Cisco has released a security advisory to address a vulnerability in Cisco Secure Desktop. Cisco Secure Desktop contains a vulnerable ActiveX control that may allow an attacker to execute arbitrary code.

US-CERT encourages users and administrators to review Cisco security advisory cisco-sa-20100414-csd and apply any necessary updates to help mitigate the risks. Cisco has provided a workaround for users who are unable to apply the update. Additionally, users and administrators may want to review and implement the best security practices described in the Securing Your Web Browser document to help prevent future, similar attacks.

View full post on US-CERT Current Activity

Despite security researchers’ efforts to cut spam down to size, it just keeps growing back. The volume of unsolicited email in the first quarter was around 6 percent higher than a year earlier, according to Google’s email filtering division Postini.

View full post on Security Central – Infoworld

The Nessus vulnerability scanner is the world-leader in active scanners, featuring high-speed discovery, configuration auditing, asset profiling, sensitive data discovery and vulnerability analysis of…

View full post on Help Net Security – News

Ponemon survey of federal government IT organizations shows wide gap in perceptions between security staff, IT executives

View full post on DarkReading – All Stories

Just five days after a Google researcher published information of an unpatched Java bug, a compromised song lyrics site is sending users to a Russian attack server exploiting the flaw to install malware, an antivirus firm said today.

View full post on Security Central – Infoworld