Adobe confirms new flaw, recommends turning off JavaScript
Wednesday, April 29th, 2009Adobe has confirmed a vulnerability in its widely used Reader and Acrobat products, and is recommending users disable JavaScript to stay protected.
Archive for April, 2009
News: Policymakers debate White House’s role in cybersecurity
Wednesday, April 29th, 2009Lawmakers and public policy experts have clashed at a U.S. Senate committee hearing over whether cybersecurity control should be taken away from the U.S. Department of Homeland Security (DHS) and placed under the White House’s purview.
News: Adobe grappling with another PDF vulnerability
Wednesday, April 29th, 2009Adobe again is staring down a zero-day vulnerability in its popular Reader software, according to a new security advisory.
News: Firms fear social networks threat
Wednesday, April 29th, 2009Two-thirds of systems administrators are worried that employees are sharing too much information on social networking sites and threatening the security of corporate systems, according to new research from Sophos.
N. Korea Issues Threat on Uranium – New York Times
Wednesday, April 29th, 2009 Telegraph.co.uk |
N. Korea Issues Threat on Uranium
New York Times, United States Calling the Security Council “a tool for the US highhanded and arbitrary practices,” North Korea also threatened to conduct nuclear and intercontinental ballistic missile tests. It would take North Korea months to prepare a nuclear or ballistic missile … Video: N. Korea rattles nuclear sabre North Korea Threatens Nuclear, Missile Tests North Korea demands apology, threatens nuke test |
More Adobe Security Vulns
Wednesday, April 29th, 2009The Adobe Product Security Incident Response Team blog has reported a security vulnerability in “all currently supported shipping versions of Adobe Reader and Acrobat (Adobe Reader and Acrobat 9.1, 8.1.4, and 7.1.1 and earlier versions.”
The suggested mitigation is disabling javascript. We’ve previously disabled that using Group Policy.
Adobe notes that at this time, this issue is not known to be exploited in the wild. That can change.
Network Security Podcast, Episode 148
Wednesday, April 29th, 2009Rich and I are back from RSA, rested and ready to go! Baah, who am I kidding; here it is four days later and we’re both still so tired we’re barely able to talk coherently. Not that we’d let that stop us from recording a podcast. Never has and probably never will. In any case, we start tonight with a recap of some of our observations of the 2009 RSA Conference and move on to the current media hype over the swine flu. Use the swine flu as a learning exercise in how to cope with media hype, a good excuse for reviewing your own disaster preparedness plans and a way to get some of the same issues dealt with by your management. The hours you spend looking at your options today may save you hours or days down the line.
Network Security Podcast, Episode 148, April 28, 2009
Time: 40:06
Show Notes:
- World Health Organization
- Center for Disease Control and Prevention
- Tonight’s music: Johnny Citizen with Painful Tired
![[del.icio.us]](http://images.del.icio.us/static/img/delicious.small.gif){kind=small}
What is RSA Anyway?
Wednesday, April 29th, 2009At the RSA Conference, I was asked a lot about what we “are” as the security division of EMC. I think I’ve come up with a pretty clean and clear way to answer that in a few simple statements.
