Incident Response, Malware, Network Security, TDR, Vulnerability Management

Leading news from Microsoft, Oracle, Global Payments and more

»Microsoft identified a China-based network security company as the one responsible for the leak that led to the development of proof-of-concept code for a Windows vulnerability that was patched in March. Hangzhou DPTech Technologies Co. breached its non-disclosure contract with the Microsoft Active Protections Program (MAPP). As a result, Microsoft removed DPTech from the program. Under MAPP, Microsoft shares vulnerability details with approved software security providers prior to releasing its monthly patches.

»The Cyber Intelligence and Sharing Act (CISPA) passed the U.S. House and now awaits Senate consideration. Two other cyber security bills currently are circulating through the Upper Chamber, so it remains to be seen whether CISPA, which critics argue permits the sharing of personal – not just threat – data with the Department of Homeland Security and National Security Agency, will find success.

»Global Payments, the Atlanta-based processor that suffered a breach of credit card data, may have lost up to seven million numbers, according to the Wall Street Journal. That figure is much higher than the company's public estimate of 1.5 million numbers. In addition, Global Payments said it detected the compromise in March, but that contradicts alerts sent to banks by Visa and MasterCard, which pegged the start time of attack to be in January.

»Oracle acknowledged a still-unpatched database vulnerability for which proof-of-concept (PoC) code was published by a researcher who believed the hole had been plugged. Oracle advised users to apply workaround measures and configuration changes as noted. The serious vulnerability is remotely exploitable without the need for authentication by the attacker and affects current versions of the database. Four years ago, researcher Joxean Koret reported the man-in-the-middle flaw. In Oracle's most recent security update, Koret was credited with the find – which prompted him to create a PoC – but it turns out the vulnerable code was only fixed in future versions of the database.

»The worm responsible for causing one of the worst-ever malware outbreaks on Windows systems is still hanging around. Conficker, discovered in November 2008, remains a major business threat, according to Microsoft. Despite a patch that closes the hole that allows the worm to spread, researchers are still witnessing a spike in attempts to infect new machines.

»The Internet Crime Complaint Center (IC3) warned travelers to be on the lookout for malware on their hotel's wireless connection. According to the alert, attackers are distributing trojans under the guise of a security update when guests try to connect to the hotel's Wi-Fi network. Thanks to their corporate networks commonly using weak passwords and unpatched systems, and having poor network segmentation, hotels can be easy pickings for hackers.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.