2008

End of Netscape Browser — last modified 2008-01-02 07:31

Netscape has decided to end development of it's browser. On Netscape’s blog they suggest you download Mozilla’s Firefox and use the Netscape theme going forward if you want current updates with a similar user interface to the original Netscape design.

Facebook's "Secret Crush" malicious widget tricks users — last modified 2008-01-04 04:44

A "widget" application used on the Facebook social network site promises to tell you who has a secret crush on you, but instead tries to trick you into downloading spyware.

MS-ISAC BotNet WebCast (PowerPoint Presentation) — last modified 2008-01-04 14:38

Powerpoint presentation by Andre M. DiMino, Shadowserver Foundation, on December 19, 2007.

Securing Your Laptop-Cyber Security Tips Newsletter January '08 — last modified 2008-01-11 04:19

Laptops are increasing in popularity for both business and personal use. The portability of laptops makes them extremely convenient. However, we must also be aware of the security risks from the loss or theft of laptops, and take proper precautions. The potential loss is twofold; the loss of the laptop itself and any personal, private or sensitive information that it may contain.

Hacked MySpace page serves up fake Windows update — last modified 2008-01-14 04:23

There's now one more reason to be security-conscious while using MySpace.com: fake Microsoft updates.

MySpace Agrees to Youth Protections — last modified 2008-01-14 10:13

The social networking web site MySpace and the attorneys general for 49 states announced Monday that they had reached an agreement under which MySpace would make a number of changes aimed at protecting teenagers and children using its site from sexual predators.

OUCH! January 2008 — last modified 2008-01-17 06:40

New Year resolutions; Tax refund phishing scam; Facebook Deleting Inactive Users Hoax; Photobucket MySpace Comment Virus Warning; MySpace, Excite, and Blick have been caught serving banner ads that attempt to install malware on machines running unpatched software, and more...

Laptop Security in the Workplace: How to Protect Your Mobile Assets — last modified 2008-01-28 08:27

In 2008, one of every two computers in the world will be a laptop. The risk of exposing customers and employees to identity theft is also becoming a common public concern; 37 states now have data breach laws in place, forcing companies to be more proactive about the security of personal data.

New Year’s Resolutions for Your Computer — last modified 2008-02-01 10:31

Forget the usual resolutions about eating better, exercising more, or saving money. How about resolving to make your computer more secure? Just a few simple steps can make a huge difference, and the benefits add up fast.

OUCH! February 2008 — last modified 2008-02-06 10:20

Secret Crush Adware on Facebook; Silentbanker intercepts your account info; a worm that disables Windows update; thieves portray IRS agents; eBay special offer: Buy a Car and get nothing...and more!

Securing a Wireless Network-Cyber Security Tips Newsletter February '08 — last modified 2008-02-08 04:15

Wireless networks are not as secure as the traditional “wired” networks, but you can minimize the risk on your wireless network (at home or at work) by following the tips.

How Sticky Is Membership on Facebook? Just Try Breaking Free — last modified 2008-02-12 09:44

While the Web site offers users the option to deactivate their accounts, Facebook servers keep copies of the information in those accounts indefinitely. Indeed, many users who have contacted Facebook to request that their accounts be deleted have not succeeded in erasing their records from the network.

Trend Micro: First Line of Defense — last modified 2008-02-15 10:55

Spam giving you a problem...find out why. Spammers have made considerable investments in creating and maintaining spam delivery mechanisms that maximize the amount of spam sent.

Study: Consumers Don't Use Anti-Phishing Defenses — last modified 2008-02-29 08:28

Much-ballyhooed 'green bar' is lost on most end consumers. More information on the 'green browser bar' which identifies legitimate links to prevent phishing.

Trend Micro-First Line of Defense-February — last modified 2008-02-29 10:13

Identity Theft—The Scary Truth About Data Leaks

Attention E-Filers — last modified 2008-03-03 05:47

Look Out for Online Tax Scams, Phishing, and Identity Thieves

Social Networking: The New Face of Recruiting — last modified 2008-03-06 10:29

A Q&A on new methods for reaching prospective students.

Annual Spring Computer Maintenance-Cyber Security Tips Newsletter-March 2008 — last modified 2008-03-07 06:41

Perform Annual Maintenance in Conjunction With Daylight Savings Time Change In addition to your routine security and maintenance processes, you should perform an annual PC “tune up” or maintenance to be sure that your computer is operating efficiently, that appropriate software updates and settings have been applied and to minimize the risk of losing your data. Performing your annual check up with the switch to Daylight Savings Time is a great way to develop an annual schedule. One important step to take before performing maintenance is to back up all your data, in case anything goes wrong during your maintenance.

