admini – Page 272 – CyberSecurity Institute

INFLUENTIAL SURVEY SAYS SECURITY ‘SET BACK BY 6 YEARS’

Posted on November 23, 2005December 30, 2021 by admini

“Six years ago attackers targeted operating systems and the operating system vendors didn’t do automated patching. Now the attackers are targeting popular applications, and the vendors of those applications do not do automated patching. ” During a press conference, Paller added, “These applications, other than AV, don’t have automated patching.”

In recent years, the institute said a majority of attacks targeted operating systems like UNIX and Windows and Internet services like Web servers and mail systems.

“The most noticeable set of applications targeted by attackers are the backup and recovery tools as well as antivirus and other security tools that most organizations think are keeping them safe from attacks and from loss of data,” the institute said. These include backup software, antivirus software, database software and even media players.

During the Tuesday morning press conference, Dhamankar said the threats that worry him the most are those targeting the Web browsers and media players — including Microsoft Media Player and Macromedia Flash. “The US-CERT received reports of important system compromises using vulnerabilities in backup products within a few days of the public disclosure of vulnerabilities in those products,” he said.

SANS said another worrying trend this year has been the fresh attention given to critical security holes in network devices like the routers and switches that keep traffic moving across the Internet.

http://searchcio.techtarget.com/originalContent/0,289142,sid19_gci1148491,00.html

CSI in computer forensics gaffe

Posted on November 18, 2005December 30, 2021 by admini

The temptation for IT departments to become digital detectives and deal with a breach of security in house is understandable, says Tobias, as companies worry about investor confidence, company reputation and business in general.

CY4OR’s guide to crime scene investigations Treat the matter seriously.
– Tell your legal team not your colleagues about your suspicions.
– Do not inform your IT department. Instead, hire computer forensic experts.

Professional analysts from reputable companies adhere to ACPO (Association of Chief Police Officer) guidelines, can identify digital evidence quickly and ensure that it will stand up in court by following the correct procedures. They can even image your computers at night, to avoid inevitable discussions by the water cooler.

The principle of forensics which says that “every contact leaves a trace” cannot be emphasised enough, says Tobias.

http://www.theregister.co.uk/2005/11/18/csi_forensics_gaffe/

Bots slim down to avoid detection

Posted on November 17, 2005December 30, 2021 by admini

The move to pint-size botnets helps malicious attackers have more success in delaying detection of their illicit zombie networks, Sunner said.

“When a larger botnet is spreading a virus, it lights up the switchboard of (antivirus) vendors, and they’ll respond in a few hours with a signature to contain the outbreak,” Sunner said. First, an increase in the numbers of hackers hoping to put together networks has made the task of securing zombie computers more competitive, so it is harder for the “bot herder” to amass a larger number of drone computers. Second, home users with high-bandwith connections, the primary targets of hackers, are taking more steps to secure their computers.

“As botnets get used up, they are blacklisted and less useful for spamming or phishing attacks,” Sunner said. Last year, Sunner said his company began noticing old, wornout spambots were being resold as potential DOS bots on various sites and forums used by malicious attackers.

http://www.zdnetindia.com/print.html?iElementId=130532

Windows with anti-rootkit

Posted on November 17, 2005December 30, 2021 by admini

According to Bob Muglia, high ranked in Windows server group, Microsoft had put in place a ‘patch guard’ on the Windows kernel, which would make it impossible to append code to the core of the OS while it was running.

Such a design would stop software such as rootkits from hitching into kernel software processes as a means to make themselves appear legitimate.

Microsoft’s 64-bit Longhorn Server is expected to ship in 2007, with the 64-bit only Release 2 two years later.

http://www.xatrix.org/article4189.html

e-Security Debuts Mainframe Compliance Monitoring

Posted on November 16, 2005December 30, 2021 by admini

Sentinel Mainframe Connect captures security and compliance events directly from mainframe computers and, used with Sentinel 5, correlates the information with other IT security and compliance events across the organization to provide an enterprise-wide view of critical compliance data.

“With the government’s and the industry’s focus on data protection, organizations must be able to monitor and protect these assets and provide proof of compliance with regulatory requirements.

http://www.securitypipeline.com/news/174300509

Risky Employee E-mail Habits Threaten Business

Posted on November 16, 2005December 30, 2021 by admini

Results also show that nearly half (48 percent) say they have sent or received joke e-mails, funny pictures/movies, funny stories of a questionable tone.

While 73 percent of the respondents indicated that they are aware of corporate e-mail policies, less than half (46 percent) claimed they always adhere to the policy.

41 percent indicated they would prefer to keep important e-mails indefinitely, most businesses place limits on the amount of e-mail that can be stored. And such limitations may be leading to practices that could jeopardize security.

The survey reported that half the respondents have saved e-mail outside the corporate network.

http://www.securitypipeline.com/news/174300713