Symantec patches Messaging Gateway remote code execution bugs

crednopsec.png

NopSec

Symantec has patched three vulnerabilities in the Symantec Messaging Gateway (SMG) which could be exploited by attackers to remotely execute code.

On Wednesday, the cybersecurity firm issued a security advisory warning of the bugs, all of which are specific to the SMG enterprise software.

The first issue, CVE-2017-6326, is a high-impact bug. While there are no technical details currently available, Symantec says the security flaw can be exploited to perform remote code execution in the SMG console.

The second vulnerability, CVE-2017-6324, is another critical problem. When SMG processes a crafted email attachment, this can allow malformed or corrupted Microsoft Word files to pass through.

If these files are embedded with malicious macros, they can bypass the “disarm” functionality of SMG. When exploiting this issue, attackers can perform privilege escalation.

Finally, the third bug, CVE-2017-6325, is a slightly less severe security flaw. The bug appears when SMG encounters a file inclusion vulnerability, often found to affect web applications which rely on scripting run time.

The issue is caused when an application builds a path for remote code execution and can be exploited by attackers to subvert how an app loads code. When executed, hackers can remotely execute code on the web server running the vulnerable application.

A patch has been released for Symantec Messaging Gateway, version 10.6.3 with patch 10.6.3-266, to smooth over these bugs. It is, as always, recommended that users update their systems as soon as possible to keep themselves safe from exploit.

The security firm also recommends that users restrict access through the principle of least privilege, in which access to sensitive applications and systems are only granted when a user truly needs them to limit the amount of potential damage an attacker could do in the case of compromise.

Symantec thanked security researchers Adam Witt and Mehmet Dursun Ince for discovering the issues and submitting their findings.

See also: Google proposes sending Symantec to TLS sin bin

Back in January, Symantec was forced to revoke a set of insecure security certificates after they were issued to the public realm by mistake. The test certificates, sent out by a partner firm by accident, could have been used to back up malicious software and websites.


screen-shot-2017-05-07-at-17-03-52.jpg


screen-shot-2017-05-07-at-17-00-06.jpg


screen-shot-2017-05-07-at-17-02-59.jpg


screen-shot-2017-05-07-at-16-48-08.jpg


screen-shot-2017-05-07-at-17-02-09.jpg

















Article source: http://www.zdnet.com/article/symantec-patches-messaging-gateway-remote-code-execution-bugs/

Posted in Symantec | Comments Off on Symantec patches Messaging Gateway remote code execution bugs

Kaspersky VirusDesk: online file and link scanner

Kaspersky VirusDesk is a free service by Russian security firm Kaspersky that enables you to scan files or links for viruses and other threats.

While most computer users would probably agree that having a resident antivirus solution installed is a must in these days and age, especially on Windows, there is little to argue about the usefulness of complementing online scanners.

Online file scanners give you a second opinion on a file, and if they have integrated multiple antivirus engines, an even better estimation of a file’s threat level.

Kaspersky VirusDesk

kaspersky virusdesk

Kaspersky VirusDesk offers two main functions: the scanning of one or multiple files, and options to look up the reputation of links.

The scanning works pretty much as you’d expect it to.  You can drag and drop files on the file field or use the attachment icon to use a file browser to load one. A click on scan transfers it to Kaspersky; it is scanned then, and the result is returned to you on the page. Scans use the same antivirus engine that Kasperky’s Antivirus solution for Windows uses.

The threat status of a file is either safe, infected, or suspicious.

  • Safe means that Kaspersky has not detected any threats.
  • Suspicious that a file “may pose a threat in some cases”.
  • Infected that a threat has been identified.

One interesting feature of Kaspersky VirusDesk is the option to “disagree with the scan”. This is probably most useful to software authors who have had their program identified as a threat by the scanner. They may submit the file using the disagree option so that it is analyzed further by Kaspersky Labs.

Kaspersky VirusDesk can scan archives as well. If you want to scan multiple files, you can either have them scanned one after the other, or put them all in a password protected zip file using the passwords infected or virus, and sent them to the service in one go.

The maximum file size is limited to 50 Megabytes however. This means basically that you cannot use the service to scan some files. Virustotal does that better as it supports files up to a size of 128 Megabytes.

Kaspersky VirusDesk may also be used to scan links. Simply enter a link address in the field, and hit the scan button. You can paste the URL, or type it manually.

kaspersky link scan

Links may have a poor, good, or unknown reputation. Good means that Kaspersky did not find any evidence of phishing or malicious activity on the linked resource, poor that it contains phishing or malicious content, and unknown that Kaspersky does not have enough information in its Security Network database to identify the link reputation at that time.

