MailWall - Mail protection, security and redundancy service
Some quick links to
Testing your system's security
- CLICK HERE
Spyware Dissected: The Worst Spyware Programs on the Internet
Rather SCARY -- but a must-watch e-seminar!
Home PC Firewall Guide Personal firewall guide)
Firewall Leak Tester
PC Flank's Tests ...
Browser Test -
Trojans Test -
Stealth Test -
Advanced Port Scanner -
Firewall Leaktest
Virustotal -
Offers a free service for scanning suspicious files using several antivirus engines.
Matousec's Comprehensive List and Analysis of Personal Windows Firewalls
File Research Center --
Free File and Process Information
Provides a free scanning service to identify what is running on your computer, plus free
information about safe and unsafe files, processes, services, spyware, adware, malware, trojans, and other programs that may be on your computer.
10 things you should do to a new PC before surfing the Web
The top 10 security land mines
-
CCSS Forum - Common Computing Security Forum - a voluntary organization of security software vendors, operating system providers, and Internet browser software creators, all working towards eliminating malware.
-
Six urban myths about encryption - "In reality, encryption solves
only three problems: first, protecting data that moves
physically or virtually, second, protecting data-at-rest, and
finally, restricting access when access controls aren't
sufficient. It seems simple, but misapplication or mis-implementation
of encryption occurs time and time again."
- Gordon Lyon (who often goes by the pseudonym Fyodor) runs the Internet security resource sites
Insecure.Org, Nmap.Org,
SecLists.Org, and SecTools.Org
and developed/maintains the Nmap Security Scanner.
- Top 100 Network Security Tools -
"Anyone in the security field would be well advised to go over the list and investigate tools they are unfamiliar with."
-
Inside
the Windows Vista Disk Encryption Algorithm - Windows Vista
Enterprise and Ultimate editions use Bitlocker Drive Encryption,
which encrypts all data on the system volume. At the heart of Bitlocker
is the AES-CBC + Elephant diffuser encryption algorithm.
- The
Long-Term Impact of User Account Control (in Windows Vista) -
What UAC appears to be, what it is, and what it is not.
-
The top 10 reasons Web sites get hacked
-
Attrition.org -
a computer security Web site that maintains one of the largest catalogs of security advisories,
text files, and humorous image galleries. They are also known for the largest mirror of Web site defacements
and their crusade to expose industry frauds and inform the public about incorrect information in computer security articles.
- The Attrition mirror -
an archive of defaced web sites. (A web defacement is when the content of a public web page is altered by someone
other than the legitimate person responsible for the machine or pages, regardless of reasons or motivation.)
- The short life and hard
times of a Linux virus - "Why aren't the existing Linux viruses
anything more than a topic for conversation? Why don't they affect you
in your daily computing in the way that MS viruses affect Windows
users?"
- 5
ways to win the PC security battle
- BD-BrandProtect - Protect
your precious marketing brand online
- Protecting Australian Families Online
NetAlert is part of the
Australian Government's ongoing commitment to providing a safe online
environment for all families, especially children.
- Safe
online havens for kids - At a time when cyber stalking is
daily news, it's no wonder parents are often confused about which
websites they should let their children visit. But if you want to stay
on top of what kids are doing online without being too intrusive, and be
able to make occasional cool suggestions, read this article.
- 10
Things Everyone Should Know About Bank Errors - Whether money is
accidentally put in your account or taken out, this article can help you
know what to do so your finances and those of others remain
secure.
- OpenID ...
- Beginner's guide to
OpenID phishing - OpenID is
a web-based, distributed authentication protocol set to become a
standard way of signing in to websites. OpenID enables you to keep
control over your own identity by separating identity 'providers' and
'consumers'. You register your 'identity' or 'account' at a single
OpenID provider and then you have instant access to a vast array of
service providers that are OpenID consumers. However, OpenID is also
highly susceptible to phishing attacks in the way it is currently
used.
- The Identity Corner >>
The
problem(s) with OpenID - "OpenID is pretty much useless. The
reasons for this are many: OpenID is highly vulnerable to phishing and
other attacks, creates insurmountable privacy problems, is not a trust
system, suffers from usability problems, and makes it unappealing to
become an OpenID consumer."
- Security or
Compliance? - The current regulatory environment is strongly
impacting their organizations, the majority of departments are not
conducting annual security-related compliance activities. An overly
heavy focus on compliance can weaken the overall security posture.
- Most
Damaging Attacks Rely On Stolen Log-ins - Attacks based on
logging in with stolen or hijacked credentials cost businesses far more,
than the typical worm or virus assault. More than 8 out of every 10
computer attacks against businesses could be stopped if enterprises
checked the identity of not only the user, but also the machine logging
onto its network.
-
Security
and Privacy: Twins of Different Mothers - This article discusses
how security and privacy professionals can get beneficial results by
closely aligning their work.
- How to Save the Internet
- ICT Security Standards Roadmap
- Escaping
email hell - "Outside of the sex trade, Viagra is probably not
considered an essential daily ingredient for promoting workplace
productivity. But that doesn't stop most of us having to sift through
countless emails each day, offering us the virility miracle-drug at a
low price or enticing us to receive large deposits in our bank accounts
from former African despots. Email promised to make business faster,
cheaper and more efficient. Yet increasingly Australian businesses and
their employees are frustrated by the amount of time email and other
"time-saving" technology is taking."
- Rootkits ...
- Fundamental Computer
Investigation Guide for Windows - discusses processes and
tools for use in internal computer investigations. It also presents an
applied scenario example of an internal investigation that uses Windows Sysinternals
- Sysinternals - provides advanced utilities,
technical information, and source code related to Windows
NT/2000/XP/2003 and Windows 9x/Windows Me internals "that you won't find
anywhere else." (Mark Russinovich and Bryce Cogswell alone write and
update everything on this site.) ... [Webmaster: SysInternals was
purchased by Microsoft in August 2006]
- RootkitRevealer - an advanced Rootkit
detection utility. (The term rootkit is used to describe the
mechanisms and techniques whereby malware, including viruses, spyware,
and trojans, attempt to hide their presence from spyware blockers,
antivirus, and system management utilities.)
- Nessus - "the world's most
popular vulnerability scanner used in over 75,000 organizations
world-wide. Many of the world's largest organizations are realizing
significant cost savings by using Nessus to audit business-critical
enterprise devices and applications. The Nessus Project was started in
1998 to provide to the internet community a free, powerful,
up-to-date and easy to use remote security scanner."
- The
10 Most Common Internal Security Threats - While
external threats are as virulent as ever and need to be guarded against
with firewalls and other defences, it is very important to pay attention
to internal weaknesses.
- InternetPerils.
- offers products for Internet business risk management ... "to
quantify and visualize heretofore invisible perils and anomalies in the
Internet, giving risk managers in IT and finance departments the ability
to identify, track and analyze adverse performance episodes and service
interruptions beyond the firewall and thus beyond their direct control."
- Security
expert recommends 'Net diversity - the latest security threats
and what network executives can do to mitigate them. "The whole
enterprise is no longer an island; it's an archipelago of islands that
need to be protected individually, even down to the single-machine
level. This means that you have to treat all of those machines as
outside your perimeter for purposes not only of protecting them but of
protecting your other machines from them. So when somebody comes back in
with a laptop after they've been off-site, you can't trust it simply
because it's a company-issued laptop unless you have applied specific
control measures. This mode of thinking has to go down to the
individuals who are using the systems.... With network diversity, they
won't have to reboot the entire enterprise. In fact, if they have
diversity and appropriate alarms in place, they may detect the attack
sooner."
