only ones that appear to be targeted in the ongoing attacks.

Affected Flash Player versions, according to Adobe’s security advisory:

  • Adobe Flash Player 11.5.502.146 and earlier versions for Windows and Macintosh

  • Adobe Flash Player 11.2.202.261 and earlier versions for Linux

  • Adobe Flash Player 11.1.115.36 and earlier versions for Android 4.x

  • Adobe Flash Player 11.1.111.31 and earlier versions for Android 3.x and 2.x


Not Sure What Version of Flash Player You Have?


Users that are unsure of what version they’re running can find out by:

  • Visiting the About Flash Player page on Adobe’s website.

  • Right-clicking on content running in Flash Player & select “About Adobe (or Macromedia) Flash Player” from the menu.


Be sure to check the version in each web browser installed on your system; just remember that Google Chrome & IE10 will be updated automatically!

How to Update Adobe Flash Player


To update their installation of Adobe Flash Player, users can:

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet,  “Like” us on Facebook or add us to your circle on Google+

Microsoft & Symantec Knock Bamital Botnet Offline, Notify Users of Infection

Microsoft Digital Crimes Unit & SymantecThe control servers of the Bamital botnet were taken offline on Wednesday as a result of a joint effort between the Microsoft Digital Crimes Unit & Symantec,  Richard Boscovich, Assistant General Counsel of Microsoft Digital Crimes Unit, reported on the Official Microsoft Blog.

The Bamital botnet was used to hijack search results in order to redirect users to malicious sites that would steal personal information, conduct drive-by-downloads, or commit click fraud.

One thing that sets this particular botnet takedown apart from the rest is that Microsoft & Symantec are proactively notifying Bamital victims that their computers are infected and offer help on how to remove the malware.

This is great news since Boscovich wrote that more than eight million computers are said to have been attacked by Bamital malware in the last 2 years.

Official Microsoft Webpage Shown to Users with Bamital-Infected Computers


So if you see the following page when attempting to do an online search, don’t ignore it! The page is legitimate, and your PC will need to be cleansed of Bamital malware:

Offical Page Notifying Users of Bamital InfectionsScreenshot Credit: Microsoft



Didn’t expect this page?

You were likely trying to conduct a web search before you got to this page, however your computer is believed to be infected with malware known as bamital, which interferes with web search. Please read and follow the instructions on this page to resolve the issue.

Why am I here?

You have reached this website because your computer is very likely to be infected by malware that redirects the results of your search queries. You will receive this notification until you remove the malware from your computer.

The official page goes on to offer two free malware removal tools by Microsoft & Symantec, both of which are capable of detecting and removing Bamital malware:

The dismantling of the Bamital botnet (aka Operation b58) marks the 6th botnet takedown operation completed by Microsoft under Project MARS (Microsoft Active Response for Security), and the second done in cooperation with Symantec.

Keep up the good work, guys!

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet,  “Like” us on Facebook or add us to your circle on Google+

Thursday, February 7, 2013

Malware is Everywhere [INFOGRAPHIC]

We all know that malware lurks around every corner, waiting for us to visit a booby-trapped website or open that zip file attached to an unsolicited email.

Cybercriminals across the globe have been busy creating and tweaking their malware creations, which they then unleash on unsuspecting users to do anything from steal sensitive data to demand ransom fees to partake in click fraud - and more.

What’s an internet user to do?

As they say, knowledge is power, and the folks over at Inspired eLearning have created the infographic to illustrate the dangers associated with malware along with steps that you can take to stay safe.

Malware is Everywhere INFOGRAPHIC


Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet,  “Like” us on Facebook or add us to your circle on Google+

Is The PICA Photo Gallery Plugin for WordPress Leaving Your Website Vulnerable?

PhotosIt seems as though our post warning users about the old TimThumb vulnerability caught a lot of attention as we noticed an uptick in the number of site scans.

Now, this could simply mean that the scripts used to automatically scan for TimThumb files have a difficult time distinguishing a URL path mentioned in a blog from an actual file. However, there was one Russian-based IP that seemed to try harder than others to find a vulnerability to exploit, and one file path in particular happened to catch my eye:
/wp-content/plugins/pica-photo-gallery/picaPhotosResize.php

As you can see, the attacker was looking for a file by the name of picaPhotoResize.php, which is associated with the PICA Photo Gallery Plugin for WordPress. (Not installed)

It turns out that the PICA Photo Gallery Plugin for WordPress suffers from not one, but two vulnerabilities that can be exploited to disclose sensitive information or upload malicious files.

These security flaws were discovered back in June of 2012, and there’s no indication that they were ever fixed - a disappointment considering this is a $50 plugin!

