MRA Consultants has been trading for over 20 years, during this time I have built up a reputation for service, reliability and value for money. A small sample of local business I serve include  Maryport Bodyworks Centre, ABI Motor body Repairs, Taylors Joinery And Plastics, West Cumbria domestic Violence, Distington Community Centre, Macs Removals Ltd .Engineering Pipework Services Ltd, Distington club for young people, Ewanrigg Community Centre, CMS, Robin Dargavel Ltd, Lake District Coast Aquarium as well as countless numbers of individuals. Over 99% of my business comes from referrals. I was the first in the area to pioneer no fix no fee and no call out charges.

Virus Bulletin news

VB2014 paper: Ubiquitous Flash, ubiquitous exploits and ubiquitous mitigation

Chun Feng and Elia Florio analyse two Flash Player vulnerabilities and an IE one where Flash provides a helping hand.

Since the close of the VB2014 conference in Seattle in October, we have been sharing VB2014 conference papers as well as video recordings of the presentations. Today, we have added 'Ubiquitous Flash, ubiquitous exploits and ubiquitous mitigation' by Microsoft researchers Chun Feng and Elia Florio.

Last week's news about a zero-day vulnerability in Adobe's Flash Player being used in the Angler exploit kit once again highlighted how Flash Player vulnerabilities affect almost every user of the Internet.

CVE-2015-0311 (which has since been patched; Trend Micro's Peter Pi wrote a thorough analysis here) wasn't the first serious Flash Player vulnerability, and it won't be the last.

Read more (4 paragraphs)

Frequently asked questions about VB2015 conference submissions

No, it doesn't have to be about malware and no, it doesn't have to be deeply technical either!

Last month, we opened the call for papers for VB2015, the 25th Virus Bulletin conference, which takes place 30 September to 2 October in Prague, Czech Republic.

We've had some excellent presentations at the VB conference in recent years, and we are never short of high-quality submissions to fill the schedule. Nevertheless, we're always on the look out for new speakers and new content. To help anyone who's unfamiliar with the VB conference, we've prepared a list of answers to some frequently asked questions about the event.

Do the papers have to be about malware?

Read more (46 paragraphs)

Linux systems affected by 'GHOST' vulnerability

Proof-of-concept email gives remote access to Exim mail server.

If you administer Linux-based systems, you'd better schedule some time for patching, as a serious buffer overflow vulnerability has been discovered in the glibc library.

The vulnerability exists in the gethostbyname() and gethostbyname2() functions, which are used to resolve hostnames - hence any piece of software that connects to the Internet is potentially vulnerable.

The good news is that these functions shouldn't be used anyway and, in fact, were fixed in May 2013. The bad news is that not only do many programs still use them, but that, when the fix was applied, it wasn't recognised as a security threat - hence many stable and long-term-support distributions remained vulnerable.

The vulnerability was discovered by researchers from Qualys, who gave it the name 'GHOST' (its more official name is CVE-2015-0235) and also designed a fitting logo. In the detailed advisory, the researchers explain how they wrote a proof-of-concept exploit where an attacker gains full control of an Exim mail server merely by sending specially crafted strings during the SMTP transaction.

Read more (6 paragraphs)

VB2014 paper: Design to discover: security analytics with 3D visualization engine

Thibault Reuille and Dhia Mahjoub use DNS data to look for clusters of malicious domains.

Since the close of the VB2014 conference in Seattle in October, we have been sharing VB2014 conference papers as well as video recordings of the presentations. Today, we have added 'Design to discover: security analytics with 3D visualization engine' by OpenDNS researchers Thibault Reuille and Dhia Mahjoub.

Our friends are at AV-Test and the USENIX conference - at least, those are the websites that, according to data from OpenDNS, people visiting www.virusbtn.com tend to visit as well.

The use of such DNS-based 'big data' doesn't just provide nice little nuggets of information though: in their VB2014 paper, Thibault Reuille and Dhia Mahjoub apply the same technique to command and control domains (typically using domain generation algorithms, or DGAs) for botnets.

In the paper, they study the domains used by the now defunct CryptoLocker ransomware and show how using only a few known DGA-domains as input, and without having to study the malware itself, they were able to find all the domains used.

Read more (5 paragraphs)

Adobe to patch Flash Player zero-day next week

Patch due next week as malvertising leads to Bedep trojan downloader.

As the news of a zero-day vulnerability in Adobe's Flash Player actively being exploited reached the security community, the company made an out-of-band patch available on its website. It now appears that this update - version 16.0.0.287 - patches another vulnerability ( CVE-2015-0310), but does not patch this latest flaw, which has been given CVE number CVE-2015-0311.

Adobe says that a patch for the latest vulnerability will be made available next week. It rates the vulnerability as critical and confirms that it is actively being exploited in the wild.

Even if you have the latest Flash Player version installed, making it click-to-play is very important.

Meanwhile, researchers at ZScaler provide more details on the use of the vulnerability in the Angler exploit kit. They say that two legitimate ad networks are being used to serve malicious ads, which redirect users to the exploit kit. This is then used to push the 'Bedep' trojan onto the victim's system.

Read more (3 paragraphs)

Telephone 01900516363
Visitors to this page : 8,214

Digital Solutions  for Cumbria

 

 

Mobile 07944982166