Skip to content

CyberSecurity Institute

Security News Curated from across the world

Menu
Menu

Banks Strive for Security Awareness with $2M Contract from Treasury

Posted on January 10, 2004December 30, 2021 by admini

The award will go towards providing its industry members with secure collaboration, additional data feeds regarding threats and vulnerabilities, alert confirmation, new analytical capabilities, and performance metrics.

“Our research convinced us that the FS/ISAC must make significant investments to upgrade its technological infrastructure if it is to serve the entire sector and deliver a product that would elicit ongoing, private-sector support,” remarked Brian Roseboro, Acting Under Secretary of the Treasury for Domestic Finance.

The FSSCC’s membership consists of trade associations, institutes and utilities in the banking world, rather than the individual banks themselves.

Acting on their members’ behalf, the FSSCC representatives will help to coordinate sector-wide initiatives in specific market segments within financial services.

The FSSCC may also prove to be a important conduit for coordinating comments on statutes published for comment by the Department of Homeland Security, taking a broad, industry-wide perspective.

More info: [url=http://www.bankinfosecurity.com/feed.php?target=http://www.banktech.com/story/news/showArticle.jhtml?articleID=17200386]http://www.bankinfosecurity.com/feed.php?target=http://www.banktech.com/story/news/showArticle.jhtml?articleID=17200386[/url]

Read more

Word encryption hole exposed with no fix on the way

Posted on January 7, 2004December 30, 2021 by admini

The password-protection feature in Microsoft Word – activated by clicking on Tools/Protect Document – can be bypassed, disabled or deleted at will, with the help of a simple programming tool called a hex editor.

Microsoft was informed about the vulnerability in late November by Thorsten Delbrouck, chief information officer of Guardeonic Solutions, which is a subsidiary of German security specialist Infineon Technologies. He explained that one of his company’s hardware suppliers is Dell, which emails its quotes on a form protected-Word document.

Following Delbrouck’s revelations, Microsoft updated its Knowledge Base article 822924, titled ‘Overview of Office features that are intended to enable collaboration and that are not intended to increase security’ to include the following warning to users: “When you are using the ‘Password to Modify’ feature, a malicious user may still be able to gain access to your password.”

Instead of using the protect feature, Thorsten Delbrouck advises companies sending sensitive information to use digital signatures or a different document format altogether, such as Adobe’s PDF, which he has recommended to Dell in Germany.

More info: [url=http://www.silicon.com/hardware/desktops/0,39024645,39117653,00.htm?foo=Word%20hole%20exposed%20with%20no%20fix%20on%20the%20way%2001-07-2004]http://www.silicon.com/hardware/desktops/0,39024645,39117653,00.htm?foo=Word%20hole%20exposed%20with%20no%20fix%20on%20the%20way%2001-07-2004[/url]

Read more

Top five security policies tips

Posted on January 7, 2004December 30, 2021 by admini

5. Don’t forget what you don’t see. Your traveling and remote users may be out of sight, but they shouldn’t be out of mind.
4. Cover all your bases. While you aren’t rewriting War and Peace, you should be as comprehensive as possible.
3. Be reasonable. Your end-users should be able to comprehend and abide by the policies that you set forth.
2. Understand what a security policy is. But do you really know what a security policy is?
1. Don’t start from scratch. You aren’t the only IT manager facing the Herculean task of writing security polices.

More info: [url=http://searchsecurity.techtarget.com/tip/1,289483,sid14_gci943353,00.html]http://searchsecurity.techtarget.com/tip/1,289483,sid14_gci943353,00.html[/url]

Read more

Indian outsourcing: Your data is more at risk than your job

Posted on January 6, 2004December 30, 2021 by admini

There are growing concerns that personal information being used by data processors such as offshore call centres may be abused once it is taken outside the reach of EU law enforcement bodies. And David Naylor, partner at law firm Morrison & Foerster, believes these fears are not without foundation, despite rules which make it illegal.

Naylor said there are laws in place which mean companies generally cannot enter into outsourcing agreements where personal data is transferred outside Europe unless it is to a country which shares the same rigorous levels of data protection or the individuals concerned have consented to the transfer of their data abroad. In addition, the company transferring the data must ensure that the outsourcing service provider meets other key criteria, such as guaranteeing levels of security and employee reliability. However, he warned “there is definitely a significant danger that data could be misused once it is taken outside the EU, even though any data controller thinking they can do so without breaking UK law would probably be entirely wrong”.

With so much data being transferred via so many transactions it is often difficult to spot the legitimate from the illegal. By moving operations offshore and adding a further level of complexity to this equation it is almost inevitable breaches, both deliberate and accidental, will occur. Naylor said: “Data is flowing from country to country at incredible speeds in ever greater volumes and the ability of regulators to control that and to ensure rules are observed and laws are obeyed is far from limitless.”

More info:[url=http://www.silicon.com/software/security/0,39024655,39117625,00.htm]http://www.silicon.com/software/security/0,39024655,39117625,00.htm[/url]

Read more

Microsoft publishes program to blast MSBlast

Posted on January 6, 2004December 30, 2021 by admini

The MSBlast worm, also commonly called the Blaster worm, started spreading last August and is believed to have spread to hundreds of thousands of systems.

