Helping you Piece IT Together

 

Home Previous About Us Our Services Whitepapers Resources Newsletter Links News Contact Us Search
 

Visit Our Blog

 


 

 

Issue June 2006

In this month's issue of our Security Watch Newsletter, we discuss how to bring change under control, we look at how much patching is enough, provide some insight into how you can give staff power to do their jobs but still retain control and provide a primer on security notifications.  We also highlight some interesting news stories from around the globe and update you on the latest happenings in BH Consulting

 

About BH Consulting
BH Consulting was founded in answer to demands for an independent consulting firm to assist clients gain a competitive edge by achieving IT Operational excellence in deploying, managing and securing their IT infrastructure. With over 20 year’s experience, we provide you with access to in-depth expertise, experience and technical know-how. Backed with our quality processes and commitment to deliver, BH Consulting provides clients with quality solutions at cost effective rates.

 Focus IrelandSupport Focus Ireland
If you have found any items in our Security Watch Newsletter to be of use to you we ask that you make a donation to Focus Ireland who work tirelessly supporting the homeless throughout Ireland.  Focus Ireland aims to advance the right of people-out-of-home to live in a place they call home through quality services, research, and advocacy.  The objectives of Focus Ireland are to respond to the needs of people out-of-home and those at risk of becoming homeless, through a range of appropriate high quality services, to provide emergency transitional and long-term accommodation for people out-of-home, to  campaign and lobby for the rights of people out-of-home and the prevention of homelessness.  No sum is too small and all is put to excellent use.

NEWS
Kick Off.
 We waited four years for it to come around again and it has finally arrived, the FIFA World Cup kicked off this month.  Sadly without the boys in green attending but nevertheless there will still be a huge interest in the competition.  This could lead to a number of issues for companies to deal with, such as decreasing productivity as people check on the latest scores and news, update their fantasy football teams or listen or view the games online with the resulting impact on network bandwidth.  Sadly, decreased productivity and loss of bandwidth are not the only World Cup related threats companies need worry about as already a number of viruses have already been identified trying to dupe users into installing malware onto their computers.  Coverage of this issue is available at The Age with more available at Vnunet.

Microsoft Reports 5.7 million PCs Infected with Malware
Microsoft released a report showing statistics gathered by their Malicious Software Removal Tool (MSRT) since January 2005.  The report has some very interesting information in it and shows that over 16 million instances of malware were removed from over 5.7 million unique IP addresses. Of those 5.7 million computers over 60% had backdoor Trojan software installed on them, with the majority of these machines being infected with Trojan software with Botnet capabilities.  The report makes for some interesting reading.

Hacker Allegedly Scams $1m from VOIP attacks
This story from www.vnunet.com outlines how an alleged hacker in the United States compromised a number of companies' VOIP networks to earn himself over $1 million dollars.  While not a new scam, it basically is the old trick of hacking into an insecure PBX system and reselling the lines to others, this case demonstrates that while new technologies can bring many new benefits they can also bring new risks.  A lot of interesting details are available in the official US Dept. of Justice complaints against the primary suspect, Edwin Pena and the hacker Pena hired, Robert Moore.

A Stitch in Time
Anyone following the latest security news may have noticed an increasing amount of security breaches occurring whereby sensitive data has been lost from laptops, portable devices or computers used by employees at home, the most noteworthy being the exposure of data on over 26.5 million U.S Veterans.  In a recent research note published by Gartner, it is claimed that protecting data using encryption technologies is 15 times cheaper than cleaning up after a security breach.

BH CONSULTING WEBSITE UPDATE
 We strive at BH Consulting to provide information that is relevant and useful in securing and running your business. To this end we have updated our range of whitepapers and the following is now available for download free from our white papers page;

An Overview of Firewalls (81 KB)

Also on our website you will find a new page outline our Security Assessment Service which provides an independent review of your information security.

LATEST THREAT LEVELS
Get more information on the latest updates on current threats at our online resources page;

FEATURES

Bringing Change Under Control
Change control is more important than ever as an IT control to mitigate many different types of risks, including compliance, continuity, and security. Without effective change control, system upgrades and other changes can wreak havoc on an...  Click Here for more info

Patch Testing: How Much Is Enough?
What determines how soon you should load a patch designed to correct a newly discovered security vulnerability? As soon as a security hole is publicized, a properly skilled attacker might be able to exploit that hole, but you're more likely to be... Click Here for more info

Empower Support Staff Without Sacrificing Control
As an organization grows, so does its IT staff. What once was a small group of trusted individuals is now an organization itself and along with that comes added risks from change control failures as well as unscrupulous or disgruntled employees... Click Here for more info

Security Notifications and You
Microsoft calls them Security Bulletins, Red Hat calls them Security Advisories, and Novell calls them either Security Advisories or Security Announcements. Whatever they're called, they all have the common purpose of notifying customers that ... Click Here for more info

FREE SECURITY SCAN
 In partnership with Qualys, BH Consulting are offering a for a free Network Security Scan so you can check how healthy your network is. To find out more about what this service can do for you, visit our free Network Security Scan

Alternatively contact us or visit our website to get more details on our risk assessment service.

This issue of Security Watch is being brought to you by BH Consulting.  If you have found this issue to be of use please support our drive to raise funds for Focus Ireland.

Each Security Watch eNewsletter, and the special Security Alert issues, are produced independently by the Windows IT Pro Custom Media Group and is distributed by various Microsoft security partners. Each eNewsletter contains up-to-date information about security strategies, technologies, and alerts. Each Security Alert contains the latest information about security threats.

Additional news courtesy of Silicon Republic, Cnet, Silicon and Zdnet

To update your subscription to our newsletter click here.  To unsubscribe click here

Home | About Us | Our Services | Useful Resources | Contact Us | Corporate Responsibility | Disclaimer | Privacy | Blog
Copyright © 2005 BH IT Consulting Ltd.