Blackhat 2012 Edition Blackhat Vegas and Defcon are arguably two of the biggest security conferences of the year, where thousands of CSOs, security administrators, and hackers get together to share the latest attack and defense techniques. Blackhat wrapped up last night, and Defcon starts today. During this week's security recap, I highlight some of the briefings I attended at … [Read more...]
Archives for July 2012
WatchGuard Security Week in Review: Text Version
As you probably noticed, I did not post a WatchGuard Security Week in Review episode this week. An extremely busy travel schedule, and a day off to run a long distance race with the WatchGuard team, made it impossible for me to record and produce my weekly video. But don’t worry… The weekly security recap video will return next week with a special episode. I am attending the … [Read more...]
WatchGuard Security Week in Review: Episode 26
Multi-platform Malware, MS Gadget Flaw, and More Password Leaks No time to follow the security news this week? Let my weekly video fill you in. Today's episode includes all the software updates for the week (e.g. Microsoft Patch Day), two more vendor password leaks, some interesting android and multi-platform malware, and an unpatched Microsoft Gadget vulnerability. This week … [Read more...]
Office Patches Mend SharePoint, Visual Basic, and Mac Specific Flaws
Severity: Medium Summary: These vulnerabilities affect: Microsoft Office (for PC and Mac), the SharePoint suite of products, and Visual Basic How an attacker exploits them: Multiple vectors of attack, including luring your users into opening malicious Office documents, or into visiting web sites with malicious content Impact: In the worst case, an attacker can execute code, … [Read more...]
Five July Windows Bulletins: MSXML Fix Included
Severity: High Summary: These vulnerabilities affect: All current versions of Windows, as well as optional components like MSXML and MDAC. How an attacker exploits them: Multiple vectors of attack, including enticing your users to web sites with malicious content or getting them to run malicious executables Impact: In the worst case, an attacker can gain complete control … [Read more...]