Attackers are apparently zigging when we thought they would be zagging again. An article posted yesterday talks about how attackers have passed on using the exploits published by the common frameworks and instead, have been pretty widely using a more advanced, capable and less known tool to exploit the DNS vulnerabilities that have been in [...]
We are proud to announce the immediate availability of a complimentary site that is dedicated to the offering clients of MSI a source for quality information security materials. The site is located at http://awareness.microsolved.com and requires a login and password for access. The accounts, which are free or charge, are available to those organizations who [...]
Oracle has released a patch out of cycle in response to an exploit going public yesterday. The flaw allows remote code execution without being authenticated in WebLogic Server and WebLogic Express. Every version of WebLogic from version 6.1 to 10 are vulnerable. This is a critical vulnerability and the patch needs to be rolled out [...]
An exploit has been released that takes advantage of a vulnerability in OfficeScan 7.3. The vulnerability is within the ActiveX control. Exploitation of this vulnerability allows arbitrary code execution. Trend Micro has already patched this issue, and version 8 of OfficeScan is not vulnerable. So if you are vulnerable, apply the update or upgrade to [...]
We have kind of been breaking down the DNS cache poisoning exploit scenarios and have been dropping them into 3 different “piles”. 1) Massive poisoning attacks that would be used a denial of service style attack to attempt to “cut an organization off from the Internet” or at least key sites – the damage from [...]
For those organizations who have decided not to patch their DNS servers because they feel protected by implemented controls that only allow recursion from internal systems, we just wanted to point out that there a number of ways that an attacker can cause a recursive query to be performed by an “internal” host. Here is [...]
An exploit for the recent DNS issue has been released in a popular attack framework (Metasploit). This is going to make running the exploit trivial for any would be malicious user that has enough skill to download Metasploit. The exploit claims to only work against Bind 9, but I would be very surprised if it [...]
Unfortunately, the blackout period for the DNS issues has been broken. The exploit details have been made public and have been in the wild for a number of hours. While the security researchers involved have tried to remove the details and analysis, Google had already cached the site and the details are now widely known. [...]
We are seeking a new member for our team of security analysts, engineers and consultants. This is a junior level, full time, salary position. We are seeking technicians with the following skills and interests. You do NOT need security experience, as we will teach the successful applicant our award-winning methodologies and approaches to information security. [...]
Apple Mac OS X 10.5 and 10.4 ARDagent (Apple Remote Desktop) contains a vulnerability that allows local users to gain root privileges through an AppleScript command. This issue was first presented last month, but now there are indications that this vulnerability is being actively exploited to install malicious software on target systems. Because this vulnerability [...]