"Unauthorized code" in Juniper firewalls decrypts encrypted VPN traffic

Juniper Networks published an advisory saying that NetScreen firewalls using ScreenOS 6.2.0r15 through 6.2.0r18 and 6.3.0r12 through 6.3.0r20 contain unauthorized code that surreptitiously decrypts the VPN traffic by giving attackers administrative access. 

This system "backdoor" requires immediate patching! The vulnerability was discovered during a recent internal code review[1]. The "unauthorised code" in ScreenOS could allow a knowledgeable attacker to gain administrative access to NetScreen appliances and to decrypt VPN connections. 

Juniper Networks explained in a separate advisory that there are two separate vulnerabilities which are both described as “Unauthorised Code”.

The first flaw allows unauthorized remote administrative access to an affected device over SSH or telnet. Exploits can lead to complete compromise. "The second issue may allow a knowledgeable attacker who can monitor VPN traffic to decrypt that traffic," the advisory said. "It is independent of the first issue. There is no way to detect that this vulnerability was exploited." [2]

This Github repository contains notes, binaries, and related information from the analysis of the CVE-2015-7755 & CVE-2015-7756 issues within Juniper ScreenOS. See a detailed analysis by Rapid7. 

Joomla Critical 0day Remote Command Execution Vulnerability - Patch Now

A vulnerability that affects all versions of Joomla from 1.5.0 to 3.4.5 have just been released (CVE-2015-8562). 

The Joomla security team released a patch to address this critical remote command execution vulnerability that is already being exploited in the wild. 

Joomla is one of the most popular Content Management Systems (CMS), alongside Wordpress, Drupal and Magento. Joomla CMS is used to build web sites and online applications in conjunction with the many supported shopping cart, e-commerce and payment gateway extensions.  

Joomla users need to upgrade to version 3.4.6 immediately. For Joomla 3 and above, updating is a simple one-click process through the admin panel. For the unsupported versions 1.5.x - 2.5.x the users need to patch using the Joomla hotfixes.

Combating cybercrime during the holidays. Advice for retailers and shoppers

Online shopping, especially during the holiday period, is a massively important trading platform for many businesses. For online retailers their ability to service high customer demand and ensure the availability of their website throughout this period is crucial to their success.

The shopping frenzy has already started, with the adoption of Black Friday and Cyber Monday in many countries adding additional pressure on high street, and online retailers. In the UK and Europe, this only increased further during the holiday week and the discounts the day after Christmas. With these periods being hugely busy on the high street, an increasing number of shoppers are moving to the Internet to hunt for their bargains.

During this overwhelming period of spending, online retailers and shoppers need to be wary since this also is a lucrative period for Cybercriminals. In this article, we have highlighted a few key steps retailers and shoppers can take to keep themselves safe from cybercrime during the holidays.

Restore Points in Windows 8.1

How to create a Restore Point:
1. Press the WinKey+X to display the system menu and click System.
2. On the left side menu, click System Protection.
3. In the Protection Settings section, click the C: (system) drive.
4. Click the Create button.
5. Type a name for the System Restore file (The Date and Time will be added automatically).


Rolling Back to a Restore Point in Windows 8.1:
1.Save your work and then close all running programs.
2.Press the WinKey+X to display the system menu and click System.
3.On the left side menu, click System Protection.
4.Click the System Restore button.
5.Click Next
6.Select the restore point you’re considering and then click the Scan for Affected Programs button.
7.If you don’t see any major problems with the restore point click Close, and then click Next.
8.Follow the instructions to save any open files, close all programs, and then click Finish.

IRISSCON 2015 Recap - IRISSCERT

I had the pleasure of attending the 7th Irish Reporting and Information Security Service Computer Emergency Response Team (IRISSCERT) Cyber Crime conference (#IRISSCON) in Dublin, Ireland. See: www.iriss.ie

The event took place on Thursday, 19/Nov/2015 in the Berkley Court Hotel, in Ballsbridge Dublin. 

The annual all-day conference focuses on providing attendees with an overview of the current cyber-threats most businesses are facing; primarily in Ireland and throughout the world. During IRISSCON, experts share their thoughts and experiences on cybercrime and cybersecurity, while a number presentations provide the opportunity all attendees to discuss the issues that matter the most.

Thought leaders from the industry, academia and the government present at IRISSCON and the main audience is primarily the business community within Ireland, discussing the following topics:

• Cyber Crime
• Cyber Security
• Cloud Security
• Incident Response
• Data Protection
• Incident Investigation
• Information Security Threats
• Information Security Trends
• Securing the Critical Network Infrastructure

In case you are not aware of this, IRISSCERT is a not-for-profit company that provides a range of free services to Irish businesses, related to Information Security issues. Effectively, the mission is to help raise the awareness and counter the security threats posed to Irish businesses and its Internet space.