Welcome to TechNet Blogs Sign in | Join | Help

July 2005 - Posts

Absolutely Cool: MSN Virtual Earth

This has nothing to do with Security but it is very, very, cool: MSN released Virtual Earth. Look at the Aerial Photos. They are amazing: http://virtualearth.msn.com/Default.aspx Unfortunately it is US-only at the moment.If you want to see the Microsoft Read More...
Posted Saturday, July 30, 2005 8:51 AM by chsecblo | 3 Comments

There is life outside IT-Security

I am not sure whether you know: There is life outside IT-security. At the moment I am on vacation in Hasliberg in the Swiss Alps with my family and it is incredible. Sun, fun, and almost no IT..... Roger on the PPC Read More...
Posted Wednesday, July 27, 2005 5:35 PM by chsecblo | 0 Comments

Microsoft Security Quick Reference Guide

Microsoft Security Quick Reference Guide now live on the Internet. http://download.microsoft.com/download/0/d/6/0d698beb-7d8e-427a-acb7-7642daf9d44e/security_onepager_extURLs.doc Urs Read More...
Posted Wednesday, July 27, 2005 9:47 AM by chsecblo | 0 Comments

Microsoft and FrontBridge Technologies

Microsoft announced its intention to acquire FrontBridge Technologies Inc., a privately held, leading provider of secure managed messaging services based in Los Angeles. FrontBridge advanced email filtering technologies offer spam filtering, virus scanning, Read More...
Posted Monday, July 25, 2005 9:16 AM by chsecblo | 0 Comments

University of Colorado servers hacked

As I said recently: We are seeing Univeristies being hacked - pretty often..... This time it is Univeristy of Colorado: http://news.com.com/University+of+Colorado+servers+hacked/2110-7349_3-5800712.html?part=rss&tag=5800712&subj=news Roger Read More...
Posted Saturday, July 23, 2005 8:00 PM by chsecblo | 0 Comments

Windows Vista Announced

Today at our internal Microsoft Global Briefing we announced the new name for our next version of Windows - code named Longhorn. It will be called Windows Vista. Beta 1 is still on target for early August and the release for 2006. It will be the most Read More...
Posted Friday, July 22, 2005 8:47 PM by chsecblo | 0 Comments

MS05-037 attacked

Now, they are here. The attacks to MS05-037. It is finally exploited on several vecotrs. At the moment, I know of two: A Trojan called Trojan.Jevproxy. You can find the corresponding news here: http://www.techweb.com/wire/security/166400667 SANS is reporting Read More...
Posted Thursday, July 21, 2005 8:14 PM by chsecblo | 0 Comments

The next vuln disclosed irresponsible

I am wondering whether people would start the disclose volns responsible if they would understand to what level of risk they expose our customers and with them quite a part of the industry by using irresponsible disclosure (called full disclosure as well). Read More...
Posted Monday, July 18, 2005 10:10 AM by chsecblo | 0 Comments

Security Monitoring and Attack Detection Planning Guide

NEW SECURITY & EXPLOIT TOOLS from Microsoft: The Security Monitoring and Attack Detection Planning Guide. This guide describes how to plan a security monitoring system on Windows-based networks. This system can detect attacks that originate from internal Read More...
Posted Monday, July 18, 2005 8:21 AM by chsecblo | 0 Comments

New wireless attack discovered

The security threat of wireless networks to the enterprise keeps growing, this time with the discovery of a new wireless attack. Dubbed “phlooding,” this new exploit targets businesses central authentication server with the goal of overloading it and Read More...
Posted Monday, July 18, 2005 8:05 AM by chsecblo | 0 Comments

F-Secure issues Virus Warning

Well, I have seen several virus alerts on Level 2 from F-Secure without actually atking off. But this time there is a huge difference: When Slammer broke out, I have been on vacation. When Blaster took off - I have been on vacation. Since an hour, I am Read More...
Posted Friday, July 15, 2005 4:55 PM by chsecblo | 854 Comments

Spike on Port 80

One source reports a significant spike on port 80 ( http://www.dshield.org/port_report.php?port=80 ). It is unclear where this comes from. There is some chatter that somebody is probing new tools. Other rumours say that somebody is checking for vulnerabilitis Read More...
Posted Thursday, July 14, 2005 9:47 PM by chsecblo | 0 Comments

