Kevin's Carol of the week
news://msnews.microsoft.com/uTR1jKj2EHA.4028@TK2MSFTNGP15.phx.gbl
-----------------------------
Have you patched?
Internet Explorer IFRAME patch
http://msmvps.com/secure/archive/2004/12/01/21796.aspx
[only IE 6]
WINS issue .. [but honestly we're just fine in SBSland]
http://msmvps.com/secure/archive/2004/12/03/22181.aspx
-------------------------------
Unprotected PCs can be hijacked in minutes
Surfing the Web has never been more risky.
Simply connecting to the Internet ? and doing
nothing else ? exposes your PC to non-stop,
automated break-in attempts by intruders looking
to take control of your machine surreptitiously.
http://www.usatoday.com/tech/news/computersecurity/hacking/2004-11-29-honeypot_x.htm
You see that article?
Don't believe everything you read folks
Dear USA Today...now the story is even better:
http://msmvps.com/bradley/archive/2004/12/06/22529.aspx
You would NEVER set up a server with file and printing sharing ports
opened up.
--------------------------------------
Blogs of interest
Don't believe everything you read
Dear USA Today...now the story is even better:
http://msmvps.com/bradley/archive/2004/12/06/22529.aspx
Why we do what we do
Thanks Tucker!:
http://msmvps.com/cgross/archive/2004/12/02/22108.aspx
Mark Cuban... the new fund
My New Hedge Fund - Blog Maverick - www.blogmaverick.com:
http://www.blogmaverick.com/entry/1234000570021684/
Dana meets "the couch"
Dana Epp's ramblings at the Sanctuary: The Red Couch Comeths:
http://silverstr.ufies.org/blog/archives/000753.html
Running a meeting?
Dealing with management...:
http://blogs.msdn.com/iainmcdonald/archive/2004/11/29/271781.aspx
NT 4 server almost dead
http://www.microsoftmonitor.com/archives/005265.html
for pay patches after 12/31/2004
------------------------------------
- - - - - - - - - -
Microsoft sues over fake authenticity certificates
For the first time, Microsoft Corp. is suing
on claims of counterfeit and illicit certificates
of authenticity, the labels on software and
computers that are supposed to show the products
are legitimate. In copyright and trademark
infringement lawsuits filed Monday, Microsoft
accused eight small and medium computer
resellers and software vendors in seven states
of distributing unlawful versions of the COA
labels.
http://www.siliconvalley.com/mld/siliconvalley/news/editorial/10303667.htm
- - - - - - - - - -
New strain of Skulls Trojan hits smart phones
Mobile phones running Symbian Ltd.'s Series 60
operating system are the target of a new strain
of the Skulls Trojan horse program. The new
Trojan comes with the Cabir.B worm, which, unlike
the first version of the virus, can spread to other
phones within reach of Bluetooth broadcasting range.
http://computerworld.com/securitytopics/security/story/0,10801,97935,00.html
McAfee says 'Skulls' mobile security threat still low
http://www.usatoday.com/tech/news/computersecurity/wormsviruses/2004-11-30-skulls-worm_x.htm
- - - - - - - - - -
Flaw opens crack in Windows servers
The vulnerability is in Windows Internet Name
Service, or WINS, a network infrastructure
component of server products such as Windows
NT 4.0 Server, Windows 2000 Server and Windows
Server 2003, Microsoft said Tuesday. The company
has issued a temporary work-around for the
problem while it works on an update to fix
the vulnerability.
http://news.zdnet.com/2100-1009_22-5471485.html
- - - - - - - - - -
Sun stamps on Java bug
Sun Microsystems claimed yesterday that its
attempt to stamp on a recently discovered Java
Virtual Machine (JVM) security bug has been
successful. Security experts warned that the
potentially devastating flaw in the JVM Run
Time Environment could leave millions of
desktops open to attack.
http://www.vnunet.com/news/1159740
- - - - - - - - - -
Phishers target Christmas shoppers
FConsumers should be on their guard against
a "particularly devious" phishing scam which
aims to hijack their Christmas shopping and
divulge sensitive financial details to cyber-
criminals. According to IT security firm
CyberGuard, the latest scam uses fake
e-commerce sites offering 'bargain'
Christmas gifts.
http://www.vnunet.com/news/1159754
- - - - - - - - - -
Unprotected PCs can be hijacked in minutes
Surfing the Web has never been more risky.
