It Security need to be address by today organizations. This should start from the top down but in most cases IT Security start from the bottom and in most cases never reach the top. The blog on IT Security are to help everyone better...
[more]
It Security need to be address by today organizations. This should start from the top down but in most cases IT Security start from the bottom and in most cases never reach the top. The blog on IT Security are to help everyone better understand how knowledge of the subject. The bad guys are working hard to gain access to your network and/or computer, we need to work at keeping them out.
Trojan.Gord is a Mozilla XUL application that will alter Firefox’s default XUL overlay configuration file. Trojan.Gord will redirect search results in the Firefox Web browser.
Type
Trojan
Sub-Type
Redirect
Aliases
OS Affected
Windows
Detected By
Symantec
Read Full Story
Virus Total offers a great service for users who want to check files for malicious code. The main benefit of using Virus Total over locally installed antivirus software is the multi-engine approach as it offers to scan files with dozens of different antivirus engines and databases.
The Virus Total service can be used on the website directly by uploading one file to the service or by use of the Virus Total software which recently has been updated to version 2.
It was previously only... Read Full Story
Microsoft has released a new batch of security updates on this month’s Patch Tuesday which patch various security vulnerabilities in Microsoft software products. The vulnerabilities are affecting several popular Microsoft products including various Windows operating systems, Microsoft Internet Explorer and Microsoft Office.
Three of the vulnerabilities have a maximum severity rating of critical while the other three are rated as important. The vulnerability impact is either a remote code... Read Full Story
Microsoft has released a new batch of security updates on this month’s Patch Tuesday which patch various security vulnerabilities in Microsoft software products. The vulnerabilities are affecting several popular Microsoft products including various Windows operating systems, Microsoft Internet Explorer and Microsoft Office.
Three of the vulnerabilities have a maximum severity rating of critical while the other three are rated as important. The vulnerability impact is either a remote code... Read Full Story
Is there anything Google isn’t going to do? Google has recently announced Google Public DNS services for Web engines and other systems to query for address resolution. This makes some sense, as Google crawls the Web frequently and has a good idea of where Web presences are located. The goals of this service are to provide an option for current DNS configuration, reduce ISP loads, and make the Web faster. I have historically used ISP DNS information for all information but have supplemented... Read Full Story
ActiveX vulnerabilities have posed a security challenge for some time, and they're likely to be a challenge for quite some time to come. Look at examples such as Microsoft's patches this summer, which included a fix for Internet Explorer (MS-09034) and another (MS-09035) for Visual Studio 2005 and 2008. These updates were released to protect users from a security hole in technology employed by developers to create powerful web-based application elements. More specifically, the flaws resided... Read Full Story
Apple on Wednesday issued updates for the iPhone, iPod touch and QuickTime video player to address numerous security vulnerabilities, some of which could enable an attacker to execute arbitrary code. The newest versions – iPhone OS 3.1, iPhone OS 3.1.1 for iPod touch, and QuickTime 7.6.4 – fix 10 security issues in the iPod touch and iPhone and four vulnerabilities in Windows and Mac versions of QuickTime. But, one added security feature for the iPhone and iPod touch, an anti-phishing... Read Full Story
US-CERT has issued a vulnerability note that should worry anybody who relies on SSL VPN products to establish secure web sessions. SSL VPN is a very common method of establishing a secure connection between two remote sites over an Internet connection, where the user connects only through a standard web browser, without the need for any client software. It’s gained popularity because of its simplicity, and because of its clientless nature, it allows for easy, anywhere connectivity. It is... Read Full Story
The Firefox browser has been updated for four security flaws, three of which were rated as “critical,” according to Mozilla. “Mozilla has released a security advisory to address multiple vulnerabilities,” an advisory from US-CERT said. “These vulnerabilities may allow an attacker to execute arbitrary code, mislead users by spoofing a URL, or cause a denial-of-service.”Another update from Mozilla addressed problems in an older version of Firefox (3.0.14).In a post on the Mozilla blog, Nicole... Read Full Story
Phishing has drastically declined as attackers have started to focus their efforts on malware, an easier and more effective tactic that yields the same net gain, according to IBM. Throughout 2008, phishing attacks were present in .5 percent of all spam email, but during the first half of 2009 they dropped down to .1 percent, according to IBM's mid-year security report, put out by the company's X-Force research and development team. And during the same time frame, the number of new malicious... Read Full Story
