Haymarket Media, Inc.
Mobile Version Subscribe Contact Us About Us Advertising Editorial SC UK SC Aus/NZ
SC Magazine
  • Home
  • News
    •  Features
    •  Opinions
    •  Newsletters
    •  Sectors
    •  Company Moves
  • Products
    •  First Looks
    •  Reviews
    •  Group Tests
    •  About Reviews
  • Blogs
    •  The News Team Blog
    •  The Data Breach Blog
  • Buyers Guide
  • Whitepapers
  • Jobs
  • Events
    •  SC World Congress
    •  Awards
    •  Podcasts
    •  Digital Download
    •  Editorial Webcasts
    •  Vendor Webcasts
    •  eConference
  • Subscribe
    •  Newsletters
    •  Subscribe to SC
  • Issue Archive
  • Topic Center:
  • Email Security
  • Compliance
  • Patch Management
  • Financial Services
  • Health Care
  • Retail
Subscribe to our RSS feeds RSS | Login | Register  
Home > The IT Security Blog Roundup
The IT Security Blog Roundup

The day of the month that can’t come soon enough

time Posted April 11, 2007 * Comments(0)

For one day a month, there’s one topic and one topic only that IT security professionals and IT staffers seem to be talking about: Patch Tuesday.

That, of course, is the time (early afternoon of the second Tuesday of the month here on the East Coast) when Microsoft releases its security bulletins. Sometimes the powers that be in rainy Redmond decide to release a dozen or more patches; other times they skip the month altogether. Put simply, Microsoft patch information is given on a need-to-know basis to avoid tipping off the hackers before the release.

But on the receiving end, PT (as the day has become endearingly known to SC Magazine staffers) is a frantic event – or a good excuse to stay at the office and earn overtime or cancel regrettably made dinner plans.

With apologies to the non-corporate bloggers, here’s a rundown from Microsoft on their Security Response Center Blog on the monthly event. Again, there’s minimum information available, but numerous links to other places to find details.

The researchers at F-Secure and McAfee’s Avert Labs and Brian Krebs at the Washington Post give some other examples. And our own Dan Kaplan gives his thoughts on Patch Tuesday on the News Team Blog here.

Related Posts
  • The flavor of the month
    It’s getting pretty easy to forget what month it is, and not on account of the inconsistent weathe...
  • On Office 2000 ActiveX, nCircle and Cambia
    This isn’t a week-in-review post, or a pre-holiday recap. But here are viewpoints from two IT secu...
  • More Mac trojan variants
    We’d be lying to you if we were to use the words “Mac trojan” and “epidemic” in the same s...
  • A follow up from the Journal
  • You’re a good man, Glen Frausto

Filed under: Microsoft, Patch Management, Patch Tuesday, Vista, Vulnerabilities

Cybercriminals ‘Crazy’ for still using Britney photos?

time Posted April 4, 2007 * Comments(0)

Britney Spears was back in the headlines today – but not for marital troubles, custody battles or outrageous antics.
Britney was a topic du jour of information security bloggers. Why? Cyberattacks are trying to lure unsuspecting web users to malicious sites by claiming to have racy photos of the former Mrs. Federline, all to infect innocent PCs with malware.

To do this, the bad guys are assuming home users have the pre-partyhopping-with-Paris version of Britney on their minds more than yesterday’s emergency ANI patch for Windows.

Roger Thompson, the CTO and research chief at Exploit Prevention Labs, has been keeping a vigil on ANI developments in recent days, saying “most” of the exploits are using Britney lures.

Believe it or not, it’s not the first time Britney’s graced the (web)pages of SCMagazine.com. A 2005 study by Panda Labs reported that she was the image most used to spread malware, and she’s popped up as a cover for trojans, worms and rootkits since.

So, are cybercriminals and malicious hackers obsessed with Britney Spears? Think of them as paparazzi interested in stealing personal information.

Related Posts
  • Cybercriminals start World War III (scam)
    Like practically every newsperson I’ve ever met, I like to stay up on the national and internation...
  • Hypponen tries another .bank shot
    Security researchers may have to go another round over whether a .bank domain would cut down on the ...
  • Another angle: iPhone scams
    Who wouldn’t want a free iPhone – or an iPhone free of a binding agreement to one voice service ...

Filed under: Browser flaws, Patch Management, Patch Tuesday, Phishing, Rootkits, Trojans, Vista, Vulnerabilities, Worms

time The IT Security Blog Roundup

Search This Blog:  


Categories
  • Apple
  • Breaches
  • Browser flaws
  • Compliance
  • Consumer threats
  • Education
  • Email Security
  • Emerging Threats
  • Finance
  • Google
  • Government
  • Groundbreakers and newsmakers
  • High Tech
  • Industry Reports
  • Lawbreakers
  • Legal and Professional Services
  • Manufacturing
  • Mergers and Acquisitions
  • Microsoft
  • Mobile and Endpoint Security
  • Non-Microsoft Patches
  • Patch Management
  • Patch Tuesday
  • Personnel Moves
  • Phishing
  • Privacy
  • Product News
  • Rootkits
  • SC Magazine
  • Spam
  • The Insider Threat
  • Trojans
  • Uncategorized
  • Vista
  • Vulnerabilities
  • Worms
Authors
    Archives
    • November 2007
    • October 2007
    • September 2007
    • August 2007
    • July 2007
    • June 2007
    • May 2007
    • April 2007

    • Blogroll

      • Anton Chuvakin Blog
      • Computer Defense
      • Hacker Webzine
      • MacUser
      • Marco Ramilli’s Blog
      • Michael R. Farnum
      • SecGuru
      • The IT Security Guy
      • WordPress.com
      • WordPress.org
    Home | News | Newsletters | Products | Blogs | Lists | Jobs | Events | Subscribe | Contact Us | About Us | Advertising | Editorial | Subscribe to our RSS feedsRSS

    This material may not be published, broadcast, rewritten or redistributed in any form without prior authorization.

    Your use of this website constitutes acceptance of Haymarket Media's Privacy Policy and Terms & Conditions