BlackBerry PlayBook OS v1.07.3312 Updated & Fixed Adobe Flash Vulnerability

A new version of the BlackBerry® Tablet OS is now available to all BlackBerry® PlayBook™ tablet users. BlackBerry Tablet OS v1.07.3312 contains an updated version of Adobe® Flash® Player. This free update can be downloaded over-the-air from your BlackBerry PlayBook tablet.

On September 21st, Adobe issued an update for Adobe Flash Player, as noted in Adobe Security BulletinsAPSB-11-26, which addresses issues that can potentially affect any PC, tablet, or other device with an operating system that supports Adobe Flash. 

While there are no known reports of any BlackBerry PlayBook tablet users being affected by these Adobe Flash issues, we (as always) encourage all BlackBerry PlayBook users to update to the newest version of the BlackBerry Tablet OS. For more information about what these security updates mean to the BlackBerry PlayBook, please see our security advisory.

How to update your BlackBerry PlayBook tablet :-

Existing BlackBerry PlayBook tablet users will automatically receive a software update notification on the BlackBerry PlayBook status ribbon, or they can check for the software update at any time in the settings menu under Software Updates. Users who purchase and activate a BlackBerry PlayBook tablet on or after Thursday October 6th will automatically be updated to 1.07.3312 or later as part of the BlackBerry PlayBook tablet setup process.

For users who are already running BlackBerry PlayBook v1.0.7.2942 or higher, the update to this new version (v1.07.3312) will include only the Adobe Flash update and is expected to take only a few minutes to install.

-News Source (BlackBerry) 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">BlackBerry PlayBook OS v1.07.3312 Updated & Fixed Adobe Flash Vulnerability"https://www.voiceofgreyhat.com/2011/10/blackberry-playbook-os-v1073312-updated.html</a>

Latest Blackberry Play Book Software Update By RIM

RIM Offers Up Latest BlackBerry PlayBook Software Update [BlackBerry PlayBook Software Update 1.0.7.2942 Now Available, Brings Improved Wi-Fi Connectivity, Faster Bridge Pairing & More. It has been just over a months time since we saw the last update for the BlackBerry PlayBook and while this latest is not adding the one item people seem to be complaining about most — it is nice to see it arrive so quickly. Not to mention, this update does appear to have a few perks for those who are actually using and enjoying their PlayBook.
That being said, this latest update will bring your PlayBook up to version 1.0.7.2942. The update measures in at 80MB in size and the tablet does require a reboot after the update process has run its course. The update does not contain a bunch of new features, instead it takes care of a few bugs and also brings something called differential updates. In terms of the bug fixes, those deal with Wi-Fi connectivity and the BlackBerry Bridge.

The New Features You Will Get:-

• Improved Wi-Fi connectivity to WEP networks

• Faster pairing between a BlackBerry smartphone and BlackBerry
PlayBook tablet via the BlackBerry Bridge app, and faster attachment
opening via BlackBerry Bridge.

And now getting to the differential updates, this one is described as;

“The differential updates feature allows us to update only the sections of the BlackBerry Tablet OS that require updating. This should result in smaller download file sizes and therefore faster updating.”

All said and done, nothing major but enough that it should still be welcomed by regular users. Of course, given the last update was 1.0.7 and this one is 1.0.7.2942 I am not sure anyone could have really expected to see anything major included. Bottom line here, despite what many think about the PlayBook — it is sort of refreshing to see that RIM has not given up just yet. Especially considering what we recently watched HP do with the TouchPad. And in the end, I will maintain my previous statements in that while the PlayBook could use some software improvements and more apps — the hardware is super nice.

