Category: Computer Tech
-
Security Policies in the organisation
Most organisations of a reasonable size, will today have at least some policies which integrate with HR to govern Internet and computer use within the company. However, the ability of these limited documents ( and sometimes procedures ) to protect the company is often minimal. With the extent to which malicious vectors are able to…
-
Security strikes back – NOT!
Microsoft released their largest ever update set this Tuesday past ( a total of 17 updates to fix 40 holes ), which included fixes for all 4 Windows holes related to the Stuxnet worm. This update set includes MS10-090 which fixes 6 CSS issues in IE which have been actively exploited over the last few…
-
Breaking News: Novell Sold!!!
So Attachmate Corp has purchased Novell for $2.2B. In addition, certain IP assets will be sold off separately for $450M to a consortium of Microsoft and others. These include the copyrights for Unix System V which was used in defense of SCO’s lawsuit. So one wonders whether the purchase by Microsoft includes these or not…
-
IE hole has first blood drawn by Amnesty International
The latest 0-day hole in Internet Explorer has been exploited by vulnerabilities in the Amnesty International web site. The hole itslef is related to flawed processing routines for parsing certain Cascading Style Sheet combinations in HTML documents. This allows attackers to manipulate certain pointers and execute injected code at the user’s privilege level. The new…
-
Bakbone and Falconstor
In breaking news, Qwest has purchased Bakbone for $55m and stock options. Seeing as we have quite a lot of clients locally running Netvault, it will be interesting to see how this purchase affects the product lineup going forward. Buyouts can sometimes work, and other times fall down badly. Let’s try and be optimistic about…
-
Security vendors and their ‘secure’ products
One typically expects security devices and products to be, well how to put it – secure? Yes, secure. But it appears that security vendors struggle with bugs and the like, almost as much as normal software. There have been a number of high profile AV definition update failures in the last year, Cisco had some…
-
Server Reboots
A recent article offered that servers should be rebooted on a regular basis and mostly argued the case of OS updates requiring this. I think that servers should be rebooted/shutdown but only in the region of months or bi-annually. 3 reasons: a. applying of kernel patches ( unless you’re using ksplice on Linux ) b.…
-
ZeuS banking trojan now into SMS
New versions of the ZeuS trojan are starting to target the SMS-TAN system which is used to send transaction numbers ( TANs ) to clients’ cell phones to authenticate that person for a online transaction. Now, the developers of ZeuS have pursued the last strategy to get trojans onto devices in an attack requiring multiple…
-
Poor reporting from BCS/ITnow
I recently bumped into an article written by Steve Smith, MD of IT Security firm Pentura. After reading only the 1st paragraph, I already came to the conclusion that either Mr. Smith is clueless or purposely disseminating falsehoods about OSS security. The rest of the article is an abomination peppered with inaccuracies and complete rubbish.…
-
AV vendors offer ‘free’ LNK protection
Aw, aren’t we lucky ( well Windows users at least ) – G-Data and Sophos have stepped forward with free protection for the .lnk vulnerability. G-Data’s solution LNK-Checker displays no-entry signs for iconss associated with exploits while other icons function as normal.However, users can still click on malicious LNK files and start the malware manually,…
-
Windows LNK vulnerability attracts more attacks
The unpatched LNK vulnerability in all versions of Windows ( from XP onwards ) is attracting a lot more attention from malicious code authors. A further 2 exploits have been detected in the wild. The 1st .lnk trojan Stuxnet, was very specific about it’s payload, attacking Siemens SCADA software specifically. But the effectiveness of .lnk…
-
New Microsoft Windows exploit the most dangerous of all
A new malicious attack has been spreading through the internet in the last few weeks, initially using USB memory sticks to propagate. Called, the LNK vulnerability, the attack uses specially crafted shortcut (.lnk) files, which trick Windows into running code of an attacker’s choosing. Any Windows application that tries to display the shortcut’s icon—including Explorer—will…
-
Security vendors – stop your advertising antics!
I always find it quite amusing ( and ironic ) when security vendors eat their own dog food – and get bitten. Here are a few gems: Earlier this year, Mcafee released a definition file which a Windows XP SP3 system file ( svchost.exe ) it thought was a threat resulting in thousands of machines…
-
Microsoft and anti-virus software
I’m subscribed to a Microsoft UK email newsletter that I get once a month. The latest one started as follows: As someone who is fully aware of the potential dangers that the internet poses to those who use it for banking, shopping and social networking, you must get a lot of people asking for your…
-
Security, the employee and business
Anyone who runs a business ( from small SMEs to large corporates ) these days, with computing facilities for their employees, faces a tough battle with network and computer security. The list of external malicious vectors are endless, including phishing attacks, spyware, viruses, DoS attacks and many others. The Mariposa virus, shut down in March…