Tech Alert Briefing for 7/27/2007
July 27, 2007
Update covering July 20 - July 26, 2007
Welcome to Tech Talk! In this week's edition of Tech Talk, BOL Guru Jeff Patterson writes about an expansion of the StormWorm virus attack.
Jeff Patterson,
BOL GURUYou'll also learn about:
Get the details below.
Beware of Phishing and Pharming
According to the Anti-Phishing Working Group, phishing attacks reached an all-time high last year. Designed specifically to educate and assist financial institutions, Harland Financial Solutions? Phishing Response Kit provides a detailed checklist and directives to help institutions respond in the event of a phishing scam. Download the complete kit here.
Bank Technology Conference
The Bank Technology Conference at the Foreword Financial Expo will address critical bank technology issues including anti-phishing, cybersecurity, image exchange, VoIP implementation, disaster recovery and more. The event features an Expo Floor with nearly 150 financial services companies. For more information visit Foreword Financial Expo.
Register here for conference discounts or a FREE Exhibits Pass.
StormWorm Attack Worsens
InformationWeek reports that the authors of the StormWorm virus are waging the largest multi-pronged attack seen in the last two years.Unlike many virus attacks, the StormWorm virus is not embedded in the spam email.Instead, the email has a link to a compromised web server that attempts to infect the connecting computer.The primary intent is to add zombie computers to the botnet the virus authors have started.
Who's Reading your iPhone Info?
Security researchers have discovered a flaw in Apple's iPhone which could allow an attacker to read the iPhone's SMS log, call history, address book and voice-mail information.Find out more at CSOOnline.
Duke Recants iPhone Gripe
Duke University reported that the issues with its wireless network reported last week and attributed to the iPhone were actually the result of flaw in its Cisco wireless access points.A fix has been applied and the wireless network is now functioning without any of the reported issues.Computer World has additional details.
New BOL Scams Index
BankersOnline is launching a weekly series of polls, giving bankers the chance to weigh in on topics and issues of importance. To kick off the series, we?ve introduced the BankersOnline Scams Index. We?ll share the results of the poll with all the BOL users, and we?d love to have your input. The poll, located on the BOL home page, will update with each vote throughout the week. Thanks for participating!
Taking Aim at Pointers
Dangling pointers, software flaws treated by most companies as quality issues, have been raised to the point of buffer overflow vulnerabilities by new research.The poor programming that leads to dangling pointers could be compromised and used to execute malicious code.Dangling pointers haven't been considered security flaws and patches don't exist for several known vulnerabilities.Read SecurityFocus and find out why software companies will have to change the way they handle reports of this type of software flaw.
New Disaster Recovery Index
IBM has developed the Resiliency Maturity Index (RMI), a framework for measuring an organization's ability to cope with and recover from a disaster.The framework is generic enough to allow a firm to measure its ability to recover from natural disasters, software glitches, terrorist attacks and power outages.The RMI will also help an organization understand where it can best spend its money for business continuity purposes.CSOOnline has more information.
129 Make US-CERT Security Gap List
The US-CERT Vulnerability Summary for the Week of July 16, 2007,lists sixty-nine High, fifty-one Medium and nine Low severity vulnerabilities. Weaknesses were listed in multiple Oracle products; Apple QuickTime and OS X; Cisco Unified Communications Manager; IBM Proventia Network IPS; Microsoft Internet Explorer; Mozilla Firefox; MySQL; Opera; Red Hat Linux; and Symantec Anti-Virus.
A Genuine iPhone Giveaway
Get details of BOL Learning Connect's iPhone Giveaway. The web is buzzing with guesses on how many iPhones have been sold. AT&T has one number, Apple another, and many websites are guessing on what the real number may be. But we already have one, and it could be yours!
P.S. from the BOL Team:Have you downloaded the free financial institution phishing attack response kit from Harland Financial Solutions yet?It's excellent!See the link above.
Subscribe to Tech Talk and BOL Tech Advisories.
CD ROM Training & Information Security Supplies
CD ROM Training
CD ROM Training
CD ROM TrainingPolicies/Job Descriptions & Video Training
Video Training:
Safeguarding Customer Information
Policy:
Information Systems Security
Policy:
Electronic Mail (Email)Archived Articles on Technology and eBankingYou have access to archived Tech Talk pages and Tech Alerts on BankersOnline's Technology & eBanking page.
Plus, you'll find the latest technology and eBanking articles and guru Q&As there, too.You'll find many more related articles in our InfoVault.