While this was the week where Windows 7 was
released with much coverage in the trade press, only one item appeared in DHS
reports regarding the “default user account”.
Mobile cryptographic keys appear to be at risk as reported in addition
to more aggressive activity in the marketing and delivery of fake anti-virus
software.
The DHS Daily Open Source Infrastructure Report (DHS) covers
the publicly reported material for the preceding day(s) not previously
covered. This weekly summary provides a selection of those items of
greatest significance to the InfoSec professional.
Should you not be aware of even one of the items discussed
below it would be wise to familiarize yourself with it. The headline above each entry will take you
directly to the DHS report which presented the item for ten business days from
the date of inclusion. The Source link
will take you to the original source cited by DHS.
Week Ending:
Friday, October 23, 2009
Infrastructure
Report for Monday, 19 October 2009
No report. A holiday in the
U.S.
35.
October 16, SC Magazine – (International) Aggressive tactics used in
new distribution and installation of fake anti-virus software. PandaLabs
has identified a new and aggressive trend for selling fake anti-virus software. Source: http://www.scmagazineuk.com/Aggressive-tactics-used-in-new-distribution-and-installation-of-fake-anti-virus-software/article/154886/
Infrastructure
Report for Tuesday, 20 October 2009
Nothing
of significance.
Infrastructure
Report for Wednesday, 21 October 2009
Safer surfing for mobile users?
39. October 20, Network World – (International) Security software protects mobile and remote Mac, Windows users. DeepNines Technologies is unveiling a desktop security agent that works in tandem with its content-filtering and anti-malware gateway to protect mobile and remote workers. Source: http://www.networkworld.com/news/2009/102009-deepnine-technologies.html?hpg1=bn
Infrastructure
Report for Thursday, 22 October 2009
Does your mobile device leak its cryptographic key?
40. October 20, CNET –
(International) Leaking crypto keys from mobile devices. Security
researchers have discovered a way to steal cryptographic keys that are used to
encrypt communications and authenticate users on mobile devices by measuring
the amount of electricity consumed or the radio frequency emissions. Source: http://news.cnet.com/8301-27080_3-10379115-245.html
Infrastructure
Report for Friday, 23 October 2009
Default
user account in Windows 7 a security risk?
31.
October 22, CNET – (International) Windows 7 default user account
control worries experts. Corporate IT departments should be pleased with
new security measures in Windows 7, but consumers are still at risk of getting
hit by malware despite changes in the User Account Control (UAC) feature
designed to help people be smarter when using applications, security experts
say. Source: http://news.cnet.com/8301-27080_3-10380749-245.html
Note:
The DHS only maintains the last ten days of their reports online. To
obtain copies of earlier reports or complete summaries, go to: