Archived Industry Notes: Technology
Published in 2009
P-R
Pentagon official warns of risk of cyber attacks
The head of the Pentagon’s Strategic Command warned Congress on March 17 that the United States is vulnerable to cyberattacks “across the spectrum” and that more needs to be done to defend against the potential of online strikes, which could “potentially threaten not only our military networks, but also our critical national networks.” But the Air Force General made clear to a House Armed Services subcommittee that he has not been asked to defend most government Web sites nor the commercial and public infrastructure networks whose destruction could cripple the nation. The General’s command, instead, has the responsibility “to operate and defend the military networks only and be prepared to attack in cyberspace when directed,” he said, adding,“I think the broader question is, who should best do this for the other parts of America, where we worry about defending power grids, our financial institutions, our telecommunications, our transportation networks, the networks that support them.” The responsibility of protecting civilian networks currently rests with the Department of Homeland Security, but the General’s testimony comes at a time when a Presidentialchartered 60-day study of cybersecurity is underway. A report from that study is expected next month.
Details Here
first published week of: 03/23/2009
Phishing gets automated and we're all getting targeted
Phishing expeditions business and personal data are rising to record levels, with fake anti-malware campaigns alone increasing by 225 percent in the last six months of 2008. Password-stealing Web sites jumped 827 percent IN 2008. The reason is the phishers are investing in automation. A new report from the Anti-Pjhshing Working Group (APWG) gives a sense of just how aggressive the phishers and malware makers are becoming in search of one’s business (and personal) data. Using increasingly automated attacks and re-tooling strategies such as anti-malware come-ons, phishers are bombarding the Web with mail campaigns, continue to co-opt known and trusted brands, and are sprouting malware Web sites at stunning rates. According to APWG, malware sites jumped 827 percent, from 3332 in January 2008 to 31,173 in December, within spitting distance of a 1,000 percent increase in twelve months. The largest increase was December; in fact, with the number of sites bearing malware and password-stealing tools skyrocketing from November’s 11,834 to 31,173. While APWG notes that the December pop was a result of “some large attacks that were using huge amounts of random websites for phishing campaigns that were spoofing classmates’ websites,”” the organization undoubtedly also knows that this sort of increase is unlikely to remain an aberration.
Details Here
first published week of: 03/30/2009
phishing toolkit use on the rise
There has been a huge increase in the use of phishing toolkits, with 42 percent of phishing URLs recently generated using the toolkits, and the emergence of a new trend of phishing attacks towards the popular social networking site, Facebook. Symantec, in its June phishing report, says it observed an increase in URLs using phishing toolkits during May of 100 percent over the previous month, with a 14 percent decrease in non-English phishing sites compared to February. The security firm also reports that during May, more than 98 Web hosting services were used, which accounted for six percent of all phishing attacks, which was a decrease of five percent from the previous month. According to the executive editor security response at Symantec, Symantec observed that 58 percent of all attacks were from unique phishing Web sites, which included more than 206 targeted known brands. “The unique attacks decreased by nine percent from the previous month. This was the result of a sharp increase in toolkit activity as the trending of the two is usually inversely correlated.” In relation to the use of toolkits, Symantec says that that there was a sudden increase in toolkit attacks during the first week of May, primarily targeting the information services and financial sectors, due primarily to the resurgence in phishers targeting Facebook
Details Here
first published week of: 06/15/2009
PowerPoint: New PowerPoint attacks hit old flaw
Researchers are tracking the emergence of a new set of malware attacks loaded into Microsoft PowerPoint documents that take aim at a long-patched vulnerability in the application. Highlighting the success that many attackers still have in launching threats that prey on vulnerabilities that should have been fixed long ago, the new PowerPoint attacks seek to exploit the issue identified by Microsoft as MS06-028, first patched in June 2006. Even those who remain unpatched could avoid the attack by avoiding unsolicited .PPT attachments, so clearly the threat is aimed at less savvy individuals, or those living in countries such as China where the popularity of pirated Microsoft software allows for old flaws to remain available targets. Among the researchers logging new waves of the .PPT campaigns was Sophos, which said it has seen a sharp increase in the attacks over the last several business days. For those who should be patched, the usability of the attacks shows how even a recent spate of .PPTrelated zero day threats sometimes fails to motivate people to ensure their computers are completely up to date, experts with the company noted in a blog post. The attacks drops a Trojan, identified by the researchers as Troj/Protux-Gen, onto affected machines. A screen flicker is triggered by the involved shellcode, which also downloads and runs another executable, Troj/ReopnPPT-A, that shuts down any open PowerPoint processes, removes the shellcode from the malicious .PPT and re-opens PowerPoint with the newly disinfected presentation, Sophos reported.
Details Here
first published week of: 09/07/2009
Public CIOs Struggle to Manage Mobility Demands
William Travis, CIO of the New York State Office of Children and Family Services (OCFS), has spent the last several years introducing mobile computing to caseworkers.
Instead of writing progress notes by hand and then entering them into the state's database when they return to an office, caseworkers can access the database in the field and enter notes into the system as they conduct interviews. They also can catch up on their paperwork at home or while waiting to testify in a courtroom.
Now in its third year, the mobility project has brought laptops and mobile broadband access to 4,500 workers in 46 of the 57 counties in upstate New York. “Mobility is now part of their business process," he said. "It has definitely increased productivity in the field.”
Details Here
first published week of: 07/06/2009
--Page 1 of 2--
Next -> Last ->>
Volume 31
GIS News Snippets Industry Notes Featured ArticlesGIS Books
Will You Get Advantages From The New Easy To Get SQL Server Professional Certification?
Can’t Navigate Out of a Paper Bag
Titusville, FL GIS Case Study
Trade Show Exhibitors:
Tips For Newbies
Homeland Security and GIS
What is GIS?
Contact GIS Supplier Links
About
![](\"http://www.assoc-amazon.com/s/noscript?tag=theharlowrepo-20\")
-->