From Secunia Advisory SA49467:
1)  Input passed to the "imgname" parameter in wp-content/plugins/pica-photo-gallery/picadownload.php is not properly verified before being used to download files. This can be exploited to disclose the contents of arbitrary files via directory traversal attacks.

2) An error due to the wp-content/plugins/pica-photo-gallery/picaPhotosResize.php script allowing the upload of files with arbitrary extensions to a folder inside the webroot can be exploited to execute arbitrary PHP code by uploading a malicious PHP script.

The above vulnerabilities were confirmed in PICA Photo Gallery version 1.0, but later versions may be affected. The latest version is 1.3 at the time of writing.

Solutions


To protect their site, PICA Photo Gallery users are advised to:

  • Edit the source code for picadownload.php to ensure that input is properly verified.

  • Restrict access to the wp-content/plugins/pica-photo-gallery/picaPhotosResize.php script (e.g. via .htaccess).


Or just remove the plugin altogether.

I’ve reached out to the developers of this plugin to find out if these vulnerabilities were ever addressed, and when users can expect a patch if not. I’ll update this post when I hear back. Until then, watch out for hack attempts!

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet,  “Like” us on Facebook or add us to your circle on Google+

Tuesday, February 5, 2013

Tax Spam Aims to Trick Users Into Downloading Backdoor Trojan

ITax Day Aheadt’s tax season again and that means spammers will be pumping out malicious phishing emails in hopes of catching recipients off-guard.

Sophos has already intercepted one of the tax-related spam emails going around, and is warning users not to open the files attached to it:
Subject: FW: 2010 and 2011 Tax Documents; Accountant's Letter

I forward this file to you for review. Please open and view it.
Attached are Individual Income Tax Returns and W-2s for 2010 and 2011, plus an accountant's letter.

This email message may include single or multiple file attachments of varying types.
It has been MIME encoded for Internet e-mail transmission.

The name of the zip archive attached to the email will vary from email-to-email as it is named after the recipient (i.e. the file will be named “sally.zip” if your email is sally@email.com). However, each archive contains the a dangerous executable, "Individual Income Tax Returns.exe" that Sophos identifies as Troj/Agent-ZWM, a backdoor Trojan that will grant an attacker remote control of your system.

What to Do If You Receive This Spam Email


If this email happens to drop in your inbox, it is recommended that you:

  • Avoid downloading or opening the attached file.

  • Report the email to SpamCop.

  • Delete the email immediately.


[via Sophos]

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet,  “Like” us on Facebook or add us to your circle on Google+

Security Flaw Found in VLC Media Player 2.0.5 & Earlier

VLC Media PlayerVideoLAN is advising VLC media player users not to open files from untrusted third-parties following the discovery of a vulnerability in the ASF demuxer of VLC media player versions 2.0.5 and earlier.

According to the security advisory posted on the VideoLAN website, a buffer overflow might occur when parsing a specially crafted ASF movie, which could allow an attacker to trigger an invalid memory access & crash VLC media player.

The advisory also warns that this exploit could potentially be used by attackers to execute arbitrary code “within the content of the application,” although that scenario has not been confirmed.

VideoLAN states that this vulnerability will be patched in version 2.0.6, but it’s unclear when it will be released. The advisory hinted at a January release, but only 2.0.5 remains available to download.

In the meantime, users can protect themselves by:

  • Only opening or accessing files that come from trusted sources.

  • Disabling VLC browser plugins until the patch is applied.

  • Manually removing the ASF demuxer (libasf_lugin.*) from the VLC plugin installation directory to prevent ASF movie playback.


Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet,  “Like” us on Facebook or add us to your circle on Google+

Friday, February 1, 2013

(Updated) Hackers Still Scanning for Vulnerable TimThumb Scripts

WordPressIf you have a website running on WordPress, make sure you check your themes and plugins for the TimThumb script, and if you find it make sure you’re running the latest version (2.8.11 at time of this writing).

For the uninitiated, TimThumb is a PHP script used to resize images, and is integrated into hundreds of WordPress themes.

Unfortunately, a security flaw was discovered within TimThumb in 2011, leaving millions of WordPress powered websites vulnerable to attack. The vulnerability was fixed (in version 1.33, I believe); however, some websites may still be at risk if they were never updated.