- Microsoft Security
Corner, for Various Types of Organization ...
- Six Easy Pieces
for Computer Security - This article from Microsoft presents six
easy steps that every company should take to enhance computer
security in terms of getting the proverbial biggest bang for the
security buck. Each suggestion is described in some detail with links
to more in-depth treatments, templates, and tools.
- Security
Guidelines for Professional Services Firms - When it comes
to security, professional services companies are hampered by tight IT
budgets, an ever-increasing amount of content, and a lack of dedicated
security personnel. Protecting data at services firms may require a
melding of technology and services to get the job done. This article
offers some guidelines to help midsize professional service firms.
- Key Steps to
Protecting a Financial Services Company - Few organizations
face more or greater security threats than financial services
companies. Here are the first and most important steps every financial
services business should take to safeguard its customers, protect its
assets, and comply with regulations.
- How to Evaluate
Your Supply Chain's Security - Is your IT network's
security at risk from outside partners and suppliers? Learn how you
can help protect your business.
- Government
Security Computer Checklist - This checklist outlines the seven
security matters that every government organization should address in
attempting to protect its computer systems.
- Government's
Big Security Challenge: Keeping Data Private - The realm of
government IT security is expanding into the realm of secure and
reliable communications in times of citizen crisis. IT teams must
guard against security failures that will erode public trust. This
article outlines the key components that comprise the ever-growing
task list of government IT teams and provides three areas those teams
should focus on when it comes to security -- both now and in the
future.
- Security
Guidance Center for Education - Get the prescriptive
technical guidance, tools, training, and updates you need to plan and
manage a security strategy that's right for your school or
university.
- Blasting
away security myths - Roger A. Grimes is always amazed by
security myths -- like "security by obscurity" not working -- that are
propagated as fact by readers, instructors, leaders, and writers. He
says: "Too many computer defenses and books concentrate on the wrong
problem -- the hackers instead of the malware. How can anyone give you
the correct defense if you don't understand the correct problem?" and he
points out the biggest security threat to any environment, plus the
single best thing you can do to prevent malicious e-mail attacks.
- Deconstructing
Common Security Myths - Security is everyone's responsibility,
and there are things that we all can do to create a safer computing
environment. This article from Microsoft discusses common security
myths, major new security technologies, and best practices for improving
security in your infrastructure.
- Security
is Easier — And Crooks Are Dumber — Than You Think - "Most
people just don't make use of the technology they have available. They
could prevent 95 percent of their problems by making a few simple
changes in the way they do things with what they have already. ... You
will still have problems, but with the basics in place you can start to
deal with defense-in-depth measures, ... We have so much sitting in
front of us that we ignore. Tools like access controls, which limit user
and remote access to networks, are available but don't get
used."
- Is encryption really
crackable? - For a secure E-Commerce transaction, the data being
transmitted is moot after a few decades which is why 128-bit encryption
is perfectly suitable since it's considered unbreakable for the next few
decades. For top secret classified data that needs to remain
secret for the next 100 years.
- TrueCrypt - FREE open-source
disk encryption software for Windows XP/2000/2003 and Linux.
- Kruptos 2 - a FREE, powerful
128-bit file encryption utility for Windows XP/2000/200 that allows you
to secure any sensitive files stored on your PC or portable storage
device, including a file shredding utility and the ability to generate
self decrypting files.
- Encrypt your
files to keep them safe - When using a computer, privacy is
paramount. And even more so if you run your own business. Discover how
you can help protect private customer and financial information by using
its Encrypting File System (EFS) with Windows XP Professional.
- A Day in
the Life of an Information Security Investigator - Follow
an Information Security Investigator as he recounts his unique
experiences working with federal, corporate, and military institutions
and provides his perspective on the security issues impacting the IT
industry today.
- NITRD - U.S. National Coordination Office
for Information Technology Research and Development
-
Top
tips for security staff - every worker should be aware of these
security practices
- A Taxonomy of Privacy - "Privacy is a concept in
disarray. Nobody can articulate what it means. As one commentator has
observed, privacy suffers from "an embarrassment of meanings." Privacy
is far too vague a concept to guide adjudication and lawmaking, as
abstract incantations of the importance of "privacy" do not fare well
when pitted against more concretely-stated countervailing interests. ...
Privacy seems to be about everything, and therefore it appears to be
nothing."
- The Right to Privacy (by Warren and Brandeis) -
"The intensity and complexity of life, attendant upon advancing
civilization, have rendered necessary some retreat from the world, and
man, under the refining influence of culture, has become more sensitive
to publicity, so that solitude and privacy have become more essential to
the individual; but modern enterprise and invention have, through
invasions upon his privacy, subjected him to mental pain and distress,
far greater than could be inflicted by mere bodily injury."
- Eight
Ways to Defend Against Pretexting (acquiring of personal
information under false pretences)
- Pretexting (from
Wikipedia, the free encyclopedia) - "Pretexting is the act of pretending
to be someone who you are not, by telling an untruth, or creating
deception. The practice of pretexting typically involves tricking a
business into disclosing personal information of a customer, with the
scammer pretending to be the customer."
- Patterns:
IT Systems Management and Security (an IBM Redbook) - reviews the basic concepts of security
component design, following the Method for Architecting Secure Solutions
(MASS), and introduces the security system management service view
together with Patterns for IT security management.
- Microsoft
Expert Lays Down 7 Laws of ID Management - "The public is
suspicious of most computerized identity verification systems because
they are based on a jumble of policies and technologies that in many
cases leave them vulnerable to identity theft. ... The computer industry
shouldn't be surprised that the public has a fundamental distrust of
computer passwords and log-on procedures because they provide so many
opportunities to expose personal information and assets. ... Part of the
problem is that companies ask people over and over again to provide
personal information to gain access to essential services."
- Microsoft
Identity and Access Management - a series of papers provides
numerous identity and access management concepts, techniques, and
solutions for use in heterogeneous IT environments.
- It’s
Me, and Here’s My Proof -- Why Identity and Authentication Must Remain
Distinct - this Microsoft article explores the concepts of
identity, authentication, and authorization, helps you understand their
important distinctions the increasingly common tendency to combine the
first two.
- Kim Cameron's Identity
weblog - "about identity in a virtualizing world" >> The 7
Laws of Identity
- Do
you trust your administrators? - It’s a serious question, and it
deserves serious thought. Can you trust the very people you hire to
build, manage and keep intact the mission-critical networks upon which
your business successes -- and even its very survival -- depend?
- Viruses:
The New Weapon of Choice for Workplace Violence Offenders - in
today's era of increased outsourcing, corporate downsizing, salary
reductions and failed pension-plan promises, company networks are
increasingly being attacked by disgruntled employees. In this hostile
environment, searching for the source of sabotage should start inside.
This article offers about workplace violence-prevention skills
[ Back to Top]
- The Ponemon Institute (privacy
specialists)
- Ethical
Information Managmement - "a process for ensuring trust and
confidence in how a company’s leaders conduct business. Specifically,
it has to do with the alignment of the privacy preferences of key
stakeholders -- such as consumers, employees, the general public --
with business, data and technology management practices within the
organization.
- Follow
the dollars to IT security jobs - While some headlines might
scream about a drop in job ads they don't reflect what's happening in
the IT security sector. In the next five years guardians of IT security
will almost double.
- The
Australian Spam Act in Profile (Part 1) - looks at the
Australian Spam Act, which came into force in April of 2004 ... how the
Act is structured and how it is's already making significant progress in
the ongoing battle against spam.
- Internet Telephony / VoIP ...
- Can
9 Million Skype Users Be Wrong? - Corporate benefits, and security
concerns. (The positives for, and negatives against, using
Skype for VoIP, instant messaging and file transfer.)
