to help enterprise security across Europe
The resource centre for busy senior executives seeking the latest insights into IT Compliance & Privacy issues for major organizations
 
sarbaines oxley ofcom communications regulator
Latest Resources      data protection register
compliance resources privacy resource center

Breaking Global News
Global Compliance and Privacy News
- Breaking News, updated every 30 minutes
•   Compliance, Privacy and Security
•  Money Laundering
•  Phishing
•  Regulatory Issues
•  SOX, Basel 2, MiFID


You Tell Us:
S
S
L

T
E
C
H
N
O
L
O
G
Y
We use SSL Technology for web data entry points:

Always
Sometimes
Never
What is SSL?

News
Are Smartphones Endangering Security? - Wick Hill
Dealing with Internet Security Threats - Ian Kilpatrick
How the New EU Rules on Data Export Affect Companies in and Outside the EU - Thomas Helbing
Farmers' Data Leak Highlights Old Technology Use - Wick Hill
Saving Money with SFTP - Wick Hill
UK Information Commissioner targets firm selling vetting data - Eversheds e80
12 Key Steps to Internet Security - Wick Hill
Telephone Monitoring Legality in the UK - Dechert
Firewall or UTM - Wick Hill
UK Information Commissioner demands mobile device encryption - Eversheds e80
Data loss - liability, reputation and mitigation of risk - Eversheds e80
Phorm, Webwise and OIX - BCS Security Forum
The challenges of PCI DSS compliance - Thales, Russell Fewing
"Quality" Data Vendor Spams us! Editor astounded!
National Gateway Security Survey 2008 - Wick Hill
Unified Threat Management - Watchguard Technologies

news archives
:
0 | 1 | 2 | 3 | 4 | 5 |
6 | 7 | 8 | 9 | 10 | 11 |
12 | 13
[What is this?]

Industry Blogs
Tim Berners Lee's Blog
Tim Callan's SSL Blog
Davis Wright Tremaine's Privacy & Security Law Blog
Emergent Chaos Blog
Michael Farnum's Blog
Phillip Hallam-Baker's Blog - The dotFuture Manifesto: Internet Crime, Web Services, Philosophy
Stuart King's Security and Risk Management Blog
David Lacey's IT Security Blog
Metasploit Official Blog
Jeff Pettorino's Security Convergence Blog
Jeff Richards's Demand Insights Blog
David Rowe's Risk ManagementBlog
Bruce Schneier's Security Blog
Larry Seltzer's Security Weblog
Mike Spinney's Private Communications Blog
Richard Steinnon's Threat Chaos Blog
The TechWeb Blog
Tim Trent's Marketing by Permission Blog
Rebecca Wong 's DP Thinker Blog

Newsletters
23 February Newsletter
Newsletter Archives are located in "News"

Industry Update
Internet Security Intelligence Briefing - November 2005
Find out the latest trends in e-commerce, web usage & the latest threats from adware/Spyware

Reports
Phorm, Webwise and OIX
- BCS Security Forum

'The Any Era has Arrived, and Everyione has Noticed' - Stratton Sclavos - VeriSign
Identity Security - Time to Share
Malicious code threats - iDefense
Public Alerts - updated as they happen from Stopbadware.org
Public Alerts - updated as they happen from Websense
Public Advisories - updated as they happen, from iDefense
Phoraging - Privacy invasion through the Semantic web: a special report by Mike Davies of VeriSign

Legislation
Privacy Laws & Business International E-news, Issue 57
Privacy Laws & Business UNited Kingdom E-news, Issue 60

Security Reviews
February 2007 - VeriSign Security Review
The security review archive is here

Case Studies
Finance Industry
Case Study Example

A case study on a Finance industry company.

White Papers
VeriSign® Intelligent Infrastructure for Security
VeriSign® Intelligent Infrastructure: An Overview
Identity Protection Fraud Detection Service - description of the service
Life of a Threat - Video on Threat Management Lifecycle
Optimizing Enterprise Information Security Compliance - Dealing with all the audits
For a full list of all whitepapers, visit our Whitepaper library

Legal Notices
Privacy Policy
Terms of use

basel 2 sarbanes oxley
    legislation
data controller notification binding corporate rules BCR data transfer third countries third part data transfer basel 2 regualtor regulation regulate FSA banking network security RSA encryptin algorithm Bits sacked bank staff
Blogs compliance Reports compliancy Legislation Data Protection Case Studies data privacy White Papers data protection act News information commissioner Events security standards Links information security iDefense
Retail Solutions

iDefense Online Event Archive :

compliance and privacy

Webcasts and other online events from iDefense

Topical iDefense Research Report Presentation Replays

Every two weeks iDefense research teams publish a topical research report that examines specific intelligence issues. These topics are a combination of specific threats that iDefense sees and issues that our customers have asked us to explore further. Register today to view the webcast replay by clicking on one of the following seminar titles. [Please note that separate registration may be required to access the replays]:


