IT and Audit News
Secret backdoor could be present in new encryption standard; new update enhances security features on Apple operating systems; tips for managing GRC software; internal auditor discusses use of rules vs. internal policies.
______________________________________
GOVERNMENT GRAPEVINE
Secret Backdoor Could Be Present in New Encryption Standard
A new random-number encryption standard, called Dual_EC_DRBG, might contain a backdoor for the U.S. National Security Agency.
http://www.wired.com/politics/security/commentary/
securitymatters/2007/11/securitymatters_1115
Security Breach Exposes Data on 25 Million Individuals
British Chancellor of the Exchequer Alistair Darling recently stated that the UK's Revenue and Customs office lost two discs containing the personal information of everybody in the country who claims and receives child benefits.
http://www.news.com/U.K.-government-reveals-its-
biggest-privacy-disaster/2100-1029_3-6219772.
html?tag=cd.lede
World Could Face Online War Threat
According to an annual report by security vendor McAfee, approximately 120 countries are developing ways to use the Internet as a weapon to target financial markets. This "cyber cold war" threatens to become one of the biggest threats to security in the next decade.
http://www.news.com/World-faces-cyber-cold-war-threat%
2C-report-says/2100-7349_3-6220619.html?tag=cd.lede
______________________________________
SECURITY UPDATES
New Update Enhances Security Features on Apple Operating Systems
Apple released a security update to current and previous versions of its OS X operating system that improves reliability when using VMware's Fusion and synchronization between iPhone and Yahoo address books.
http://www.informationweek.com/security/
showArticle.jhtml?articleID=203101113
Fixing 10 Security Threats on Virtual Servers
Controlling virtual machines and applying existing processes to virtual machines are two of the 10 ways to address security threats on virtual servers.
http://www.cio.com/article/154950/
Hackers Use Banner Ads to Hijack PCs
New breed of online ads from reputable Web sites are hijacking personal computers and harassing users until they agree to buy antivirus software.
http://www.wired.com/techbiz/media/
news/2007/11/doubleclick
Antivirus Software Could Enhance Network Vulnerabilities
German security experts discussed how vulnerabilities in antivirus software make these programs a threat to corporate network security.
http://www.securityfocus.com/brief/632
Social Networking Sites Raise Security Threats
Research from a British online organization found that social networking Web sites could increase people's chances of getting their personal information stolen.
http://www.informationweek.com/security/
showArticle.jhtml?articleID=202806063
Microsoft Issues Important Security Updates
The software company issued two security updates. The first update repairs a critical flaw that opened Windows systems to Web-based attacks, while the second update fixes a vulnerability in Windows Domain Name System servers.
http://www.cio.com/article/154450/Microsoft_Issues
_Two_Vital_Windows_Security_Updates
Flaw Affects QuickTime Media Player
A Polish researcher published exploit code for an unknown vulnerability in Apple's QuickTime media player that can be triggered by a call to a real-time streaming server.
http://www.securityfocus.com/brief/633
Google Removes Web Sites Targeting Searchers
The search engine has purged tens of thousands of malicious Web sites after a software company stated that many search results on Google lead to malicious Web pages that can compromise computer systems.
http://informationweek.com/news/showArticle.
jhtml;jsessionid=PUYP5YSKWALGMQSND
LRCKHSCJUNN2JVN?articleID=204300556
______________________________________
SOFTWARE UPDATES
Tips for Managing GRC Software
Experts offer insight to help organizations make the most of their governance, risk, and compliance tools.
http://www.itcinstitute.com/display.aspx?id=4494
Microsoft Expert Unveils Open Source Strategy
The company's open source expert, Bill Hilf, revealed its open source business model.
http://www.informationweek.com/windows/show
Article.jhtml;jsessionid=MTFUDOSQV3UHSQS
NDLRCKHSCJUNN2JVN?articleID=203100965
Windows XP Outperforms Vista
New tests have revealed that Windows XP has twice the performance of Vista.
http://www.news.com/Windows-XP-outshines-
Vista-in-benchmarking-test/2100-1016_3-
6220201.html?tag=nefd.pop
Mac Hacking Attempt Is Public Relations Stunt
Alleged AppleMatters.com and iPhoneMatters.com hacks were nothing but hoaxes, while Apple-specific hacking attempts are on the rise.
http://www.informationweek.com/software/
showArticle.jhtml?articleID=204300601
______________________________________
OTHER IT AND AUDIT NEWS
Internal Auditor Discusses Use of Rules vs. Internal Policies
Auditor discusses the use of internal policies, standards, frameworks, and controls for compliance with the U.S. Sarbanes-Oxley Act of 2002.
http://www.itcinstitute.com/display.aspx
?id=4444
Tips to Spot Pirated Software
Because the number of people who innocently purchase or receive pirated software increases during the end of the year, the Software and Information Industry Association is providing tips on how to spot illegal software.
http://www.informationweek.com/security/show
Article.jhtml?articleID=203101025
Copyright Enforcement Organization Battles Piracy Front
The Business Software Alliance is targeting small organizations to detect unlicensed software use and piracy by business users.
http://www.ecommercetimes.com/story/BSA-Battles
-Piracy-One-SMB-at-a-Time-60457.html
Foreseeing IT Security Expenses
Coming up with a reasonable estimate of future IT security activities that is based on historical trends can help organizations better estimate how much money they will need in the upcoming year.
http://www.ecommercetimes.com/story/Thinking
-Through-Your-2008-Security-Budget-60445.html
News Web Sites to Enhance Search Results
Google, Yahoo!, and other search engines are working to revise a 13-year-old technology to achieve greater control over how search engines index and display Web sites.
http://www.businessweek.com/ap/financialnews
/D8T7E6RO1.htm
Group Releases Ranking of Technology Impact in the Environment
Greenpeace's latest quarterly ranking of electronic vendors, Guide to Greener Electronics, spotlights the difficulty in measuring the environmental impact of technology products.
http://www.businessweek.com/technology/content/
nov2007/tc20071127_012063.htm?chan=technolog
y_technology+index+page_computers
10 Practices for Better Role-based Access Management
Fostering role-creation collaboration is one of the ways to enhance an organization's identity and access management strategy.
http://www.itcinstitute.com/display.aspx?id=4533
Poor Performance Is Prevalent on Mobile Web Sites
New report discusses how companies such as Google, Facebook, and MapQuest are struggling to perfect their mobile Web sites.
http://www.informationweek.com/news/showArticle
.jhtml;jsessionid=PUYP5YSKWALGMQSNDLRC
KHSCJUNN2JVN?articleID=204301181
|
Print Article