connet connet connet connet
expand all items
updated January 9, 2008

connet Security dominates 2008 IT agenda

This year could see the first serious VoIP exploit, among many other threats.more



connet Risk Management Agenda: 2008

If 2007 is any indication, then 2008 is going to be a wild year for financial institutions facing a slew of risk management issues. Hanging like the sword of Damocles above all is the subprime mortgage crisis, which sees institutions looking for ways to avoid foreclosures and challenges surrounding underwriting. These efforts will only further tax resources that otherwise could be channeled into information security issues. more



connet Competition May Be Driving Surge in Botnets, Spam

Market challenge from Nugache botnet may be pushing Storm's operators to expand, researcher saysmore



connet Master Boot Record (MBR) rootkit

Matt Richard from Verisign's iDefense sent some information regarding the Master Boot Record (MBR ...more



connet RSA Lays Off Security, Sales Staff

Layoffs are part of an ongoing restructuring across EMC caused by acquisitions that officials estimated in 2006 might ultimately claim 1,250 jobs.more



connet AVG Names 2007 Top 10, '08 Forecasts

Security experts at AVG, developer of the AVG family of security software products, today publish their analysis of 2007’s top viruses, Internet hacks and exploits, and reveal their forecast for the top security threats facing computer users in 2008. According to the team, viruses made up some 15 percent of the threat landscape in 2007, consistent with the company’s predictions at the end of 2006; phishing scams, backdoor worms, trojans, keyloggers, spyware, adware and other web-based exploits comprised the majority of threats.more



connet Critical TCP/IP Worm Hole Dings Windows Vista

Microsoft has issued a high-priority security update to fix a pair of "critical" flaws that expose Windows users to remote code execution attacks.more



connet Most UK firms risk customer data breaches when testing apps

A majority of UK organisations risk customer data by using it to develop and test applications. Research commissioned by Compuware found that 58% of British companies use actual customer data instead of disguised data to test applications during the development process. The research was based on responses from 900 IT professionals. Examples of the live data used at firms included customer account numbers, credit card numbers, Social Security numbers, employee records, and other credit, debit or payment information.more



connet Risk concerns stall corporate Web 2.0 use

A survey of almost 500 firms worldwide by consultant KPMG says corporates recognise the benefits of Web 2.0 tools, but that security and governance concerns are thwarting their adoption. In the survey, 70% believed Web 2.0 tools - such as Wikis, blogs and social networks - could help employees work more efficiently. In addition, 75% felt that Web 2.0 technologies could foster innovation within their businesses, and 86% saw them as improving knowledge sharing. However, more than half of respondents felt that protecting and securing critical data is the chief barrier to adoption.more



connet F-Secure Health Check

Keeping your Windows OS updated has become relatively simple with Microsoft Updates. Web browsers such as Firefox also regularly prompt for updates. But what about the rest of your applications? Regular readers may remember past Security Advisories that we've posted. See October 22nd, November 7th, and December 10th for examples.more



connet Trojan Software for iPhone

Over the weekend we received reports of a malicious software package created for unlocked iPhones. The trojan installation package contains false application installation information that causes legitimate third party applications to be removed if the trojan is uninstalled from the iPhone. Web sites hosting the malicious package were taken offline soon after the discovery of the low-risk threat. Hopefully this serves as a warning for those who have opened their iPhones using a security hole in the system and then installing unverified software without a second thought to what they are doing. This time it was an 11-year-old kid playing with XML files who created the trojan. Next time it might be someone else with more skills and with specific target.more



connet Mass SQL injection attack compromises 70,000 websites

An automated SQL injection attack, which at one point compromised more than 70,000 websites, hijacked visitors' PCs with a variety of exploits last week, according to researchers. The hacked sites, which could be found easily via a Google search, affected a wide variety of pages, Roger Thompson, chief research officer at Grisoft, noted Saturday in a blog post. "This was a pretty good mass hack," he said. "It wasn't just that they got into a server farm, as the victims were quite diverse, with presumably the only common point being whatever vulnerability they all shared.”more



connet Hackers PWN British Islamist Website

A group of Russian hackers recently infiltrated a website run by radical Islamists in Britain and uploaded a keystroke recording program which allowed them to follow the internet browsing habits of members. The website, called Islambase, is run by the followers of exiled British cleric Omar Bakri Mohammed. His followers are best known for a number of protests, including one in which followers urged the beheading of those who insulted Islam. The Islambase website should be very familiar to Jawa Report readers. In March of last year we reported that the website carried al Qaeda literature, including Osama bin Laden's "Clarification of 9/11" and a "Declaration of War". They also secretly distributed an online book titled, "The Virtues of Killing the Non-Believer." Arabic speakers would immediately recognize the significance of the website's name, since "qaeda" means "base".more



connet NetSecurity opens state-of-the-art computer forensics lab

NetSecurity Corporation announced the launch of NetSecurity Forensic Labs, a state-of-the-art secure facility offering computer forensics investigation, electronic discovery, incident response, and fo...more



connet Dealing with the security risks of greylisted devices

This argues for a policy-driven approach to information security management that encompasses both conditions and actions. Policy can be an all-encompassing ... more



connet AirDefense Named 2008 Award Finalist by SC Magazine - Reuters

In April 2007, AirDefense was honored with a "2007 Reader's Choice Award" in the Wireless category from Information Security (TM) magazine and ... more



connet Latest article of Security information management (SIM)

