August 2006 – Page 4 – CyberSecurity Institute

Symantec Establishes Council

Posted on August 10, 2006December 30, 2021 by admini

The Council is a working body of customers established to provide guidance to Symantec’s leadership and development teams regarding the company’s strategic plans and enterprise services and solutions. They will also help guide the direction of existing solutions by providing feedback that reflects the evolution of the security and availability markets and the changing realities of the customers’ business environments. In addition, the Council provides an opportunity to create meaningful and strategic partnerships between Symantec and its large enterprise customers.

http://www.darkreading.com/document.asp?doc_id=100924&WT.svl=wire_3

Workers Ignore the Risks of Web Links and Attachments

Posted on August 8, 2006December 30, 2021 by admini

A survey into the habits of 142 UK office workers conducted by Finjan has uncovered that although they know the security risk to their employers caused by clicking on web-links or opening attachments from unknown sources, they simply can’t help themselves.

http://www.it-observer.com/news/6646/workers_ignore_risks_web_links_attachments/

Weekly Report On Viruses And Intruders

Posted on August 7, 2006December 30, 2021 by admini

Firstly, RuSpy.A is a Trojan that obtains user names and passwords for a range of programs including ICQ, Internet Explorer, Mozilla, Outlook and The Bat! This information is then sent to the creator in an email message. To avoid detection, it tries to terminate several processes belonging to security tools (antivirus programs and files).

Another widespread fraud technique is to hijack computers. This is what the Tervserv.A backdoor Trojan does.

Finally, this week’s report looks at Banker.DZO. This is a Trojan that monitors Internet traffic generated when a user accesses the web pages of Banco de Brasil, Bradesco, CEF, GERENCIADOR, Itau and Brad.Juridico.

http://www.it-observer.com/news/6645/weekly_report_viruses_intruders/

IM Attacks Escalate

Posted on August 7, 2006December 30, 2021 by admini

Postini also noted in July a continuing rise in encrypted email traffic, as organizations around the world increasingly use encryption to protect sensitive communications with their business partners, contractors, regulators and remote employees.

The ability to encrypt email, based on an industry standard called Transport Layer Security (TLS), is built into every modern email server and is easy and free to use.

http://www.darkreading.com/document.asp?doc_id=100733&WT.svl=wire_2

McAfee Releases 5.0

Posted on August 7, 2006December 30, 2021 by admini

With McAfee Foundstone Enterprise 5.0, companies can easily prioritize and rank their highest-value business assets then identify their most critical security vulnerabilities and the threats which could exploit them. The merging of compliance with risk management at the enterprise level is shifting the focus from just identifying vulnerabilities and configuration holes to understanding the total impact of threats, vulnerabilities, and configuration errors on critical assets. Customers can now take in Foundstone data and “link” corporate security policies and standards to specific Foundstone checks to ensure business policy objectives are being adhered to across the network.

McAfee Preventsys Compliance Auditor supports centralized auditing across all aspects of policy: process, procedure and technical controls, which provides a consistent way to reduce the costs associated with demonstrating security compliance.

http://www.darkreading.com/document.asp?doc_id=100686&WT.svl=wire_7

Researchers warn over Web worms

Posted on August 4, 2006December 30, 2021 by admini

“We went from screwing around and having fun on MySpace to an attacker harvesting e-mail addresses to sell to spammers, all in less than 8 months,” Hoffman said.

Such attacks are just an early sign of things to come, said Jeremiah Grossman, founder and chief technology officer for WhiteHat Security, who talked about Javascript threats at Black Hat. Grossman showed off techniques for detecting which of a list of popular sites that a victim has visited and demonstrated a way to port scan an internal network to which the victim is connected, all through Javascript and without exploiting vulnerabilities.

Considered by many security researchers to be a less-than-hackerly technique used by script kiddies, phishers and spammers to fool trusting users, cross-site scripting (XSS) is a key method for injecting malicious code into a victim’s Web session. Cross-site scripting allows a malicious Web site to inject code into the context of another Web site; a user that believes they are interacting with a popular social networking site, might instead be loading a script in from some other malicious site.

“If you don’t want your Web site to be helping spread malware, the best way to prevent it is to resolve your cross-site scripting issues,” Grossman said.

Secure Sockets Layer (SSL) encryption, far from helping secure against such attacks, could instead aid them in dodging detection by intrusion detection, or prevention, systems, he said.

http://www.securityfocus.com/news/11405