news://msnews.microsoft.com/u3vq#9L4EHA.4028@TK2MSFTNGP15.phx.gbl
Kevin's song of the week
--------------------
Remember this week - Tuesday is security bulletin day and we have 5
bulletins coming out
http://msmvps.com/bradley/archive/2004/12/09/23180.aspx
--------------------
Handy Andy SBS chat on MCPMag
Handy Andy on the MCP forums is talking about roaming profiles and
Exchange server. Don't forget too that Handy Andy will be having a live
chat on the 15th.
IT Forums: SBS Chat 12/15/2004:
http://www.mcpmag.com/forums/forum_posts.asp?tid=1450&pn=1
---------------------
Small Business Web site
http://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?culture=en-US&EventID=1032265662
There is a Web site designed with the needs of small businesses in mind,
offering free knowledge, assistance, advice from peers, and other
valuable resources. The Microsoft Small Business Center is your
one-stop shop for small-business product information, expert advice,
tools and resources. Learn more about this comprehensive Web site,
designed with small-business owners in mind, by attending this webcast,
presented by Frederic De Wulf, Small Business Web Director at Microsoft.
The Small Business Center features tailored business advice for running
a small business, customer support options, and information about
Microsoft products and services at the click of a mouse. You?ll find
expert columnists such as Kim Komando, webcasts, community pages,
product demos, and how-to-buy information for more than 30 Microsoft
solutions geared for small businesses. See why the Microsoft Small
Business Center is your Web technology resource.
This webcast shows you all that the Microsoft Small Business Center has
to offer ? technology topics and assistance, a community of other small
businesses ready to share advice on business and management issues, free
events and training, tools and tips for taking your business online.
When: Tuesday, Dec 14, 2004 11:30 AM (CST) ? 1:30 PM (CST)
Duration: 120 minutes
Presented By: Frederic De Wulf - Small Business Web Director at Microsoft
This presentation will be delivered via Microsoft Office Live Meeting
and will utilize Voice Over IP technology for the audio portion of the
presentation. Because of this, you will need to view this presentation
from a sound-enabled computer. All information regarding the URL for
the meeting and login instructions will be emailed to all registered
attendees at least 24 hours prior to the beginning of the presentation.
-------------------------
Blogs of interest this week
This week in the communities
http://msmvps.com/bradley/archive/2004/12/11/23454.aspx
The art of the start
http://silverstr.ufies.org/blog/archives/000760.html
Who would have thought IBM?
http://blog.ziffdavis.com/coursey/archive/2004/12/03/4409.aspx
Gizmodo week in review
http://www.gizmodo.com/gadgets/gadgets/gizmodo-week-in-review-027473.php
What's wrong with politics?
http://www.itconversations.com/shows/detail323.html
Microsoft office outlook live
http://www.microsoft-watch.com/article2/0,1995,1739609,00.asp?kc=MWRSS02129TX1K0000535
Now THAT is storage:
http://www.internet-nexus.com/2004_12_05_archive.htm#110260974255185660
Way to go Tim!
http://www.spyjournal.biz/techtips/2004/12/installing-sbs-2003-marathon.html
-----------------------------
http://www.microsoft.com/downloads/details.aspx?familyid=36648245-6eac-458e-87bd-046a16f3d385
Overview of why and how Microsoft IT proactively deployed Windows XP
Service Pack 2. Windows XP Service Pack 2 is a critical security release
that addresses Internet-based security threats.
--------------------------------
Chinese cybercops 'nailing virus writers'
A Chinese police force that is dedicated
to fighting virus writers is getting results,
according to Russian antivirus company Kaspersky
Labs. The Chinese antivirus police team will
visit the Kaspersky Labs offices in Moscow
next week to discuss virus development.
http://news.zdnet.co.uk/internet/0,39020369,39180202,00.htm
Antivirus firm says organized crime growing online
Almost all of the malicious software circulating
the Internet is written by organized criminals
looking for financial gain, and the problem is
set to get worse, Kaspersky Labs is warning.
The Russian antivirus company said Thursday that
criminals are behind 90 percent of malicious code,
leaving teenagers and script kiddies responsible
for only a small fraction of the rest.
http://news.zdnet.com/2100-1009_22-5486201.html
http://news.com.com/Antivirus+firm+says+organized+crime+growing+online/2100-7348_3-5486201.html
Malware authors mixing a lethal cocktail
http://news.zdnet.co.uk/internet/security/0,39020375,39180203,00.htm
- - - - - - - - - -
Playgirl virus attacks Chechen rebel sites
An email virus that poses as pictures of a nude
glamour model actually contains malicious code
designed to launch denial-of-service attacks on
websites run by Chechen separatists. The Maslan-C
worm spreads via email with the subject line
'123' and an attached file called 'Playgirls2.exe'.
It also spreads across network shares. Running
the infected attachment further spreads the
email worm as well as turning infected PCs into
participants in a distributed denial-of-service
attacks.
http://www.theregister.co.uk/2004/12/09/maslan/
- - - - - - - - - -
The strange death of the mass mailing virus
Mass mailing viruses will go the way of macro
viruses and become much rarer next year.
