Security Protection – Harry Waldron MVP Rotating Header Image

March, 2012:

Corporate Compliance Insights – Best Ethical Practices

The Corporate Compliance Insights website for ethics, policy development, and human resource managers.   Each link below shares great standards for exempliary personal and business conduct.  As security is built on a foundation of trust, companies should actively promote ethical conduct for customers and within their teams. 

Ethics – Your Personal Roadmap to Success http://www.corporatecomplianceinsights.com/your-personal-road-map-for-the-high-road-to-success/

Ethics – Eight questions leaders should ask each day http://www.corporatecomplianceinsights.com/8-ethics-questions-every-leader-should-ask-themselves-daily/

Ethics – Corporate Best Practices http://www.corporatecomplianceinsights.com/ethics-and-integrity-best-practices-global-ethics-and-integrity-benchmarks/

Ethics – Writing corporate policies http://www.corporatecomplianceinsights.com/corporate-code-of-conduct-guidelines-policy-tips-writing-updating/

Ethics – Implementing corporate policies http://www.corporatecomplianceinsights.com/whip-your-company-into-shape-with-an-ethics-and-compliance-policy/

Ethics – Excellent Series of Articles http://www.corporatecomplianceinsights.com/category/ethics/

ISC reports Fake Tech reps calling

http://isc.sans.org/diary/Fake+tech+reps+calling/12874

QUOTE:  Fake Anti-Virus isn’t enough, now we also have to contend with fake Microsoft reps! This scam has been going on for a while, but continues to be rampant, which suggests that it is quite successful for the bad guys.  ISC reader Fred received such a call earlier today. The caller claimed to be from the “Tech department of Windows” and asked Fred to open the event viewer via run command, to check for errors or warnings. Of course there were some errors (it is Windows, after all :-), but the alleged techie then theatrically exclaimed “You indeed have the deadly errors” .. and proceeded to ask Fred to connect to a malicious site and launch a remote desktop app. Fred, savvy security guy that he is, went there with Firefox and Noscript, and while Fred was still launching Wireshark to capture the next steps, the alleged Windows techie got cold feet, and hung up.

Visa and MC Data Theft – possible $1.6 million cost per business

PC Magazine shares a potential sizeable cost for every participating business

MasterCard, Visa Data Theft May Cost Each Business $1.6 Million


QUOTE:  It’s still a mystery how many MasterCard and Visa customers will be affected by the recent breach at a credit card payment processor. Regardless of the actual size of the breach, businesses are the ones who will be held liable.  If the original estimate from Brian Krebs, the security expert behind Krebs on Security, stands, a single retailer could potentially be on the hook for a whopping $1.6 million, according to a data breach assessment generated by CO3 Systems. CO3 Systems helps businesses assess data breach incidents and develop incident response plans to navigate the maze of compliance and regulatory requirements through its data loss management platform. Sources told Krebs the breach was “massive” and may involve more than 10 million records.

Duqu – Kapersky shares extensive series of articles

http://www.securelist.com/en/analysis/204792208/Stuxnet_Duqu_The_Evolution_of_Drivers

QUOTE: Duqu is a sophisticated Trojan which seems to have been written by the same people who created the infamous Stuxnet worm. Its main purpose is to act as a backdoor into the system and facilitate the theft of private information.

Hlux/Kelihos Botnet – FAQ

Kapersky has an excellent FAQ related to this Botnet

FAQ: Disabling the new Hlux/Kelihos Botnet http://www.securelist.com/en/blog/208193438/FAQ_Disabling_the_new_Hlux_Kelihos_Botnet

QUOTE: Kelihos is Microsoft’s name for what Kaspersky calls Hlux. Hlux is a peer-to-peer botnet with an architecture similar to the one used for the Waledac botnet. It consists of layers of different kinds of nodes: controllers, routers and workers

Facebook – Avoid sharing your credentials with a prospective employer

This excellent article from ESET Security documents issues for both the employee and employer. 

