Information Security News mailing list archives
Windows & .NET Magazine Security UPDATE--Online Fraud--January 14, 2004
From: InfoSec News <isn () c4i org>
Date: Thu, 15 Jan 2004 05:27:03 -0600 (CST)
==================== ==== This Issue Sponsored By ==== Exchange & Outlook Administrator http://list.winnetmag.com/cgi-bin3/DM/y/ed8D0CJgSH0CBw0BEf10Am ==================== 1. In Focus: Defending Against Online Fraud 2. Announcements - InfoSec World Conference and Expo/2004, Orlando, FL, March 22-24, 2004 - The Windows & .NET Magazine Network VIP Web Site/Super CD Has It All! 3. Security News and Features - Recent Security Vulnerabilities - News: New Trojan Horse Claims to Be Microsoft Patch - Feature: Windows XP SP2 Beta In-Depth - Feature: Plug the Mobile Worm Hole 4. Instant Poll - Results of Previous Poll: System Security in 2004 - New Instant Poll: Fraud Victim 5. Security Toolkit - Virus Center - FAQ: How Can I Quickly Lock the Console on Windows Server 2003 and Windows XP? - Featured Thread: Browser Highjackers and Other Security Issues 6. Event - New Web Seminar: Email Is a Service--Manage It Like One 7. New and Improved - Protect Your Network Perimeter - Guard Your Important Data - Tell Us About a Hot Product and Get a T-Shirt 8. Contact Us See this section for a list of ways to contact us. ==================== ==== Sponsor: Exchange & Outlook Administrator ==== Try a Sample Issue of Exchange & Outlook Administrator! If you haven't seen Exchange & Outlook Administrator, you're missing out on key information that will go a long way towards preventing serious messaging problems and down time. Request a sample issue today, and discover tools you won't find anywhere else to help you migrate, optimize, administer, and secure Exchange and Outlook. Order now! http://list.winnetmag.com/cgi-bin3/DM/y/ed8D0CJgSH0CBw0BEf10Am ==================== ==== 1. In Focus: Defending Against Online Fraud ==== by Mark Joseph Edwards, News Editor, mark () ntsecurity net Internet-based fraud--whether identity theft, false advertising, or some other ploy--is a growing problem. Some of the more frequently used scams involve a combination of email messages and spoofed Web sites in which the sender tries to trick the recipient into providing private information such as bank account or credit card information and related logon credentials. Two organizations, Netcraft and Brightmail, have recently launched security services aimed at helping to curb fraud. Netcraft, known for its popular Web server surveys, has launched a service designed to alert banks and other financial institutions to Internet-based fraud attempts. Netcraft scans some 46 million Web sites looking for the misuse of a financial institution's domain names, trademarks, and familiar phrases. Netcraft also monitors in other ways, including pattern matching of DNS scans and common names used in Secure Sockets Layer (SSL) certificates. Financial institutions that use the Netcraft antifraud service can be alerted to potentially malicious sites, ideally before these sites have a chance to fool anyone. http://news.netcraft.com/archives/2004/01/02/phishing_identity_theft_and_banking_fraud_detection.html Brightmail's Anti-Fraud service is designed to help financial institutions, governments, and other services guard against email fraud and brand spoofing. Brightmail maintains a "probe network"--a collection of more than 2 million email addresses that the company uses as decoys to help collect information about spam and, now, fraud. If the company detects a potential fraud attempt via email, it will alert the involved organization, which can then take action. http://brightmail.com/bmi-af.html Fraud situations can lead to embarrassment and hassles for companies whose identities are spoofed and for individuals who provide their personal information. So how can companies and individuals help prevent these situations? Companies that operate a significant e-commerce site can consider using the new antifraud services. Individuals can help by raising their own and others' awareness about online fraud. If you're interested in helping to prevent online financial fraud, be sure to visit Anti-Phishing.org, a new Web site at which you can join a working group focused on finding ways to curb online fraud, find links to similar organizations, read news stories and reports about the latest fraud attempts, and more. http://www.anti-phishing.com ==== 2. Announcements ==== (from Windows & .NET Magazine and its