Archive for the ‘Education’ Category

Microsoft

As a reminder, Microsoft is planning to release two security bulletins today, March 9, 2010. Both bulletins carry a maximum severity rating of important and the issues addressed could lead to remote code execution. The first bulletin applies to various versions of Windows XP, Vista and Windows 7 and is rated as [...]

Posted on March 9, 2010 at 3:16 PM by root · Permalink · Leave a comment
In: Education, Security · Tagged with: microsoft, Patches, Security, update, Vulnerabilities

Bridal Scam

We would also like to draw our readers’ attention to interesting media articles on a scam, with something of a twist. The scam involved a purported bridal convention in Boston, which would be held at a convention center, and even claimed part of the profits from the event would be donated to [...]

Posted on March 9, 2010 at 3:15 PM by root · Permalink · Leave a comment
In: Education · Tagged with: awareness

Happy Friday!

Adobe libtiff exploitation
On Monday, we reported that Secunia had discovered that one of the recent Adobe Reader vulnerabilities was actually related to an old vulnerability in libtiff. Secunia had developed an exploit but kept it private. Now, there are reports that others have succeeded in constructing exploits for this issue as [...]

Posted on February 26, 2010 at 8:25 AM by root · Permalink · Leave a comment
In: Education, Security · Tagged with: adobe, browser, chrome, exploit, libtiff, secunia, seo, vulnerability

Joke

During a recent password audit at a company, it was found that a receptionist was using the following password:
“MickeyMinniePlutoHueyLouieDeweyDonaldGoofySacramento”
When asked why she had such a long password, she said she was told that it had to be at least 8 characters long and include at least one capital…

Posted on February 23, 2010 at 11:29 AM by root · Permalink · Leave a comment
In: Education, Security · Tagged with: passwords

Top Tips for Twenty Ten

Rules of Social Networking
Pay attention to what you post and upload. Social networking is public.

Consider images, videos, and information you publish
You shouldn’t publish your address, date of birth, etc.
Use a nick-name that only your friends know.

Choose your friends with care.

Do [...]

Posted on February 17, 2010 at 9:52 AM by root · Permalink · Leave a comment
In: Education, Security · Tagged with: awareness, Security, tips

Microsoft MS10-015 BSOD Issue

Microsoft has acknowledged that there is an issue when applying the update related to advisory MS10-015 on systems that are infected with certain malware strains including one called “Tidserv”. These infected systems have a high likelihood of becoming unbootable displaying a PAGE_FAULT “Blue Screen of Death” (BSOD) error. Microsoft has [...]

Posted on February 16, 2010 at 9:19 AM by root · Permalink · Leave a comment
In: Education, Security · Tagged with: bsod, microsoft, Patches, Security, update, Vulnerabilities

Anti-Phishing Procedure for Email

I saw something like this on the Internet and I do want to give credit to where credit is due, but I cannot remember where I found this. We have recreated it for businesses.
Please see the following flowchart for procedures on anti-phishing for email.

Posted on February 16, 2010 at 9:16 AM by root · Permalink · Leave a comment
In: Education, Security · Tagged with: anti-phishing, awareness, email, hackers, id theft, phishing, Security

Why Strong Passwords Are Important

Most systems out in the world are secure. Very secure. Thousands of administrators and technical personnel apply patches and configurations to millions of systems throughout the world on a daily basis. In August 2009, someone hacked into Google, but not through a technical vulnerability within the Google infrastructure.
A hacker found a personal email account. Similar [...]

Posted on February 10, 2010 at 8:52 AM by root · Permalink · Leave a comment
In: Education, Management, Security · Tagged with: awareness, id theft, Management, passwords, protection, safeguard, Security

Vulnerabilities

Cisco disclosed multiple vulnerabilities in their Unified MeetingPlace product. These issues leave the product vulnerable to SQL injection attacks and could allow attackers to bypass authentication. Cisco has released patches to address these issues.
http://www.cisco.com/warp/public/707/cisco-sa-20100127-mp.shtml
http://secunia.com/advisories/38259/
The open source library YaSSL was found to have a security vulnerability related to the negotiation of SSL certificates. The possibility [...]

Posted on January 29, 2010 at 8:21 AM by root · Permalink · One Comment
In: Education, Security · Tagged with: apache, cisco, denial of service, sql injection, SSL, Unified Meeting Place, YaSSL

Security News

Microsoft Announces out of cycle Security Update schedule
Microsoft issued their Advanced Notification Service (ANS) notification to inform customers of the impending release of MS10-002 on January 21st, 2010. The update will be cumulative, in advance of the normal February release Cycle, and is intended to protect customers from the known, widely publicized attacks associated with [...]

Posted on January 21, 2010 at 12:13 PM by root · Permalink · Leave a comment
In: Education, Security · Tagged with: adobe, apple, DEP, email, microsoft

Protecting Your Data. A public service from Arizona IT Management LLC

Home

Information Armor