Tag Archives | Vulnerability

Shavlik Statement on Emergency Out-of-Band Patch for IE Attack Code Used to Hack Google

"Microsoft has gone out-of-band from their normal release cycle for a critical security bulletin release. The bulletin addresses the zero-day vulnerability described in Security Advisory KB979352. The last time Microsoft went out-of-band for a security bulletin was in July 2009. That bulletin addressed a vulnerability in the ATL library. Unlike the July out-of-band release, this […]

Read full story Comments { 0 }

Mismanaged Privileged Accounts: A New Threat To Your Sensitive Data

In mid-October the USCC congressional commission gave IT professionals an early Halloween scare with its report on an emerging cyber warfare threat. The 88 page document, compiled by a team at Northrop Grumman, presents in unsettling detail the anatomy of a 2008 attack on a US company’s IT infrastructure that succeeded in providing at least […]

Read full story Comments { 0 }

Shavlik Technologies on November Patch Tuesday Releases

“Microsoft has released six new security bulletins in November’s Patch Tuesday. Administrators are getting a bit of a break after last month’s mammoth security bulletin release. MS09-065 is the first bulletin administrators should address. This bulletin affects the Windows Kernel and can lead to remote execution on a target system. This bulletin addresses three vulnerabilities. […]

Read full story Comments { 0 }

More Thoughts on Middleware and Regulatory Compliance

By T.Rob In yesterday’s post Is Your Sarbanes-Oxley Certification Sound? I proposed that it is not possible to be SOX compliant if anonymous users can manipulate messaging traffic in the enterprise. I couched that in terms of WebSphere MQ because that is the messaging software I am most familiar with. I framed the discussion in […]

Read full story Comments { 0 }

Another Lesson The Twitter Worm Teaches

Twitter may be in the news this week for the wave of attacks on it users but the past year has shown repeated cross-site scripting infiltrations on sites such as Facebook, eBay and HSBC, the financial institution. What’s different this time is how much faster the community can respond due to the increased use of […]

Read full story Comments { 1 }