Forwarded with permission from: Security UPDATE <Security_UPDATE (at) list.windowsitpro.com> PLEASE VISIT OUR SPONSORS, WHO BRING YOU SECURITY UPDATE FOR FREE: Webinar: Deploying Macs in the Enterprise http://list.windowsitpro.com/t?ctl=67877:57B62BBB09A692797BC09A3103E4B9B1 Hosted Security: A solution for small and medium-sized businesses http://list.windowsitpro.com/t?ctl=67866:57B62BBB09A692797BC09A3103E4B9B1 Protecting Mobile Users' Data http://list.windowsitpro.com/t?ctl=67868:57B62BBB09A692797BC09A3103E4B9B1 === CONTENTS =================================================== IN FOCUS: New Threat Trends Reported NEWS AND FEATURES - BigFix Launches Tightly Integrated Endpoint Security - Barracuda Networks Gobbles Up NetContinuum - BT Counterpane Offers Two New Managed Service Options - Recent Security Vulnerabilities GIVE AND TAKE - Security Matters Blog: CastleCops Endures a New Kind of Attack - FAQ: Delegate GPO Editing Permissions - From the Forum: Limiting Log-on Access to One User - Share Your Security Tips PRODUCTS - Web Service Lets You Call to Authenticate - Product Evaluations from the Real World RESOURCES AND EVENTS FEATURED WHITE PAPER ANNOUNCEMENTS === SPONSOR: Centrify ========================================== Webinar: Deploying Macs in the Enterprise Join Centrify and a special guest from Apple at 10 a.m. Pacific on Tuesday, October 9 for this informative presentation. You'll learn how to lower the barriers to Mac adoption in the enterprise by seamlessly integrating Mac OS X systems with Microsoft Active Directory's authentication, access control and Group Policy services. This free event features top industry experts who will explain what IT managers need to know in order to deploy Macs securely, and manage them efficiently within an Active Directory environment. A live Q&A session will take place after the main program. http://list.windowsitpro.com/t?ctl=67877:57B62BBB09A692797BC09A3103E4B9B1 === IN FOCUS: New Threat Trends Reported ======================= by Mark Joseph Edwards, News Editor, mark at ntsecurity / net As always, the trends in security administration are shifting, and companies should monitor those trends to keep up to speed on where they might need to pay special attention. Recently, three new security trend reports were released, and you should consider adding these to your more immediate reading list. The first report is from Symantec, which released the Internet Security Threat Report Volume XII. The report (issued quarterly, at the first URL below) highlights the fact that, as we've seen, intruders are now more profit oriented than they were previously. That trend probably isn't going to diminish any time soon. Also as we've seen, intruders are turning to more sophisticated ways of breaching security, and those ways now include prepackaged intrusion kits such as MPack that can be purchased at "underground" sites on the Internet. You can learn more about MPack by reading the articles listed at the second URL below. http://list.windowsitpro.com/t?ctl=6787D:57B62BBB09A692797BC09A3103E4B9B1 http://list.windowsitpro.com/t?ctl=67864:57B62BBB09A692797BC09A3103E4B9B1 Trends also include intruders infiltrating trusted or high-profile sites; a large percentage of those sites' users can then become infected with Trojan horses and other malware. There is of course a lot more to the report, so get yourself a copy and read it carefully. The second report comes from IBM Internet Security Systems (ISS). Cyber Attacks on the Rise: IBM X-Force 2007 Midyear Report reveals a couple of interesting trends. Malicious exploit developers have turned to providing "exploits as a service," as IBM refers to the trend, and leased exploits. These new pricing models lower the barrier to entry because individuals no longer have to buy an expensive exploit outright. Another trend pointed out by both Symantec and IBM is the use of "downloaders," which when installed on a victim's computer, download and install other code, basically letting an intruder take a wide range of other actions. Symantec said that according to its data so far this year, "28 of the top 50 malicious code samples were staged downloaders." IBM says that downloaders were the most prevalent type of malware throughout 2006 and that so far in 2007, Trojans are the most prevalent, but the year isn't over yet. Another interesting bit of data from IBM's report is that the "percentage of vulnerabilities that can be exploited remotely has grown in the first half of 2007 to 90 percent versus 88 percent in 2006." Wow. You can get a copy of IBM's report at its ISS Web site at the URL below. http://list.windowsitpro.com/t?ctl=67879:57B62BBB09A692797BC09A3103E4B9B1 Both Symantec and IBM point out that obfuscation is increasingly used in conjunction with Web-based attacks. That makes it slightly more difficult for researchers to get at the code behind an attack and puts a larger burden on companies whose products try to filter out such attacks. This leads indirectly to the third report, which is from Finjan. Finjan's Web Security Trends Report (Q3 2007) points to canned Web applet code as a growing source of risk. Such code, typically referred to