Archive for the ‘Security’ Category

Microsoft

As a reminder, Microsoft is planning to release two security bulletins today, March 9, 2010. Both bulletins carry a maximum severity rating of important and the issues addressed could lead to remote code execution. The first bulletin applies to various versions of Windows XP, Vista and Windows 7 and is rated as [...]

Apache HTTP server 2.2.15

Apache has released HTTP Server version 2.2.15, which addresses a number of security exposures in prior versions of the HTTP server. Of particular note is the updating of the OpenSSL library to 0.9.8m which addresses the renegotiation issues outlined in CVE-2009-3555. At the time of writing, the links to the complete [...]

Blackhat SEO

Recent assessments have discussed many of the Search Engine Optimization (SEO) scams currently in circulation. In a blog post published on Friday, X-Force analysts note how scammers are not only exploiting real news events, but they are also creating their own news to gain profits through affiliate programs. Our researchers warn, [...]

Happy Friday!

Adobe libtiff exploitation
On Monday, we reported that Secunia had discovered that one of the recent Adobe Reader vulnerabilities was actually related to an old vulnerability in libtiff. Secunia had developed an exploit but kept it private. Now, there are reports that others have succeeded in constructing exploits for this issue as [...]

Joke

During a recent password audit at a company, it was found that a receptionist was using the following password:
“MickeyMinniePlutoHueyLouieDeweyDonaldGoofySacramento”
When asked why she had such a long password, she said she was told that it had to be at least 8 characters long and include at least one capital…

Top Tips for Twenty Ten

Rules of Social Networking
Pay attention to what you post and upload. Social networking is public.

Consider images, videos, and information you publish
You shouldn’t publish your address, date of birth, etc.
Use a nick-name that only your friends know.

Choose your friends with care.

Do [...]

Microsoft MS10-015 BSOD Issue

Microsoft has acknowledged that there is an issue when applying the update related to advisory MS10-015 on systems that are infected with certain malware strains including one called “Tidserv”. These infected systems have a high likelihood of becoming unbootable displaying a PAGE_FAULT “Blue Screen of Death” (BSOD) error. Microsoft has [...]

Anti-Phishing Procedure for Email

I saw something like this on the Internet and I do want to give credit to where credit is due, but I cannot remember where I found this. We have recreated it for businesses.
Please see the following flowchart for procedures on anti-phishing for email.

IBM, Google Chrome, & Cisco

New IBM X-Force Blog Entry
A new blog posting has been published on the IBM X-Force site. It covers Tom Cross’s BlackHat presentation on security weaknesses in Lawful Intercept, including the audio and video from the conference.
http://blogs.iss.net/archive/bhdc2010.html
Google Chrome vulnerabilities
Google released a new version of its Chrome browser addressing 6 security related issues. [...]

Why Strong Passwords Are Important

Most systems out in the world are secure. Very secure. Thousands of administrators and technical personnel apply patches and configurations to millions of systems throughout the world on a daily basis. In August 2009, someone hacked into Google, but not through a technical vulnerability within the Google infrastructure.
A hacker found a personal email account. Similar [...]

• Parent

  • Arizona IT Management LLC

• Categories

  • Education
  • Management
  • Security
  • Welcome
•