Judging by scans we’ve seen on our own blog, it would appear that cybercriminals are still hunting for websites with plugins or themes using outdated versions of TimThumb:

Plugins


/wp-content/plugins/cac-featured-content/timthumb.php
/wp-content/plugins/category-grid-view-gallery/includes/timthumb.php
/wp-content/plugins/category-list-portfolio-page/scripts/timthumb.php
/wp-content/plugins/cms-pack/timthumb.php
/wp-content/plugins/dp-thumbnail/timthumb/timthumb.php
/wp-content/plugins/extend-wordpress/helpers/timthumb/image.php
/wp-content/plugins/islidex/js/timthumb.php
/wp-content/plugins/kino-gallery/timthumb.php
/wp-content/plugins/lisl-last-image-slider/timthumb.php
/wp-content/plugins/really-easy-slider/inc/thumb.php
/wp-content/plugins/rent-a-car/libs/timthumb.php
/wp-content/plugins/verve-meta-boxes/tools/timthumb.php
/wp-content/plugins/vk-gallery/lib/timthumb.php
/wp-content/plugins/wp-marketplace/libs/timthumb.php

Themes


/wp-content/themes/13Floor/timthumb.php
/wp-content/themes/advanced-newspaper/timthumb.php
/wp-content/themes/Aggregate/thumb.php
/wp-content/themes/Aggregate/timthumb.php
/wp-content/themes/AmphionPro/script/timthumb.php
/wp-content/themes/aperture/thumb.php
/wp-content/themes/aperture/timthumb.php
/wp-content/themes/arras/library/timthumb.php
/wp-content/themes/arras-theme/library/timthumb.php
/wp-content/themes/Avenue/timthumb.php
/wp-content/themes/backstage/thumb.php
/wp-content/themes/backstage/timthumb.php
/wp-content/themes/Basic/timthumb.php
/wp-content/themes/biznizz/thumb.php
/wp-content/themes/biznizz/timthumb.php
/wp-content/themes/Bold/timthumb.php
/wp-content/themes/boldnews/thumb.php
/wp-content/themes/boldnews/timthumb.php
/wp-content/themes/broadcast/thumb.php
/wp-content/themes/bt/includes/timthumb.php
/wp-content/themes/bueno/thumb.php
/wp-content/themes/bueno/timthumb.php
/wp-content/themes/busybee/thumb.php
/wp-content/themes/busybee/timthumb.php
/wp-content/themes/c3/thumb.php
/wp-content/themes/cadabrapress/scripts/timthumb.php
/wp-content/themes/canvas/thumb.php
/wp-content/themes/canvas/timthumb.php
/wp-content/themes/CFWProfessional/timthumb.php
/wp-content/themes/Chameleon/timthumb.php
/wp-content/themes/city/scripts/timthumb.php
/wp-content/themes/cityguide/timthumb.php
/wp-content/themes/coda/thumb.php
/wp-content/themes/coffeebreak/thumb.php
/wp-content/themes/coffeebreak/timthumb.php
/wp-content/themes/coffeedesk/includes/timthumb.php
/wp-content/themes/comfy%20pro/thumb.php
/wp-content/themes/continuum/thumb.php
/wp-content/themes/continuum/timthumb.php
/wp-content/themes/crisp/thumb.php
/wp-content/themes/crisp/timthumb.php
/wp-content/themes/cruz/scripts/timthumb.php
/wp-content/themes/dailyedition/thumb.php
/wp-content/themes/dandelion_v2.6.1/functions/timthumb.php
/wp-content/themes/dandelion_v2.6.3/functions/timthumb.php
/wp-content/themes/dandelion_v2.6.4/functions/timthumb.php
/wp-content/themes/dcric/scripts/timthumb.php
/wp-content/themes/DeepBlue/timthumb.php
/wp-content/themes/deep-blue/timthumb.php
/wp-content/themes/DeepFocus/thumb.php
/wp-content/themes/DeepFocus/timthumb.php
/wp-content/themes/delegate/thumb.php
/wp-content/themes/delegate/timthumb.php
/wp-content/themes/delicate/thumb.php
/wp-content/themes/delicate/timthumb.php
/wp-content/themes/DelicateNews/timthumb.php
/wp-content/themes/deliciousmagazine/thumb.php
/wp-content/themes/deliciousmagazine/timthumb.php
/wp-content/themes/delight/scripts/timthumb.php
/wp-content/themes/develop/thumb.php
/wp-content/themes/diarise/thumb.php
/wp-content/themes/digitalfarm/thumb.php
/wp-content/themes/directory/timthumb.php
/wp-content/themes/dualshockers2/thumb.php
/wp-content/themes/duotive-three/includes/timthumb.php
/wp-content/themes/EarthlyTouch/timthumb.php
/wp-content/themes/eBusiness/timthumb.php
/wp-content/themes/ecobiz/timthumb.php
/wp-content/themes/editorial/thumb.php
/wp-content/themes/ElegantEstate/thumb.php
/wp-content/themes/ElegantEstate/timthumb.php
/wp-content/themes/eNews/thumb.php
/wp-content/themes/eNews/timthumb.php
/wp-content/themes/envision/thumb.php
/wp-content/themes/ephoto/thumb.php
/wp-content/themes/ePhoto/timthumb.php
/wp-content/themes/equator/timthumb.php
/wp-content/themes/eStore/timthumb.php
/wp-content/themes/Event/timthumb.php
/wp-content/themes/Feather/timthumb.php
/wp-content/themes/flashnews/thumb.php
/wp-content/themes/freshnews/thumb.php
/wp-content/themes/G6Feature/includes/thumb.php