Viruses such as Sober and MyDoom are simply
not as effective as they used to be, Kevin
Hogan, a Symantec Europe manager, notes.
"People know it's risky to double click
on viruses. For virus writers there's
no technical kudos.
http://www.theregister.co.uk/2004/12/09/symantec_virus_forecast_2005/
- - - - - - - - - -
Vulnerability allows scammers to hijack pop-ups
Security researchers warned this week of
a vulnerability in most Web browsers that
could allow scammers to launch phishing
attacks from pop-up windows on trusted
Web sites.
http://computerworld.com/securitytopics/security/story/0,10801,98141,00.html
- - - - - - - - - -
Multi-platform phishing exploit uncovered
A function built into all major browsers
could be co-opted by attackers to fool Web
site visitors into surrendering sensitive
information, a security firm warned on
Wednesday.
http://news.zdnet.co.uk/internet/0,39020369,39179938,00.htm
Digital PhishNet launched to combat phishing scams
http://computerworld.com/securitytopics/security/cybercrime/story/0,10801,98153,00.html
Probably the simplest phishing trick in the world
http://www.theregister.co.uk/2004/12/09/secunia_browser_exploit_warning/
Ex-U.S. cyber security chief sees curb on phishing
http://www.usatoday.com/tech/news/computersecurity/infotheft/2004-12-09-phish-starving_x.htm
- - - - - - - - - -
New bill targets some peeping-Toms
Camera phones may make great Christmas gifts,
but people better not use them for peeping-Tom
photos on federal property. In one of its last
moves of the year, Congress passed a bill that
would levy heavy fines and prison time for anyone
who sneaks photos or videos of people in various
stages of undress, a problem lawmakers and
activists called the new frontier of stalking.
http://www.cnn.com/2004/LAW/12/09/video.voyeurs.ap/index.html
- - - - - - - - - -
Tech groups praise parts of intelligence bill
Technology trade groups cheered parts of a
comprehensive intelligence reform bill that
passed the U.S. Congress yesterday, including
a provision that could speed up the federal
government's security clearance process for
IT vendors and contractors. But the bill,
passed by the U.S. House of Representatives
on Tuesday and by the Senate yesterday, was
stripped of language that would have elevated
the lead cybersecurity position at the U.S.
Department of Homeland Security from a
director-level position to an assistant
secretary.
http://computerworld.com/governmenttopics/government/legislation/story/0,10801,98154,00.html
The American way of spying gets a makeover
http://www.theregister.co.uk/2004/12/09/us_spying_makeover/
Security amendment approved
http://www.fcw.com/fcw/articles/2004/1206/web-security-12-09-04.asp
US, UK work on anti-terror R&D
http://www.fcw.com/fcw/articles/2004/1206/web-usuk-12-09-04.asp
Congress passes E911 bill
http://www.fcw.com/fcw/articles/2004/1206/web-e911-12-09-04.asp
- - - - - - - - - -
EU Telecoms Council Promotes Safer Internet Use
Safer Internet Plus, the four-year program
proposed by the European Commission in March,
will have a budget of $60 million to combat
illegal and harmful Web content. Its focus
is on end users: parents, educators and
children.
http://www.newsfactor.com/story.xhtml?story_title=EU-Telecoms-Council-Promotes-Safer-Internet-Use&story_id=28969
- - - - - - - - - -
School's out to shun IE
In a notice sent to students on Wednesday,
Pennsylvania State University's Information
Technology Services department recommended
that students download other browsers to
reduce attacks through vulnerabilities in
the Microsoft software.
http://news.zdnet.com/2100-1009_22-5485834.html
http://news.com.com/Net+threats+spur+action+on+browser+front/2009-1032_3-5485861.html
http://www.cnn.com/2004/TECH/internet/12/09/awaysonline.reliable.ap/index.html
- - - - - - - - - -
E-commerce hit hard by fear of fraud
Two thirds of UK consumers questioned in
a recent study do not buy products online
for fear of credit card fraud. The research
found that, although 53 per cent of homes
have an internet connection, 66 per cent
of users refused to book holidays online,
for example, preferring to visit a travel
agent personally.
http://www.vnunet.com/news/1159982
- - - - - - - - - -
Carders by Phone
Credit cards number thieves phone the victims
and feign Visa staff and ask to specify
information on the credit card with the alleged
purpose of checking doubtful transaction.
At that, fraudsters do not ask confidential
data (PIN-code or number of account) ? this
would alert most victimized card holders. As
is known, fraudsters ask CVV-codes at the bottom
of credit card. It turned out few of cardholders
knew that these codes are often used for approving
on-line transactions.
http://www.crime-research.org/news/09.12.2004/834/
- - - - - - - - - -
RSS: Show Me the Money
Lately there has been a lot of discussion
on the net about how to make money off RSS,
which, depending on whom you ask, stands
for Really Simple Syndication or Rich Site
Summary, but which many publishers and
bloggers hope will turn into a Really
Sweet (revenue) Stream.
http://www.wired.com/news/culture/0,1284,65971,00.html
- - - - - - - - - -
Password imperfect
People tend to choose easy-to-remember
passwords--which means they're easy to crack.
