A cutting-edge IT security conference, was held from 18th -19th December. It was the second round, following its first occurrence in February 2014. Read Full Article
Area41, formerly known as …
Gruezi from Zurich, Switzerland, where the Area41 conference is currently being held. Area41 doesn’t ring a bell? Well, this event went under a renaming process and was formerly known as Hashdays, that took place in Lucerne. However, the steering team behind… Read Full Article
Patch Tuesday April 2012 – Patching Multiple Web Based Client Side and Spearphishing Exposures
This month’s patch Tuesday fixes a small set of critical vulnerabilities in a variety of client side software. Six bulletins have been created to address eleven exploitable flaws. Two of the bulletins are top priority and should be addressed ASAP. These are the MS12-023 bulletin, patching a set of five Internet Explorer vulnerabilities leading to remote code execution, and the MS12-027 bulletin, patching the MSCOMCTL ActiveX Control. Read Full Article
Patch Tuesday February 2012
Microsoft is releasing 9 Security Bulletins this month (MS12-008 through MS12-016), patching a total 21 vulnerabilities. Some of these vulnerabilities may enable remote code execution (RCE) in limited circumstances, and some researchers have claimed that certain “bugs” should be exploitable, but after months of public circulation, there have been no known working exploits. Read Full Article
CVE-2012-0003 Exploit ITW
S. Korean handlers are slow to take down the publicly distributed malicious code exploiting CVE-2012-0003, a vulnerability patched in Microsoft’s January 2012 patch release MS12-004. Read Full Article
LANDesk Interchange 2011, Poison Ivy, and US Incidents
LANDesk Interchange 2011 is winding down in Las Vegas today. The event gathered partners and displayed newer technologies offered by the decade old systems management company. It was interesting hearing from IT “old-timers” that have worked with the technology, describing the company’s impact on the industry – its spinoff from Intel, the original LANDesk AV product that wound up in another vendor’s product, and what they like about Kaspersky Lab technologies integration into the security suite. We were happy to present at our partner’s conference with “The Dark Side of Unmanaged Desktops”, where I described 2011 incidents that both I and our Global Emergency Response Team have investigated and remediated, some incidents in the news, and some of the IT mismanagement issues that enabled these incidents to occur. Read Full Article
Adobe September 2011 Patch Release
In addition to today’s Microsoft updates, users of Adobe’s Reader and Acrobat software on both Windows and Apple systems need to update their software ASAP. Adobe released Bulletin APSB11-24, addressing at least thirteen memory corruption flaws, and several privilege escalation, logic flaw, and bypass issues. Read Full Article
Patch Tuesday August 2011
Microsoft released 13 bulletins addressing 22 CVE’s in its own software: Microsoft Windows, Office, Internet Explorer, .NET and Visual Studio. We’ll be watching for Adobe to coordinate any release of their own updates today. Read Full Article
Patch Tuesday July 2011
Discussion of this month’s patch Tuesday is overshadowed by the current round of massive releases from targeted spearphishing, web and SQLi attacks reported in the media. Four bulletins are being released to address 22 CVE records, or sets of vulnerabilities. Read Full Article