Computer Safety & News

As ZIP files are difficult to process by Anti-Spam security tools and even by some AV defense systems, SPAM attacks continue to use approach and users should be careful if files of this type are received unexpectedly http://www.symantec.com/connect/blogs/zip-attachment-spam-makes-grand-return QUOTE: After a long hiatus, spammers are once again using an old trick, where they attach a […]

Credit card holders should carefully check statements and if directly notified of breach, they should change their account information.  FBI notes these sophisticated attacks most likely impacted more than 3 major retailers. http://www.itpro.co.uk/data-leakage/21463/fbi-warns-of-more-credit-card-breaches QUOTE: Target hack likely to just be the beginning. The FBI has warned US retailers to prepare for more cyber attacks after […]

Details can be found in this informative research report issued by Microsoft security: http://blogs.technet.com/b/srd/archive/2013/12/11/software-defense-mitigating-common-exploitation-techniques.aspx QUOTE: In our previous posts in this series, we described various mitigation improvements that attempt to prevent the exploitation of specific classes of memory safety vulnerabilities such as those that involve stack corruption, heap corruption, and unsafe list management and reference count mismanagement. […]

Yahoo quickly took action on all known security breaches from 3rd party sites, by resetting passwords.  When any security breach takes place it is beneficial for all users to reset passwords http://thenextweb.com/insider/2014/01/30/yahoo-warns-unauthorized-access-mail-accounts-adds-second-sign-safety-measures/ QUOTE: Users of Yahoo mail should be aware of a security issue with the email service. Yahoo acknowledged that it has identified a […]

Investigators are piecing together more of the puzzle, as security forensic analysis continues: http://www.itpro.co.uk/hacking/21500/target-hackers-used-stolen-vendor-credentials-to-gain-access QUOTE: US retailer Target said on Wednesday that the theft of a vendor’s credentials helped cyber criminals pull off a massive theft of customer data during the holiday shopping season in late 2013.  It was the first indication of how networks […]

Corporations should perform Network Vulnerability assessments and internal PENTESTs on quarterly basis for security exposures.  Annually, a highly experienced security firm can perform more in-depth testing as needed.  Corporations must actively search for weaknesses in their security defenses, as the bad guys are actively engaged in the same process. It’s always better for security team to discover and mitigate these […]

http://www.itproportal.com/2014/01/31/how-to-navigate-the-cloud-5-simple-steps-to-creating-an-effective-cloud-security-strategy/ Security is one of the most commonly mentioned barriers preventing companies from taking advantage of cloud computing. Yet some experts say the cloud could and should be more secure than in-house IT. So how should organizations considering cloud services ensure they maintain security, and what are the key issues to protect data? 1. Taking […]

COBIT standards are among recommended IT best practices that can help meet these stringent audit requirements. The 3rd of 4 articles in JAN 2014 newsletter is very timely.  All 4 articles are excellent guidelines for security and audit professionals in corporate setting. http://www.isaca.org/Knowledge-Center/cobit/cobit-focus/Pages/COBIT-Focus-Volume-1-January-2014.aspx#3   Supporting PCI DSS 3.0 Compliance With COBIT 5By Stefan Beissel, Ph.D., CISA, CISSP […]

Kaspersky Labs warns of WC 2014 email, phishing, and social media attacks http://www.securelist.com/en/blog/208216028/World_Cup_fake_tickets_fake_giveaways_real_attacks QUOTE: The storm of phishing and malware attacks using the theme of the World Cup continues – some months ago we registered several malicious campaigns with this theme. To diversify the attacks and attract more victims, Brazilian cybercriminals decided to invest their […]

As PC Magazine reflects 2013 was a record setting year for Security Breaches: http://securitywatch.pcmag.com/security/320072-data-breaches-hit-all-time-high-in-2013 QUOTE: Target, Neiman Marcus, and Adobe. This past year was pretty rough for them. Was there anything they could have done to avoid the mess of security breaches? Well, yes actually. According to the Online Trust Alliance (OTA)’s latest report, these companies […]