/wp-content/themes/gallant/thumb.php
/wp-content/themes/gazette/thumb.php
/wp-content/themes/gazette/timthumb.php
/wp-content/themes/Glow/timthumb.php
/wp-content/themes/GrungeMag/timthumb.php
/wp-content/themes/headlines/thumb.php
/wp-content/themes/headlines/timthumb.php
/wp-content/themes/headlines_enhanced_v2/thumb.php
/wp-content/themes/idris/images/timthumb.php
/wp-content/themes/impacto/thumb.php
/wp-content/themes/insignio/images/timthumb.php
/wp-content/themes/InterPhase/timthumb.php
/wp-content/themes/kingsize/timthumb.php
/wp-content/themes/lifestyle/thumb.php
/wp-content/themes/LightBright/timthumb.php
/wp-content/themes/Linepress/timthumb.php
/wp-content/themes/livewire/thumb.php
/wp-content/themes/mademan/scripts/timthumb.php
/wp-content/themes/Magnificent/thumb.php
/wp-content/themes/manifesto/scripts/timthumb.php
/wp-content/themes/Max/thumb.php
/wp-content/themes/Memoir/thumb.php
/wp-content/themes/mimbo/scripts/timthumb.php
/wp-content/themes/mimbopro/scripts/timthumb.php
/wp-content/themes/minecraftapps.com/scripts/timthumb.php
/wp-content/themes/mini-lab/functions/timthumb.php
/wp-content/themes/Modest/thumb.php
/wp-content/themes/Modest/timthumb.php
/wp-content/themes/modularity/includes/timthumb.php
/wp-content/themes/modularity2/includes/timthumb.php
/wp-content/themes/multidesign/scripts/timthumb.php
/wp-content/themes/muse/scripts/timthumb.php
/wp-content/themes/myjourney/thumb.php
/wp-content/themes/myjourney_3.1/thumb.php
/wp-content/themes/MyProduct/timthumb.php
/wp-content/themes/NewsPro/timthumb.php
/wp-content/themes/Nova/timthumb.php
/wp-content/themes/Nyke/timthumb.php
/wp-content/themes/ocram_2/thumb.php
/wp-content/themes/optimize/thumb.php
/wp-content/themes/optimize/timthumb.php
/wp-content/themes/OptimizePress/timthumb.php
/wp-content/themes/overeasy/timthumb.php
/wp-content/themes/pearlie_14%20dec/scripts/timthumb.php
/wp-content/themes/PersonalPress/timthumb.php
/wp-content/themes/photoria/scripts/timthumb.php
/wp-content/themes/photo-workshop/includes/timthumb.php
/wp-content/themes/Polished/timthumb.php
/wp-content/themes/postcard/thumb.php
/wp-content/themes/premiumnews/thumb.php
/wp-content/themes/premiumnews/timthumb.php
/wp-content/themes/productum/thumb.php
/wp-content/themes/profitstheme/thumb.php
/wp-content/themes/prosto/functions/thumb.php
/wp-content/themes/PureType/timthumb.php
/wp-content/themes/purevision/scripts/timthumb.php
/wp-content/themes/Quadro/timthumb.php
/wp-content/themes/redlight/includes/timthumb.php/coffeebreak/thumb.php
/wp-content/themes/Reporter/timthumb.php
/wp-content/themes/retreat/thumb.php
/wp-content/themes/rockstar/thumb.php
/wp-content/themes/rockwell_v1.5/scripts/timthumb.php
/wp-content/themes/rt_crystalline_wp/thumb.php
/wp-content/themes/rt_panacea_wp/thumb.php
/wp-content/themes/rt_syndicate_wp/thumb.php
/wp-content/themes/sealight/thumb.php
/wp-content/themes/SimplePress/timthumb.php
/wp-content/themes/simplicity/thumb.php
/wp-content/themes/simplicity/timthumb.php
/wp-content/themes/skeptical/thumb.php
/wp-content/themes/skeptical/timthumb.php
/wp-content/themes/snapshot/thumb.php
/wp-content/themes/snapshot/timthumb.php
/wp-content/themes/spectrum/thumb.php
/wp-content/themes/spectrum/timthumb.php
/wp-content/themes/telegraph/scripts/timthumb.php
/wp-content/themes/TheCorporation/timthumb.php
/wp-content/themes/themorningafter/thumb.php
/wp-content/themes/TheProfessional/timthumb.php
/wp-content/themes/therapy/thumb.php
/wp-content/themes/TheSource/timthumb.php
/wp-content/themes/thestation/thumb.php
/wp-content/themes/thestation/timthumb.php
/wp-content/themes/TheStyle/timthumb.php
/wp-content/themes/tma/thumb.php
/wp-content/themes/Transcript/thumb.php
/wp-content/themes/Transcript/timthumb.php
/wp-content/themes/tribune/scripts/timthumb.php
/wp-content/themes/typebased/thumb.php
/wp-content/themes/typebased/timthumb.php
/wp-content/themes/u-design/scripts/timthumb.php
/wp-content/themes/vibrantcms/thumb.php
/wp-content/themes/vulcan/timthumb.php
/wp-content/themes/watercolor/includes/timthumb.php
/wp-content/themes/waves/functions/timthumb.php
/wp-content/themes/welcome_inn/timthumb.php
/wp-content/themes/WhosWho/timthumb.php
/wp-content/themes/widescreen/includes/timthumb.php
/wp-content/themes/wootube/thumb.php
/wp-content/themes/wp-clear-prem/scripts/timthumb.php
/wp-content/themes/WPCMS2/scripts/timthumb.php
/wp-content/themes/zenko/scripts/timthumb.php