REPLAY COMING SOON: Cyber Espionage: China and the Network Crack Program Hacker Group
In the Summer of 2006, the Network Crack Program Hacker group, the NCPH, conducted a series of cyber attacks that targeted multiple US Government institutions. In the end, the NCPH siphoned millions of unclassified government documents back to China. This presentation will explain how they did it, why they did it and will profile how the group operates.



REPLAY AVAILABLE: Predicting Disruptive Technologies over the next 5 years
Disruptors, understood as radical shifts in technological or behavioral trend-line trajectories, are considered "disruptive" largely because they are unforeseeable or else, if somewhat foreseeable, cannot be modeled precisely enough to facilitate control over the process. With this in mind this report analyses numerous and varied potential disruptors, some of which may never come to fruition. Thus, each section explicitly acknowledges the level of confidence with which analysts estimate each disruptor's potential impact; some will be almost sure to occur, others less likely and still others of uncertain likelihood. In this way, decision makers can allocate resources according not only to the potential impact, but also considering the likelihood of its occurrence.



REPLAY AVAILABLE: Uncovering Online Fraud Rings: The Russian Business Network
The Russian Business Network (RBN) developed into its current incarnation as "the baddest of the bad" Internet service provider (ISP) in June 2006. Before then, much of the malicious code currently hosted on RBN servers was located on the IP block of another St. Petersburg ISP, the now-defunct ValueDot. Like ValueDot before it, but unlike many ISPs that host predominately legitimate items, RBN is entirely illegal. VeriSign iDefense research identified phishing, malicious code, botnet command-and-control (C&C), and denial of service (DoS) attacks on every single server owned and operated by RBN.

REPLAY AVAILABLE: Motives, Methods and Mitigation of Insider Threats
Although security plans are usually designed to look outward to mitigate threats and attacks from the Internet, they often fail to address the more likely attack vector - the malicious insider. This report examines the anatomy of the insider threat - what makes the malicious insider tick, how they often hit and what organizations can do to prevent damage or loss. A heavy focus upon the impact to financial and retail organizations is included in this research.


REPLAY AVAILABLE: Security Advancements in Microsoft Windows Vista and IE7
Microsoft Corp. released beta versions of its new Windows Vista operating system and version 7.0 of its Internet Explorer Web browser in 2005. However, the new products have yet to be released commercially. This presentation will focus on the new security features planned for these two new products, explaining how these features will benefit the overall security of the Windows platform and potential problems they may introduce. Emphasis will be placed on how vulnerabilities in earlier versions of Windows led Microsoft to implement these features and change the way the company approaches software security.


REPLAY Available: Distributed Denial-of-Service Attacks: Latest Motivations and Methods
The distributed denial of service (DDoS) attack is among the most potentially costly and intractable cyber threats facing technology-dependent companies today. DDoS attacks are also more frequent, larger and more costly than ever before, and the number of available "zombie" computers in the wild is greater than ever. The commanders of bot armies are more numerous, more sophisticated, harder to identify and have better tools than at any time in the past, and these trends will continue for the foreseeable future. This report discusses why and what DDoS mitigation and prevention strategies are used to keep technology-driven organizations in business today, and how early DoS attacks evolved into present-day techniques.


REPLAY AVAILABLE: Motives, Methods and Mitigation of Insider Threats
Although security plans are usually designed to look outward to mitigate threats and attacks from the Internet, they often fail to address the more likely attack vector - the malicious insider. This report examines the anatomy of the insider threat - what makes the malicious insider tick, how they often hit and what organizations can do to prevent damage or loss. A heavy focus upon the impact to financial and retail organizations is included in this research.


REPLAY AVAILABLE: Statistical Analysis of Vulnerabilities, Exploits and Related Malicious Code
In this presentation, iDefense analysts examine the Microsoft Corp. vulnerabilities for 2005 and 2006 and analyze the time-to-release of exploits and malicious code related to that vulnerability. This information may be useful as a component of predicting the time required for malicious actors to attack Microsoft products.