The Microsoft Security Assessment Tool

Ever wanted to know the risks you are facing with your company and your IT implementation? There is a tool you should look at called the Microsoft Security Assessment Tool. It helps you to understand your risks and you even have the possibility to compare Read More...
Posted Thursday, July 14, 2005 8:37 PM by chsecblo | 0 Comments

Universities getting hacked

Something we see pretty often these days: Universitites that are getting hacked. They have to run pretty complex and heterogeneous networks and have quite some interesting data (research and students). Just an other case: Hacker May Have Accessed University Read More...
Posted Tuesday, July 12, 2005 8:51 PM by chsecblo | 0 Comments

Phrack is closing down

I know that this is the third time today but it is woth it: The well-known hacking magazine is facing closure: http://news.bbc.co.uk/2/hi/technology/4657265.stm Roger Read More...
Posted Monday, July 11, 2005 8:59 PM by chsecblo | 0 Comments

Our Spyware and Claria

Well, this is kind of funny to me: There have been some companies claiming that we flag them as spyware and that they actually are not. They all went through a defined and well-documented process and have been measured against defined and well-documented Read More...
Posted Monday, July 11, 2005 8:54 PM by chsecblo | 3 Comments

Targeted Trojan Email Attacks

US-CERT warned today of targeted Trojan E-Mail attacks. Something that is pretty frightening and growing rapidly. We saw similar cases on Israel and the UK (both have been in the press). If you want to read the warning - there you go: http://www.us-cert.gov/cas/techalerts/TA05-189A.html Read More...
Posted Monday, July 11, 2005 8:44 PM by chsecblo | 0 Comments

Security Career Guide

We sponsored the development of a Security Career Guide that is pubnlished by ISC2 (the organisation that is repsonsible for the CISSP certifications). A pretty good overview: https://www.isc2.org/download/careerguide05.pdf Roger Read More...
Posted Friday, July 08, 2005 10:13 PM by chsecblo | 0 Comments

VXers release 'London bombing' Trojan

It is really unbelieveable, what people do: "Virus writers have created a Trojan which poses as London terrorist attack news footage. Infected emails harbouring the Trojan pose as a CNN Newsletter which asks recipients to ‘See attachments for unique amateur Read More...
Posted Friday, July 08, 2005 9:53 PM by chsecblo | 0 Comments

Author of Sasser Worm sentenced

Today Svan Jaschan was sentenced to 21 motnh's probation. This is, on my personal opinion by far not enough, especially if we take into consideration that he admitted to having created several viruses and worms. This is a pretty bad signal. Read more Read More...
Posted Friday, July 08, 2005 9:23 PM by chsecblo | 0 Comments

2012 London Olympics: 2,000 IT volunteers needed

If you do not know, what to do starting from 2008, I would have an idea: Planning for the technology infrastructure that will underpin the London Olympic Games in 2012, including the need for thousands of volunteer IT staff, will begin ahead of the 2008 Read More...
Posted Friday, July 08, 2005 1:50 PM by chsecblo | 0 Comments

Hackers crack two-factor security

News from the net: It is not THAT bad but anyway: "The latest generation of spyware not only includes key-loggers that trap passwords, but screen-grabbing software. This takes multiple images of what the user is doing and sends it straight to the hacker." Read More...
Posted Thursday, July 07, 2005 8:45 PM by chsecblo | 0 Comments

July Security Updates

It seems to be a pretty quiet month. We just released the pre-notification for the July updates. We will release two Windows Updates with the highest rating critical and one critical Office update. As we now have Microsoft Update in place, you will not Read More...
Posted Thursday, July 07, 2005 8:18 PM by chsecblo | 0 Comments

IE vulnerability

As you heard, we released a security advisory last Tuesday concerning a COM object that could cause IE to crash and that could cause a remote code execution. There is quite some chatter around this vulnerability, which was – unfortunately – disclosed Read More...
Posted Wednesday, July 06, 2005 7:54 AM by chsecblo | 0 Comments

Our Blog

Hi, now, we have a blog as well :-) We want to give you some insights , what is happening within the Siwss Security Team. "We" - this is: Andrea Mueller, Security Solutions Manager; Urs P. Küderli, Strategic Security Advisor; Horst Thierbach, Security Read More...
Posted Tuesday, July 05, 2005 10:10 PM by chsecblo | 4 Comments
 
Page view tracker