From Network World:
Free tools for Windows Server admins
Thursday, February 27, 2014
US Tax Season Phishing Scams and Malware Campaigns
From US-CERT:
In the past, US-CERT has received reports of an increased number of phishing scams and malware campaigns that seek to take advantage of the United States tax season. The Internal Revenue Service has issued an advisory on its website warning consumers about potential scams. Tax season phishing campaigns may include, but are not limited to:
To protect themselves against these types of phishing scams and malware campaigns, users and administrators are encouraged to take the following measures:
In the past, US-CERT has received reports of an increased number of phishing scams and malware campaigns that seek to take advantage of the United States tax season. The Internal Revenue Service has issued an advisory on its website warning consumers about potential scams. Tax season phishing campaigns may include, but are not limited to:
- Information that refers to a tax refund,
- Warnings about unreported or under-reported income,
- Offers to assist in filing for a refund, or
- Links to counterfeit e-file websites.
To protect themselves against these types of phishing scams and malware campaigns, users and administrators are encouraged to take the following measures:
- Do not follow links in unsolicited email messages.
- Keep antivirus software up to date.
- Refer to US-CERT's Security Tips on Recognizing and Avoiding Email Scams and Avoiding Social Engineering and Phishing Attacks for additional techniques and recommendations.
- Visit the IRS page for instructions on how to report suspected tax season phishing messages.
Linux security cheat sheet
I realize my blog is heavy on content for Microsoft Windows. The reason is Windows workstations and servers make up the lions share of systems used by SMB's. To help even things out here are two links for Linux security.
LinuxSecurity.com
Linux security quick reference guide
LinuxSecurity.com
Linux security quick reference guide
2014-02-17 Link of the Day: OnGuard Online
Todays link offers a wealth of info on cyber security for small business, educators and parents.
OnGuard Online
OnGuard Online
Wednesday, February 26, 2014
10 Cybersecurity Tips For Small Business
I just came across this when reviewing tweets sent by DHS's Cybersecurity team (@cyber) from the RSA Conference.
Ten Cybersecurity Tips For Small Business
These commonsense tips are always worth repeating. It never hurts to reiterate these basic tenants of cyber/information security with your staff and IT team members.
Ten Cybersecurity Tips For Small Business
These commonsense tips are always worth repeating. It never hurts to reiterate these basic tenants of cyber/information security with your staff and IT team members.
2014-02-26 Link of the Day: Microsoft EMET 5.0 Technical Preview
Yesterday Microsoft released the latest upgrade to its Enhanced Mitigation Experience Toolkit, EMET 5.0 Technical Preview. This FREE tool promises "to disrupt and block the attacks that we have detected and analyzed over the past several months." Technically this is a beta release & customer input will be used to address any issues before the final release.
You can learn more and download EMET 5.0 Technical Preview here.
You can learn more and download EMET 5.0 Technical Preview here.
Any/all products/services are provided for informational purposes only. The author does not endorse any single product.
Use these products/services at your own risk.
Monday, February 24, 2014
Apple releases security update for iOS & other products
Time to patch your iDevices by upgrading to iOS 7.0.6. This one deals with a vulnerability in SSL that could allow an attacker to view/capture, and possibly manipulate, data.
US-CERT Advisory
More info from SearchSecurity
US-CERT Advisory
More info from SearchSecurity
2014-02-24 Link of the Day: US Dept. of Homeland Security's Cybersecurity resources
Happy Monday! Today I am giving the link to the US Dept. of Homeland Security's Cybersecurity resources page. Lot's of good stuff here with links to many other useful resources.
Friday, February 21, 2014
2014-02-21 Link of the Day: Crystal Anti-Exploit Protection (CrystalAEP)
Today's product is Crystal Anti-Exploit Protection (CrystalAEP). It was brought to my attention by a friend and seems like an interesting concept in anti-malware applications. The application does not use signatures like traditional anti-malware software. From the vendors website:
"CrystalAEP is designed to provide frontline protection against Internet-borne threats such as viruses and malware. Unlike the typical anti-virus program, Crystal does not attempt to recognise threats based on signatures, and does not require constant updating to protect against the latest threats. Crystal works instead by manipulating at-risk software while it runs to help form an environment which is hostile to Internet worms, malware and other types of malicious code."