-News Source (TFTS & RIM)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Latest Blackberry Play Book Software Update By RIM"https://www.voiceofgreyhat.com/2011/08/latest-blackberry-play-book-software.html</a>

BlackBerry PlayBook The Most Secure Tablet For BYOD Solution

BlackBerry PlayBook The Most Secure Tablet For BYOD Solution

Now a days users of tablet is increasing everyday. Millions of people across the globe are using tablet for both personal and professional purposes. While the number of users and purposes of using tablet are rising, besides the matter of privacy and security arises. There are many companies who are manufacturing tablet, but before choosing, we should know which one is secured than others. According to a recent report by Context Information Security -the PlayBook of BlackBerry is the only device among three top tablets that gives users a good, safe division between their work and personal computing, a recent technology audit concluded.  The report faulted the PlayBook, as well as the Apple iPad and the Samsung Galaxy Tab, for default settings that don't automatically encrypt backups, and for not offering complementary and compatible tools for IT teams to manage a large number of devices at the business level. According to Jonathan Roach, Principal Consultant at Context and author of the report "While the iPad and BlackBerry PlayBook performed better, both still have security deficiencies -- including desktop software that fails to encrypt backups by default." He also said "Context found the PlayBook to be the most work-ready personal tablet of the three, due to its Bridge application's excellent support of barriers between work and personal profiles," 

According to report by contrast, Apple's wildly popular iPad sold more than 17 million units last quarter. Context found the iPad to be the second-most-secure device, citing its "robust data protection and damage limitation facilities," but said on its news page that the device was still vulnerable to jailbreak attacks and "ineffective disk encryption unless a strong passcode policy is applied." 

The report also found the Galaxy Tab's security features to be the least work-play ready, with weak disk-encryption support. The Galaxy Tab's lack of tools tailored to enterprise use makes it "very difficult to manage more than a small number of Galaxy Tabs in an enterprise environment," a point Apple also falls short on. The report criticized the Galaxy Tab's encryption as well. Even with encryption enabled, the report found that Samsung's device still "allows badly-written apps to store sensitive information on the unencrypted SD card." The report also praised all three tablets for their support of Exchange ActiveSync, a feature that allows crucial security settings to be managed from a central server running Microsoft software. But the study noted important differences among the devices that may make some tablets more appropriate for dual use in both the home and the office.

"Despite that security advantage, RIM only managed to ship 130,000 tablets last quarter. By contrast, Apple's wildly popular iPad sold more than 17 million units last quarter. Context found the iPad to be the second-most-secure device, citing its 'robust data protection and damage limitation facilities,' but said on its news page that the device was still vulnerable to jailbreak attacks and 'ineffective disk encryption unless a strong passcode policy is applied" -Jonathan added

To Download the full Report Click Here

-Source (Context Information Security & NBC News)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">BlackBerry PlayBook The Most Secure Tablet For BYOD Solution"https://www.voiceofgreyhat.com/2012/10/BlackBerry-PlayBook-The-Most-Secure-Tablet.html</a>

New BlackBerry 7 OS promises improved performance but no Android apps Flash

Research In Motion's (NASDAQ: RIMM) upcoming BlackBerry 7 operating system for smartphones won't include several of the key features that were added to RIM's new BlackBerry PlayBook tablet, a RIM executive said during the company's annual BlackBerry World event.

RIM's vice president of handheld software product management, Andrew Bocking, said smartphones running the new OS will not support Android applications. The PlayBook launched last month with two optional "app players" that provide a runtime environment for BlackBerry Java applications as well as apps running Android 2.3.

Flash also isn't included in the BlackBerry 7 plan as RIM is putting its focus on the new QNX OS to support Flash content in the web browser. The upcoming BlackBerry 7-based Bold 9900's 1.2 GHz processor is supposed to fulfill Adobe's hardware requirements for Flash support, PCMag.com noted.

Bocking also said that BlackBerry 7 will not be backward-compatible with previous BlackBerry smartphones. This new OS runs solely on dual-core devices, and the existing RIM portfolio does not include any dual-core units.

BlackBerry 7 smartphones are expected to go on sale this summer and they promise improved performance and built-in support for Near Field Communications technology. BlackBerry 7 powers the new Liquid Graphics touchscreen, which touts faster, smoother performance for touch-based navigation, web browsing, pictures, video and graphics-intensive gaming. According to RIM, Liquid Graphics offers up to 60 frames-per-second performance with instant UI action/response. In addition to Liquid Graphics performance gains, the new BlackBerry 7 browser includes a new just in time JavaScript compiler to improve web page load time speeds alongside support for additional HTML5 elements.