Simply connecting to the Internet ? and doing
nothing else ? exposes your PC to non-stop,
automated break-in attempts by intruders looking
to take control of your machine surreptitiously.
http://www.usatoday.com/tech/news/computersecurity/hacking/2004-11-29-honeypot_x.htm
- - - - - - - - - -
Software could slow spread of computer worms
Engineers at Hewlett-Packard Co. are working
on "virus throttling" software that could slow
the spread of viruses and worms, possibly limiting
the destruction that hackers inflict on millions
of computers each year. Researchers for the Palo
Alto, Calif.-based computer giant said Tuesday
the new software wouldn't destroy threats such
as the "Blaster" Internet worm, which crippled
more than a million computers last summer.
http://www.securityfocus.com/news/10035
http://news.zdnet.com/2100-1009_22-5471780.html
http://www.msnbc.msn.com/id/6622961/
http://computerworld.com/securitytopics/security/virus/story/0,10801,97940,00.html
- - - - - - - - - -
Fear fuels intrusion prevention sales bonanza
The growing threat posed by worms, viruses and
denial-of-service attacks is fuelling a global
sales bonanza in network intrusion prevention
system (IPS) products, according to In-Stat/MDR.
As a result, the combined market for IPS and
intrusion detection system equipment is poised
to reach $1.4bn by 2008, up from $541m in 2003,
the research firm said. Most of the revenue
growth is expected to be through hardware-
based network IPS appliances.
http://www.vnunet.com/news/1159751
- - - - - - - - - -
ISPs raise the stakes on DDoS attacks
Internet service providers have hit back at claims
they should be doing more to prevent denial-of-service
attacks. Security heads for BT and Cable and Wireless
said that they can protect their customers from the
attacks, but that they will not provide the service
for free.
http://news.zdnet.co.uk/internet/security/0,39020375,39175485,00.htm
- - - - - - - - - -
iPaqs turn up the security
Hewlett-Packard introduced a series of handhelds,
the iPaq hx2000 line, designed to provide better
security and connectivity for mobile professionals.
The hx2700, launched Tuesday, comes with an embedded
biometric fingerprint reader that allows a user to
capture prints from two fingers, from either hand.
This allows for greater flexibility should the owner
suffer a cut on one finger, said Robin Seow, general
manager of the personal systems group at HP Singapore.
http://news.zdnet.com/2100-1009_22-5471610.html
- - - - - - - - - -
ID card details emerge in bill
The government's bill for an identity card,
published on Monday, outlines details on penalties
for abuse of the system but fails to include
figures covering the costs of the scheme.
http://news.zdnet.co.uk/business/legal/0,39020651,39175554,00.htm
New standard could reshuffle smart cards
http://www.gcn.com/23_33/news/27949-1.html
Passport ID chips may not be secure
http://www.cnn.com/2004/TECH/ptech/11/29/electronicpassports.ap/index.html
- - - - - - - - - -
Lycos Europe: 'Make love not spam
The effort, dubbed "Make love not spam," will
officially launch on Wednesday and will center
around the screen saver, which the company has
designed to overload Web sites advertised via
spam. Lycos Europe is a separate company from
the Web portal that bears the Lycos name in
the United States. Lycos Europe claims that it
currently maintains roughly 40 million e-mail
accounts across eight European countries.
http://news.zdnet.com/2100-1009_22-5471207.html
http://www.msnbc.msn.com/id/6622055/
http://www.newsfactor.com/story.xhtml?story_title=Lycos-Screensaver-Spams-the-Spammers&story_id=28726
- - - - - - - - - -
A guide to proactive network security
Commentary--Behind our daily barrage of hacker
attacks, announcements of new viruses and worms,
and frequent risk of downtime is an opportunity.
This is your opportunity to step away from the
noise, for a moment, and take steps to build
a more proactive network security model for
your organization.
http://news.zdnet.com/2100-1009_22-5470877.html
Stressing security training
http://www.fcw.com/geb/articles/2004/1129/web-secure-11-30-04.asp
--
http://www.sbslinks.com/really.htm
http://www.msmvps.com/bradley
https://www.ecora.com/ecora/jump/pm99.asp