Zero-Day Comms/Adobe Flash Exploit

Alert: Adobe Flash has experienced another exploit.

Contact your customers to make them aware of the zero-day vulnerabilities in Adobe Flash that were found in stolen data that had been posted online as a result of a breach at Hacking Team.

The vulnerability is a ByteArray class user-after-free (UAF) vulnerability which can be used to override PC functions, change the value of objects and reallocate memory. It affects versions of Adobe Flash Player 18.0.0.204 and earlier. Many organizations deploy Adobe Flash inside their networks, and given the widespread proliferation of the software, the risk of attack is high. Our Threat Intelligence team has created a signature for the vulnerabilities, which protects Symantec Endpoint Protection and Norton customers from the likely risk of the exploit’s use in cyber-attacks this

Use this event as an opportunity to ensure that your customers are taking the necessary steps to protect themselves and discuss the bigger issues of the fallout from Hacking Team being breached. Reinforce yourself, and Symantec, as a trusted security partner. Share best practices for hardening of networks and ensuring that sensitive data, e.g. bug-bounty program data, remains secure.

OVERVIEW

It was made public earlier this month that Italian hacker-for-hire surveillance firm, Hacking Team, had itself been breached. The company, known for selling intrusion and surveillance tools to governments and law enforcement agencies had been the target of an attack in which the attacks had uploaded 400GB of data onto Pastebin. The data dump contained various information such as email communications, customers’ information, invoices, source code, among others.

Over the weekend of July 10th, Trend Micro and FireEye independently announced that they had discovered two zero-day vulnerabilities in Adobe Flash that were found in the stolen data that had been posted online as a result of the breach at Hacking Team. At this time the exploits are proofs-of-concept, yet the code can be executed on the latest version of Flash Player. The vulnerability, dubbed the “most beautiful Flash bug for the last four years” in Hacking Team’s internal notes, is a ByteArray class user-after-free (UAF) vulnerability which can be used to override PC functions, change the value of objects and reallocate memory. It affects versions of Adobe Flash Player 18.0.0.204 and earlier. Symantec has added detection for the exploits as Hacktool and has created an AV signature to detect the exploits.

WHY THIS MATTERS TO MY CUSTOMERS

Organizations that allow Adobe Flash to run on their endpoints are vulnerable to this exploit. The vulnerability affects Windows, Macintosh, and Linux operation systems. A successful exploitation could cause a crash and potentially allow an attacker to take control of the affected system. We consider this to be a high severity incident, and encourage customers to take immediate action to prevent damage from happening. Network users running affected versions of Adobe Flash could be victims of drive-by downloads.

SHOULD I REACH OUT TO MY CUSOMTERS?

We recommend that you contact your customers to make them aware of this vulnerability. Many organizations deploy Adobe Flash inside their networks, and given the widespread proliferation of the software, the risk of attack is high. Use this event as an opportunity to share the information provided in this bulletin to ensure that your customers are taking the necessary steps to protect themselves while reinforcing yourself, and Symantec, as a trusted security partner.

Important Talking Points

  • Our Threat Intelligence team has created a signature for the vulnerabilities, which protects Symantec Endpoint Protection and Norton customers from the likely risk of the exploit’s use in cyber-attacksthis week.
  • Symantec’s Security Response blog will keep you current on developments pertaining to this situation, including mitigation instructions.
  • Discuss the bigger issue of the fallout from Hacking Team being breached. Share best practices for hardening of networks and ensuring that sensitive data, for example, bug-bounty program data remains secure. Symantec provides solutions that can protect organizations from such attacks.

Q: When was this incident/vulnerability/threat discovered?
A: The vulnerability proof of concept was discovered within the Hacking Team leaked data on July 10 PDT and was shared on Twitter.
Q: How significant is this incident and why?
A: This incident is significant due to the prevalence of Adobe Flash and the fact that upon first analysis, the proof- of-concept code can successfully exploit the latest version of Adobe Flash (18,0,0,203). We are not aware if this vulnerability is being exploited in the wild. With the proof of concept disclosed, we can expect to see it released in the wild very soon.
Q: Which OS platforms are being targeted or could potentially be affected?
A: Critical vulnerabilities (CVE-2015-5122, CVE-2015-5123) have been identified in Adobe Flash Player 18.0.0.204 and earlier versions for Windows, Macintosh and Linux.