- SPIT
Into This, Please ... SPAM over Internet Telephony -
"Picture the world of voice traffic on the Internet as a dark and
forbidding place, rife with mobsters, con artists and shadowy sellers
of dubious products. ... Low costs brought on by outsourcing and
offshoring, coupled with VoIP communications that are essentially
free, can bring hundreds of calls from these people every day."
- 'Severe' Vulnerabilities Are Possible in
VOIP, Official
Warns - The
growth of VOIP technology brings with it some significant risks that
users need to be prepared to address: open source eavesdropping
tools, digital phone calls could be edited by digital voice editors
(to add, remove or change words without any possibility of detection),
bugging a room using on-hook audio (a technique in which hackers or
spies can turn on the microphone in a VOIP handset while it remains on
its cradle -- the phone would appear to be operating properly while
actually transmitting every sound within its range to a remote site),
vulnerabilities related to soft phones (software that works like a
phone, running on a PC and therefore vulnerable to worms, viruses and
Trojan horses, and that could spread these problems throughout the
voice network(, and SPIT (spam over Internet telephony).
- Privacy
Guru Locks Down VOIP - Phil Zimmermann, creator of the wildly
popular Pretty Good Privacy (PGP) e-mail encryption program, is
debuting his new project, which he hopes will do for internet phone
calls what PGP did for e-mail. ... The Public Switched Telephone
Network (PSTN) is like a well-manicured neighborhood, (while) the
internet is like a crime-ridden slum," Zimmermann said. "To move all
of our phone calls from the PSTN to the internet seems foolish without
protecting it."
- Skype
Security Evaluation - by Tom Berson of Anagram Laboratories ... "This paper contains the first authorized description of the
Skype cryptosystem. Skype P2P sessions are encrypted end-to-end at the
session layer. Session keys are created using a key-agreement protocol
which provides each peer with proofs of freshness and authenticity,
and which allows each peer to contribute bits toward the session key.
Authenticity and identity are rooted in the Skype Certificate
Authority. We analyze the cryptosystem as of Skype Version 1.3. We
conclude that is is generally well-designed and correctly
implemented."
- Ten
Not-So-Simple Rules For Using The Internet - "Even technically
sophisticated users lose perspective on security at times. We all want
breaches of security to be someone else's fault and we don't want to
have to deal with the inconveniences of running a secure system."
- Reduce
Your Risk: 10 Security Rules To Live By
-
10 Immutable Laws of Security
- Law #1: If a bad guy can persuade you to run his program on your computer, it's not your computer anymore
- Law #2: If a bad guy can alter the operating system on your computer, it's not your computer anymore
- Law #3: If a bad guy has unrestricted physical access to your computer, it's not your computer anymore
- Law #4: If you allow a bad guy to upload programs to your website, it's not your website any more
- Law #5: Weak passwords trump strong security
- Law #6: A computer is only as secure as the administrator is trustworthy
- Law #7: Encrypted data is only as secure as the decryption key
- Law #8: An out of date virus scanner is only marginally better than no virus scanner at all
- Law #9: Absolute anonymity isn't practical, in real life or on the Web
- Law #10: Technology is not a panacea
-
The
dangers of reactive security - Reactive security fails to
protect, fails to respond in time, doesn't meet compliance regulations
and is an example of overspending while under-protecting assets. ...
"It's a malware world and we need to protect our systems from it. ...
24x7 data centers, VoIP, next generation PDAs, "smart" phones and P2P's
expanding reach. ... Such technology creates increasingly complex
systems that need a more proactive approach to security." The article
offers six steps for organizations wanting to move toward a more
strategic, proactive security model.
-
Evolutionary
Systems Design: Recognizing Changes in Security and Survivability
Risks - "In the absence of countermeasures, a system’s security
and survivability will degrade over time. Changes in the environment or
usage of a system, or changes to the elements that compose the system,
often introduce new or elevated threats that the system was not designed
to handle and is ill-prepared to defend itself against. ... It is
essential that significant risk management resources be devoted to the
ongoing evolution of any mission-critical system. The successful
evolutionary design of a secure and survivable system is dependent on
the continual monitoring of the system and its environment to detect
changes that may affect the risk management assumptions on which the
system’s security and survivability are founded."
-
Dealing with
worst-case scenarios - "Imagine a natural disaster the
likes of Hurricane Katrina or a terrorist attack on a major city wipes
out business operations. In the mad dash to get back online as quickly
as possible, security protocols and procedures take a back seat to
regaining business continuity. And that's when a second catastrophe
occurs: Information systems are vulnerable to attackers, who see an
opportunity in the chaos as companies are forced to rely on backup
operations (or even pen and paper). ..."
-
Corporate
focus on compliance could hurt security - "Companies that make
regulatory compliance the sole driver of their information security
efforts could be weakening their long-term security posture instead of
improving it. ... Therefore, it's better to make compliance a by-product
of a broader corporate security strategy -- not its sole end
objective."
-
To
Convergence (and Back) ... Security convergence -- that is,
the true meshing of physical and cybersecurity along with business
continuity management -- is one of the most logical concepts that's been
introduced to the security world in a very long time.
- Using Threat
Analysis to Design More Secure Systems - See how to design
and build more secure systems by evaluating threats and selecting
technologies to counter those threats.
-
CIOs
Learn Very Little From Security Audits - Security experts agree
that audits are only as strong as the instructions the auditors are
given. Many are executed under such tight restrictions that they reveal
little that the CIO didn't already know. ... A vulnerability
assessment is in no way an audit. Vulnerability tests are generally
about 13 to 15 percent as effective as an audit. ... "A lot of
companies are spending money to pass the audit because they have to.
They don't want to be secure. They don't care about being secure. You
can be incredibly vulnerable and still pass an audit or
assessment."
- ISACA - Information Systems Audit
and Control Association - "a pace-setting global organization
for information governance, control, security and audit professionals."
... ISACA has more than 47,000 members in 170 local chapters
worldwide.
-
COBIT - "a
generally applicable and accepted standard" for good IT security and
control practices that provides a reference framework for management,
users, and IS audit, control and security practitioners.
- COSO - The Committee of
Sponsoring Organizations (of the Treadway Commission, USA) - "a
voluntary private sector organization dedicated to improving the quality
of financial reporting through business ethics, effective internal
controls, and corporate governance."
-
Net visionary urges
e-mail ID standard - Making mass e-mailers identifiable is the
first step toward curing the epidemic of spam, said Vint Cerf, one of
the architects of the Internet.
- How to
Stop Spam - how AOL stops spam, and how they recommend that
other ISPs should do it.
-
Will
Passphrases Foretell the
Death of Pa55.W0rd5? (Passwords) - How long and complex
should a password be? At what point is it effectively uncrackable?
-
Bill
Gates predicts death of the password and
Password
imperfect
-
Finding
a replacement for passwords - As online scams get more
sophisticated, passwords are becoming hopelessly outmoded ... Yet many
businesses and nearly all consumers still rely on passwords as the
primary means of verifying who they say they are.
-
What
Two-Factor Authentication will do and won't do - Bruce Scheier
explains: "Passwords just don't work anymore. As computers have gotten
faster, password guessing has gotten easier. Ever-more-complicated
passwords are required to evade password-guessing software. At the same
time, there's an upper limit to how complex a password users can be
expected to remember. About five years ago, these two lines crossed: It
is no longer reasonable to expect users to have passwords that can't be
guessed. For anything that requires reasonable security, the era of
passwords is over. ... Two-factor authentication solves this problem. It
works against passive attacks: eavesdropping and password guessing. ...