OUCH! March 2008 — last modified 2008-03-07 06:46

Identity theft quiz; Trojan targets PDA's and handheld computers running Windows CE - disables Windows Mobile application installation; Malicious email disguised as a Microsoft Windows update advisory; Pay Up or I'll Kill You Scam...and more!

Microsoft Security Updates — last modified 2008-03-13 05:22

Recognize and avoid fraudulent e-mail to Microsoft customers:

Even seemingly reliable e-mail vulnerable to hackers — last modified 2008-03-19 04:48

You can no longer trust Office or QuickTime files that arrive in e-mail, even from organizations and people you deal with regularly.

The ultimate identity theft: house stealing — last modified 2008-03-26 05:16

Not quite worried enough that identity thieves might empty your bank account or ruin your credit rating with a shopping spree in your name? The FBI says those concerns are small spuds compared to what might happen when crooks parlay identity theft and mortgage fraud into "a totally new kind of crime: house stealing."

IRS warns of new online tax scams; protect yourself — last modified 2008-03-31 10:25

Scam artists exploiting tax season have devised a range of new online cons: fake tax documents that contain malicious surprises; mass distribution of keyloggers aimed at snatching the identity of PC-based tax filers; and e-mail messages containing links to Web sites that promise new tax code information but instead push malware onto your PC.

OUCH! April — last modified 2008-04-03 11:31

Antivirus is necessary but it can't do the whole job;Groups sympathetic to anti-Chinese protesters in Tibet are under assault by cyber attackers who are embedding malware in email that appears to come from trusted colleagues;An unpatched bug in RealPlayer leaves the media player open to drive-by-download attacks;The same tried-and-true social engineering tactics traditionally wielded against Windows users to frighten people into buying bogus security software are now being used to target Mac users...and more!

Spammers, crammers, fraudsters and Identity Stealers: The FTC's Top 2008 Cases — last modified 2008-04-09 12:06

This week the FTC issued a report saying it was working to prevent Internet fraud by using its new powers under the U.S. SAFE WEB Act to coordinate and cooperate more closely with foreign consumer protection officials. The report states that the FTC will work to protect the privacy and security of consumer information in this new information environment by aggressively enforcing its special statutes related to privacy as well as Section 5 of the FTC Act, by encouraging the development and implementation of self-regulatory standards related to new technologies that raise privacy and security concerns.

Microsoft Security Newsletter, April 2008 — last modified 2008-04-10 05:39

Security news, guidance, updates, tools and community resources for users directly from Microsoft.

Trend Micro Newsletter April 2008 — last modified 2008-04-11 05:49

Check it out for free tools, and articles like "Personal Information You Should-and-Shouldn't Give Away", "5 Ways to Protect Your Personal Information on Public Computers", and "IRS Tax Season Scams"

Social Engineering-Are You At Risk: Cyber Tips Newsletter, April 2008 — last modified 2008-04-22 07:42

Most users are familiar with email phishing scams (a form of social engineering) and have been taught not to open attachments from unknown or untrusted sources or to visit untrusted web sites. There are other ways that a perpetrator may prey on the trusting human nature to gain access to information or systems.

Trend Micro Newsletter April 25, 2008 — last modified 2008-04-25 07:43

Threat Landscape; Best Practices; Threats in Depth

Benefits and Risks of Free Email Services — last modified 2008-04-30 14:25

Although free email services are convenient for sending personal correspondence, you should not use them to send messages containing sensitive information.

OUCH! May, 2008 — last modified 2008-05-02 10:06

Eight Surefire Ways to Become an Identity Theft Victim; Microsoft and Apple updates; latest scams and malware

Trend Micro Newsletter, May 2008 — last modified 2008-05-09 08:16

Phishing, Spear Phishing and Whaling--"Phishing" is a term used to describe the act of tricking people into providing confidential information and is most commonly associated with Internet fraud whereby cyber criminals attempt to steal valuable information such as credit card numbers, Social Security numbers, user IDs, and passwords. Phishers target many groups, mostly for criminal purposes. Learn about different types of phishing, such as spear phishing and whaling, and why phishing is growing more dangerous and more prevalent.

Phishers Scamming IRS Rebates — last modified 2008-05-13 06:21

Scammers want your IRS refund checks and have devised at least one phishing scheme to get it, according to the FBI. The e-mail, which purports to be from the IRS advises recipients that the best way to get their economic stimulus rebate money is by direct deposit. It then directs them to a Web site that asks them to enter bank account information and other personal data. This is not the only news-related scam going around. Follow the link for more information.

Encryption-Cyber Tips Newsletter, May 2008 — last modified 2008-05-15 06:20

With major data breaches being reported all too frequently, organizations are now placing increased emphasis on security of personal, private and sensitive information. One method of increasing security is through data encryption. Encryption is the process of scrambling a message or data so that no one but the sender and the intended recipient can read it. Militaries, businesses, and governments all over the world use it in a variety of ways.

