Wednesday, June 28, 2006
The National Institute of Standards and Technology (NIST) provided a checklist for protection of remote information and the OMB added four other great ideas you can use in your institution. If you are looking to upgrade your information security - information technology policy to better manage the data that may be exposed, this is a great start.
1. Encrypt all data on mobile computers/devices which carry agency data unless the data is determined to be non-sensitive, in writing, by your Deputy Secretary or an individual he/she may designate in writing;
2. Allow remote access only with two-factor authentication where one of the factors is provided by a device separate from the computer gaining access;
3. Use a 'time-out' function for remote access and mobile devices requiring user re-authentication after 30 minutes inactivity; and
4. Log all computer-readable data extracts from databases holding sensitive information and verify each extract including sensitive data has been erased within 90 days or its use is still required.
These four tips and the NIST recommendations are here in a 10-page PDF document.
Tuesday, June 20, 2006
Warning: Excel Files Can Carry Attack Code
BOL Guru Jeff Patterson, who writes the Tech Talk column for BankersOnline, says a newly-discovered Microsoft Excel flaw is serious enough that it warrants its own alert, so we're blogging the details submitted by Jeff below.
A new attack targeting an un-patched flaw in Microsoft Excel (all versions including the Excel 2003 Viewer) was discovered just a few days after Microsoft’s regular patch release. This flaw may potentially allow the attacker to gain complete control of the system. If a user opens an Excel file (it does not appear to matter that the file is attached to an email, on a website, or even embedded in another Office document) that contains the necessary attack code, the attacker may gain the same rights as the local user and have full control of the user’s computer. US-CERT’s Technical Cyber Security Alert TA06-167A advises users to not open un-trusted Excel spreadsheets. The Microsoft Security Advisory (921365) provides the following workarounds:
-- On Excel 2003, prevent Excel Repair mode.
-- Block all Excel file types at the email gateway or firewall.
-- Block the ability to open Excel files from Outlook by removing the necessary registry keys.
-- Do not open or save Excel files received from un-trusted sources.
With no announcement from Microsoft about when a patch may be provided, this new vulnerability warrants a complete analysis to determine if the potential risk may justify completely blocking incoming Excel and other Office files at the email gateway or firewall until a patch is released. Currently seen exploits include an Excel file that drops the Mdropper.J Trojan and the Booli.A virus application on to the affected system. Additional details may be found on Silicon.com.
Tuesday, June 13, 2006
- Pitylak and his former partners agreed to a $10 million penalty overall.
- Pitylak himself settled with the State of Texas and owes $1 million is civil money penalties. He has already paid $225,000 to the State for attorney fees.
- In a separate agreement with Microsoft he is also to pay a $1 million settlement.
In his blog, Pitylak states "The settlements with Microsoft and the Attorney General’s office have been a serious reality check: harsh, but good, and in the public’s best interest.
I am pleased to announce that I am now a part of the anti-spam community, having started an internet security company – Pitylak Security – that offers my clients advice on systems to protect against spam."
Tuesday, June 06, 2006
Pitylak reached settlements last month with the State of Texas and Microsoft. As a part of his settlement he'll not send spam, and will sell his $430,000 home and 2005 BMW to help pay his $1 million fine, attorney fees and other costs. Pitylak explains in his blog that he is joining the anti-spam community where he can be a positive force.
