[ISN] How Security Ripple Effects Affect You

From: InfoSec News (alerts@private)
Date: Thu Apr 05 2007 - 07:45:40 PDT

Forwarded with permission from: Security UPDATE <Security_UPDATE (at) list.windowsitpro.com>


Email Discovery and Compliance

Free White Paper: Address the Insider Threat 

Double-Take Software: Recovery Made Easy

=== CONTENTS ===================================================

IN FOCUS: How Security Ripple Effects Affect You 

   - Animated Cursors Being Used to Infiltrate Windows 
   - Kaspersky on Keyloggers
   - SANS Launches Security Certification for Programmers
   - Recent Security Vulnerabilities

   - Security Matters Blog: Linux on the Desktop
   - FAQ: Extracting Standalone Update Files
   - From the Forum: Are XP Guest Logons Hack Attempts? 
   - Tell Us About the Products You Love!
   - Share Your Security Tips
   - Microsoft Learning Paths for Security: Securing Your Messaging 

   - Free Internet Security Product for Home Use




=== SPONSOR: iLumin ============================================

Email Discovery and Compliance
   In this free white paper get the tools you need to effectively 
comply with messaging archiving statutes and regulations. You'll learn 
about the benefits of messaging archiving such as: indexing, storing 
and purging of these records according to corporate or other policies, 
automatic migrating of messaging system content to other storage media, 
and the ability to make the messaging system serve as a corporate 
knowledge store, allowing users to mine data for a variety of purposes 
and more. Download your copy now!

=== IN FOCUS: How Security Ripple Effects Affect You ===========
   by Mark Joseph Edwards, News Editor, mark at ntsecurity / net

Like so many things, network security is subject to ripple effects such 
that one action (or lack of action) can cause a significant change 
elsewhere. One case in point is software development. When developers 
write less-than-secure code, that impact is far reaching. For the 
enterprise, at a minimum, it typically means a lot more work for 
administrators. Of course, the impact can be much more severe and reach 
nearly every corner of the enterprise--information could leak, systems 
could be hijacked, the corporate image could suffer, and the list goes 

The obvious solution is to get programmers to write better code. A news 
story on our Web site, "SANS Launches Security Certification for 
Programmers" (you can link to it in the Security News and Features 
section below), discusses a new testing and certification program that 
could have a positive ripple effect. If you're a programmer, even as a 
hobby, be sure to read the story and click the links. You'll find some 
practice tests that might help you, and you'll find out how you can 
become certified. 

Another case in point is inadequate system security resulting in 
malware infestation and spam. When companies don't protect their 
systems adequately, those systems are bound to become infiltrated by 
malware. Most blackhats these days don't develop and spread malware 
just to idle or destroy a few companies' data or systems. Today's 
malware has a wider range of purposes, one of which is to make money by 
sending spam. So when your company slacks off on security and becomes 
infected with malware, that could very well result in an increase in 
spam for people all over the world. 

I read an interesting story last week at The Register (URL below) about 
systems inside the networks of very well-known companies sending spam. 
Obviously those companies aren't taking care of security as best they 
could. Among the guilty companies identified were HP, Oracle, and Best 

The Register's story is based on data collected by Support 
Intelligence, a security monitoring solution provider. Support 
Intelligence operates a number of spam traps and analyzes the headers 
of email messages received by those traps. That header data includes 
the IP addresses of the mail servers used to transmit the message, and 
those addresses can be used to identify the operator of the network 
that uses the addresses. 

Support Intelligence's blog says that the company is using its spam 
trap data to identify Fortune 1000 companies that have bots operating 
inside their networks. Support Intelligence goes on to say that it will 
continue publishing its findings "until corporate America is clean." 

If Fortune 1000 companies clean up their networks, everyone will most 
likely receive far less spam, and that's a good thing. However the same 
holds true for any other company, and it's a real shame that companies 
have to be publicly embarrassed by news outlets such as The Register 
and companies such as Support Intelligence before they'll do what they 
should already be doing. That holds especially true for companies such 
as Oracle and HP, both of which would like us to think of them as 
pinnacles of best practice and leaders in various areas of security. 