The other new features are voice-activated search and BlackBerry Balance, which separates personal content from corporate content on the smartphone.

It's not known exactly when the PlayBook's QNX OS will run on smartphones, but Al Hilwa, program director of applications development software with IDC, said it's clear that the OS will come to smartphones in the next year.

"Major platform transitions take time and what the Playbook launch shows, if anything beyond a really capable piece of hardware, is that rushing devices to market before they are baked doesn't help anybody," he said. "RIM should take its time to bring out QNX phones incrementally and with the right capabilities. The Playbook rollout has been a tough software experiment, but it is an experiment that will help the QNX phones be that much more robust when they come."

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">New BlackBerry 7 OS promises improved performance but no Android apps Flash"https://www.voiceofgreyhat.com/2011/05/new-blackberry-7-os-promises-improved.html</a>

DingleBerry A Tool To Jailbreak BlackBerry Playbook

Three developers have reportedly bypassed Research In Motion's security, gaining root access to the BlackBerry Playbook. The trio -- currently known as xpvqs, neuralic and cmw (Chris Wade) -- demonstrated the feat in a few videos this week. In one of the clips, neuralic fiddles with the backlight and LEDs through a command prompt.

Video Demonstration :-

The hackers will release their discovery next week in the form of a tool amusingly dubbed "DingleBerry," allowing fellow tinkerers to jailbreak their PlayBook. RIM was quick to respond to the claims, vowing to investigate the exploit. "If it is determined that the claim is accurate, RIM will follow its standard response process to develop and release a software update that is designed to minimize adverse impact to our customers or carrier partners," the company said.

The exploit could dent RIM's reputation because the BlackBerry brand prides itself on security. The company has been two steps behind Apple and Google when it comes to consumer smartphones and tablets, so it has attempted to distinguish itself in the enterprise market by harping on BlackBerry's superior security.

For instance, the PlayBook is the only tablet cleared for use by the US federal government after receiving a FIPS certification earlier this year. On the bright side, "DingleBerry" will not affect the company's mobile phones, which run on a different operating system (the PlayBook is powered by a QNX-based OS).

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">DingleBerry A Tool To Jailbreak BlackBerry Playbook"https://www.voiceofgreyhat.com/2011/12/dingleberry-tool-to-jailbreak.html</a>

BlackBerry Mobile Fusion -The evolution of Enterprise Mobility (Also Supports iOS & Android)

BlackBerry Mobile Fusion - The evolution of Enterprise Mobility (Also Supports iOS & Android)

Researcher at BlackBerry has officially launched BlackBerry Mobile Fusion, its next-generation mobile device management (MDM) solution for enterprise customers that extends support to other mobile operating systems such as iOS and Android. RIM says the new technology delivers a cost-efficient, secure, reliable and scalable solution with a unified web-based console for easily managing devices. "BlackBerry Mobile Fusion helps make managing mobile devices faster, easier and more organized than ever. From a unified interface, manage BlackBerry smartphones1, BlackBerry PlayBook tablets and devices that use Apple iOS2 and Google Android3 operating systems." -Said BlackBerry

Key Features:-

• Manage devices, users, groups and policies from a single place

• Manage required and optional work applications

• Supports BlackBerry Balance technology for BlackBerry devices

• Manage and secure BlackBerry PlayBook tablets

• Support for devices that use Apple iOS and Google Android operating systems

• Security designed for everyone

For additional information about BlackBerry Mobile Fusion click Here

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">BlackBerry Mobile Fusion -The evolution of Enterprise Mobility (Also Supports iOS & Android)"https://www.voiceofgreyhat.com/2012/04/blackberry-mobile-fusion-evolution-of.html</a>

Adobe Says Windows 8 Users are Vulnerable to Active Flash Exploits (Microsoft Will not Patch the Bug Until October)

Adobe Says Windows 8 Users are Vulnerable to Active Flash Exploits (Microsoft Will not Patch the Bug Until October 26)

Adobe confirmed a serious security hole in Windows 8, hackers have been aiming at  Microsoft's Windows 8 PCs for several weeks as it is vulnerable to attack by exploits. Its very unfortunate for those who runs all the four (consumer preview, developer preview, release preview & enterprise) pre-release version of Windows 8, because the Redmond based software giant Microsoft said it will not patch the bug in Flash Player until what it called "GA," for "general availability." That would be Oct. 26, when Windows 8 hits retail and PCs powered by the new operating system go on sale. 

