Go to content Go to navigation Go to search

N.Y. Firm Faces Bankruptcy from $164,000 E-Banking Loss — Krebs on Security

February 24th, 2010 by Hescominsoon

The blame here is not online banking but the operating system(Windows) faulty design and the users lack of proper security education.  ANY business no matter how small needs to have a security audit done:

1. To make sure your machines aren’t infected

2. To get educated on how windows computers are vulnerable by design

3.  To learn how to protect yourself from online fraud and other threats

4.  To ensure proper recovery and mitigation procedures are in place BEFORE this kind of damage takes place

As the economy sputters along more and more single person, home-based businesses are going to have this happen.  It’s all too easy for a machine to get infected and with this new generation of malware once you are infected…it’s too late to recover.  Listen to my podcast for more information.

McCarthy said she never would have done online banking for her business if she had understood how precarious it was for her business.

via N.Y. Firm Faces Bankruptcy from $164,000 E-Banking Loss — Krebs on Security.

MIcrosoft Told it Can’t Sell Word

August 12th, 2009 by Hescominsoon

Judge: Microsoft can’t sell Word anymore.

I highly doubt this one will hold up on appeal but I’ll keep an eye on it to see what happens.

Best and Worst Security Award Winners From the Blackhat Conference.

July 31st, 2009 by Hescominsoon

Pwnie Award Winners.

I like this.  It shows that nothing is sacred when it comes to security..:)

Fixing Activex by Disabling Parts of it Proven to not be the Solution

July 30th, 2009 by Hescominsoon

Researcher Shows Killbit is No Defense on MsVidCtl Flaw | threatpost.

When you have a technology(Activex) that allows access directly to the kernel there is only one way to secure it..remove it.  I have posted about this multiple times.  Microsoft it is time for you to realize your java killer called Activex is not killing java and the though of letting code on the internet run at the system user level is a horrendously bad idea.

Another ActiveX Remote Takeover Issue

July 13th, 2009 by Hescominsoon

Vulnerability in Microsoft Office Web Components Control Could Allow Remote Code Execution.

*sigh* When will ms and others learn?

Head to this page for the fix. Head to the fix it for me section and click on the fix it icon under enable workaround.  Download and install that file.

MS Joins the “Cloud Club”

July 13th, 2009 by Hescominsoon

The Complete Guide To Microsoft’s Office 2010.

All cloud computing is the re-emergence of the mainframe to terminal model using hte internet as the mainframe.  However unlike the mainframe the cloud is inherently insecure(I don’t care what these folks say) and if your internet connection goes down OR there is an internet issue in transit you loose access to your data.  This is simply not a good idea from a company known for bad implementations, poor security, and anti-competitive tactics.  MS aside this is sitll not a good idea and I will never be an advocate of putting critical and/or sensitive company data of any kind in “the Cloud”.