partners) InfoSec World Conference and Expo/2004, Orlando, FL, March 22-24, 2004 Get dynamic techniques, real-world strategies, and innovative solutions for mitigating risk, securing critical data, and strengthening the enterprise at InfoSec World 2004. Featuring 80+ sessions, the CISO Executive Summit, in-demand keynoters, a huge vendor expo, optional workshops, and more, InfoSec World will deliver everything you need to meet today's tough information security challenges! For details and to register, go to: http://list.winnetmag.com/cgi-bin3/DM/y/ed8D0CJgSH0CBw0BEnS0AU The Windows & .NET Magazine Network VIP Web Site/Super CD Has It All! With a VIP Web site/Super CD subscription, you'll get online access to all of our publications, a print subscription to Windows & .NET Magazine, and a subscription to our VIP Web site, a banner-free resource loaded with articles you can't find anywhere else. Click here to find out how you can get it all at 25 percent off! http://list.winnetmag.com/cgi-bin3/DM/y/ed8D0CJgSH0CBw0BEMw0AX ==================== ==== Sponsor: Virus Update from Panda Software ==== Are your traditional antivirus solutions really protecting your network? Panda Antivirus GateDefender is a dedicated hardware device installed at the Internet gateway to block viruses before they contaminate your network. It scans 7 different communication protocols, achieving optimum protection against external attacks. Panda Antivirus GateDefender 7100 (25-500 seats) & Panda Antivirus GateDefender 7200 (500 seats+) provide the highest scalability with native load balancing that transparently adapts to traffic volume. Visit "Panda's GateDefender Stands Guard!" at http://list.winnetmag.com/cgi-bin3/DM/y/ed8D0CJgSH0CBw0BEGa0A4 for more information. ==================== ==== 3. Security News and Features ==== Recent Security Vulnerabilities If you subscribe to this newsletter, you also receive Security Alerts, which inform you about recently discovered security vulnerabilities. You can also find information about these discoveries at http://www.winnetmag.com/departments/departmentid/752/752.html News: New Trojan Horse Claims to Be Microsoft Patch A new Trojan horse program claims to be a critical patch from Microsoft. When run, the Trojan horse attempts to download software from a remote site and, if successful, installs a back door into the user's computer. According to iDEFENSE, the Trojan horse was purposely coded to try to avoid detection by antivirus software. http://www.winnetmag.com/article/articleid/41424/41424.html Feature: Windows XP SP2 Beta In-Depth Windows XP Service Pack 2 (SP2) is almost entirely centered on what Microsoft calls "safety technologies," so although the release will contain a collection of bug fixes, it will also include a slew of new features. Paul Thurrott discusses the new features in the first XP SP2 beta. However, keep in mind that Microsoft said this beta isn't complete and that other features might be added in future betas. http://www.winnetmag.com/article/articleid/41364/41364.html Feature: Plug the Mobile Worm Hole The problems started the day Michael Otey returned from a recent trip. About an hour after he started working, he saw his router's WAN activity light turn solid white and stay that way. A little detective work revealed that he'd picked up a worm on his laptop from another system while working on a public wireless network. Find out how Mike tracked and eliminated the worm in this article on our Web site. http://www.winnetmag.com/article/articleid/41112/41112.html ==== 4. Instant Poll ==== Results of Previous Poll: System Security in 2004 The voting has closed in the Windows & .NET Magazine Network Security Web page nonscientific Instant Poll for the question, "Which of the following factors do you think will have the greatest impact on system security in 2004?" Here are the results from the 133 votes. - 28% Viruses and worms - 17% Junk email - 49% Patch management - 7% Managed security services (Deviations from 100 percent are due to rounding.) New Instant Poll: Fraud Victim The next Instant Poll question is, "Have you, your company, or someone you know been a victim of online fraud?" Go to the Security Web page and submit your vote for - Yes - No - Not sure http://www.winnetmag.com/windowssecurity ==== 5. Security Toolkit ==== Virus Center Panda Software and the Windows & .NET Magazine Network have teamed to bring you the Center for Virus Control. Visit the site often to remain informed about the latest