Search This Blog

Wednesday, April 25, 2012

WindowSecurity.com Newsletter of April 2012

-------------------------------------------------------
WindowSecurity.com Newsletter of April 2012
Sponsored by: ManageEngine
<http://www.manageengine.com/products/eventlog/?utm_source=wownsec&utm_medium=newsletter&utm_campaign=textlinkELA&utm_term=apr12>
-------------------------------------------------------

Welcome to the WindowSecurity.com newsletter by Stu Sjouwerman, Founder of Sunbelt Software & CEO of KnowBe4.com . Each month we will bring you interesting and helpful information on the world of Security. We want to know what all *you* are interested in hearing about. Please send your suggestions for future newsletter content to: feedback@windowsecurity.com


1. Editor's Corner
-------------------------------------------------------

Blast From The Antivirus Past

Remember MS-DOS Version 6? It was released in March 1993. The new 6.0 had
a lot of new stuff including a basic anti-virus program and a disk
defragmenter. Other improvements were in the memory management area by
the addition of MEMMAKER.

Now, how did you get your anti-virus updates? You had to buy them! Here
is a 3-page PDF that shows how. First the instructions how to get a user
ID. Grab your 9600 baud modem and dial their Bulletin Board System (BBS).
Next follow the download instructions to get your AV updates. The third
page is the promo where they sold you on getting a whopping whole TWO
anti-virus updates for as little as $9.95 each. Add the sales tax on top of
that. Oh boy, what a deal. Here is my blog post with the link to the PDF
http://blog.knowbe4.com/blast-from-the-antivirus-past

And, did you know that Antivirus is 30 years old?

Simon Edwards created a great blog post about this April 12, 2012. He
started out with: "Once upon a time, frighteningly not that long ago,
Ross M Greenberg wrote the first anti-virus software for the PC. It was
called FluShot and it was written in 1982, thirty years ago this year.
FluShot was a DOS program that required 10K RAM. Little information is
available about it on the web, and what still exists appears to be largely
in text files originally distributed over BBS." I recommend you read the
full blog post, it's quite interesting really:
http://simonedwards.blogspot.co.uk/2012/04/anti-virus-is-30-years-old.html

-------------------------

* Quotes Of The Month:


"Foolproof systems don't take into account the ingenuity of fools".
-- Gene Brown

"This job would be pretty good if it wasn't for the end users, equipment,
and management." -- Daniel Nicholson

Warm regards,

Stu Sjouwerman
Editor, WindowSecurity News
Email me at feedback@windowsecurity.com


2. Prevent Email Phishing
-------------------------------------------
Want to stop Phishing Security Breaches? Did you know that many of the email addresses of your organization are exposed on the Internet and easy to find for cybercriminals? With these addresses they can launch spear-phishing attacks on your organization. This type of attack is very hard to defend against, unless your users are highly 'security awareness' trained.

IT Security specialists call it your 'phishing attack surface'. The more of your email addresses that are floating out there, the bigger your attack footprint is, and the higher the risk is. Find out now which of your email addresses are exposed with the free Email Exposure Check (EEC). An example would be the email address and password of one of your users on a crime site. Fill out the form and we will email you back with the list of exposed addresses. The number is usually higher than you think.

Sign Up For Your Free Email Exposure Check Now http://www.knowbe4.com/email-exposure-check/

3. Security Detail
----------------------------------------

* Mac Malware Wake-up Call

It's been predicted for years, but suddenly 600,000 Macs were infected
with the Flashback trojan. Many Apple users are still in denial and
don't want to understand what this means. It's time they wake up and
smell the coffee.

Once a platform reaches critical mass, attackers will go after it and
Apple is no exception. Now, people might say: "Yeah, but it wasn't
OS X, it was Java. Same story with Windows for the most part. The
problem is unpatched versions of OS X that run vulnerable versions of
Java. The more popular the Mac becomes, the more it will be attacked.

The real problem is users that are not complying with best practices,
so I recommend you get yourself an OS X antivirus installed on those
Mac machines. It's time.

--------------------------

* Utah Health Breach Affects 780,000


State officials in Utah have again revised upward the number of
individuals affected by a March 30 healthcare information hacking
incident. They now estimate that 780,000 patients were affected.

