CoreTrace WhiteSpace

The Application Whitelisting and Security Weblog

Top Endpoint Security Stories – September 2009

Posted:  October 6, 2009 by Toney Jennings

Last month I kicked off a post focusing on the top endpoint security stories in the past month. This month brought a number of endpoint security events ranging from the latest Microsoft zero-day vulnerabilities without a fix to botnet and phishing news. The theme of the month is that both individuals and corporations are simply losing the battle against online criminals when it comes to desktop security.

  • Sept 1, 2009 – IIS FTP flaw announced with exploit code
    Microsoft kicked off the month by confirming the publication of exploit code for the IIS FTP vulnerability that could allow remote code execution on affected systems. The vulnerability affected systems running the IIS web server and was particular dangerous to FTP servers that had anonymous accounts for uploads. ( Read More… )

Most recent comment:   Microsoft prepares for biggest patch Tuesday Ever – Endpoint security has never been worse — CoreTrace WhiteSpace

[...] is whether this patch will fix the critical SMB2 problem that I referenced in last week’s September Endpoint Security ...

Observations from IANS ‘09 Information Security Forum – Day 1

Posted:  October 1, 2009 by JT Keating

I’m here this week in Boston, MA attending the IANS 2009 New England Information Security Forum. It’s a great, interactive conference of security professionals sharing their experiences and observations of the current environment for enterprise security. Here are my thoughts from Wednesday’s sessions.

The IANS founders kicked things off with some into “keynote” observations.

  • Signs of economic recovery may bode well in the fight against crimeware. According to the founders (I am not sure I completely agree yet) economic indicators (using the Dow and NASDAQ) show that we are back to where we were this time last year. The founders made a point that a tough economy is correlated to an increase in crimeware. ( Read More… )

Please use the comment form and leave your thoughts!