It seems that NASA laptops that went to the International Space Station were infected with a bit of Malware by the name of Gammima.AG. 

It has been a somewhat bumpy come back but the Malware Scanner service is back online. Initially we had a problem with the NAS used for storage of the uploaded samples, alas we didn't get a replacement as quickly as we'd hoped. Due to the device failing in the run up to the Defcon trip we couldn't chase as much as we'd like to get everything back. Having been promised the replacement NAS would be waiting for us on our return from Defcon and it not being there we decided to push forward the general hardware update we'd been planning to do at the end of September. As with all new installations we'll be keeping an eye on things to make sure the hardware performs as it should.

It seem the NAS for the Scanner Server fell over and died in spectacular fashion and the disks in it got fried by the PSU blowing both the disks in it.. The service will be down for a few days while a replacement is sourced, it may not be back before the Trip to Vegas for Defcon on Thursday however.

So after taking a fair bit of stick for the last week or so Apple have finally published a fix for the DNS flax announced in early July.

With all the fuss about the DNS Cache Poisoning flaw going around, there is something that is getting overlooked and it could re-introduce the problem that could reverse some of the good work done by the fixes.

It seems that the details of the recently discovered DNS problem found by Dan Kaminsky have leaked out. The details of problem had been kept hush hush while efforts to push out patches and fixes by vendors was co-ordinated.

The Mozilla Foundation have released today a new Firefox 3.0.x and 2.0.0.xx releases which addresses two critical security vulnerabilities.

Well it is still patch Tuesday in Redmond and Microsoft have been busy releasing four security fixes, one we've already covered as it seems to affect most anyone that has a DNS server implementation. The others are all Microsoft's fault.

Today various vendors released  updates to address several DNS implementation flaws. It seems that the implementation issues could allow an attacker to perform DNS Cache poisoning against affected DNS implementations.

Apple yesterday released two security bulletins containing updates to address multiple vulnerabilities affecting Safari and Mac OS X.

Two Russians have been arrested in connection with creating and distributing the Pinch Trojan family, according to Nikolay Patrushev, head of the Russian FSB (Federal Security Agency) the two men had been identified are awaiting trial. 

Well it is that time of the month again, the goose is getting fat and Microsoft have released this months slew of patches. This month we have three critical patches and four important rated patches. 

It seems that one of the adware authors has been taking some lessons from the old school virus writers on how make it extra hard to get rid of their crap and to ensure that their adware always gets run on system startup. 

It seems that in these days where disclosure of Security vulnerabilities is the norm, and most vendors actually have embraced the concept that keeping these quiet actually will harm their business more, the people at Autonomy have been living under a rock and don’t want anyone to know their products contain security problems.