While most corporations have cleaned up the worm, Microsoft has found that a large number of home users are still unknowingly infected, the software giant said in a statement.
“For many users in this situation, there is little indication that they are infected other than possible performance degradation,” Microsoft said in a statement. “And those infected are still actively transmitting the worm, causing Internet congestion in the process.”

Microsoft’s aim in releasing the latest tool is to reduce the amount of traffic being born by ISPs by cleaning up a significant number of home computers.

The tool can be found on Microsoft’s download site.

More info: [url=http://news.com.com/2100-1002_3-5136260.html?tag=nefd_top]http://news.com.com/2100-1002_3-5136260.html?tag=nefd_top[/url]

Read more

Internet security: the Top 10 online blunders

Posted on January 6, 2004December 30, 2021 by admini

Failing to archive firewall log files: Firewalls are often correctly configured with full logging enabled.

Not knowing where your passwords are documented: Nothing makes supporting customers more of a challenge than if they cannot remember where their passwords are documented.

Not scanning e-mails for viruses: Without question, e-mail borne viruses are today the biggest Internet security threat.

Not blocking Instant Messaging on your firewall: With Microsoft now in a big push to get people using its IM technology we are beginning to see IM clients freely deployed in businesses, mainly by users.

Depending on users to patch their own workstations: Let’s face it, users are terrible at following instructions

Not having an incident response plan: All networking and security professionals know that even with the best planning in the world, something will still go wrong.

Failing to disable accounts for departed employees: You would not believe how frequently HR fails to tell IT that an employee has left the business.

Failing to configure any security on a wireless access point: We all know wireless is here to stay.

Not keeping your firewall patched: This is pretty much tantamount to paying for an expensive lock on your front door at home and then leaving the keys in the lock – on the outside!

Not securing home PCs with their own firewall, VPN and virus detection

More info: [url=http://www.biosmagazine.co.uk/op.php?id=77]http://www.biosmagazine.co.uk/op.php?id=77[/url]

Read more

Posts navigation

  • Previous
  • 1
  • …
  • 391
  • 392
  • 393
  • 394
  • 395
  • 396
  • 397
  • …
  • 421
  • Next

Recent Posts

  • AI/ML News – 2024-04-14
  • Incident Response and Security Operations -2024-04-14
  • CSO News – 2024-04-15
  • IT Security News – 2023-09-25
  • IT Security News – 2023-09-20

Archives

  • April 2024
  • September 2023
  • August 2023
  • July 2023
  • June 2023
  • April 2023
  • March 2023
  • February 2022
  • January 2022
  • December 2021
  • September 2020
  • October 2019
  • August 2019
  • July 2019
  • December 2018
  • April 2018
  • December 2016
  • September 2016
  • August 2016
  • July 2016
  • April 2015
  • March 2015
  • August 2014
  • March 2014
  • August 2013
  • July 2013
  • June 2013
  • May 2013
  • April 2013
  • March 2013
  • February 2013
  • January 2013
  • October 2012
  • September 2012
  • August 2012
  • February 2012
  • October 2011
  • August 2011
  • June 2011
  • May 2011
  • April 2011
  • February 2011
  • January 2011
  • December 2010
  • November 2010
  • October 2010
  • August 2010
  • July 2010
  • June 2010
  • May 2010
  • April 2010
  • March 2010
  • February 2010
  • January 2010
  • December 2009
  • November 2009
  • October 2009
  • September 2009
  • June 2009
  • May 2009
  • March 2009
  • February 2009
  • January 2009
  • December 2008
  • November 2008
  • October 2008
  • September 2008
  • August 2008
  • July 2008
  • June 2008
  • May 2008
  • April 2008
  • March 2008
  • February 2008
  • January 2008
  • December 2007
  • November 2007
  • October 2007
  • September 2007
  • August 2007
  • July 2007
  • June 2007
  • May 2007
  • April 2007
  • March 2007
  • February 2007
  • January 2007
  • December 2006
  • November 2006
  • October 2006
  • September 2006
  • August 2006
  • July 2006
  • June 2006
  • May 2006
  • April 2006
  • March 2006
  • February 2006
  • January 2006
  • December 2005
  • November 2005
  • October 2005
  • September 2005
  • August 2005
  • July 2005
  • June 2005
  • May 2005
  • April 2005
  • March 2005
  • February 2005
  • January 2005
  • December 2004
  • November 2004
  • October 2004
  • September 2004
  • August 2004
  • July 2004
  • June 2004
  • May 2004
  • April 2004
  • March 2004
  • February 2004
  • January 2004
  • December 2003
  • November 2003
  • October 2003
  • September 2003

Categories

  • AI-ML
  • Augment / Virtual Reality
  • Blogging
  • Cloud
  • DR/Crisis Response/Crisis Management
  • Editorial
  • Financial
  • Make You Smile
  • Malware
  • Mobility
  • Motor Industry
  • News
  • OTT Video
  • Pending Review
  • Personal
  • Product
  • Regulations
  • Secure
  • Security Industry News
  • Security Operations
  • Statistics
  • Threat Intel
  • Trends
  • Uncategorized
  • Warnings
  • WebSite News
  • Zero Trust

Meta

  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org
© 2025 CyberSecurity Institute | Powered by Superbs Personal Blog theme