|
|
|
Tech Talk and Tech Alerts Archive
Subscribe to Tech Talk!
Get the latest issue of Tech Talk delivered in your email while the news is still hot. Click HERE to sign up now!
|
|
|
|
05/16/08
- mobile digital wallets
- the FTC's interest in contactless payment
- worries over counterfeit parts
- rootkits that defy detection
- problems with XP SP3
- this month's updates from Microsoft
- a service pack for Office 2007
- crooks foiled by a webcam
- a big spam verdict
- a taste of cellular spam
- a fine kettle of phish
- card info stolen from restaurants
- tiny terrors in Texas
- US-CERT's latest vulnerabilities list
- a humorous look at the Help Desk
05/09/08
- the relative security of mobile banking
- dealing with real-world disasters
- the status of XP and Vista upgrades
- reasons to avoid moving to Vista
- enlisting customers in the war on fraud
- a partnership for web use safety
- four updates scheduled for Patch Tuesday
- Wi-Fi security training from the FBI
- short money for a long list of IDs
- a trove of stolen data in Malaysia
- thirty years of spam
- today's biggest spammer
- an alert for music file-sharers
- tricking out your BlackBerry
- US-CERT's latest vulnerabilities list
05/02/08
- hacks timed for increased vulnerability
- what motivates your security vendors
- lenders sued for a data breach
- the easiest targets for data theft
- risks of remote laptop use
- the importance of surfing vigilance
- another wrinkle on XP's future
- a delay in the release of XP SP3
- a dangerous QuickTime bug
- vulnerable ISP error pages
- jail time for copyright violations
- browser popularity at a cost
- malware "copyright" enforcement
- US-CERT's latest vulnerabilities list
04/25/08
- LendingTree's stolen data
- trends in cyber security
- PayPal's mandate to update browsers
- botnet attacks on Google's Blogger
- keeping valuable IT staff
- a hacked company's costly plans
- Rock Phish's dangerous downloads
- Microsoft's repeat patch attempts
- next week's release of XP SP3
- uncertain plans for XP's future
- a push to bury Outlook Express
- taking credit for Storm's demise
- automatically installing Vista SP1
- US-CERT's latest vulnerabilities list
04/18/08
- Phony subpoena emails to execs
- major updates from Oracle
- cybercrime as big business
- acceptance of online banking
- getting results from security training
- a tool used in a huge hack
- getting control of flash drives
- updates to Firefox and Safari
- an argument for Vista
- struggling with Vista's SP1 upgrade
- payback for keylogging
- assessing the IT security skill set
- US-CERT's latest vulnerabilities list
04/11/08
- HSBC's lost data disk
- an encrypting disk drive
- ratings of security programs for Vista
- promises of better laptop data security
- tips for disinfecting PCs
- bugs in Norton's security programs
- getting your email messages read
- a fix for the Vista SP1 problem
- a Microsoft patch reminder
- two new email scams
- spam that takes your time
- updates to the Flash player
- cybercrime as a business
- malware mills promise no respite
- gossip about Windows 7
- web-surfing classes in public schools
- US-CERT's latest vulnerabilities list
04/04/08
- an 18-year-old bank account thief
- how Hannaford happened
- paying for the Hannaford breach
- TJX's latest settlement
- the 2008 exposed-record count -- so far
- going green with e-statements
- more problems with Safari
- patches to QuickTime
- a heads up for Patch Tuesday
- April Fools' spam
- a look back at CAN SPAM
- the WIPO cure for cybersquatters
- loose HTML code that leaves site open to malware
- the threat from buggy Flash sites
- Firefox's newest beta release
- US-CERT's latest vulnerabilities list
03/28/08
- a jail sentence for data theft
- hacker attacks on backup software
- weaknesses found in brand new servers
- another warning on malicious attachments
- five questions to ask yourself
- the limits of anti-virus software
- Firefox's latest security update
- Cisco's security alerts
- a reminder about Excel patches
- complaints about Apple's Safari maneuver
- the road to Windows XP SP3
- TJX's FTC settlement
- terror sites on U.S. ISPs
- monitoring employee web use
- US-CERT's latest vulnerabilities list
03/21/08
- the Hannaford Brothers data breach
- a need to surpass security standards
- security mistakes that can ruin your day
- text messaging vishing attacks
- security outsourcing
- Microsoft's bad Excel patch
- major security changes from Apple
- virtual safe deposit service
- ways to get your message to management
- a guilty plea from the "Spam King"
- productivity gains from big screens
- a flight change in your future
- increases in mobile website use
- March Madness website office pools
- arrival of Vista SP1
- US-CERT's latest vulnerabilities list
03/14/08
- a Chinese hack using Trend Micro's site
- weak wireless network settings
- BlackBerry tests that expose systems
- a cellphone spam alert
- Cisco's new update schedule
- critical MS Office patches
- risky reliance on spreadsheets
- hacking by Firewire
- problems with the IE8 beta
- an upgrade to the Firefox 3 beta
- a pricey penalty for piracy
- problems with CAPTCHA security
- hacked access cards
- exposed FTP sessions
- US-CERT's latest vulnerabilities list
03/07/08
- an FDIC report on computer intrusions
- banks as favorite ID theft targets
- scams using digital certificates
- the arrest of a teen scammer
- getting canned for internet abuse
- a reminder to "spring ahead"
- four security updates due on Patch Tuesday
- a brazen two-headed threat
- a report on thumbdrive security
- a stubborn rootkit
- a virus attack on a health care provider
- markdowns on Vista upgrades
- IE8's beta release
- plans for Firefox Mobile
- a spammer's conviction affirmed
- an obit for Netscape
- a look ahead at iPhones in the workplace
- US-CERT's latest vulnerabilities list
02/29/08
- a warning about illicit FTP use
- inadequate encryption