  • Adobe Flash Player 18.0.0.203 and earlier versions for Windows and Macintosh
  • Adobe Flash Player 18.0.0.204 and earlier versions for Linux installed with Google Chrome
  • Adobe Flash Player Extended Support Release version 13.0.0.302 and earlier 13.x versions for Windows and Macintosh
  • Adobe Flash Player Extended Support Release version 11.2.202.481 and earlier 11.x versions for Linux

Q: Is user interaction (other than normal web browsing, file opening, email viewing, etc.) required to become infected?
A: This vulnerability could be exploited by way of drive-by-download.
Q: Do Symantec/Norton products (Win/Mac/NMS) protect against this threat?
A: We have added detection for the exploits as Hacktool. Antivirus detection has been introduced as Exp.CVE- 2015-5122. This detection is available as of definitions version 20150711.022. We also have confirmed that the following IPS signature proactively blocked the Proof-of-Concept exploit code: Web Attack: Malicious SWF Download 30.
Q: Has this vulnerability been exploited in the wild?
A: At the moment, we are not aware, but because the information came from Hacking Team’s leaked data, it may have potentially been used, however, is it unlikely to be widespread. With the vulnerability disclosure, we can expect it to be rolled out to exploit kits in the coming days.
Q: Has the vendor issued an alert or advisory?
A: Adobe has launched an investigation on this vulnerability and has released a security bulletin and has stated that a patch will be released this week.
Q: Has the vendor issued a patch for this vulnerability?
A: No, not at this time.
Q: Are there any other sources of information on this threat (i.e. from our competitors) which have already been issued?
A: FireEye and TrendMicro released a blog about the vulnerability CVE-2015-5122 presented in this alert and have been credited with discovering the two exploits.
Q: Is Symantec releasing a public blog about this vulnerability?
A: The external blog has been published today over EMEA shift and it can be viewed in the Security Response Blog here.

 

Reference by symantec

A special offer and new controls for Security Key administrators

Last year, Google worked with the FIDO Alliance standards organization to launch the Security Key — an actual physical key used to simplify 2-Step Verification with Google Accounts. The key adds a layer of protection as it sends an encrypted signature rather than a code, ensuring that login information cannot be phished.

Recently, we announced that we’ve been working on new controls for Google Apps admins to easily deploy, monitor and manage SecurityKeys for their domains via the Admin console, with no additional software to install. Today, we’re excited to announce that these controlsare ready and available in the Admin console for Google Apps Unlimited and Google Apps for Education customers. We also have worked on a new special offer for Google Apps for Work customers that allows them to purchase Security Keys at a 50% discounted rate from Yubico, Security Key manufacturer.

Once Security Keys have been activated by individuals within a domain, Google Apps admins will now be able to do the following with today’s release:

  • See where and when people last used their keys with usage tracking and reports (Admin console > Reports > Audit > Admin)
  • Easily revoke access to lost Security Keys and provide backup codes so people can still sign-in and get work done (Admin console > Users > Open details for person in question > Security Keys)

We are using Security Keys at Google because it makes our lives easier and increases security. With these new controls, Google Apps admins can offer the same benefits to people in their domain.

Check out the links below for more information.

Note: the new admin controls are available for Google Apps Unlimited and Google Apps for Education customers only. Customers using other Google Apps editions can use Security Keys, but people in their domain must revoke their own keys using My Account.

Release track:
Rapid release and Scheduled release

Reference by www.google.com

 

Publish Google Sheets spreadsheets in five additional formats

In Google Sheets on the web, if a person wants to make a spreadsheet available for a large audience to see, they can publish the file as a web page. Once that file is published, the person receives a URL that can be sent to whomever they choose or embedded into a website. Today’s launch allows people to publish spreadsheets in five additional formats—as comma-separated values (.csv), tab-separated values (.tsv), a PDF document (.pdf), a Microsoft Excel® spreadsheet (.xlsx), or an OpenDocument spreadsheet (.ods). The URL generated, when opened in a browser, will automatically download the spreadsheet in the chosen format (spreadsheets in these additional formats cannot be embedded).

Publish Google Sheets spreadsheets in five additional formats

Google Sheets

Try out this new feature in Google Sheets on the web today.

Release track:
Rapid release and Scheduled release

Reference By www.google.com

Secure Cyber Space for Digital India with Cyberoam Security

Comprompt Secure Cyber Space for Digital India with Cyberoam Security

Secure Cyber Space for Digital India

Cyberoam Security

As India embarks on its grand mission to accelerate digital empowerment and build a knowledge economy, we reaffirm our commitment as a security stalwart underpinning the organizations and institutions involved in this transformation.

comprompt cyberoam UTM & NGFW
UTM & NGFW

comprompt cyberoam IView
iView

comprompt cyberoam Cyberoam Central console
Cyberoam Central Console

Accept or reject external guest requests to join Hangouts video calls with the Hangouts iOS app

Google recently completed the cross-platform rollout of a feature allowing Google Apps customers to share links to Hangouts video calls so that external meeting guests may request to join if not explicitly invited.

Previously, video calls shared with the link required someone in the Apps domain of the Hangout video call to accept those requesting access on the web. With today’s launch, we’ve enabled this accept or reject functionality in the latest version of the Hangouts iOS app.

