Friday, December 18, 2015

If you use Outlook, be safe from "bomb emails"

The last round of patches for Outlook has revealed a serious risk for their users: malicious attachment can activate it only opening the mail, making unnecessarily clicking on them. We'll talk also about an important backdoor in Juniper firewall, about a big polemic which faces Facebook against a researcher and about the catalogue of devices used by the government to spy our telephonic communications.

Microsoft published the patch for this vulnerability the 8th of December, but until now we haven't got more details about this scary menace which allows to an attachment avoid all the Outlook controls and activate itself  without clicking on it. They must update this as soon as possible. It´s a specially sensible hole to corporate environments, where a simple attachment can hide the beginning of an important case of industrial spying or bank data theft.

Juniper Firewall

Equally serious is the backdoor discovered in the ScreeOS operating system´s firewalls, commercialized by Juniper Networks. The hole would have been in these firewalls since 2008 and would allow to an attacker access to the devices as an administrator and the possibility of decode its VPN connections.

Facebook doesn't want pay a reward

Terrible vulnerabilities, of course, but it´s even worse the vulnerability discovered by a researcher who decided to snoop around Instagram and he canned to enter "to the bottom," discovering the passwords of administrators and how to access not only to Facebook´s staff accounts, but also to their users. When Wes Winebergm, the researcher, presented his discoveries to Facebook, following according to him the rules of the rewards program, Facebook denied to reward him because says he would have not followed this same rules and he would have gone too far.

Devices for spies

And we finish the week with an  information unveiled by the newspaper of Edward Snowden's friends, "The Intercept": a catalogue of the different devices used by the military agencies and intelligence agencies of the USA Government to spy the telephonic communications of whom they think convenient. A good weekend lecture for high-level "gadgets" fans.

We wish to our readers a relaxed weekend.


Post a Comment