- dangerous IE plug-ins
- a hacker cult's two-edged sword
- the search for literate hackers
- fear of flying laptops
- the end of paper tickets
- details on XP's next service pack
- how tighter controls could have saved billions
- a lender's FTC settlement
- what YouTube's outage could mean to you
- US-CERT's latest vulnerabilities list
02/22/08
- malicious emails
- a pair of browser vulnerabilities
- the TLC needed to install Server 2008
- pros and cons of the Server 2008 upgrade
- an upgrade for Windows XP
- Microsoft's recall of Vista SP1 software
- BlackBerry's newest email woes
- protecting laptop data
- a new malware detection system
- addressing threats from insiders
- another warning about social networking
- Epson's printing privacy product
- the threat of localized malware
- US-CERT's latest vulnerabilities list
02/15/08
- VIP (Very Important Patches) from Microsoft
- MS Works Hackers on the Attack
- Firefox Issues Patches
- One Report that the Firefox Fix Isn't
- An Adobe Update - Get it Soon for Security
- Vista SP1 Performance Results
- An Anti-Virus Company Getting Sick
- Mac OS Update
- BlackBerry Going Black for 3 Hours
- 68,000 Malicious Servers Waiting for Your Customers
- Problems with Encrypting Backups
- Replacing PINs with New Security
- Secure Text Messaging Possibly Opening a New Channel to Customers
- US-CERT's latest vulnerabilities list
02/08/08
- a threat to two-factor authentication
- a Patch Tuesday dozen
- threats of a new Spam King
- a website hostage-taking
- a big fine for a load of spam
- eBay's fight against phishing fraud
- tactics for domain name defense
- the importance of password management
- bringing remote deposit capture home
- updates from Adobe and Apple
- plug-in woes for IE users
- a win for anonymity
- a million-dollar letter
- a new challenge for IT software managers
- the release of Vista SP1
- US-CERT's latest vulnerabilities list
02/01/08
- threats of a spear phishing attack
- Trojan threats in Tibet documents
- a Windows flaw that merits action
- dividends for sellers of malicious kits
- DC employees canned for web access
- plans for an Office 2003 update
- a Hollywood dud with lessons on botnets
- a help-wanted ad that triggered a meltdown
- good searches that led to bad results
- an uptick in mortgage spam
- an alert banker who pulled the plug on thieves
- an argument for change
- $7 billion lost in an insider's transactions
- the downside of homework
- spreading viruses with photos
- US-CERT's latest vulnerabilities list
01/25/08
- pulling the plug in overseas extortion attacks
- growing attacks on vulnerable servers
- Using VoIP to trick bank customers
- another big data breach
- mobile worms
- Sun's Java update
- attacks on the home front
- protecting data in a hand-held world
- a leak in Firefox
- an earlier ETA for Vista SP1
- in-flight internet tests
- checking customers' computers
- changes predicted for CIOs
- US-CERT's latest vulnerabilities list
01/18/08
- stealing from bank accounts
- IBM's security alert
- new tools for "stealth-ware"
- an uncovered Excel weakness
- costly stolen laptops
- troubles at the TSA
- malware from MySpace
- MacScareware
- a reward for gaps (for real?)
- patches from Apple
- myths about data protection
- increased privacy worries
- training you can use
- US-CERT's latest vulnerabilities list
01/11/08
- a new stealth rootkit
- Oracle patches due on Tuesday
- another worm threat from Russia
- expected post-holiday attacks
- a Vista gadget fix
- a texting traffic jam
- indicted spammers
- afterlife for cell phones
- vengeance that reaped justice
- hacked iPhones
- a look back at Patch Tuesday
- the potential for printer spam
- a new financial info aggregator
- Citibank's ATM limit misadventure
- security woes at the IRS
- US-CERT's latest vulnerabilities list
01/04/08
- crooks lurking on MySpace and Facebook
- a Firefox weakness
- RealPlayer woes
- patches coming from Microsoft
- new rules for flight plans
- problems with an Office service pack
- information overload
- lessons learned in 2007
- risks of public exposure
- practicing safe computing
- the changing privacy environment
- Firefox's beta update
- a digital marketing idea
- US-CERT's latest vulnerabilities list
12/28/07
- the latest Storm attacks
- an update from Adobe
- 2007's biggest tech stories
- the evolution of cybercrime
- TJX's year-end settlement
- a warning from Microsoft
- a digital vigilante
- in-flight web surfing
- compliance and data security
- eight "hot" technologies for 2008
- building skills for success
- US-CERT's latest vulnerabilities list
12/21/07
- huge fishing growth
- HP/Compaq woes
- another big Apple update
- a Trojan attack via Google ads
- problems with IE patches
- a revised IT spending forecast
- a new way to read BlackBerry logs
- holiday homework
- a big fine for gambling ads
- plans for a new Internet Explorer
- an advance look at XP SP3
- tricked-out browsers
- the UK's embarrassing breaches
- US-CERT's latest vulnerabilities list
12/14/07
- a sophisticated Trojan attack on U.S. business depositors
- the latest round of personalized phishing emails
- FFIEC guidance on planning for pandemics
- exploits targeting users of MS Access
- Microsoft's December patches
- a forecast that iPhones will be hacker targets
- the FTC's suit against a payment processor
- the growing threat of rootkits
- a malware epidemic
- the CAN-SPAM Act's legacy
- Microsoft's preview of Vista SP1
- a major update for MS Office
- putting the brakes on automatic updates
- a sorry cell phone tale
- our prescription for year-end stress relief
- US-CERT's latest vulnerabilities list
12/07/07
- ignored security policies
- a heads up on Patch Tuesday
- the TJX settlement
- two Firefox updates in a week
- McAfee's international cybercrime report
- techniques to block client-side attacks
- malware and virus protection test failures
- a big fine for a spam scam
