Video Screencast Help

Security Response

Showing posts for September of 2008
Showing posts in English
Robert Keith | 09 Sep 2008 18:01:10 GMT | 0 comments

Hello and welcome to this month's blog on the Microsoft patch releases. This is a relatively light month, with four bulletins covering eight vulnerabilities.
All of the vulnerabilities this month are client-side issues rated "critical." Five of the issues affect the GDI+ graphics library; the rest affect Media Player, Microsoft Office, and Media Encoder. All of the issues have the potential to see active exploits, but the GDI+ vulnerabilities have the most avenues of attack and affect the most systems. The OneNote protocol handler vulnerability is fairly trivial to exploit.

As always, customers are advised to follow these security best practices:

-    Avoid sites of questionable or unknown integrity.
-    Never open files from unknown or questionable sources.
-    Run all client software with the least privileges required while still maintaining functionality.

Microsoft's summary of the...

Daniel Hoffer | 09 Sep 2008 15:42:26 GMT | 0 comments

I’ve spent the last couple of weeks travelling through Latin America (Mexico, Brazil, and Argentina) and the one commonality between my experiences in each of these three countries is that I don’t speak the local language in any of them. In high school, I studied French, not Spanish, and Portuguese wasn’t even taught. So, at restaurants I can never read the menu and I usually attempt, in very broken Spanish, to ask the waiter for a recommendation (“Que es bueno?”). Then he says something and I nod enthusiastically and smile.
The process reminds me a bit of what backup administrators face when they are trying to figure out how to back up their VMware environments. There are many ways to do it and often they don't know which is best. The easy and obvious way is to run a backup client from inside each virtual machine. In some cases that works fine, but in other cases, all the backups running simultaneously overloads the physical server (the challenges of sharing I/O and...

JasonFisher | 08 Sep 2008 20:46:27 GMT | 0 comments

Myth 2: Disk-Based Technologies Are Too Complicated


Late last week, we kicked off a blog post series looking at the common myths that exist around data protection technologies. I tried to convince users that scalability can be realized with the right data protection strategy, thanks to the innovative technologies that exist today.

Technological advancement with hard disks has been a tremendous driver for data protection technologies, yet some users think disk-based technologies are too complicated. We don't advocate that users replace tape entirely; in fact, there is a place for tape backups in most IT environments. However, don't shortchange yourself by overlooking today's new disk technologies. Some of them might be intimidating, but in actuality they will help administrators reduce storage capacity and IT...

JasonFisher | 05 Sep 2008 16:27:45 GMT | 0 comments

Myth 1 – Data Protection Solutions Do Not Scale with my Business

Plenty has been said about the challenges that exist today for IT and data center managers. I will spare you the typical descriptions about the increase in mission-critical data, plain old exploding volumes of data, and data distributed across a dispersed workforce. We’re all well aware of these issues.

Let’s talk about the good news. There is a tremendous about of innovation in data protection technologies today. Take a second to think about everything you’ve heard about granular recovery, data deduplication, cloud-based storage, SaaS, innovative data protection technology for virtual environments, and continuous data protection. These are all technologies that can be applied to solve specific challenges in the context of a larger data protection platform, and IT folks are beginning to catch on to most of them. However, this innovation has come with quite a few...

Kelly Conley | 04 Sep 2008 14:38:23 GMT | 0 comments

In August, the "Internet" category of spam showed an increase of nine percent from July and now makes up 27% of all spam messages. This increase is detailed in the Symantec State of Spam Report for September, which will be released today. The escalation of Internet spam can be attributed to the prevalence of malicious code being sent around via spam emails over the past month. It seems that spammers will stop at nothing to deliver their payload-various techniques in spam containing viruses were observed over "the month of the virus." These include the following methods:

  • Sensationalized "fake" news headlines
  • Use of seemingly real news headlines
  • Purported download for the latest version of Internet Explorer
  • Malware + spam + phishing = The triple security threat for financial institutions
  • Airline e-ticket connects malicious code and spam

Sensational (and in many cases...

Kelly Conley | 03 Sep 2008 17:34:51 GMT | 0 comments

The theme to Flash Gordon is going through my head. You can't hear it, but I can. He's the savior of the universe, king of the impossible, and he'll save ev'ry one of us.

These lyrics seem so appropriate when it comes to all of the .swf (Flash) spam that we're observing. I imagine the spammer looks upon .swf files as saving his spam by ensuring it will bypass filters. Is .swf the "king of the impossible," able to avoid detection? The answer is "no."

What we have observed are spam messages that contain a link to an .swf file. This file is hosted on a popular image hosting site. When clicked, the link redirects to various Web sites and so far we've seen medical supplement and adult-oriented sites as the destination of the redirects.

The .swf attack with the largest volume observed is the German pharmacy attack, with over 300 million instances seen. The body of this message is in German and includes a list of medications that are...

Umesh Wanve | 03 Sep 2008 16:44:16 GMT | 0 comments

We have seen in recent times that malicious binaries are spreading through social engineering attack vectors like spam emails, phishing, and social networking sites. This time we have found that attackers have begun targeting free online service sites and our example is based on Google Notebook, although these attacks are not unique to this site. Attackers have started to use Google Notebook as a new social engineering attack vector to spread misleading applications. Misleading applications attempt to convince the user that he or she must remove potentially unwanted programs or security risks (usually nonexistent or fake) from the computer.

Google Notebook is a free online service that provides a way to save and share information in a single location. This free service offers a feature to save search results, notes, or images online and allow users to share these artifacts with others. Users can create notes with headings and within each note they can add more content,...