Tech Alert Briefing for 7/20/2007
July 20, 2007
Update covering July 13 - July 19, 2007
Welcome to Tech Talk! In this week's edition of Tech Talk, BOL Guru Jeff Patterson writes about malware that could encrypt files on your computer and hold them for ransom.
Jeff Patterson,
BOL GURUYou'll also learn about:
Get the details below.
Beware of Phishing and Pharming
According to the Anti-Phishing Working Group, phishing attacks reached an all-time high last year. Designed specifically to educate and assist financial institutions, Harland Financial Solutions? Phishing Response Kit provides a detailed checklist and directives to help institutions respond in the event of a phishing scam. Download the complete kit here.
Your Files may be Held Hostage
Security Fix has a warning about new malware and an extortion scheme that encrypts your files and then demands that you send money to the cyber criminals in order to get a key to release them.This new play on an old scam has hit more than a thousand people, including many who work for some well known companies.
Nine Months to Patch the .NET
A .NET vulnerability that could allow an attacker to upload a malicious file to an IIS web server and take it over was announced last week.But the vulnerability was discovered over nine months ago. It was finally patched in this month's Patch Tuesday.Read the full story in CSOOnline.
Three Ways to Better Manage Bits and Bytes
SANS has three new security papers that should be read by all information technology professionals:
- Information Security Policy ? A Development Guide for Large and Small Companies;
- How to Avoid Information Disclosure when Managing Windows with WMI; and
- Creating and Managing an Incident Response Team for a Large Company.
New "ATM 21" Scans Checks, Providing Immediate Credit
The latest ATM's are designed to scan deposited checks and cash providing customers with receipts which verify the deposited amount.With the new ATMs, checks can be processed immediately and the funds made available to the customer right away.InformationWeek has additional information.
FBI Warns of Phib Phish
The FBI's Internet Crime Complaint Center is warning about fraudulent emails that appear to come from the FBI and the U. S. Military.The emails are variations of long running scams which attempt to convince the recipient of their authenticity and to extort money from them.CSOOnline has additional information.
New BOL Scams Index
BankersOnline is launching a weekly series of polls, giving bankers the chance to weigh in on topics and issues of importance. To kick off the series, we?ve introduced the BankersOnline Scams Index. We?ll share the results of the poll with all the BOL users, and we?d love to have your input. The poll, located on the BOL home page, will update with each vote throughout the week. Thanks for participating!
iPhone, iConnect, iJam
Is your wireless network ready for the iPhone?Many wireless networks won't be able to handle the traffic as the iPhone continually seeks to connect to the internet through available wireless networks.InformationWeek reports that Duke University's wireless network has had at least nine instances when their network became jammed with traffic and was unavailable.
Oracle Flaws Fixed
Oracle released patches to correct forty-five critical bugs with this quarter's update.Thirteen of the addressed vulnerabilities could allow for remote code execution and seventeen fix flaws in the Oracle Database Server.Additional information is available from InformationWeek.
FirefoxFixes Flaws with IE and More
Mozilla released patches to fix eight vulnerabilities in Firefox this week including two critical and one which many experts claim is actually a Microsoft issue.The update to Firefox includes the patch that addresses an issue in how Microsoft's Internet Explorer passes links to other applications. (Also, see "The Blame Game" in last week's Tech Talk.) Read more in NetworkWorld.
150 Vulnerabilities Listed
The US-CERT Vulnerability Summary for the Week of July 9, 2007 lists sixty-nine High, sixty-seven Medium and fourteen Low severity vulnerabilities. Vulnerabilities were announced in multiple Microsoft and SAP products; 3Com TippingPoint IPS; Adobe Flash Player; Apple Safari; HP OpenVMS; IBM AIX; McAfee Protection Pilot and e-Business Server; Mozilla Firefox; Sun Java Application Server, JRE and Solaris; Symantec Veritas Backup Exec; and the Linux kernel.
A Genuine iPhone Giveaway
Get details of BOL Learning Connect's iPhone Giveaway. If someone is going to help jam a network, it might as well be you.
P.S. from the BOL Team:Have you downloaded the free financial institution phishing attack response kit from Harland Financial Solutions yet?It's excellent!See the link above.
Subscribe to Tech Talk and BOL Tech Advisories.
CD ROM Training & Information Security Supplies
CD ROM Training
CD ROM Training
CD ROM TrainingPolicies/Job Descriptions & Video Training
Video Training:
Safeguarding Customer Information
Policy:
Information Systems Security
Policy:
Electronic Mail (Email)Archived Articles on Technology and eBankingYou have access to archived Tech Talk pages and Tech Alerts on BankersOnline's Technology & eBanking page.
Plus, you'll find the latest technology and eBanking articles and guru Q&As there, too.You'll find many more related articles in our InfoVault.
print
share