Support Wars

Found a great article today from Tech Republic, 10+ tips for improving problem determination and resolution. When that phone rings, the clock starts running. The sooner you can resolve the caller’s problem, the better off both of you will be. #1: Remember Occam’s Razor #2: Ask carefully about the “simple” causes #3: Use open-ended questions [...]

From Cisco’s website A buffer overflow vulnerability exists in an ActiveX control used by the WebEx Meeting Manager. Exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the user client machine. The WebEx Meeting Manager is a client-side program that is provided by the Cisco WebEx meeting service. The Cisco [...]

This guy knows StormWorm.

From Ars Technica A week ago, we reached the magic number of 2.7 billion IPv4 addresses used. With 3.7 billion possible addresses,¹ this means we now have less than a billion unused IPv4 addresses left. …. In other words, unless something unexpected happens, we’ll be out of IPv4 addresses at some point in the neighborhood [...]

From US-CERT US-CERT is aware of public reports of a phishing attack circulating via email messages that appear to be targeting Apple MobileMe users. These messages claim that there is a problem with the user’s billing information and instruct the user to follow a web link to update personal information. Clicking on this link directs [...]

Black Tuesday overview courtesy of SANS Internet Storm Center.

According to SANS Internet Storm Center, a new spam campaign is offering fake IE 7 updates. You are receiving this e-mail because you subscribed to MSN Featured Offers. Microsoft respects your privacy. If you do not wish to receive this MSN Featured Offers e-mail, please click the “Unsubscribe” link below. Malware-Test Lab reports clicking the [...]

After writing an earlier post about detecting java script exploits, I decided to start googling.  Without overstating the obvious, I found a lot of infected sites.   I cranked up my antivirus settings to obscene and started clicking.  Goolge was blocking many of them and firefox attempted to block another huge chunk. I continued into the [...]

From Ars Technica Noncompete clauses are a reality of the modern labor market as companies seek to keep their employees from using the experience and information they gain in one position from turning into a liability when those employees find jobs elsewhere. California law was a bit of an exception, as it appeared to limit [...]

SANS Internet Storm Center has a great method for detecting a common SQL injection attack on your webservers.  Just google: site:yoursite “script src=http://*/””ngg.js”|”js.js”|”b.js” I have also had luck checking TLDs with site:*.edu “script src=http://*/””ngg.js”|”js.js”|”b.js”