as Web widgets, is developed to perform a range of actions that usually insert content into a Web page. For example, there are widgets to pull in weather data and RSS feeds, provide a live chat box, and display schedules and reminders. Finjan's report says, "To give an idea of the number of widgets and gadgets available there are 3720 available on Google.com, 3197 on Apple.com and 3959 on Facebook.com, many of these applications are already being used by millions of people." There are of course many places to obtain widgets, and Windows Vista even supports the use of widgets on the desktop. A problem with such widgets is that a third party could develop and widely distribute a seemingly harmless widget that actually has malicious intent. Furthermore, an honest third party could develop a widget that contains coding errors that could lead to attacks on innocent users. So be sure to get a copy of Finjan's report at the URL below and consider the risk posed to your network environment. http://list.windowsitpro.com/t?ctl=6787C:57B62BBB09A692797BC09A3103E4B9B1 === SPONSOR: St. Bernard Software ============================== Hosted Security: A solution for small and medium-sized businesses Is effective security out of reach for your small or medium-sized business? Imagine having a team of IT experts who only focus on security as part of your staff. Download this white paper today and find out how you can eliminate your company's security risks. http://list.windowsitpro.com/t?ctl=67866:57B62BBB09A692797BC09A3103E4B9B1 === SECURITY NEWS AND FEATURES ================================= BigFix Launches Tightly Integrated Endpoint Security BigFix's new Endpoint Defender suite includes antivirus, antispyware, firewall, patch management, vulnerability assessment, and asset discovery features all targeted at midrange businesses. http://list.windowsitpro.com/t?ctl=67874:57B62BBB09A692797BC09A3103E4B9B1 Barracuda Networks Gobbles Up NetContinuum Barracuda Networks completed its acquisition of Web application firewall maker NetContinuum and is banking on Payment Card Industry (PCI) compliance requirements to help drive sales. http://list.windowsitpro.com/t?ctl=67872:57B62BBB09A692797BC09A3103E4B9B1 BT Counterpane Offers Two New Managed Service Options Managed security service provider BT Counterpane announced two new service offerings, both of which are powered by Qualys vulnerability scanning technology. http://list.windowsitpro.com/t?ctl=67873:57B62BBB09A692797BC09A3103E4B9B1 Recent Security Vulnerabilities If you subscribe to this newsletter, you also receive Security Alerts, which inform you about recently discovered security vulnerabilities. You can also find information about these discoveries at http://list.windowsitpro.com/t?ctl=6786C:57B62BBB09A692797BC09A3103E4B9B1 === SPONSOR: Atempo ============================================ Protecting Mobile Users' Data Traditional business backup solutions don't usually take into consideration the special case of the mobile or casually connected user and this makes it all too easy for these users to get lost in the shuffle of the daily support responsibilities of most IT departments. This Web seminar will provide you with ideas, suggestions, and solutions to the problems inherent in protecting and backing up the data used and generated by the mobile business user. http://list.windowsitpro.com/t?ctl=67868:57B62BBB09A692797BC09A3103E4B9B1 === GIVE AND TAKE ============================================== SECURITY MATTERS BLOG: CastleCops Endures a New Kind of Attack by Mark Joseph Edwards, http://list.windowsitpro.com/t?ctl=6787B:57B62BBB09A692797BC09A3103E4B9B1 Previously I wrote about how CastleCops and other security sites fell under Distributed Denial of Service (DDoS) attack. When these attacks were thwarted, the perpetrators turned to a more insidious type of attack. Learn more about this new attack, and get a long list of cool tools at http://list.windowsitpro.com/t?ctl=6786A:57B62BBB09A692797BC09A3103E4B9B1 FAQ: Delegate GPO Editing Permissions by John Savill, http://list.windowsitpro.com/t?ctl=67876:57B62BBB09A692797BC09A3103E4B9B1 Q: How do I delegate permissions for someone to edit a GPO? Find the answer at http://list.windowsitpro.com/t?ctl=67871:57B62BBB09A692797BC09A3103E4B9B1 FROM THE FORUM: Limiting Log-on Access to One User A forum participant writes that his office has a standard Windows domain environment with one machine that runs some shipping label software and that uses a general "community" logon. Recently, a few employees mistakenly logged onto this machine with their personal domain username, and it messed up the program running on that box. How can the participant lock down which domain users can log on to a specific computer. Join the discussion at http://list.windowsitpro.com/t?ctl=67865:57B62BBB09A692797BC09A3103E4B9B1 SHARE YOUR SECURITY TIPS AND GET $100 Share your security-related tips, comments, or problems and solutions in Security Pro VIP's Reader to Reader column. Email your contributions to r2r@private If we print your submission, you'll get $100. We edit submissions for style, grammar, and length. === PRODUCTS =================================================== by