[Sunnet Alert] Advisory #212 - Multiple News

Security and IT News Alerts alertmailinglist at skiifwrald.com
Thu Mar 22 00:26:31 EST 2007 

Sûnnet Beskerming Alert List Advisory #212

You are receiving this message because you have subscribed to our  
Information Security Alert Mailing List, or have been selected for a  
specific one-off copy.  If you believe that you are receiving this  
message in error, please contact info at beskerming.com to resolve the  
error.

Why not upgrade to get same day notification on security threats?   
Details and rates available online -
(http://www.beskerming.com/premium/generic_advisory.html).

Why not go the next step and get delivery tailored just for your  
company?
(http://www.beskerming.com/premium/focussed_advisory.html)


Contents
--------------------------------------------------------------------
1.	SECURITY
--------------------------------------------------------------------

=======================================

/*
	- Remote or Local - Can it be achieved through a network or does it  
require physical access?
	- Hacker - The bad guy
	- Manual or Automatic  - Does the vulnerability need to be manually  
performed, or can it be automated?
	- Control, Denial of Service or Data Theft - Will the hacker get  
control of your system / website, will they prevent you from using  
it, or will they steal data.
*/
--------------------------------------------------------------------
2.    NEWS
--------------------------------------------------------------------
2.1	Still No Prevention For Social Engineering
2.2	Confusion Over Vulnerabilities
2.3	Web Security Rumblings
=======================================

1.	SECURITY

=======================================
/*
Threat Matrix:
	U - User
	O - Operator
	Harmless - 0 ----- 10 - Highly Critical
*/
=======================================

2.	NEWS

2.1	Still No Prevention For Social Engineering

As reported recently numerous sources, a talented social engineer  
(con man) managed to sweet talk his way into the vaults at ABN Amro  
in Antwerp, where he subsequently stole £15 million worth of diamonds  
(120,000 carats).  Reports covering the theft claim that the thief  
managed this feat using nothing more than chocolates that he had  
bought for bank staff, and his innate charm.

Despite the bank having 'one of the most sophisticated security  
systems in the world', the theft was carried out without the use of  
any weapons or high-tech burgling tools (except charm).  It serves as  
an excellent example of how the weakest link in the security chain is  
often the human link.


2.2	Confusion Over Vulnerabilities

Like any major software project, the alternative Office productivity  
suite, OpenOffice.org (OO.o), has a number of current and historical  
bugs, some of which are critical and can cause major system damage if  
exploited.  A recent set of serious and critical bugs were patched by  
a number of Linux Distribution vendors over the last few weeks, each  
applying their own specific numbering scheme to the resultant  
software binary, which is different from the OpenOffice.org official  
binary numbering.

A number of security vendors recently picked up on the fact that one  
of the patches being supplied is for a serious vulnerability  
affecting a core component of the spreadsheet (Calc) software that is  
part of OO.o and have reported it as being a completely new  
vulnerability without patches available.  The only problem with that  
approach is that 5 minutes with the search engine of your choice will  
turn up evidence that not only has this issue been discussed publicly  
for some time (just not on any high traffic forums), but it has  
already been fixed in a number of distros.


2.3	Web Security Rumblings

Some very interesting independent research has come to light in  
recent days and weeks from numerous well known (and not so well  
known) Information Security researchers that focus on Web Security.

The issue of JavaScript vs VBScript has come up (again), and  
highlights the problems that come from running active scripting  
support in browsers - allowing the client to do a lot of the heavy  
lifting can cause issues in the long run.  Browser detection has also  
taken another step forward, with description of a technique that will  
allow for discovery of the default Windows browser,   There has also  
been discussion of a 'Metasploit'-style automated web application  
security testing framework (though the final product is not quite  
like Metasploit - and there are actually two tools out there at the  
moment), and there has been coverage of concerns about the ability to  
poison a victim's web cache with malicious data by using Cross Site  
Request Forgery (and combining with Flash to really cause someone a  
bad day).

By demonstrating the ease by which a cache can be compromised, it  
highlights how untrustworthy the data stored in the cache really is.

=======================================

Sincerely,

Sûnnet Beskerming Team
info at beskerming.com
Sûnnet Beskerming Pty. Ltd.
Adelaide, Australia
http://www.beskerming.com
Tel: +61 (0) 410 707 444

** Sûnnet Beskerming Pty. Ltd. **

Established in mid 2004, Sûnnet Beskerming Pty. Ltd. is the sister  
company to Jongsma & Jongsma Pty. Ltd., and was formed to develop and  
commercialise the research coming out of Jongsma & Jongsma Pty. Ltd..  
Sûnnet Beskerming Pty. Ltd. is an Information Security specialist  
and, in conjunction with the tools developed by Jongsma & Jongsma  
Pty. Ltd., provides total security solutions and services, from the  
perimeter to internal data stores, including web application security  
and security testing and analysis.

More information about the Alertmailinglist mailing list