What two-factor authentication won't do is prevent identity theft and
fraud. It'll prevent certain tactics of identity theft and fraud, but
criminals simply will switch tactics. ..."
[ Back to Top ]
- Which
is more secure - Windows or Linux? (Microsoft scores well
on security analysis) ... Which
platform will save you from the nasties?
- Why
Linux Is More Secure Than Ever
- Linux is
insecure. Open source is insecure. Windows is insecure. All software
is insecure. Deal with it.
- Microsoft's
Security Response Center - How Little Patches Are Made - how
Redmond handles the creation of software patches—and an explanation for
long delays in fixing known vulnerabilities.
- Threats and Countermeasures: Security Settings in Windows
Server 2003 and Windows XP - This guide is intended primarily
for consultants, security specialists, systems architects, and IT
professionals who are responsible for the planning stages of application
or infrastructure development and the deployment of computers that run
Windows XP or Windows Server 2003 in enterprise environments, not for
home users. (The guide is a companion to the Windows Server 2003 Security Guide and the Windows XP Security Guide )
- Security
Protocols - catching security bugs in software products
- An
Applications View on Security - the only completely protected
machine is one that's disconnected from the network and preferably
turned off. ... Two factors intensify the hazards facing enterprise
development professionals. First, the growing dominance of Web-enabled
applications exposes developers' finished products to a vastly larger
army of attackers. Second, the rapid development cycles of
customer-facing or supply-chain-partnering software mean that most new
code is never really finished at all.
- SPI Dynamics - a leading
provider of Web application security testing products. A suite of
application security products and services that support the entire Web
application lifecycle, from development and quality assurance to
deployment, ongoing operations management and auditing.
- Microsoft says: Firewalls
are leaking - ""We are all bloody lucky that something hasn't
obliterated IT on earth. ... Firewalls are like retarded routers. They
just look at the ports, sources and destinations they like. If a train
comes from Gare du Nord [Paris] to Waterloo [London] via Eurostar you
allow it to enter the country because you trust it. That's what
firewalls currently do. They don't check to see if al-Quaeda is riding
inside."
- Home PC Firewall
Guide - access to basic information about and independent,
third-party reviews of Internet security and privacy products for home,
telecommuter, and SOHO (small office, home office) end-users.
- You
Need a (properly configured) Firewall - A firewall's wizards are
helpful but can't make every decision. A wrong choice can create a false
sense of security.
- The Need
for Internal Network Security (webcast) - Recent findings indicate
that between 50 - 80% of all network attacks originate from inside
the enterprise. Hear what steps can you take to address the security
challenges unique to internal networks.
- Firewalls
a distraction (says a security researcher) - a preoccupation
with firewalls for information security is dangerous because it can
divert attention and resources away from locking systems down.
- Spyware: IT's
public enemy No. 1 - What's the biggest
threat to business networks in 2005? Front-line IT managers and security
firms increasingly peg spyware as public enemy No. 1.
- The
Chaotic World of Defining Spyware - Anti-spyware vendors each
use different criteria for classifying spyware applications, leading to
chaos, confusion and a drastic increase in legal threats. "Today, the
industry uses different approaches, definitions and types of criteria
for identifying and categorizing spyware and other potentially unwanted
software, which limits the industry's ability to have a broad,
coordinated impact in addressing the problem."
- Tech
companies feel the heat - Spyware problems have become
especially pernicious, leaving tech companies [hardware, software
and service providers] scrambling to respond to customers who don't
necessarily realise they have spyware. ... The companies are concerned
about the cost of dealing with such calls. But perhaps more worrisome,
they fear customers will wrongly blame them. .. Forrester Research said
a spyware-related support call can cost $US15 to $US45, and companies
may lose business.
- New Scam
Tactic Hits Online - In the escalating clash between
online scammers and security vendors, the attackers have once again
developed new tactics that give them the upper hand in bypassing filters
and infiltrating corporate networks, experts say. The new techniques
involve the use of a process called steganography, or embedding
or hiding text in an image. In some cases, the image files include
hidden code designed to exploit known vulnerabilities in e-mail clients
and Web browsers.
- Enemies
in Disguise - be wary of portable storage devices such as
iPods and USB flash drives. ... These devices can present serious
security threats: Not only could disgruntled employees use them to
download massive amounts of sensitive corporate data, but they could
also be used to introduce viruses into the network.
- Device
Trails - How Windows Remembers Your Connections ... Modern
hardware devices contain information that assists the operating system
in finding appropriate drivers — and intruders in finding out who
was doing what when. This article explains how via Plug-and-Play (PnP)
works for Vista and earlier versions of Windows, device forensics, and
the related security exposures.
[ Back to Top ]
- Desktop
search new target for viruses?
- Web
services look set to be the next big risk - "Where new
technologies go, new vulnerabilities follow." ... Web services is the
next technology to fall victim to the security gap.
- Gartner
analysts point out the security you DON'T need
- People are Still the Biggest Security
Risk - However good your security technology is, it won't
keep out intruders unless your staff are properly trained to keep their
computers secure. Research shows companies are still reluctant to spend
time and money training staff in this crucial area.
- Don't Toss
That Personal Firewall (with the arrival of Windows XP
SP2)
- Keep your PC safe -
Learn to wield your firewall, anti-virus and anti-spyware tools
expertly.
- NAT enough? - How much security do you get with
typical inexpensive home (SOHO) routers? These are often
described as "NAT firewalls." The answer is that you do get protection,
and it's not negligible, but a clever attacker can get past the NAT in
any number of ways to hijack it or damage it, so you need to take
additional preventative measures.
- Unpatched PCs compromised
in 20 minutes - an unpatched Windows PC connected to the
Internet will last for only about 20 minutes before it's compromised by
malware, on average (down from around 40 minutes in 2003).
- Hidden
office systems a can of worms - The next time you walk past your
network printer, see if you can guess which operating system is running
under the hood. ... Embedded devices cause serious security
problems in some of the world's biggest organisations. PABX
telephone switches, Voice over Internet Protocol devices, printing
stations and other systems introduce dangerous vulnerabilities to
computer networks.
- Application
Vulnerability Description Language (AVDL) - security
vulnerabilities for Web Services and Web applications are addressed by
this new OASIS
standard.
- Common Vulnerabilities and Exposures
(CVE) - "a dictionary of common names (i.e., CVE Identifiers) for
publicly known information security vulnerabilities, while its Common
Configuration Enumeration (CCE) provides identifiers for security configuration
issues and exposures. CVE's common identifiers makes it easier to share
data across separate network security databases and tools, and provide a
baseline for evaluating the coverage of an organization's security
tools. If a report from one of your security tools incorporates CVE
Identifiers, you may then quickly and accurately access fix information
in one or more separate CVE-compatible databases to remediate the
problem."
- Crypto researchers
abuzz over flaws (August 2004) - Encryption circles are
buzzing with news that mathematical functions embedded in common
security applications have previously unknown weaknesses.
- Research Casts Doubts About SHA-1's
Effectiveness (February 2005) - A paper by Chinese security
researchers lays out several newly discovered problems with the SHA-1
hash algorithm, a standard that is used the world over. It describes a
series of collisions in the algorithm that can allow attackers to forge
digital signatures.
- What
the breaking of SHA-1 means - should we immediately dump
our investment in SHA-1 technology?
- TrueCrypt - FREE open-source
disk encryption software for Windows XP/2000/2003 and Linux.
- Company
execs admit IT idiocy - Most of the world's top executives now
consider security the single most important issue for their corporate
networks. While at the same time nearly four in five admit they open
email attachments from strangers.
