From the look of it Apple has released a bunch of updates for OS X. A number of security issues are detailed. As always, SANS has some good details and links to more info on each of the ~13 issues. Many of them are legacy bugs if you will from older *nix-based systems. This is […]
There are a number of vulnerabilities that are currently unpatched, but have working publicly known exploits for Excel (*2) and Internet Explorer (2 vulnerabilities here as well.) Proof of Concept code has been released for both the Excel and Internet Explorer vulnerabilities. This means, with the code publicly available, it won’t be long before it’s […]
There seems to be a 0-day exploit involving WMF (Windows Meta File’s) according to SANS. Here’s their lead-in Just when we thought that this will be another slow day, a link to a working unpatched exploit in, what looks like Windows Graphics Rendering Engine, has been posted to Bugtraq. Send article as PDF
When I saw a story on incidents.org with the title PCI Compliance, I wondered what SANS was doing covering a hardware standard…. oops. PCI in this case means Payment Card Industry. It turns out that Sams Club has had a security breech that has exposed customers credit card information. The data seems to have been […]
Among other things… Sans has lowered the infocon to green, NOT that the threat is diminished, but there have been no new developments with regards to the announcement yesterday of a major Internet Explorer security vulnerability. Sans recommends browsing the web with firefox (with the noscript extension, so you can enable/disable javascript where you wish). […]
Well, it looks like quite a bit took place while I was out on the “zero day exploit front”. It looks as though there is another update at The Sans Institute. The first thing to notice is that they’ve raised their alert level to Yellow over the impending active exploitation of this vulnerability. Send […]
Yesterday I mentioned a SANS report on a possible zero day exploit against Internet Explorer. Today they have more details in the handlers diary. Among other things SANS has issued a patch for it. Send article as PDF
The folks over at The Sans Institute (Incidents.org) are reporting on a possible zero-day ( 0-day ) exploit against Microsoft Internet Explorer. (A zero day exploit is the name given to an exploit of a previously unknown vulnerability.) Their analysis essentially had the machine they were using go to 100% cpu and it did not […]
Over at the Security Fix, Brian Krebs is talking about spyware and the fact that keeping up-to-date on patches, and running current antivirus with current definitions is not enough to protect your machine from spyware. He sums it up by saying common sense is the best defence. Send article as PDF
A while back I did an article on using Google search in some slightly more advanced ways, as well as a link to a site of specific Google searches. I’ve come across something in the Handlers diary at Incidents.org that is worth knowing about. The entry in question details that apparently someone made a BIG […]
Bookmark this site now by pressing Ctrl+D