For the record, I have neither installed nor tested this product. Time providing I will install and test it over the next few weeks. Upon completion I will release my results.
"CrystalAEP is designed to provide frontline protection against Internet-borne threats such as viruses and malware. Unlike the typical anti-virus program, Crystal does not attempt to recognise threats based on signatures, and does not require constant updating to protect against the latest threats. Crystal works instead by manipulating at-risk software while it runs to help form an environment which is hostile to Internet worms, malware and other types of malicious code."
For the record, I have neither installed nor tested this product. Time providing I will install and test it over the next few weeks. Upon completion I will release my results.
Any/all products/services are provided for informational purposes only. The author does not endorse any single product.
Use these products/services at your own risk.
More on Microsoft Security Advisory 2934088
Here is a technical explanation of Security Advisory 2934088 from SecurityWeek. It explains how the vulnerability allows an attacker to use JavaScript to manipulate the use-after-free condition and Adobe Flash to bypass Data Execution Prevention (DEP) and Address Space Layout Randomization (ASLR).
Microsoft Releases Fix It Tool to Address IE 10 Attacks
From the article above, Microsoft's Security Response Center's Neil Sikka's explanation & remediation steps (includes a link to the FixIt tool).
Fix it tool available to block Internet Explorer attacks leveraging CVE-2014-0322
Microsoft Releases Fix It Tool to Address IE 10 Attacks
From the article above, Microsoft's Security Response Center's Neil Sikka's explanation & remediation steps (includes a link to the FixIt tool).
Fix it tool available to block Internet Explorer attacks leveraging CVE-2014-0322
Thursday, February 20, 2014
Cryptolocker Scambles U.S. Law Firm's Entire Cache of Legal Files
From CIO magazine, a classic example of why SMB's must take security seriously:
Cryptolocker Scambles U.S. Law Firm's Entire Cache of Legal Files
Cryptolocker Scambles U.S. Law Firm's Entire Cache of Legal Files
MS Releases Emergency Fixit Tool To Address Active IE 9 & 10 Exploit (Security Advisory 2934088)
Microsoft has just released a Fixit tool to remediate a security issue in IE 9 and 10. The exploit addressed in Security Advisory 2934088 is being actively exploited & allows for remote code execution on the vulnerable system.
Seriously consider applying this patch in an expedited manner. At the very least deploy it to desktop and other end user devices running the affected application and OS as soon as you can. These systems are usually used for web surfing and are the machines most likely to be compromised. Also make sure any/all malware protection programs deployed on your network have updates that can protect users from this attack until you have fully deployed the Fixit tool.
Seriously consider applying this patch in an expedited manner. At the very least deploy it to desktop and other end user devices running the affected application and OS as soon as you can. These systems are usually used for web surfing and are the machines most likely to be compromised. Also make sure any/all malware protection programs deployed on your network have updates that can protect users from this attack until you have fully deployed the Fixit tool.
2014-02-20 Link of the Day: Microsoft Attack Surface Analyzer
After an absence I am happy to be back blogging. Here is a FREE security tool from Microsoft called Attack Surface Analyzer.
Microsoft Attack Surface Analyzer is a freeware security program for Microsoft Windows Vista and above. The purpose of this tool is to provide insight into changes made to a system after a new application has been installed. This is especially useful for IT security professionals working with software developers and at organizations using custom applications. By analyzing changes to the systems overall attack surface any security issues introduced by the new application are identified for remediation.
For more information on how Attack Surface Analyzer can help your organization see this great article, "Improving Security Using Attack Surface Analyzer", by Solomon Lukie.
Microsoft Attack Surface Analyzer is a freeware security program for Microsoft Windows Vista and above. The purpose of this tool is to provide insight into changes made to a system after a new application has been installed. This is especially useful for IT security professionals working with software developers and at organizations using custom applications. By analyzing changes to the systems overall attack surface any security issues introduced by the new application are identified for remediation.
For more information on how Attack Surface Analyzer can help your organization see this great article, "Improving Security Using Attack Surface Analyzer", by Solomon Lukie.
Any/all products/services are provided for informational purposes only. The author does not endorse any single product.
Use these products/services at your own risk.
Subscribe to:
Posts (Atom)