Happy Valentine’s Day from Microsoft!

Yeah yeah, it’s just patches… This is from our friends over on the WatchGuard Security Center: Most people get flowers, chocolates, and cards for Valentine’s Day, but next Tuesday Microsoft IT professionals can expect a big box of patches. According to their advanced notification post for February, Microsoft will release nine security bulletins next Tuesday, February 14th. The bulletins deliver updates …

Smile, You’re on Candid Camera! TRENDnet Security Camera Feeds Exploited

TRENDnet announced that upwards of 50,000 cameras, comprised of 26 vulnerable models have been identified which are vulnerable to the threat of being used for reverse surveillance. An article on BBC.co.uk indicates that as 7 of the 26 vulnerable models have patches to faulty code already released and the owners would be notified of the available updates. The scary thing …

Are you using pcAnywhere? Symantec says to cut that out… #vulnerbilities #hax0rz

If you are using pcAnywhere to remotely access your computer, you probably want to go read the “pcAnywhere Security Recommendations” posted by Symantec. http://www.symantec.com/connect/sites/default/files/pcAnywhere%20Security%20Recommendations%20WP_01_23_Final.pdf The danger is that someone so inclined could potentially access your computer through vulnerabilities exposed from old source code, and gain full access to your computer, files and your network. To sum it up, disabling pcAnywhere …

US-CERT Technical Cyber Security Alert TA12-024A warns of Anonymous DDoS attacks

Anonymous has made the news lately with their attacks on many sites, with the most prominent being government sites. US-CERT released this info yesterday:   National Cyber Alert System Technical Cyber Security Alert TA12-024A “Anonymous” DDoS Activity Original release date: January 24, 2012 Last revised: — Source: US-CERT Overview US-CERT has received information from multiple sources about coordinated distributed denial-of-service …

Microsoft Security Bulletin Advance Notification for January 2012 – Happy New Year!

Microsoft rings in the new year with updates!  HAPPY NEW YEAR!!!! The Advance Notification outlines 7 bulletins that cover updates from “important” to “critical” in Microsoft Windows (XP / Server 2003 / Vista / Server 2008) and Microsoft Developer Tools & Software. Most will require a restart, or at least MAY require a restart. On the Advance Notification page you …

HP addresses LaserJet vulnerabilities

Remember the flaw that was announced around the beginning of December 2011, where hackers could possibly cause HP printers to burst into flames? Well, HP released a fix for that a week or so back… However, they didn’t mention fire issue. None-the-less, you may wish to consider upgrading. Should you require assistance applying updates to your devices, servers or computers …

Microsoft out-of-band security bulletin for December 29, 2011 addresses .NET framework issues

Yesterday, Microsoft issued a security bulletin for the .NET issues mentioned the other day.  That document can be found here: http://technet.microsoft.com/security/bulletin/ms11-dec Critical Security Bulletins ============================   MS11-100   – Affected Software: – Windows XP Service Pack 3 – Microsoft .NET Framework 1.1 Service Pack 1 – Microsoft .NET Framework 2.0 Service Pack 2 – Microsoft .NET Framework 3.5 Service Pack …

Microsoft security advisory 2659883 announces DoS vulnerability in ASP.NET

Microsoft released Security Advisory 2659883 today which outlines a vulnerability in ASP.NET which could permit a Denial of Service. More information is available here: http://technet.microsoft.com/security/advisory/2659883 Two notes from that page listed as “Mitigating Factors”: By default, IIS is not enabled on any supported Windows operating system Sites that disallow application/x-www-form-urlencoded or multipart/form-data HTTP content types are not vulnerable Please visit the …