The American National Standards Institute has accredited the consortiums Systems Security Certified Practitioner certification because it meets the International Organization for Standardizations standard for certifying information security employees.
http://www.fcw.com/article91923-01-09-06-Web
Urs
http://www.uninformed.org/?v=3&a=7
A new keylogging trojan is racing around the world - It is a variant of the Keylog-sters trojan that appeared almost a year ago and has been classified as high risk by security company PC Tools. It captures screenshots of Web pages with login fields such as usernames and passwords, records the stolen data into a text file and uploads it to a private FTP server...
"This is a regular keylogging trojan, but we have not seen one as widespread as this," said a company spokeswoman. "So far there have only been a few hundred cases in Australia, but thousands in the US and UK and other countries." Top banks, mobile phone companies, and airlines are among those already affected in over 50 countries, including Australia. A large part of the problem with keylogging trojans is that desktop users receive no obvious indicators that they have been affected, leaving many unaware of the potential security breach.
http://www.techworld.com/security/news/index.cfm?RSS&NewsID=5191
Slashdot asked their readers to post questions for Mike Nash, our VP of the Security Technology Unit. This lead to a pretty good interview: http://interviews.slashdot.org/article.pl?sid=06/01/26/131246
Roger
I assume that you know it already: We released the Security Update for the WMF-vulnerability out-of-band today. It is already on Microsoft Update.
If you are interested in the background of the out of band release, go to the MSRC-Blog at http://blogs.technet.com/msrc/archive/2006/01/05/416980.aspx
Well, I should have blogged again, I know. First of all, I have been on vacation (imagine: skiing wiht blue sky and no people on the slopes) and then I flew more or less directly to Redmond. Since last week, I am now on the Main Campus here in Redmond.
I took the opportunity to upgrade my computer to Windows Vista, a pre-build of Beta 2. It really rocks. I am now working on Vista and Office 12 and am looking forward to the launches for those products.
Watch out for the TechDays program this year in Interlaken. We are planning at the moment a session to Vista security!
It seems that a Hoax is causing pretty much turbulences as our support get quite some questions about this. This Hoax is called "Life is Beautiful" and claims to be an urgent virus warning from us and Norton. Let me tell you that this is a Hoax for sure and that there is no reason to get nervous
To be honest. I am quite unsure how serious to take this. I have been looking at this during the last day or so and the urgency-level in the industry seems to raise.
To cut a long story short. There is a worm out there called BlackWorm that will start to destroy files of a certain type on your disk starting from February 3rd. Pretty nasty but most AV-vendors discover this anyway.
You can find details here: http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0814.html
Let me know your view on this
There is a lot information about the WMF vulnerability around, a few additional comments on that:
Microsoft has updated the security bulletin:http://www.microsoft.com/technet/security/advisory/912840.mspx
The important part is, that it is planed to release the patch next Tuesday:
"Microsoft has completed development of the security update for the vulnerability. The security update is now being localized and tested to ensure quality and application compatibility. Microsoft’s goal is to release the update on Tuesday, January 10, 2006, as part of its monthly release of security bulletins. This release is predicated on successful completion of quality testing."
On the web there are different sites referring to a third-party fix. At the end, it is your risk assessment where you have to decide what to do. Basically you have to understand the risks of such third-party fixes. We know of this problem since about two weeks. Since this time our teams works 24*7 to deliver a resolution to it, means: analyzing the problem, developing a fix and - probably most important – testing it to make sure that it meets our quality bar. Now, there seems to be a team out there – if your read the blogs – which has done the same in a few hours... This has definitely to be part of you risk assessment.
Temporary workaround:Click Start, click Run, type "regsvr32 -u %windir%\system32\shimgvw.dll", and click OK.(without the quotation marks...)(A dialog box appears to confirm that the un-registration process has succeeded. Click OK to close the dialog box.)
Beside most antivirus/spyware tools, our online service will help to detect currently known malware:Windows Live Safety Centerhttp://safety.live.com/site/en-US/default.htm
Urs & Roger
Our Anti-Malware-Team posted information about MyWife (or how ever you want to call it) in their blog: http://blogs.technet.com/antimalware/
There is still significant chatter regarding MyWife (or how ever it is called). The disruption could be pretty significant as it tries to corrupt certain files at the third of each month starting this Friday.
It is spread by making use of social engineering techniques by sending a mail where the user has to open an attachment.
We do not see too many infections at the moment and if you have the latest virus definitions you should be protected.
Nevertheless we posted an Advisory tonight: http://www.microsoft.com/technet/security/advisory/904420.mspx
Gosh, I missed it :-) I expected it to come in a few days but now it is here and downloadable. IE 7 Beta 2 Preview. I would really like you to download it and test your websites with it before we release it. Due to the dramatically improved security, there are websites that do not work anymore as expected.
Sometimes we have some rather inexpected results and it often gets worse if IE7 is run in "Restricted Mode" in Vista.
The download is available here: http://www.microsoft.com/windows/ie/ie7/default.mspx
If you want to know more about IE7, I ran a webcast which is recorded and can be accessed here: https://msevents-eu.microsoft.com/cui/Register.aspx?culture=de-CH&EventID=118766036&CountryCode=CH
BTW: If you want to know more about IPSec: The webcast is tomorrow at 16:00. Register here: http://www.microsoft.com/switzerland/technet/de/events.mspx