If you're interested in this particular spam monitoring trend, keep an 
eye on the Support Intelligence blog, at the URL below. 

=== SPONSOR: NetIQ =============================================

Free White Paper: Address the Insider Threat 
   Learn how to develop a comprehensive management system that 
virtually eliminates the risk of an insider threat. Co-authored by 
NetIQ and Dr. Eric Cole, this informative white paper identifies the 
key business processes that must be secured and ready to build a 
solution to contain the insider threat.

=== SECURITY NEWS AND FEATURES =================================

Animated Cursors Being Used to Infiltrate Windows
   Microsoft issued an advisory about exploits that take advantage of a 
flaw in the way animated cursor (.ani) files are handled in Windows. 
The company followed the advisory with a patch (a week ahead of the 
regularly scheduled monthly Microsoft patches) for the vulnerability.

Kaspersky on Keyloggers
   Kaspersky Lab released the first of a two-part report about 
keyloggers, which pose a considerable threat when they go undetected.

SANS Launches Security Certification for Programmers
  SANS Institute launched the Software Security Institute, a 
certification program designed to help assess software developers' 
ability to write secure code.

Recent Security Vulnerabilities
   If you subscribe to this newsletter, you also receive Security 
Alerts, which inform you about recently discovered security 
vulnerabilities. You can also find information about these 
discoveries at

=== SPONSOR: Double-Take Software ==============================

Double-Take Software: Recovery Made Easy
   Upcoming Webinar--The Big Picture in Disaster Recovery, with Double-
Take Software, VMware, and Silver Peak. Join this webinar to learn how 
to tie together virtualization, replication and WAN acceleration for 
better business continuity. April 25, 2007 at 11 a.m. Eastern Time--
Register Now!

=== GIVE AND TAKE ==============================================

SECURITY MATTERS BLOG: Linux on the Desktop
   by Mark Joseph Edwards, http://list.windowsitpro.com/t?ctl=50AC6:57B62BBB09A69279BA158A5266EA2E88

Dell said it will soon start offering Linux on desktop and notebook 
systems. My recent experience with Linux on Dell notebooks has been 

FAQ: Extracting Standalone Update Files
   by John Savill, http://list.windowsitpro.com/t?ctl=50AC4:57B62BBB09A69279BA158A5266EA2E88 

Q: How can I extract the files from a Windows Vista Microsoft Update 
Standalone Package (MSU)?

Find the answer at

FROM THE FORUM: Are XP Guest Logons Hack Attempts?
   A forum participant writes, "I'm no newbie to using event viewer, 
and typically it's an important tool for my daily assessment of what's 
going on with my [Windows] XP computer. I realize [that] occasionally 
XP will use the system account to log on and do routine maintenance. 
But have any of you ever seen XP cite instances of 'guest' logging in 
and out, especially when the 'guest' account is disabled?" Join the 
discussion at 

   What products are you using that save you time or make your workload 
a little lighter? What hot product discoveries have you made that other 
IT pros need to know about? Let the world know about your experiences 
in Windows IT Pro's monthly What's Hot department. If we publish your 
story in What's Hot, we'll send you a Best Buy gift card! Send 
information about your favorite product and how it has helped you to 

   Share your security-related tips, comments, or problems and 
solutions in Security Pro VIP's Reader to Reader column. Email your 
contributions to r2r@private If we print your submission, 
you'll get $100. We edit submissions for style, grammar, and length.

   These resources provide guidance on securing your messaging 
infrastructure, including best practices for message hygiene 
technologies and configuration strategies. You'll also get an in-depth 
look at the Microsoft Forefront line of business security products, 
which help protect application servers such as Microsoft Exchange 
Server 2007, Microsoft Office SharePoint Server 2007, and Microsoft 
Office Communications Server 2007.

