Wednesday, May 04, 2005

Penny Brown, an employee at SunTrust Banks, Inc. has been charged with computer identity theft. She was selling confidential customer information which could be used to create counterfeit checks. She worked in the processing department and handled approximately 2,000 checks per month for the last six months.

While no extraordinary financial information was compromised, customers who may be effected will be notified by the bank.

Brown was selling the information to Demarco Statham of Atlanta. He is being held on a $50,000 bond.

Tuesday, May 03, 2005

Latest Computer RIsks Identified
Are your institution's computers protected against the latest critical vulnerabilities? How about your home PCs?

The list of potential threats continues to grow. Today, the Sans Institute released its revised and updated list of the Top 20 Most Critical Internet Vulnerabilities for the first quarter of 2005. Every IT manager, every computer owner should study the list and ensure that appropriate patches and other remedies have been applied.

For the summary list of vulnerabilities go this page and scroll down. Full details are found here.

The software and operating systems listed are in widespread use. They even include RealPlayer and iTunes. Is nothing safe anymore??

This is the time to dig in to the reguoatory guidance on patching. It's a regulatory issue, a safety and soundness issue. Your ability to continue conducting business smoothly can be jeopardized. Your reputation can be harmed. Data compromises could occur, depending on the vulnerability. Go forth and patch!


Virus City
I've lost hours of productivity over the last week as I've dealt with countless alerts telling me my anti-virus software has detected one virus after another in emails that are being generated, sometimes with spoofed addresses, by the latest batch of mass mailing worms.

According to ZDNet, the latest variant of the Sober worm is spreading so rapidly that it now makes up two-thirds of virus traffic on the Internet. It is propagating with astonishing speed and penetration. Read about it. Many of the alerts I've been getting, however, are instead about one of the W32 Netsky worms.

Time to check your virus software configuration, subscription status, scan schedule, and live update frequency and remind your employees about basic safety precautions. After all, there's often a lag time between when a new virus is let loose in the wild and when it's discovered and added to virus definitions. That leaves a time period when you're left unexposed and the basis rule of not opening attachments you don't expect is crucial. It's best to not even open the emails at all -- much less the attachments you don't expect, because some variants of some threats can now do harm without the attachment being clicked. If you've ever been on the receiving end of a true infection by malware, you know that once is one time far too many. There's no substitute for proactive preventive measures.

This page is powered by Blogger. Isn't yours?