REPLAY AVAILABLE: Preventing Malicious Code from "Phoning Home"
Modern malicious codes often have the capability to send spam, act as a proxy, download and execute additional malicious codes and other functionality, all while acting as a node in a large, centrally managed botnet. These botnets require command channels to communicate to their owners, and these channels almost always use outbound connections from the bot to bypass firewalls that prevent incoming connections. The traditional approach of blocking all inbound connections except for specific hosts in a "demilitarized zone," combined with allowing only certain outbound access (such as that required for e-mail and Web access) is effective against many malicious codes, but still has its limitations. This presentation will discuss motivations, covert channel methods and ways to mitigate such traffic going forward.


REPLAY AVAILABLE: Major Threats and Trends Impacting the Cyber Security Landscape in 2007
What will the cyber security landscape reveal for 2007? Will it be new mobile malicious code threats? Will it be sophisticated bots or multi-variant malicious code attacks? What about the impact of Vista and Internet Explorer 7? Having performed an extensive review of 2006 cyber security threats, iDefense reviews the top trends, including zero-day and targeted attacks of 2006, to identify the most likely threats to emerge in 2007.


REPLAY AVAILABLE: What You Need to Know about Data Execution Prevention (DEP)
According to Microsoft, Data Execution Prevention (DEP) is a set of hardware and software technologies that perform additional checks on memory to help prevent malicious code from running on a system. When designing a multi-tier security plan, DEP can play an important role in preventing exploitation and is enforced by hardware and software in Windows XP Service Pack 2. In this presentation, iDefense will discuss the history of DEP, its advantages and availability in modern operating systems and, most importantly, the limitations and drawbacks of deploying it.


REPLAY AVAILABLE: Instant Messaging Threats
Publicly available instant-messaging services grow more popular with corporate users every day. With the ability to communicate and multitask with many users instantaneously, "IM" applications and online services have become a popular method of business communication. As its popularity grows, so does the risk of IM-specific cyber threats. Any organization using a publicly available service that relies on servers hosted outside that organization must take this into account when assessing the security posture of its corporate network. This report examines the risks involved in using third-party IM services in general, and specific threat issues related to proprietary information leaks, malicious codes, vulnerabilities and general security concerns associated with each of the most popular messaging platforms.


REPLAY AVAILABLE: Wicked Rose and the NCPH Hacking Culture
More than 35 zero-day targeted attacks and related exploit codes emerged during the summer of 2006. Wicked Rose is the Chinese hacker responsible for developing the infamous GinWui rootkit used in the earliest attacks. This VeriSign-iDefense exclusive report provides participants with an in-depth view into the means, motives and culture of Wicked Rose's NCPH hacking group, including photos of the individual hackers. This is a story you won't read about anywhere else, revealing the intimate details of some of the most sophisticated targeted attacks to date.


REPLAY AVAILABLE: Mobile Malicious Code: What Lies Ahead?
Wireless solutions, especially cellular "smartphones," are experiencing steady growth worldwide. Concurrently, new technologies are being developed to cater to this new area of opportunity for commercial gain. Roaming cellular solutions have quickly evolved into smartphones that include camera phones, full color, video games and more. As mobile communication use increases and evolves, valuable information assets also increase. Thus, an environment for abuse and criminal attack opportunities is created.

This report asks, how does mobile malicious code compare to desktop malicious code in terms of functionality and capabilities? Are there specific vulnerabilities of specific phones or operating systems that are more vulnerable to attack? What about Java 2 Micro Edition (J2ME) featured phones? Are they vulnerable to attack? Finally, what are the best security practices and mitigation for dealing with mobile malicious code today?


REPLAY AVAILABLE: Attacking the Code: Source Code Auditing
Source code auditing has always been considered an art form that many have wished to learn. The purpose of this presentation is to unveil the techniques and methodologies behind efficient source code auditing. Examples of common programming mistakes found in real-world applications are included with detailed analysis of the problems surrounding the vulnerabilities. The presentation also aims to provide new techniques to beginning and experienced code auditors to help improve on their current skills.


REPLAY AVAILABLE: Malicious Code Year-to-Date Trends
iDefense identified an initial drop in documented malicious code threats starting in January 2006. This trend has continued and, by this summer, has gained some media exposure. iDefense has analyzed aggregate reports to date to provide an exclusive view that attempts to assess not only why the drop in malcode has occurred, but how it has actually increased risk.


REPLAY AVAILABLE: An Analysis of New Security Features Within Microsoft Vista and Internet Explorer 7
Microsoft Corp. released beta versions of its new Windows Vista operating system and version 7.0 of its Internet Explorer Web browser in 2005. However, the new products have yet to be released commercially. This presentation will focus on the new security features planned for these two new products, explaining how these features will benefit the overall security of the Windows platform and potential problems they may introduce. Emphasis will be placed on how vulnerabilities in earlier versions of Windows led Microsoft to implement these features and change the way the company approaches software security.


