Further Information

MS08-067 and the rest of the week - I will give everyone one guess as to the first topic that I want to talk about... MS08-067 (24/10/2008)

Microsoft and Oracle with a dash of Adobe - This week Microsoft and Oracle decided to release all their patches and vulnerabilities on the same day. Unfortunately that means lots of bulletins for me, and lots of patching for you :( (16/10/2008)

Are YOU LinkedIn? - If you are LinkedIn (and of course I am talking about the social networking site www.linkedin.com) then you may have received a phishing email recently. (10/10/2008)

Malware with smaller targets - (03/10/2008)

Cisco's half yearly flood of advisories, updates to Mozilla software and Kiwicon - We didn't see much out of the ordinary in terms of incident reports this week. But Cisco have given people something with releasing 12 advisories, 11 of which for IOS issues. The Mozilla project also released versions of Firefox and SeaMonkey. And finally, Kiwicon is on this weekend. (26/09/2008)

Apple updates, more targeted phishing and another new team member. - Apple has continued on from last week pushing updates for OSX and the iPhone. (19/09/2008)

Why Automatic Updates could be bad! - (18/09/2008)

Major updates and an Aussie radiation scare? - Patches released from the major vendors and an email claiming nuclear contamination on Australian soil. (12/09/2008)

An exploit for the CitectSCADA vulnerability has been posted on Milw0rm - An exploit for the CitectSCADA vulnerability that AusCERT helped to co-ordinate the release of earlier this year, has been posted on Milw0rm. The module has been created to be included in the Metasploit framework. (08/09/2008)

The week that was... - A new staff member and new vulnerabilities. (05/09/2008)

Google Chrome - How shiny is it? - Google has today released the first public beta of their new web browser, known as Google Chrome, as an alternative to other popular browsers. Chrome introduces a number of new and innovative features, but with these new features come some potential security concerns. (03/09/2008)

Malicious Flash Sites Taking Over the Clipboard - Through the use of a standard flash function attackers are attempting to lead viewers to malicious sites. (03/09/2008)

A new threat - (29/08/2008)

Somebody hit the internet 'snooze' button - (22/08/2008)

Fedora infrastructure issue - Fedora are currently recommending that "you not download or update any additional packages on your Fedora systems" at the moment. (20/08/2008)

To Patch or Not to Patch - I am sure you are all expecting me to mention something about Microsoft and how you should patch your systems now. And then I would go on to say how you should patch all systems with patches as soon as you can. After all I am a good little security professional. (15/08/2008)

Friday - at least for now... - We are still seeing DNS patches coming out - so for the last time (now that the BlackHat presentation has come and gone) check your DNS are belong to us - I mean are patched. (08/08/2008)

An unquiet week - (01/08/2008)

Active Exploitation of... - We just discovered exploitation of recent vulnerability of a popular media program. (28/07/2008)

Delivering Bad Packages - Another trojan mail run was made this week - this time claiming to be a message regarding a package that could not be delivered (25/07/2008)

A slower week that was! - The AusCERT week in review for week ending 18/07/2008. (18/07/2008)

DNS Spoofing means war! or not! - Big week, big vuls lots of crappy emails. (11/07/2008)

AusCERT Coffee Machine and the rest of the week - Thankfully our coffee machine at AusCERT is one of those old fashioned, NON Internet connected ones. So our coffee will remain strong. (04/07/2008)

Whitelisting - While looking over the long list of vulnerabilities that were reported to us today - one of them came across as slightly amusing, but put a new spin on the idea of whitelisting. (24/06/2008)

Storm Hooks China and Browser Releases - Another large spam run has seen the Storm malware using the Chinese earthquake and Beijing Olympics as hooks. (20/06/2008)

Zero day Firefox vulnerability - A zero day vulnerability has been announced in Firefox. (19/06/2008)

Port Scanning increase - Massive increase in some ports. (18/06/2008)

Accepting Certificates - For a while now we have seen some malware authors attempt to use digital certificates to help the infection process. Looking further this could have larger consequences. However I am rushing forward a little too fast, so let me start from the beginning... (18/06/2008)

Microsoft Patch Week - A quick discussion about one of the Microsoft patches. (13/06/2008)

[OFF-TOPIC] Feeling Green? - So not really security related... (10/06/2008)

When an upgrade downgrades and patches for all - Turns out Windows XP Service Pack 3 was installing a older vulnerable version of Flash Player. (06/06/2008)

Beyond obfuscation - attackers using encrypted javascript - An interesting insight into where the Bad Guys want to go. (05/06/2008)

Useful information regarding the recent and ongoing sql injection attacks - Over the past months we have seen a rise in sql injection attacks, particularly in reference to asp pages. (03/06/2008)

Checked your domain registration details lately? - Recent reports indicate that U.S ISP Comcast had a major web outage recently due to a registration hijack... (02/06/2008)

Microsoft investigating possible vulnerability in Safari on Windows - A report has been made public on a vulnerability in Apple Safari on Windows that can result in unauthorised code execution. (02/06/2008)


Previous  1, 2, 3 ... 9, 10, 11, 12  Next denotes AusCERT member only content.