Welcome to the Network Security website at the IAS

This website is intended to bring you the latest news, how to's, tools and resources in Information Security.  Security Awareness of our Faculty, Members and Staff is key in creating a safer computing environment.

The three major Principles of Information Security, Availability, Integrity and Confidentiality, will be covered throughout the security awareness program at the Institute.  For a description of these principles, please see our About section.

In keeping with the spirit of the Institute, I encourage questions and open discussions about security.  And if you discover anything out of the ordinary, please feel free to bring it to my attention so that we can work together to create a more productive, safer environment.

Thanks,
Brian Epstein <security@ias.edu>
twitter: @epepepep


Multiple vulnerabilities found in Drupal Core <5.13 and <6.7

http://drupal.org/user/124982

This bug affects the update mechanism in Drupal. Via cross site
scripting, a malicious user may be able to cause the superuser to
execute old updates that may damage the database.

Upgrading to 5.13 or 6.7 will mitigate the bug. Alternatively, a patch
is available that will fix this bug, although it will not update other
non-security fixes in the code.

Multiple vulnerabilities found in Drupal Core

http://drupal.org/user/124982

This bug affects the update mechanism in Drupal. Via cross site
scripting, a malicious user may be able to cause the superuser to
execute old updates that may damage the database.

Upgrading to 5.13 or 6.7 will mitigate the bug. Alternatively, a patch
is available that will fix this bug, although it will not update other
non-security fixes in the code.

Zero day (2008-12-10) exploit for Internet Explorer (961051)

http://www.microsoft.com/technet/security/advisory/961051.mspx
http://isc.sans.org/diary.html?storyid=5458

This vulnerability affects Internet Explorer in XP SP3, Vista SP0, SP1,
and Server 2008.

This vulnerability was not fixed in MS08-073 which was released
2008-12-09 (patch Tuesday).

Multiple vulnerabilities found in Drupal Core <5.13 and <6.7

http://drupal.org/user/124982

This bug affects the update mechanism in Drupal. Via cross site
scripting, a malicious user may be able to cause the superuser to
execute old updates that may damage the database.

Upgrading to 5.13 or 6.7 will mitigate the bug. Alternatively, a patch
is available that will fix this bug, although it will not update other
non-security fixes in the code.

Multiple vulnerabilities in Adobe Acrobat Reader [Fwd: [sns.ias.edu #1633]

http://secunia.com/advisories/29773/
http://www.kb.cert.org/vuls/id/593409

Multiple vulnerabilities in Adobe Acrobat/Reader in versions could lead to arbitrary code execution when a user opens a malicious PDF
file.

There are known exploits for these vulnerabilities. Users should use
caution when opening PDF files and upgrade to version 8.1.3 or 9 of
Adobe Acrobat/Reader.

Multiple vulnerabilities in Adobe Acrobat Reader [Fwd: [sns.ias.edu #1633]

http://secunia.com/advisories/29773/
http://www.kb.cert.org/vuls/id/593409

Multiple vulnerabilities in Adobe Acrobat/Reader in versions <8.1.3
could lead to arbitrary code execution when a user opens a malicious PDF
file.

There are known exploits for these vulnerabilities. Users should use
caution when opening PDF files and upgrade to version 8.1.3 or 9 of
Adobe Acrobat/Reader.

Multiple vulnerabilities in Adobe Acrobat Reader [Fwd: [sns.ias.edu #1633]

http://secunia.com/advisories/29773/
http://www.kb.cert.org/vuls/id/593409

Multiple vulnerabilities in Adobe Acrobat/Reader in versions could lead to arbitrary code execution when a user opens a malicious PDF
file.

There are known exploits for these vulnerabilities. Users should use
caution when opening PDF files and upgrade to version 8.1.3 or 9 of
Adobe Acrobat/Reader.

MS08-067 netapi32.dll Critical security update released out of Cycle from Microsoft

It appears that a vulnerability in netapi32.dll was released out of the
normal security update cycle from Microsoft. This vulnerability allows
for remote code execution.

Apparently it affects all supported version of Windows that have been
configured in one of two ways:

1) Firewall is disabled
2) Firewall is enabled but file/printer sharing is also enabled.

Here is a link to the bulletin and a review (which has more information).

Phishing

"Phishing" is a term that refers to a type of attack made against unsuspecting individuals that coerces them to divulge sensitive information.

The name comes from the word "fishing," where one casts a line or net in the water hoping to fool a fish to take the bait.

The Bait

Here is an example of a phishing attempt being done over email.

Pages