Webmasters can disagree with results; great if your site is flagged and you want the issue to be resolved.

Verdict

Kaspersky VirusDesk is a handy online service to scan files or links quickly for threats. The service is let down somewhat by the relatively low maximum file size it supports. Webmasters and software authors on the other hand may find it useful to deal with false positives that Kaspersky may identify in sites or programs.

Article source: https://www.ghacks.net/2017/06/21/kaspersky-virusdesk-online-file-and-link-scanner/

Posted in Kaspersky | Comments Off on Kaspersky VirusDesk: online file and link scanner

Roundup: McAfee throws shade at Grigson; IndyCar eyes global …

This roundup in The Score covers the gamut from racing—two- and four-wheeled—to expanded Lucas Oil Stadium tours and a new NFL ticket sales plan. It starts off with a volley of shots fired at former Indianapolis Colts General Manager Ryan Grigson.

McAfee throws shade at former Colts GM on air

Pat McAfee isn’t holding back when it comes to his feelings about former Indianapolis Colts General Manager Ryan Grigson.

The former Colts punter on Monday told Pro Football Talk’s Mike Florio that when Grigson was fired, “happiness levels” in Indianapolis “went through the roof.” 

When asked by Florio what blockbuster NFL trade he’d like to see, McAfee unleashed this gem:

“I’ve been really thinking about this one, Mike, deep down in my soul. And I want to do something that is good for America. The fourth of July is coming up,” McAfee told Florio on his “PFT Live” radio show. “I want the Cleveland Browns to trade Ryan Grigson to Canada. Yep, easy as that. Send him to the [Canadian Football League]. Whenever he left Indianapolis, happiness levels went through the roof. We get him out of America, I think all of America will be happier, and that’s what the world needs right now.”

The Browns hired Grigson as senior personnel executive last month—four months after the Colts fired him.

McAfee, who at 29 retired after last season to expand his opportunities off the field as an entertainment mogul, said his feelings for Grigson were formed during their very first meeting when, according to McAfee, Grigson told the punter he “was the lowest thing in the organization” and intimated that the only reason he was remaining with the team is because team owner Jim Irsay wanted the punter on the Colts’ roster.

Irsay’s instincts turned out to be correct, as McAfee was not only a fan favorite but turned out to be a Pro Bowl kicker (2015 and 2017), who handled not just punting but kickoffs for the Colts. And he was arguably the best tackler among kickers in the league.

Grigson could not be reached Wednesday for comment.

Lucas Oil Stadium expanding tour schedule

Eric Neuburger didn’t take long to make his mark on Lucas Oil Stadium.

Two months after replacing long-time Lucas Oil Stadium Director Mike Fox, Neuburger announced an expansion of the number of tours being offered for the 63,000-seat venue, which hosts everything from Indianapolis Colts games and Final Fours to monster truck rallies and concerts.

Beginning July 3, Lucas Oil Stadium public tours will be available Monday through Friday at 11 a.m., 1 p.m. and 3 p.m. excluding holidays and event days. This is a 150 percent increase over previous tour offerings, Neuburger said, and is in direct response to visitor demand.

“7,478 visitors have taken part in the Lucas Oil Stadium tour program so far in 2017,” Neuburger said in a media release. “Expanding this opportunity for residents and visitors to have a peek behind the scenes of this icon of the Indianapolis skyline is a demonstration of its increasing esteem as we approach the venue’s 10th football season.” 

Lucas Oil Stadium public tours begin and end at the Colts Pro Shop on Capitol Avenue and feature 90-minute guided tours of features such as the playing field, locker rooms and press box.

For tour information, call 317-262-8600, or visit lucasoilstadium.com. 

Neuburger, the son of former Indiana Sports Corp. President Dale Neuburger, spent the last decade working as senior associate athletic director for administration and external alliances at Indiana University in Bloomington. There, he reported to IU Athletic Director Fred Glass, a former president of the Marion County Capital Improvement Board. The CIB owns and oversees Lucas Oil Stadium.

IndyCar looks to race internationally

Under Hulman Co. CEO Mark Miles, the IndyCar Series has seen decent domestic growth. But significant international growth has largely eluded the series under his direction.

Miles continues to look at possible international venues for the open-wheel series. Most recently he’s taken a hard look at China and Mexico with the hope of adding a race in one of those markets in 2018.

The best bet for an international race in 2018 is Mexico, IndyCar officials told The Score. IndyCar executives are talking to promoters in Mexico and China, but series officials said a deal to race in China likely won’t come together until 2019 at the earliest.

