Subscribe to This Feed

Click Here to Subscribe

Recent Posts

Categories


« IT Security Highlights March 5 2010 | Main | IT Security Highlights March 9 2010 »

IT Security Highlights March 8 2010

By Kelli Tarala | March 8, 2010

Tool automates targeted attacks on social network users
A researcher released a free tool that impersonates a Twitter user’s account in order to execute automated targeted attacks on the person’s followers. A security researcher with Core Security Labs, says the group wrote the tool as a way to demonstrate and test for how social networks can be used for spear phishing. The initial version executes attacks on Twitter, but the researcher says it can be extended to work against Facebook and other social networks.

Full Story:
http://www.darkreading.com/insiderthreat/security/client/showArticle.jhtml?articleID=223101626

Glitch prompts VA to shut e-health data exchange with Department of Defense
The Veterans Affairs Department closed off access to the Defense Department’s electronic health record system on March 1 because it found errors in some patients’ medical data. The glitch did not cause harm to any patient, but “the potential exists for decisions regarding patient care to be made using incorrect or incomplete data,” said the director of the Veterans Health Administration’s Information Technology Patient Safety Office, in an alert issued on March 3.

Full Story:
http://www.nextgov.com/nextgov/ng_20100304_9977.php?oref=topstory

Campus urged to beware of new phishing scams
The Office of Campus Information Security (OCIS) is aware of two new phishing emails targeting University of Wisconsin’s NetID login service. If users click the link in the phishing email, they are directed to fake NetID login sites that are very realistic and well replicated. Users could easily be fooled by these phishing attempts.

Full Story:
http://www.news.wisc.edu/17764

Microsoft plans to patch 8 Windows, Office bugs next week.
Microsoft announced it will ship two security updates on March 9th to patch eight vulnerabilities in Windows and Office. In its monthly advance notification, Microsoft spelled out next week’s two updates, a far cry from February’s roll-out of 13 security bulletins that fixed 26 flaws. Both bulletins will be pegged as “important,” Microsoft’s second-highest severity rating in its four step scoring system.

Full Story:
http://www.news.wisc.edu/17764

Microsoft plans to patch 8 Windows, Office bugs next week.
Microsoft announced it will ship two security updates on March 9th to patch eight vulnerabilities in Windows and Office. In its monthly advance notification, Microsoft spelled out next week’s two updates, a far cry from February’s roll-out of 13 security bulletins that fixed 26 flaws. Both bulletins will be pegged as “important,” Microsoft’s second-highest severity rating in its four step scoring system.

Full Story:
http://www.networkworld.com/news/2010/030410-rsa-chinese-attacks.html?hpg1=bn

Researchers dissect ZeuS botnet blueprint
A little knowledge and a few thousand dollars is all it takes to build a fully functional botnet, according to security experts. Cisco researchers told delegates at the 2010 RSA conference that a botnet running the infamous ZeuS malware could be built for $2,500. ZeuS is primarily a data-gathering and botnet control tool. It is dangerous because it directly injects content into pages and intercepts credentials before they are sent to legitimate sites.

Full Story:
http://www.v3.co.uk/v3/news/2258969/rsa-2010-researchers-dissect

 

Read the Full DHS Infrastructure Report:
www.enclavesecurity.com/blogresources/cdr_030810.pdf

Topics: DHS Infrastructure Reports |

Comments are closed.

-->