Tech Alert Briefing for 4/6/2007
April 6, 2007
Update covering March 30 - April 5, 2007
Welcome to Tech Talk! In this week's edition of Tech Talk, BOL Guru Jeff Patterson alerts us to security risks posed by multitasking employees.
Jeff Patterson,
BOL GURUYou'll also learn about:
Get the details below.
FREE Webcast: Trends in Commercial Credit Risk Management
Join Harland Financial Solutions for a free Webcast on Trends in Commercial Credit Risk Management. Learn about the relationship between risk and profitability, and how the proposed Basel risk-based capital rules will affect institutions of all sizes. Click here to register! Call 800-815-5592 or email moreinfo@harlandfs.com for details.
Webcast:
A Hacker's View of Your Network: Lessons Learned from Penetration Tests
Join SecureWorks for an inside view as we look at real world scenarios, tactics, and tools used by professional hackers.We'll also look at if, when, and how often you should use a test in order to make sure you're getting the most value from penetration testing.
Register today or torequest more info, email info@secureworks.com
Are Your Multitaskers a Security Risk?
A new study reported in CSOOnline shows that tech-savvy junior sales reps between the ages of 26 and 35 pose the greatest security risk to an organization.They multitask using email, instant messaging, VoIP and the Internet without recognizing the security implications.Do you know what the young loan officers in your institution are doing?
Jargon Watch: HotfixIn a Microsoft Windows context, hotfixes are small patches designed to address specific issues, most commonly freshly discovered security holes. They are small files typically automatically installed on the computer with Windows Update (although some may only be obtained via Microsoft Support) and could contain a hot patch eliminating the need for a reboot.
Unscheduled Microsoft Patch is Tweaked
Microsoft released an out-of-cycle patch for the animated cursor flaw announced last week.The update, MS07-017, fixes the flaw that is now being exploited on over 100 malicious websites, as reported by CSOOnline.Several reports on issues with the patch surfaced the next day.Microsoft has already issued a hotfix for one of the reported issues.
April's Patch Tuesday Offerings
Microsoft's advance notification for this month's coming Patch Tuesday describe patches for four Windows bugs and one flaw in the Content Management Server.At least one of the Windows bugs is rated critical.
97 Security Gaps Listed by US-CERT
The US-CERT Vulnerability Summary for the Week of March 26, 2007 lists forty-eight High, eighteen Medium and thirty-one Low severity vulnerabilities.Vulnerabilities were announced in AOL, Apache Web Server, HP Jet Direct, Lotus Domino, Microsoft's Windows XP and Vista, Windows Server 2003,and Windows 2000, Mozilla's Firefox, OpenOffice, Opera, Sendmail, Sony's PSP and PlayStation 3, Sun's Java System Directory Server, and the Linux kernel.
Wireless Network Security Zapped
Wireless security took another hit when a new attack against the Wired Equivalent Privacy (WEP) security protocol was demonstrated that allowed the encryption algorithm to be cracked in less than three seconds from packets that can be collected in less than a minute.Read the paper and take the appropriate steps to protect your wireless network.
What? No More Keg Parties in the Break Room?
What do copper wire, catalytic converters, and aluminum kegs have in common?According to CNET, all are being stolen at an increased rate due to the increase in the prices of copper, platinum and aluminum.What measures does your institution have in place to protect your vehicles and the wiring in your buildings?
Bogus IE7 Upgrades Offered
New emails offering an upgrade to Microsoft's Internet Explorer 7 are making the rounds.Instead of downloading a valid update for IE, however, the email installs a Trojan which infects other files and modifies the registry in an attempt to spread.Read the full story on InformationWeek.
Are M-Payments in Your Future?
Will you soon be paying for your dinner out by using your mobile phone instead of your debit card?That's one of the next-generation financial services that will be offered in the increasing competition to attract and maintain customers, according to the World Banking Report.Silicon.com has additional information from the report.
Subscribe to Tech Talk and BOL Tech Advisories.
CD ROM Training & Information Security Supplies
CD ROM Training
CD ROM Training
CD ROM TrainingPolicies/Job Descriptions & Related Sites
Information Technology Specialist
Information Systems Security PolicyArchived Technology and eBanking You have access to previous Tech Talk pages and Tech Alerts on BankersOnline's Technology & eBanking page.
print
share