Thursday, November 15, 2007

Microsoft November 2007 Monthly bulletins

Microsoft monthly bulletins was released . Patch this critical Holes.
MS07-061: Vuln in Windows URI Handling Could Allow Remote Code Execution
MS07-062: Vulnerability in DNS Could Allow Spoofing

Digg this

Posted by kernex at 1:57 AM 0 comments

Labels:

Wednesday, November 14, 2007

Cyber Security Awareness Month

ISC collected 31 tips that folks necessary to know about threats. This collection is divided into 5 parts :Establishing a User Awareness Training Program , Best Practices , Hardware/Software Lockdown , Safe Internet Use , Privacy and Protection of Intellectual Property . I saw a lot of cool tips on this list. Recommended read.

1. Establishing a User Awareness Training Program

1 Penetrating the "This Does Not Apply To Me" Attitude
2 Multimedia Tools, Online Training, and Useful Websites
3 Getting the Boss Involved
4 Enabling the Road Warrior
5 Social Engineering and Dumpster Diving Awareness
6 Developing and Distributing Infosec Policies

2. Best Practices
7 Host-based Firewalls and Filtering
8 Anti-Virus, Anti-Spyware, and Other Protective Software
9 Access Controls, Including Wireless, Modems, VPNs, and Physical Access
10 Authentication Mechanisms (Passwords, Tokens, Biometrics, Kerberos, NTLM, Radius)
11 File System Backups
12 Managing and Understanding Logs on the Desktop or Laptop (AV, Firewall, or System Logs)
13 Patching and Updates

3. Hardware/Software Lockdown
14 Data Encryption
15 Protecting Laptops
16 Protecting Portable Media like USB Keys, iPods, PDAs, and Mobile Phones
17 Windows XP/Vista Tips
18 Mac Tips
19 Linux Tips
20 Software Authenticity (Digital Signatures, MD5, etc.)

4. Safe Internet Use
21 Understanding Online Threats, Phishing, Fraud, Keystroke Loggers
22 Detecting and Avoiding Bots and Zombies
23 Using Browsers, SSL, Domain Names
24 Not All Patches Are Released on a Tuesday
25 Using Email, PGP, X509 Certs, Attachments, Instant Messaging and IRC
26 Safe File Swapping
27 Online Games and Virtual Worlds

5. Privacy and Protection of Intellectual Property
28 Cookies
29 Insider Threats
30 Blogging and Social Networking
31 Legal Awareness (Regulatory, Statutory, etc.)


Digg this

Posted by kernex at 6:29 AM 0 comments

Subscribe to: Posts (Atom)