admini – Page 272 – CyberSecurity Institute

CSI in computer forensics gaffe

Posted on November 18, 2005December 30, 2021 by admini

The temptation for IT departments to become digital detectives and deal with a breach of security in house is understandable, says Tobias, as companies worry about investor confidence, company reputation and business in general.

CY4OR’s guide to crime scene investigations Treat the matter seriously.
– Tell your legal team not your colleagues about your suspicions.
– Do not inform your IT department. Instead, hire computer forensic experts.

Professional analysts from reputable companies adhere to ACPO (Association of Chief Police Officer) guidelines, can identify digital evidence quickly and ensure that it will stand up in court by following the correct procedures. They can even image your computers at night, to avoid inevitable discussions by the water cooler.

The principle of forensics which says that “every contact leaves a trace” cannot be emphasised enough, says Tobias.

http://www.theregister.co.uk/2005/11/18/csi_forensics_gaffe/

Bots slim down to avoid detection

Posted on November 17, 2005December 30, 2021 by admini

The move to pint-size botnets helps malicious attackers have more success in delaying detection of their illicit zombie networks, Sunner said.

“When a larger botnet is spreading a virus, it lights up the switchboard of (antivirus) vendors, and they’ll respond in a few hours with a signature to contain the outbreak,” Sunner said. First, an increase in the numbers of hackers hoping to put together networks has made the task of securing zombie computers more competitive, so it is harder for the “bot herder” to amass a larger number of drone computers. Second, home users with high-bandwith connections, the primary targets of hackers, are taking more steps to secure their computers.

“As botnets get used up, they are blacklisted and less useful for spamming or phishing attacks,” Sunner said. Last year, Sunner said his company began noticing old, wornout spambots were being resold as potential DOS bots on various sites and forums used by malicious attackers.

http://www.zdnetindia.com/print.html?iElementId=130532

Windows with anti-rootkit

Posted on November 17, 2005December 30, 2021 by admini

According to Bob Muglia, high ranked in Windows server group, Microsoft had put in place a ‘patch guard’ on the Windows kernel, which would make it impossible to append code to the core of the OS while it was running.

Such a design would stop software such as rootkits from hitching into kernel software processes as a means to make themselves appear legitimate.

Microsoft’s 64-bit Longhorn Server is expected to ship in 2007, with the 64-bit only Release 2 two years later.

http://www.xatrix.org/article4189.html

e-Security Debuts Mainframe Compliance Monitoring

Posted on November 16, 2005December 30, 2021 by admini

Sentinel Mainframe Connect captures security and compliance events directly from mainframe computers and, used with Sentinel 5, correlates the information with other IT security and compliance events across the organization to provide an enterprise-wide view of critical compliance data.

“With the government’s and the industry’s focus on data protection, organizations must be able to monitor and protect these assets and provide proof of compliance with regulatory requirements.

http://www.securitypipeline.com/news/174300509

Risky Employee E-mail Habits Threaten Business

Posted on November 16, 2005December 30, 2021 by admini

Results also show that nearly half (48 percent) say they have sent or received joke e-mails, funny pictures/movies, funny stories of a questionable tone.

While 73 percent of the respondents indicated that they are aware of corporate e-mail policies, less than half (46 percent) claimed they always adhere to the policy.

41 percent indicated they would prefer to keep important e-mails indefinitely, most businesses place limits on the amount of e-mail that can be stored. And such limitations may be leading to practices that could jeopardize security.

The survey reported that half the respondents have saved e-mail outside the corporate network.

http://www.securitypipeline.com/news/174300713

CMP Media acquires Black Hat

Posted on November 16, 2005December 30, 2021 by admini

Combining CMP’s current portfolio of Computer Security Institute (CSI), Secure Enterprise magazine and the Security Pipeline website with Black Hat, will position CMP Media as the strongest platform in the computer security media market.

Black Hat was launched in 1997 by Jeff Moss to provide advanced education to security professionals within global corporations and federal agencies.

“This move will enable Black Hat to take advantage of growth opportunities we couldn’t pursue as a small company, such as international expansion, while enabling me to keep doing what I love the most — working with speakers and building the conference programs,” Jeff Moss added.

About CMP Media Through its market-leading portfolio of trusted information brands in the technology, healthcare and entertainment industries, CMP Media has earned the confidence of more professionals and enthusiasts in these fields than any other media company.

http://www.americanventuremagazine.com/news.php?newsid=525