Cyber Security Institute

Saturday, January 31, 2004

Credit card scam detected as computer virus spreads

Computer security firms estimate that between 500,000 and 600,000 computers worldwide have been infected by this week’s MyDoom virus - roughly 5 per cent of them in Australia.


Wednesday, January 28, 2004

US Government Virus Alert Program Debuts

Two days after the MyDoom worm began its attack on the Internet, the U.S. government launched a new program to issue e-mail security alerts to the public for virus and worm attacks.


Tuesday, January 27, 2004

Network Load-Balancing Vendor Update

The network load-balancing (NLB) vendor landscape has consolidated down to five major players and some niche alternative vendors.

META Trend: Wide-area network services will transition toward IP VPNs (network- and edge/Internet-based).


Monday, January 26, 2004

TruSecure delivers custom bug alerts

Security company TruSecure unveiled a service on Monday that aims to help network administrators get a jump on new threats to critical systems.


Saturday, January 24, 2004

Online fraud, ID theft soars

American consumers filed more that half-a-million fraud reports last year adding up to over $437 million in losses, with Internet fraud for the first time accounting for more than half of the complaints, according to a report released by the Federal Trade Commission this week.


Mutating software could predict hacker attacks

Novel computer viruses and worms can sweep the world within hours, leaving a trail of devastation, because firewalls and antiviral software work by identifying the telltale signatures of known attacks.  They are useless against anything completely new.


Comparison of feature sets from different virus vendors

Friday, January 23, 2004

Flexible IT, better strategy

Even for those who understand technology better, it is a sore subject because today’s IT architectures, arcane as they may be, are the biggest roadblocks most companies face when making strategic moves.  The empty biennial reviews of yesteryear are gone, superseded by “radical incrementalism,” which emphasizes rapid waves of near-term (six- to 12-month) operational and organizational initiatives brought into focus by a shared view of a company’s much longer-term (five- to 10-year) strategic direction.


Better security means lower TCO for Win 2003 - MS

Windows NT and 2000 customers should move to Win 2003 as soon as possible to take advantage of lower support costs, according to Microsoft.


Wednesday, January 21, 2004

Inverting the IT pyramid

In case you haven’t noticed, information technology services are hot.


Issues to address in your incident management policy

An incident management policy (IMP) is one element of an effective incident management program.


Tuesday, January 20, 2004

An IT Manager

Most board directors clam-up and switch off at the words “Your Company could be at risk if you don’t invest in XYZ technology”.  This was made very clear in the Mobile Usage Survey conducted by Infosecurity and Pointsec which found that a third of users don’t both protecting their mobile device with password even though they store highly confidential company and personal information on them including all their other passwords, Pin numbers and bank details.


Monday, January 19, 2004

Check Point launches dewormer for internal networks

Check Point Software launched Interspect, a family of security appliances designed to block the spread of computer worms across internal networks.


Thursday, January 15, 2004

Outsourcers need industry savvy

Companies looking for a technology outsourcing partner would be wise to consider candidates’ business knowledge and not just their technology chops, according to a new study.


Wednesday, January 14, 2004

Target-based IDS muffles the noise to take aim on the alerts that count

The problem with network intrusion-detection systems (NIDSes), as any frustrated security manager knows, is they generate a lot of false positives, false alerts, false alarms, etc.  It’s hard to separate the wheat from the chaff.



New regulations can be attributed to this as they place deeper responsibilities on financial institutions to protect the information of their customers while continually validating their accuracy.



The security briefing is intended for bankers looking for additional direction with regard to satisfying the security and privacy requirements section 501b of the Gramm-Leach-Bliley Act (GLBA).


Tuesday, January 13, 2004

Engaging in worm warfare

Last summer, it seemed the onslaught would never end.  One after another, a progression of worms and other malware threatened to bring down systems as enterprises floundered in a morass of unpatched vulnerabilities and malicious e-mails opened by unwary employees.  The worms did more than just annoy.


Monday, January 12, 2004

Business continuity planning: will it save you?

Every year, security firm Pinkerton publishes a survey of the top threats that businesses believe that they have faced over that particular year writes Fran Howarth of Bloor Research.

In six out of the past seven years, workplace violence has topped the list of concerns.

However, business continuity interruption or continuity planning has been placed as the second greatest threat perceived by businesses for four out of the past five years.


Buffer Overflow Plugged in Sun ONE Web Server

In a brief alert, the Santa Clara, Calif.-based firm said the flaw could be exploited by a remote user to crash the Web server, which is a type of denial-of-service attack (define).


Digital Signatures And European Laws

The article discusses the security requirements for governments and business in electronic communication and commerce, pursuant to European laws.  It will also give an overview of current trends with public key infrastructure in Europe, useful for any organization that does business with the EU.


Saturday, January 10, 2004

Banks Strive for Security Awareness with $2M Contract from Treasury

To enhance the security awareness of the nation’s banks, the U.S. Department of the Treasury has awarded a $2 million contract to the Financial Services Information Sharing and Analysis Center (FS/ISAC).


Wednesday, January 07, 2004

Top five security policies tips

Policies are the backbone to any security infrastructure, as they provide a framework and support mechanism for all your other efforts.


Word encryption hole exposed with no fix on the way

Microsoft Word documents that use the software’s built-in password protection to avoid unauthorised editing can easily be modified using a relatively simple hack that was published on a security website last Friday.


Tuesday, January 06, 2004

Internet security: the Top 10 online blunders

With over 10 years experience of defending against Internet security threats, he’s pretty much seen it all.


Microsoft publishes program to blast MSBlast

Microsoft released a removal tool for the MSBlast worm on Monday after Internet service providers complained that home users’ PCs infected with the malicious program are still causing network congestion.


Indian outsourcing: Your data is more at risk than your job

Data leaving the EU raises questions of security and jurisdiction.  A top London lawyer has warned that the current trend of UK companies offshoring to locations outside the EU, such as India and China, raises a real threat of personal data being abused.


Monday, January 05, 2004

Security Threats Won’t Let Up

Hackers, viruses, and worms provided a constant threat in 2003.  The year started off badly in January when the Slammer worm in about three hours infected hundreds of thousands of systems running Microsoft SQL Server.


CIO priorities for 2004

International Data Corp. is predicting that IT spending in the U.S. will be 6% to 8% higher—maybe more—than it was in 2003.  Forrester Research of Cambridge, Mass., also has an optimistic outlook.


Sunday, January 04, 2004

Microsoft Plans Office 2003 Service Pack For May

Microsoft is putting pedal to the metal to get Service Pack 1 for Office 2003 out by May, sources said.