To accept or reject a request to join a video call on your mobile device, tap the ‘Accept’ or ‘Decline’ button in the pop-up screen that appears when a guest is requesting to join.

comprompt Accept or reject external guest requests

This functionality is coming soon to the Hangouts Android app.

Release track:
Rapid release and Scheduled release

reference by google.com

iOS Account Wipe and new features in Android for Work MAM

This week, we’re introducing iOS Account Wipe (i.e. Selective Wipe), which allows Google Apps admins to safely delete an employee’s corporate account and data from their iPhone or iPad without impacting that employee’s personal space (e.g. their personal photos). The existing Remote Wipe functionality, which allows admins to wipe an employee’s entire device, will remain unchanged.

Account Wipe

In addition, as part of an ongoing effort to make Android even more valuable to our customers, this week we are launching enhanced functionality for Android Mobile Application Management (MAM), a core capability that we introduced with our initial support of Android for Work. These new features can help admins get their employees up and running on Android for Work faster (with auto-install into an employee’s Work Profile) and stay productive (by preventing employees from uninstalling certain apps)—while at the same time keeping data protected (with widget control).

Android MAM

The Google Apps Device Policy app for Android is concurrently updated to display additional information about the device when the employee is using a Work Profile (e.g. the unknown sources status, developer options status, and domain names of other accounts added to the Work Profile).

Reference by google.com

More options for charts, cells, and collaboration in Google Sheets on the web

When working with spreadsheets, it’s important to take raw figures and turn them into a story. Today’s update to Google Sheets on the web allows people to do just that, offering even more ways to visualize and analyze data.

Customized charts, made easier
Charts can make even the largest data sets digestible, so we’ve made a few improvements to help people highlight what’s most important. With this launch, people can now:

  • Use data labels to display the exact values of bars and points in charts.
  • Choose different shapes and symbols for data points in both line and scatter charts.
  • Move and resize charts more easily.

Charts-Data-Labels_Shapes

Data, displayed right
Today’s launch also includes new tools for analyzing spreadsheet data. For example, people can:

  • Preview the results of a formula, including any formula errors, instantly as they type.
  • Filter rows and columns by conditions, including “less than,” “greater than,” “text contains,” “date after,” and more.
  • Add calculated fields to pivot tables in order to apply formulas to pivot table data.
  • Use the GETPIVOTDATA function to retrieve data from a pivot table.

Docs-Sheets-Formula-V2-7

Collaborate, confidently
Collaborating in Sheets can greatly improve the end product, but it’s important to avoid making accidental edits. Currently, people can restrict who can edit an entire worksheet or range of cells using the protected sheets and ranges feature. To reduce the number of unintended changes (e.g. typos) made by people who do have permission to edit, today’s launch includes the ability to warn individuals who attempt to edit certain cells. This will facilitate increased collaboration, as owners won’t need to set complicated permissions in order to allow others to work on the document.

Heads Up

Try these updated Google Sheets features on the web today, and start telling better stories with data.

Release track:
Rapid release and Scheduled release:

  • Calculated fields in pivot tables
  • GETPIVOTDATA functionality
  • Protected cell warnings

Live on Rapid release, with Scheduled release to follow on June 29th:

  • Data labels in charts
  • Custom data point shapes in charts
  • Moving and resizing charts
  • Formula previews
  • Filter by condition

Reference by google.com

Insert images into Google Sheets when offline

We’re making it easier for your employees to work on the go—and without Internet access—in Google Sheets on the web. With this launch, people can now insert images into Sheets even when they’re not online, provided they’re working in Chrome and have turned on offline access. Those images will be synced once the person gets back online. Try it out in Google Sheets today.

Release track:
Scheduled release and Rapid release

Reference by google.com

Google Slides now supports Chromecast and AirPlay

Today’s update to the Google Slides app makes it even easier to share presentations on big screens. With just your phone or tablet and the Google Slides app, you can present easily to any screen with Chromecast or AirPlay.

Google Slides now supports Chromecast and AirPlay

When you’re presenting on the big screen, you can use your smaller screen to advance slides, view speaker notes and stay on track with a timer. This way you can focus more on telling your story and engaging your audience, instead of on logistics.

Reference by google.com

Full-view screen sharing for Google Hangouts

For a richer experience when presenting screen-shared content, today we’re launching full-view screen sharing for Google Hangouts.

Moving forward, when people using Hangouts present to meeting participants in ‘Present to everyone’ mode─or another participant pins someone who is screen-sharing─Hangouts participants will see two changes to the user interface:

  • The screen shared content will use as much visible area of the screen as possible. The thumbnail photos of meeting attendees will overlay the content at the bottom of the screen by default.
  • A new button will be added to the control bar at the top to allow participants to hide the thumbnail photos of meeting attendees as desired.

screen sharing for Google Hangouts

 

Reference by google.com