Enclave Security "A Leader in Data Protection Services"

• Home
• Auditing
• Services
• Blogs
• Resources
• About Us

Subscribe to This Feed

Recent Posts

• Malware hosted on Google Code project site: Cyber Security Highlights September 3rd
• BadB now charged in RBS WorldPay ATM case: Cyber Security Highlights Sept 2, 2010
• HP holds Navy network Hostage for $3.3 billion: Cyber Security Highlights
• Nuclear plants prepare for cyber attacks: Cyber Security Highlights August 31, 2010
• iPad spam: Cyber Security Highlights August 27th

Categories

• 20 Critical Controls
• 44th Presidency Cybersecurity efforts
• Advanced Persistent Threat
• Assurance
• Audit
• Background Checks
• CISA
• Cyber Warfare
• Cybercrime
• Data Leakage Protection (DLP)
• DHS Infrastructure Reports
• Encryption
• Free Audit Checklists
• Health Information Technology
• Information Security Awareness
• Legal & Privacy
• Malware
• Medical Identity Theft
• Microsoft Windows
• Policy
• Progressive Reforms
• SANS Institute
• Secure Development Lifecycle (SDL)
• Sharpen the Saw
• Social Engineering
• Tools
• Training
• Web 2.0
• Writing Secure Code

Attend an Event

Enclave on Twitter

« IT Security Highlights from DHS Report 1-05-2010 | Main | Checklists a Day: Week in Review – January 4, 2010 »

IT Security Highlights from DHS 1-06-2010

By Kelli Tarala | January 6, 2010

Symantec Product Hits End-of-Decade Snafu
Symantec’s Endpoint Protection Manager server product is erroneously marking signature updates issued this year as out of date. Antivirus, antispyware and intrusion protection updates with a date after Dec. 31, 2009, at 11:59 p.m. are considered out of date by the software. The problem affects the Endpoint Protection v11.x and v12.x versions of the company’s small business edition of the product.

Full Story:
http://www.networkworld.com/news/2010/010510-symantec-product-hits-end-of-decade.html?hpg1=bn

SANS Internet Storm Center Diary Entry:
http://isc.sans.org/diary.html?storyid=7870

Symantec’s Official Status:
http://www.symantec.com/connect/forums/official-status-sepm-definitions-stay-31-12-2009-last-updated-04-jan-2010

Two Political Websites hacked by Cross-Site Scripting Vulnerabilities
Visitors to Spain’s EU presidency website saw am an image of comedy character Mr. Bean instead of the Spanish Prime Minister Jose Luis Rodriguez Zapatero. Trend Micro also flagged a compromise on the official website of President Ahmadinejad of Iran.

Full Story:
http://www.scmagazineuk.com/cross-site-scripting-vulnerabilities-see-two-political-websites-hacked/article/160597/

Kingston Admits to Security Flaw in ‘Secure’ Flash Drive
Kington said in a security notice that the models affected were “privacy” editions of the DataTraveler Secure, DataTraveler Elite and DataTraveler Blackbox. Kingston said the security flaw could allow a wrongdoer to hack into the memory sticks. Customers whose drives could be exploited by the security loophole should return the product, where Kingston said it would apply a factory update.

Full Story:
http://www.theregister.co.uk/2010/01/04/kingston_technology_flash_drive_flaw/

25 Million New Malware Strains in One Year
25 million new strains of malware were created in just one year, compared to a combined total of 15 million throughout the last 20 years. This is one of the findings of the latest malware report by PandaLabs. A large percentage of the increase is made up of banker Trojans, fake anti-virus programs called rogueware, and a resurgence of traditional viruses.

Full Story:
http://www.net-security.org/malware_news.php?id=1185

Complete Panda Report:
http://www.pandasecurity.com/img/enc/Annual_Report_PandaLabs_2009.pdf

To Read the Complete DHS Report:
www.enclavesecurity.com/blogs/cdr_010610.pdf

Topics: DHS Infrastructure Reports, Malware, Web 2.0 |

Comments are closed.