The latest Microsoft Security Intelligence Report (Volume 11) has been released and contains some interesting information that Microsoft has collected from the execution of its Malicious Software Removal Tool (MSRT) and Internet Explorer SmartScreen® data. Several of the results confirm what those of us in the network security monitoring community already know: Java is the most often exploited application (page xvii), Adobe Acrobat exploits account for most malicious documents (page xviii), and Adware is the most common type of malware identified (page xx). Microsoft also stated that over a third of malware detected could spread via the AutoRun feature on removable media or on network shares. Updates exist that help make the AutoRun feature in XP and Vista more like the one in Windows 7, which is to say more secure. Deploy those updates.Read more
Interesting Insights from the Latest MSIR
October 12th, 2011 | Posted by in Malware | Microsoft | Monitoring | Security | Security Awareness & Training - (2 Comments)On New PCI Point-to-Point Encryption Solution Requirements
October 10th, 2011 | Posted by in Compliance | PCI - (0 Comments)In case you missed it, the PCI Security Standards Council (SSC) published the initial release of the much anticipated Point-to-Point Encryption Solution (P2PE) Requirements document last month. Many of you are probably asking, “Why do I care?” – a good question in a day and age with so much information and noise. If you’ll allow me, I’d like to answer two better questions! But first, to answer, this document is significant because it is at the heart of the fiery topic of PCI scope.Read more
Malware Hits U.S. AFB Where UAV Missions Are Flown
October 7th, 2011 | Posted by in Malware - (0 Comments)Apparently, a U.S. military installation where pilots command the U.S. military’s UAVs (Unmanned Aerial Vehicles), Creech AFB in Nevada, has been infected by a virus. The virus is apparently logging keystrokes but is not interfering with the pilots’ ability to continue performing the UAV missions. That’s the good news. The bad news is the base IT personnel have been unable to clean the computers without wiping the hard drives and starting from scratch.Read more
When the “R” in GRC Becomes ‘Risky Business’
October 3rd, 2011 | Posted by in Compliance | IT GRC - (0 Comments)The point of my catchy title is not to remind you of the popular 80’s Tom Cruise movie (though most of you are probably already hearing the opening piano riff from Bob Seger’s Old Time Rock & Roll racing through your mind). My intent is to explain the ‘Risky Business’ of waiting too long to begin a governance, risk and compliance program.Read more
For the past week, BEAST has been the talk of the InfoSec community. BEAST stands for “Browser Exploit Against SSL/TLS” and is a new way to execute an attack against CBC mode encryption algorithms. The attack has been theorized for quite some time (2006 seems to be about the time it became known), but until BEAST, an attacker had no practical way to execute the attack, and even with BEAST, the attack against CBC is still difficult to execute.Read more
Connect with True
