Security
Vista Security exploit - without the hype
There’s been some wild and panicky stuff in some of the Tech press lately about a potential exploit that could bypass Vista’s security model. It all sounds pretty drastic but please bear in mind that most reports have been pretty sensationalist about it.
A ZDNet blog post contains a bit more ‘measured’ information about it along [...]
Microsoft August update contains several critical fixes
The August upate from Microsoft is likely to contain a number of critical and major fixes.
The update will include seven items rated as ‘critical’, the highest of Microsoft’s security alert levels. All of these will address issues that may allow an attacker to remotely execute code on a targeted system.
Four of the critical fixes relate to [...]
DNS cache poisoning exploit released
A quick note to warn you that the first code sample has been released to try and exploit the recently announced DNS cache poisoning vulnerability. While most users will be relying on their ISP etc to ensure they have patched the hole, you should also make sure that you have applied any required OS patches/updates [...]
Blackberry security flaw
Research in Motion, makers of the Blackberry, has warned businesses to disable the function which allows a BlackBerry to read PDF files, after a security flaw was found in the software.
A “high” severity flaw affecting how BlackBerry Enterprise Server (BES) opens PDF files may be used to compromise a network. RIM disclosed the flaw last [...]
Kaspersky Seeking Security & Cryptography Experts to Crack 1024 bit Encryption Key
Security research firm, Kapersky Lab, is calling all security and cryptography experts to join forces in an effort to crack a blackmailing virus that employs a currently unbreakable 1024-bit encryption key.
The virus, which has been dubbed ‘Gpcode’, infiltrates a user’s computer via unpatched browsers. Once active it encodes most of the data on the computer, [...]
Ransomware Virus Uses 1024-bit Key
Security specialists are warning of a new virus that encrypts data on infected machines and demands money for the decryption key.
‘Gpcode’ is thought to access PCs via unpatched browsers. Once active it encodes most of the data on the computer, including .doc, .txt, .pdf, .xls, .jpg and .png files, with a 1,024-bit key.
Once all the [...]
Government Launches Free Subscription Based Security Alert Service
The Federal Government kicked-off National E-security week today with the launch of a new security alert service for internet users and small businesses.
The National E-security Awareness Week is a Government initiative aimed at boosting awareness of e-security risks.
The alert service, announced today, is a free subscription-based service that provides vulnerability and threat information while advising [...]
WebMarshall Gateway Solution Upgraded to Version 6.1
Email and web gateway security provider Marshal has updated its WebMarshal gateway solution.
WebMarshal 6.1, announced today, enables granular policy control and HTTPS content scanning, and includes new tools designed to make it easy to block web staples such as streaming videos and chat.
“Not only does WebMarshal 6.1 add HTTPS content scanning, closing a potential loophole [...]
Panda Security Upgraded to Version 2.0
Panda Security has upgraded its online malware scanner, ActiveScan to version 2.0. Panda said the upgrade was a response to “the growing complexity of modular-built intelligent malware, such as rootkits.”
ActiveScan 2.0 draws on Panda’s flagship ‘Collective Intelligence’ infrastructure, which takes security and malware information directly from its user community.
In this upgrade ActiveScan stores “collected behavioural [...]
BitDefender issues fix for IE7 printing bug
Security firm BitDefender claims to be the first to issue an update to protect against a new vulnerability in Microsoft’s Internet Explorer 7.
Researchers issued a signature update to protect users against a flaw in the way IE7 parses web pages in preparation for printing.
The bug could allow a remote attacker to execute arbitrary code on [...]
Debian, Ubuntu Flawed For Two Years
A research posting to the Debian security list last week has led to the confirmation of a serious hole in two flavours of the Open Source Linux operating system.
Frederick Lee, a researcher at insecurity company Fortify, said that the flaw, which affects Ubuntu as well as Debian, had been “seriously underestimated ” as it makes [...]
Aussie Bank Account Details Stolen and Sold
Cybercriminals are stealing bank login details from Australian online bankers and selling the data on European black markets for as much as €550 ($913).
A bundle package that includes personal information and personal bank details from Commonwealth Bank, ANZ, Suncorp and Bank West account holders is going for €550, according to McAfee Avert Labs’ research.
Prices depend [...]
Google Launches Local Hosted Security Service
Google has launched a hosted security service for enterprise customers in Australia.
The hosted service, called “Google Web Security for Enterprise”, protects corporate Web and e-mail users from viruses, spyware, malicious Web sites, and offers hosted e-mail archiving services.
The service offers a choice of cheap security features. The option of Google Message Filtering (e-mail filtering) is [...]
Microsoft Prepairs Four Security Patches
Microsoft has given advanced notification of four security patches in this month’s Patch Tuesday on 13 May.
The update will include fixes for vulnerabilities in Microsoft Office, Windows and OneCare.
Three of the vulnerabilities have been rated ‘critical’, Microsoft’s highest security level. A fourth was rated ‘moderate’.
Two of the critical flaws lie in Microsoft Office. Versions affected [...]
Firefox Language Pack Infected by Ad Virus
Mozilla has stopped distributing a language pack for Firefox after discovering it had been infected by malicious code for over two months.
Although Mozilla’s Vietnamese language pack for Firefox has been compromised by the malware, labelled HTML.Xorer, since February, the problem was only discovered earlier this week, according to Mozilla.
The malware left those downloading the language [...]
Loading ...