SIM (security information management) products have become more accepted as critical components within the network security infrastructure. As such, understanding the criteria for selecting SIMs has become more important. Moreover, in a fast-evolving market segment [SIM becomes SEM (security event manager), becomes SI/EM, becomes ?], it's more important to understand the important architectural differences and implementation requirements than the industry acronyms and product names. A wave of consolidation has already begun to hit the SIM market, but the major issues and deployment criteria span brands and individual technologies.more



connet Fortinet: Storm Worm botnet used to mount phishing attacks on Barclays, Halifax banks

Fortinet has reported that the notorious Storm Worm botnet was deployed this week to mount phishing attacks on two banks, including international giant Barclays, directing customers to fake sites set up to steal their account log-in and password data.more



connet Survey: 80 percent of financial security chiefs rely on FTP transfers despite data breaches

A recent survey of 100 IT managers and CIOs from the financial services, health care, retail, manufacturing and government business sectors shows that despite a torrent of bad press on data-security breaches involving FTP (file-transfer protocol), its use is prevalent and growing.more



connet Prevent unauthorized USB devices

In the conclusion of his series on preventing unauthorized USB device use on your network, Brien Posey discusses the pros and cons of using software restriction policies such as certificate rules, hash rules, Internet zone rules, and path rules to prevent users from employing a USB device to bring unauthorized software into the organization. He also discusses some third-party software applications that can be of use.more



connet Using Windows Rights Management Services to secure data

Keeping confidential information under wraps is paramount in any business, but finding the right mix of tools or techniques is a common challenge. In this tip, contributor Tony Bradley explains how Windows Rights Management Services (WRMS) can help enterprises implement document access restrictions and keep sensitive data locked down. more



connet Microsoft patches Windows TCP/IP, LSASS flaws

Attackers could exploit Windows TCP/IP, LSASS flaws to hijack targeted computers and do a variety of damage, Microsoft warned Tuesday. Windows Vista is affected. more



connet Security update for VMware ESX Server, VirtualCenter

VMware has released a hefty security update to address flaws in the VMware ESX Server and VirtualCenter. Attackers could exploit the flaws to perform actions with escalated privileges, cause a denial of service or compromise a vulnerable machine. The Heise Security blog has a decent synopsis of the problems addressed: “Versions 3.0.1 and 3.0.2 of ESX Server include a buffer overflow in the OpenPegasus CIM Management Server that can be exploited by an attacker to remotely inject code and execute it with root privileges,” Heise said. The problem resides in the PAMBasicAuthenticator::PAMCallback() function that performs authentication using pluggable authentication modules (PAM). The vendor recommends that users of version 2.5 switch to a bug-fixed version 3.0.1 or higher. VMware also addressed security holes in the ESX Server service console package, which includes Samba, Perl, OpenSSL and util-linux, as well as some older vulnerabilities in software included with VirtualCenter Management Server 2 and ESX Server 3.0.1 and 3.0.2. more



connet McAfee, Inc. Solutions Protect Against Three Newly Disclosed Microsoft Vulnerabilities

McAfee, Inc. today announced that it provides coverage for the three security vulnerabilities disclosed by Microsoft Corporation. These vulnerabilities have been reviewed by McAfee® Avert® Labs, and based on their findings, McAfee recommends that users confirm the Microsoft product versioning outlined in the bulletins and update as recommended by Microsoft and McAfee.more



connet Sophos urges caution on Facebook apps

The security company has warned it is 'obviously proving impossible' for Facebook to police potentially harmful third-party appsmore



connet Gateway Weblaunch CWebLaunchCtl ActiveX Control Insecure Method Exploit

connet MSN Worm Comes from... Netherlands!

connet Sourcefire(R) Delivers Same Day Protection for Critical Microsoft Tuesday Vulnerability

connet Symantec releases online cybersecurity quiz

connet Microsoft's SkyDrive beta abused by spammers.

connet IBM AIX Trusted Execution Unspecified Vulnerability

connet Nmap for Beginners - Network & Port Scanning made easy

connet Remote Command Execution in Windows TCP/IP stack leads to kernel level access