In previous blogs, I mentioned that some of the presentations from the CARO workshop a couple of weeks ago were likely to be made available publicly. Unfortunately for non-attendees, most of the presentations are only available to people who were there: however, some can be downloaded by the public from here. In case I didn’t
Some of us are currently enjoying some excellent presentations at a CARO workshop in Budapest on exploits and vulnerabilities. Hopefully, some of them will eventually be made public, so that we’ll be able to include pointers to specific resources. While there’s been a great deal of technical detail made available that has passed me by
Ever since Adobe’s recent updates to Acrobat and Reader, I’ve been irritated by the fact that every time I open a PDF, I’m prompted to re-enable JavaScript, which I disabled while we were all waiting patiently for those patches to the last round of vulnerabilities. “This document contains JavaScripts. Do you want to enable JavaScripts
There was a comment posted today on an article on the SC Magazine site from someone who seemed to think we were talking up an obsolete exploit. He seems to have been thinking about this one: “Microsoft Security Bulletin MS08-014 – Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (949029)”. (Which fixes this issue,
As The Register has pointed out, the Microsoft Security Bulletin Advance Notification for March 2009 doesn’t mention a forthcoming patch for the Excel vulnerability we’ve already flagged in this blog here and here and here. Since, as John Leyden remarks, the exploit is being actively exploited, it may seem that Microsoft are not taking the issue seriously
A few days ago, I promised (threatened) to make some general points about biasing test results, but travel and other obligations have been getting in the way. I’ll get back to that very shortly, but in the meantime, I want to look at an issue with the latest round of Microsoft patches that I was
CNN reported that there a new sleeper virus out there. http://www.cnn.com/2009/TECH/ptech/01/16/virus.downadup/index.html There is nothing sleepy about the Conficker worm, it is wide awake and looking for people who are asleep at the security wheel. CNN reports that Conficker could allow hackers to steal personal and financial data, and they also report that it “it is
Not one of our Top X lists, this time, but one featured in an article on the SANS site. SANS have been banging the drum for safer coding for quite a while – in fact, they do quite a few courses on safe coding in various development contexts. Admittedly, that gives them a financial incentive to fly
[Update info moved to new blog post on 6th January] In deference to all those old enough to get a panic attack when reminded of how bad pop music was capable of being in the 1970s, I’ll try to overcome by the urge to mention “Chirpy Chirpy Tweet Tweet”. Anyway, to business. Having all the
Don’t trust unsolicited files or embedded links, even from friends. It’s easy to spoof email addresses, for instance, so that email appears to come from someone other than the real sender (who/which may in any case be a spam tool rather than a human being). Basic SMTP (Simple Mail Transfer Protocol) doesn’t validate the sender’s
Here’s the second instalment of the “ten ways to dodge cyberbullets” that I promised you. Keep applications and operating system components up-to-date with automated updates and patches, and by regularly reviewing the vendors’ product update sections on their web sites. This point is particularly relevant right now, given the escalating volumes of Conficker that we’re
It probably isn’t news to you that there’s been an issue with Internet Explorer and a recently-discovered vulnerability that exposes users of the application to a range of attacks. Certainly we’ve been getting lots of enquiries about our ability to detect it, and I suspect other vendors are getting the same barrage of questions. Of