- Nowhere To
Hide - "Your information is out there. And thanks to database
technology that has become ever more pervasive, it can be aggregated and
collated and turned into a startlingly comprehensive dossier on you in
the blink of an eye. Okay, so maybe you should be a little worried. ...
One thing you should not be is surprised."
- ALARMED:
The Offshore Sniff Test - When it comes to offshore outsourcing,
the real privacy problem is what companies are keeping secret. ...
There's a tremendous amount of concern right now about the risks of
having personal information, especially financial information, shipped
overseas and processed by the lowest bidder. Sending data offshore
introduces cultural, geographical and most of all legal complexities to
keeping the information secure and private.
- Browser
Hijacking & How to Stop It
- HijackThis - a FREE tool that lists all installed
browser add-on, buttons, startup items and allows you to inspect, and
optionally remove selected items.
- SpywareInfo
- The
threat of Browser Helper Objects - BHO attacks are
intended to steal user account access information through the use of a
keystroke logger. The logger will completely bypass the “locked”
security designation for which users have long been trained to watch.
- BHODemon
(FREE) - lets you monitor and disable "Browser Helper Objects"
- CoreStreet >>
SpoofStick - a simple
browser extension that helps users detect spoofed (fake)
websites. SpoofStick makes it easier to spot a spoofed
website by prominently displaying only the most relevant domain
information.
[ Back to Top ]
- Securia (December 2004) >>
Almost all browsers are vulnerable to the "Window
Injection" Vulnerability (run the test demonstration on
this page to see the vulnerability in action in your own browser).
This function built into all major browsers -- fully patched,
standard versions of Internet Explorer, Firefox, Opera, Konqueror and
Safari are affected -- could be co-opted by attackers to fool Web
site visitors into surrendering sensitive information.
- The Netcraft
Toolbar (anti-Phishing toolbar)
Designed for your to
...
- Protect your savings from Phishing attacks
- See the hosting location of every site you visit
- Help defend the Internet community from
fraudsters
- FIGHT SPLOG! - "Splog"
is short for Spam Blog. Spam blogs are blogs that don't provide any real
content for users. They exist solely to game the search engines. ...
Splog clutters the internet with useless content.
- Study -
Small firms cook up more spam - most small businesses don't
have the same IT resources as their larger competitors. ... You also
have to wonder if people at these companies aren't contributing to the
problem ... Conducting business publicly on the Web -- specifically
publishing company e-mail addresses online -- is another surefire way to
garner heaps of spam.
- Phishers
lie in wait for Google searchers - Phishers are setting up
fraudulent e-commerce Web sites and simply waiting for victims using
Google and other search engines to find them, security company
CyberGuard has warned. Traditionally, phishing scammers have lured
their victims to fraudulent Web sites by sending official-looking
e-mails that are ostensibly from well-known companies asking users to
'verify' their user names and passwords. Now many are setting up
legitimate looking e-commerce sites that disguise links to malicious
software as pictures of goods on sale. ... When Web shoppers search the
Internet looking for products they want to buy, they could be directed
to a plausible e-commerce site that instructs them to "Click here to
download images" of the product. ... Instead of linking to pictures of
the advertised product, the links point to a self-extracting Zip file
that installs a Trojan horse on the victim's computer. The program could
then steal personal and financial information.
- Adam Shostack
- Few
Are The Phishers - a small handful of miscreants are responsible
for the vast majority of phishing attacks, giving hope to authorities
going after such criminals. ... Just five bot networks generate
virtually all the world's phishing scams. ... Even though tracing
phishing attacks to their source is difficult, the fact that there seem
to be a limited number of groups sophisticated enough to pull off such
scams is giving law enforcement some hope.
- Fighting Phish, Fakes and
Frauds -
Companies on the front lines of the phishing wars share tactics for
making their sites spoof-proof and protecting online
transactions.
- Fight 'phishers' - 4 tips to avoid identity
theft
and Help Protect Yourself from Online Crime
and What you should know about phishing identity-theft scams
(video)
- Fight Identity Theft
Blog
- Script
Injection Makes Phishing Harder to Catch - Cross-site scripting
(XSS) attacks have become one of the better-known Web security
vulnerabilities over the past four years, but they are still easy to
carry out on large sites handling sensitive information, such as major
banks. ... They make phishing attacks — which attempt to swipe user
login information — harder to spot, even for the most alert users. And
while they are simple for site designers to prevent, the errors seem to
keep slipping through.
[ Back to Top ]
- Microsoft
Spyware home page
- 5 tips for spurning spyware and
browser hijackers - Has your Web browser been taken over
by something? Spyware, Adware, Web Bugs?
- Home invasion - Unwanted search engines, incessant
pop-up ads, websites that hijack the browser and programs that promise
salvation but bring their own parasites instead - it seems the sneaky
are getting sneakier. Whether you prefer to call them adware, spyware or
malware, the programs that lurk are getting harder to remove from our
systems.
- A
spyware mystery - Who's behind it? - In less than two years,
CoolWebSearch
(also known as WWWCoolWebSearch) has become the bane of the
computing industry. ... Any time anti-spyware engineers find a way to
stop the hijacking, a new variant pops up, sneakier than its
predecessor. There are now dozens of variants.
- 21 August 2004 ... Drag-and-drop
flaw mars Microsoft's latest Windows XP SP2 update
- Top 10 "Most
Unwanted" Spyware Named
- Spyware/Adware,
The New Real Security Problem - How can spyware and adware be
such a festering problem when worms and viruses are comparatively under
control? Why do the major security software companies emphasize the
classic viruses and worms and largely ignore spyware and adware? The
problem is a challenging one to the software industry.
- invisiblethings.org
- "a non-profit website dedicated for sharing the thoughts of its author
[Joanna Rutkowska] in the area of computer systems and network security.
Due to its high level of technical content, the website is mainly
destined for other security researchers and computer security
enthusiasts, rather then end-users. The author believes that sharing
information about new attacks and defensive techniques may help others
with designing more secure systems in the future."
- Minimizing
Liability and Risks: How to Control Spyware, Hacking Tools and Other
Harmful Applications
- Code
cracker (anti-hacker) - What does an ethical hacker do?
- Hacking
in the enterprise - these days "hacker" is a bad word ... but
when it comes to the nomenclature for a course that teaches sysadmins
cutting edge skills to keep their networks safe, the word "hacking" has
no replacement.
- Spyware/AdWare/Malware FAQ
and Removal Guide
- The
Microsoft Security Monitoring and Attack Detection Planning
Guide
- Microsoft
Identity and Access Management series
- Kill
Really Stubborn Spyware With This Tool (HijackThis)
- IDC
Report: Spyware a Critical Security Threat - Spyware has
become the fourth-greatest threat to a company's enterprise network
security.
- Poor
Defenders - fake and ineffective spyware/adware removal
tools - none of
the products tested were as effective as reputable free products like Spybot
Search & Destroy, and a couple even installed new spyware!
- Spyware Warrior
- Rogue/Suspect Anti-Spyware Products
& Web Sites - "Rogue/Suspect" means that these
products are of unknown, questionable, or dubious value as
anti-spyware protection. Some of the products listed on this page
simply do not provide proven, reliable anti-spyware protection. Others
may use unfair, deceptive, high pressure sales tactics and false
positives to scare up sales from gullible, confused users. A very few
of these products are either associated with known distributors of
spyware/adware or have been known to install spyware/adware
themselves.
- Malware
emulation of attackers - Attackers have introduced a new breed
of tool that in many ways emulates an active human intrusion. ... the
appearance of tools such as GaoBot and Randex on a network can cause
confusion and even panic. ... In many cases, these tactics cause users
to be locked out of the domain, and create the appearance that an actual
human is inside the network performing an active attack.
