no-image

Area41, formerly known as …

Gruezi from Zurich, Switzerland, where the Area41 conference is currently being held. Area41 doesn’t ring a bell? Well, this event went under a renaming process and was formerly known as Hashdays, that took place in Lucerne. However, the steering team behind… Read Full Article

no-image

Patch Tuesday April 2012 – Patching Multiple Web Based Client Side and Spearphishing Exposures

This month’s patch Tuesday fixes a small set of critical vulnerabilities in a variety of client side software. Six bulletins have been created to address eleven exploitable flaws. Two of the bulletins are top priority and should be addressed ASAP. These are the MS12-023 bulletin, patching a set of five Internet Explorer vulnerabilities leading to remote code execution, and the MS12-027 bulletin, patching the MSCOMCTL ActiveX Control. Read Full Article

no-image

Patch Tuesday February 2012

Microsoft is releasing 9 Security Bulletins this month (MS12-008 through MS12-016), patching a total 21 vulnerabilities. Some of these vulnerabilities may enable remote code execution (RCE) in limited circumstances, and some researchers have claimed that certain “bugs” should be exploitable, but after months of public circulation, there have been no known working exploits. Read Full Article

no-image

LANDesk Interchange 2011, Poison Ivy, and US Incidents

LANDesk Interchange 2011 is winding down in Las Vegas today. The event gathered partners and displayed newer technologies offered by the decade old systems management company. It was interesting hearing from IT “old-timers” that have worked with the technology, describing the company’s impact on the industry – its spinoff from Intel, the original LANDesk AV product that wound up in another vendor’s product, and what they like about Kaspersky Lab technologies integration into the security suite. We were happy to present at our partner’s conference with “The Dark Side of Unmanaged Desktops”, where I described 2011 incidents that both I and our Global Emergency Response Team have investigated and remediated, some incidents in the news, and some of the IT mismanagement issues that enabled these incidents to occur. Read Full Article

no-image

Adobe September 2011 Patch Release

In addition to today’s Microsoft updates, users of Adobe’s Reader and Acrobat software on both Windows and Apple systems need to update their software ASAP. Adobe released Bulletin APSB11-24, addressing at least thirteen memory corruption flaws, and several privilege escalation, logic flaw, and bypass issues. Read Full Article

no-image

Patch Tuesday July 2011

Discussion of this month’s patch Tuesday is overshadowed by the current round of massive releases from targeted spearphishing, web and SQLi attacks reported in the media. Four bulletins are being released to address 22 CVE records, or sets of vulnerabilities. Read Full Article