This week we learned of a critical Adobe Reader
patch which should be promptly applied, collapse of the Internet in Sweden,
Google’s efforts to identify compromised web sites and that workplace computer
security is not all that it should be.
The DHS Daily Open Source Infrastructure Report (DHS) covers
the publicly reported material for the preceding day(s) not previously
covered. This weekly summary provides a selection of those items of
greatest significance to the InfoSec professional.
Should you not be aware of even one of the items discussed
below it would be wise to familiarize yourself with it. The headline above each entry will take you
directly to the DHS report which presented the item for ten business days from
the date of inclusion. The Source link
will take you to the original source cited by DHS.
Week Ending:
Friday, October 16, 2009
Infrastructure Report
for Monday, 12 October 2009
No report. A holiday in the
U.S.
Infrastructure
Report for Tuesday, 13 October 2009
Have
you applied the Adobe Reader patch? If
not, perhaps you should.
37.
October 8, The Register – (International) Critical Adobe Reader vuln
under ‘targeted’ attack. Attackers once again are targeting an unpatched
vulnerability in Adobe Reader that allows them to take complete control of a
user’s computer, the software maker warned.
Source: http://www.theregister.co.uk/2009/10/08/adobe_reader_vuln_under_attack/
Infrastructure
Report for Wednesday, 14 October 2009
Could this happen elsewhere? Perhaps the U.S., U.K., etc.
44. October 13, Royal Pingdom – (International) Sweden’s internet broken by DNS mistake. On October 12, a routine maintenance of Sweden’s top-level domain .se went seriously wrong, introducing an error that made DNS lookups for all .se domain names start failing. Source: http://royal.pingdom.com/2009/10/13/sweden%E2%80%99s-internet-broken-by-dns-mistake/
Infrastructure
Report for Thursday, 15 October 2009
Are you and staff aware of the significance of Google
warnings?
37. October 13, The Register –
(International) Google shares malware samples with hacked site admins. Google
has rolled out a feature that provides webmasters of compromised sites with
samples of malicious code and other detailed information to help them clean up. Source: http://www.theregister.co.uk/2009/10/13/google_webmaster_malware_notification/
Infrastructure
Report for Friday, 16 October 2009
Is
your workplace network secure? It
appears that it might not be!
32.
October 14, NewsFactor Network – (International) Cyberthieves find
workplace networks are easy pickings. Workplace networks have turned out to
be much more porous and difficult to defend than anyone ever anticipated. Source: http://www.newsfactor.com/news/Workplace-Networks-Easy-Pickings/story.xhtml?story_id=0320013Q7YBK
Note:
The DHS only maintains the last ten days of their reports online. To
obtain copies of earlier reports or complete summaries, go to:
http://dhs-daily-report.blogspot.com/