Commentary & Insight From S?nnet Beskerming
Covering news on emerging threats, advice on good security practices, analysis, explanation of technical news items, and brief, accurate, non-biased synopsis of security-focussed technology trends, S?nnet Beskerming commentary is many things.
Whether you call it a blog, online journalism, or commentary on events, this is where you can find and search all relevant articles published by S?nnet Beskerming.
All articles will eventually be made available free of charge, however some content is initially only available to paying subscribers.
Available entries
Does Microsoft Gain From Exposing Collaborative Cloud Effort?
Posted in: Information Security
A group of competitors come together in secret to create a common approach to handling how different 'clouds' might interact and allow data to move between, setting out a community-based approach.
Only, now it isn't so secret.
Microsoft were recently invited to be part of this currently secret....
Posted: 28 March 2009 09:50
Around the Frayed Edge of PCI DSS
Posted in: Information Security
Following the breach of credit card processor, Heartland, there has been heated debate on both sides of the argument, as to the value of PCI and similar mechanisms for ensuring data safety (the new buzz word of the month being Data Loss Prevention) and system and network integrity. It doesn't reall....
Posted: 27 March 2009 00:57
OS X Coming Under Increased Researcher Scrutiny
Posted in: Information Security
While it is still a less-targeted platform, Apple's OS X operating system has seen some interesting Information Research published in recent months.
In February, Vincenzo Iozzo presented at Black Hat 09 a method for injection of code directly into the memory of another application, while it is ru....
Posted: 20 March 2009 20:44
Microsoft's March 2009 Patches
Posted in: Information Security
Microsoft's patch release for March has seen three updates issued, with only the first listed as Critical and the other two as Important. Unfortunately, it is for a problematic Windows component that has had several prior updates released for it (WMF, EMF support in GDI).
All three patches repla....
Posted: 13 March 2009 22:47
JBIG2Decode Adobe PDF Vulnerability now Completely Hands Free
Posted in: Information Security
Adobe's expected patch for the JBIG2Decode exploitable vulnerability is expected in just a few days time. However, as the wider security community gets to spend more time playing around with the vulnerability, more interesting ways to trigger the vulnerability are found.
After his recent documen....
Posted: 11 March 2009 20:23
Microsoft Security Patch Release March 2009 Advance Notification
Posted in: Information Security
Microsoft have released their Advance Notification for Tuesday's security bulletin release. Three patches are expected, one Critical and the remaining two are Important.
All three patches have been identified as being for Unspecified core Windows components. All versions of Windows currently su....
Posted: 7 March 2009 21:44
An Interesting Result for JBIG2 PDF Vulnerability
Posted in: Information Security
While tinkering around with the recent JBIG2Decode PDF vulnerability that is not expected to be patched by Adobe until mid March, Didier Stevens realised that it was possible to trigger the vulnerability (and thus the exploit) without actually requiring the victim to open a manipulated PDF document.....
Posted: 5 March 2009 23:22
Handling the 0-day Excel Vulnerability
Posted in: Information Security
At the end of February Microsoft released information about an exploit against multiple versions of Excel (2000 through to 2007 on Windows, and 2004 and 2008 on OS X, Open XML File Converter for Mac, Excel Viewer 2003). This exploit has been found in the wild and it has been considered important en....
Posted: 1 March 2009 15:08
Patching Cycles and the Adobe Vulnerability
Posted in: Information Security
Just how quickly a vendor should move to release patches for security vulnerabilities has been a point of contention for as long as there have been patches for software. Over time different vendors have settled into their own routines and patching cycles, providing end users and administrators with....
Posted: 1 March 2009 15:07
Posts from December, 2024.