NTA Monitor

Latest News

Will IE6 be the next NT4?

1st October 2009 All penetration testers will remember the long tail of Windows NT 4.0, and how this operating system continued to be used long past the point when security updates stopped at the end of 2004. For many years the presence of an unpatchable NT4 server was a common issue in a penetration test report, and it is only now, almost five years after security support ended, that finding an NT4 system on a network is becoming a rare event. Read More

One in four web applications susceptible to high risk security flaws

7th September 2009 NTA Monitor has reported a 10% increase in the total number of web applications found to have at least one high-risk security issue... Read More

Organisations facing a changing threat landscape

20th July 2009 According to NTA Monitor's 2009 Annual Security Report, the average number of Internet security vulnerabilities is on the rise... Read More

The Return of the Insider Threat

1st July 2009 When NTA started security testing twelve years ago, the main focus was on the insider threat. There were many reports with statistics showing that most security breaches were due to insiders. By contrast there was very little focus on the external threat via Internet and third-party network links. Back then many companies did not even have a firewall. Read More

January 2006

Welcome to January's edition of Internet Security News, the monthly risks bulletin detailing the latest Internet software and system vulnerabilities from NTA Monitor, a leading IT security testing company. It provides a convenient way to keep up to date with the fast changing world of IT security; this month's edition includes a total of 9 risk issues: 2 High, 4 Medium, 2 Low and 1 Informational .

Criminals target viruses for cash

(Informational) At first glance, 2005 looks like it was a quiet year for computer security because there were far fewer serious Windows virus outbreaks than in 2004 30th January 2006 Read More

Security hole claimed for BlackBerrys

(Medium risk) BlackBerry handsets appear to be vulnerable to a security hole that could let attackers break into the gadgets by convincing users to open a specially crafted image file attached to an email 30th January 2006 Read More

Communique "query" cross-site scripting vulnerability

(Low risk) A vulnerability in Communique can be exploited by malicious people to conduct cross-site scripting attacks 30th January 2006 Read More

Hitachi Business Logic multiple vulnerabilities

(Medium risk) Some vulnerabilities have been reported in Hitachi Business Logic, which can be exploited by malicious people to conduct cross-site scripting, HTTP response splitting, and SQL injection attacks 30th January 2006 Read More

LAND attacks against network devices

(Medium risk) A "LAND" attack involves IP packets where the source and destination address are set to address the same device 30th January 2006 Read More

Microsoft Windows WMF "SETABORTPROC" arbitrary code execution

(High risk) A vulnerability has been discovered in Microsoft Windows, which can be exploited by malicious people to compromise a vulnerable system 30th January 2006 Read More

Virus disguises itself as MSN Messenger beta

(Medium risk) A virus masquerading as a new beta version of Microsoft's MSN Messenger has begun circulating 30th January 2006 Read More

PHP-based web applications

(Low risk) There is a lot of scanning activity looking for vulnerabilities in PHP or web applications that are written in PHP 30th January 2006 Read More

Symantec AntiVirus decomposition buffer overflow

(High risk) Symantec is aware of a buffer overflow in its AntiVirus component used to decompose RAR (Roshal Archive). A specially crafted RAR file could potentially cause this buffer overflow to occur and possibly execute hostile content from the RAR file on the targeted system 30th January 2006 Read More

About NTA Monitor

This bulletin is produced as a by-product of ongoing research carried out to develop NTA Monitor's Internet security testing service, Regular Monitor. NTA are a full-service Internet security testing company with a comprehensive range of testing services including:

For more information on the above services please see our services page.