NTA Monitor

Latest News

60% of UK website tests revealed Internet encryption and cross-site scripting vulnerabilities

10th April 2008 60% of web application tests performed for UK organisations showed that their websites contain weak encryption or cross-site scripting (XSS) vulnerabilities Read More

Demilitarised Zone most secure option for BlackBerry device

28th February 2008 Recent BlackBerry testing by IT security consultancy, NTA Monitor, has revealed that organisations are still not configuring these mobile devices correctly Read More

Retailers should put security top of their Christmas list

13th November 2007 With British consumers spending more than £6.6 billion online in the last two months of last year, the 2007 festive season is set to be one of great cheer for online retailers Read More

Businesses warned not to have skeletons in cupboards

13th November 2007 For many organisations, the festive season is an opportunity to heave a corporate sigh of relief and enjoy the brief respite in frenetic business activity as countless people all over the world, go home to celebrate Christmas Read More
Welcome to June's edition of Internet Security News, the monthly risks bulletin detailing the latest Internet software and system vulnerabilities from NTA Monitor, a leading Internet security testing company. It provides a convenient way to keep up to date with the fast changing world of Internet security; this month's edition includes a total of 19 risk issues: 7 High, 7 Medium, 1 Low and 4 Informational.

June 2005

MS Patch Day

(Informational) Love it or hate it, MS touches the lives of all of us to various degrees. Ever wonder what goes into all the MS patches? Attached excerpts from an article which took a rare glimpse into the inside workings of the MSRC (Microsoft Security Response Center). Read More

Microsoft security update

(High risk) An average month as we see an average trainload on the MS Patch Train. Read More

DNS DoS

(Medium risk) A security vulnerability exists in the anti-virus engine of specific versions of ZoneAlarm Anti-Virus and ZoneAlarm Security Suite. Read More

Is it a flaw or functionality?

(Medium risk) Microsoft won't patch against pop-up phishing. What Secunia calls a less critical vulnerability, Microsoft says is just standard functionality. Read More

Hackers get organised

(Informational) Global enterprises under siege from high-level high-tech crime organisations. Read More

Think vulnerabilities only happen in IE? Think again

(Medium risk) IE is not the only vulnerable browser out there. It seems nothing is immune. Read More

Locked out!

(Medium risk) Trojan holds PC files for ransom. A unique new kind of malicious threat, which locks up files on a PC then demands money in return for unlocking them has been identified. Read More

A solitary MS patch

(High risk) Microsoft Security Bulletin MS05-024. The Microsoft patch train is carrying a lone passenger for June 2005, compared to the eight updates in the previous instalment Read More

VPNs are not invulnerable

(High risk) NTA discovers a serious Nortel VPN router flaw affecting various models of the popular router. Read More

Opera Web Browser maybe the favourite of phishers

(Medium risk) Opera Web Browser fails to properly enforce security restrictions on the XMLHttpRequest Object. This may allow a remote, unauthenticated attacker to insert content from potentially malicious web sites. Read More

7 highly critical patches for various flavours of Linux

(High risk) Various highly critical vulnerabilities and patches for varieties of Linux Read More

First it was counterfeit MS software; now counterfeit MS patches

(Medium risk) Fake Microsoft patch triggers virus attack, as virus writers are taking advantage of the heightened public interest around Microsoft's patching cycle to trick users into executing a malicious attachment. Read More

New PHP4 packages fix denial of service

(Medium risk) New PHP4 packages fix denial of service found by an iDEFENSE researcher concerning the image processing functions of PHP of which one is present in woody as well. Read More

Is someone scanning your port 445?

(Informational) A recent rise in scanning activities on port 445 may well be the prelude to major attacks. Read More

Spies beware!

(Informational) US lawmakers have voted to introduce harsher penalties for those who spread spyware on people's computers. Read More

Who is spying on you?

(Low risk) Security experts are warning Internet users about a new piece of software that poses as a spyware-removal tool, but is actually being used to persuade unsuspecting Internet users to download spyware programs and Trojans. Read More

Don't let the Sun go down

(High risk) A program used in both Solaris and Java Desktop System contains a highly critical vulnerability Read More

VERITAS Backup Exec allows for more than remote backup

(High risk) Buffer overflow vulnerability in VERITAS Software Backup Exec Web Administration Console (BEWAC) Read More

Zone Labs Security Alert

(High risk) Due to an integer wrap issue in the code associated with OLE processing, a heap overflow may occur, which could potentially allow a skilled attacker to cause the firewall to stop processing traffic or execute arbitrary code. Read More

About NTA Monitor

This bulletin is produced as a by-product of ongoing research carried out to develop NTA Monitor's Internet security testing service, Regular Monitor. NTA are a full-service Internet security testing company with a comprehensive range of testing services including:
  • VPN Testing
  • Onsite Auditing
  • Web Application Test
  • War Dialling
  • Wireless Infrastructure Testing
  • RM Vulnerability Testing
For more information on the above services please see our services page.