Essential Computer Security » 2009 » May

Tony Bradley on Facebook
Tony_BradleyPCW
- Twitter ain't tweeting right now
"Tony is a prolific writer on information security topics. His books are well-researched and thorough with a careful attention to detail. When I've worked with Tony, his work has been of the highest caliber. I would highly recommend him for any IT security project. As evidenced by his About.com site on network security, he has his finger on the pulse of the industry."
Joel Dubin
Information Security Expert and Author
My Sites

White House Takes on Cyber Security

President Obama has declared that securing cyberspace a top priority. The President is expected to give a speech today outlining the goals for the United States to lead, or at least keep pace, with technology and be able to attract and retain tech-savvy businesses and workers. His speech is also expected to address the need to raise awareness of the threats and security concerns of cyberspace and the dedication of his administration to fight them.

It is widely expected that President Obama will soon name a ‘Cyber Czar’ as well. The Cyber Czar role will be a special assistant to the President and have a support team working within the National Security Council. There are critics however who say that this still does not go far enough and that the Cyber Czar will run into the same issues with budget and scope of authority that past cybersecurity positions have run into.

This blog post from the whitehouse.gov web site features the cybersecurity chief of the National Security Council and other public and private sector experts talking about the future of securing our digital borders. I will post again if any news comes out regarding and actual announcement of who will fill the role of Cyber Czar.

Tags: Blog by Tony Bradley
Comments Off

Did You Know?

This 5-minute video is filled with interesting information and enlightening facts. It is not directly related to Internet or network security, but there are indirect implications for computer and network security. Suffice it to say that I feel it is valuable information and I highly recommend you invest the 5 minutes to watch the video and then spend some time considering the enormity of what the video conveys and what impact it might have on your world.

Tags: Blog by Tony Bradley
Comments Off

The Rising Nuisance of Vishing and SPIT

Vishing is on the rise. Where fishing uses bait to lure fish, and phishing uses email or electronic bait to lure victims, vishing is voice phishing- or using VoIP (voice over IP) to perpetrate phishing attacks. Vishing is a close cousin with SPIT (spam over Internet telephony). The primary difference between vishing and SPIT is whether the call is simply an annoying solicitation, or if it is in some way attempting to trick the recipient into surrendering sensitive information or compromising their personal data in some way. It is a matter of malicious intent.

You may have received the automated calls to your home or mobile phone promising to lower your interest rates on your credit cards or offering you an extended warranty for your vehicle. No amount of asking, begging, yelling, demanding, or threatening will get your number removed from the list (at least not for very long) or stop the calls. Ironically, I tried to play along and pretend like I was interested [Read more →]

Tags: Blog by Tony Bradley
Comments Off

Phishing Facebook for Fun and Money

Well, more for money and money. I am not a fan of fishing. I prefer casting. Casting is relaxing and enjoyable. As soon as some crazy fish bites the hook then there is a big, slimy, nasty fish to deal with and it ruins all of the tranquility. But, if you want to catch fish, you might have better luck if you fish in a heavily stocked pond rather than just some random stream. The same thing applies to phishing. Attackers might be able to lure victims by phishing just about anywhere, but if they want to improve their odds they need to go to where the ‘phish’ are- a heavily stocked pond. Facebook is just such a pond. Take a look at this PC World article to learn more about the latest round of Facebook phishing scams so you know what to look out for.

Tags: Blog by Tony Bradley
Comments Off

BitDefender Offers Free Security Software

BitDefender apparently wants to do their part to help Internet users in this poor economy. They say keep your money. You can download BitDefender Free Edition, BitDefender Anti-Phishing and BitDefender Chat Encryption for free.

Free is great, but you still get what you pay for to some degree. BitDefender Free Edition is a solid antimalware product, but it only performs on-demand scanning. That means that it can scan, detect, and remove malware threats, but it will only do so when you manually initiate it. It will not automatically detect and block threats in real-time.

Learn more about the protection offered by the products and find the links to download the free software from BitDefender.

Tags: Blog by Tony Bradley
Comments Off

May 2009

To view a summary of the May 2009 bulletins, visit Microsoft Security Bulletin Summary for May, 2009. Click the links below to view the individual Microsoft Security Bulletins and to download any patches that might be required for your system. Microsoft will discuss the issues addressed in the Security Bulletins and field questions from users during a webcast which can also be viewed after the fact. You can also visit Windows Update to automatically determine what patches or updates your system needs.

MS09-017

Vulnerabilities in Microsoft Office PowerPoint Could Allow Remote Code Execution
Criticality: Critical

Attackers Pounce on Microsoft PowerPoint Zero-Day

More information about the zero-day exploit of the PowerPoint vulnerability

Tags: 2009 by Tony Bradley
Comments Off