threats to your system security. http://www.winnetmag.com/windowssecurity/panda FAQ: How Can I Quickly Lock the Console on Windows Server 2003 and Windows XP? by John Savill, http://www.winnetmag.com/windowsnt20002003faq A. A reader, Jeff Lambert, sent us this tip: If you need to step away from your workstation for a few minutes, you might want to lock it to prevent passersby from being able to access your data. To lock your XP workstation, press the Windows key (i.e., the key with the Windows logo) + L. This trick doesn't work on Windows 2000, but it works on Windows 2003. Featured Thread: Browser Highjackers and Other Security Issues (Three messages in this thread) A user writes that he recently had a computer that was infected with a Web browser hijacking tool and another computer infected with an unauthorized ad program. He wants to know whether a way exists to block this kind of occurrence at the router, firewall, or server levels. Lend a hand or read the responses: http://www.winnetmag.com/forums/messageview.cfm?catid=42&threadid=66170 ==== 6. Event ==== New Web Seminar: Email Is a Service--Manage It Like One True end-to-end management of the messaging infrastructure requires an integrated, service-oriented approach. This free Web seminar introduces service-driven management and best practices for managing and monitoring the key elements crucial to ensuring email health and performance, including Exchange Server, Active Directory, network, and storage. Sign up today! http://list.winnetmag.com/cgi-bin3/DM/y/ed8D0CJgSH0CBw0BElA0AA ==== 7. New and Improved ==== by Jason Bovberg, products () winnetmag com Protect Your Network Perimeter GFI Software released a freeware version of GFI DownloadSecurity for Internet Security and Acceleration (ISA) Server 6.0, which checks files downloaded from the Internet for Trojan horse programs, viruses, and other objectionable content. The freeware version uses the BitDefender antivirus engine to scan HTTP and FTP downloads at the network perimeter. GFI DownloadSecurity automatically updates its BitDefender definition files as new files become available. To download GFI DownloadSecurity for ISA Server 6.0, contact GFI on the Web. http://www.gfi.com/dsec Guard Your Important Data Everstrike Software announced Universal Shield 3.0, a security tool that lets you hide and password-protect files, folders, and drives. You can set data-access rights for local users and administrators, prevent the deletion of specific files, and encrypt data. The tool also lets you control program startup and uninstallation. Universal Shield 3.0 runs on Windows XP/2000/NT and costs $34.95 for a single-user license. For more information about Universal Shield 3.0, contact Everstrike Software at info () everstrike com or on the Web. http://www.everstrike.com Tell Us About a Hot Product and Get a T-Shirt! Have you used a product that changed your IT experience by saving you time or easing your daily burden? Tell us about the product, and we'll send you a Windows & .NET Magazine T-shirt if we write about the product in a future Windows & .NET Magazine What's Hot column. Send your product suggestions with information about how the product has helped you to whatshot () winnetmag com. =================== ==== Sponsored Links ==== VMware Inc. Are you an MCSE/MCP? Let VMware Workstation put $100 in your pocket. http://list.winnetmag.com/cgi-bin3/DM/y/ed8D0CJgSH0CBw0BElM0AM =================== ==== 8. Contact Us ==== About the newsletter -- letters () winnetmag com About technical questions -- http://www.winnetmag.com/forums About product news -- products () winnetmag com About your subscription -- securityupdate () winnetmag com About sponsoring Security UPDATE -- emedia_opps () winnetmag com This email newsletter is brought to you by Windows & .NET Magazine, the leading publication for IT professionals deploying Windows and related technologies. Subscribe today. http://www.winnetmag.com/sub.cfm?code=wswi201x1z View the Windows & .NET Magazine privacy policy at http://www.winnetmag.com/AboutUs/Index.cfm?action=privacy Windows & .NET Magazine, a division of Penton Media, Inc. 221 East 29th Street, Loveland, CO 80538 Attention: Customer Service Department Copyright 2004, Penton Media, Inc. All rights reserved. - ISN is currently hosted by Attrition.org To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY of the mail.
Current thread:
- Windows & .NET Magazine Security UPDATE--Online Fraud--January 14, 2004 InfoSec News (Jan 15)