Microsoft tightens Windows 7 security for USB drives – CNET News
Tuesday, April 28th, 2009 TweakTown |
Microsoft tightens Windows 7 security for USB drives
CNET News, CA As a result of the change, most USB drives will not be able to automatically launch a program using a Windows feature known as AutoRun, Microsoft said in a post on its Security Research & Defense Blog. So, if an infected USB drive is inserted on a … Redmond Tweaks Autorun Microsoft doctors AutoRun in Windows 7 to stymie Conficker Microsoft retires AutoRun (kinda, sorta) |
Brief: Companies slowest to fix Office, Acrobat flaws
Tuesday, April 28th, 2009Companies slowest to fix Office, Acrobat flaws
Operation triggered by Taliban plan to take over Buner – DAWN.com
Tuesday, April 28th, 2009 Los Angeles Times |
Operation triggered by Taliban plan to take over Buner
DAWN.com, Pakistan By Iftikhar A. Khan ISLAMABAD: Security forces launched a major operation in Buner on Tuesday after intelligence agencies intercepted a telephone conversation of Swat Taliban chief Maulana Fazlullah with his ‘commanders' which revealed their plan to … Video: Taliban On The Defense Pakistan begins offensive against Taliban in Buner Taliban deceived govt, staged withdrawal drama: ISPR |
First 100 days of Obama: Choices have vast national security … – Salt Lake Tribune
Tuesday, April 28th, 2009 BBC News |
First 100 days of Obama: Choices have vast national security …
Salt Lake Tribune, United States By Matthew D. laplante In this April 7 photo, President Barack Obama addresses military personnel at Camp Victory in Baghdad, Iraq. (The Associated Press file photo) It didn't take long for President Barack Obama to make a positive impression on Dave … Video: Intimate Portraits Of The Obamas Obama's Foreign Policy: A Grand Century of Days — Light Years … A Thousand Envoys Bloom |
Senators hear call for federal cybersecurity restructuring – SearchSecurity.com
Tuesday, April 28th, 2009|
Senators hear call for federal cybersecurity restructuring
SearchSecurity.com, MA By Robert Westervelt, News Editor The difficulties of coordinating US cybersecurity efforts between multiple agencies at the federal level could result in grave consequences to the nation's national security, according to a panel of experts that … Senators look for proper model for managing cybersecurity Experts Warn Lawmakers That More Needs to be Done to Strengthen … SANS Tells Congress: Feds' Checkbook Is Cyberdefense 'Weapon' |
Senators hear call for federal cybersecurity restructuring
Tuesday, April 28th, 2009Congress is mulling over whether to give more authority on cybersecurity issues to the Department of Homeland Security or create a new office within the White House.
Homeland Security: Obama asks for $1.5B to fight swine flu – NECN
Tuesday, April 28th, 2009 FOXNews |
Homeland Security: Obama asks for $1.5B to fight swine flu
NECN, MA "This outbreak is a cause for concern, not yet a cause for alarm," said Homeland Security Secretary Janet Napolitano during a news conference this afternoon. "At this stage, we are releasing about 12 million courses of antivirals and key medical … Video: Napolitano Announces Travel Warnings to Mexico Dept. of Homeland Security Secretary Janet Napolitano Holds Press … Swine flu thrusts Napolitano into spotlight |
Chris Wysopal: Good Obfuscation, Bad Code
Tuesday, April 28th, 2009Good Obfuscation, Bad Code
San Diego Charger allegedly hits security guard at bar – Los Angeles Times
Tuesday, April 28th, 2009 San Diego Union Tribune |
San Diego Charger allegedly hits security guard at bar
Los Angeles Times, CA San Diego Chargers linebacker Shaun Phillips was issued a misdemeanor battery citation after a security guard at a downtown bar told police Phillips hit him in the face, police said today. Phillips, 27, allegedly hit the guard after midnight Saturday … Chargers' Phillips is cited for misdemeanor battery |
UGA Boosts Security During Manhunt for Prof – FOXNews
Tuesday, April 28th, 2009|
UGA Boosts Security During Manhunt for Prof
FOXNews Zinkhan's name from email distribution lists before sending out alerts to the campus community, so as not to reveal campus security measures to the suspect. However, UGA Police Chief Jimmy Williamson said, “Based on what we know now, we feel he's no … |
“No-Fly” Also Means “No-Flyover”
Tuesday, April 28th, 2009I’ve previously written about the piece of counterterrorism silliness known as the no-fly list: Imagine a list of suspected terrorists so dangerous that we can’t ever let them fly, yet so innocent that we can’t arrest them — even under the draconian provisions of the Patriot Act. Turns out these people are so dangerous that they can’t be allowed to…
Another Adobe Reader security hole emerges – CNET News
Tuesday, April 28th, 2009 Inquirer |
Another Adobe Reader security hole emerges
CNET News, CA Security experts are recommending that people disable javascript in Adobe Reader following reports of a vulnerability in the popular portable document format reader on Tuesday. The vulnerability appears to be due to an error in the "getannots()" … New zero-day exploit targets Adobe Reader Adobe Warns of Potential Reader Flaw Adobe acknowledges zero-day Reader vulnerability |