Your Data & the P2P Peril — last modified 2008-05-16 04:38

How P2P leaks happen and what you can do to prevent them..It's the improper or careless use of P2P that should worry IT departments. What can go wrong? Users sometimes mistakenly file a spreadsheet in the same folder they store music files or check the wrong box when configuring the P2P client and, voilà!, their corporate documents are out there for everyone to see.

Go Phish: Watch Out for These 10 Scams — last modified 2008-05-16 04:42

Storm, bank phishes, and others getting more sophisticated

Report: Losses due to Internet crime rose in '07 — last modified 2008-05-20 05:44

Worried about online auction fraud? If you're a man you should be, according to the latest Internet Crime Complaint Center report (in PDF). On average, men lost more money to online fraud than women in 2007. Men also perpetrated most of the online crime, accounting for 75 percent of the total reports last year. And while the overall number of complaints declined when compared with previous years, the total dollar value in losses rose to a record high of $239 million in losses in 2007. That's $40 million more than in 2006.

Consumers Report $239 Million Lost To Cyber Fraud In '07 — last modified 2008-05-20 05:46

U.S. consumers reported losing more than $239 million from online fraud last year, up from $198 million in 2006, according to data released today by the FBI.

Fake Presidential Campaign Video Spreads Malware — last modified 2008-05-20 05:49

Spammers are taking advantage of public awareness about the U.S. presidential race to trick people into installing malicious software. A recent blast of spam purports to contain links to a video of Sen. Hillary Clinton (D-N.Y.) on the campaign trail, links that in fact lead to software that tries to turn the viewer's PC into a spam-spewing zombie.

Old PCs Pose Hidden Threat — last modified 2008-05-23 06:45

Users love the feeling of getting a brand new PC plunked down on their desktop or slipped into their briefcase. For IT organizations, though, that event is becoming a source of anxiety. What should they do about disposing of the computer that's being replace...both ecological and proprietary issues?

Thieves troll for execs with new Tax Court phish scam — last modified 2008-05-27 07:40

Security researchers and the U.S. government Friday warned of on-going targeted phishing attacks posing as overdue tax notices from federal courts.

How to buy the right laptop PC for your needs — last modified 2008-05-29 05:09

What's a clueless PC buyer to do? Computer makers try to make it easier for non-geeks to choose what's best. Consider using a shopping checklist and a help guide for getting the right fit.

Gartner Forecasts the Next Big Threats — last modified 2008-05-30 05:15

According to Gartner the next big threats relate to social engineering, "Look for more attacks on social networks like the one where hackers infected Alicia Keys’s MySpace account and served up malware to its visitors -- Trojans posing as video codecs that redirected user searches to malicious sites, for instance. Those types of attacks are going to multiply,” Pescatore says. "Socially acceptable social networking at work will also open the door for what Gartner calls desktop utility app attacks, or widget/gadget attacks. These are the applets that MySpace and Facebook let users create and share with their friends, everything from a widget to a virtual cocktail, for instance, all of which would be infected or used maliciously -- exploiting the trust of the social network in order to spread." "The goal is to get users to unwittingly carry that malware back to their enterprises and provide an opening to the attacker there, for example, according to Pescatore."

10 Reasons Why Your Laptop is at Risk — last modified 2008-05-30 07:21

You’ve heard the stories about a stolen or lost laptop putting the personal data of hundreds or even thousands of people at risk. You know that mobile systems are a breeding ground for worms and viruses. You know you should take precautions so that bad luck or carelessness doesn’t put the identity of others in the wrong hands—and your company’s good name in the mud. But where to start? Here are 10 reasons why laptops are at risk, and 10 ways to close the gaps.

OUCH! June 2008 — last modified 2008-06-04 05:31

SPAM celebrates its 30th birthday (yay??) Don't buy anything from a spammer; Don't click on any links in spam; and Don't be an unintentional spammer. Apple warns of phony iPods, Phishers target Apple iTunes Users...and more on malware, scams and hoaxes.

Phishers Target Your Tax Dollars — last modified 2008-06-05 09:33

A new phishing scam is targeting debit-card accounts used to deliver government benefits payments in 15 states. E-mails, phone text messages and so-called vishing voice-mail messages ask recipients to confirm or update EPPICard account data, directing them to a phony Web site. Once the scammers have gathered the account information, they can drain money from the benefits account. EPPICard is a magnetic-stripe debit card branded by MasterCard or Visa to access benefits accounts. The cards are used by Florida, Georgia, Illinois, Indiana, Mississippi, Nevada, New Jersey, New York, North Carolina, Ohio, Oklahoma, Pennsylvania, Texas, Utah and Virginia. Each state uses the card to deliver the types of benefits payments it chooses. When a payment has been credited to the account, the holder uses the debit card for purchases and the payment is deducted from the account. Holders also can get cash back from a purchase and withdraw cash at banks and automated teller machines.

