Archive for the ‘Security’ Category

Joke

During a recent password audit at a company, it was found that a receptionist was using the following password: “MickeyMinniePlutoHueyLouieDeweyDonaldGoofySacramento” When asked why she had such a long password, she said she was told that it had to be at least 8 characters long and include at least one capital…

Posted on February 23, 2010 at 11:29 AM by root · Permalink · Leave a comment
In: Education, Security · Tagged with: passwords

Top Tips for Twenty Ten

Rules of Social Networking Pay attention to what you post and upload. Social networking is public. Consider images, videos, and information you publish You shouldn’t publish your address, date of birth, etc. Use a nick-name that only your friends know. Choose your friends with care. Do not accept friend requests from people you do not [...]

Posted on February 17, 2010 at 9:52 AM by root · Permalink · Leave a comment
In: Education, Security · Tagged with: awareness, Security, tips

Microsoft MS10-015 BSOD Issue

Microsoft has acknowledged that there is an issue when applying the update related to advisory MS10-015 on systems that are infected with certain malware strains including one called “Tidserv”. These infected systems have a high likelihood of becoming unbootable displaying a PAGE_FAULT “Blue Screen of Death” (BSOD) error. Microsoft has issued directions on how to [...]

Posted on February 16, 2010 at 9:19 AM by root · Permalink · Leave a comment
In: Education, Security · Tagged with: bsod, microsoft, Patches, Security, update, Vulnerabilities

Anti-Phishing Procedure for Email

I saw something like this on the Internet and I do want to give credit to where credit is due, but I cannot remember where I found this. We have recreated it for businesses. Please see the following flowchart for procedures on anti-phishing for email.

Posted on February 16, 2010 at 9:16 AM by root · Permalink · Leave a comment
In: Education, Security · Tagged with: anti-phishing, awareness, email, hackers, id theft, phishing, Security

IBM, Google Chrome, & Cisco

New IBM X-Force Blog Entry A new blog posting has been published on the IBM X-Force site. It covers Tom Cross’s BlackHat presentation on security weaknesses in Lawful Intercept, including the audio and video from the conference. http://blogs.iss.net/archive/bhdc2010.html Google Chrome vulnerabilities Google released a new version of its Chrome browser addressing 6 security related issues. [...]

Posted on February 12, 2010 at 9:23 AM by root · Permalink · Leave a comment
In: Security · Tagged with: cisco, google, ibm

Why Strong Passwords Are Important

Most systems out in the world are secure. Very secure. Thousands of administrators and technical personnel apply patches and configurations to millions of systems throughout the world on a daily basis. In August 2009, someone hacked into Google, but not through a technical vulnerability within the Google infrastructure. A hacker found a personal email account. [...]

Posted on February 10, 2010 at 8:52 AM by root · Permalink · Leave a comment
In: Education, Management, Security · Tagged with: awareness, id theft, Management, passwords, protection, safeguard, Security

February

Microsoft Advance Notification for February The assessment was updated yesterday to note that Microsoft has released their Advance Notification for February Security Bulletins. On Tuesday, February 9, Microsoft plans on releasing a total of thirteen Security Bulletins: five “critical”, seven “important”, and one “moderate”. These bulletins will address a total of twenty-six vulnerabilities across Windows [...]

Posted on February 9, 2010 at 1:03 PM by root · Permalink · Leave a comment
In: Security · Tagged with: microsoft, Patches, samba

Bypass Flash Logins Using FLASM

Watch this video. Then disable your flash logins if you have them.

Posted on February 4, 2010 at 5:59 PM by root · Permalink · Leave a comment
In: Security · Tagged with: bypass, flash, hackers, logins, video

Vulnerabilities

Cisco disclosed multiple vulnerabilities in their Unified MeetingPlace product. These issues leave the product vulnerable to SQL injection attacks and could allow attackers to bypass authentication. Cisco has released patches to address these issues. http://www.cisco.com/warp/public/707/cisco-sa-20100127-mp.shtml http://secunia.com/advisories/38259/ The open source library YaSSL was found to have a security vulnerability related to the negotiation of SSL certificates. [...]

Posted on January 29, 2010 at 8:21 AM by root · Permalink · One Comment
In: Education, Security · Tagged with: apache, cisco, denial of service, sql injection, SSL, Unified Meeting Place, YaSSL

MS10-002

Microsoft has released MS10-002 today. The update addresses 7 privately reported and 1 publicly reported vulnerability which is associated with the widely publicized attacks associated with Security Advisory 979352. There are four (4) Uninitialized Memory Corruption Vulnerabilities, two (2) HTML Object Memory Corruption Vulnerabilities, one (1) XSS Filter Script Handling Vulnerability, and one (1) URL [...]

Posted on January 22, 2010 at 8:38 AM by root · Permalink · Leave a comment
In: Security · Tagged with: microsoft, Patches, Vulnerabilities

Protecting Your Data. A public service from Arizona IT Management LLC

Home

Information Armor