News
Zero-day Windows vulnerability puts network file shares at risk
Recent news of a Microsoft Windows’ zero-day vulnerability has emerged. The vulnerability is based on Windows improper handling of shortcut (.LNK) files executed through Windows Explorer and other Windows programs.
The flaw provides an opportunity for attackers to exploit systems by creating an LNK file on a USB stick that would exploit any user who uses Windows Explorer to open the drive. It is important to note that user systems can be exploited without even opening the LNK file.
Windows file shares are largely at risk as an attacker could place the LNK file on a file share which would exploit the system of any user who loads the share.
LANGuardian monitors Windows file share infrastructure
You can monitor LNK files active on your Windows file share infrastructure on the LANGuardian system by going to Modules => Windows File Shares = > Search by Filename. In the File Name field enter "lnk$".
With each day that passes without a fix for this Microsoft Windows shortcut vulnerability, the likelihood grows that an increasing number of malware authors will start to incorporate exploits for this vulnerability into their malware.
Monitor incoming and outgoing email messages with LANGuardian
The Email Monitor works by decoding incoming and outgoing SMTP traffic to and from your organisation to extract the following information from email headers - sender, recipient and subject. The option to drill down for further detail is present in the Email Monitor reports and it provides you with a more detailed summary of email transactions including source and destination IP address and time and date of event.
SQL Server auditing with LANGuardian
The NetFort SQL Server Database Monitor is a new LANGuardian module that can be purchased as standalone or as part of the core system. To find out more information, visit the new SQL Server Database Monitor website.
Windows Fileshare Monitoring with LANGuardian
The NetFort Windows FileShare Monitor is a new LANGuardian module that can be purchased as standalone or as part of the core system. To find out more information, visit the new Windows Fileshare Monitor website.
NetFort New Oracle Database Query Decoder
Following on from the success of the LANGuardian MS SQL Decoder Module, NetFort Technologies have launched an additional module to the LANGuardian that enables users to decode Oracle traffic. The Oracle Decoder Module offers the same levels of visibility into Oracle activity as the MS SQL Decoder Module.
British Computer Society invite NetFort CEO to speak at Health Informatics London and South East Specialist Group
NetFort Achieves Record Revenue Levels in 2009 Despite Poor Global Economic Conditions
As the ripple effect of the global recession was felt in homes and businesses worldwide, NetFort Technologies continued to thrive in the network monitoring solutions market.
