January 2009

Industry News

Top 10 Security Breaches of 2008
Ghost of Christmas Past (TJX) Still Casts Specter on Present and Future. From Hannaford to Countrywide to the Bank of New York Mellon, 2008 has been a year of high–profile security breaches in or impacting the financial services industry. BankInfoSecurity lists the top 10 lessons that should be learned so we aren't back revisiting these issues in '09.
More >

Four Threats For '09 That You've Probably Never Heard Of (Or Thought About)
What could keep you up at night in the new year may not be what you expect — a look at some of the lesser–known threats predicted for 2009.
More >

A look back at some of the top Malware of 2008
From Obamarama to Facebook spammers and scammers, we take a quick look at the top malware we faced in 2008.
More >

Prepare Your Enterprise For Social Engineering Attacks
Protect Valuable Info By Educating Employees.
More >

Less Than 2 Percent Of PCs Are Fully Patched, Protected
Secunia gathered data during the past week from 20,000 new users (mostly consumers) of its free Secunia PSI 1.0 vulnerability scanner and found that 98.09 percent of them had one or more insecure software programs installed on their systems. That means the machine didn't have the latest version of the software that had fixed one or more vulnerabilities.
More >

FBI's IC3 Issues Tips For Preventing Website Attacks
The FBI's Internet Crime Complaint Center (IC3) has published a list of preventative measures that organizations can take to stem Website attacks, such as SQL injection.
More >

How to prevent clickjacking attacks with security policy, not technology
the best recommendations for avoiding clickjacking attacks are not technical. If users are allowed to access the Internet as part of having a fun workplace, penalties should be established if a user's system gets compromised by visiting a non–work related site. An organization can decide what penalties will be enforced, but there must be some sort of consequence for a user's action if it leads to a compromise.
More >

One–Quarter Of Antivirus Apps Aren't Working
More than one–quarter of business PCs are running antivirus software that has been disabled or was never properly installed.
More >

U.S. E–Commerce Fraud Total Will Hit $4 Billion, Study Says
Online fraud costs merchants about 1.4 percent of their top–line revenue annually, survey says.
More >

Penetration Testing Gone Terribly Right
For the first time in my career I couldn't just drive back to the office and take my time locating and stealing the data from this company using account credentials I'd stolen off its network. I was so happy that finally someone got it right, really right.
More >

SPOTLIGHT ON HOSTED EMAIL

Email Hosting Leader Recognized for Market Share and Comprehensive Suite of Services
Delivering 38 million messages per day and managing 80 terabytes of data and more than one million business mailboxes in 120 countries, USA.NET been named the "Top Player" in the business email market, finishing the year closely ahead of sector giant Google. The recent report by industry analyst The Radicati Group ranks vendors in the broad Hosted Business Email market, which includes various technology platforms, including simple POP3/IMAP solutions, Hosted Microsoft Exchange, Hosted Domino Server, and services based on freeware SMTP, or proprietary email platforms.
Read More >

December 2008 Statistics in Review

Top sources by country triggering IDS events

RFC1918 represents a private IP. This is significant as most of our sensors monitor ingress/egress points thus this data shows that in December we primarily triggered more IDS events on client internal traffic destined for the internet. For example, this could represent browser exploits or worm traffic. Taking a look at the top ten IDS signatures, this actually matches our view into top sources triggering IDS events.

1. RFC 1918
2. United States
3. Australia
4. Ukraine
5. China

6.Korea
7. Brazil
8. United Kingdom
9. Russian Federation
10. Colombia

Top IDS events in December
Top 10 detected events across HIDS/HIPS and NIDS/NIPS devices last month. Do you know what was on your network?

Type

ids.detect.recon.pingscan
ids.detect.recon.portsweep
ids.detect.exploit.ip
ids.detect.exploit.web

ids.detect.corrupt.ip
ids.detect.insecure.web
ids.detect.auth.db.access.grant
ids.detect.exploit.tcp
ids.detect.exploit.email

Name

ICMP Network Sweep w/Echo
TCP SYN Host Sweep
SIP Long Header Field
php: PHP.Sebastian.myphpPagetool.
ptinclude.Code.Execution
IP Fragment Missing Initial Fragment
"WEB–PHP php.exe access"
Data Base TNS Connection
TCP Drop – PAWS check failed
email: Sendmail.Server.Response.
Read.TimeOut   


Top Firewall Deny sources by country in December

This actually makes sense – as most internal traffic tops the list, followed by likely penetration testing and failed business connections inside our country. 'Undefined' represents a spoofed IP or one not registered to a country. These will be single packet blind injection type traffic so the source doesn't matter. The others are just plain interesting.

1. RFC 1918
2. United States
3. Undefined (represents "spoofed" dark IP space)
4. Brazil
5. Australia

6.China
7. Japan
8. Ethiopia
9. Netherlands
10. Sweden
 SPECIAL OFFERS
FREE Whitepaper: Top 9 Network Security Threats in 2009
"What threats (new and old) are we going to have to deal with in the coming year?" This whitepaper looks back at the top threats in 2008, what to expect in the upcoming year and cost–saving solutions to secure your organization.
Download the Whitepaper Today
Perimeter eSecurity is your COMPLETE source for security, offering over 50 different solutions to protect your network at every layer.
New to Perimeter? Schedule a personal demo of our services with one of our eSecurity Experts and be eligible for this month's special promotion.
Call today to set up your one–on–one demo – 800.234.2175
*Special offers may not be combined. Valid on new business only.


Defining an email
archiving policy
More >

COMPANY UPDATE

Visit our Blog
Can't wait for the next news letter? Check out the blog to stay on top of today's changing network security landscape.
More >

Service Updates

Have you heard the news from the Perimeter product team? Perimeter's eMessaging Continuity and Archiving gives you more! Risk profiler gets fancy and ViewPoint continues to make advances. Have specific questions about these services and enhancements – contact your Perimeter security expert today and we'll walk you through it.
More >

Webcasts

January 27th, 1pm EST
Recession-Proof Your Business Email Through Outsourcing – Sponsored by Osterman Research

February 17th, 2pm EST
Simplifying Your Network Security with a Single Source Provider

Upcoming Events

Ronco National Sales Conference Technology Fair
Tampa, FL
January 27th

CUNA GAC
Washington D.C.
February 22nd-24th

Perimeter eSecurity • 440 Wheelers Farms Road • Suite 202 • Milford, CT 06461 • toll free. 800.234.2175
www.perimeterusa.com privacy policy

To unsubscribe to this publication, just reply to this message and put "unsubscribe" in the subject line
or click here to unsubscribe.

© Copyright 2008 Perimeter eSecurity