- Phishers
are No Tech Slouches - Phishing attacks are on the rise because
scammers are increasingly using the techniques, tools, and tactics of
virus writers and spammers.
- MasterCard,
Others Unwittingly Help Phishers - Leading financial
institutions have adopted a more aggressive attitude toward online
identity theft cons known as "phishing scams" in recent months. But
companies, including MasterCard International, may be unwittingly
helping phishers trick online shoppers.
- Opting into
Identity Theft
- Gone
phishing - It used to be that enterprises only had to worry
about their own security, but as fraudsters get more and more
sophisticated, the security of the end user – the customer – has never
been so important. ... "Criminals are starting to mix things like
hacking techniques and keyboard loggers with financial fraud and
spamming. We’ve got a fairly interesting mix that I don’t think we’ve
seen before.”
- Credit
cards and the internet - "Have you ever used Google to search
for your own credit card number? It can be a very enlightening
experience. ..."
[ Back to Top ]
- How To Block Unwanted
Parasites with a HOSTS File - "The HOSTS file contains the
mappings of IP addresses to host names. This file is loaded into memory
at startup, then Windows checks the Hosts file before it queries
any DNS servers, which enables it to override addresses in the DNS. This
prevents access to the listed sites by redirecting any connection
attempts back to the local machine. Another feature of the HOSTS file is
it's ability to block other applications from connecting to the
Internet, as long the entry exists. ..."
- A
new, more sneaky phishing attack (involves changing the HOSTS
file on a computer) - Victim computers are hijacked and sent to fake
bank sites. ... the new technique in certain cases is completely
invisible to victims. Essentially, the tactic redirects a victim's
computer to a Web site controlled by a criminal every time the victim
types in the Web address of his or her online bank. Even if the victim
follows a shortcut or Web browser favorite link, the computer is
seamlessly directed to the criminal's site instead. Once there, it's
easy to trick a confused consumer into typing in banking account numbers
and logins, because he or she is easily convinced that the destination
is the correct banking site. ... The user "could be doing everything
right, but in this case they are still going to the wrong place.
... It's more dangerous than standard phishing. There is
nothing in the e-mail to give it away. Nothing has to happen. The next
time you bank there, you might be in for a shock."
- Phishing Fall-Out -
As phony e-mail scams increase, targeted organizations (including some
of the world's biggest banks and credit companies) worry that consumers
will lose faith in doing business online.
- WHICH BROWSER TO TRUST? ...
- Internet
Explorer Is Too Dangerous to Keep Using
(opinion)
and US-CERT
warns against use of Internet Explorer
and How
to Replace Internet Explorer - Which alternative
browser do you use, and how do you migrate users?
- The Lame
Blame of ActiveX (opinion) - "ActiveX gets a bad rap as the
cause of all of Internet Explorer's security woes. But it's just not
so. ... Old myths die hard! There's no doubt that Internet Explorer
has more than it's fair share of security holes, but very few of them
have to do with ActiveX."
- How
can I trust Firefox? (an interesting counter argument)
- Internet Explorer
Bug Lets Fake Sites Look Real - via URL spoofing (December
2003) - "Successful exploitation allows a malicious person to display
an arbitrary FQDN Fully Qualified Domain Name) in the address and
status bars, which is different from the actual location of the page.
This can be exploited to trick users into divulging sensitive
information or download and execute malware on their systems, because
they trust the faked domain in the two bars."
- Test to see if
your browser is vulnerable
- Article - IE
bug lets fake sites look real - "Microsoft did not set a
timetable for its investigation, but said it may eventually release
a patch to address the problem. Meanwhile, the company recommended
that people follow basic security procedures, including the use of
firewalls, software updates and antivirus software. Microsoft
faulted security mavens for publicizing the flaw, implying that they
hadn't given Microsoft sufficient time to craft a patch."
- Serious
flaw claimed in ALL web servers - Using this
vulnerability, an attacker could create a web site to steal user
passwords used to access e-commerce sites, online banking, and web
based email systems, from every user who visits that page.
- The
Hidden Risks of [Game] Demo Discs - "... although most consumers
don't realize it, game consoles are computers that run off their own
proprietary operating systems. As a result, a bug in a demo CD, CD-ROM
or DVD-ROM could affect the rest of a home network and spread to an
enterprise network through a VPN connection or portable storage
devices."
- SPI Dynamics
-
Java
Security Traps Getting Worse
- 12
Java Technology Security Traps and How to Avoid Them >> View the PDF
- The
Java Open Review Project - identifies and reports bugs and
security vulnerabilities in widely used Java open source software. The
risks from unknown security vulnerabilities and quality bugs in open
source code pose a problem for the open source community and for
consumers of open source software.
- Why
developing well-secured software is hard ... or, why we
shouldn't blame Microsoft entirely.
- Security
professional says Windows easier to 'own' - Microsoft has
been waiting for security researchers to say that its Windows operating
system has a lower total cost of ownership. One finally has, but that's
not good news. ... He claims that "owning" a computer -- hacker-speak
for compromising a system -- is easier if the target computer runs
Windows.
- e-Security
Guide for Small Business (a free guide from Microsoft)
- White House National Strategy to Secure Cyberspace
- Improviing
Security Across the Software Development Life Cycle -
"At its core, the value of software is derived not only from its
ability to increase productivity and efficiencies, but also from its
resiliency to attack and always performing at needed levels during
times of both crisis and normal operations. This task force’s central
thrust is towards establishing a world with robust software security,
where users continue to benefit from software innovations. This is not an easy challenge and
will take the persistent, combined efforts of industry, academia,
government and others to make long-term progress."
- Six degrees of
separation - "If
everybody's address book was available on the web there'd be no place to
hide." and "social networking sites may expose their users to a risk of
guilt by association ... A person's name may innocently appear in the
address book of a criminal under police investigation, putting that
person at risk of being associated with criminals in police databases.
That information is then available to other law enforcement agencies,
such as customs, or even other countries, particularly the US. Each of
us has zero control over that guilt-by-association factor in the case of
social networking services because anybody can put any kind of data they
like about us in any little black book."
- Transparency
International - "the only international non-governmental
organisation devoted to combating corruption, brings civil society,
business, and governments together in a powerful global coalition" that
"works at both the national and international level to curb both the
supply and demand of corruption."
[
Back to Top ]
- Wireless
Security FAQ
- The
Security Plan for Your Wireless LAN - the five security areas
that will help you and your users get the most from a wireless LAN,
without all the nightmares.
- Using
Wi-Fi safely: encryption and other tips
- Many Wireless
Networks Lack Security - a road trip used to sniff out wireless
networks found that "the number of wireless networks is growing
explosively, he also found that only a third used basic encryption—a key
security measure. In fact, in nearly 40 percent of the networks not a
single change had been made to the gear's wide-open default settings."
- Evil
twin Wi-Fi threat - an "evil twin" is a bogus base station that
latches on to someone using new "Wi-Fi" wireless technology. Victims
think their laptops or mobile phones are connected to bona fide
wireless internet connections. They may then transmit valuable bank
details or other personal information, not suspecting that they are
being intercepted by cybercriminals.
- Avoiding
'Evil Twins' and Rogue Access Points - awhole new
class of attacks is emerging to threaten Wi-Fi users. "Evil Twin"
and other Wi-Fi-oriented attacks can fool users into providing
confidential information or compromise their computers.