Not Sure If Your Site is Vulnerable?


There are two methods you can use to check your site:

  • Use the TimThumb Vulnerability Scanner plugin to check if your site is running a vulnerable version of TimThumb. This plugin will scan your entire wp-content folder, including plugins, themes and uploads.

  • Manually scan your wp-content folder for any 'timthumb.php' or 'thumb.php' files.


How to Update TimThumb


Should you happen to find a vulnerable version of TimThumb on your site, here are some easy-to-follow instructions that will guide you through the update process.

As a side note, I recommend doing a little research to beef up the security on any WordPress websites you may be running. Here’s a pretty good list of 25 Essential Security Plugins + Tips.

List last updated: 2/7/2013

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet,  “Like” us on Facebook or add us to your circle on Google+

"Did you see this pic of you?" Phishing Scam Stealing Twitter Logins

new-twitter-logo-tmbThere’s a new phishing scam circulating on Twitter and judging by the amount of phishy DMs we’re receiving, a lot of folks are falling for it.

Tsk, tsk, people. Have we not learned anything from past phishing attacks?

How the Scam Works


Similar to previous scams, it all starts with an intriguing direct message:
Did you see this pic of you? lol [SHORT LINK]

The embedded short link leads to a phishing page that would make anyone believe it were a legitimate Twitter page asking us to verify our account password – IF we never bothered to look at the URL in our browser’s web address bar:

Twitter Phishing Scam: Verify Your Password


Of course, any information entered into the above form would be sent off to the scammer and the victim would be questioning what just happened after being redirected to a (fake) 404 page:

Twitter Phishing Scam: Redirects to Fake 404 Page


After a few seconds, you’ll be redirected to the real Twitter website:

Twitter Phishing Scam: Redirects to Twitter


At some point the attackers will hijack your Twitter account to spam your followers with the same DM that tricked you in hopes of expanding their list of victims.

Don’t Fall for This Scam!


Now that you know how this phishing scam works, here are a few ways you can protect yourself in the future:

  • Do not follow short links without expanding them first. You can use a free service like longurl.org to check the true destination before following a link.

  • Be cautious of links that go to a page asking you to login. You were logged in just a second ago, why do you suddenly need to login again?

  • Always check the URL in your browser’s web address bar before entering any sensitive information. Scammers can fake the look and feel of a website, but the URL does not lie.


What to Do with Twitter Phishing Scam DMs


If you happen to receive one of these phishing messages, it is recommended that you:

  • Avoid clicking on any embedded links.

  • Report the DM to Twitter.

  • Let the sender know that their account has been compromised and advise them to change their Twitter password.

  • Delete the DM immediately.

  • Warn your fellow Twitter users!


Have you seen this scam yet?

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet,  “Like” us on Facebook or add us to your circle on Google+