InfoSecPodcast.com

RSA Security breached by APT

EMC has announced that their RSA division has been compromised. It seems the focus of the attack was information on their SecurID product. RSA in the letter from Art Coviello said: While at this time we are confident that the information extracted does not enable a successful direct attack on any of our RSA SecurID [...]

Continue reading...

Info on IE 0-Day with Snort sig

Unless you are under a rock you have probably heard about the latest hole in Internet Explorer. This one affects the VML component on a fully patched PC. You can be compromised by either a web page viewed in IE or through an HTML email in Outlook. Rather than re-hash all the reviews and analyses, [...]

Continue reading...

Exploits in the wild for recent Microsoft vulnerabilities

Internet Storm Center reports that exploits for MS06-034, MS06-035, and MS06-036 are publicly available. By now you should have them patched anyway….right???? MS06-036 is the one that gives me the shivers since it affects Windows 2000 / XP with the latest service packs and because so many corporate networks use DHCP. It’s marked as Critical [...]

Continue reading...

“0-Day” exploit for PowerPoint, Snort sigs to block .ppt files

Just 3 days after Patch Tueday, Microsoft confirms a new vulnerability in PowerPoint that will could casue complete system compromise. To be clear, this is different than the MS06-028 PowerPoint vulnerability announced on Tuesday. Snort signatures to block PPT files are available on the blog post.

Continue reading...