One issue is finding a venue and promoter willing to cough up an eight-figure sanctioning fee. For domestic races, the IndyCar Series usually commands a $1 million to $2 million sanctioning fee, but series officials seek a higher fee for a race on foreign soil to help the teams and series cover costs involved with international travel.

Alonso returning to Indy?

Speaking of international growth, the inclusion of Formula One star Fernando Alonso caused TV ratings for this year’s Indianapolis 500 to grow in many European markets. In Spain—Alonso’s home country—broadcaster Movistar attracted more viewers for the Indianapolis 500 than for F1’s Monaco Grand Prix the same day.

Zak Brown, founder of Zionsville-based Just Marketing International and now the director of Alonso’s McLaren team, told reporters at the Indianapolis Motor Speedway in late May the team could be back to contest next year’s Indy 500 and even raised the possibility that McLaren could race a team full-time in the IndyCar Series.

“We got a great return on investment and it was a feel-good story for lots of people in motor racing,” Brown said of Alonso’s 2017 Indy 500 effort. Alonso was in contention when he blew an engine on lap 179.

IU Health renews cycling race title sponsorship

Indianapolis’ biggest cycling race has re-signed its title sponsor for a three-year term.

Indiana University Health has inked a deal to remain title sponsor of the Indy Criterium Bicycle Festival through 2019. This year’s event takes place July 8 on Monument Circle. 

IU Health first sponsored the event in 2015.

The IU Health Indy Criterium Bicycle Festival has experienced significant growth since its inception in 2010, due in part to the popularity of bicycling as a fitness activity as well as a means of transportation, race organizers said.
 
“The health and well-being of all Hoosiers is of the utmost importance to IU Health,” IU Health Vice President Mike Yost said in a statement. “IU Health is a strong supporter of this event, because if we can encourage more people in our community to be active, the healthier we will be.”
 
In addition to continuing as title sponsor, IU Health will also offer a bike safety course for children, along with information on Change the Play, a Riley Children’s Hospital at IU Health program to promote health, fitness and overall wellness. 

IU Health leaders will be participating in this year’s VIP Celebrity Relay Race presented by The National Bank of Indianapolis and Faegre Baker Daniels. It will feature local celebrities, mascots and business leaders, including Indianapolis Mayor Joe Hogsett.
 
“Last year, we changed up the format of our VIP Celebrity Race to four-person relay teams competing on Pacers Bikeshare bicycles,” said Jennifer Cvar, the event’s founder and director. “The crowd loved it, and this race became the one of the highlights of our day. We are thankful to our sponsors for allowing us to bring it back for the 2017 event.”
 
The IU Health Indy Criterium Bicycle Festival is the largest criterium race (on a one-mile or shorter circuit) in the state of Indiana and one of the largest in the Midwest, race organizers said. More than 600 professional and amateur cyclists are expected to compete, drawing more than 10,000 spectators throughout the day.
 
The race runs on a one-mile figure-8 course looping through the heart of downtown Indianapolis over the Monument Circle bricks. There will also be food and other vendors at the event.

All proceeds of the IU Health Indy Criterium benefit Freewheelin’ Community Bikes, a local not-for-profit committed to enhancing life skills for community youth through bicycles. In total, the Indy Criterium has contributed more than $105,000 to Freewheelin’s Earn-A-Bike program since 2010, helping hundreds of Indianapolis-area youth earn bicycles of their own.

Ticketmaster’s exclusive NFL deal likely to end

Ticketmaster’s corner on the NFL ticket market could end following the 2017 season.

NFL officials are instead considering a deal to let multiple ticket sellers including Ticketmaster, StubHub, Amazon and possibly even Twitter sell its tickets, both on the primary and secondary markets. 

“The idea is to allow tickets to be available in as many places as possible,” a source close to the league told Sports Business Journal following last months’ NFL owners’ meeting. “We want to make it easy [for fans to get tickets].”

Ticketmaster handles primary ticket sales for all of the league’s 32 NFL teams with the exception of Detroit, and is the league’s official secondary ticket provider, operating the NFL Ticket Exchange.

Concern remains among team owners and league executives that companies like StubHub and other smaller companies don’t have the knowledge and or financial wherewithal to do the job—or even part of it—that Ticketmaster is doing now for the NFL.

Article source: https://www.ibj.com/blogs/4-the-score/post/64307-roundup-mcafee-throws-shade-at-grigson-indycar-eyes-global-expansion

Posted in McAfee | Comments Off on Roundup: McAfee throws shade at Grigson; IndyCar eyes global …