As some of you may know, Palo Alto Networks discovered 2 critical vulnerabilities for Microsoft DirectX which were released today via Microsoft’s July security bulletin. Successful exploitation of these critical vulnerabilities can allow an attacker to run remote code on a victim’s PC. The 2 vulnerabilities CVE-2009-1538 (DirectX Pointer Validation Vulnerability) and CVE-2009-1539 (DirectX Size [...]

Lots of marketing pundits are pushing their constituents to social networking – potentially accelerating a wave of enterprise social networking adoption. What about the risks associated with these applications?

Conficker is back in the news as there are reports of new variants popping up. I’m sure that you’ve all heard the news and hype about how many endpoints Conficker has infected, and even more speculation on what the bot herder will do with the massive botnet. Here’s some background info on Conficker and what [...]

The official 2009 NCAA basketball tournament bracket is out and office, friends, and family pools are forming all over the nation. End users everywhere are scoping out what apps and sites they can use to facilitate their need/desire to watch live streaming tourney games at work. The NCAA is again streaming every single tourney [...]

Check out “Check Point Revolutionizes Security with New Software Blade Architecture”. WTH? Are you kidding me? Do you think people are that dumb?

Looking for data leaks in email, IM and web traffic is easy, but that does not even begin to solve the problem. These are just few applications among the hundreds of application that are capable of file transfer – peer-to-peer applications, skype, online backup services and gmail to name a few. There are many examples of organizations losing data through peer-to-peer networks, such as Walter Reed and the Tokyo Police department.

Microsoft announced their scheduled November security bulletin today at 10am PST which covers 4 Microsoft vulnerabilities. Palo Alto Networks released coverage for the Microsoft vulnerabilities covered in the November security bulletin in content version 94 which was released today at 1pm PST.
Here are the vulnerabilities that were released by Microsoft today:
Microsoft Windows SMB Authenticate by [...]

ANALYSIS – This ZeroPaid article projects some fairly aggressive growth for the use of P2P technology and in most markets, a 400% increase would be somewhat uplifting, particularly in this dismal economy. You see, 400% growth usually means increased revenue, profits, jobs etc. But in this case, 400% growth is not surprising and unfortunately, it [...]

ANALYSIS – This Lifehacker article, like many others this past week, highlights the long talked about move by Microsoft to make Office available as an in-the-cloud/web service or whatever the latest definition of this category is….
Tools like Google Docs, Zoho and other web-based productivity suites are gaining in popularity for several reasons. They are not [...]

Microsoft announced an unscheduled security bulletin today at 10AM PST that they have a critical vulnerability (MS08-067) which affects Windows 2000, XP, 2K3 Server, Vista, and 2K8 operating systems. This vulnerability is a buffer overflow in the Windows Server service. The vulnerability exists in the way the Server service handles Remote Procedure Call (RPC) requests. [...]