"We will update Flash in Windows 8 via Windows Update as needed," a spokeswoman said in a reply to questions. "The current version of Flash in the Windows 8 RTM build does not have the latest fix, but we will have a security update coming through Windows Update in the GA timeframe."
Microsoft, not Adobe, is responsible for patching Flash Player in Windows 8 because the company took a page from Google's playbook and integrated the popular media software with Internet Explorer 10 (IE10), the new operating system's browser. Last month, Adobe issued two updates for Flash Player that patched eight vulnerabilities, some of which were ranked as "1" by the company, its highest threat warning. One of the vulnerabilities, tagged as CVE-2012-1535, was patched Aug. 14, but had been exploited for an indeterminate time before that.
In fact, CVE-2012-1535 was one of four "zero-days," or unpatched vulnerabilities, exploited in a 16-week stretch by an elite hacker gang revealed by Symantec researchers on Friday. Microsoft has not updated the Flash in IE10 within Windows 8 to accommodate those two sets of patches, Adobe confirmed Friday. "Flash Player 11.3.372.94 does not incorporate the fixes released in APSB12-18 and APSB12-19," said Wiebke Lips, a spokeswoman for Adobe, referring to the Aug. 14 and Aug. 21 Flash updates.
Windows 8 RTM's IE10 identifies the integrated Flash Player as version 11.3.372.94, a more recent build than the one in Windows 8 Release Preview, but older than the most-up-to-date version for Windows, 11.4.402.265, which Adobe delivered on Aug. 21.

Adobe actually told some users about Windows 8's Flash situation two weeks ago. On an Adobe support forum, a company representative announced on Aug. 23 that there would be no Flash update for Windows 8 and IE10 until late October. "Since Windows 8 has not yet been released for general availability, the update channel is not active," said Chris Campbell, identified as an Adobe employee. "Once this goes live, you'll start getting updates to Flash Player."

-Source (Computer World)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Adobe Says Windows 8 Users are Vulnerable to Active Flash Exploits (Microsoft Will not Patch the Bug Until October)"https://www.voiceofgreyhat.com/2012/09/Windows8-Users-are-Vulnerable-to-Active-Flash-Exploits.html</a>

Adobe releases Flash Player 10.3 update for Windows, Mac, Linux and Android

Adobe has released the latest update for Flash Player, version 10.3. The update works with all Flash-enabled platforms, including Windows, Mac OS, Linux and Android, with support for the most recent 3.1 update to Honeycomb. You can nab the download on the web at Adobe.com or through Android Market on your mobile device

The latest Flash update is all about squashing bugs and making things work more smoothly. On the Android side, that means NEON optimizations for OMAP4-based devices (pretty much just the BlackBerry PlayBook for now), various fixes for the Samsung Galaxy S, HTC EVO and some Motorola devices and some optimizations for Android 3.0+. All of the fixes are detailed on Adobe’s Android patch notes page. There are a variety of fixes on the non-mobile side as well, along with a handful of new features.
In addition to some new developer tools for measuring video and acoustic echo cancellation, there are also now new controls for managing local storage that have been integrated directly into your browser’s privacy settings, with support for Mozilla Firefox 4, Microsoft Internet Explorer 8 and higher, Google Chrome 11 and “a future release of Apple Safari.” The update also adds a dedicated Flash Player Settings Manager to Control Panels/System Preferences on Windows, Mac and Linux computers, and auto-updated notifications for Mac OS. 
Download Adobe Flash Player 10.3

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Adobe releases Flash Player 10.3 update for Windows, Mac, Linux and Android"https://www.voiceofgreyhat.com/2011/05/adobe-releases-flash-player-103-update.html</a>

Operation Shady RAT (The Biggest Cyber-Attack Ever)

Researchers from security software concern McAfee say they have discovered the biggest series of computer intrusions ever, covering some 72 organizations and governments around the world, including the U.S., Taiwan, Vietnam, South Korea, Canada and India — some of them dating back as far as 2006. (See the map of targets, courtesy of McAfee, below.)

