admini – Page 207 – CyberSecurity Institute

Phishers more successful than first thought

Posted on October 16, 2006December 30, 2021 by admini

“Our goal was to determine the success rates of different types of phishing attacks, not just the types used today but those that have not yet occurred in the wild,” said Markus Jakobsson, associate professor at the IU School of Informatics.

Along with computer science doctoral student Jacob Ratkiewicz, Jakobsson devised simulated attacks in which users received emails appearing to be legitimate and providing links to eBay. One experiment they devised was to launch a ‘spear phishing’ attack in which a phisher sends a personalised message to a user who might actually welcome or expect the message. The researchers used three types of approach statements: ‘Hi can you ship packages with insurance for an extra fee?’

“We think that spear phishing attacks will become more prevalent as phishers are more able to harvest publicly available information to personalise each attack,” said Ratkiewicz.

http://www.vnunet.com/2166518

Saudi passes cybercrime laws

Posted on October 15, 2006December 30, 2021 by admini

The maximum punishment under the new legislation is a prison sentence of ten years and a fine of US$1.3million, which can be imposed on anyone found guilty of hacking into government networks to steal information related to national security or using the internet in support of terrorism.

Any person who gains unauthorised access to a public network or who installs viruses on that network will be subject to a fine of around US$800,000 and/or up to four years in prison.

http://www.itp.net/news/details.php?id=22318&srh=&tbl=itp_news

Targeted Trojan attacks on the rise

Posted on October 14, 2006December 30, 2021 by admini

“Your problem is no longer how do I avoid being attacked, but how do I find where I’ve been compromised.”

Last year, computer emergency response groups in the U.K., Canada and Australia warned of such attacks. While the United States Computer Emergency Readiness Team (US-CERT) did not issue a warning, security firms confirmed at the time that U.S government agencies and companies had already been targeted by such malicious software.

A major problem for large companies, government agencies and other potential targets is that antivirus software is not good at stopping low-volume attacks aimed at single companies. Traditional antivirus programs detect widespread attacks based on matching to a known pattern and do not fare well against low-volume Trojans. “There is no value whatsoever in having signature-based antivirus when facing a targeted attack,” said Joshua Corman, host protection architect for Internet Security Systems (ISS).

Military agencies, human rights organizations and pharmaceutical companies are some of the types of groups that are being targeted by specifically aimed attacks.
timate programs as potential threats.

http://www.securityfocus.com/news/11418

A-Listing Your Apps

Posted on October 13, 2006December 30, 2021 by admini

“It’s back to the future with some of this,” says Andrew Jaquith, program manager for security research at the Yankee Group. Jaquith says the current approach of identifying and blocking the bad is starting to fail, with malware samples increasing at a rate of around 50 percent annually. “Whitelisting is increasingly becoming part of a well-balanced diet on the client,” he says.

And it’s quietly and slowly catching on beyond vendors such as SecureWave, Savant Protection, and Bit9 that have made a business out of whitelisting applications.

Many of the early whitelisting adopters today are small- to medium-sized organizations, where deploying this technology across desktops wouldn’t be as major an undertaking at say, a major Fortune 100 company. SourceMedia has been testing Savant Protection’s endpoint software with whitelisting for several months. “Conceptually, it makes a ton of sense,” says Ivan Latanision, vice president of information technology for SourceMedia, who adds the company hasn’t made its final decision on whether to purchase the tool yet.

Savant uses unique cryptographic algorithms and signature keys for each application on each desktop, rather than a server-based access control list. Patton Harris Rust & Associates has been running SecureWave’s Sanctuary software for whitelisting since last year — initially for device control and later for application control as well. John Loyd, vice president and director of IT for PHR&A, says the company installed the software for protection against zero-day attacks, ensuring its users aren’t installing illegal software, and to ensure the quality of apps its engineers use. Dennis Szerszen, vice president of marketing and corporate strategy of SecureWave, says antivirus blacklisting and Sanctuary’s whitelisting work best together. “We need to be triggering the AV processes so they can clean up what” they found.

http://www.darkreading.com/document.asp?doc_id=107320&WT.svl=news2_1

Email Looms as IT Threat

Posted on October 11, 2006December 30, 2021 by admini

What emerges from all this is far from the landscape described by email management vendors, in which organizations are eager to adopt technology to sort and save important email.

When it comes to archiving email, nearly 60 percent of respondents said they save email as part of regular backup. Just 3 percent reported outsourcing email archiving.

“As anyone who has gone through an e-discovery process can attest, finding and producing relevant emails from back-up is not the same as producing them from an archive in which the content is based on the subject and relevance of the email.”

According to the Radicati Group consultancy, the volume of email that the average corporate user sends and/or receives every day will grow 30 percent within the next four years, from 16.4 Mbytes in 2006 to 21.4 Mbytes per day in 2010. And unless companies start taking action, Mancini implies, they’ll be risking both their ability to produce relevant proof for compliance or litigation, but also their ability to benefit from increased use of email.

http://www.darkreading.com/document.asp?doc_id=107231&WT.svl=news1_2

Compliance: A Multi-Front War

Posted on October 11, 2006December 30, 2021 by admini

“Enterprises are doing all of their compliance work in silos, and they aren’t seeing the commonality between [the projects], particularly in the area of security,” says Stephen Barlock, North America security lead at Accenture. “The net result is that their compliance efforts are much too complex.”

Enterprises are also finding that the costs of their compliance efforts are rising, not falling, because of the growing number of independent, and sometimes redundant, regulatory efforts, says Mark Perry, vice president of global consulting services at Symantec, who will head the joint venture.

SOX and the Gramm-Leach-Bliley Act (GLBA) mandate data protection, but don’t give any IT specifics. The Health Insurance Portability and Accountability Act (HIPAA) and the Payment Card Industry (PCI) standards outline more specific requirements.

“What we encourage companies to do is build a matrix of the requirements,” says Chris Apgar, president of Apgar and Associates LLC, a compliance consulting firm. If they meet the most stringent security requirements on the matrix in each category, the result should be a security platform that meets the compliance mandates of all of them. For example, if you look at SOX and GLBA, they don’t say much about encryption,” Apgar says.

Accenture and Symantec are working on a way to automate the process of correlating the security requirements of each regulatory mandate and identifying the most stringent elements, says Accenture’s Barlock. “With this joint venture with Symantec in place, though, we think the days of doing this manually are numbered.” “If you want to encrypt email, a $250,000 package from Tumbleweed is a pretty sure thing to pass an audit,” he says.

http://www.darkreading.com/document.asp?doc_id=106910&WT.svl=news2_5