ExxonMobil, Others Attacked Via Email

At least three US oil companies were victims of highly targeted, email-borne attacks designed to siphon valuable data from their corporate networks and send it abroad, according to a published report citing unnamed people and government documents. Read the full article. The Register...

Update and comments on the MS02-023 patch, holes still remain

The latest cumulative patch from Microsoft, http://www.microsoft.com/technet/security/bulletin/MS02-023.asp , promises to eliminate "six newly discovered vulnerabilities", but fails to do so. First, we find what MS calls "A cross-site scripting vulnerability in a Local HTML Resource". This is...