Behavioral Based Email Security Systems

By Simon Heron, CISSP Internet Security Analyst

There needs to be a change to email security if we want to stop seeing high profile security breeches such as the ones that hit Hotmail and Google in 2009, and the America law firm Gipson Hoffman & Pancione more recently. The problem is, most email filtering systems will trust the email address and therefore allow it through.

2009 Infosec Threat Analysis Summary

By Simon Heron, CISSP Internet Security Analyst

Three million new threats were identified in 2009, which equates to almost one every 10.8 seconds. 2,905,697 threat signatures were released to protect against new or variant threats, an increase of 6.9 per cent from 2008. Most spam and malware originates from botnets and compromised hosts. There’s been a move away from mass-mailed spam and malware of old, to more targeted vulnerability exploits as cyber-criminals look towards more efficient means of carrying out their attacks. These examples highlight the need for all companies to review security policies for the applications and software that they permit people to access via their corporate networks or work computers.

Forgotten Security: Patching and Updating

By Simon Heron, CISSP Internet Security Analyst

The fourth guide in our ‘Forgotten Security’ series, Forgotten Security: Keeping up to date, is targeted at IT teams, encouraging them to take another look at their procedures, ensuring that they cover both software and equipment. A fully updated system is protected against the latest threats.

Vietnam Tops November Spam Report

By Simon Heron, CISSP Internet Security Analyst

Vietnam has become the number one source of spam – being responsible for more than 10 per cent of the worlds spam emails – and the UK has entered the virus production charts, being responsible for 2.79 per cent of the world’s viruses. Brazil, the US and Korea still dominate when it comes to virus production.

Telecommuting and Enterprise Security

By Simon Heron, CISSP Internet Security Analyst

Remote working, or working from home, is becoming increasingly popular as companies seek the economic benefits of moving some of its team out of the office, or having employees that are able to log on at home. But, businesses could be exposing themselves to more risk by using remote workers if the process is not properly thought through and monitored.

Report: Globalization of Malware Production

By Simon Heron, CISSP Internet Security Analyst

Hackers are spreading their operational bases further around the world, according to threat analysis from managed security firm, Network Box. Not only should we all be wary about what links we click on in emails, social networking sites and IM, but we should examine what data we put online.

ScareWare Infects Tens of Millions Yearly

By Simon Heron, CISSP Internet Security Analyst

There is still a lot of scareware out there, and many people still falling for it. Forty-three million in the last year according to Symantec. Put simply, scareware programs are designed to frighten people into running malicious software by popping up when the user is online and declaring that viruses have been detected…

Microsoft Security Essentials Only First Step

By Simon Heron, CISSP Internet Security Analyst

Whilst the recent news that Microsoft has released a free computer security package to the public is reassuring, it does not detract from the fact that the world’s most popular operating system still has serious security flaws.

Forgotten Security Defenses Pose Threat

By Simon Heron, CISSP Internet Security Analyst

Companies are protecting themselves from high-profile threats such as malware attacks, but are often leaving themselves vulnerable from the forgotten security defenses. In the first of our advisory notices on forgotten security, we advise companies to examine their applications, hardware and security systems to protect against vulnerabilities resulting from insufficient monitoring.

Securing Your Email and Controlling IM Risks

By Simon Heron, CISSP Internet Security Analyst

Currently, people rely on obscurity to keep their data safe. But with progressively more intelligent search engines available that can churn through vast amounts of data and make sense of it – even your email – security is something that needs to be addressed.

Next Page »

