Cheap Hack
 
Showing 1-10 of 179 records
 
Expand article

Proposed Bill Would Federalize Private Cybersecurity

The Article has images
2009-04-01 07:33:41 by Editor in Cheap Hack
...security czar reporting directly to the President would expand that person's authority to include private networks. The bill could be introduced as early as today. The scope of the bill is large, consolidating authority over government and other government networks, now held by the Defense Department and NSA, with that over private networks,...
 
Tags: networks, computer networks, bill, government networks, dhs authority, standards, authority, auditable cybersecurity standards, require
 
 
 
 
Expand article

Top-Level Domain Stats For Conficker

The Article has images
2009-03-31 14:50:52 by Editor in Cheap Hack
Much has been made of Conficker.C's ability to use up to 50,000 domains from over 100 TLDs (top-level domains) per day for updating. The list of domains for April 1, the first day of activity of Conficker.C, a date which has already begun in the far east. You can see the actual domain list here. Below is the distribution of TLDs within that...
 
Tags: conficker, tlds, 2-letter tlds, country code tlds, list, conficker cabal, actual domain list, top-level domains, domains
 
 
 
 
Expand article

Foxit Exploits in the Wild

The Article has images
2009-03-24 12:48:52 by Editor in Cheap Hack
I know I said it may be time to abandon Adobe , but the theory has been taking a beating lately. We knew that Foxit, the most prominent of Acrobat replacements, had its own reported vulnerabilities (all patched by the vendor). But now comes word from Symantec that exploits for vulnerabilities in Foxit are being observed in the wild by their...
 
Tags: foxit, exploits, wild, current version, vulnerabilities, acrobat replacements, abandon adobe, symantec, time
 
 
 
 
Expand article

Sendmail Implements Cloud-Based E-Mail Services

The Article has images
2009-03-18 09:14:29 by Editor in Cheap Hack
...security purposes before passing it on to the actual enterprise infrastructure. This keeps the malicious content off of the enterprise's network altogether. The company had noticed that many of its customers for infrastructure mail server software and appliances were using services such as these. Sendmail argues that this sort of e-mail...
 
Tags: e-mail, sendmail, customers, sendmail infrastructure customers, e-mail service, e-mail security service, e-mail security, service, sendmail argues
 
 
 
 
Expand article

Microsoft Clarifies MS09-008 Patch Goals

The Article has images
2009-03-15 20:14:50 by Editor in Cheap Hack
One of Microsoft's patches this week for their DNS server has caused some controversy, as I reported on earlier . Now both nCircle and Microsoft have commented on it further and the situation is clearer
 
Tags: microsoft, dns server, situation, ncircle, controversy, week, clearer, patches
 
 
 
 
Expand article

Still Little Progress on Malicious PDF

2009-03-15 19:13:19 by Editor in Cheap Hack
 
On February 23 we had a malware problem with advertising at eWEEK . Initially the malicious PDF being served was detected by only 6 of the engines at VirusTotal. A couple days later the situation hadn't changed . Today, almost 3 weeks later, I retested and we're up to 11 of 39 engines detecting the threat
 
Tags: malicious pdf, engines, couple days, eweek, virustotal, threat, situation, malware, february
 
 
 
 
Expand article

MS09-008 Patch Ineffective on Exploited Systems Claims nCircle

2009-03-11 06:26:43 by Editor in Cheap Hack
 
...security products and services company, one of the updates issued yesterday by Microsoft fails to successfully block attacks if the system has already been exploited . MS09-008 is one of the three updates issued yesterday by Microsoft and addresses 4 separate vulnerabilities in Windows servers. CVE-2009-0093 (DNS Server Vulnerability in WPAD...
 
Tags: wpad, wpad registration vulnerability, benign wpad entries, dns, ncircle, patch, wpad entry, dns server vulnerability, windows dns servers
 
 
 
 
Expand article

Is PDF the New .DOC?

The Article has images
2009-03-09 09:58:28 by Editor in Cheap Hack
In my column exploring the possibility of abandoning Adobe for other PDF viewers I note that the alternatives are not vulnerability-free. We got another dose of that this morning, as Secunia found a new vulnerability in the Foxit Reader . "Foxit Reader JBIG2 Symbol Dictionary Processing Vulnerability" is not exactly the same as the recent Adobe...
 
Tags: pdf data structure, foxit reader, secunia, jbig2 streams, vulnerability, alternative viewers, pdf viewers, alternatives, note
 
 
 
 
Expand article

End Of Support Life For Various Microsoft Products Soon

The Article has images
2009-02-28 08:16:39 by Editor in Cheap Hack
...Security Blog for reminding me that some important products from Microsoft come off of life support soon. First, to remind you of Microsoft's policies, as related by Roger Through the policy, Microsoft will offer a minimum of 10 years of support (5 years Mainstream Support and 5 years Extended Support) at the supported service pack level for...
 
Tags: service pack level, service pack, previous service pack, support, microsoft, move, windows, life support, windows sharepoint services
 
 
 
 
Expand article

No Anti-Virus Progress on Yesterday's Malicious PDF

The Article has images
2009-02-25 13:02:15 by Editor in Cheap Hack
As part of diagnosing yesterday's malware problem on our web sites I ran the file through VirusTotal , a service which scans it with 36 different anti-virus engines. I uploaded and reanalyzed the same file today and was disturbed to see that the same 6 engines alone in detecting the problem. Click here to see the results. Antivirus Version Last...
 
Tags: exploit, pdf-js, engines, anti-virus engines, file, web sites, antivirus version, c01, yesterday
 
 
 
 
 
Showing 1-10 of 179 records