=== PRODUCTS ===================================================
   by Renee Munshi, products@private

Free Internet Security Product for Home Use
   eEye Digital Security announced the release of its latest version of 
Blink Personal Internet Security with Anti-virus and is offering a free 
one-year subscription for personal or home office use in the United 
States and Canada. Blink Personal has multiple antivirus engines, 
detects and removes spyware and adware, guards against phishing and 
identity theft, has system and application firewalls, prevents 
intrusion and protects against remote attacks, detects missing patches 
for applications and OSs, and detects configuration settings that lower 
system security. eEye says the offer is for a limited time, for one 
installation per customer. To download Blink Personal, go to

=== RESOURCES AND EVENTS =======================================
   For more security-related resources, visit

Do you have visibility and control over your software licenses? Most 
organizations face serious challenges, including complex and confusing 
vendor licensing models, cost overruns, missed deadlines and business 
opportunities, and lost user productivity. Learn to address these 
challenges and prepare for audits. Register for this free on-demand Web 
seminar, available now! 

Having customers depend on your IT services in order to communicate, 
purchase, or manage orders is great for your business. But what happens 
when your applications or Web sites become unavailable? Download this 
free white paper and learn how to eliminate application downtime 
disruptions and ensure the continuity of your business. 

You know you need to manage your email data, but how do you do it? What 
steps do you need to take? What additional measures should you enact? 
What shouldn't you do? Get answers to these and other questions and get 
control of your vital messaging data. Download this free eBook today! 

Are all your malware definitions completely up-to-date? If they are, 
then you're halfway home to total malware protection. Windows Vista 
might be the most secure Microsoft OS ever released, but malware is 
constantly evolving, and sometimes out-of-the-box security just isn't 
enough. In this exclusive podcast, Windows IT Pro Editorial and 
Strategy Director Karen Forster interviews Microsoft Product Manager 
Josue Fontanez about Forefront Client Security, Microsoft's unified 
malware protection package. 

=== FEATURED WHITE PAPER =======================================

How do compliance regulations really affect your IT infrastructure? You 
need to design your retention, retrieval, privacy, and security 
policies to ensure that your organization is compliant. Download this 
free eBook today and  make certain that your organization complies with 

=== ANNOUNCEMENTS ==============================================

Introducing a Unique Security Resource 
   Security Pro VIP is an online information center that delivers new 
articles every week on topics such as perimeter security, 
authentication, and system patches. Subscribers also receive tips, 
cautionary advice, direct access to our editors, and a host of other 
benefits! Order now at an exclusive charter rate and save up to $50! 

Grab Your Share of the Spotlight!  
   Nominate yourself or a peer to become IT Pro of the Month. This is 
your chance to get the recognition you deserve! Winners will receive 
over $600 in IT resources and be featured in Windows IT Pro. It's easy 
to enter--we're accepting May nominations now, but only for a limited 
time! Submit your nomination today: 


Security UDPATE is brought to you by the Windows IT Pro Web site's 
Security page (first URL below) and Security Pro VIP (second URL 

Subscribe to Security UPDATE at

Be sure to add Security_UPDATE@private 
to your antispam software's list of allowed senders.

To contact us: 
   About Security UPDATE content -- letters@private
   About technical questions -- http://list.windowsitpro.com/t?ctl=50ACA:57B62BBB09A69279BA158A5266EA2E88
   About your product news -- products@private
   About your subscription -- windowsitproupdate@private
   About sponsoring Security UPDATE -- salesopps@private

View the Windows IT Pro privacy policy at

Windows IT Pro, a division of Penton Media, Inc.
221 East 29th Street, Loveland, CO 80538
Attention: Customer Service Department

Copyright 2007, Penton Media, Inc. All rights reserved.

Subscribe to InfoSec News

This archive was generated by hypermail 2.1.3 : Thu Apr 05 2007 - 07:57:11 PDT