Brian Krebs is reporting that a new zero day vulnerability and matching exploit are making the rounds, with no patch or fix in sight.
My recommendation is to consider disabling the java browser plugin or implementing no script with a policy to only allow java originating from intranet sites.
Be careful out there!
Podcast: Play in new window | Download | Embed
Subscribe: RSS
Happy New Year!
In this week’s podcast, I cover an article about the alleged Chinese hacking of Solid Oak due to a lawsuit over China’s improper use of Solid Oak’s software CYBERsitter covered in a Business Week post.
First, a bit of news. Unless you’re still recovering from an egg-nog hangover, you’ve probably heard about the Internet Explorer zero day exploit. Note that it doesn’t impact the latest versions of IE, only 6, 7 and 8. Continue reading Defensive Security Podcast Episode 4
Podcast: Play in new window | Download | Embed
Subscribe: RSS
I have collected security predictions from many IT security vendors
While there are many, many unrelated predictions, and some that are self-serving, some trends emerge:
Podcast: Play in new window | Download | Embed
Subscribe: RSS
It’s late fall, and time for vendors around the world to start guessing at what threats the coming year will bring.
First up, Symantec’s 5 Security Predictions for 2013: