Latest Vulnerability Breakdown – 10/30/08

Posted on October 30, 2008. Filed under: Auditing, Penetration Testing | Tags: , , , , , , , , |

My apologies on the lack of posts this week.  Work has been a bear and teachning a CISSP class every week has started to catch up with me also.  All in all though it is a great time to be working with security.  Microsoft’s patch was a big one and there are several exploits attacking [...]

Read Full Post | Make a Comment ( None so far )

Latest Vulnerability Breakdown – 10/17/08

Posted on October 17, 2008. Filed under: Auditing, Penetration Testing | Tags: , , , , , |

This list out the most important vulnerabilities and exploits identified during the past week
and provides guidance on appropriate actions to protect your systems (PART I). It also includes
a comprehensive list of all new vulnerabilities discovered in the past week (PART II).

Summary of Updates and Vulnerabilities in this Consensus
Platform [...]

Read Full Post | Make a Comment ( None so far )

Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege

Posted on October 15, 2008. Filed under: Auditing, General, Penetration Testing | Tags: , , |

This security update resolves one publicly disclosed and two privately reported vulnerabilities in the Windows kernel. A local attacker who successfully exploited these vulnerabilities could take complete control of an affected system. The vulnerabilities could not be exploited remotely or by anonymous users.
This security update is rated Important for all supported editions of Microsoft Windows [...]

Read Full Post | Make a Comment ( None so far )

STUDIES AND STATISTICS – From SANS Newsletter

Posted on October 14, 2008. Filed under: Auditing, General, Penetration Testing | Tags: , |

–NRI Secure Technologies (Japan) Web Application Security Assessment Trend Analysis Report
A security assessment survey of 169 websites conducted by Japan’s leading cyber security consulting organization, NRI Secure Technologies, Ltd., during the 2007 fiscal year found that 41 percent of the sites had critical security flaws that could allow access to sensitive information.  An additional 30 [...]

Read Full Post | Make a Comment ( None so far )

Building upon the Insider Threat

Posted on October 14, 2008. Filed under: Auditing, General | Tags: , , , |

In an effort to reinforce my last blog I tracked down another survey in regards to security in the workplace. This was conducted by RSA/EMC’s Security arm. The results of the survey underscore that the risk posed to data by well-meaning insiders. This group is made up of employees, contractors, suppliers, partners, visitors [...]

Read Full Post | Make a Comment ( None so far )

« Previous Entries

    About

    “The soft and the pliable will defeat the hard and strong.” Lao Tzu

    RSS

    Subscribe Via RSS

    • Subscribe with Bloglines
    • Add your feed to Newsburst from CNET News.com
    • Subscribe in Google Reader
    • Add to My Yahoo!
    • Subscribe in NewsGator Online
    • The latest comments to all posts in RSS
    • Subscribe in Rojo

    Meta

Liked it here?
Why not try sites on the blogroll...