All Entries Tagged With: "vulnerabilities"
2009 Breaches and Blunders
Kevin Prince, CTO of Perimeter eSecurity recently released a paper on the top 2009 breaches and blunders. See the full article here. There is also lots of talk about it on Twitter. See here.
—————–
Perimeter E-Security Exposes Top Ten Biggest Security Breaches and Blunders of 2009
MILFORD, Conn., Nov. 23 /PRNewswire/ — Perimeter [...]
Exploitable IE6 Still Top Browser Used
in 2001, Microsoft released Internet Explorer version 6. 5 years later the released version 7 and just recently the released version 8. While there are now two newer FREE versions, as well as many other FREE products from other vendors, the majority of systems still use IE6. Some of the major milestones [...]
Retail Data Breach Study Analysis
Perimeter eSecurity released a retail data breach study several months ago. There was an insightful article posted that I thought made some very good points. Be sure to read the comments at the bottom as well.
Another Adobe Vulnerability
Looks like there is another serious Adobe vulnerability. These are very serious because standard patching procedures employed by most organizations do not include patching 3rd party applications such as Adobe. Adobe has released notices putting people on high alert over several vulnerabilities in the last year. This is even more alarming as [...]
Common Hacker Attack Pathways
In the 2008 Data Breach Investigations Report written by Verizon it discusses the most common methods of access (pathways) used to compromise networks. What they found from the 500+ caseload was the following:
Nearly half of all breaches exploited remote access and control systems. The report states that this is often remote access software [...]
The Easiest Way to Detect Conficker Compromised Systems
I was impressed with a method that some have developed to detect (in a very simple way) if your system is infected with Conficker. Certainly there are many tools out there, but nothing quite as simple as this. Go out to this website. Click on the “Eye Chart” link. Based on [...]
Hacker Difficulty Level
In the 2008 Data Breach Investigation Report by the Verison Business Risk Team, they determined the attack difficulty for attackers to exploit the systems that resulted in the data breach.
The chart and commentary follows a “path of least resistance” philosophy subscribed to by most security professionals. As they specify in the report, [...]
Why you don’t need to worry about Conficker on April 1
The world is not going to end tomorrow. Nor is the Internet going to come to a screaching halt. Nor is everyone going to wake up with their hand in a bowl of warm water.
Everyone is worried about Conficker and the new variant “C” going into effect on April 1. [...]
PDF Reader Flaw beyond JavaScript & Adobe
Adobe promised to have a patch to fix the reader flaw that could cause the compromise of end user systems by March 11 (which they did), but as we have seen in times past, to many end user systems do not get patches to non-Microsoft 3rd party apps. This is serious because it has [...]
Websense discovers Multi-iFrame Exploit Attack
A post regarding a new iFrame exploit attack discovered by Websense Threatseeker is quite interesting. The attack method itself isn’t new, but rather the use of multiple iFrames as a way to attempt to exploit any one of several vulnerable applications on the users desktop.