Information Security in Today's Digital Culture

You know it’s a bad week when circumstances warrant two Security Advisory posts.  There is a zero-day vulnerability making the rounds that affects Adobe Acrobat and Acrobat Reader versions 9.  The exploit arrives in a PDF file and exploits the ability of Acrobat to run JavaScript embedded in PDF files.  The vulnerability can be completely …
Read more

Microsoft recently released a patch for security issue MS09-002 which is a vulnerability in Internet Explorer 7 that allows remote code execution.  There is now an exploit in the wild for this vulnerability.  The current version of this exploit steals personal data and exfiltrates it to a remote site.  I would expect that RBN and …
Read more

Legitimately bad

February 16th, 2008 | Posted by Dominic Schulte in Logs | Monitoring | Security - (0 Comments)

I have spent a fair amount of time over the last several months analyzing the Security Information Management (SIM) market to see how products like Arcsight[], QRadar[], SecureVue[], and enVision[], could benefit us (and our customers) as a Managed Security Service Provider (MSSP)[]. I was intrigued, then, when I picked up the December issue of …
Read more