Facebook logins toxic for employers, violate security and privacy principles http://blog.eset.com/2012/03/24/facebook-logins-toxic-for-employers-violate-security-principles-as-well-as-privacy

QUOTE:  Attention CEOs and HR Managers: Facebook login credentials belonging to current or prospective employees are not something that any employer should request, use, or posses. Why? Apart from the violation of security and privacy principles? The risks far outweigh any benefit you imagine you could gain by logging into a social media account that does not belong to you, even if you have persuaded the account owner to give their consent.  The practice of asking current or future employees for their Facebook credentials is not only a serious risk for employers, it is one of the most unpleasant HR stories that I’ve encountered …

VISA and MasterCard warn of massive security breach

Up to 10 million credit cards may have exposed earlier this year: 

VISA and MasterCard warn of massive security breach (up to 10 Million credit cards) http://www.marketwatch.com/story/mastercard-visa-warn-of-security-breach-report-2012-03-30
http://krebsonsecurity.com/2012/03/mastercard-visa-warn-of-processor-breach/

QUOTE:  VISA and MasterCard are alerting banks across the country about a recent major breach at a U.S.-based credit card processor. Sources in the financial sector are calling the breach “massive,” and say it may involve more than 10 million compromised card numbers.  In separate non-public alerts sent late last week, VISA and MasterCard began warning banks about specific cards that may have been compromised. The card associations stated that the breached credit card processor was compromised between Jan. 21, 2012 and Feb. 25, 2012.

Microsoft’s Digital Crimes Unit Targets ZeuS Botnet

F-Secure documents a continued concerted effort by Microsoft and other vendors to eradicate this sophisticated botnet

Microsoft’s Digital Crimes Unit Targets ZeuS Botnet http://www.f-secure.com/weblog/archives/00002337.html

QUOTE: Microsoft’s Digital Crimes Unit expanded its legal arsenal against malicious botnets this past weekend when – in collaboration with financial services industry members – it took out servers belonging to ZeuS botnets. Microsoft filed with the U.S. District Court for the Eastern District of New York on March 23rd. The successful application allowed Microsoft and its partners to do a coordinated seizure of some of the worst known Zeus C&Cs.

Windows 8 Server Beta – Metro interface Navigational techniques

This link documents to navigate to key functions using new Metro interface:

Common Management Tasks and Navigation in Windows Server “8” Beta http://technet.microsoft.com/en-us/library/hh831491.aspx

QUOTE: Options are available for installing Windows Server “8” Beta with a minimal user interface well-suited to remote management. For more information, see Windows Server Installation Options. In this topic:

Open the Start screen Shut down or restart the computer Lock the computer or sign out Close a Metro style app Access Settings for the current screen Access Control Panel Access Administrative Tools Create shortcuts Open the Run dialog box Run a program as administrator or as another user Open Server Manager Start Windows PowerShell Open Remote Desktop Connection Open Command Prompt Open Microsoft Management Console (MMC) and snap-ins Keyboard shortcuts Use keyboard shortcuts in a Remote Desktop session Use keyboard shortcuts in Hyper-V virtual machines

Windows 8 Server Beta – home support page
http://technet.microsoft.com/en-us/library/hh801901.aspx

Microsoft TWC – Next step is Safety in a Connected World

This informative article in Microsoft’s Technet Security Blog shares future challenges: 

Trustworthy Computing Next: Building Trust in a Connected World http://blogs.technet.com/b/microsoft_blog/archive/2012/02/28/trustworthy-computing-next-building-trust-in-a-connected-world.aspx

QUOTE:  From the beginning, Trustworthy Computing’s mission was billed as a long-term journey. As Microsoft marked the 10-year milestone of TwC last month, we also looked forward and recognized that evolving IT models and societal changes have made the relentless pursuit of TwC more important than ever. Today at the RSA Conference 2012, I’m providing my vision for Trustworthy Computing Next within a keynote and sharing a new white paper.

There are three major forces of change. First, with a proliferation of devices, services, and sensors, people are excited about the potential of the cloud and big data. … Second, as our dependency on IT has grown, governments have become increasingly active in Internet affairs. … Finally, the threat landscape continues to evolve. Opportunistic threats have been supplemented by attacks that are more persistent and determined.

In this new world, each and every machine, application, data or person may be helpful or harmful, innocuous or dangerous. The Web we live in today is no longer about bilateral relationships; we are connected in new ways where an individual and an organization may have no direct relationship at all, even as they share data or take on IT dependencies. With lack of transparency into these relationships, dependencies, and data flows, it can be hard to make intelligent trust decisions.