Threat Level: green Handler on Duty: Tom Webb

SANS ISC: InfoSec Handlers Diary Blog - Internet Storm Center Diary 2014-08-14 InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

PHP 5.3.29 is available, PHP 5.3 reaching end of life

Published: 2014-08-14
Last Updated: 2014-08-14 16:15:15 UTC
by Basil Alawi S.Taher (Version: 1)
0 comment(s)

The PHP development team announces the immediate availability of PHP 5.3.29. This release marks the end of life of the PHP 5.3 series. Future releases of this series are not planned. All PHP 5.3 users are encouraged to upgrade to the current stable version of PHP 5.5 or previous stable version of PHP 5.4, which are supported till at least 2016 and 2015 respectively.

PHP 5.3.29 contains about 25 potentially security related fixes backported from PHP 5.4 and 5.5.

For source downloads of PHP 5.3.29, please visit our downloads page. Windows binaries can be found on windows.php.net/download/. The list of changes is recorded in the ChangeLog.

For helping your migration to newer versions please refer to our migration guides for updates from PHP 5.3 to 5.4 and from PHP 5.4 to 5.5.

http://php.net/

Keywords:
0 comment(s)

Threats to virtual environments

Published: 2014-08-14
Last Updated: 2014-08-14 12:10:46 UTC
by Basil Alawi S.Taher (Version: 1)
0 comment(s)

In the past few years the virtualization concept becomes very popular. A new study by Symantec [1] discussed the threats to the virtual environment and suggests the best practice to minimize the risk.

The study show the new security challenges with the virtual environment, threats such as that the network traffic may not be monitored by services such as IDS or DLP.    

The paper covers how malware behave in virtual environment . One example of malware that target virtual machines is W32.Crisis .This malware doesn??t exploit any specific vulnerability , basically it take the advantage of how the virtual machines are stored in the host system. Virtual machine is stored as a set of files on the storage and it can be manipulated or mounted by free tools.

The study address using VMs as a system for malicious code analysis, for example in some cases when a malicious code detects that??s its running in a virtual machine it will send a false data such as trying to connect to C&C with wrong IP.  The study show that the number of malware that detect Vmware has been increased in the past couple years. For more reliable results the study suggests that security researcher should use physical hardware in controlled network instead of virtual machines.  

In the last section of the paper it suggest the best practice to secure the virtual environment.

1 http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/threats_to_virtual_environments.pdf

Keywords: virtual vmware
0 comment(s)
ISC StormCast for Thursday, August 14th 2014 http://isc.sans.edu/podcastdetail.html?id=4105
Diary Archives