REPLAY AVAILABLE: Voice-over-Internet Protocol (VoIP) Vulnerabilities
One technology that has experienced a recent explosive growth is Internet Protocol Telephony, better known as Voice over Internet Protocol (VoIP), which effectively integrates data and voice communications. VoIP has already proven a cost-effective solution for individuals and corporations that already have perpetual high-speed Internet connections. VoIP will be the only communications medium available for voice traffic in the foreseeable future, and the current movement toward integrating voice and data traffic is indeed inexorable. However, VoIP technology is immature and is thus another factor to consider on an otherwise burdened infrastructure. This report attempts to determine and enumerate the nature of the security and safety threats putting today's corporate VoIP networks at risk. It illustrates the rapidly increasing rate of exploitation and attack vectors, describing attacks that are both general (directed against the Internet backbone of the VoIP network) and specific (targeted toward specific VoIP implementations).


REPLAY AVAILABLE: Emerging Economic Models for Vulnerability Research
There are few who would argue that there is not economic value in the discovery of security vulnerabilities. Evidence of this can be seen in the many business models that are emerging to profit from this knowledge. The question that remains is how do these economic models impact those who are affected by the vulnerabilities themselves? This paper looks at economic vulnerability models that exist in the market today and analyzes how they affect vendors, end users and vulnerability researchers. The markets addressed include the government, open, underground, auction and vendor markets. Each of these models are defined, including their expenses, revenues and challenges. The impact and implications of each model are also investigated. Finally, the paper examines how each of the models affects these various actors and project the future of the market to see how the models that exist today will help to shape and drive the future of vulnerability research.


REPLAY AVAILABLE: Assessing Geographic Trends and Threats
Geopolitical hotspots can be identified through a multitude of factors, including the demographics of a given country or location. It is common to hear various organizations identify areas most commonly infected with malicious code, countries most prevalent for hosting phishing attacks on servers, and so on. Are these counties truly the geopolitical hotspots of the Internet for attacks? This article takes a discerning look into the demographics of the Internet for top countries and correlates data to recent reports of geopolitical hotspots.


REPLAY AVAILABLE: Metafisher Trojan Activity
The Metafisher family of Trojans shows an unprecedented level of sophistication in the malicious code arena. This phishing attack is carried out using a botnet, which is controlled though a Web-based command-and-control server. This structure gives the operators of this botnet the ability to control numbers of bots in several orders of magnitudes greater than that of a traditional IRC-based control structure. But Metafisher is more that just a Trojan/Bot; it is in fact a professionally built suite of tools with a user-friendly administration interface and a solid software lifecycle management comparable to many professional software products. This fact suggests that Metafisher is being developed and sold as a phishing toolkit to interested third parties. This report will explore these facts in greater detail and explain the implications of MetaFisher-related criminal activity.


REPLAY AVAILABLE: IDS Evasion Techniques and How to Prevent Them
Intrusion Detection Systems (IDS) detect inappropriate, incorrect or anomalous host or network activity. This presentation provides information about common techniques used to evade IDS detection. The goal is to answer the question: To what extent should network administrators rely upon IDS detection systems for security and advanced warnings of attacks?


REPLAY AVAILABLE: The Evolution and Current State of DDoS Attacks
The distributed denial of service (DDoS) attack is among the most potentially costly and intractable cyber threats facing technology-dependent companies today. DDoS attacks are also more frequent, larger and more costly than ever before, and the number of available "zombie" computers in the wild is greater than ever. These trends will continue for the foreseeable future. This presentation discusses why and what DDoS mitigation and prevention strategies are used to keep technology-driven organizations in business today, and how early DoS attacks evolved into present-day techniques.


REPLAY AVAILABLE: Security of the Google Desktop Toolbar
By installing and using the Google Desktop Toolbar, a user can search the files stored on his local computer and the Internet simultaneously. Using advanced features of this product, it is even possible to search other computers that run the Google Desktop software. It is this feature that has caused concern among security researchers. This presentation will examine the installation and operation of Google Desktop Search in order to determine the efficacy of this product. It will examine the security weaknesses and vulnerabilities that exist in the latest version of Google Desktop Search and how these issues can be somewhat mitigated using reasonable security policies.


