Tag Archives: Update

WatchGuard Security Week in Review: Episode 63 – Patch Bonanza

May 17, 2013 by Corey Nachreiner 0 Comments

Zero Day Patches, Nasty New Malware, and Jailed Hackers

Ready for a dose of InfoSec news? Your weekly security highlights reel is spooled up and ready to go.

This week was all about software updates. Not only did Microsoft and Adobe’s monthly Patch Day bring us patches for critical zero day vulnerabilities, but we saw security updates for Firefox and iTunes as well. In today’s video, I talk about all those updates, as well as two new interesting malware variants, and the sentencing and jailing of a team of well-known hackers. View the video for all the details.

A quick note… Next week I’ll be attending the AusCERT security conference in Australia. Though I still expect to bring you a weekly video, I may post it earlier or later than normal due to travel and the time zone differences. Keep safe out there and see you next week.

(Episode Runtime: 7:17)

Direct YouTube Link: http://www.youtube.com/watch?v=gjAx6PdFY0k

Episode References:

Extras:

— Corey Nachreiner, CISSP (@SecAdept)

Editorial Articles, Security Updates
, , , , , , , , , , , , , , , , , , , , , , ,

WatchGuard Security Week in Review: Episode 62 – Major Cyber Heist

May 10, 2013 by Corey Nachreiner 4 Comments

The Onion Hack, IE8 0day, and ATM Cyber Heist

Are you an over-worked IT administrator with no time to learn about the latest internet threats? Do you want to keep your network safe, but don’t know what the bad guys are up to? If that’s you, then our weekly information security highlights video is just the thing for you. For just three easy payments of… well, nothing… you can have all that and more!

Today’s episode covers Syrian cyber attackers hijacking The Onion’s twitter feed, a serious zero day vulnerability affecting Internet Explorer 8 (IE8), a major cyber bank heist, and more. For all the details, and some tips to protect yourself, watch the video below or check out the stories in the Reference section.

Have a great weekend.

(Episode Runtime: 7:46)

Direct YouTube Link: http://www.youtube.com/watch?v=hdN9YMjKTXM

Episode References:

Extras:

— Corey Nachreiner, CISSP (@SecAdept)

Editorial Articles, Security Updates
, , , , , , , , , , , , , , , , , , , , , , ,

WatchGuard Security Week in Review: Episode 61 – InfoSec UK 2013

April 26, 2013 by Corey Nachreiner 1 Comment

AP Twitter Hack, Serial Offenders, and InfoSec UK

This week’s security highlights video comes a bit early due to my travels in London to attend InfoSec UK.

If you’re looking for a quick summary of the week’s top security news, this is the vlog for you. In today’s video, I share a few themes from the biggest security conferences in Europe, news of the AP twitter feed hijack, warnings of a new Java exploit, and information about industry-wide flaws affecting serial port servers. Watch for all the details, and check the Reference section below for other interesting stories from the week.

(Episode Runtime: 7:35)

Direct YouTube Link: http://www.youtube.com/watch?v=pWAMN7j0yyg

Episode References:

Extras:

— Corey Nachreiner, CISSP (@SecAdept)

Editorial Articles, Security Updates
, , , , , , , , , , , , , , , , , , , , ,

WatchGuard Security Week in Review: Episode 60 – Oracle CPU

April 19, 2013 by Corey Nachreiner 1 Comment

Router Hacks, WordPress Attack, and Huge Oracle Update

During a week of such tragedy, it’s hard to give much thought to network and information security (InfoSec). Yet, we must stay vigilant, lest abhorrent cyber criminals leverage such tragedies against us in social networking campaigns.

In this week’s InfoSec news summary, I cover Oracle’s quarterly Critical Patch Update (CPU), a research project that uncovered vulnerabilities in consumer routers, a WordPress password cracking botnet, and how scammers are exploiting this week’s tragedies in their spam campaigns. Watch the video below for the highlights and some defensive tips.

As an aside, I will be traveling next week so I may not post the weekly video at its normal time.

(Episode Runtime: 7:38)

Direct YouTube Link: http://www.youtube.com/watch?v=Mvikhwg12k8

Episode References:

Extras:

— Corey Nachreiner, CISSP (@SecAdept)

Editorial Articles, Security Updates
, , , , , , , , , , , , , , , , , , , , ,

WatchGuard Security Week in Review: Episode 59 – Android PlaneSploit

April 12, 2013 by Corey Nachreiner 1 Comment

CISPA, Game Dev Breaches, and Android Plane Hack

Though I’m traveling in Singapore for a security conference, I still found a few spare minutes for my weekly InfoSec news summary. This week I cover some Bitcoin mining malware, CISPA returning from the ashes, some game related network attacks, and most interestingly, an Android smartphone hacking an airplane. For the details, watch the video below.

By the way, I apologize for the shaky camera. I forgot my tripod on this trip and shooting video with a busy schedule has its challenges. Don’t forget to check out the Reference section if you want to learn more.