- last week's bogus battery scare
- Google's "Help Wanted" sign
- plans for better protection tests
- a tool for finding lost portable devices
- promises of a different spam defense
- US-CERT's latest vulnerabilities lists
11/30/07
- cracked Windows encryption
- malware targeting online bank customers
- penny debits in card scams
- retailers with weak data security
- a million infected botnet machines
- BSA and software licenses
- the year's "Top 20" web security threats
- a flaw in Lotus Notes
- threats in anti-virus programs
- bad search engine results
- keeping customers scam-savvy
- forecasts of Vista weaknesses
- Mozilla's Firefox update
- exploits of a QuickTime flaw
- dealing with increasing complexity
- higher IT hiring costs
- running out of room on the internet
- expected improvements from XP SP3
- increasing costs of data breaches
- more reports of exploding cell phones
- US-CERT's latest vulnerabilities lists
11/16/07
- New hard drives with malware pre-installed
- Top 10 security threats for 2008
- A $525,000 laptop
- A Revolution from Steve Case
- Mobile banking's arrival
- Two Patch Tuesday
- Apple's big patch release
- A malicious security consultant
- The end of an Active X alert
- Increases in web access controls
- Storm's calling card
- Fake emails from Microsoft
- Firewalls in need of ignition
- US-CERT's latest vulnerabilities list
11/09/07
- the threat of personalized phishing spam
- the domino effect of security lapses
- hidden web privacy policies
- downtime for NaviSite clients
- a weak Windows driver
- Microsoft's short patch list
- nervous federal IT experts
- inadequate training for mobile staff
- increases in online use
- Apple's QuickTime update
- keeping company secrets
- the year's biggest threats
- a start for your holiday gift list
- US-CERT's latest vulnerabilities list
11/02/07
- rumors of a cyber jihad on banks in the West
- the need for corporate teamwork for security
- the first anniversary of e-Discovery rules
(do you know where your e-docs are?)
- Visa fines for the TJX breach
- concerns that anti-phishing could backfire
- a privacy warning for Verizon customers
- a proposal that threatens some Web advertisers
- slammer for a spammer
- the FTC's plea to Congress
- a malicious spoof of the FTC
- a new way to pay for gasoline
- extending the ban on internet access taxes
- US-CERT's latest vulnerabilities list
10/26/07
- Adobe's Reader and Acrobat updates
- Firefox's flubbed flaw fix
- IBM's email fixes for Notes and Domino
- Tweaks posted for RealPlayer
- California wildfire charity scams
- Concerns about iPhone security
- The looming power of Storm Worm
- Emails that snookered SuperValu
- The welcome demise of DirectRevenue
- TJX -- yet again
- How improved security causes attack strategy changes
- Clarifying a business intelligence strategy
- US-CERT's latest vulnerabilities list
10/19/07
- Oracle's major update release
- Attacks on a RealPlayer security flaw
- The latest "pump and dump" email tactics
- A flawed upgrade to AOL's instant messenger
- Problems with Microsoft's Windows Update
- Will the Storm botnet be sold?
- How to recognize "phissing," phishing and other scams
- Things that worry IT managers
- Naughty websites causing problems
- Technology helpers and hindrances
- Microsoft's stance on a persistant weakness
- Top 10 strategies for next year
- Tips for lowering your electric bill
- Miscrosoft's new backup software
- US-CERT's latest vulnerabilities list
10/12/07
- Dell's new diskless desktop offering
- a new, innovative, anti-phishing effort
- Sun's Java update and policy change
- Critical updates from Microsoft
- Microsoft's agreement to patch IE7
- a workaround from Adobe
- how the "Rock Phish" group eludes detection
- hot pants from an iPod
- abuse of YouTube's site to spread malware
- US-CERT's latest vulnerabilities list
10/05/07
- "krummy" keyboards and other office health hazards
- DOJ's ban on using personal PCs for work
- a phun way to teach customers about phishing
- a look back on the Storm worm
- how smaller botnets increase criminal activity
- Microsoft's new Office Live Workspace
- another attempt at Vista efficiency
- dangers in downloaded videos
- the security U.S. users think they use
- a reminder about attacks targeted at executives
- US-CERT's latest vulnerabilities list
09/28/07
- an eBay user data compromise
- Apple's iPhone security update
- how Bluetooth puts phones and notebooks at risk
- protecting PCs from malware infections
- a hack into Homeland Security systems
- securing wireless networks
- the unsecure network in the TJX mega-hack
- the TJX settlement offer
- private info on used hard drives
- OpenOffice's security gap
- AOL's instant messenging flaw
- jail terms for Chinese worm sales
- ransom for a hijacked email account
- serving IT's customers -- securely
- US-CERT's latest vulnerabilities list
09/21/07
- Possible weaknesses in multi-factor authentication systems
- a newly uncovered bug in the PDF file format
- a hack attack on a Texas server-hosting vendor
- guidance for securing web services
- a data breach that exposes investors to spam
- Mozilla's rush to avoid a QuickTime flaw
- organized cybercrime
- Microsoft's new service pack for Office 2003
- troubles for MSN Messenger
- taking control of IM in your institution
- protection for data on "thumb drives"
- attacks exploiting trust and familiarity
09/14/07
- a Storm Worm attack on NFL fans
- finger-pointing when malware strikes
- QuickTime's gap that exposes Firefox users
- hacker toolkit "enhancements"
- the anatomy of a bank website hack
- Skype users led astray by sexy pix
- B of A's new SafePass for mobile banking users
- indictments against hacker chief "Iceman"
- NTP's latest patent suits against major wireless providers
09/07/07
- consumer technologies that threaten IT departments
- a government's plan to plant spyware on terrorists' PCs.
