Previous versions feature in Windows might assist in data recovery after cryptolocker

The SANS diary recently posted an article about utilizing the previous versions feature of Windows for data recovery in the case of cryptolocker. You can read more details about using the feature at the following link – https://isc.sans.edu/forums/diary/Windows+Previous+Versions+against+ransomware/18439

Advance notice of July Microsoft patches – to be released on July 8 at noon

Microsoft has just provided advance notice of the patches that are scheduled to be released on July 8 at 12 (noon cdt). The details as they are currently known are available at – https://technet.microsoft.com/library/security/ms14-jul  There are a total of six patches; two of which are assigned a designation of CRITICAL and three are assigned a […]

Cryptowall malware in circulation – sophos definition mal/zbot-rk

  A new variant of the cryptolocker/cryptowall malware has been identified.  When successful, the malware encrypts all data retained on the workstation before the process can be halted.  As of June 10, the malware has a current definition in Sophos (identified as mal/zbot-rk) but at least one user has suffered a data loss.   Some […]

Advance notice of patches to be released for June – to be released on June 10

Microsoft has just provided advance notice of the patches that are scheduled to be released on June 10 at 12 (noon). The details as they are currently known are available at – https://technet.microsoft.com/library/security/ms14-jun There are a total of seven patches; two of which are assigned a designation of CRITICAL and five are assigned a designation […]

Vulnerability in all gnuTLS versions released prior to 5/30

A vulnerability has been identified in the several open source TLS libraries that are commonly used on Linux systems. The vulnerability would allow a buffer overflow if exploited. If you run a Ubuntu or RedHat system, please check to see if a patch is available. The TLS versions that are vulnerable include all versions prior […]

Advance notice Microsoft patches for May – to be released on May 13

Microsoft has just provided advance notice of the patches that are scheduled to be released on May 13. The details are available at – http://technet.microsoft.com/en-us/security/bulletin/ms14-may  There are a total of eight patches scheduled to be released. Two of those are identified as CRITICAL (for workstation operating systems) and six of those are identified as IMPORTANT. […]

Zero day exploit identified for all current versions of Internet Explorer

On Saturday, April 26, Microsoft provided an announcement of a remote code execution vulnerability that affects all current versions of Internet Explorer (versions 6-11) and that is actively being exploited.  The vulnerability exists in how Internet Explorer manages flash code. No patch is currently available.  See the following URLs for additional information. https://technet.microsoft.com/en-US/library/security/2963983 http://www.fireeye.com/blog/uncategorized/2014/04/new-zero-day-exploit-targeting-internet-explorer-versions-9-through-11-identified-in-targeted-attacks.html As […]

Heartbleed OpenSSL vulnerability – What is known and what should be done

This blog entry will attempt to offer some current info (and a little background) on the OpenSSL heartbleed vulnerability that became known to the public late in the day on April 7. Initial announcement – At approximately 5 p.m. Pacific time on Monday, April 7, a vulnerability was identified in the versions 1.0.1 through 1.0.1f […]

Advance notice of patches to be released on April 8

Microsoft has just provided their advance notice of the patches that will be released on Tuesday, April 8.  The information is available at – http://technet.microsoft.com/en-us/security/bulletin/ms14-apr  There are four patches scheduled to be released, two of which are designated as CRITICAL.  Critical bulletins are identified as bulletin #1 and #2. Bulletin #1 concerns the zero-day vulnerability […]

Topics on the Information Security Forum for April 3

The next Information Security Forum is scheduled for April 3 at 3 p.m. in Room 601 Rudder tower. Topics scheduled to be discussed include the following:   *Email Transition Update  *April IT Forum  *Windows XP reminder  *Code Maroon Website Update and Mobile Notifier App  *ITAC Update  *Four Winds Digital Signage The topic that is likely […]