securingyour.info

Her Majesty’s Royal Navy website was compromised by Romanian hacker “TinKode” in what appears to be more mischievous than malicious so far anyway. According to the Sophos technical consultant Graham Cluley “TinKode” appears to have also posted sensitive information on administration accounts and passwords related to the Royal Navy website. The Navy have posted a comment on their website stating  “Unfortunately, the Royal Navy website is currently undergoing essential maintenance”.

“TinKode” a member of insecurity.ro has also previously revealed security holes in NASA’s website and various vulnerabilities in US military websites.

This of course is in the face of the MoD as a few weeks ago it was announced that cyber attacks were declared as the highest priority in the new National Security Strategy.

Read more on the hack, ZDNet article

What, oh the horror! They had to do a study to figure this one out? .com is by far the most used GTLD on the planet, so let do some simple math should we.  Millions of .com domains multiplied by millions of miscreants divided by the domains less used equals .com is the most dangerous domain.  Geez! I hear you all scream, I own a .com what do I do now. First you calm down and think about this headline breaking news and then the company behind the report McAfee, I think a little bit of naught marketing going on but at least they are still pointing out that you do need to watch where, what and how you, your employees or family are surfing and downloading on the interwebs. The instances of malware over the last few years has peaked to record highs.

The report does go on to say that malware does follow the cheapest domains possible and that the likes of .vn (Vietnam) have climb the ranks over a short period of time to be one of the highest ccTLD for malware. Japan (.jp) is the safest for the second time along with a few others such as Ireland and Catalan while countries like Singapore (.sg) fell in the ranks.

Read the complete report from McAfee

WHAT? I hear you say in shock and horror. Simple rules and policy that is all it needed, lucky the coach driver that found the USB stick handed it back to the authorities for safe keeping. Point is that he still had access to the information and there is no way of telling whether any of the data was copied, emailed or duplicated in some shape or form. The question begging to be asked; How does a nuclear facility not have information security in place? An enforceable security policy on USB drives and data storage, encrypt it, encrypt it, encrypt it again. We are talking about national security here, actually encrypt it a forth time to make sure and then guard it with everything you have if it must leave the office or work place. I could not have said it better than this really.

According to Credant vice president, whilst the convenience of USB sticks make them an important tool for any business, you don’t have to be a nuclear scientist to know that the data carried on these devices must be protected.

Perhaps they should also consider the coach driver for the role of CISO at the nuclear facility, sounds like he knows more about the importance of information and the securing there of.

As the coach driver is quoted as saying in the local press, what if the USB stick had fallen into the hands of terrorists, or contained top secret information?

I don’t know what is worse the data breach or that the local press article printing the coach drivers name, address, company, hotel details the data was found in and then published a photo of the man along with it, they should just have called the miscreants of the world and said “Here you go, do what you need to but get the information off of him quickly.”

For the full shocking story read more here and the local press article

With a vulnerability score rating of 7.6 this is rather serious, the vulnerability lies in the PDF distiller component of the Blackberry attachment service on Enterprise server. The issue is a simple buffer overflow which could allow malicious individuals to execute a Denial of Service (DoS) attack. To successfully exploit this vulnerability a Blackberry user needs to open a specially grafted PDF file using the Get Link menu item on their Blackberry smartphone.

Affected Software:

BlackBerry Enterprise Server Express version 5.0.2 for Microsoft Exchange

BlackBerry Enterprise Server versions 5.0.2, 5.0.1, 5.0.0, 4.1.7 and earlier for Microsoft Exchange

BlackBerry Enterprise Server versions 5.0.2, 5.0.1, 5.0.0, 4.1.7 and earlier for IBM Lotus Domino

BlackBerry Enterprise Server versions 5.0.1, 4.1.7 and earlier for Novell GroupWise

BlackBerry® Professional Software version 4.1.4 and earlier for Microsoft Exchange and IBM Lotus Domino

Do read the advisory and patch up rather urgently.

Oracle have decided to follow suite with Microsoft on patch Tuesday with a staggering eighty one security patches to fix critical vulnerabilities in it’s database server software.  It is rumored that ten out of the tweleve health care organisations run oracle software so lets hope that they patch up fast. With some of the vulnerabilities as serious as remote exploitation with out the need for authentication lets hope the all the blue chips patch as soon as possible, especially the Sun worshipers as thirty one of the eighty one are for Oracle Sun products.

According to the pre-release statement by Oracle the following products and effected:

Oracle Database 11g Release 2, version 11.2.0.1

Oracle Database 11g Release 1, version 11.1.0.7

Oracle Database 10g Release 2, versions 10.2.0.3 and 10.2.0.4

Oracle Database 10g, Release 1, version 10.1.0.5

Oracle Fusion Middleware, 11gR1, versions 11.1.1.1.0 and 11.1.1.2.0

Oracle Application Server, 10gR3, version 10.1.3.5.0

Oracle Application Server, 10gR2, version 10.1.2.3.0

Oracle BI Publisher, versions 10.1.3.3.2, 10.1.3.4.0 and 10.1.3.4.1

Oracle Identity Management 10g, versions 10.1.4.0.1 and 10.1.4.3

Oracle E-Business Suite Release 12, versions 12.0.4, 12.0.5, 12.0.6, 12.1.1 and 12.1.2

Oracle E-Business Suite Release 11i, versions 11.5.10 and 11.5.10.2

Agile PLM, version 9.3.0.0

Oracle Transportation Management, versions 5.5, 6.0, and 6.1

PeopleSoft Enterprise CRM, FMS, HCM and SCM (Supply Chain), versions 8.9, 9.0 and 9.1

PeopleSoft Enterprise EPM, Campus Solutions, versions 8.9 and 9.0

PeopleSoft Enterprise PeopleTools, versions 8.49 and 8.50

Siebel Core, versions 7.7, 7.8, 8.0 and 8.1

Primavera P6 Enterprise Project Portfolio Management, versions 6.21.3.0 and 7.0.1.0

Oracle Sun Product Suite

Peoplesoft Enterprise CRM

Peoplesoft Enterprise EPM

Solaris

Open Solaris

Again do patch up and make sure you read the pre-release statement for more information