- plans to link ATMs and mobile phones
- ownership costs for Vista laptops
- a Labor Day spam attack
- the costly revenge of a peeved employee
- Patch Tuesday -- September's plan
08/31/07
- new attempts to spread the Storm Worm Trojan
- a German view of Chinese online economic espionage
- hiring an ID theft "hit-man" for $20 a month
- Monster.com's delayed ID theft alerts
- money mules and cybercrime
08/24/07
- a major ID attack on Monster.com
- attempts to capitalize on a recent Wells Fargo outage
- an important arrest in the TJX case
- Skype's finger-pointing at Microsoft
08/17/07
- heavy consumer losses to internet fraud
- wide stock swings caused by "pump and dump" spam
- still another Sony battery recall
- Nokia's recall of mobile phone batteries
- a reminder about Microsoft's August patches
08/10/07
- easily hacked physical security systems.
- Russians who raided Turks' accounts with a U.S. computer
- the revival of Russian malware purveyors
- spam that uses PDF to fool filters
- security patches from Cisco
- Microsoft's August update plans
08/03/07
- the return of a spam attack on business executives
- tool kits that enabled a huge growth in hacker ranks
- an important patch for Firefox users
- website account hijacks using stolen cookies
- Apple's latest patch releases
- a new B2B ePayments service in the UK
07/27/07
- an expansion of the StormWorm virus attack
- iPhone security problems
- the iPhone problem that wasn't
- "dangling pointers" in software creating security gaps
- IBM's new disaster recovery evaluation tool
07/20/07
- malware that could encrypt files on your computer and hold them for ransom
- a .NET patch that took nine months to sew
- three InfoSec papers you need to read
- "ATM 21" scanning checks for immediate credit
- the FBI tells about a FIB
- the BOL Scams Index and poll
- the iPhones continual connection, jamming networks
- Oracle's quarterly patch for 45 bugs
- how Firefox fixes a flaw with IE
07/13/07
- new code that instantly sets up a phishing site
- an auction site where hackers can purchase software vulnerability information
- finger-pointing by Microsoft and Mozilla
- a warning about internet calendars
- how a spam filter resulted in a missed hearing and bad consequences
- a handy security self-assessment tool
- US-CERT's most recent list of security vulnerabilities
- a QuickTime update from Apple
07/06/07
- personalized malicious emails targeting senior officers and their families
- a "free iPhone" spam attack
- another look at planning for avian flu
- connections between ID theft and terrorism
- protecting data from IT managers
- a preview of July's Patch Tuesday
06/29/07
- a virus spreading on a DoD network
- ID theft attacks on U.S. service members
- a worm spreading through MySpace pages
- spam spoofing the Justice Department
- emails linking to a bogus Microsoft patch
- an update on Windows Vista security
- a second Apple patch for Safari
06/22/07
- a malware kit from Russia
- the return of the laptop battery recall
- two new data security white papers
- Apple's two new security updates
06/15/07
- a backup plan fiasco
- FBI arrests of three botnet operators
- a credit union's invoice to TJX
- an upgrade message from Yahoo!
- the risks of early technology adoption
- Apple's beta release of Safari
- Microsoft's latest Patch Tuesday
06/08/07
- search engine-sponsored links
- Telling customers about security
- Naming your new Wi-Fi network
- Smart hackers who skirt security measures
- Statistics that chill anti-phishing efforts
- Plans for June's Patch Tuesday
06/01/07
- A HUGE increase in phishing websites
- A dangerous trend in malware attacks on businesses
- Risks posed by common browser plug-ins
- A study on management of electronic records
- Apple's recent QuickTime update
- Mozilla's security fixes
- A reminder to secure data in mobile devices
05/25/07
- A tool to detect "skimmed" counterfeit cards
- Growth in the phishing "industry"
- Microsoft's new Office security tools
- Malware that gets around firewalls
- Apple's latest security fixes
- A new web-based malware detector
- The divergent roles of privacy and security officers
05/18/07 SPECIAL EDITION
- Tech-Related Regulatory Issuances
- Customer Authentication
- Identity Theft
- EFTs
- Gift Cards
- Spam, Do Not Call & Junk Faxes
- Online Resources
- Resources for Bank Directors
- Research Data
- Information Security
- Fraud
- Payments
05/11/07
- A new "death threat" internet scam
- Forecasts of an impending internet security battle
- Growing worries about portable storage devices
- Yet another revelation from the TJX breach
- A hidden cost of ID theft
- Last Tuesday's Microsoft updates
05/04/07
- A new scam using the ACH system
- An alert on emails about reset passwords
- Concerns about money laundering via digital cash services
- Rootkit attacks that elude anti-virus applications
- Risks affecting Web 2.0 portal deployment
- ATMs with Windows
- Microsoft's May Patch Tuesday plans
- Personal concerns about data security
04/27/07
- A class-action suit against TJX
- An end-run around multi-factor authentication;
- Security gaps in Nortel's VPN routers;
- A flaw in Adobe's Photoshop;
- Low demand for mobile device banking services
04/20/07
- The return of the Storm email worm
- A major internet server security gap
- Attempts to exploit that vulnerability
- More problems with a Microsoft patch
- Another look at ATM skimming scams
- Details on Oracle's patch release
- This week's Apple update
- RIM's Blackberry service outage
04/13/07
- Malware lurking on legitimate websites
- Possible IT roadblocks to effective marketing
- Why mobile devices are more secure than PCs -- for now
- What happened on April's Patch Tuesday
- More security gaps in Microsoft products
- Oracle's plan to release patches April 17
- A reminder on the Animated Cursor patch
- Symantec's fix for a critical gap
04/06/07
- Security risks posed by multitasking employees
- Troubles with an unscheduled Microsoft patch
- Plans for April's Patch Tuesday
- Emails offering bogus Internet Explorer upgrades
- A threat to wireless networks
- The threat of higher metals prices, and
- The future of mobile payments.
