A Peek Into The MailBag
Good Morning Everyone! We had a few items to just mention from the MailBag.
VA Desktop Stolen and VA Laptop Thiefs Arrested
As pretty well everyone knows by now, a desktop unit has been stolen which contained a number of records of vets. This does not look good for the VA to have this second snafu so quickly after the previous one. However, it is good news that law enforcement has arrested the teens involved in the laptop theft from a couple of months ago. We usually do not report such things as it has made it to CNN and is more of a political hot button at this point. If you hear of something IT Security-wise from CNN, then chances are it is quite old news to the community, or has a political interest. There is no need for us to copy the mass media. :-)
Websense Report on Phishing/Data Stolen via ICMP
Websense sent an alert a couple of days ago concerning the use of ICMP as a conduit for a new Phishing Trojan. Is there any wonder that we recommend that you block everything inbound and outbound except those services you actually need. Does every computer on your network need the ability to ping (or many other ICMP style activities) resources outside your network? Probably not. Be aware that the adversaries are finding those protocols we are not watching as closely and tunneling data in and out. For more information on this, please see
http://www.websense.com/securitylabs/alerts/alert.php?AlertID=570
--
Scott Fendley ( sfendley -at- isc. sans. org)
University of Arkansas
VA Desktop Stolen and VA Laptop Thiefs Arrested
As pretty well everyone knows by now, a desktop unit has been stolen which contained a number of records of vets. This does not look good for the VA to have this second snafu so quickly after the previous one. However, it is good news that law enforcement has arrested the teens involved in the laptop theft from a couple of months ago. We usually do not report such things as it has made it to CNN and is more of a political hot button at this point. If you hear of something IT Security-wise from CNN, then chances are it is quite old news to the community, or has a political interest. There is no need for us to copy the mass media. :-)
Websense Report on Phishing/Data Stolen via ICMP
Websense sent an alert a couple of days ago concerning the use of ICMP as a conduit for a new Phishing Trojan. Is there any wonder that we recommend that you block everything inbound and outbound except those services you actually need. Does every computer on your network need the ability to ping (or many other ICMP style activities) resources outside your network? Probably not. Be aware that the adversaries are finding those protocols we are not watching as closely and tunneling data in and out. For more information on this, please see
http://www.websense.com/securitylabs/alerts/alert.php?AlertID=570
--
Scott Fendley ( sfendley -at- isc. sans. org)
University of Arkansas
Keywords:
0 comment(s)
×
Diary Archives
Comments