Security Roundup

If you are an IT admin, read this post by Richard Bejtlich on incident response. Helpful in case your network/system is attacked. Just a reminder: enforce your security rules always. All it takes is a vulnerable laptop connecting to your network. Or an employee downloading a suspicious file attached to an email.

Trend Micro spells out how Windows’ StickeyKeys can be a potential attack vector. The mitigation method outlined in the post will work, but how about those who use StickeyKeys? Another disadvantage of signature-based detection.

Speaking of Trend Micro, iDefense has reported a vulnerability in the Trend Micro scan engine. When exploited, it causes the operating system to crash. Trend Micro has issued a response here. Trend Micro users are advised to update their scan pattern to at least version 4.335.00.