the exclamake! blog

I became aware of bump keys during media coverage of the HOPE conference in NYC. To those unfamiliar with the term, it’s a technique that allows an individual to open the majority of mechanical locks (one estimate is 90%) by using a special key and tapping or bumping it. With practice, the lock […]

Microsoft has released a statistical report on the results of the Malicious Software Removal Tool. The MSRT was released in January 2005 and has had mostly monthly updates since then. If you use Windows Update, Microsoft Update, or Automatic Updates, you most likely have this tool running on your computer.
It should be used […]

I receved the following spam this morning:
X-Gmail-Received: 578cab460a32ed1cfe13cfa928001cd18b82b1c4
Delivered-To: e.smythe@gmail.com
Received: by 10.64.142.6 with SMTP id p6cs151534qbd;
Tue, 6 Jun 2006 05:48:51 -0700 (PDT)
Received: by 10.48.233.5 with SMTP id f5mr5313000nfh;
Tue, 06 Jun 2006 05:48:51 -0700 (PDT)
Return-Path:
Received: from barhatova.org ([193.27.215.43])
by mx.gmail.com with SMTP id v20si6495368nfc.2006.06.06.05.48.50;
Tue, 06 Jun 2006 05:48:51 -0700 (PDT)
Received-SPF: neutral (gmail.com: 193.27.215.43 is neither permitted nor denied […]

Got back from vacation this morning to discover a fresh vulnerability for Symantec Antivirus.  This particular vulnerability allows for remote code execution, not good.
This is an interesting trend as several antivirus products have created they’re own share of problems.  There was the bad McAfee virus definition that deleted Microsoft Office files and the CLAM AV […]

SANS is reporting a targeted attack to a particular company.  This attack begins with email from a domain that closely resembles the company’s own domain, so that it appears as an internal email.  The attached Word file uses an undisclosed exploit to extract and execute a Trojan.  Another interesting bit is that it overwrites the […]

Larry Seltzer of eWeek weighs in on UTM (Unified Threat Management) for the small business.
In the meantime, the reasons to buy one are still compelling: networkwide protection, a second source of protection besides your desktop vendor, access to extra features like content filtering, and easier management.

Nice post here surveying various security organizations and the wide disparity between them. One will issue a vulnerability as Low while another as Highly Critical. The lesson, to be serious about security, you have to be reading a lot to keep up with what’s really going on and cannot get comfortable with a […]

FaceTime has released their report analyzing attacks via IM, P2P, and Chat vectors. One thing I like about this report is it’s fresh, comparing the 1st quarter of 2006 with all of 2005. FaceTime offers security appliances with a very specific focus, which is, surprise, the same areas highlighted in the above report: […]

An article in Channel Insider explains that state legislation that requires companies to report data breaches stengthens the case for MSPs (Managed Service Providers). Mike Rothman provides a viewpoint in Security Incite Rants.
My thoughts on this are… who are we talking about here, the enterprise or SMB’s? If the enterprise, I think this […]

Mike Rothman posted an article on Skype and the need to control it in many environments.  His opinion is that will be very difficult to control it on the network side of thing and he recommends controlling at the endpoint.  I thought it would be a good time to bring out that SonicWALL is very […]