Scammers are targeting social networks with phishing scams and relying more heavily on worms and Trojans to attack computers, according to security trend reports to be released Monday by Microsoft and McAfee.
http://news.cnet.com/8301-27080_3-10387768-245.html
The Microsoft Security Intelligence Report (v7) was released today and can be found here:http://www.microsoft.com/security/portal/Threat/SIR.aspx
The McAfee press release along with report (PDF) can be found here:http://newsroom.mcafee.com/article_display.cfm?article_id=3591
-Urs
The Windows 7 security story has three main chapters that have received a fair amount of attention: DirectAccess, BitLocker To Go, and AppLocker. With these, as well as features such as BranchCache and enhancements to UAC (user account control), officials at Microsoft have said they feel they are pushing out their most secure operating system yet.
http://www.eweek.com/c/a/Security/Windows-7-Security-Story-May-Appeal-to-Enterprises-549002/
As Conficker approaches the first anniversary of its appearance in the wild, the Shadowserver Foundation says that at least seven million IP addresses — each representing one or more computers — are now infected by the worm.http://www.infosecurity-magazine.com/view/4941/confickers-first-birthday-looms-seven-million-ips-still-infected/
Perhaps a very good idea for the seven millions to look at the free:Microsoft Security Essentials (MSE) Antimalware Software under:http://www.microsoft.com/security_essentials/
Microsoft Security Essentials provides real-time protection for your home PC that guards against viruses, spyware, and other malicious software.
Microsoft Security Essentials is a free* download from Microsoft that is simple to install, easy to use, and always kept up to date so you can be assured your PC is protected by the latest technology. It’s easy to tell if your PC is secure — when you’re green, you’re good. It’s that simple.
Microsoft Security Essentials runs quietly and efficiently in the background so that you are free to use your Windows-based PC the way you want—without interruptions or long computer wait times.
Cyber criminals have found a new launching pad for their scams: the phone systems of small- and medium-sized businesses across the U.S.
In recent weeks, they have hacked into dozens of telephone systems across the country, using them as a way to contact unsuspecting bank customers and trick them into divulging their bank account numbers and passwords.
http://www.computerworld.com/s/article/9140018/Internet_phone_systems_become_the_fraudster_s_tool
Using your laptop to get work done away from your office or on the road is becoming widely accepted. But this rapid growth in laptop computing has made portable systems the target for theft around the world. If your laptop computer is stolen, company information can be exposed, as well as your personal and financial information.
http://www.microsoft.com/atwork/security/laptopsecurity.aspx
If you go solely by top-level stats on encryption use, you'll come away feeling pretty secure — 86 percent of the 499 business technology professionals responding to our InformationWeek Analytics State of Encryption Survey employ encryption of some type. But that finding doesn't begin to tell the real story. Only 14 percent of respondents say encryption is pervasive in their organizations. Database table-level encryption is in use by just 26 percent, while just 38 percent encrypt data on mobile devices. And 31 percent — more than any other response — characterize the extent of their use as just enough to meet regulatory requirements.
http://www.informationweek.com/news/security/encryption/showArticle.jhtml?articleID=221900355
This guide was designed to help IT professionals better understand and use Microsoft security release information, processes, communications, and tools. Our goal is to help IT professionals manage organizational risk and develop a repeatable, effective deployment mechanism for security updates.
http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=c3d986d0-ecc3-4ce0-9c25-048ec5b52a4f
EMET, short for Enhanced Mitigation Evaluation Toolkit, allows developers and administrators to add specific security protections to applications. Unlike mitigations released in the past, EMET doesn't require programs to be recompiled, so it can be used to fortify applications even when the source code isn't available.
http://blogs.technet.com/srd/archive/2009/10/27/announcing-the-release-of-the-enhanced-mitigation-evaluation-toolkit.aspx
The Microsoft Security Intelligence Report (SIR) provides an in-depth perspective on the changing threat landscape including software vulnerability disclosures and exploits, malicious software (malware), and potentially unwanted software. Using data derived from hundreds of millions of Windows computers, and some of the busiest online services on the Internet, this report also provides a detailed analysis of the threat landscape and the changing face of threats and countermeasures and includes updated data on privacy and breach notifications. The seventh volume of the report is now available: http://www.microsoft.com/downloads/details.aspx?FamilyID=037f3771-330e-4457-a52c-5b085dc0a4cd&displaylang=en