I don’t know about you, but I LOVE cheat sheets. I absolutely use the crap out of them. Today, someone (I lost the email since then), sent me this page that has a boatload of cheat sheets in one locale. Thanks to whoever sent it, you know who you are. Check them out here. I [...]
Our press release: MSI RELEASES IPHONE APP FOR “STATE OF SECURITY” BLOG MSI Offers Free Tool to Allow Access to Blog’s RSS Through iPhone App COLUMBUS, Ohio January 26, 2010 — MicroSolved, Inc. (MSI) is pleased to introduce a fun free tool to add to a user’s iPhone app menu. Now readers of the “State [...]
If you were unable to join us for the chat today, covering the Aurora Vulnerability, you can now view the transcript here. AuroraVulnChat 1-22-10
Much media attention has been focused on the recent Internet Explorer vulnerabilities and the attacks and compromises of several large companies. Rumors are flying fast and furious around the Internet. Come learn about the technical exposures of these vulnerabilities, the suggest options for protection of your organization, and a discussion about what your peers are [...]
I know that the IE infection is hard to kick. The most common argument I hear, many sites just don’t work with anything but Internet Explorer. Is this a true issue, or merely an excuse for inaction? I know a few organizations that have installed alternative browsers (OK, Firefox, in all cases), and blocked all [...]
A honeypot is a trap set to detect or deflect attempts at unauthorized use of information systems. Generally it consists of a computer, data or a network site that appears to be part of a network but which is actually isolated and protected, and which seems to contain information that would be of value to [...]
Tax season is upon us and spammers are taking full advantage of the situation. Reports of fraudulent emails that appear to come from the IRS are popping up. The email states that all employers need to complete the attached W-2 update form. Unfortunately, the attachment contains a remote administration tool that allows the attacker to [...]
The HITME has been abuzz with alerts from around the globe of scans attempting to find various mobile directories on HoneyPoint hosts. Here is a list of targets that are being checked for: /iphone /m /mobi /mobile While no scanner signatures or identifiers are being sent with the probes, it’s still cause for concern over [...]
After the discussion about my last post and my omission of appsec, I wanted to make up for it not being in the list. Certainly, application security is important and as pointed out, I should have added it to the list of primary concerns for organizations. By now, I hope everyone understands that attacks like [...]
Welcome to 2010. A new decade, for sure, but one likely to contain many of the traditional security problems that we have grown used to. How would I rate the top three things you should be paying attention to as we begin the new year? Glad you asked. 1. Malware – malware is the current [...]