the exclamake! blog

AT&T continues it’s dominance in the connectivity department with this news. AT&T has supplanted T-Mobile as the WiFi provider for the 12,000+ Starbucks stores in the US. If you are an existing AT&T DSL customer, you simply use your AT&T username/login to connect. Glenn Fleishman’s excellent commentary here.
I would expect some iPhone [...]

I suppose there’s two ways for a spammer to evolve their craft.  1) Create a better piece of malware (package) 2) Create a better invitation.
Although the packages have progressively been getting better, I’ve been of the opinion that the invitations have not improved at the same pace.
However, I did receive an interesting semi-targeted spam today [...]

I’m disappointed in Microsoft here. Beginning last week (September 5th) I’ve been trying to order a Small Business Server (SBS) Standard license but am unable. It seems that Microsoft has introduced R2 (again) but does not have the media kits available. In addition to that, they’ve discontinued SBS Standard 2003 (R1) SKUs so that nothing [...]

I became aware of bump keys during media coverage of the HOPE conference in NYC. To those unfamiliar with the term, it’s a technique that allows an individual to open the majority of mechanical locks (one estimate is 90%) by using a special key and tapping or bumping it. With practice, the lock [...]

Microsoft has released a statistical report on the results of the Malicious Software Removal Tool. The MSRT was released in January 2005 and has had mostly monthly updates since then. If you use Windows Update, Microsoft Update, or Automatic Updates, you most likely have this tool running on your computer.
It should be used [...]

Got back from vacation this morning to discover a fresh vulnerability for Symantec Antivirus.  This particular vulnerability allows for remote code execution, not good.
This is an interesting trend as several antivirus products have created they’re own share of problems.  There was the bad McAfee virus definition that deleted Microsoft Office files and the CLAM AV [...]

SANS is reporting a targeted attack to a particular company.  This attack begins with email from a domain that closely resembles the company’s own domain, so that it appears as an internal email.  The attached Word file uses an undisclosed exploit to extract and execute a Trojan.  Another interesting bit is that it overwrites the [...]

We just completed our second network security seminar in San Luis Obispo, Recovering From a Network Break-In: How Loyal Would Your Clients Be? The seminar was well-attended and very well received. Attendees gained knowledge in how security threats are increasing through exploits and vulnerabilities and specific examples were cited. And we covered [...]

Larry Seltzer of eWeek weighs in on UTM (Unified Threat Management) for the small business.
In the meantime, the reasons to buy one are still compelling: networkwide protection, a second source of protection besides your desktop vendor, access to extra features like content filtering, and easier management.

Nice post here surveying various security organizations and the wide disparity between them. One will issue a vulnerability as Low while another as Highly Critical. The lesson, to be serious about security, you have to be reading a lot to keep up with what’s really going on and cannot get comfortable with a [...]