Archive for March, 2008
Wednesday, March 12th, 2008
Sunbelt Software has a good write-up on a recent spike in 3d screen saver spam. It's a free screen saver that comes at a price. The malware has been tracked back to a re-emerging malware gang and is a gift that keeps on giving. Looks like Sunbelt is pursuing them ...
Posted in Awareness, Exploit/Vulnerability | No Comments »
Tuesday, March 11th, 2008
The latest dose of monthly medicine from Microsoft includes 4 critical patches for Microsoft Office. You can get the Microsoft details or the SANS Internet Storm Center Handler's Diary always provides a simplified view highlighting the most serious of the patches with their own ratings. Of this month's releases, MS08-14 ...
Posted in Exploit/Vulnerability, Patches | No Comments »
Thursday, March 6th, 2008
The Register, among others, reported the release of a tool that allows easy access to a locked workstation. The caveat is that it requires physical access to the Windows computer and is executed by connecting a Linux device to a Windows computer via firewire. The vulnerability has been documented since ...
Posted in Awareness, Exploit/Vulnerability | No Comments »
Wednesday, March 5th, 2008
Another great contribution by SearchSecurity.com: Misconfigured networks create huge security risks. The article says it all in terms of why I'm trying to do what I'm trying to do with EyeIS; my reason for being.
Posted in Uncategorized | No Comments »
Wednesday, March 5th, 2008
CA has a nice writeup from last month (thanks for the tip Brian) on a jsp vulnerability recently toyed with on the PayPal site. It's a fine example of good disclosure; identifying a vulnerability, reporting it effectively, receiving prompt resolution and then documenting how it works in an informed and ...
Posted in Awareness, Exploit/Vulnerability | No Comments »
