Information Security in Today's Digital Culture
Header

Adobe has released updates for the Acrobat suite of products. The update fixes over two dozen vulnerabilities[adobe.com], at least one of which is being actively exploited. The version number of the fixed Acrobat and Acrobat Reader products are 9.2, 8.1.7, and 7.1.4. What is more damning than the 29 vulnerabilities fixed is that it appears …
Read more

Another Adobe Acrobat vulnerability is being exploited in the wild. All versions up to and including 9.1.3 are vulnerable. The current exploit targets Acrobat and Acrobat Reader on Windows specifically, but all Acrobat variants (those for Linux and Mac OS X) are vulnerable. Apparently, using DEP (Data Execution Prevention) in Windows may thwart the attack …
Read more

Phishing on Facebook

May 25th, 2009 | Posted by Brett Edgar in Malware | Social networks - (0 Comments)

As noted on several discussion sites around the Internet, there seems to be a new phishing attack against Facebook users.  The login page is being spoofed by several .BE and .AT domains in an attempt to steal user’s credentials.  Be careful signing in to Facebook for a few days…make sure everything looks correct and your …
Read more

As you may know, our company provides 24×7 Network Security Monitoring services to many customers.  Our clients vary widely in size, industry, and information security maturity.   Even so, we see many similar successes, failures, and trends in security monitoring alerts between these customers.  Spyware infections tendsto be a significant number of the incident reports we …
Read more

It amazes me that there are some simple firewall rules that everyone can do to aid in the defense of their internal network, yet seem to be rarely implemented.  These rules limit *outbound* traffic.  It seems, unfortunately, many network administrators neglect to limit traffic from their internal network to less-trusted (e.g., VPN, DMZ, and Internet) …
Read more