Even complex passwords can be stolen. They've
moved from a security measure to a security
risk, says Microsoft Chair Bill Gates, who
for the past year has been publicly urging
customers to stop relying on passwords.
http://news.zdnet.com/2100-1009_22-5475264.html
- - - - - - - - - -
The pros and cons of MSSPs
Part 1: 10 reasons to outsource security. More
companies are outsourcing part of their security
infrastructure, including firewalls, intrusion-
detection systems and virtual private networks,
to managed security service providers (MSSP).
There are many reasons why outsourcing may be
a cheaper and better way to go. Note that I
said "may be" because everything depends on
your requirements.
http://computerworld.com/securitytopics/security/story/0,,98093,00.html
- - - - - - - - - -
Who says safe computing is a pipe dream?
Commentary--I am regularly asked what average
Internet users can do to ensure their security.
My first answer is usually, "Nothing--you're
screwed." But that's not true, and the reality
is more complicated. You're screwed if you
do nothing to protect yourself, but there
are many things you can do to increase your
security on the Internet.
http://news.zdnet.com/2100-1009_22-5485329.html
- - - - - - - - - -
- - - - - - - - - -
Browser phishing 'flaw' could hook users
Forward in EMAIL Format for PRINT Web browsers
Security threats Microsoft Corp Apple Computer Inc
A function built into all major browsers could be
co-opted by attackers to fool Web site visitors into
surrendering sensitive information, a security firm
warned on Wednesday. The issue, which security firm
Secunia labeled a flaw, could allow a malicious Web
site to refer visitors to a legitimate site--such
as a bank's Web site--and then control the content
displayed in a pop-up windows.
http://news.zdnet.com/2100-1009_22-5484315.html
- - - - - - - - - -
New set of Linux security flaws unveiled
A security researcher has uncovered yet another
set of security flaws in an image component,
which could put Linux users at risk of system
compromise if they view a maliciously crafted
image. The bugs, in the imlib image library
found in most Linux systems, haven't been
patched by the library's developer, but Linux
vendors are currently rushing out patches.
So far Gentoo, Suse and others have released
fixes.
http://www.techworld.com/security/news/index.cfm?NewsID=2768
http://news.zdnet.com/2100-1009_22-5484080.html
http://computerworld.com/securitytopics/security/story/0,10801,98120,00.html
- - - - - - - - - -
Tech firms, FBI to fight 'phishing' scams
Internet companies and law-enforcement agencies
said Wednesday they will work together to track
down online scam artists who pose as banks and
other legitimate businesses, a practice known
as "phishing."
http://www.msnbc.msn.com/id/6679100/
- - - - - - - - - -
Experts push for more US computer security efforts
Computer-security experts, including former
government officials, urged the Bush administration
on Tuesday to devote more effort to strengthening
defenses against viruses, hackers and other
online threats.
http://www.usatoday.com/tech/news/computersecurity/2004-12-08-more-security-sought_x.htm
- - - - - - - - - -
Sophos declares Netsky-P worst virus of 2004
Netsky-P tops the list of the worst virus outbreaks
in 2004--a year marked with nearly a 52 percent
increase in new viruses, according to a report
released Wednesday by security software maker
Sophos. Netsky-P represented 22.6 percent of all
virus incidents reported to Sophos, the company
said.
http://news.zdnet.com/2100-1009_22-5483401.html
http://www.msnbc.msn.com/id/6679126/
http://www.cnn.com/2004/TECH/12/08/viruses.reut/index.html
http://computerworld.com/securitytopics/security/story/0,10801,98125,00.html
- - - - - - - - - -
CSOs' Top Concerns For 2005
Worms, viruses and regulatory compliance topped
the list of concerns of more than 85 Chief Security
Officers who met yesterday in New York City for
the second CSO Interchange. Participants at CSO
Interchange discussed a wide variety of security
issues that affect their organizations and revealed
their top-of-mind concerns through interactive
surveys conducted at the event.
http://www.securitypronews.com/news/securitynews/spn-45-20041208CSOsTopConcernsfor2005.html
- - - - - - - - - -
Cybercrime remains a hard nut to crack
THE internet may not be the haven it seems for
hi-tech crime, an Australian criminologist believes.
Australian Institute of Criminology director Dr Russell
Smith says although significant steps have been taken,
computer crime remains difficult to investigate and
there are many unresolved legal and practical problems.
http://australianit.news.com.au/articles/0,7204,11584698%5E15318%5E%5Enbv%5E15306,00.html
---------------------
If you want to make sure your neighbors don't "steal" your wireless
Force Field Wireless:
http://www.forcefieldwireless.com/defendairadditive.html
--
An open letter to the Security Community::
http://msmvps.com/bradley/archive/2004/12/12/23540.aspx