Cyber Security. Weekly Review May 27 - June 2, 2013
We present the first publicly available version of the analytical report on current cyber-threats and news, which is prepared weekly by the employees of our company.
The main objectives of the report are to increase the awareness of specialists about current technologies and trends in cyber threats and offer recommendations on prioritizing operational tasks of information protection.
The report will be useful in and recommended for study by specialists and information security managers, system administrators, engineers, as well as all professionals who should always be aware of the main trends in cyber security.
')
Over the past week published information about closing a variety of vulnerabilities. The most up-to-date update is required for 10 critical vulnerabilities. For the two vulnerabilities, exploits have already been developed and published.
Among the most critical vulnerabilities are remote execution of arbitrary code in Adobe Reader, Google Chrome, Apple QuickTime and WebKit in Apple iTunes; elevation of privileges through the kernel module in Microsoft Windows of most versions, as well as through the Mozilla Maintenance Service in Mozilla Firefox to version 21.0.
Openly published 5 exploits, including an exploit of remote code execution for Oracle WebCenter 11.1.1.6.0, an exploit of privilege elevation for current versions of Windows, and a denial of service exploit for ModSecurity 2.7.4.
In the statistics of mass and targeted attacks dominated by JAVA-exploits. No day zero exploit detected.
Materials for technical specialists include analysis of several botnets, a number of Trojans and exploits, and introductory materials on the investigation of incidents.
In the news, China’s new charge of cyber-espionage by the United States and evidence of India’s participation in the cyber-arms race.
The full version of the report is available at the link in PDF format.
Voldokhin , dukebarman and alisaesage took part in the preparation of the report.
Ps. Dear habravchane! Tell me, please, how to turn large tables from Word HTML to Habr's markup without torment?
The main objectives of the report are to increase the awareness of specialists about current technologies and trends in cyber threats and offer recommendations on prioritizing operational tasks of information protection.
The report will be useful in and recommended for study by specialists and information security managers, system administrators, engineers, as well as all professionals who should always be aware of the main trends in cyber security.
')
Summary
Over the past week published information about closing a variety of vulnerabilities. The most up-to-date update is required for 10 critical vulnerabilities. For the two vulnerabilities, exploits have already been developed and published.
Among the most critical vulnerabilities are remote execution of arbitrary code in Adobe Reader, Google Chrome, Apple QuickTime and WebKit in Apple iTunes; elevation of privileges through the kernel module in Microsoft Windows of most versions, as well as through the Mozilla Maintenance Service in Mozilla Firefox to version 21.0.
Openly published 5 exploits, including an exploit of remote code execution for Oracle WebCenter 11.1.1.6.0, an exploit of privilege elevation for current versions of Windows, and a denial of service exploit for ModSecurity 2.7.4.
In the statistics of mass and targeted attacks dominated by JAVA-exploits. No day zero exploit detected.
Materials for technical specialists include analysis of several botnets, a number of Trojans and exploits, and introductory materials on the investigation of incidents.
In the news, China’s new charge of cyber-espionage by the United States and evidence of India’s participation in the cyber-arms race.
The full version of the report is available at the link in PDF format.
Voldokhin , dukebarman and alisaesage took part in the preparation of the report.
Source: https://habr.com/ru/post/182994/
All Articles