EMAIL SPAM – ZIP Attachments surge in JAN 2014

Uncategorized Comments Off on EMAIL SPAM – ZIP Attachments surge in JAN 2014

As ZIP files are difficult to process by Anti-Spam security tools and even by some AV defense systems, SPAM attacks continue to use approach and users should be careful if files of this type are received unexpectedly http://www.symantec.com/connect/blogs/zip-attachment-spam-makes-grand-return QUOTE: After a long hiatus, spammers are once again using an old trick, where they attach a […]

FBI WARNING – More credit card breaches probable

Uncategorized Comments Off on FBI WARNING – More credit card breaches probable

Credit card holders should carefully check statements and if directly notified of breach, they should change their account information.  FBI notes these sophisticated attacks most likely impacted more than 3 major retailers. http://www.itpro.co.uk/data-leakage/21463/fbi-warns-of-more-credit-card-breaches QUOTE: Target hack likely to just be the beginning. The FBI has warned US retailers to prepare for more cyber attacks after […]

Microsoft Security Research – Mitigating Exploits (JAN 2014)

Uncategorized Comments Off on Microsoft Security Research – Mitigating Exploits (JAN 2014)

Details can be found in this informative research report issued by Microsoft security: http://blogs.technet.com/b/srd/archive/2013/12/11/software-defense-mitigating-common-exploitation-techniques.aspx QUOTE: In our previous posts in this series, we described various mitigation improvements that attempt to prevent the exploitation of specific classes of memory safety vulnerabilities such as those that involve stack corruption, heap corruption, and unsafe list management and reference count mismanagement. […]

Yahoo email attack – Known accounts quickly reset

Uncategorized Comments Off on Yahoo email attack – Known accounts quickly reset

Yahoo quickly took action on all known security breaches from 3rd party sites, by resetting passwords.  When any security breach takes place it is beneficial for all users to reset passwords http://thenextweb.com/insider/2014/01/30/yahoo-warns-unauthorized-access-mail-accounts-adds-second-sign-safety-measures/ QUOTE: Users of Yahoo mail should be aware of a security issue with the email service. Yahoo acknowledged that it has identified a […]

Target Security Breach – Stolen Vendor Credentials used

Uncategorized Comments Off on Target Security Breach – Stolen Vendor Credentials used

Investigators are piecing together more of the puzzle, as security forensic analysis continues: http://www.itpro.co.uk/hacking/21500/target-hackers-used-stolen-vendor-credentials-to-gain-access QUOTE: US retailer Target said on Wednesday that the theft of a vendor’s credentials helped cyber criminals pull off a massive theft of customer data during the holiday shopping season in late 2013.  It was the first indication of how networks […]

Network Security 2014 – Be proactive and PENTEST for security exposures

Uncategorized Comments Off on Network Security 2014 – Be proactive and PENTEST for security exposures

Corporations should perform Network Vulnerability assessments and internal PENTESTs on quarterly basis for security exposures.  Annually, a highly experienced security firm can perform more in-depth testing as needed.  Corporations must actively search for weaknesses in their security defenses, as the bad guys are actively engaged in the same process. It’s always better for security team to discover and mitigate these […]

Corporate Cloud Security – Five key strategies for 2014

Uncategorized Comments Off on Corporate Cloud Security – Five key strategies for 2014

http://www.itproportal.com/2014/01/31/how-to-navigate-the-cloud-5-simple-steps-to-creating-an-effective-cloud-security-strategy/ Security is one of the most commonly mentioned barriers preventing companies from taking advantage of cloud computing. Yet some experts say the cloud could and should be more secure than in-house IT. So how should organizations considering cloud services ensure they maintain security, and what are the key issues to protect data? 1. Taking […]

Sarbanes-Oxley Standards – PCI DSS 3.0 Compliance With COBIT 5

Uncategorized Comments Off on Sarbanes-Oxley Standards – PCI DSS 3.0 Compliance With COBIT 5

COBIT standards are among recommended IT best practices that can help meet these stringent audit requirements. The 3rd of 4 articles in JAN 2014 newsletter is very timely.  All 4 articles are excellent guidelines for security and audit professionals in corporate setting. http://www.isaca.org/Knowledge-Center/cobit/cobit-focus/Pages/COBIT-Focus-Volume-1-January-2014.aspx#3   Supporting PCI DSS 3.0 Compliance With COBIT 5By Stefan Beissel, Ph.D., CISA, CISSP […]

World Cup 2014 – please be careful with Malware attacks

Uncategorized Comments Off on World Cup 2014 – please be careful with Malware attacks

Kaspersky Labs warns of WC 2014 email, phishing, and social media attacks http://www.securelist.com/en/blog/208216028/World_Cup_fake_tickets_fake_giveaways_real_attacks QUOTE: The storm of phishing and malware attacks using the theme of the World Cup continues – some months ago we registered several malicious campaigns with this theme. To diversify the attacks and attract more victims, Brazilian cybercriminals decided to invest their […]

Security Breaches – 2013 was record setting year

Uncategorized Comments Off on Security Breaches – 2013 was record setting year

As PC Magazine reflects 2013 was a record setting year for Security Breaches: http://securitywatch.pcmag.com/security/320072-data-breaches-hit-all-time-high-in-2013 QUOTE: Target, Neiman Marcus, and Adobe. This past year was pretty rough for them. Was there anything they could have done to avoid the mess of security breaches? Well, yes actually. According to the Online Trust Alliance (OTA)’s latest report, these companies […]


© 2019 Computer Safety & News.
WordPress Theme & Icons by N.Design Studio. Provided by WPMU DEV -The WordPress Experts   Hosted by Microsoft MVPs
Entries RSS Comments RSS Log in