|
| May 2007 Cisco Unpatched Vulnerability in IPS and IOS |
|---|
Cisco is reporting that a malicious user could utilize an unpatched flaw
in Cisco's Intrusion Prevention System (IPS) and Internetwork Operating
System (IOS) with Firewall/IPS Feature Set to evade security restrictions
and launch attacks. |
| |
| Feb. 2007 Microsoft Pre-Patch Notification |
|---|
Tuesday, Feb. 13, 2007, at roughly 1000 PT, Microsoft will be releasing
their next set of patches. There will be twelve...
|
| |
| MSIE VML Vulnerability |
|---|
We are seeing a large uptick in activity meant to drive users to
compromised servers that are serving malicious sites aimed at exploiting
the latest MS Internet ... |
| |
| Multiple Patch Releases: MS, Apple, Adobe
|
|---|
|
There are multiple patch related issues that network administrators should be aware of and prepared to address:
MS has re-issued MS06-... |
| |
| Microsoft Word Remote Code Execution Vulnerability |
|---|
We are aware of a Microsoft Word vulnerability that is currently being
actively exploited. This vulnerability allows for remote code execution
via a Word documen... |
| | | Cisco Unauthorized Access Flaw |
|---|
We have noted a Cisco advisory concerning a vulnerability that has the
potential to allow unauthorized users EXEC access to an affected Cisco
device. Authorize... |
| | | Microsoft Issues Updated Patch |
|---|
Microsoft has issued an update to their recent MS06-042 patch that fixed
the issues it was made for, but also opened up an additional remote code
execution vulner... |
| | | MS06-034 Installation Failures |
|---|
Microsoft has issued a notice to Windows 2003 SP1 administrators regarding
silent failures of the MS06-034 patch released last week. Based on the
information supp... |
| | | July Microsoft Patch Release |
|---|
The releases by Microsoft yesterday included patches for several MS Office
vulnerabilities as well as one in particular that involves the "Server"
service.
|
| |
| |
| Internet Scammer Gets Nearly 13 Years for $1.3M Fraud |
|---|
| A Nigerian man gets sentenced to 151 months in prison for a scam that stole $1.3 million from victims. - Okpako Diamreyan, a Nigerian citizen, was sentenced Sept. 1 to nearly 13 years in prison for masterminding an quot;advanced fee quot; scam that cost his victims $1.3 million. According to the U.S. Department of Justice, Diamreyan was also ordered to pay more than $1 million in restitution to | | |
| College Data Breaches Underscore Security Challenges |
|---|
| Security pros are talking about the challenges educational institutions face when it comes to protecting user data. - The University of Virginia reportedly fell victim to a cyber-attack the week of Aug. 23 that resulted in the theft of nearly $1 million. Unfortunately for administrators at colleges and universities, their institutions are just as vulnerable to data breaches as enterprises. According to KrebsOnS | | |
| Apple Ping Hit by Spammers |
|---|
| Researchers at Sophos say Apple Ping has been hit by scams familiar to users of other social networks such as Facebook and Twitter. - Spammers jumped out the gate quickly with survey scams aimed at users of Ping, Apple's new iTunes social network. Ping launched Sept. 1 with the goal of creating a social network for the more than 160 million users of iTunes. However according to Sophos, the service has been hit with a barrage of | | |
| Microsoft Releases Application Security Tool Kit for Developers |
|---|
| Microsoft updates its EMET tool kit, designed to help developers thwart attacks against their applications. - Microsoft released an updated version of a tool kit Sept. 2 to help developers make their applications more secure. With the Enhanced Mitigation Experience Toolkit 2, Microsoft said, developers can bring technologies such as dynamic data execution prevention to bear to improve security, parti | | |
| Facebook Adds Remote Logout Security Feature |
|---|
| Facebook is rolling out a security control that enables users to remotely log out of an active session from a different machine. The feature extends controls added in May to prevent unauthorized activity. - Facebook is updating security on its site to bolster protections added in May relating to user log-ins. This time, Facebook is giving users the ability to log out of any Facebook session they may have left active on another computer or device. For example, if a user logs into Facebook on a frien | | |
|
