07-02-2009 11:05 GB Building Solutions switches to Sophos for complete protection Sophos announces that it is providing comprehensive IT security to leading UK construction company, GB Building Solutions Ltd. News :: Sophos Povezani zapisi: 03-10-2010 18:47 Microsoft re-release of KB973811 - attacks on Extended Protection for Authentication, (Wed, Mar 10th) Yesterday Microsoft re-released KB973811 ==http://www.microsoft.com/technet/security/advisory/973811.mspx This relates back to the original KB973917 == http://support.microsoft.com/kb/973917 and advisory MS09-071 ==http://www.microsoft.com/technet/security/bulletin/ms09-071.mspx This affects the Extended Protection for Authentication functions within XP, Vista and Server 2003 ==http://support.microsoft.com/kb/968389 It didn't show up in yesterday's Patch Tuesday review because Microsoft is classifying it as a non-security upgrade. This is confusing to me, because the update actually includes mitigation against a credential forwarding attack, which you might see on an unencrypted, unsigned connection (yes, there's still a lot of that going around ! ) This update affects XP, Vista and Server 2003. Windows 7 and Server 2008 are not affected. Thanks to our readers on letting us know about this one. I'm still puzzled as to why this wasn't on Microsoft's list of security updates ... =============== Rob VandenBrink Metafore =============== ISC 03-10-2010 15:51 Sophos Email Security Appliance Receives Five Star Rating and Named 'Best Buy' in SC Magazine Group Test Sophos Email Security Appliance Receives Five Star Rating and Named 'Best Buy' in SC Magazine Group Test Sophos 03-09-2010 15:20 Vodafone Android Phone: Complete with Mariposa Malware, (Tue, Mar 9th) Panda Security has a post up on one of their employees buying a brand new Android phone from Vodafone and discovering it was spreadingMariposa. It didn't infect the phone proper, but it did have autoexec.inf and autoexec.bat files designed to infect whatever Windows machine the phone was plugged into via USBcable. Unlike the Engergizer story from yesterday, this one is happening now. Standard USB defenses apply, don't automatically execute autoexec.bat/inf files from USB devices. This Microsoft KB article discusses how to disable the Autoplay functionality that leads to this problem. This leads to the interesting question, why not just infect the phones? The technology is certainly there to write malware that is phone specific. We won't see mass infection of phones (or even better, a cell-phone botnet) likely until commerce is much more common on phones. Malware is driven by the desire of profit and once it becomes profitable, we'll see exploitation. The problem is, that these slimmed down devices make it difficult to configure in security. Only a few cell phone types even have the option of cell phone antivirus software. The clock is ticking on that threat. -- John Bambenek bambenek at gmail /dot/ com ISC 03-08-2010 15:58 Sophos Email Security Appliance Awarded March 2010 VBSpam Certification Sophos Email Security Appliance Awarded March 2010 VBSpam Certification Sophos |
![]() |
![]() |
![]() |
![]() |
![]() |
![]() |
![]() |
xss antivirus security vulnerability avast SPAM attacks pentesting microsoft kasper zastita Sponzorisani linkovi: Grcki stubovi Torte |