-
Don’t update to PHP 5.2.7!
Or if you updated, please update to 5.2.8, since 5.2.7 contained a security regressions!
-
Does AV more harm than good?
This article is one of the best description of the current situation that I’ve seen out there. Some of juicy bits: This comfort and confidence is the problem – if this user had learned the basics about how malware works and is spread, and been educated on the simple day-to-day activities which put them at…
-
The importance of understanding
I found the paper .NET Framework Rootkits: Backdoors inside your Framework via the Security4All blog some time ago. It is an interesting article about modifying the basic .NET libraries such that they do other things than what they were intended (for example log any traffic going trough sockets). However it seems to have created some…
-
The state of desktop security
I downloaded the Secunia PSI on one of the Windows computers I maintain, thinking “surely, I’m pretty good about updating stuff, it won’t find big things”. Well, I was sadly mistaken. The top culprits are: Java for not uninstalling older releases when never ones get installed Non functioning auto-update features. Two examples would be Java…
-
Security is a process
Security is like art: it’s never done, just abandoned :-). So here are 3 free tools which you might want to regularily run in your environment to check for well known problems: MSAT – Microsoft Security Assesment Tool MBSA – Microsoft Baseline Security Analyzer Secunia PSI – Personal Software Inspector
-
The hacker mindset
Is it just me, or does the pharese “adding third party gadgets to gmail” cry security vulnerability? I’ve read this posting from hackaddict, and it made me curious: just what can you do from a Google Gadget? A little googling around (no pun intended :-)) lead me to this presentation: Xploiting Google Gadgets: Gmalware and…
-
What is a perimeter weakening malware?
I’ve seen this idea floating around the Internet for some time and I thought I document it for future reference: A perimeter weakening malware is a program (script, macro, etc) which “lowers the defenses” of a computer (stops AV software, disables the firewall, creates an Administrator account with a certain password, etc) after which it…
-
The disadvantages of cloud based scanning
My fellow blogger Kurt has written a post about the benefits of scanning in the cloud. While I mostly agree with it, there are some disadvantages which also needs mentioning: The need to be always connected – how will such a system deal with the disconnected scenario? As much as we are used to being…
-
Will Morro continue to innovate?
Rich Mogull thinks that Morro (the free AV from Microsoft) will lead more innovation. However I think that the issue is not so clear-cut: Morro will be forced to innovate like any AV vendor due to the external pressures of the extensive user base of existing AV solutions, changing threats/attacks, and continued pressure from third…
-
Suspicious domain – or not?
I was forwarded a link to primariaclujnapoca.ro, and (although I was 99% sure that the site is legit) decided to check it out with domaintools. To my amazement I found the WHOIS information to be severely lacking. This, coupled with the fact that it is hosted on a shared server raised my suspicion. In the…