Site Archives
7 New Cisco Vulnerabilities in ASA 5500 Devices
GSA Reference Number: AD100217-01
Simply Put: Cisco has released an advisory for multiple vulnerabilities with Cisco ASA 5500 devices. This advisory identifies six new denial of service vulnerabilities and one new authentication bypass vulnerability. An update from Cisco is available to address these issues and should be applied as soon as possible. Gladiator will be testing this update for compatibility and stability and will then notify affected clients if an update is necessary.
February Microsoft Patch Announcement
Microsoft has announced 13 new patches for its February release. One vulnerability causing an elevation of privileges, fixed by MS10-015 and rated Important by Microsoft, already has exploit code available. Five patches are rated Critical, seven are rated Important, and one is rated Moderate. Gladiator recommends that users immediately apply all critical updates. Detailed information for these patches can be found in Microsoft’s February Security Bulletin.
Increase in Zeus Phishing Emails
GSA Reference Number: AD100205-01
Simply Put: Gladiator has been alerted to an increased number of phishing scams trying to trick users into installing Zeus Trojans. These emails are sent using spoofed sender addresses, generally pretending to be from government sources such as the NSA or Pentagon. The emails also contain text that could reasonably appear to be from the supposed sender, such as a government advisory or alert.
Internet Explorer Information Disclosure Vulnerability
GSA Reference Number: AD100203-01
Simply Put: A new Internet Explorer (IE) information disclosure vulnerability has been announced by Microsoft. This vulnerability could allow an attacker to access files in known locations on the victim’s system. For now, no widespread worms or exploit packs are currently using this vulnerability, and Microsoft has stated that they do not know of any attacks currently taking advantage of this vulnerability. This vulnerability does not affect Internet Explorer running in Protected Mode, which is the default setting on Windows Vista, Windows Server 2008, or Windows 7. This mode is not available in Windows XP. A patch has not yet been released by Microsoft. 
Google Job Application Phishing Email
GSA Reference Number: AD100201-01
Simply Put: A fraudulent email is currently circulating that appears to be from Google in response to a job application. The email scam informs recipients that their application has been received and that it is attached in a zip file. The zip file contains a malicious executable that is identified as a Trojan downloader.
Find It Quickly
Find what you're looking for quickly by using our keyword search. Can't find it? Try our links below.
Monthly Archives
Find posts by the month they were written.
- March 2010
- February 2010
- January 2010
- December 2009
- November 2009
- October 2009
- September 2009
- August 2009
- July 2009
- June 2009
- May 2009
- April 2009
- March 2009
- February 2009
- January 2009
- December 2008
- November 2008
- October 2008
- September 2008
- July 2008
- May 2008
- April 2008
- March 2008
- January 2008
- December 2007
- November 2007