03/30/07
- TJX's data breach was the largest ever
- Microsoft's animated cursor flaw
- A Windows proxy server protocol problem
- Big increases in ID theft
- Surprising sources for phishing emails
03/23/07
- A perception that U.S. institutions choose customer service over security
- Where most cyber attacks originate
- The cost of unrecovered backups and the value of paper
- Arrest in TJX stolen data
- Increase in Bot Net controlled PCs
- Greatest risk of data loss
- Must-read documents for security professionals
03/16/07
- an Al-Qaeda plot against the Internet
- A Fed Agency Vista Ban
- The StickyKeys weak spot in Vista
- A Service Pack for Windows Server 2003
- A big patch from Apple
- An attack on GoDaddy
- Copiers as security gaps
- A warning on emailed resumes
- Another flaw in IE7
- Craftier cybercrooks
- A role for government in internet safety
- Task force ID theft recommendations
03/09/07
- An anti-virus software test
- A Patch Tuesday without security patches;
- An important update for Apple's QuickTime;
- Microsoft's beta release of a new VoIP application
03/02/07
- March is the Month of PHP Bugs
- Adding to the list of MS Office 2003 flaws
- Mozilla's patch for Firefox holes
- Another ActiveX control concern
- A worm attack on a Sun Solaris daemon
- A concern for Google Desktop users
- Weak Vista user controls
- An Oracle security alert
- Research on bacterial backups
- Renewed interest in CRM software
02/23/07
- Potential Chinese hackers
- Problems with Cisco IP phones
- A successful pharming attack on banks
- Zero-day exploits on Microsoft Office
- Alternatives to the MS Office suite
- More Internet Explorer and Firefox bugs
- New information on the TJX breach
- A critical intrusion detection system flaw
- Tips on shutting IT ports and doors
- Last week's US-CERT vulnerability list
- New NIST security guides
02/16/07
- Massive cyber-testing by Homeland Security
- Continuing MS Word worries
- The latest US-CERT vulnerabilities list
- Gaps in Cisco's IPS
- A new IT security tool
- Unsecure Treo handheld phones
- Holes in wireless router security
- Another pandemic planning concern
- Cheaper cybercrime
02/09/07
- Hackers targeting key internet servers
- Copper cable thefts
- Next Tuesday's Microsoft patch list
- Flaws discovered in Firefox
- Trend Micro product vulnerabilties;
02/02/07
- The effects of this year's earlier change to Daylight Saving Time
- The wide reach of malicious botnets
- New information on the TJX data breach
- Virus-infected GPS devices
- Audio attacks on Vista PCs
- More phish in your email
- 112 new vulnerabilities on the US-CERT list
- Increases in attacks on mobile phones
- The Road to Microsoft Windows Vista in 20 Questions
01/26/07
- a STORM WORM attack update
- The dangers from hacker development kits
- Continued MS Word worries
- Patches from Cisco and Apple
- A Trojan scam against a Swedish bank
- A keylogging attack on government employees
- 140 new vulnerabilities on the US-CERT list
- A "heads up" on desktop gadgets and widgets
- Plans for a Vista update.
01/19/07
- ATTACK ALERT on today's Storm Worm e-mail
- A new phishing tool for hackers
- Increases in ID theft
- Strategies for attracting "Gen Y" employees
- The big data breach at TJX
- The latest US-CERT vulnerabilities list
- A re-released Excel patch
- Sun's Java update
- A threat to MS Office passwords
- Entrust's use of extended website validation
- A new manual from the Justice Department
01/12/07
- Miscrosoft's delay of four critical patches;
- US CERT's latest Vulnerability Summary;
- Opera's Update Oversight;
- Problems with Sun's Java Runtime Environment;
- A need to upgrade or patch Adobe's free Acrobat Reader;
- A warning for Acer computer owners;
- A critical patch for OpenOffice users;
- Worries about Web 2.0;
- Disaster planning concerns;
- When to upgrade to Vista (or not);
- Password plans for PayPal protection, and more
01/05/07
- A busy 2007 for your IT and Info Security staff;
- The kickoff of Apple Bug Month;
- US CERT's latest Vulnerability Summary;
- Unpatched Microsoft weaknesses;
- Plans for January's Microsoft Patch Tuesday;
- More reasons to upgrade Acrobat Reader installations;
- Google's fix for a Gmail gap;
- An attack on Amazon.com; and
- New threats to Bluetooth users.
12/29/06
- growing concerns about Microsoft Windows Vista;
- The Department of Defense's ban on HTML email;
- Communications challenges in Asia;
- Forecasts of increased cybercrime;
- The threat from botnets; and more.