(Episode Runtime: 7:53)

Direct YouTube Link: http://www.youtube.com/watch?v=8tke-MEdmtA

Episode References:

— Corey Nachreiner, CISSP (@SecAdept)

Editorial Articles, Security Updates
, , , , , , , , , , , , , , , , ,

WatchGuard Releases Fireware XTM 11.3.6 for e-Series Appliances

April 8, 2013 by Corey Nachreiner 4 Comments

Available for Firebox X Peak, Core, and Edge e-Series appliances

WatchGuard is pleased to announce the general release of Fireware XTM v11.3.6. This release demonstrates our continuing commitment to delivering high quality products to our customers, with a significant number of bug fixes. You can install Fireware XTM OS v11.3.6 on any Firebox X e-Series device. There is no WatchGuard System Manager v11.3.6. We recommend that you use a later version of WatchGuard System Manager to manage Fireware XTM 11.3.6.

Fireware XTM 11.3.6 includes a large number of bug fixes, covering many different areas of Fireware. For more information, see the Resolved Issues section of our Release Notes.

For users of the spamBlocker subscription service, WatchGuard has switched to Mailshell as our new provider of spam detection technology. Mailshell scored highly in the most recent VBSpam Comparative Test, the industry’s leading independent testing program. In the testing, Mailshell’s filter accurately detected 99.84% of spam without a single false positive. This release also includes updates to the Mailshell engine based on feedback submitted after its first release with 11.7.2 for XTM appliances.

Does This Release Pertain to Me?

If you have an e-Series appliance and wish to take advantage of the latest updates, you should upgrade to version 11.3.6. Please read the Release Notes before you upgrade, to understand what’s involved. Users with XTM appliances should consider upgrading to more recent releases like 11.6.5 or 11.7.2.

How Do I Get the Release?

XTM e-Series owners who have a current LiveSecurity Service subscription can obtain this update without additional charge by downloading the applicable packages from the Articles & Support section of WatchGuard’s Support Center. To make it easier to find the relevant software, be sure to uncheck the “Article” and “Known Issue” search options, and press the Go button. The 11.3.6 Release Notes include clear upgrade instructions.

As always, if you need support, please enter a support incident online or call our support staff directly. (When you contact Technical Support, please have your registered Product Serial Number, LiveSecurity Key, or Partner ID available.)

  • U.S. End Users: 877.232.3531
  • International End Users: +1.206.613.0456
  • Authorized WatchGuard Resellers: +1.206.521.8375
WatchGuard Software
, , , , , ,

WatchGuard Security Week in Review: Episode 58 – Darkleech Apache Attack

April 5, 2013 by Corey Nachreiner 6 Comments

Telephony DoS, OpFreeKorea, and Darkleech

What do zombie video games, North Korea, and emergency telephone systems have in common? They’ve all been compromised by cyber attackers this week.

If you’re too busy dousing IT fires to keep up with InfoSec news on your own, give our weekly security news summary a try. In this short video, I quickly highlight the biggest security stories from the week, and give some practical defense tips along the way.

This week’s episode covers a new telephony denial of service (TDos) extortion scheme , a serious flaw in a common database system, the latest Anonymous operation, and a mysterious Apache hijacking campaign that has affected over 20,000 web servers. Watch the video below for the full scoop, and check out the Reference section for additional stories.

(Episode Runtime: 9:03)

Direct YouTube Link: http://www.youtube.com/watch?v=K18Snt0Lrm0

Episode References:

— Corey Nachreiner, CISSP (@SecAdept)

Editorial Articles, Security Updates
, , , , , , , , , , , , , , , , , , , , , , , , , ,

WatchGuard XCS 9.2 Update 5 Now Available:

April 2, 2013 by Corey Nachreiner 6 Comments

Quarantine, Anti-Spoofing, and Web Proxy Enhancements, Plus Security and Functionality Improvements

As part of our ongoing efforts to improve the effectiveness of WatchGuard XCS appliances to protect from data loss, new viruses, and malware, and to enable organizations to customize their environments, WatchGuard is pleased to announce the availability of XCS 9.2 Update 5.

Highlights of this maintenance release include:

