Users need to cautious of email and website visitation:
Olympic 2008 Games - New Phishing sites emerge
QUOTE: Olympic tickets anyone? They are available in the Internet of course, but users beware: the bad guys are still working hard to steal from online users as the 2008 Beijing Olympic approaches.
Trend Micro Senior Advance Threats Researcher Paul Ferguson discovered a fake Beijing Olympics Web site supposedly selling tickets. The Los Angeles Times reports that Olympics officials have already asked federal courts to shut down certain Web sites that pose as sellers of tickets but actually are stealing credit card numbers and other confidential information.
There are already hundreds of victims who lost large amounts of money to this site according to a report by the Los Angeles Times.
The Internet Storm Center continues to provide an excellent resource for the latest breaking news as well as security best practices and techniques. This latest post is worth highlighting as it shares 5 lessons learned in managing a network. While the post is more oriented towards an ISP setting, the same concerns are also present in a corporate environment.
Securing A Network - Lessons Learned
SUMMARY OF FINDINGS SHARED IN ISC BLOG
Lesson 1 – Your logs and Log reports can be your most valuable tool and can give you an advanced warning of mail server abuse. We have a lot of servers and many of them are email servers. I monitor the log files daily to look for any obvious problems.
Lesson 2 – Customer computer’s without anti-virus and/or firewall protection are a big target, not just for them but for their ISP as well. It absolutely amazed me how quickly a computer can go from compromised to abused and used.
Lesson 3 – A mail server, no matter how well protected is in danger of being blacklisted. And once blacklisted it is really hard to get it off the list.
Lesson 4 – Many of our customers whose IP addresses have been identified with spamming have had 2 components in common. They either had outdated anti-virus programs/or using free anti-virus programs and/or they were using programs to download music/movies from the Internet.
Lesson 5 – We have had a few instances where our small business customers had put up web servers or email servers. They either had bad advice given to them or they used out of box solutions and their web servers/mail servers had been compromised.
The Storm Worm continues to try to infect folks by issuing sensational headlines news statements with dangerous links in the body of the email message. Any email URL link is always something to be cautious with, as malicious URLs are easier to get through email filtering controls than infected attachments. Individuals should continue to be on the lookout for more social engineering schemes like this.
Storm Worm - The FBI does not have access to Facebook
QUOTE: Over the last few weeks we've seen a bunch of different Storm themes and we don't blog about all of them because it would get pretty repetitive after a while but it's interesting for us to follow them as the group behind them are sometimes very innovative and sometimes fall back on tried and tested themes.
The latest round which started today talks about FBI getting instant access to Facebook accounts. The file itself is almost a non-event as it's detected by pretty much all vendors already but the theme is new. And we've seen them change themes a lot during the last month.
June 23 - Beijing earthquakes/disaster
July 3 - 4th of July
July 8 - US invasion of Iran
July 21 - New US currency, Amero
July 24 - Love and postcards
July 28 - FBI & Facebook