12/22/06
- A new worm is raising havoc with computers running unpatched versions of Symantec AntiVirus
Exploit code for bugs in the not yet released Windows Vista hits hackers' Christmas lists with a price tag of $50,000
- Mozilla patches several security flaws
- Researchers want to prove that Apple is no more secure than Windows by making January the "Month of Apple Bugs"
12/15/06
- System administrators have a busy week with patches from Microsoft
- Three un-patched Microsoft Word flaws lead many institutions to block Word documents at the email gateway
- Phishing and identity theft continue to increase
- A new ransomware attack targets Hotmail users
- A new paper on protecting wireless networks
12/08/06
- Apple and MySpace get together to demonstrate how not to release a security patch
- Updates for Adobe Acrobat Reader
- Two new vulnerabilities for Microsoft products, including a Word flaw that is being actively exploited
- A new online tool to check systems for vulnerabilities
12/01/06
- A threatened cyber attack against financial institutions
- Apple patches thirty-one security flaws
- New vulnerabilities in Adobe Acrobat
- New hacks for Blackberries
- Warnings about preparing for pandemic flu
- Will mobile phones be the next consumer banking tool?
- Will social banking steal business from brick and mortar banks?
11/24/06
- A new type of attack puts your passwords at risk
- US-CERT issues two alerts for critical bugs in Mac OS X and CA's BrightStor backup software
- McAfee retracts claims that its SiteAdvisor software will detect phishing
- Are the solutions being implemented to meet the FFIEC's multifactor authentication guidance real security, or just a panacea to make consumers feel safer?
11/17/06
- The SANS Top-20 is out and users are among the top targets for attackers
- Additional vulnerabilities are discovered in WinZip and a widely distributed wireless device driver
- Microsoft releases six patches for nine flaws and hackers already have exploits out for at least one of them
11/10/06
- Two new articles every IT manager and executive should read
- Microsoft releases Vista to manufacturing
- A new "supercert" SSL certificate is in the works
- Two new malware applications cause a dramatic increase in spam
- Google emails a virus to over 50,000 subscribers
- A new flaw is discovered in a Microsoft ActiveX control.
11/03/06
- A new resource in the fight against spam
- Attacks on technologies designed to comply with the FFIEC's MFA guidance
- A new hard drive that encrypts data
- The 8th anniversary of the first Internet worm
10/27/06
- Online brokerages lost over $22 million in the last three months due to cyber crime
- The number of batteries included in Sony's battery recall tops 8 million
- Firefox 2 is officially released
- Another bug is discovered in IE 7
- The FBI says that cyber crime is one of their priorities
- New voice biometric technology is available for telephone banking systems
10/20/06
- Oracle releases patches for 101 security vulnerabilities
- Apple ships iPods with a Windows virus on them
- Microsoft releases Internet Explorer 7
- Mozilla announces Firefox 2 Release Candidate 3
- New research shows that many banking web sites are still scaring away customers
10/13/06
- Another record setting slew of patches from Microsoft, along with a glitch in their delivery and a new exploit published two days later left Microsoft users wondering "What's next?"
- HSN publishes the top ten attack vectors against Web 2.0 apps
- Google releases a new search tool that could be of more help to hackers than to legitimate users
10/06/06
- Apple released an update for fifteen security vulnerabilities
- Microsoft has announced that next week's monthly update will include patches for eleven security flaws
- A fake flaw was announced in Firefox by researchers seeking publicity
- Fujitsu laptops join the great Sony battery recall
- Hacking-for-dummy kits are on the increase
- UK banks are wary of smart card authentication
- Women may be the biggest target market for online banking
09/29/06
- Additional vulnerabilities are discovered in Internet Explorer and Microsoft PowerPoint just after Microsoft released an out-of-cycle patch for one of last week's bugs.
- Sony's problems continue to pile up as IBM/Lenovo and Toshiba announce more battery recalls
- Dell expands its own recall effort
- Browser bugs and phishing emails are on the rise
- Identity thieves are targeting smaller businesses
- A new class-action lawsuit arises against a bank that is alleged not to have done enough to protect the identities of its customers
09/22/06
- Two new flaws in Internet Explorer
- An update to Firefox to fix several critical security vulnerabilities
- A marked increase in cross-site scripting vulnerabilities spell trouble for online applications
- Barclays Bank leads all others in phishing attacks directed against their customers
- More Sony batteries are recalled and another laptop bursts into flames.
09/15/06
- Microsoft released three new patches
- Adobe updated the Flash Player
- Apple released a new version of QuickTime
- Two banks were in the news for losing confidential data
09/08/06
- A new zero-day vulnerability for Microsoft Word 2000
- A virus definition update that took several servers down
- NIST releases three new draft special publications for public comment
- OpenID may be the future of identity management
- A new article suggests how to develop an encryption strategy
09/01/06
- First phishing, then vishing, and now SMiShing?
- A warning about an increase in phishing sites
- Sun admits there is a major flaw in the method that Java updates are installed
- A serious security hole is found in Cisco firewalls
- Ten open source companies and products to watch
- A new study shows attacks that use stolen login credentials are much more damaging than other types of attacks
08/25/06
- Microsoft experiences more patch problems
- Apple recalls 1.8 million notebook batteries
- Microsoft and Mozilla agree to work together
- A software upgrade at the Department of Education goes wrong
- How using metrics can help your institution's security function.