• Categories

  • Anthony M. Freed (26)
  • Bill Brenner (2)
  • Bob Violino (1)
  • Bozidar Spirovski (23)
  • Breach (540)
  • Britt Womelsdorf (5)
  • By Dr. InfoSec (2)
  • Cara Garretson (7)
  • CCCNews (1)
  • Chorey Taylor & Feil (8)
  • Christophe Veltsos (2)
  • Christopher Burgess (7)
  • CIOZone (26)
  • Class Action Lawsuit (111)
  • Cloud computing (113)
  • Coby Royer (5)
  • CTO Forum (9)
  • D&O Liability (601)
  • Daniel Wallace (5)
  • Danny Lieberman (11)
  • DataLine (10)
  • David Alexander (2)
  • Derek Crawford (1)
  • Doug Pollack (7)
  • due diligence (310)
  • Fame Foundry (1)
  • FEATURE ARTICLE (428)
  • Financial (587)
  • Fred Leland (7)
  • Gene Kim (3)
  • Government (373)
  • Greg George (5)
  • H1N1 (15)
  • hackers (539)
  • healthcare (134)
  • Heather Bourgoin (1)
  • HomeATM (8)
  • identity-theft (535)
  • IDExperts (17)
  • Ike Z. Devji (1)
  • Infosec Island Network (38)
  • Insider Threat (490)
  • Internet Crime Complaint Center (1)
  • Internet Security Alliance (71)
  • ISR News (321)
  • Jacqueline Herships (2)
  • Jenni Hesterman (3)
  • John M. Salomon (2)
  • John Watkins (7)
  • John-Patrick Skaar (2)
  • Kaliber Data Security and Compliance Consultants (3)
  • Kat Sanders (2)
  • Ken Leeser (3)
  • Kevin L. Jackson (10)
  • Kevin M. Nixon (21)
  • Larry Ketchersid (1)
  • Laton McCartney (7)
  • Lauren Taylor (1)
  • Linda McGlasson (1)
  • malware (501)
  • Mark Smail (1)
  • Mark Wright (1)
  • Mel Duvall (3)
  • Michael Eggebrecht (3)
  • Michael Lohr (1)
  • Michael O'Conner (4)
  • MicroSolved (1)
  • Mike Duncan (3)
  • Mike Meikle (4)
  • Mike Spinney (1)
  • Military (211)
  • national security (453)
  • PCI (308)
  • PCI Security Standards Council (32)
  • Physical Security (11)
  • privacy (552)
  • Rachel James (10)
  • reach (11)
  • Rebecca Herold (16)
  • Richard Stiennon (44)
  • Robert Siciliano (34)
  • Sarbanes-Oxley (502)
  • ScamStop (2)
  • Sean Wilkins (2)
  • Semyon Dukach (1)
  • Simon Heron (14)
  • Software Associates (11)
  • Steven Fox (19)
  • SUPERAntiSpyware (3)
  • Sybase (6)
  • Symplified (5)
  • The Jester (8)
  • The Privacy Professor (16)
  • Thomas R. Fox (8)
  • Tom Groenfeldt (2)
  • Tom McLain (2)
  • Trefis (14)
  • Tripwire (18)
  • Uncategorized (621)
  • virtualization (101)
  • Webcast (49)

• ISR Headline Index

  • Hackers Lurking in Hotel Networks
  • 7 Month Vulnerability in Windows Virtual PC
  • How to Secure a Cisco Router
  • On HTML Insecurities…
  • When Social Networking Clashes with Security
  • Spam Block: Public Servants or Vigilantes?
  • Sticky Situations in Social Media
  • Quick Tips for Using Secure Shell
  • Consolidate Compliance With Open Source
  • DoS Attack Reveals Widespread Vulnerabilities
  • Study Shows Employees Put Data at Risk
  • Tracking Google’s Script Kiddie Hackers
  • Newbie Introduction to Digital Forensics Part 2
  • Simple Log Review Checklist Released
  • Press F1 for Help? Microsoft Zero Day Threat!

• Recent Comments

  • Ryan Aslett on Data Loss Prevention Has Jumped the Shark
  • Tom on (Lack Of) Encryption and The HITECH Act
  • ADMIN on Patriot Hacker Hits Jihad With DDoS Attacks
  • Robert Siciliano on Data Loss Prevention Has Jumped the Shark
  • Karen J. Cox on Data Loss Prevention Has Jumped the Shark
  • Scot McLeod on Outsourcing Breach Response Lowers Costs
  • John Marke on Gartner Tells CIOs to Embrace Social Media
  • Social Engineering and Enterprise Security | CIO – Blogs and … | Enterprise Engineering Addict on Gartner Tells CIOs to Embrace Social Media
  • From Russia, With Smartphones on Top 8 Social Media Security Threats
  • Judith Hoffman on Scam Alert: Rogue Gmail Account Phishing
• 
  

  Information Security Resources

  Top network security blogs