Microsoft will distribute Internet Explorer 7 as a high-priority update via Automatic Updates soon after the final version is released for Windows XP, planned for the fourth quarter of 2006.
/Gill
Friday, July 28, 2006
Sunday, July 16, 2006
Hands On: How to Install Windows Vista Beta
July 12, 2006 (Computerworld) -- Microsoft last month made Windows Vista Beta 2 publicly available for download or delivery on DVD via its Windows Vista Consumer Preview Program (CPP). The CPP closed to new registrations on June 30, and it appears Microsoft will not reopen it when Vista Release Candidate 1 arrives, but all registered CPP users will be offered RC1 as well.
What's the best way to install and test Windows Vista? There are three main ways to do so gracefully. There are also one or two tricks of the trade.
Read the rest of the guide..
What's the best way to install and test Windows Vista? There are three main ways to do so gracefully. There are also one or two tricks of the trade.
Read the rest of the guide..
Saturday, July 15, 2006
Phishing Attack Defeats Two-Factor Authentication
from: The SANS Institute [NewsBites@sans.org]
(13 & 10 July 2006)
Phishers are targeting Citibank Citibusiness customers using a man-in-the-middle attack to exploit people's trust in two-factor authentication. The scheme, if successful, would provide the phishers with Citibank Citibusiness customers' names and passwords in addition to temporary passwords generated by security tokens. The scheme passes on the customers' entered information to the legitimate site to see if it authentic. In a real-time attack scenario, the temporary passwords could be used before they expire. The phony site has reportedly been shut down.
http://www.vnunet.com/vnunet/news/2160250/phishers-crack-two-factor
http://blog.washingtonpost.com/securityfix/2006/07/citibank_phish_spoofs_2factor_1.html
(13 & 10 July 2006)
Phishers are targeting Citibank Citibusiness customers using a man-in-the-middle attack to exploit people's trust in two-factor authentication. The scheme, if successful, would provide the phishers with Citibank Citibusiness customers' names and passwords in addition to temporary passwords generated by security tokens. The scheme passes on the customers' entered information to the legitimate site to see if it authentic. In a real-time attack scenario, the temporary passwords could be used before they expire. The phony site has reportedly been shut down.
http://www.vnunet.com/vnunet/news/2160250/phishers-crack-two-factor
http://blog.washingtonpost.com/securityfix/2006/07/citibank_phish_spoofs_2factor_1.html
Legendary hacker and author Kevin Mitnick has produced a whitepaper
Legendary hacker and author Kevin Mitnick has produced a whitepaper in which he details several scenarios in which social engineering exposed significant vulnerabilities that lead to corporate attacks.
People who have read Kevin's books and who like his style of writing will also enjoy the paper. What I find most valuable about this paper is that Mitnick remains neutral in his approach when he outlines his "Best Practices" approach to protection. He does a thorough analysis of various techniques and methodologies for mitigating risk and locking down endpoints, while allowing users enough flexibility to perform their jobs.
People can download the whitepaper in PDF format from www.appsense.com/mitnick
It's a good read, I would recommend it for anyone security inclined even if you just download it and save it for a rainy day :o)
resource:security-basics@securityfocus.com
People who have read Kevin's books and who like his style of writing will also enjoy the paper. What I find most valuable about this paper is that Mitnick remains neutral in his approach when he outlines his "Best Practices" approach to protection. He does a thorough analysis of various techniques and methodologies for mitigating risk and locking down endpoints, while allowing users enough flexibility to perform their jobs.
People can download the whitepaper in PDF format from www.appsense.com/mitnick
It's a good read, I would recommend it for anyone security inclined even if you just download it and save it for a rainy day :o)
resource:security-basics@securityfocus.com
Saturday, July 08, 2006
The Depressing State Of Computer Security
From WServerNews.com newsletter.
Perhaps you know Roger Grimes. He's an InfoWorld Test Center Contributing Editor, Writes for WinITPro Mag, and is a Foundstone Ultimate Hacking instructor/consultant teaching Windows, Linux, Unix, and Solaris security.
His column this week was as depressing as it was interesting. He puts all his 10 fingers smack in the middle of many sore spots.
It was revealing and entertaining to read his admittedly gloomy perspective on security, but he did say that next week's column will point to some solutions. In the mean time, read this and get yourself trained as an IT security specialist. There will be a lot of work for -years- to come !
Perhaps you know Roger Grimes. He's an InfoWorld Test Center Contributing Editor, Writes for WinITPro Mag, and is a Foundstone Ultimate Hacking instructor/consultant teaching Windows, Linux, Unix, and Solaris security.
His column this week was as depressing as it was interesting. He puts all his 10 fingers smack in the middle of many sore spots.
It was revealing and entertaining to read his admittedly gloomy perspective on security, but he did say that next week's column will point to some solutions. In the mean time, read this and get yourself trained as an IT security specialist. There will be a lot of work for -years- to come !
Friday, July 07, 2006
Subscribe to:
Posts (Atom)