08/18/06
- Delays in installing a patch to Microsoft's Windows Server Service are being exploited
- Another patch from Microsoft is being re-patched to fix an issue it caused
- Dell is recalling 4.1 million notebook batteries
- Two new stories may make the security professional's job even more difficult
08/11/06
- Microsoft set a new record by releasing more patches so far in 2006 than it did in the last two years combined
- Both US-CERT and the Department of Homeland Security are now warning users to install patches
- Apple releases new patches for the Mac Pro
- A new Trojan is on the loose
- Google warns users about dangerous websites
- Barclays is providing card readers to its online banking customers
- Several new warnings about mobile phones and PDAs are released
08/04/06
- Security researchers released several new methods to exploit information systems security vulnerabilities at this week's BlackHat security conference
- Apple, Mozilla and McAfee all released security patches this week
- A new credit card with the capability to generate one-time passwords was announced
07/28/06
- Attacks against Microsoft PowerPoint: One of the new attacks leads experts to believe the motive is corporate espionage.
- Kaiser joins the list of companies that have lost laptops with personal information on them
- GlaxoSmithKline announces a breakthrough in the development of a vaccine against bird flu
07/21/06
- Following a large patch release from Microsoft last week, Oracle releases sixty-five security patches
- Reports of SQL injection attacks against web applications are on the rise
- MySpace users are hit hard by at least two attacks
- A new search engine that allows you to search for malicious software on websites has been released.
07/14/06
- A two-factor authentication web site was spoofed this week
- A new phrase was introduced into the IT vocabulary - "vishing" - phishing through VoIP
- It's time to update those electronic banking risk assessments
- Microsoft released seven patches to address eighteen vulnerabilities and officially ended support for Windows 98 and Windows ME
- Adobe and Cisco both released critical patches aimed at High severity vulnerabilities
- A new report shows a disturbing trend toward selling newly discovered vulnerabilities to the highest bidder.
07/07/06
- A security researcher has dubbed July "The Month of Browser Bugs" and promises to post a new browser vulnerability every day of the month
- Another Excel flaw is discovered
- A worm posing as Windows Genuine Advantage is on the loose
- Advice on preparing for a malware attack and on correctly using SAS 70 reports
06/30/06
- Microsoft patches affecting Excel and Internet Explorer
- Apple was on the mend
- Several arrests of those involved in malware distribution and even insider abuse at HSBC leading to a data breach
- McAfee and Symantec working to help improve protections
- How government guidance is working to shore up vulnerabilities in the IT security system
06/23/06
- Patch and Vulnerability Groups met to decide whether three new attacks against Microsoft Office products warranted blocking those files until patches can be released.
- A new booklet on disaster recovery and lessons learned from Hurricane Katrina was released by the FFIEC member agencies.
- Several data breaches
- A new attack against PayPal users
06/16/06
- Microsoft released the most patches in a single cycle since February 2005
- Windows 98 and Windows ME support comes up short
- A new ransomware variant
- Two new worms are discovered
- The FDIC wants you to know how XBRL can help your bank
06/09/06
- Three large data breaches insured a busy week for information technology and security professionals
- The Government Accountability Office released new data this week on tsunamis and the areas most likely to be affected - are you in one?
- Are spreadsheets and USB drives among the new enemies to the corporate network?
06/02/06
- Barclays Bank in the UK buys 1.6 million protection licenses.
- The Cybersecurity Enhancement and Data Protection Act of 2006 gets approval from the House Judiciary Committee
- Symantec works over the weekend to patch a High severity vulnerability
- The first macro virus to target OpenOffice is released
- Microsoft releases OneCare
05/26/06
- How virtual money is being used and how at least one bank is participating in on-line gaming
- The latest debate on bird flu
- Five of the most wanted cybercriminals in the world
05/19/06
- Anti-spammers suffered a casualty in the ongoing war on spam: Security firm Blue Security Inc. was forced to close its doors
- Apple released several patches
- A database of stolen identities was discovered
- Lloyds TSB admits to security weaknesses in their new 'chip and PIN' cards
- Another data breach bill is introduced in Congress
05/12/06
- Microsoft released two critical patches and one moderate-severity patch on Patch Tuesday.
- A failure in the United Kingdom's 'chip-and-pin' credit card systems leads to the theft of over a million pounds
- Reports from Germany indicate that the operating system that runs many of the security appliances protecting network infrastructures is overly buggy
- Two industry experts warn of the complete failure of information security
- A new tool that's been posted on BankersOnline
05/05/06
- A rather busy week for reported information technology security incidents
- Information about new vulnerabilities
- A phishing mutation
- Ransomware
- Security log management
- A Firefox update
- SSL evasion
Archived Tech Alerts:
3/10/06 Internet Security Vulnerabilities,
Trends and Predictions
1/27/06 Kama Sutra Worm, Top Trends Impacting Bank Technology
12/01/05 2005's Top Security Vulnerabilities
8/12/05 Spyware Threats, ID Thieves Use Spyware, Pharming, New Phishing Center
8/10/05Microsoft Reports Download Problem
8/20/04 Avoiding Problems with the latest Microsoft Service Pack
7/2/04 "Can you bank on IE Security?" -- Use of Internet Explorer browser; precautions
6/29/04 FDIC Guidance on virus protection; JS.Scob.Trojan update; Phishing Advice
5/03/04 IT Exam Guidance - Retail Payment Systems
5/03/04 Email from IRS? Nope, Just More Phishing"
5/03/04 Sasser Worm Strikes Thousands of PCs
3/8/04 Blog Update: BankersOnline.com is Spoofed!
