Free Certificate Reissuance From VeriSign
Users of weak certificates made by buggy Debian code need to move fast.
Security Software
May 17, 2008
Saturday, May 17, 2008 7:20 AM/EST
January 15, 2008
Tuesday, January 15, 2008 11:14 AM/EST
Sunbelt + Dell = Ninja Blade
New appliances are designed for Exchange e-mail security.
August 25, 2007
Saturday, August 25, 2007 2:13 PM/EST
Sendmail Users Update ClamAV NOW!
A most serious, easily exploitable vulnerability in ClamAV versions prior to 0.91.2, recently released, could allow an attacker to compromise a system by sending an e-mail to it. The issue is in clamav-milter, the sendmail plug-in for the anti-virus, which...
August 3, 2007
Friday, August 03, 2007 7:54 AM/EST
More on Driver Certificate Revocation
For more from Microsoft on when/how driver certificate revocation works, see the comment section on the blog on the Atsiv revocation. Sounds like the current architecture only allows for boot-time checks, and they're just speculating that checks with VeriSign could...
August 2, 2007
Thursday, August 02, 2007 10:17 PM/EST
Microsoft Hits Back at Atsiv
My current column describes Atsiv, a tool for loading unsigned kernel code in Windows Vista x64. Perhaps I was the one who alerted Microsoft, but it responded tonight pretty strongly. As described by Scott Field, Windows Security Architect, in the...
Thursday, August 02, 2007 3:12 PM/EST
Orphaned Symantec Root Certificates
For my recent column on code signing I took a close look at the Trusted Root Certificates dialog on one of my Vista systems and noticed something odd. The selected certificate is one of two Symantec certificates. Three things are...
July 16, 2007
Monday, July 16, 2007 9:48 PM/EST
Phishing Phinals
Check out McAfee's 10 question phishing quiz. You are presented with real and phony e-mails and web sites and told to pick the genuine one. Some of the questions are easy, some are quite hard. I was really nervous. It...
July 13, 2007
Friday, July 13, 2007 2:57 PM/EST
Mine Collapse: The Postini Privacy Contract Language
In my most recent column I expressed concern over the lack of privacy protections for e-mail content in Postini's privacy policies. I really did check with Postini and, as I said in the column, they only sent me language that...
July 11, 2007
Wednesday, July 11, 2007 7:29 AM/EST
Microsoft Enters the BartPE Market
If you do troubleshooting on Windows systems you probably know about BartPE already. If you don't, you're probably not as good at your job as you could be. BartPE is like magic. It makes Windows Boot CDs onto which you...
July 5, 2007
Thursday, July 05, 2007 12:05 PM/EST
Code Insertion Through ARP Spoofing
Once you've got control of a system inside a network, it's amazing what you can do with it. Neil Carpenter of Microsoft's Security Incident Response team recently ran into an example of a particularly powerful and scary attack using ARP...
- ← Previous
- Viewing articles 1-10
- Next →
