Quick post to clear out last week’s inbound material.
Threats (and fixes/updates)
- Update Palooza - ISC Diary - (Adobe Acrobat Reader now at 11.0.02, Thunderbird 17.03 out, iOS 6.1.2, Java 7.15, Java 6.41, Firefox 19, Adobe Flash Player 11.6.602.168). If you are impacted, get busy patching!
- Oracle plugs security holes: Updates for Java 1.4 to 7 - The H Security: News and Features - more technical details on the update fixes.
- Adobe patches Acrobat and Reader, Mozilla debuts Firefox built-in PDF viewer - Help Net Security
- Timeline: Hacks Related to Apple - F-Secure Weblog : News from the Lab
- Dev site behind Apple, Facebook hacks didn’t know it was booby-trapped - Ars Technica
- NBC.com hacked, serving up Citadel malware - HitmanPro blog - Note: threat now appears to be fixed.
- NBC.com hacked, briefly compromised with RedKit malware - ZDNet - Note: threat now appears to be fixed.
- NBC Website HACKED – Be Careful Surfing - Sucuri Blog - Note: threat now appears to be fixed.
- IWhen web sites go bad: bible . org compromise - ISC Diary - Note: threat now appears to be fixed.
- Mandiant Exposes APT1 – One of China’s Cyber Espionage Units & Releases 3,000 Indicators - M-unition - Super Duper threat analysis report from Mandiant. Download the PDF report file directly and take your time reading. MD5/SHA-1 hashes for the valid file provide…because…
- Fake Mandiant APT Report Used as Malware Lure - ISC Diary
- Threat Actors Using Mandiant APT1 Report as a Spear Phishing Lure - M-unition
- Mandiant APT1 report used as a lure in phishing campaigns - Help Net Security
- Malicious Mandiant Report in Circulation - Symantec Connect Community
- Mandiant APT2 Report Lure - 9b+
Updates
DEFT 8 Roadmap and features - DEFT Linux - Computer Forensics live cd - Coming mid April 2013
Update XORSearch V1.8.0: Shifting - Didier Stevens
USB Image Tool 1.60 - Alex’s Coding Playground - There are more than one way to image a USB drive, but this tool by Alexander Beug is IMHO one of the very, very best for ease of use and reliability. I would be lost without it. Alex has worked hard on this update and it brings auto-admin elevate request at launch, now supports non-removable USB devices such as hard-drives or card-readers, and it has a “reset” feature to overwrite the bootsector of the selected device with zeros to allow Windows to reformat the device to the original size (something USB Image tool can’t do). See the changelog for more details. As an alternative, also consider the free OSForensics tool ImageUSB.
iOS App trials, tribulations, and tips
An iOS Byline Issue - worked around
I’ve been gushing for some time about how I think Phantom Fish’s Byline app for iOS is super great. It is really fast pulling feeds and the interface is easy to navigate. It has really helped me stay in-touch with tech goings on during the day as I can now check all my RSS feeds on my personal iPhone. Before I was having to wait to the end of the day when I got home to check my personal feeds for news updates.
So last week I ran into my first problem with it.
I normally have it set to show 2,000 items; this allows me to go back and search for past feed articles after the fact. Additionally, I manage “Caching” with “Wi-Fi” only, images “on”. That’s pretty much it. There aren’t a lot of settings but they are enough.
So the problem was that mid-week, after the updating of the feeds occurred, the caching followed, but kept getting stuck showing “1 of 200”. It wouldn’t ever stop or move on.
It looks like a bad feed article was causing the caching to stop.
I sent an email to the Byline help team but still haven’t seen a response. It was super frustrating and I found a few others on the net who also had encountered the problem.
So what to do?
Eventually I figured out a workaround to allow the feeds to continue to drop and cache again without getting “frozen” so-to-speak.
I went back into the settings and changed my All Items option to “Show 200 items”.
What this let me do is to get past the stuck item by not caching it.
I’m not sure which one it is, but right now it is somewhere between the 200 and 500th feed item. If I set at “200” I’m fine. If I set at 500 (the next highest increment) it locks when it hits the bad feed.
Considering that on any given week-day, my feed count pull results in about 350 new article feeds, I project that by the end of next week I will have way-more new feeds and the bad one will have been shoved off the bottom of the stack.
It isn’t a "pretty” fix but it works and restores a level of functionality with caching of feeds in Byline in the meantime.
Recommendations to the Phantom Fish coders for the next Byline update:
- Code for an auto-skip of a feed if it doesn’t cache within a set/variable number of seconds; letting the user set the timeout period would be even better.
- Allow greater granularity of number of items to show. The stock choices of 100, 200, 500, 1000, and 2000 items may make sense, but I’d like to set my own custom number of feeds…especially if the first recommendation cannot be implemented.
That’s pretty much my only requests for an otherwise stellar application.
A Gmail App Badge notification issue - cleared
My second issue this week was when I was surprised to have my iOS Gmail App badge still showing “1” unread item, despite no unread messages showing in any of my accounts.
Hmm.
This really frustrated me.
Eventually I found others who have experienced this same issue and the workaround solution to clear it. Apparently it is not an unknown issue and has been present for some time.
How to reset/clear ios badge - Google Groups
Bruno O. Barros (llustreBOB) provided the “solution” to clearing it midway down in the thread:
The only solution working here is the one where I move the rogue message back to inbox, mark it as unread and then mark it as read again.
Sure enough. Since I remembered the last message I managed, in my iOS Gmail app, I moved the message back to the inbox, marked it “unread”, marked it “read” and then archived it again.
The notification message “1” cleared off my Gmail badge.
Dave Churchill --just a bit up in that same thread -- shows how to replicate the issue/fix if you want to play with it (though I don’t know why you would if the solution works).
I can reproduce this by doing this:
- Gmail app on iPhone has no badge.
- Send email to self on laptop
- Wait for Gmail on iPhone to receive email and show badge
- Read and archive the email on the laptop
- Open Gmail app to note there are no messages in inbox, refreshing still shows no messages, checking list of labels shows no unread messages.
- Press Home button to exit Gmail, badge remains at 1.
- Open Gmail again on iPhone. Navigate to All Mail, open the message (which is correctly displayed as already read). Badge still shows 1.
- Mark message as unread exit, badge still shows 1.
- Read message, exit, badge still shows 1.
- Move message to inbox. Badge now cleared.
Bump
Are you an iOS user feeling a bit jealous of those sexy Samsung phone-bump-transfer features?
I spotted this new (to me) app last week. I haven’t pulled the trigger on installing as I don’t really have a need for it just yet but it does seem like a cool and handy feature. So I’m keeping it on my “watch list”. Anyone have any experience or feedback with it yet?
- Bump for iPhone, iPod touch, and iPad - iTunes App Store
- Get Bumpin' With Bump For iPhone: Your Easy, Instant File Sharer [iPhone] - MakeUseOf blog.
- Bump - Home
Cheers!
--Claus Valca
 