REPLAY AVAILABLE: Money Mules: Sophisticated Global Cyber Criminal Operations
Criminals are stealing thousands of credit cards and banking account credentials daily through phishing attacks, Trojan horse attacks and other attack vectors. Thousands of dollars daily are then laundered to offshore banking accounts through dozens of countries by "money mules," or phishing money launderers. Cyber-fronts are created to solicit, hire and exploit these money mules within multiple countries, and they can make as much as $10,000 or more in a month for part time work. This report will take a look inside the world of money mule operations and provide several examples of business fronts and job offers.


REPLAY AVAILABLE: Social Engineering: The Effect on Information Security
Researchers have often pointed to human users as the weakest and most commonly exploited attack vector. Although social engineering tactics have evolved, they remain simple and effective. In this report, iDefense explores the extent to which such targeted trickery affects the security environment today, and how it will continue to impact information security in the future.


REPLAY AVAILABLE: Sober Worm Post-Mortem
Sober was the most prevalent e-mail worm of 2005. The carefully planned and coordinated attack started in early November 2005 and lasted until Jan. 6, 2006. In this presentation, iDefense will examine the progression of the Sober attacks and the techniques the worm used to both infect its hosts and spread to others. iDefense will also cover the impact that these attacks had on key corporate infrastructure and the future of the Sober worm itself.


REPLAY AVAILABLE: Rootkits and Other Concealment Techniques in Malicious Code
In order for malicious code to provide its author with some benefit, it must be successful in four areas: propagation, infection, malicious actions and persistence. With the advent of multi-tasking computers, the increased popularity of networking in general, and the Internet in particular, the tools and techniques used by malicious code authors have improved considerably. This report will focus on these tools and techniques, concentrating on the evasion of first-line defenses, autostart considerations and rootkits.


REPLAY AVAILABLE: The Rise of Online Islamic Extremist Propaganda
Numerous recent media articles have noted that al Qaeda is improving its information operations tactics through the use of the Internet, providing a means of anonymous communication and the dissemination of news on the group's military successes. This report will reveal the frequent presence of Islamist Extremist Propaganda online and provide a clearer understanding of the different forms of IEP, based on the specific objective and approach of each type.


REPLAY AVAILABLE: 2005: Intelligence Year-in-Review
What will 2006 bring in terms of new threats and attacks? iDefense takes a look back at historical indicators and warnings to accurately predict major threats in 2006. Topics include an overview of malcode and vulnerability activity for 2005 and selected indicators and warnings. The presentation culminates with several notable examples of criminals launching code for cash in 2005 and how that will greatly impact the threat landscape in 2006.


REPLAY AVAILABLE: Top 10 Spyware Applications
As most people herald the arrival of 2006 with fanfare, the creators of spyware and adware applications continue inexorably toward the goal of maximizing revenue from their creations. The automatons that they set into motion do not take holiday breaks, preferring instead to lie in wait for the next user gullible enough to download, install and use the malicious software and provide financial benefit to the spyware distributors. Spyware is a perfect example of the growing trend in which questionable entities exploit the Internet for financial gain. The last few years have proven that malicious code, and its cousins adware and spyware, have become the raison d'etre for many computer professionals. Additionally, the fine line between the malicious code camp (writing and distributing worms, viruses, Trojan horses and combinations thereof) and that of adware and spyware (writing code that is "questionable" at the least) is blurring, and successful techniques used by one faction are often, and quickly, incorporated into the products of the other. There is even a fast-growing trend of adware and spyware being deployed by means of malicious code droppers and websites - all in the pursuit of easy money.


REPLAY AVAILABLE: Exploitation Frameworks
The iDefense exploitation framework comparison is a comprehensive review of the features included in the CORE IMPACT, Immunity's Canvas and Metasploit exploitation frameworks. Typically, corporations use these frameworks to perform penetration testing on their internal systems. However, hackers also frequently take advantage of the automated test-and-penetrate mechanisms that these frameworks offer. In its report, iDefense compares these frameworks to determine which is the most useful in a corporate setting and which might prove the most significant threat to vulnerable networks.


REPLAY AVAILABLE: Targeted Malicious Code Attacks
Recent news stories about a report from the UK National Infrastructure Security Coordination Centre (NISCC), followed by a similar but separate CERT advisory, have generated much concern about targeted attacks, including their likelihood and potential impact. This report overviews targeted attacks, select examples to date, exploits and code utilized in targeted attacks, likelihood and impact, and mitigation measures. A targeted attack focuses on a specific sector, organization or individual.

 


This site is independent of all its sources
The contents of the site are sourced from across the industry. All copyrights are acknowledged.