Skip to content
Tips for Tech

Tech Alert Briefing for 2/22/2008

February 22, 2008
Update covering February 15 - 21, 2008

Welcome to Tech Talk! In this edition, BOL Gurus John Burnett and Andy Zavoina write about Clinton, the eclipse, BlackBerry jam and more.


Andy


John


You'll read about:

  • malicious emails
  • a pair of browser vulnerabilities
  • the TLC needed to install Server 2008
  • pros and cons of the Server 2008 upgrade
  • an upgrade for Windows XP
  • Microsoft's recall of Vista SP1 software
  • BlackBerry's newest email woes
  • protecting laptop data
  • a new malware detection system
  • addressing threats from insiders
  • another warning about social networking
  • Epson's printing privacy product
  • the threat of localized malware
  • US-CERT's latest vulnerabilities list

Get the details below.
Clinton and Eclipse Malware
Do spammers care about presidential campaigns or astronomy, or just sending more spam? There is one email circulating that purports to link to a Hillary Clinton campaign speech video and another (with varying subject lines) that claims to link to a video of Wednesday's lunar eclipse. Both are actually attempts to download a Trojan. With campaigns heating up, your employees and customers getting more interested in the presidential race, and interest peaking in the last lunar eclipse until 2010, a reminder about being cautious with email may be in order. Networkworld has the Clinton email story, SCMagazine has the story on the eclipse messages.

Firefox and Opera Can Reveal History
Both the Firefox and Opera browsers contain a flaw in the way they handle bitmap image files. A malicious bitmap image could allow a hacker to access information from your browser. What information is vulnerable? Read about it in Networkworld. As a follow-up, TechWorld reports that as of Thursday, Opera had patched the flaw. Firefox's most recent version, 2.0.0.12, also plugs this gap.

Windows Server Upgrade Warning
Windows Server 2008 should be released next week. Microsoft has warned that the upgrade could be difficult for some users of Exchange 2007. Adequate planning is a must. Read about the precautions on Networkworld.

Are You Installing Windows Server 2008?
A new survey shows that 17 percent of IT professionals are planning to install Windows Server 2008 upgrades now. Where would you fall if you were part of the survey? For more on the pros and cons, as well as the release specifics, read Networkworld.

Windows XP SP3 (RC2) Available
Windows XP Service Pack 3 Release Candidate 2 was released just a few weeks ago for testers. Now it is available for the general public. This is a great time to get it on a test machine. Computerworld has the details.

Vista SP1 "Prerequisite" Pulled
After complaints of system problems resulting from the update, Microsoft has stopped the automatic distribution of "prerequisite software" for Vista Service Pack 1. Some users said that installing the software would require that they reformat their hard drives. There is no date yet for full release of the service pack. For more on the problem, read the story at CNet News.com. And silicon.com has a follow up onprograms that aren't working, post Vista SP1.

Another BlackBerry Jam
Many BlackBerry users suffered from yet another outage on Wednesday. Some users reported only delayed email while others saw more restricted use of email and attachments. The problems started early and grew until about noon. Even though the glitches were reportedly resolved, the back-logged email was going to take time to work through the servers. Networkworld has more on this story.

Laptop Data Security
Losing a laptop can be very costly. The hardware is a minimal expense compared to the software and value of your data. This is especially so if customer information resides on the laptop, making the loss of a laptopa data security breach. A U.K. company has a solution. The hard drive gets wiped clean when the laptop is reported stolen. For more on this, read PCWorld.

AMP Detects Malware
Most anti-spyware and anti-virus software protects only against known malware.A just-launched product helps head off new, unknown threats. Firstlight Active Malware Protection (AMP) was developed with funding from the Department of Homeland Security. It runs using Red Hat's Fedora operating system on an Intel-based appliance. AMP captures malware on networks, before their systems are infected. Networkworld has this story.

Preventing Insider Espionage
Data loss, data corruption and network penetrations are often caused by insiders. Probabilistic Latent Semantic Indexing (PLSI) is an automated document indexing program developed by the Air Force Institute of Technology that will help detect interest in a particular topic by a particular employee, which might suggest internal espionage. Networkworld has more on how PLSI works.

In Case You Needed Another Warning
Security experts aren't impressed with Facebook's plans to release a version of its application for enterprise users. Quite the opposite. Web 2.0social networking sites continue to be fertile ground for the spreading of malware, according to an InfoWorld article. That presents a quandary for IT managers who see value in social networking applications, but also recognize the security threats they pose.

Private Printing Permitted
Epson has announced the EpsonNet Authentication Print system and its ability to print private documents securely. When confidential documents are sent to a network printer, anyone can view them before they are retrieved. Epson's new system allows the document to be held in the print queue until an access card is presented at the printer. For details, read the story at PCWorld.

Localized Malware
McAfee is reporting that in 2006 it identified nearly 54,000 unique pieces of malware. In 2007 that number increased to nearly 132,000. More viruses and Trojan programs are being written to attack users in specific regions or countries, rather than worldwide. That makes it more difficult for anti-virus companies to produce their software to fight infections. Read more on this challenge at InfoWorld.

174 Make Latest US-CERT List
The US-CERT Vulnerability Summary for the Week of February 11, 2008, lists 100 High, 66 Medium and 8 Low severity weaknesses. High severity security faults were listed for Adobe Acrobat, Reader, and Flash Media Server 2, as well as Clam Anti-Virus, and IBM DB2, among others.


Subscribe to Tech Talk and BOL Tech Advisories
In the Banker Store
CD ROM Training
Implementing the Red Flag Guidelines
Video Training
FACTA: Responding to Identity Theft
CD ROM Training
Patch & Vulnerability ManagementArchived Articles on Technology and eBankingYou have access to archived Tech Talk pages and Tech Alerts on BankersOnline's Technology & eBanking Archive page.
Plus, you'll find the latest technology and eBanking articles and guru Q&As there, too.You'll find many more related articles in our InfoVault.

First published on 02/21/2008

Briefing type: 

Banker Tools View All

A collection of useful resources for various areas of the bank which have been developed by members of the BankersOnline staff or have been created and contributed by users of the BankersOnline site.

Banker Tools

Penalties View All

Search Briefings

Briefing Archives