Windows XP Service Pack 3 (SP3) includes all previously released updates for the operating system. This update also includes a small number of new functionalities, which do not significantly change customers’ experience with the operating system. This white paper summarizes what is new in Windows XP SP3.
http://www.microsoft.com/downloads/details.aspx?FamilyID=68c48dad-bc34-40be-8d85-6bb4f56f5110&displaylang=en
Urs
The Windows Server 2008 Security Guide provides customers with best practices, predefined security templates, and an automated deployment tool to help strengthen the security of servers running Windows Server 2008. The security recommendations in the guide are based on the combined experience of Microsoft security experts, customers, partners, and governments worldwide.
The guide comes with two preconfigured security baselines:
Enterprise Client: This security baseline is best for the majority of organizations in which functionality is evenly balanced with security.
Specialized Security – Limited Functionality: This baseline is best for organizations in which concern for security is so great that a significant loss of functionality is acceptable. For example, military and security agency organizations operate in this type of environment.
Both baselines have been thoroughly tested in Microsoft labs, and validated by Microsoft customers and partners under real-world conditions. You can easily tailor the security baseline you choose, modifying individual security settings to accommodate your organization’s environment and unique needs. The guide also includes a powerful GPOAccelerator tool that helps you quickly establish, test, and automatically deploy a configuration of Group Policy security settings across your organization—in minutes, instead of hours or days.
Technet Security Guide page: http://technet.microsoft.com/en-us/library/cc300311.aspx
Michael Howard on SDL and the need for it; comments onJeff Jones blogs.
See SDL blog: http://blogs.msdn.com/sdl/archive/2008/02/21/the-first-step-on-the-road-to-more-secure-software-is-admitting-you-have-a-problem.aspx
Last Friday the last of the Windows Server 2008 Security Resource Kit finally went to press! This was a project I had not really planned and so, to complete it in time, I brought in an amazing crew of co-authors. Together, we managed to put together 17 chapters on how to manage security in one of the most exciting products this year.
See Jesper Johanssons blog post:http://msinfluentials.com/blogs/jesper/archive/2008/02/14/resource-kit-done.aspx
Spammers have found a new trick that gets around many current anti-spam filters: abusing the "out of the office" auto-respond feature found in legitimate webmail services.
http://www.techworld.com/security/news/index.cfm?newsID=11544
Microsoft's decision last week to let everyone snoop through its software secrets means vulnerabilities and exploits will almost certainly climb in the short term, say security researchers.
http://computerworld.co.nz/news.nsf/news/AF914E501CD57B8ACC2573FB00176380?opendocument&utm_source=topnews&utm_medium=email&utm_campaign=topnews
Companies and political organizations should put more effort into registering mis-typed versions of their primary domain, not only to protect visitors to their Web sites but also to prevent e-mails from accidentally leaking out, a security researcher said on Wednesday.
http://www.securityfocus.com/brief/685
Two security researchers at ShmooCon demonstrated on Saturday how a laptop connected to a VoIP telephone could, in some cases, expose a business' internal network to outsiders.
http://www.news.com/8301-10789_3-9873864-57.html
For the german speaking readers, also a link to my citizenship blog entry: "Kriminelle Energie ist überall – auch im Internet"http://swissdialogue.spaces.live.com/blog/cns!F28808344F7E2734!206.entry
See also the infosurance webpage about the Swiss Security Day 2008:http://www.swisssecurityday.ch/
A management framework for organizing national cybersecurity efforts:
http://www.itu.int/ITU-D/cyb/cybersecurity/docs/itu-draft-cybersecurity-framework.pdf
SAFECode, the Software Assurance Forum for Excellence in Code, introduced its first white paper, "Software Assurance: An Overview of Current Industry Best Practices."
The organization was founded by Microsoft, Symantec, EMC, SAP and Juniper to advance understanding and practices related to secure development and integrity controls. Our goal is to raise the security bar across the software industry to reduce vulnerabilities.
There is a small number of working groups within SAFECode, and I am very pleased to chair the Development Processes working group.
Over time, SAFECode will produce many resources to help raise the state-of-the-art in software security.
SAFECode is a great example of "industry helping industry," because it is led by people who have "been there, done that" and have the battle scars to prove it. All members have had security vulnerabilities and learned from the vulnerabilities and changed their processes to help deliver more secure code for customers.
