May 2009

Industry News

How Much Would You Sell Company Information For?
Would you sell your company's secrets to a stranger for $1.5 million? More than one-third of employees surveyed last week said they would — and some of them said they'd do it for less.
More >

Companies Still Falling Short On Security Training, Study Says
Despite the hoopla surrounding security breaches and vulnerabilities, many companies still have not developed comprehensive training programs or a corporate culture of security, according to a study that will be published later this month.
More >

Why Do People Write Viruses?
The writers of viruses and other mobile malicious code are many and varied, and their reasons are as wide-ranging as they are.
More >

It's Time to Review Online Security Basics
Online security is as much about procedures as products. And as many businesses shift their operational models to the online marketplace, the need to get proactive about it has become a matter of great importance and even survival. Competitors, thieves, and just random worms are proliferating on the Net — and their intentions are not friendly.
More >

Report: 2008 Saw More Records Breached Than The Previous Four Years Combined
More electronic records were breached in 2008 than the previous four years combined, according to a report published today by Verizon Business Systems.
This second annual study — based on data analyzed from Verizon Business' actual caseload comprising 285 million compromised records from 90 confirmed breaches — revealed that corporations fell victim to some of the largest cybercrimes ever during 2008, the company said.
More >

250,000 malicious sites created daily
More than 250,000 poisoned websites are being created every day so that malicious files and algorithms can steal personal information, security provider AVG announced today.
Around 60% of these poisoned web pages are live for around 24 hours, while 80% remain active for less than one day and more than two million are poisoned on any given day by hidden threats.
More >

Study: Despite Increased Security Spending, Severity Of Breaches Is On The Increase
CompTIA study says human error is the most frequent cause of breaches worldwide.
More >

Over 60% Of Breaches Tied To Flaws In Business-Critical Applications
Survey by Forrester Consulting and Veracode shows businesses struggling to stay on top of application security.
More >

1 in 5 Windows PCs still hackable by Conficker
Although the media blitz about the Conficker worm prompted a significant number of enterprise users to finally fix a six-month-old Windows bug, about one in five business computers still lack the patch, a security company said today.
More >

Small businesses are chief laggards in deploying data leakage protection technology, researchers say
Despite recent headlines and instances of insider attacks, many companies still are not acting to protect themselves from insider threats, according to two new analyst reports.
More >

Most security pros worried about insiders and don't believe their systems will be infected from outside
Despite the hoopla surrounding the growth of Conficker and other malware, most security managers aren't lying awake worrying about external attacks on their systems, according to a report published today by Dark Reading and InformationWeek Analytics.
More >

Protecting Personal Information: A guide for businesses
More >

IT pros justify high-tech investments during downturn
IT professionals dealing with the economic downturn say some technologies warrant an investment even when budget dollars are tight.
More >

Fraud and Data Breach Trends: Interview with Kevin Prince, Chief Architect, Perimeter eSecurity
More >

Oklahoma lawmakers are working on a plan to keep personal information safe after three security breaches the past two months
"If an agency has a process in place by which an employee is taking home hundreds of names of unencrypted data, that's a terrible security risk. It shouldn't be happening," said Rep. Jason Nelson, R-Guthrie.
More >

Cybercriminals promoting malware-friendly search engines
What's old is new again...The old social engineering tactic - the use of fake and malware friendly search engines, is back.
More >

SPOTLIGHT ON HOSTED EMAIL

Microsoft Exchange Hosting: The Business Case
Today's businesses, large or small, need the productivity gains that come with a feature rich, secure and highly reliable Fortune 50 messaging solution with anytime, anywhere access. Typically this solution comprises Microsoft® Exchange 2007, SharePoint® Services 3.0, mobile messaging, anti-spam/anti-virus, and other enhanced services. But the 64-bit server forklift upgrade required to run Exchange 2007 alone will extend past many organizations' budgets. Add in the maintenance, training, patches and upgrades to run email and collaboration services, and many businesses find the internal deployments of such a solution increasingly complex and cost prohibitive.
USA.NET, A Microsoft Gold PartnerDownload this white paper from USA.NET to learn how you can reduce your costs and expand your messaging and collaboration capabilities by moving to a hosted Microsoft Exchange service.
Download White Paper>

March 2009 Statistics in Review

Top sources by country triggering IDS events in April (Stand alone sensors)

The United States and private traffic (RFC198) lead the sources last month as expected. Mexico is a newer entrant and did not make the top firewall deny sources list. The other countries making the list were expected based on historical trending.

