InfoSec Philippines

Information Security, Technology News and Opinions

Posts Tagged ‘Panda’

Annual Security Reports, Part 1

Posted by Jaime Raphael Licauco, CISSP, GSEC on January 24, 2010

Annual Report Pandalabs 2009
Topics include:
2009 in figures
The year at a glance (Web 2.0, Blackhat SEO Techniques, Cyberwar)
Threats in 2009 (The profitability of rogueware, Banker Trojans, Conficker)
Main vulnerabilities in 2009
Trends in 2010

Download the full report here

Ernst & Young’s 12th annual global information security survey

Key survey findings include (taken Verbatim from the report):

Managing risks
– Improving information security risk management is top security priority for the next year.
– External and internal attacks are increasing.
– Reprisals from recently separated employees have become a major concern.

Addressing challenges
– Availability of skilled information security resources is the greatest challenge to effectively delivering information security initiatives.
– Despite most organizations maintaining current spending on information security, adequate budget is still a significant challenge to delivering security initiatives.
– Security training and awareness programs are falling short of expectations.

Complying with regulations
– Regulatory compliance continues to be an important driver for information security.
– Cost compliance remains high, with few companies planning to spend less in the next 12 months.
– Too few organizations have taken the necessary steps to protect personal information.

Leveraging technology
– Implementing DLP technologies is the top security priority for many organizations.
– The lack of endpoint encryption remains a key risk with few companies encrypting laptops or desktop computers.
– Virtualization and cloud computing are gaining greater adoption, but few companies are considering the information security implications.

Download the full report here

Posted in Annual Security Reports | Tagged: , , , | Leave a Comment »

Microsoft Issues Patch to Close Zero Day Hole

Posted by Jaime Raphael Licauco, CISSP, GSEC on December 18, 2008

Microsoft has issued an unscheduled patch to close the security hole in IE in its MS08-078 Security Bulletin.

A Security Park report states that according to Panda Security, there has been as much malware in the first months of ’08 as the last 17 years combined.

Related links:
SANS published a 61 page whitepaper by Mark Baggett, GCIH, on the Effectiveness of Anti-Virus vs Metasploit Payloads
Anti-Virus Rants Blog

Computerworld Security lists 3 simple ways to protect from Social Networking Malware: 1. Have a stronger password, 2. Be wary of 3rd party apps 3. Beware of user generated SPAM.

Now I’m wondering if there are tips out there regarding Friendster since they obviously have a problem with the SPAM I’ve been getting from a couple of users.

CDW has a 2 page whitepaper on Making the Case for Security Spending Homeland and National Security Editor Shaun Waterman wrote about the questionable effectiveness of FISMA in real world use. The article states that the US Justice Dept got a grade of A-, because FISMA is primarily concerned with “ensuring that all agencies ‘have policies and procedures to enhance the security of information in their IT systems. [however FISMA does] ‘not assess whether the Department has actually implemented these processes, nor did it assess the actual security of the Department’s IT systems.'”

The US Center for Strategic and International Studies (CSIS) recommends a Cybersecurity model based on Nuclear Nonproliferation. This is because of the seriousness and complexity of cyberthreats, which require a coordinated approach that spans agency jurisdictions, borders and sectors.

See earlier Post for the CSIS report

Update on Browser Password Management Security

In the test by Chapin Information Services (CIS) Opera and Firefox each passed seven of 21 tests, IE passed five tests, and Safari and Chrome each passed two tests.

(The Register) Browser Password Security Test
(Chapin Info Services) Google Chrome receives lowest Password Security Score

Other Security News.
(Bank Info Security) Where the Jobs Are: 5 Hot Career Tips for 2009
(Bank Info Security) Top Certifications for Industry Pros

Posted in News, Social Networking, Whitepapers | Tagged: , , , , , , | Leave a Comment »