A big benefit is SAFECode is it is not an academic or theoretical endeavor, everything produced by SAFECode will be practical and most importantly, known to improve software security.
Blog entry: http://blogs.msdn.com/michael_howard/archive/2008/02/14/introducing-safecode.aspx
Whitepaper: http://www.safecode.org/publications/SAFECode_BestPractices0208.pdfSafeCode:http://www.safecode.org
Security workers warn that encrypting stored data doesn't truly protect it, and you're fooling yourself if you think so.The use of data encryption could make organizations vulnerable to new risks and threats, a panel of security experts warned.
http://www.pcworld.com/article/id,142305-c,encryption/article.html
Have you ever heard about www.security4kids.ch? If not, visiting the site should be one of your tasks for today! Especially if you’ve got children aged 7-15 yourself.
But let’s go back to the beginning. The website www.security4kids.ch (in German and French and soon also in Italian) was launched in December 2005 in cooperation with various agencies and authorities as well as partners operating in the private sector and in education and youth protection realms. The website enables kids and teenagers to obtain information on how to navigate the internet safely, but also provides information and practical tips for parents and teachers about how to address the topic. Since its start, the initiative further evolved and expanded its offering. Very well received are for example the free of charge school offerings, whereof one the visit of the “security agents” in primary schools is. The agents, disguised with black suits, hats and sunglasses, are either trained Microsoft employees or university students and their lesson with primary students are very well perceived and everybody has, while learning how to behave securely in the internet, a lot of fun together. From July 2007 until December 2007 a total of around 3600 children were visited by our security agents.
But security4kids does a lot more. There’s the Teachers Academy, where teachers can find lesson material about the different aspects of the internet, we conduct parent-information evenings with experts and work with all our partners to inform more and more people about the most important rules and tips for a safe online behavior. Perhaps you will support us too?
Visit www.security4kids.ch to find out more!
Andrea
Microsoft Corporation commissioned West Coast Labs (WCL) to carry out a series of performance benchmarking tests and metric-based process evaluations of the following products:
And: Microsoft Forefront Client Security is the best choice !!! ;-)
This study was conducted to test Forefront Client Security’s system performance compared to the three leading competitive products. Testing was carried out during April and May 2007. The study shows that Microsoft Forefront Client Security’s results were favourable compared to those of two of the leading competitors. It uses few system resources on servers and is comparable to the leading competitor in scanning times on both older and newer machines, and also when scanning .cab files. West Coast Labs also found that when malware was discovered, Microsoft’s bandwidth usage on clients was the lowest of all the four products.
When compared with Symantec Corporate Anti-Virus, Forefront Client Security has the following key performance indicators:
In August, AV-Test.org published the results of its recent testing of 29 products against 875,000 files, which contained various forms of malware including worms, Trojans, bots, and backdoors discovered during the last six months. In November, AV-Test.org re-ran their test, using more than 1 million malware samples. The following tables show the positions of the industry leaders in the tests.
AVTest.org: Aug 2007 AVTest.org: Nov 2007
Kaspersky
98.9%
97.4%
Symantec
96.8%
96.1%
Microsoft
96.4%
Sophos
94.6%
Trend Micro
95.4%
Fortinet
94.2%
AVG
95.1%
McAfee
93.7%
95.0%
Panda
90.2%
NOD32
93.6%
88.9%
93.3%
Norman
86.1%
90.8%
eTrust-VET
78.3%
86.4%
eTrust
73.7%
Microsoft’s anti-virus engine used in Forefront Client Security consistently rated among the industry leaders in both tests and detected more than 96% of the malware used in this test. So, it's definitely not only about speed!
Stefan
German cops are pushing ahead with controversial plans, yet to be legally approved, to develop "remote forensic software" - in other words, a law enforcement Trojan. Leaked documents outline proposals by German firm Digitask to develop software to intercept Skype VoIP communications and SSL transmissions. A second leaked document from the Bavarian Ministry of Justice outlines costing and licensing proposals for the software. Both scanned documents (in German, natch) have found their way onto the net after being submitted to Wikileaks...
http://www.forensicfocus.com/index.php?name=News&file=article&sid=841&mode=&order=0&thold=0
U.S. spies are looking increasingly online for intelligence and they've become major consumers of social media.