- Attack
jams spy cameras - "An electronic invisibility cloak generated
by nothing more than an off-the-shelf PDA would allow intruders to elude
wireless security cameras using vulnerabilities in the most common
wireless technologies. ... The vulnerability is "trivial" to exploit and
only took 30 minutes to master. ... It just uses off-the-shelf hardware
and you don't need to write specific software, you just need to know the
correct commands to use with the software that's supplied. On a
difficulty rating of one to 10, it's probably a two. ... Any organisation that continues to
use the standard wireless technology, 802.11b, to operate critical
infrastructure could be considered negligent. ... A defence
is yet to be found."
- Why
802.11g should be your standard of choice - It offers
connection speeds of up to 54 Mbps in the 2.4 GHz radio band (five times
faster than 802.11b) and it's designed to be more secure, more stable
and keep a better connection then earlier Wi-Fi versions.
- WEP - Dead
Again - the new generation of WEP cracking tools for WiFi
networks offer dramatically faster speeds for penetration testers over
the previous generation of tools. In many cases, a WEP key can be
determined in seconds or minutes.
- Critical
wireless flaw identified - "Could lead to the breakdown of some
critical infrastructures in just five seconds."
- Mobile
Computing Risks Are Rising - the increasing sophistication and
ubiquity of mobile devices present new challenges for IT
administrators.
- Cracking
Password Usability ... Exploiting human memory to create secure and
memorable passwords - Memorizing a string of words that
makes up complete concepts or ideas is easier to remember than an
unrelated list of words. Further, the more vivid the sentence the easier
it is to remember.
- Ophcrack - a free
Windows password cracker based on rainbow tables. The ophcrack
LiveCD contains a small Linux system (SLAX6), ophcrack for Linux and
rainbow tables for alphanumerical passwords. The liveCD cracks passwords
automatically, no installation necessary, no admin password necessary
(as long as you can boot from CD). Windows Vista SAM can also be
cracked.
- PicoZip
Recovery Tool - can help you recover lost or forgotten
passwords from password protected Zip files including self-extracting
Zip files, via Brute Force or Dictionary-based recovery methods (a
650, 000+ words English dictionary is included).
- Cyber-warrior
outlines his battle plans - Richard Forno shudders at the term
"cyber-terrorism" and is deeply concerned about plans to deliver the
next generation of business applications across the network as a
service. As the IT pendulum swings back towards centralisation, he says,
the network becomes a key point of failure. ... "The network has to be
operational, and that's a huge business problem. We are willingly
embracing a single point of failure and the only person that benefits is
the vendor. The recentralisation of IT means business has to focus on
service assurance rather than just security." ... He says organisations
must look not just at their own network but also at those of their
infrastructure providers.
- The
new face of Cybercrime - "Whereas hacker vandals once coveted
bragging rights, professional hackers have profit in mind. What's more,
they are considerably more determined and have better resources than
vandals. A new approach is necessary, and we must unlearn some of the
lessons drawn from hacker vandalism."
- Bagle Worm Seen As 'Blueprint' For Web Criminals -
there are indications of "a professional developer who, like
counterparts in the commercial software world, is constantly testing,
tweaking, and improving his code for profit, not pride of
ownership."
- The Memorability and Security of Passwords – Some
Empirical Results
- The
Password Is: Chocolate - a survey to be presented at
Infosecurity Europe found that 71% of office workers polled were willing
to reveal their passwords for the price of a chocolate bar. The survey
also found the majority of workers would take confidential information
with them when they change jobs and would not keep salary details
confidential if they came across the details.
- Linux vs.
Windows: Who's More Secure Than Whom? - "So whatever your
operating system, the real issue is not the software [distributor]
company. The issue is how much time you have to deal with security, and
how important it is to your company."
- Linux vs.
Windows: Which Is More Secure? - Forrester Research finds that
both Windows and Linux can be deployed securely. Microsoft Corp.,
however, fixes security problems the quickest—which is a good thing,
since it also has the most major security holes.
- Linux
security problems are your own fault
- Microsoft's
Security Dilemma - "There seem to be two competing visions at
the company - one in which security is paramount and another in which
top priority goes to features that make it easy for anyone to build
applications."
-
Does
Excel Open a Security and Compliance Hole in Your IT Environment? -
There's not much question about the fact that Excel is used extensively by iSeries shops (and others) around the
world. It is, in fact, "the 'data' tool of choice for the non-database professional" ...
With such widespread use of Excel, it's certainly reasonable to question the security of the environment. ...
Excel is used so frequently "because it is so easy to implement compared to programmatic solutions.
It is also one of the most simple ways to model data. ... The challenge with Excel is that it originated
as a standalone, desktop spreadsheet and quickly became the world's most popular financial reporting and analysis software.
Many companies rely on it to produce their most critical financial reports ..."
-
Worms Are for Suckers
-
PDA Viruses Could Get Nasty
-
Spread of the Witty Worm -
On Friday March 19, 2004 at approximately 8:45pm PST, an Internet worm began to spread ...
Once the Witty worm infects a computer, it deletes a randomly chosen section of the hard drive,
over time rendering the machine unusable. The worm's payload contained the phrase
"(^.^) insert witty message here (^.^)" so it came to be known as the Witty worm. ...
Witty was the first widely propagated Internet worm to carry a destructive payload. ...
represents the shortest known interval between vulnerability disclosure and worm release ...
represents the shortest known interval between vulnerability disclosure and worm release ...
spread through a host population in which every compromised host was doing something proactive to secure their computers and networks. ...
demonstrating the viability of worms as an automated mechanism to rapidly compromise machines on the Internet,
even in niches without a software monopoly.
-
The anti-virus industry scam -
The "cure" provided by anti-virus companies is worse than the problem which its products allegedly treat.
[ Back to Top ]
-
Spamming the universe - experts predict spam will only get worse, more than doubling by 2007.
-
'Spiritual spam' clogs inboxes -
Internet users praying for salvation from junk mail face a new torment ...
they are now being asked to repent and pray. The God-botherers are using the techniques of the 21st century.
It's Spiritual Spam and almost all of it is Christian. ... They are very good at hiding where they are.
A lot of the stuff is relayed through China. The prayers appear mostly to originate from native English speakers
in the US. It is easier to act against the electronic evangelists in Europe than it is in the US."
-
Can E-Mail Survive? - Facing increasing threats from spam, viruses, and outdated protocols,
e-mail is crumbling under its own weight. Here are products and techniques you need to know to survive in
today's e-mail environment.
- SMTP authentication. currently being driven for spam prevention, is also
a cure
for modern SMTP-based e-mail worms
-
Teaching Users How
to Spot Fraudulent EMail
- Sendmail
- E-Mail
Filtering Best Practice
- Why I
Don't Trust Spam Filters
- Shutting Down
the Highway to Internet Hell - The time has not only come for
ISPs to block Port 25 for consumer accounts, it has long since
passed. The rewards for this and other ISP management techniques could
be large, but ISPs need to be careful about how they do it and tell
users why. (TCP Port 25 is one of the core interfaces of the Internet,
through which Internet mail servers typically send mail to each other.
It's normal for users to send data out port 25, but they do so to their
own ISP's mail server, from which it is forwarded on to the appropriate
location. This is the server identified as the outgoing mail server in
the mail client configuration. But if you are infected with a spam
zombie—typically, a mail worm with a backdoor used by a spammer to cause
your computer to send out massive amounts of spam—the mail does not go
through your mail server.)
- Operation
Secure Your
Server - Did you know that the settings on your servers
may make it easier for spammers to send more junk email? This Web page
has information about the efforts of an international government
partnership to let individuals and organizations know that their mail
servers or proxy servers can be abused by spammers. "Open proxies" and
"open relays" (also known as "spam relays") allow unauthorized people to
route their spam through your server. These
unsecured servers are in all sorts of organizations all over the
globe.
