Sentry Newsletter - 2010
Most Security Products Require Multiple Testing Cycles for Certification
A study from ISCA Labs, based on data from 20 years of security product testing, listed the top reasons products fail their initial certification testing. Seventy-eight percent of products do not perform the primary function for which they are designed; 58 percent have faulty or missing logging capabilities; and 44 percent have security problems themselves. Most products require two to four cycles of testing before attaining certification.
Zeus Trojan Spreading Through Drive-by Download
The Zeus or Zbot Trojan horse program is now spreading through drive-by download. Recently detected spam purporting to come from the US Internal Revenue Service regarding tax refunds provides users with a link to what the message claims is a "tax refund request form." If users click on the provided link, they are taken to a site that attempts to download the malware to their computers without any additional user interaction. Previously, the messages that attempted to spread Zeus asked recipients to download specific items. The IRS has issued a notice warning that it does not send unsolicited email regarding tax accounts.
Conficker on 6.5 Million Machines Worldwide
According to information from Shadowserver, one in seven computers infected with Conficker are hosted on Chinese Internet service provider (ISP) Chinanet. The ISP's infected machines account for 14 percent of all known infected machines, but make up just one percent of the company's network. Other ISPs have infection rates as high as 25 percent. Conficker has infected an estimated 6.5 million computers around the world.
Phony Anti-Terror Technology Responsible for Elevated Security Levels
The Washington Post reports that personal data of US soldiers are being leaked through peer-to-peer (P2P) file-sharing programs. The data are being downloaded by users in China, Pakistan and other countries. The information includes Social Security numbers, blood types and names of family members. P2P software has been banned by the Army since 2003 and by the Pentagon since 2004. An Army Special operations Command spokesperson said the leak was an isolated incident and that those responsible had been punished.
USB Flaw Prompts NIST Review of Cryptographic Module Certification Process
A new and more complex electrical utility grid means an exponential increase in security risks. In this 2-part series, the writer outlines a variety of approaches to address the potential dangers.
Senate Committee Hears of US Unpreparedness for Cyber Warfare
The US Chief Information Officer Council has established a Security Metrics Taskforce that has been given the objective of developing "new metrics for information security performance for federal agencies that are focused on outcomes." The metrics are expected to be complete by the end of this calendar year. Federal CIO Vivek Kundra noted in a blog post that "FISMA metrics need to be rationalized to focus on outcomes over compliance."