Archive for the ‘Security’ Category

Security Updates 20100622

Opera 10.54 Released for Windows The web browser Opera has released an update to address multiple security issues when used on Windows platforms. There are five listed security fixes, four of which have no details given. We advise customers that use this web browser to update as soon as possible. http://www.opera.com/docs/changelogs/windows/1054/ Apple Quietly Includes Anti-Malware [...]

Posted on June 22, 2010 at 9:24 AM by root · Permalink · Leave a comment
In: Security

Patch Tuesday for Microsoft

Microsoft’s June Security Advance Notification Microsoft is planning to release ten bulletins addressing 34 vulnerabilities on Tuesday, June 8th. The bulletins are rated as follows: 3 “Critical” and 7 “Important”. The affected software includes: Windows, Microsoft Office, and Internet Explorer. Additionally, Microsoft plans to address the issues highlighted in Security Advisories 983438 and 980088. We [...]

Posted on June 7, 2010 at 8:36 AM by root · Permalink · Leave a comment
In: Security · Tagged with: microsoft, Patches, Security, Vulnerabilities

The Internet

A New Phishing Attack We were intrigued when looking at the demo of what has been dubbed ‘tabnabbing’, a new type of phishing attack discovered by Aza Raskin from Mozilla. Different from the more contemporary phishing attacks that generally lure victims directly to the malicious phishing page through emails and links, this attack could load [...]

Posted on May 27, 2010 at 8:45 AM by root · Permalink · One Comment
In: Education, Security · Tagged with: phishing, Wardriving

April Patches and Updates

1. Denial of Service Conditions in Microsoft Exchange and Microsoft SMTP Service (MS10-024 CVE-2010-0024) Microsoft Windows SMTP Service and Microsoft Exchange are vulnerable to a denial of service, caused by the improper handling of DNS Mail Exchanger (MX) resource records by the Simple Mail Transfer Protocol component. As SMTP services are often exposed to the [...]

Posted on April 14, 2010 at 9:07 AM by root · Permalink · Leave a comment
In: Security · Tagged with: adobe, microsoft, Patches, Security

Microsoft Internet Explorer Vulnerability

New Exploit Code for Microsoft Internet Explorer Vulnerability Exploit code has surfaced for one of the vulnerabilities in MS10-018, the out-of-cycle bulletin released by Microsoft on March 30. This bulletin addresses multiple vulnerabilities in Internet Explorer including a 0-day vulnerability that was being exploited earlier this month. This most recent exploit code which has been [...]

Posted on April 7, 2010 at 8:50 AM by root · Permalink · Leave a comment
In: Security · Tagged with: information security, infosec, microsoft, Security, Vulnerabilities

New Vulnerabilities

Vulnerability in HP Broadcom Integrated NIC Management Firmware A potential vulnerability has been identified and reported with some HP PCs with Broadcom Integrated NIC Firmware. The vulnerability could be remotely exploited to execute arbitrary code. This vulnerability is reported in 1.x versions prior to 1.40.0.0, and 8.x versions prior to 8.08. This vulnerability references CVE-2010-0104 [...]

Posted on March 17, 2010 at 8:23 AM by root · Permalink · Leave a comment
In: Security · Tagged with: HP, SpamAssassin

Microsoft

As a reminder, Microsoft is planning to release two security bulletins today, March 9, 2010. Both bulletins carry a maximum severity rating of important and the issues addressed could lead to remote code execution. The first bulletin applies to various versions of Windows XP, Vista and Windows 7 and is rated as important for all [...]

Posted on March 9, 2010 at 3:16 PM by root · Permalink · Leave a comment
In: Education, Security · Tagged with: microsoft, Patches, Security, update, Vulnerabilities

Apache HTTP server 2.2.15

Apache has released HTTP Server version 2.2.15, which addresses a number of security exposures in prior versions of the HTTP server. Of particular note is the updating of the OpenSSL library to 0.9.8m which addresses the renegotiation issues outlined in CVE-2009-3555. At the time of writing, the links to the complete changelog and downloads for [...]

Posted on March 9, 2010 at 3:14 PM by root · Permalink · Leave a comment
In: Security · Tagged with: apache, http, openssl, Vulnerabilities

Blackhat SEO

Recent assessments have discussed many of the Search Engine Optimization (SEO) scams currently in circulation. In a blog post published on Friday, X-Force analysts note how scammers are not only exploiting real news events, but they are also creating their own news to gain profits through affiliate programs. Our researchers warn, “you can’t always trust [...]

Posted on March 9, 2010 at 3:13 PM by root · Permalink · Leave a comment
In: Security · Tagged with: business, hackers, information security, infosec, seo

Happy Friday!

Adobe libtiff exploitation On Monday, we reported that Secunia had discovered that one of the recent Adobe Reader vulnerabilities was actually related to an old vulnerability in libtiff. Secunia had developed an exploit but kept it private. Now, there are reports that others have succeeded in constructing exploits for this issue as well. We encourage [...]

Posted on February 26, 2010 at 8:25 AM by root · Permalink · Leave a comment
In: Education, Security · Tagged with: adobe, browser, chrome, exploit, libtiff, secunia, seo, vulnerability

Protecting Your Data. A public service from Arizona IT Management LLC

Home

Information Armor