- New
Zealand Government hopes others will copy its anti-SPAM bill -
Contacting spammers to ask to be removed from mailing lists simply tells
them your account is active. The New Zealand bill avoids that issue
by taking an opt-in approach. "Individuals should not be put in the
position of having to contact a spammer to ask not to receive spam. That
just doesn't work."
- U.N.
Aims to Bring Spam 'Epidemic' to End - The United Nations is
aiming to bring a "modern day epidemic" of junk e-mail under control
within two years by standardizing legislation to make it easier to
prosecute offenders. Is prosecution an effective means of dealing with
spammers?
- ISIPP - Institute for
Spam and Internet Public Policy - has founded the
International Council for Internet Communications and manages the
ISIPP Accreditation Database (IADB) which is a DNS list of the
domains and/or IP addresses of senders who either a) meet ISIPP's
criteria as determined by background, reference, and other checks
("non-vouched listings"), or b) are personally known to ISIPP to meet
the criteria and to be good Internet mailing citizens.
- Spam
Foes Band Together - the organization will give highly
placed spam fighters and strategists a direct line to their
counterparts in other countries in order to disseminate information,
coordinate tactics and make it more difficult for junk e-mailers to
hide their operations.
[ Back to Top ]
- Making
Privacy Work - privacy as a driver of business performance:
eight critical steps to take to raise the level of awareness of
privacy issues.
- Helpless
as a ... (about tracking and monitoring technology, reliance on
technology, loss of identity) - Surveillance and monitoring of one kind
or another is here to stay. ... "by embracing identity technology we
lose our identity." ... Many technologies offer instant solutions. Our
reliance on these is changing the way we deal with frustration. "We have
come to expect that when we need a piece of information we can get it
instantly." Over time, frustration with technology can erode
self-confidence.
- Does
IM stand for insecure messaging? ... all IM users -- whether
adults or teenagers, whether on a home computer or a corporate network
-- need more education in how to protect themselves.
- What
Search Sites Know About You
- Every
Move You Make - Within the next 10 years the convergence of
multiple technologies will thrust people into a world where nothing is
secret. ... almost everything that people and the machines around
them do will be continuously recorded and stored in databases. ...
computer mentats will make decisions and predictions based on
qualitative factors like judgment, beliefs, values and emotions - fed by
data collected from public sources in many formats. (The word mentat was
invented by novelist Frank Herbert in his science fiction classic, Dune.
In the fictional world of Dune, computers are outlawed and human mentats
analyze data, spot patterns and make decisions. In our world, computer
mentats will do the same.)
- Privacy's
random answer - If IBM is right, corporate databases in the
future might record your age as 157 and your income as the square root
of two. Big Blue is experimenting with an idea for customer databases
called data randomization. The technique will, conceivably,
preserve consumer privacy by masking data such as income, age, past
purchases or medical information through mathematical calculations that
can't be unwound.
- Privacy
exposed - "An increasing number of private or
secret documents are being kept online in out-of-the-way corners of
computers around the world, leaving governments, individuals and
companies vulnerable to security breaches. ... For many reasons -
improperly configured servers, holes in security systems and human error
- a wide assortment of material not intended for public viewing is
publicly available. Once Google or another search engine finds it, it is
nearly impossible to draw back into secrecy."
- Spycam
may be watching you work - If you have a webcam and a microphone
on your computer and a broadband connection to the internet, a hacker
could be watching you.
- SUPPOSEDLY HIDDEN DATA ...
- Microsoft
Office 2003/XP Add-in - Remove Hidden Data
- Metadatarisk.org
- provides information on the dangers posed by hidden metadata
in documents. Apparently hidden in Microsoft Word documents is often
able to be revealed by viewing the document under "original showing
markup" or "final showing markup."
- Don't
Let Word Give Away Your Secrets - "There's a lot more
than meets the eye in many Word documents, a fact often overlooked
when people e-mail Word files or post them to Web sites. The
information that may be hidden in a Word, Excel, or PowerPoint file
may include the names of the author and anyone who edited the
document, reviewers' comments, the types and identification of
computers on which the file was opened, and deleted text."
- Microsoft Word bytes Tony Blair in the
butt
- Beware
Your Trail of Digital Fingerprints - It pays to mind your
metadata!
- Editing
tips from the NSA - Hiding confidential information with black
marks works on printed copy, but not with electronic documents,
the National Security Agency has warned government officials. Advice
comes after embarrassing incidents in which sensitive data was
unintentionally stored in electronic documents.
[ Back to Top ]
- Network pro says only a risk
management policy will reduce security threat - A senior
consultant with the biggest private US computer security firm says there
is no use in keeping one's anti-virus software up-to-date to guard
against attacks unless one has a risk management policy in place."
To me this looks like a
negative feedback loop. Spend more. Get less. It suggests that
there is something fundamentally wrong with our actions - with our
thinking. We are reactive. We are doing what the other guy does. We fix
'problems' that don't exist and completely miss out on the relatively
easy fixes for the real and big problems. We focus on vulnerabilities,
patches and paperwork instead of pragmatic, holistic, risk
management."
- The 10 Immutable Laws of
Security Administration (Microsoft)
- Employees
are lazy, slipshod rabble - Office workers typically don't
backup their desktop computers. Worse, many businesses don't have
desktop backup routines either ... huge amounts of data are at risk of
destruction-causing mayhem. Also they are ignorant about how to detect
viral e-mail attachments and are not motivated to find them.
- How
to Steal a Domain Name in Easy Stages
- The
great port 80 conspiracy - "The ability to run your own Web
server in your own office now has a much higher barrier of entry."
- IBM
Unveils Security Language - EPAL - The Enterprise Privacy
Authorization Language, based on XML, extends technology developed by
the W3C for communicating privacy rules between business and consumer
applications over the Internet.
- The University of Calgary has become the first educational
institution in Canada to offer a course in computer
viruses and malware
- The
Future of Firewalls
- Windows
Passwords Cracked In Record Time - A new NT password cracker can
bust any alphanumeric Windows password in an average of five seconds! -
AND - Making a Faster
Cryptanalytic Time-Memory Trade-Off
- A Day in the Life
of an Information Security Officer - ITtoolbox blog
- Preventive
Steps for Securing the Corporate Network - The Yankee
Group offers six recommendations for enterprises to improve intrusion
detection.
- Snort for
Linux - Snort for
Windows ...
Snort is an open source network intrusion
detection system, capable of performing real-time traffic analysis
and packet logging on IP networks. It can perform protocol analysis,
content searching/matching and can be used to detect a variety of
attacks and probes, such as buffer overflows, stealth port scans, CGI
attacks, SMB probes, OS fingerprinting attempts, and much more.
- SSL Filtering
Won't Increase Security - SSL has been broken by
well-intentioned security vendors trying to provide requested
capabilities to their customers. Even if the SSL filtering feature is
eliminated, its capabilities can be duplicated.
- Could
Server Uptime Bring Security Downtime?
- Firing
Line - A poorly handled employee termination can create a slew of
security risks.
- The
Activation FAQ - How will product activation schemes affect your
computing life?
- Digital Rights Management (DRM) ...
- Money
Well Spent (on the Security budget)
- Avoid
these 10 common Web-based application security mistakes
Keep It
Simple - If you're not thoughtful about your
approach to balancing computer security with computer usability, you may
end up with neither. ... "Secure usability" comes from a user interface
that guides the user to secure practices by making other practices
difficult or impossible. ... The balance between security and usability
should be fluid, not fixed. [ Back to Top
] |