Monthly Security Tips: What is a Data Breach — last modified 2008-06-17 10:00

Organizations (the university) and individuals have the responsibility of protecting the information in their care and proper safekeeping of this data is vital. Failure to do so can result not only in a breach, but also result in damage to reputation, significant fines or loss of revenue, and other negative consequences.

Trend Micro Trend Setter Newsletter-June 2008 — last modified 2008-06-17 10:08

What students should know about social networking as they set off to college; Online safety tips...for Dad!; British banking puts credit card fraud victims on the hook for losses...is the US next?

10 Reasons Why Your Laptop is at Risk — last modified 2008-06-30 07:14

You’ve heard the stories about a stolen or lost laptop putting the personal data of hundreds or even thousands of people at risk. You know that mobile systems are a breeding ground for worms and viruses. You know you should take precautions so that bad luck or carelessness doesn’t put the identity of others in the wrong hands—and your company’s good name in the mud. But where to start? Here are 10 reasons why your company’s laptops are at risk, and 10 ways to close the gaps from eWeek.com.

Risk assessment frameworks easy to employ — last modified 2008-07-07 10:07

The concept of a risk assessment framework, let alone a risk assessment itself, might seem beyond the requirements of a (university department) midmarket company. But the concept of evaluating risk is at the heart of IT security for (departments) companies of any size. And any (university department) midmarket organization interested in protecting its information assets -- which today is every (department) company -- needs to have some sort of risk assessment, even if it's just a bare-bones framework molded and distilled down for a small staff.

How to Manage Mobility's Top challenges — last modified 2008-07-08 06:47

There have been big gains from increased employee mobility, but they also create challenges. Read about the most proven ways IT organizations have used to overcome the challenges of employee mobility.

Verizon's Data Breach Report: a closer look at breach sources — last modified 2008-07-08 11:19

Part 3 with links to Parts 1 and 2: Breach Size and Source. This is an elaboration on the implications of specific points from the report (with a link to the report).

Web Browser Attacks-Monthly Security Tips Newsletter, July 2008 — last modified 2008-07-09 11:37

Traditionally, browser-based attacks originated from “bad” websites but due to poor security coding of web applications or vulnerabilities in the software supporting web sites, attackers have recently been successful in compromising large numbers of trusted web sites to deliver malicious payloads to unsuspecting visitors. Hackers add scripts that do not change the website's appearance but redirect you to another site to cause malicious programs to be downloaded. Learn more...

Trend Micro's First Line of Defense - July — last modified 2008-07-15 12:30

All about Social Engineering: Manipulation, How to Combat, and the Social Engineering Calendar

Trend Micro's Trendsetter-Surf Safely While You're On The Road — last modified 2008-07-22 07:47

If using a public computer, make sure you don't allow the web browser you're using to store your passwords. If you're traveling with your own computer, you should have two major concerns: finding legitimate wireless hotspots run by reputable providers, and protecting your computer from physical theft.

OUCH! August, 2008 — last modified 2008-08-08 11:09

Password pitfalls, Russian dating scam, Fake $5 Target coupons, Facebook leaks members birthdays...and much more.

Trend Micro's First Line of Defense, August 2008 — last modified 2008-08-08 11:22

Malicious URLS:Clicking on that URL in your email, IM, or chat could be your ticket to malware. Prevent the trouble that malicious URLs can bring...read for more info.

Cyber Security Tips Newsletter, August 2008-Firewalls, what are they, and why should I use one? — last modified 2008-08-08 11:37

 

The Disturbing Case of Spyware (and how to stop it from happening to you) — last modified 2008-08-13 05:13

Remember the teacher who allegedly showed her students pornography claiming she could not control the images...here's the story. Protect yourself!

Criminals have now gone 'vishing' — last modified 2008-08-26 09:22

Vishing leverages voice over Internet protocol (VoIP). The Internet-based phone service makes it easy to spoof telephone numbers. Criminals can make a different name and phone number appear on caller IDs.

Mozilla Firefox browser gets security boost — last modified 2008-08-26 09:25

Carnegie-Mellon University Monday announced it's making available a free add-on to Mozilla Firefox 3.0 that's intended to boost browser security.

For Those Who Think They're Password Protected — last modified 2008-08-27 08:11

If you think that Facebook or email password of yours is safe in the hands of your friends, families, significant others, hermit crabs, etc. -- a recent poll suggests you may be naive.

The Seven Deadliest Social Networking Hacks — last modified 2008-08-28 05:14

Think you know who your real online friends are? You could be just a few hops away from a cybercriminal in today's social networks.