2/25/04 Newest Variant of MyDoom Virus Packs a Punch
2/11/04 Critical Windows Security Flaw
1/26/04 New Mass Mailing Worm
1/15/04 New Vulnerabilities Affecting Antivirus Products
1/15/04 Critical Update for Microsoft Firewall Product
1/15/04 Phishing Scams on the Rise
10/15/03 Microsoft warns of critical flaw in Windows XP and 2000
10/15/03 Top 20 Internet Security Vulnerabilities
09/19/03 Gibe Virus Spreading Quickly
09/19/03 Phishing Scams Continue Around the Globe
09/10/03 Patch Issued for Serious Windows Flaws
09/04/03 New Security Warnings Issued by Microsoft
08/22/03 From Blaster to Nachi to Sobig -- More Havoc Predicted
08/19/03 New Strain of Sobig VirusSpreading Rapidly Across the Net
08/17/03 Blaster Worm email Hoax Provides New Threat
08/14/03 What the Blaster Worm Teaches Us
07/23/03 Kinko's Keystroke Caper Underscores Need for Diligence
06/09/03 Bug Bear Targets Banks
06/05/03 Rapidly Spreading Bugbear Virus Cause for Concern
05/29/03 Constructing an Effective Patch Management Program
05/20/03 Greetings From Microsoft Support! May We Infect Your System?
05/12/03 New Fizzer Worm Racing Throughout The Internet
04/07/03 New Report Details Efforts to Address Cyber Threats
04/02/03 Time to Step Up IT Security and Sendmail Vulnerability
03/18/03 Windows 2000 WebDAV Buffer Overflow Exploit Against IIS 5.0 - CRITICAL
03/03/03 Critical Vulnerability Discovered in Sendmail
02/06/03 Microsoft Releases Cumulative Patch for Internet Explorer Flaws It Lists as Critical
01/26/03 The Importance of Applying Patches
01/23/03 Microsoft and SUN release slew of Patches
01/14/03 New Worms Spreading through Email
12/09/02 Microsoft Issues Updated Cumulative Patch for IE
11/13/02 New e-greeting tactics pose serious threat
11/01/02 Critical patch released for Windows 2000, Windows XP
10/21/02 Microsoft Fixes Vulnerabilities: Releases Patches for SQL, Word and Excel
10/03/02 Bugbear Worm Gains Strength
10/02/02 Top 20 List of Internet Security Vulnerabilities Released
09/02/02 Microsoft Warns SysAdmins To Immediately Patch Identity Spoofing Flaw
08/21/02 Microsoft releases patch to fix "critical" vulnerability in
Windows 2000 systems that allow unprivileged users to log
onto them interactively
08/09/02 Is Confidential Bank Information Walking Out Your Door?
07/30/02 Microsoft Continues to Patch Flawed Software
07/23/02 CERT advisory on PHP
07/15/02 Outlook Users Employing PGP Encryption Program Vulnerable to Hacking
07/11/02 Researchers Report Serious Flaw in IE
06/27/02 Microsoft Releases Critical Patch for Windows Media Player
06/18/02 CERT Warns of Critical Vulnerability in Apache Web Server
06/12/02 Sports Fans Beware: World Cup Virus Bounces Around the Net
06/07/02 Dead Man Tell No Passwords
05/31/02 Microsoft Issues Critical Warning Regarding Exchange Server
05/22/02 Microsoft SQL Spida Worm Slows Network Traffic
05/15/02 Virus Hoax 'JDBGMGR.EXE' Spreading Rapidly Throughout Net
04/25/02 Klez Worm Reels in Banks with its Bait
04/11/02 Ten New Vulnerabilities Discovered in Microsoft IIS Server
04/09/02 New Virus Hoax Circulating Around Net
03/22/02 MyLife.B Virus Makes Its Way Around the Net
03/21/02 Microsoft Updates Its Warning on Critical Windows Vulnerability
03/14/02 New Virus (W32/Fbound-C) Spreading Rapidly in the Wild
03/08/02 Unauthorized E-Mail Scam Attempts to Steer Unwitting Customers to Fraudulent Bank Web Site
03/06/02 Klez-E Worm and W32.Gibe Virus Warnings
03/01/02 CERT Issues Warning on PHP Scripting Language Flaw
02/27/02 CERT Issues Warning on Internet Explorer and Outlook Flaw
02/22/02 SNMP Patches and Detection Tools Available
02/20/02 Email Address Belonging to Legitimate Security Site Hijacked to Deliver Dangerous Yarner Worm
02/15/02 Mass Mailing Email Worm Compromises Word 2000 Security Settings
02/13/02 SNMP VULNERABILITY
02/07/02 Bloodhound Mass Mailing Worm and Managing Risks in Wireless Networks
02/04/02 Microsoft Issues Collection of Security Fixes for Windows 2000
01/31/02 Copycat Virus Unleashed
01/30/02 Netscape Browser Vulnerable to Cookie Theft
01/28/02 "My Party" Mass Mailing Worm
01/18/02 IT Contingency Planning Guide, Information Security Checklist and Solaris Vulnerability
01/15/02 Trojan.StartPage Alters Web Browsers
01/12/02 New Internet Worm Gigger Masquerades as Microsoft Outlook Upgrade
01/08/02 Microsoft Universal Plug and Play Vulnerability
12/20/01 Holiday Themed Computer Virus Unleashed
First published on BankersOnline 5/20/03
Privacy Policy Disclaimer Recommend This Site ! Contact Us
BankersOnline is a free service made possible by the generous support of our advertisers and sponsors. Advertisers and sponsors are not responsible for site content. Please help us keep BankersOnline FREE to all banking professionals. Support our advertisers and sponsors by clicking through to learn more about their products and services.
|
|
|
|
Print Friendly!
Email This Article!
Discuss NOW!