In keeping with its mandate to gather intelligence, the CIA is watching YouTube. U.S. spies, now under the Director of National Intelligence (DNI), are looking increasingly online for intelligence; they have become major consumers of social media.
http://www.informationweek.com/story/showArticle.jhtml?articleID=206105311&cid=RSSfeed_IWK_Security
European spam networks have pumped out more unsolicited e-mail than those in the U.S. for the third month in a row, according to security vendor Symantec.
Symantec called this a "significant shift" in spam trends as, historically, compromised U.S. computers have been used to send spam, and many spammers have been U.S.-based.
http://www.news.com/Europe-still-top-source-of-spam/2100-7349_3-6229352.html?tag=cd.top
Taking a least-privilege approach to user accounts is a key part of any in-depth defense strategy, many analysts and security pros say.
"I think it's very important … not even just as [a component] of security, but in the broader sense [of] risk posed to the business in IT," said Scott Crawford, an analyst with Enterprise Management Associates. "Nowhere is that more true than in a Windows environment where there [are] some things at least on the endpoint or desktop…you simply can't do without administrative privilege."
In its defense, Microsoft has built the User Account Control feature into Windows Vista, allowing IT administrators to elevate their privilege for specific tasks and application functions while still running most applications, components and processes with a limited privilege. Other companies such as Symark Software and BeyondTrust also look to address the issue of least privilege with their software.
http://www.eweek.com/c/a/Security/Minimizing-User-Rights-Can-Increase-Security/
ENISA is presenting the first feasibility study on a European Information Sharing and Alert System (EISAS) to inform SMEs and citizens in the European Union (EU) on threats, vulnerabilities and attacks.
http://www.enisa.europa.eu/doc/pdf/studies/EISAS_finalreport.pdf
Teenagers, including children as young as eleven and twelve years old, are increasingly becoming involved in serious cyber-criminal activity that exposes themselves and the users they target to a full range of dangerous repercussions.
"Most have absolutely no idea of what getting they're into, they're swapping stolen credit card data using their real names and photos, they're committing real crimes and leaving huge paper trails back to their real identities," said Boyd, who also goes by the name "Paperghost" in conducting his underground research.
http://weblog.infoworld.com/zeroday/archives/2008/02/hacking_teen_ch.html
If it seems that -- despite your company's best efforts to educate users about security -- users are actually behaving less responsibly, don't panic. Your organization isn't the only one.
In fact, Cisco Systems Inc. today is releasing the results of a disturbing third-party study it commissioned over the summer which proves conclusively that -- in many businesses all over the world -- remote users are actually engaging in more insecure behavior than they did the previous year.
About 32 percent of respondents said they "don't see anything wrong" with sharing their work computers with friends and family, and 32 percent also said their "company doesn't mind" when they do. Twenty-nine percent said they don't think sharing computers with friends or family increases security risks.
http://www.darkreading.com/document.asp?doc_id=144950&WT.svl=news1_1
Analysis: Wireless phone headsets of the kind beloved by Wall Street executives and high-end law firms can be bugged by simple off-the-shelf radio scanners unless they are encrypted.
"These guys are bugging their own office, essentially," security consultant Doug Shields told United Press International.
He said that, for a recent client, he had used an inexpensive commercial scanner capable of monitoring frequencies in the 900 MHz and 1.2 GHz ranges, which is where many of the popular hands-free headsets operate.
http://www.upi.com/International_Security/Emerging_Threats/Analysis/2008/02/01/analysis_wireless_phone_headsets_insecure/2674/
The Forensics Plan Guide defines the basic elements of a Forensic Plan from the first initial contact through submission of the final Forensic Report.The document also includes 'The Forensic Cookbook' which illustrates the use of selected products and procedures, providing additional insight and configuration advice.
http://www.giac.org/certified_professionals/practicals/gcfa/283.php
Microsoft has announced plans to add new anti-exploitation APIs into Windows Vista SP1, Windows XP SP3 and Windows Server 2008 as part of a larger plan to secure the Windows ecosystem.
According to Michael Howard, a senior program manager in Microsoft's security unit, the delivery of the new APIs significantly lowers the barriers to entry for application developers to opt-in to using DEP on Windows programs.http://securitywatch.eweek.com/microsoft_windows/microsoft_adds_new_antiexploit_apis_into_windows.html
For the techies:http://blogs.msdn.com/michael_howard/archive/2008/01/29/new-nx-apis-added-to-windows-vista-sp1-windows-xp-sp3-and-windows-server-2008.aspx