RSAC – Lax Home security affects corporate security

Uncategorized Comments Off on RSAC – Lax Home security affects corporate security

Best security practices should begin at home, as there is valuable personal data at risk. As article notes, almost half of all users surveyed don’t use password protection on mobile devices and valuable data & services are at risk if stolen.  Likewise in corporate environment, even greater levels of safety are needed http://securitywatch.pcmag.com/none/321016-rsac-consumers-lax-security-at-home-affects-businesses QUOTE: What […]

Malware – RAM Scraping Point of Sales attacks in-depth

Uncategorized Comments Off on Malware – RAM Scraping Point of Sales attacks in-depth

Bromium Labs shares in-depth analysis: http://labs.bromium.com/2014/01/13/understanding-malware-targeting-point-of-sale-systems/ QUOTE: Back in 2009 several companies (including Visa and Verizon) published threat reports describing a new kind of malware – RAM scrapers (Verizon report, Visa report). These are malicious programs that search memory of point-of-sale (POS) systems for bank card information. After that a number of blog entries appeared, […]

IE10 Exploit – Recommendation to promptly apply patches

Uncategorized Comments Off on IE10 Exploit – Recommendation to promptly apply patches

Corporate & home users should patch expediently.  IE11 also offers improved protection & functionality.  It has been a solid browser in both home & corporate environments, as “compatibility view” option helps work around legacy site issues. http://securitywatch.pcmag.com/none/321016-rsac-consumers-lax-security-at-home-affects-businesses QUOTE: There’s never a dull moment in the security industry, just as we heard about the latest IE 0day; […]

RSAC – Risks related to Shortage of IT Security professionals

Uncategorized Comments Off on RSAC – Risks related to Shortage of IT Security professionals

Corporate Security must  implement a blend of “technology” and “people” solutions, to safeguard information resources.  While the best technical defenses are always required, users are a vital part of the equation.  Otherwise, attackers will eventually learn enough to bypass physical, technical, or user based controls.  As evident in recent attacks, the highly advanced skills and […]

Information Security Professionals – Reading recommendations

Uncategorized Comments Off on Information Security Professionals – Reading recommendations

PC Magazine shares beneficial resources for IT Security professionals http://securitywatch.pcmag.com/security/320998-books-every-infosec-professional-should-read QUOTE: And now, the top five titles: 1. Cryptonomicon, by Neal Stephenson 2. Confront and Conceal: Obama’s Secret Wars and the Surprising Use of American Power by David E Sanger 3. Kingpin: How One Hacker Took Over the Billion-Dollar Cyber-Crime Underground by Kevin Poulsen 4. The Cuckoo’s Egg: […]

EMET 4.1 – Researchers share recommendations for improvement

Uncategorized Comments Off on EMET 4.1 – Researchers share recommendations for improvement

As EMET 5.0 will improve endpoint security protection, Bromium Labs shared in a responsible disclosure highly advanced techniques that could work around this protective agent.  The research report can be found in this thread:  http://labs.bromium.com/2014/02/24/bypassing-emet-4-1/ http://bromiumlabs.files.wordpress.com/2014/02/bypassing-emet-4-1.pdf QUOTE: We found that EMET was very good at stopping pre-existing memory corruption attacks (a type of hacker exploit).  […]

IRS Warning – Dirty Dozen Tax Scams for 2014

Uncategorized Comments Off on IRS Warning – Dirty Dozen Tax Scams for 2014

Just like “build it and they will come” was theme in “Field of Dreams” …in the e-commerce world – “where there’s money, thieves will come calling” (e.g., e-commerce attacks during holidays) … During the tax refund season, users need to be vigilant and careful to avoid the multitude of scams currently circulating. http://www.networkworld.com/news/2014/022014-irs-tax-scams-278956.html QUOTE: As […]

Office 2003 – Patching Support ends April 8, 2014

Uncategorized Comments Off on Office 2003 – Patching Support ends April 8, 2014

Article documents that Office 2003 and Exchange 2003 patching support also ends April 8, 2014, in addition to Windows XP support http://www.cio.com/article/748133/Windows_XP_Isn_t_the_Only_Software_Getting_the_Knife_in_8_Weeks http://www.microsoft.com/en-us/windows/enterprise/endofsupport.aspx QUOTE: Microsoft will call it quits not only on Windows XP in less than two months, but will also pull the plug on Office 2003 the same day. After April 8, Office […]

Microsoft IE9 and IE10 – FixIt Patch for 0-Day attacks

Uncategorized Comments Off on Microsoft IE9 and IE10 – FixIt Patch for 0-Day attacks

MSRC provides detail information and being on latest version IE11 is most appropriate patch of all  http://blogs.technet.com/b/msrc/archive/2014/02/19/microsoft-releases-security-advisory-2934088.aspx Microsoft released Advisory 2934088 https://technet.microsoft.com/en-us/security/advisory/2934088 IE9/IE10 FixIt available for download  https://support.microsoft.com/kb/2934088 QUOTE: Today, we released Security Advisory 2934088 regarding an issue that impacts Internet Explorer 9 and 10. Internet Explorer 6, 7, 8 and 11 are not affected. […]

Linksys TheMoon” Worm – Impactis vulnerable firmware

Uncategorized Comments Off on Linksys TheMoon” Worm – Impactis vulnerable firmware

The ISC has several informative links on a new LinkSys router worm that is spreading to various models with vulnerable firmware.  So far this new proof-of-concept attack only spreads to vulnerable device but does not appear to compromise data or PC https://isc.sans.edu/diary/Linksys+Worm+%22TheMoon%22+Summary%3A+What+we+know+so+far/17633 https://isc.sans.edu/diary/Linksys+Worm+%28%22TheMoon%22%29+Captured/17630 https://isc.sans.edu/diary/More+on+HNAP+-+What+is+it%2C+How+to+Use+it%2C+How+to+Find+it/17648 QUOTE: At this point, we are aware of a worm that […]


© 2021 Computer Safety & News.
WordPress Theme & Icons by N.Design Studio. Provided by WPMU DEV -The WordPress Experts   Hosted by Microsoft MVPs
Entries RSS Comments RSS Log in