1. United States
2. RFC 1918
3. Mexico
4. United Kingdom
5. China
6. Korea
7. Japan

8. Canada
9. France
10. Brazil
11. Spain
12. Russian Federation
13. Saudi Arabia
14. Taiwan

Top IDS events in April

Type Name
ids.detect.agent.backdoor BACKDOOR exception 1.0 runtime detection - intial connection server-to-client
ids.detect.recon.pingscan ICMP Network Sweep w/Echo
ids.detect.recon.portsweep TCP SYN Host Sweep
ids.detect.exploit.net_mgmt snmp: UDP.Public.Community.String
ids.detect.insecure.ftp Ftp Priviledged Login
ids.detect.svc.os NT Event log: security message
ids.detect.corrupt.ftp FTP.Text.Line.Too.Long
ids.detect.anomaly.os Windows System32 Directory File Creation
ids.detect.exploit.web Null Byte In HTTP Request
ids.detect.exploit.tcp TCP Drop - Bad Checksum
ids.detect.dos.ip No generic name
ids.detect.spoof.ip TCP Hijack
ids.detect.exploit.lib SMB Remote SAM Service Access Attempt
ids.detect.insecure.web WEB-IIS cmd.exe access
ids.detect.exploit.router ARP Source Broadcast


Top Firewall Deny sources by country in April

As expected, internal traffic again tops the list and is of course followed by the US based sources. Brazil surpassed Italy last month, though they are apparently in a dead heat for deny events. China came in solidly in 4rd place and there is a surprising leap by Japan. Previous countries making the list last month are noticably absent this month and the rise by the Czech Republic is likely due to some of the RBN (http://en.wikipedia.org/wiki/Russian_Business_Network) relocating.

Country of Origin

1. RFC 1918
2. United States
3. Brazil
4. Italy
5. China
6. Japan
7. Czech Republic

8. Netherlands
9. United Kingdom
10. Australia
11. Sweden
12. Russian Federation
13. Germany
14. France
 SPECIAL OFFERS
Listen Now Hear what Perimeter customers are saying...
Download Now Are you prepared for the Red Flags Rule?
Download our free white paper "Red Flags Rule: The FTC Regulation and Solutions to Prevent Identity Theft" to learn whether the Rule applies to your organization and how to become compliant.
Download White Paper
Call Now 18002342175 New to Perimeter? Talk with one of our eSecurity experts to evaluate you security infrastructure.
Call today to set up your one–on–one demo – 800.234.2175
*Special offers may not be combined. Valid on new business only.

Red Flags
Enforcement
Delayed

The FTC Will Grant
Three-Month Delay of Enforcement of 'Red Flags' Rule Requiring Creditors and Financial Institutions to Adopt Identity Theft Prevention Programs, but this is no time to wait to put your policies in place.
Find out if Red Flags
applies to you...

Sound Off!

How prepared are you for Red Flags?

Click here to take the poll and view the results

COMPANY UPDATE

Microsoft Security Bulletin Summary for April 2009
Microsoft released eight updates in their April 2009 Security Bulletin that address vulnerabilities in Microsoft Windows and Windows Server. Without these updates, a remote, unauthenticated attacker could gain elevated privileges, execute arbitrary code, cause denial of service or crash a vulnerable application.
Always make sure your security updates are installed regularly.
More >

Hear what our Experts have to say about pressing information security issues...
Visit The Perimeter Knowledge Center

Product UPDATEs

New Services / Enhancements Perimeter eSecurity's Product team is always working to improve services and enhance our customers' experience. Stay tuned each month to see updates on the services that you already subscribe to or might otherwise need as a part of your complete security solution!
More >

Webcasts

Tuesday, May 19th, 2pm EST
Red Flags Rule – Regulations and Responsibilities to Prevent Identity Theft

Upcoming Events

Credit Union tech-talk InfoSecurity Conference
June 4-5
Lake Las Vegas, NV

Florida Bankers Association Annual Convention
June 11-12
Orlando, FL

CUNA America's Credit Union Conference & Expo
June 21-23
Boston, MA

Perimeter eSecurity • 440 Wheelers Farms Road • Suite 202 • Milford, CT 06461 • toll free. 800.234.2175
www.perimeterusa.com privacy policy

To unsubscribe to this publication, just reply to this message and put "unsubscribe" in the subject line
or click here to unsubscribe.

© Copyright 2009 Perimeter eSecurity