Here is a review of this weeks Cert Advisory. The main highlight are the vulnerabilities in Internet Explorer version 5, which is not broadly used. This is a weekly feature here at Managed Solutions.
Joe Reviews SB10-32 Cert Report (Video)
These are weekly reviews of the reports from CERT. The main highlights are some Realplayer vulnerabilities and the Cisco Unified Meeting Place. This is a weekly feature here at Managed Solutions.
Cisco Unified Meeting Place Bulletins
Disable that annoying IE8 Warning Message (Video)
Recently you may have noticed a new repetitive security warning in Internet Explorer 8. The feature is to protect internet users from non secure content while browsing a secure site. Some secure sites link content, images and advertisements that are not delivered securely. This could have ramifications if someone thought they were on a secure site and entered in sensitive data that was not encrypted. The truth is the warnings are so prolific that they almost defeat the purpose they intended. To be safe I recommend choosing the setting to disable the non secure content which is the selection I make in this video.
Another Youtube how to video from Managed Solutions:
ADP Warns of Phishing Emails to Payroll Clients
We were made aware of an issue that ADP is reporting with some of their Payroll customers. Here is the text of the warning message they are sending their clients:
“ADP is receiving reports of a phishing email scam targeting ADP EasyPayNet clients who perform their payroll via the Internet. Phishing email scams are designed to mimic legitimate websites and are intended to compromise your login credentials. The email is fraudulent and did not come from ADP. Please immediately delete the email and do not click on any links in the email or enter any login information. Please be aware that ADP would never send an email asking you to provide or enter your login credentials for any reason.”
Here is a screenshot of the Phishing Email:
Sample of ADP Phishing Email
We have a reader submitted example of another ADP Phishing Email circulating in July 2012, this version actually brings you to a site hosting known malicious code and un-protected systems will become infected if they follow the links:
Another ADP Email Phishing Message – reader submitted, thanks to Bob B.
Are you still receiving these Emails? Received a different one? Let me know. – Joe
Joe Reviews SB10-25 Cert Report (Video)
These are weekly reviews of the reports from CERT. Nothing too horrible this week, but I provide more insights into what to look for and why. I did review the Shockwave Player vulnerability after recording the video and determined that since it is not a common component for most of our audience it did not merit a separate bulletin and notice. This is a weekly feature here at Managed Solutions.