From Security Weekly Wiki
Jump to navigationJump to search

Episode Media


Get Reading! - Some nice papers on exploitation and other such uber security geek topics.

Update on USB thumb drive - So defense against this includes user education, disabling the USB drivers via GPO, and disabling Autorun via GPO. Thank you to Mike, Gary, and others on an undisclosed mailing list.

Compute offensively! - Submit your malware!

It is that time again - MS HUGE patch update. 12 patches, at least 8 that are due to remote code exploits. (F-Secure nicknamed Patch Tuesday, Reboot Tuesday) Exploits are available for 24, 25, 27, 30, and 32.

War nibbling? - A great article by IronGeek on some Bluetooth tools for Linux and Windows, as well as good advise.

Netmeeting Null Pointer vulnerability - Lots of people still use this (does Live Communications server utilize Netmeeting as a client?). No patch from Microsoft....yet.

Taiwan is the SPAM capital - 23% of spam hosts in the US, but 64% of the controllers are in Taiwan. Time to null route Taiwan?

Holy botnets Batman! - 16 Million instance of malware removed by MSRT, 62% botnet zombie clients. Ouch!

Josh Wright Webcast - Looks like some interesting topics; KARMA, AirPWN, and protocol fuzzing.

VOIP vulnerabilities -Disclosed by our buddies at Core Security Technologies. Asterisk and IAX2 protocol issues with some phones. How about other vendors?