Howard Anderson reported this at the Healthcare InfoSecurity site.
"Of those [780,000], 280,000 had Social Security numbers exposed,
according to a statement. All those affected are being notified of
the breach, which authorities believe involved East European hackers
accessing a state server. Those whose Social Security numbers were
exposed will receive one year of free credit monitoring services."
More:
http://www.healthcareinfosecurity.com/articles.php?art_id=4667

-------------------------

* SMS-controlled Malware Hijacks Android Phones

Researchers at NQ Mobile, working alongside researchers at North
Carolina State University, have discovered new Android malware that
is controlled via SMS that can do a number of things on the compromised
device including recording calls and surrounding noise. Called TigerBot,
the recently discovered malware was found circulating in the wild via
non-official Android channels. Once again, this discovery is proving
the sensibility of only installing official applications, and only
those available from known, legitimate sources such as Google Play.
Article at Securityweek:
http://www.securityweek.com/sms-controlled-malware-hijacking-android-phones


4. SecureToolBox
-----------------------------------------------

* Free Service: Email Exposure Check. Find out which addresses of your organization are exposed on the Internet and are a phish-attack target:
http://www.knowbe4.com/eec/

* Frustrated with gullible end-users causing malware infections? Find out who the culprits are in 10 minutes. Do this Free Phishing Security Test on your users:
http://www.knowbe4.com/phishing-security-test/


5. ViewPoint – Your Take
-------------------------------------------

Write me! This is the spot for your take on things. Let me know what you think about Security, tools, and things that need to be improved. Email me at feedback@windowsecurity.com


6. SecOps: What You Need To Know
--------------------------

* Law Firms: "Big Money In Security Breach Cases"

It was a matter of time. Law firms love class action lawsuits, because
the rewards are potentially enormous. So we've seen asbestos being used
for this, then tobacco, at the moment they are going after Big Pharma
and their antidepressants, and the next wave might be... you. If you
are in healthcare that's right now, and the rest of us, well just give
it a little while.

Why? Security breach cases are big money. CSO said: "Indeed, a suit pending
against St. Joseph Health System involves the exposure of medical information
of about 31,800 patients. At $1,000 each, even if only one violation
is involved, it is simple math to see that would yield damages of
$31.8 million." Forty percent of that for the lawyers... cha ching!

However, there is a silver lining here. Randy Sabett, an attorney with
ZwillGen, a Washington, D.C.-based law firm specializing in legal issues
involved in doing business on the Internet said: "Everybody knows,
including judges, that 100 percent security on the Internet simply does
not exist. Indeed, there are endless examples of breaches of companies that
are in compliance, which makes it much more difficult to prove negligence."

One more reason to pay a lot of attention to being actually compliant!

Here is the link to the full article:
http://www.csoonline.com/article/704288/law-firms-see-big-money-in-healthcare-breach-cases

-------------------------

* What You Need to Know About CISPA

Dan Rowinski over at ReadWriteWeb wrote: "Battle lines are being drawn over
the Cyber Intelligence Sharing and Protection Act of 2011 (CISPA). It's a
bill that would make it easier for private companies and the U.S. government
to share user information concerning possible cyber threats. Microsoft,
Facebook and a host of other technology companies are supporting the bill,
but many digital rights groups fear that CISPA is another version of the
Stop Online Privacy Act... but worse.

What Is CISPA?

CISPA is different from SOPA and PIPA in that it's not primarily about piracy
or privacy issues. Instead, it's intended to help fight cyber attacks. But the
bills share similarities that raise red flags with digital rights advocates.
Foremost, the language of CISPA is vague, broad and leaves much open for
interpretation. CISPA would amend a current law that defines how cyber threat
intelligence information is used between the U.S. intelligence community and
the private sector. Currently, that's often difficult or prohibited. CISPA
would remove that firewall." More:
http://www.readwriteweb.com/archives/what_you_need_to_know_about_cispa.php

-------------------------

* Malware Getting Backed Up Along With Data

Kelly Jackson Higgins over at Dark Reading reported something interesting:
"When malware slips past antivirus, it can get swept up in an enterprise's
system backup -- and ultimately reinfect systems when the company
restores applications from its contaminated backup. Oliver Friedrichs,
head of Sourcefire's cloud technology group, says this cycle occurs more
often than you'd think. Friedrichs recently analyzed data collected from
more than 2 million Sourcefire users during a one-month period and found
that backup and file restoration applications often inadvertently restore
malware.