Renee Munshi, products@private Web Service Lets You Call to Authenticate Positive Networks announced the release of PhoneFactor, a Web-based two-factor authentication service that turns a user's phone into an authentication device, replacing smart cards or tokens. The user can make a free call from anywhere in the United States to authenticate to VPN appliances, Citrix, or Microsoft Outlook Web Access (OWA). A Web SDK lets companies implement PhoneFactor with other Web or custom applications. The basic PhoneFactor service is free, but Positive Networks sells add-on features such as multiserver support, directory integration, international authentication, reporting and auditing, and support and product maintenance packages. For more information, go to http://list.windowsitpro.com/t?ctl=6787F:57B62BBB09A692797BC09A3103E4B9B1 PRODUCT EVALUATIONS FROM THE REAL WORLD Share your product experience with your peers. Have you discovered a great product that saves you time and money? Do you use something you wouldn't wish on anyone? Tell the world! If we publish your opinion, we'll send you a Best Buy gift card! Send information about a product you use and whether it helps or hinders you to whatshot@private === RESOURCES AND EVENTS ======================================= For more security-related resources, visit http://list.windowsitpro.com/t?ctl=67875:57B62BBB09A692797BC09A3103E4B9B1 Gain insight into business intelligence and Microsoft application platform optimization (APO) solutions in this full-day business intelligence virtual conference on October 4, 2007. http://list.windowsitpro.com/t?ctl=6786B:57B62BBB09A692797BC09A3103E4B9B1 Get the facts about Microsoft Unified Communications and Exchange Server 2007 at one of six day-long workshops starting in mid-October. Don't miss out on your chance to attend in one of the following cities: Portland, Oregon; San Diego; Denver; Philadelphia; Atlanta; or Chicago. Visit our Web site for dates and details. http://list.windowsitpro.com/t?ctl=67878:57B62BBB09A692797BC09A3103E4B9B1 In this Web seminar, David Chernicoff provides ideas, suggestions, and solutions to the problems associated with protecting and backing up the data used and generated by mobile and casually connected users. http://list.windowsitpro.com/t?ctl=67867:57B62BBB09A692797BC09A3103E4B9B1 === FEATURED WHITE PAPER ======================================= Learn how to protect and recover business-critical data and applications when recoverability matters. This white paper focuses on new ways to maintain Exchange uptime by using data protection, failover, and application availability. http://list.windowsitpro.com/t?ctl=67869:57B62BBB09A692797BC09A3103E4B9B1 === ANNOUNCEMENTS ============================================== Windows IT Pro: Buy 1, Get 1 With Windows IT Pro's real-life solutions, news, tips and tricks, and access to over 10,000 articles online, subscribing is like hiring your very own team of Windows consultants. Subscribe now, and get 2 years for the price of 1! http://list.windowsitpro.com/t?ctl=6786D:57B62BBB09A692797BC09A3103E4B9B1 Save 50% Off Scripting Pro VIP Scripting Pro VIP is the IT administrator's source for scripting information, tools, and downloadable code. Subscribers also get access to our editors to help answer technical questions, as well as a host of other unique benefits. Order now at an exclusive charter rate and save $50! http://list.windowsitpro.com/t?ctl=6786E:57B62BBB09A692797BC09A3103E4B9B1 ================================================================ Security UDPATE is brought to you by the Windows IT Pro Web site's Security page (first URL below) and Security Pro VIP (second URL below). http://list.windowsitpro.com/t?ctl=6787A:57B62BBB09A692797BC09A3103E4B9B1 http://list.windowsitpro.com/t?ctl=67880:57B62BBB09A692797BC09A3103E4B9B1 Subscribe to Security UPDATE at http://list.windowsitpro.com/t?ctl=67870:57B62BBB09A692797BC09A3103E4B9B1 Be sure to add Security_UPDATE@private to your antispam software's list of allowed senders. To contact us: About Security UPDATE content -- letters@private About technical questions -- http://list.windowsitpro.com/t?ctl=6787E:57B62BBB09A692797BC09A3103E4B9B1 About your product news -- products@private About your subscription -- windowsitproupdate@private About sponsoring Security UPDATE -- salesopps@private View the Windows IT Pro privacy policy at http://list.windowsitpro.com/t?ctl=6786F:57B62BBB09A692797BC09A3103E4B9B1 Windows IT Pro, a division of Penton Media, Inc. 221 East 29th Street, Loveland, CO 80538 Attention: Customer Service Department Copyright 2007, Penton Media, Inc. All rights reserved. __________________________________________________________________ CSI 2007 is the only conference that delivers a business-focused overview of enterprise security. It will convene 1,500+ delegates, 80 exhibitors and features 100+ sessions/seminars providing a roadmap for integrating policies and procedures with new tools and techniques. Register now for savings on conference fees and/or free exhibits admission. - www.csiannual.com
This archive was generated by hypermail 2.1.3 : Wed Sep 26 2007 - 23:17:42 PDT