And these aren’t the kind of cyber attacks carried out by bumbling troublemakers like the LulzSec gang, which make headlines but really only cause a nuisance for companies like Sony. In these cases, networks were compromised by remote access tools — or RATs, as they’re known in the industry. These tools — and they are tools, because they have legitimate uses for system administrators — give someone the ability to access a computer from across the country or around the world. In this case, however, they were secretly placed on the target systems, hidden from the eyes of day-to-day users and administrators, and were used to rifle through confidential files for useful information. It’s not for nothing that McAfee is calling this Operation Shady RAT.

McAfee says the attacker was a “state actor,” though it declined to name it. I’ll give you three guesses who the leading candidate is, though you’ll probably need only one: China.

Dmitri Alperovitch, McAfee’s Vice President, Threat Research, makes a statement in his blog entry on the discovery that should give everyone minding a corporate or government network pause: “I am convinced that every company in every conceivable industry with significant size and valuable intellectual property and trade secrets has been compromised (or will be shortly), with the great majority of the victims rarely discovering the intrusion or its impact.” He further divides the worldwide corporate landscape into two camps: Those who have been compromised and know it, and those who simply don’t know it yet.

This has been a particularly nasty year on the cyber security front. (I hate to say it, but I told you so.) Prior to this, the big attack whose full impact has not yet been fully sized up was the one against the RSA SecureID system, which uses popular keychain devices that create a constantly changing series of numbers that in turn create a second password for access to system resources. They’re widely used in government and military circles and among defense contractors. Google has been a regular target in recent years.

The RSA attack and Operation Shady RAT are examples, Alperovitch says, of an “Advanced Persistent Threat.” The phrase has come to be a buzzword that, loosely translated into English, means the worst kind of cyber attack you can imagine. Unlike the denial-of-service attacks and network intrusions carried out by LulzSec and its ilk, which require only minimal skill and marginal understanding of how networks and servers work, an APT is carried out by someone of very high skill who picks his targets carefully and sneaks inside them in a way that is difficult to detect, which allows access to the target system on an ongoing basis that may persist for years.

How did these attacks happen? Its very simple: Someone at the target organization received an email that looked legitimate, but which contained an attachment that wasn’t. This is called “spear phishing,” and it has become the weapon of choice for sophisticated cyber attackers. The attachments are not what they appear to be — Word documents or spreadsheets or other routine things — and contain programs that piggyback on the targeted user’s level of access to the network. These programs then download malware which gives the attackers further access. This all happens in an automated way, but soon after, live attackers log in to the system to dig through what they can find, copy what they can, and make a getaway — though they often leave the doors unlocked so they can come back for repeat visits.

Alperovitch notes — correctly, to my mind — that the phrase has been picked up and overused by the marketing departments of numerous security companies. His larger point is that too often those attacked in this way refuse to come forward and disclose what they’ve learned, thereby allowing the danger to continue for everyone else.

Alperovitch says that the data taken in Operation Shady RAT adds up to several petabytes worth of information. It’s not clear how it has been used. But, as he says, “If even a fraction of it is used to build better competing products or beat a competitor at a key negotiation (due to having stolen the other team’s playbook), the loss represents a massive economic threat not just to individual companies and industries but to entire countries that face the prospect of decreased economic growth.” It’s also bad for a target’s national security, because defense contractors dealing in sensitive military matters are often the targets. The best thing that can happen is that victims start talking about their attacks and sharing information with each other so that everyone can be ready for the next one, which is surely coming.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Operation Shady RAT (The Biggest Cyber-Attack Ever)"https://www.voiceofgreyhat.com/2011/08/operation-shady-rat-biggest-cyber.html</a>