His findings: During a one-month period, DropBox, a file-sharing and backup
cloud-based service, restored 17,705 threats; Maxtor Backup and Restore's
MaxSynch, 5,076 threats; 2BrightSparks SynchBack backup software, 165
threats; and FreeFileSync, 104 threats. These were users that had been
running traditional AV products." More:
http://www.darkreading.com/cloud-security/167901092/security/storage-security/
232800530/malware-getting-backed-up-along-with-data.html

7. Hackers' Haven
--------------------------

* I Fell For The Oldest Social Engineering Trick In The Book

Bill Brenner wrote: "I've written countless stories about social engineering,
with security experts far and wide telling our readers never to open a
link from someone we don't know. We've also published advice about making
sure a message from a friend is for real before opening. That didn't stop
me from falling for one of the oldest tricks in the book. It came in as a
direct message on Twitter Friday, from Network World writer Brandon Butler,
who sits in the next cube over from me at the office. He's a nice,
mild-mannered chap, so when I got a tweet in his name, I opened the link
without thought. Well, that's actually not true. I did have thoughts --based
on his tweet: "Hello somebody is saying very bad rumors about you... (URL
removed)" Story here:
http://blogs.csoonline.com/data-privacy/2125/i-fell-oldest-social-engineering-
trick-book?source=CSONLE_nlt_salted_hash_2012-04-10

-------------------------

* Stuxnet Was Planted Via Infected Memory Stick

"Although it has never been confirmed, the speculation that the Stuxnet
worm was manufactured for the express reason of disrupting the production
at Iran's Natanz uranium enrichment facility is considered to be correct
by many security experts. Theories about who actually created it abound,
and the one that says the US and Israeli government were behind it has been
voiced more often than others. If a report by Industrial Safety and Security
Source is to believed, current and former US intelligence sources have
confirmed that Israel's intelligence agency Mossad is responsible for the
worm's introduction into the plant's systems. Here is the story:
http://www.net-security.org/malware_news.php?id=2071

-------------------------

* Redmond Patches Critical Windows Zero-Day Exploited By Hackers

This month's Patch Tuesday was interesting, since there is a patch that
hackers are actively using to get into your user's systems. It's MS12-027
and it is in an ActiveX control included with every 32-bit version of Office
2003, 2007 and 2010. But Redmond also said that SQL Server, Commerce Server,
BizTalk Server, Visual FoxPro and Visual Basic needed the patch. MS12-027
is the FIRST update you should install.

Hackers are as we speak using the hole in malformed text documents, which
when opened either in Word or WordPad can hijack a PC, Microsoft
acknowledged in a post to its Security Research & Defense (SRD) blog:
http://blogs.technet.com/b/srd/archive/2012/04/10/ms12-027-enhanced-
protections-regarding-activex-controls-in-microsoft-office-documents.aspx


8. Fave links & Cool Sites
--------------------------

SUPER FAVE: A big red push button on a quiet square in a small town in
Belgium with a sign "Push to add drama". See what happens next ...
http://www.flixxy.com/a-dramatic-surprise-on-a-quiet-square.htm
---
190 years ago, Nicolas Rieussec recorded time to an accuracy of a fifth
second for the first time - the chronograph was born. To celebrate this
unique invention, Montblanc created the one-of-a-kind "The Beauty of a
Second" short-film contest presented by the famous film director Wim
Wenders:
http://www.flixxy.com/the-beauty-of-a-second.htm
---
They need to give some sound to electric vehicles to protect pedestrians.
Here is how they created the sound of the Audi e-tron supercar:
http://www.youtube.com/watch?v=UeKCgZCdxjg&feature=player_embedded
---
Sci-fi author Arthur C. Clarke predicted in this 1974 TV interview that
in 2001, regular people would have personal computers and be connected
all over the world. Very interesting and accurate:
http://www.flixxy.com/arthur-c-clarkes-1974-prediction.htm
---
DARPA Robot Masters Stairs. We are getting better at this. Skynet,
here we come:
http://www.youtube.com/watch?v=aqCmX5dMYHg
---
For the past ten years, Robert Maddox has devoted thousands of hours and
dollars to the developement of pulsejet engines. His unique mixture of
science and art has led to the creation of some of the most interesting and
outrageous jet powered vehicles ever built:
http://maddoxjets.com/maddoxjets_Videos.html
---
Space - the final frontier. A feline starship embarks on a mission to
boldly go where no cats have gone before:
http://www.flixxy.com/cats-in-space.htm
---
Synchronous paragliding: "More Than A Feeling" - An awesome synchro paragliding
acrobatic video!
http://www.flixxy.com/synchro-paragliding.htm

TechGenix Sites
----------------------------------------------------------------
ISAserver.org <http://www.isaserver.org/>
MSExchange.org <http://www.msexchange.org/>
VirtualizationAdmin.com <http://www.virtualizationadmin.com/>
WindowsNetworking.com <http://www.windowsnetworking.com/>

----------------------------------------------------------------
Visit the Subscription Management (http://www.techgenix.com/newsletter/) section to unsubscribe.
WindowSecurity.com is in no way affiliated with Microsoft Corp.
For sponsorship information, contact us at advertising@windowsecurity.com

Copyright c WindowSecurity.com 2012. All rights reserved.

No comments: