|
[networknewsletters]
||
[Date Prev]
[04-2007 Date Index]
[Date Next]
||
[Thread Prev]
[04-2007 Thread Index]
[Thread Next]
[ECP] IN FOCUS: Symantec's New Internet Security Threat Report
- From: Educational CyberPlayGround <admin@xxxxxxxxxxxxxxx>
- To: NetworkNewsletters@xxxxxxxxxxxxx
- Date: Tue, 03 Apr 2007 04:00:00 -0400
¤º°`°º¤ø,¸¸,ø¤º°`°º¤ø,¸¸,ø¤º°`°º¤ø,¸¸,ø¤º°`°º¤ø,¸¸,ø¤º°`°º¤,¸¸,ø¤º
Please link to the Educational CyberPlayGround
http://www.edu-cyberpg.com
Add your K12 SCHOOL OR SCHOOL DISTRICT URL
http://www.edu-cyberpg.com/schools/
Please Share and Add Your Song
http://www.edu-cyberpg.com/ncfr/
Educational CyberPlayGround Network Newsletters Mailing List ©1994
¤º°`°º¤ø,¸¸,ø¤º°`°º¤ø,¸¸,ø¤º°`°º¤ø,¸¸,ø¤º°`°º¤ø,¸¸,ø¤º°`°º¤,¸¸,ø¤º
=== CONTENTS ===================================================
IN FOCUS: Symantec's New Internet Security Threat Report
NEWS AND FEATURES
- New Firefox Versions Released to Fix FTP Vulnerability
- War Driving Goes Commercial
- Microsoft Admits to Xbox Support Slip-Ups
- Recent Security Vulnerabilities
GIVE AND TAKE
- Security Matters Blog: David LeBlanc Starts Blogging
- FAQ: Accessing Drives After Renaming Servers
- From the Forum: Vista's Security Features
- From the Forum: Vote for Your Favorite Host IPS
- Tell Us About the Products You Love!
- Share Your Security Tips
PRODUCTS
- Detect System Object and Registry Changes
RESOURCES AND EVENTS
FEATURED WHITE PAPER
ANNOUNCEMENTS
=== IN FOCUS: Symantec's New Internet Security Threat Report ===
by Mark Joseph Edwards, News Editor, mark at ntsecurity / net
Security vendors often release reports based on their perspective of
current and future Internet-related security threats. The reports are
useful in learning what the vendor sees, which in turn can lead you to
your own widened perspective on potential problems.
Symantec recently released "Internet Security Threat Report, Trends for
July-December 2006." While the report is based on historical data, it
does lend some insight into the future.
According to the report, the latest trend for intruders is to use
medium-risk vulnerabilities as launch points to conduct future attacks.
Symantec said that intruders are more frequently using combined
vulnerabilities and that financial gain is often the motive.
The company said it bases its findings on a network of more than 40,000
sensors in more than 180 countries, more than 2 million decoy email
accounts, and information collected from its BugTraq mailing list.
Some interesting highlights from the report include the discovery that
of all the attacks that affected Web browsers, approximately 77 percent
were aimed at Microsoft Internet Explorer (IE). Ninety-three percent of
all attacks were aimed at home users.
Another interesting data point is that Symantec tracked over 5,200
Denial of Service (DoS) attacks per day. That's a lot! Interestingly
enough, the company said that figure dropped from last year when it
tracked more than 6,100 DoS attacks per day.
The company also documented more than 2,500 vulnerabilities; 66 percent
of them were related to Web applications, and 79 percent were "easily
exploitable."
Another interesting set of points are patch turnaround times for OSs.
Symantec measured five vendors: Microsoft, Sun Microsystems, Apple, HP,
and Red Hat. Of those five companies, Symantec found that Microsoft had
the fastest average turnaround time overall, Red Hat was second, HP was
third, Apple was fourth, and Sun was fifth.
The number of vulnerabilities measured for each vendor varied as did
the response time, when comparing the second half of 2006 with the
first half. For example, HP's average response time in the first half
of 2006 was 53 days for the seven vulnerabilities the company
disclosed. In the second half of 2006, HP's number of disclosed
vulnerabilities increased to 98 and the company's average response time
increased to 101 days.
Even though we'll most likely see fewer vulnerabilities in Vista than
we do in previous Windows platforms, I expect Microsoft's average
vulnerability response time will remain steady since it uses a monthly
patch release schedule.
Vista will no doubt affect the future reports of most any Windows-based
security vendor--Symantec certainly included. The report predicts that
third-party software developers could become the source of a
significant percentage of attacks against the OS.
That's just the tip of the iceberg of the information in Symantec's
104-page report. Other information includes trends regarding specific
types of attacks, what future trends might be, and a lot of detail
about some of the topics I covered briefly here. If you're interested
in reading the entire report, you can get a copy in PDF format at the
URL below:
http://list.windowsitpro.com/t?ctl=4FC12:57B62BBB09A6927948DF73B48E1F7B69
=== SECURITY NEWS AND FEATURES =================================
New Firefox Versions Released to Fix FTP Vulnerability
Mozilla Foundation released Firefox 2.0.0.3 and 1.5.0.11 to fix a
vulnerability in the FTP protocol that could allow an intruder to
perform a basic port scan of a user's internal network.
http://list.windowsitpro.com/t?ctl=4FC20:57B62BBB09A6927948DF73B48E1F7B69
War Driving Goes Commercial
Skyhook Wireless operates trucks that locate wireless APs in more
than 2,500 cities. The company can then locate people through their
connections to an AP and provide them various location-related
services.
http://list.windowsitpro.com/t?ctl=4FC21:57B62BBB09A6927948DF73B48E1F7B69
Microsoft Admits to Xbox Support Slip-Ups
While Microsoft was originally quick to dismiss recent rumors of a
security problem with its Xbox Live online service, the company now
says that though the service is technically sound, it appears that
staffers at Xbox support have been giving up users' personal
information to callers without properly verifying their identities.
Thus, some malicious users have indeed been able to subvert Xbox Live
accounts by using old-fashioned social engineering schemes.
http://list.windowsitpro.com/t?ctl=4FC25:57B62BBB09A6927948DF73B48E1F7B69
Recent Security Vulnerabilities
If you subscribe to this newsletter, you also receive Security
Alerts, which inform you about recently discovered security
vulnerabilities. You can also find information about these
discoveries at
http://list.windowsitpro.com/t?ctl=4FC1B:57B62BBB09A6927948DF73B48E1F7B69
=== GIVE AND TAKE ==============================================
SECURITY MATTERS BLOG: David LeBlanc Starts Blogging
by Mark Joseph Edwards,
http://list.windowsitpro.com/t?ctl=4FC2A:57B62BBB09A6927948DF73B48E1F7B69
David LeBlanc--one of the first programmers at Internet Security
Systems (ISS) and now a security expert at Microsoft--is now blogging
on MSDN.
http://list.windowsitpro.com/t?ctl=4FC23:57B62BBB09A6927948DF73B48E1F7B69
FAQ: Accessing Drives After Renaming Servers
by John Savill,
http://list.windowsitpro.com/t?ctl=4FC27:57B62BBB09A6927948DF73B48E1F7B69
Q: I've renamed servers using a special script but am now having
problems accessing disks via the Microsoft Management Console (MMC)
Disk Management snap-in. What's the problem?
Find the answer at
http://list.windowsitpro.com/t?ctl=4FC22:57B62BBB09A6927948DF73B48E1F7B69
FROM THE FORUM: Vista's Security Features
It seems like companies aren't in a rush to migrate to Windows
Vista. But what about all the new security features Vista offers?
Aren't they a draw to the new OS version? Which new security features
make you want to move right away, and which aren't so compelling?
http://list.windowsitpro.com/t?ctl=4FC14:57B62BBB09A6927948DF73B48E1F7B69
FROM THE FORUM: Vote for Your Favorite Host IPS
Help us pick the most popular products to win Windows IT Pro's 2007
Community Choice awards. Choose the best host-based IPS and tell us why
it gets your vote. You could win a $100 Amazon.com gift card. Join the
discussion at
http://list.windowsitpro.com/t?ctl=4FC13:57B62BBB09A6927948DF73B48E1F7B69
=== PRODUCTS ===================================================
by Renee Munshi, products@xxxxxxxxxxxxxxxx
Detect System Object and Registry Changes
Imperva announced the ADC Change Management Module for its
SecureSphere appliances. The module performs an initial assessment and
subsequently detects objects that are added to, changed on, or removed
from the system. It also detects changes in the registry and monitors
for files necessary for system operation. The ADC Change Management
Module complements SecureSphere's existing abilities, which are to
automate the complex processes required to produce compliance reports,
perform change control audits, and maintain secure database
configurations. The ADC Change Management Module is available
immediately for free for SecureSphere customers that subscribe to the
ADC security update service. For more information, go to
http://list.windowsitpro.com/t?ctl=4FC2F:57B62BBB09A6927948DF73B48E1F7B69
=== RESOURCES AND EVENTS =======================================
For more security-related resources, visit
http://list.windowsitpro.com/t?ctl=4FC26:57B62BBB09A6927948DF73B48E1F7B69
Deploy Exchange Server 2007 Without a Hitch!
This one-day technical training event teaches you how to preempt
pitfalls and avoid corrupting your infrastructure. Learn how to
effectively install, manage, and secure Exchange Server 2007 in a 64-
bit environment. You'll also get a peek into the integration of
Outlook, SharePoint Server 2007, and Exchange Server 2007. Register
today!
http://list.windowsitpro.com/t?ctl=4FC1A:57B62BBB09A6927948DF73B48E1F7B69
Windows + UNIX/Linux = You Need TechX World!
If you work in an environment that includes Windows plus UNIX or
Linux, TechX World is the place to go for practical strategies and
resources to add to your toolkit. This one-day technical training event
will teach you how to make the most of open-source tools on Windows and
how to manage and sync multiple directories. Register today!
http://list.windowsitpro.com/t?ctl=4FC24:57B62BBB09A6927948DF73B48E1F7B69
Get Ready for the Windows Server Longhorn Roadshow!
Seize control of your Windows infrastructure with Microsoft's
biggest server release since Windows 2003. Get a live, under-the-hood
look at Longhorn virtualization, deployment, Web services, and
breakthroughs in core reliability. This one-day event is filled with
demonstrations and in-depth discussions designed for IT pros who want a
deep understanding of Windows Server Longhorn.
http://list.windowsitpro.com/t?ctl=4FC1E:57B62BBB09A6927948DF73B48E1F7B69
=== FEATURED WHITE PAPER =======================================
Devote your time, energy, and resources to serving your customers, not
your servers. Want to focus on high-value activities instead of
applying OS patches and updates, dealing with security vulnerabilities,
and managing disk drives? Download this free white paper now and find
out how you can have a business-class Web hosting solution with secure
application pooling to protect your data.
http://list.windowsitpro.com/t?ctl=4FC19:57B62BBB09A6927948DF73B48E1F7B69
<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>
Educational CyberPlayGround Network Newsletters Mailing List
Subscribe - Unsubscribe - Set Preferences
http://www.edu-cyberpg.com/Community/NetworkNewsletters.html
Copyright statements to be included when reproducing
annotations from the
Educational CyberPlayGround Network Newsletter
The single phrase below is the copyright notice to be used when
reproducing any portion of this report, in any format:
EDUCATIONAL CYBERPLAYGROUND
http://www.edu-cyberpg.com
Network Newsletters copyright
Email Prefrences - Subscribe - Unsubscribe - Digest
http://www.edu-cyberpg.com/Community/NetworkNewsletters.html
Advertise Network Newsletters Guidelines
http://www.edu-cyberpg.com/Community/Subguidelines.html
<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>
|
|