  • Custom Quarantines – You can now create your own custom quarantine areas for specific types of quarantined messages. For example, you can create a quarantine specifically for messages quarantined because of a virus, or messages quarantined because they violate a Data Loss Prevention (DLP) policy rule. When you create a custom quarantine, each message security feature that supports the quarantine option provides a quarantine action for the primary system quarantine and any defined custom quarantines. A Tiered Administrator with the appropriate permissions can manage custom quarantines. This allows you to assign administrators for specific quarantine areas. For example, for compliance purposes, you can assign a user the role of administrator for the DLP quarantine.
  • DKIM (DomainKeys Identified Mail) Support – DKIM (DomainKeys Identified Mail) is an enhanced version of DomainKeys that provides a means for authenticating the source of an email by querying the sending domain’s DNS records and authenticating a unique domain name identifier. As an enhancement to DomainKeys, DKIM offers additional parameters to the signing mechanism for enhanced security and spoofing protection, and allows authorized third-party signing of messages for a domain independent from the message author. DKIM signing can be applied independently to outbound messages based on policies.
  • Allowed HTTPS Proxy Ports List – You can now configure a list of non-standard HTTPS Proxy ports that are allowed through the Web Proxy. This option is available on the HTTP/S Proxy configuration page at Security > Configuration > HTTP/S Proxy. The standard HTTPS port 443 is included by default.
  • Web Proxy IP Authentication Redirect – When you use the Web Proxy IP Proxy or Portal Authentication modes, you can now choose to redirect to the authentication page using the hostname or IP address of the Web Proxy.
  • Download Problem Report – The Problem Report feature allows you to send important configuration and log information via email to WatchGuard Technical Support to help troubleshoot an existing support incident. You can now download a local copy of the report from the Problem Reporting configuration.
  • Pattern Filter ID Number Search in Message History – The advanced Message History search now allows you to search by Pattern Filter ID numbers when you select the “only show messages where PBMF is…” option.
  • XCSv Upgrade from an Evaluation – You can now perform an upgrade from an evaluation XCSv installation to a production model XCSv without having to reinstall the system.

For more details, see the Release Notes.

Does This Release Pertain to Me?

XCS 9.2 Update 5 runs on all XCS appliances, from the 170 all the way to the 1180. Although we announced the End-of-Life of our previous BSP appliances, Update 5 also runs on BSP 460, 560, 860, and 1060 devices (64-bit platforms).

XCS 9.2 Update 5 is a maintenance release that contains a number of enhancements and bug fixes, including security fixes. If you manage any of the aforementioned appliances, and you want the latest software enhancements and security fixes, you should install this update. In fact, because of the security fixes we strongly advised you update at your earliest convenience. Please read the Release Notes before you upgrade, to understand what is involved.

How Do I Get the Release?

Your XCS appliance will automatically download the XCS 9.2 Update 5 software. However, it will NOT automatically install the update. You must manually install software updates by going to Administration > Software Updates > Updates. You can also manually download the update from the Articles and Support section of WatchGuard’s Support Center. We highly recommend you thoroughly review the Installation Instructions section of the Release Notes before applying this update.

For a more detailed description of this update, please visit the WatchGuard Support Center at http://www.watchguard.com/support/.

If you need support, please enter a support incident online or call our support staff directly. When you contact Technical Support, please have your registered Product Serial Number, LiveSecurity Key, or Partner ID available.

  • U.S. End Users: 877.232.3531
  • International End Users: +1.206.613.0456
  • Authorized WatchGuard Resellers: +1.206.521.8375
WatchGuard Software
, , ,

WatchGuard Security Week in Review: Episode 57 – 300Gb DDoS

March 29, 2013 by Corey Nachreiner 2 Comments

POS Trojans, Android Spear Phishing, and Record DDoS

Extra, Extra, the Internet almost broke (no it didn’t). Read… View all about it!

Too much security news, and too little time? Let me summarize the highlights for you in my weekly InfoSec recap video. This week I cover two trojans targeting point-of-sale (POS) computers, a few software updates, a targeted spear phishing campaign spreading Android malware, and the record-breaking SpamHaus DDoS attack, which didn’t really break the Internet despite some reports. Click play for the details

There were also a ton of other interesting Infosec tidbits this week, beyond what’s in the video. If you’re interested, check out the Reference section below. Stay frosty out there, and have a Happy Easter weekend.

(Episode Runtime: 9:47)

Direct YouTube Link: http://www.youtube.com/watch?v=sC1zLvbjzI4

Episode References:

— Corey Nachreiner, CISSP (@SecAdept)

Editorial Articles, Security Updates
, , , , , , , , , , , , , , , , , , , , , , , , , ,

Make Sure to Update Your Apple Devices

March 21, 2013 by Corey Nachreiner 1 Comment

If you follow my weekly security video, WatchGuard Security Week in Review, you probably already know that Apple released both an OS X and Safari security update last week. Hopefully, you’ve already applied those two updates, but if not I highly recommend you do so immediately. Among other things, the OS X update includes a Java related security fix. Lately, cyber criminals have really targeted Java in attacks against both Macs and PCs, so it’s important you apply all Java related updates as quickly as you can.

This week, Apple also released iOS and Apple TV security updates. These updates fix a number of security issues in these popular products. High on the list of fixed issues was a very highly publicized lock screen bypass flaw in iOS, which an attacker could exploit to gain access to the data on your phone when lost or stolen. iOS 6.1.3 fixes that particular lock screen issues, and a few other vulnerabilities. However, later in the week news emerged of another lockscreen flaw that affects iPhone 4s. So it looks like Apple will have some more lock screen related updates in their future.

In any case, if you use Apple devices, you’re probably affected by at least one of these issues. So I recommend you go get the corresponding updates, or let Apple’s automatic update mechanisms do their job. — Corey Nachreiner, CISSP (@SecAdept)

Security Updates
, , , , , ,
Older Entries

Follow

Get every new post delivered to your Inbox.

Join 7,114 other followers

%d bloggers like this: