Last week, Ulysses and Hermes attended the SyScan'10 Singapore conference, where 17 speakers presented 14 different topics, including software and hardware security.

The many interesting topics at this conference included integrity checking of Microsoft Office documents, Chrome sandboxing, Office vulnerabilities, PHP exploits, and mobile phone attacks.

Our presentation described the threat trend of SWF and PDF applications and how various kinds of attacks rely on vulnerabilities in Web browsers to spread threats on the Internet.  We showed how antivirus solutions work and how hackers change the content in malicious files to bypass them. We also demonstrated several ways to fight against the technology of embedded malicious content in SWF/PDF files and resolve the issue of content stripping for end users.

Thanks to the organizers for a great conference in a great place!

You can download our presentation here.

Vulnerability Summary for the Week of June 21, 2010

MillerSmiles provides its weekly phishing analysis for the week of 19th June 2010 to 26th June 2010

CNNMoney.com and Fox Business both advised consumers to join a credit union to take advantage of better rates and fees.

The Financial Crimes Enforcement Network this week reported that the total amount of suspicious activity reports filed decreased slightly to 1.28 million in 2009.

In June’s edition of Compliance Challenge, CUNA discloses that Regulation E does not allow credit unions to inform their members of new Reg E opt-in requirements via the credit union’s newsletter.

The Credit Union Association of New York and organizations representing consumers and seniors in the state are trying to ban surcharges on debit cards, which are used for consumer purchases and access to government benefits.

Credit unions in at least six states the past two weeks have reported automated calls and texts to cell phones that attempt to capture members’ and non-members’ debit card and personal identification numbers.