Do you know which threats your Anti-Virus won’t stop?

News headlines have been a constant reminder every day that data leakage and malware attacks are on the rise, and increasing at high speeds.  Many believe these malicious attacks are targeted towards large corporations with big bucks, but businesses of all size and functions are facing these risks every day.  Your basic anti-virus solution alone won’t stop these attacks; you need to take extra provisions when protecting your organization. To help you mitigate the risks, InfoSight has put together a list of threats your anti-virus won’t stop. Threat #1: The Zero Day Threat Your anti-virus solution doesn’t recognize zero-day threats because they don’t match up with previous threats or patches.  Zero day attacks are used to exploit security deficiencies that haven’t been patched, and then spread to other computers on the network. Defense: Add additional defenses on top of your signature-based anti-virus solution. Host Intrusion Prevention systems (HIPS) are a [...]

By | April 21st, 2011
Industry InSights, IT Infrastructure|Comments Off on Do you know which threats your Anti-Virus won’t stop?

Overview of Microsofts March 2011: Patch Tuesdays

Microsoft has issued an advanced security notification for the month of March 2011. Patch Tuesday, as nicknamed by Microsoft, where the company releases the latest security patches for Windows, Office, Internet Explorer and other Microsoft branded software on the second Tuesday of every month. This month is a light one, bringing only three bulletins, one which is labeled Critical, Microsoft's highest security rating, and the other two labeled as Important. All three patches will fix remote code execution flaws in both the Microsoft Windows operating system and in Microsoft Office. There hasn't been any mention if a patch will be released for the MHTML vulnerability found on all supported versions of Windows. The vulnerability exists by the way MHTML interprets MIME-formatted requests, allowing an attacker to run an unauthorized script. We'll have to wait till March 8 for the patches to be released to determine if the MHTML vulnerability has [...]

By | April 7th, 2011
IT Infrastructure|Comments Off on Overview of Microsofts March 2011: Patch Tuesdays

The Bank Cash-Advance Scam: Are your employees prepared?

The Bank Cash-Advance Scam: Are your employees prepared? Cash advance scams involving credit cards are nothing new; but the scam still works because some banks and credit unions have let their guard down, and the bad guys know this. The most recent cash-advance schemes targeting smaller banking institutions just go to show that the employees of financial institutions could use a refresher course in information security awareness. The FICO first noticed these scams two years ago, and issued several notices to financial institutions about the methods being used, but apparently bank employees still fall victim to the attacks. This to me is a major warning sign that the security protocols in these banks are not being met or followed, pointing to human error. The old saying, “If you can’t hack the technology, hack the people” holds true. The cash-advance scam is easy to identify and catch, if bank and credit [...]

By | April 5th, 2011
IT Infrastructure|Comments Off on The Bank Cash-Advance Scam: Are your employees prepared?