MY PROFILE | PRIVACY 
Vol. 16, #41 - October 17, 2011 - Issue #850

Interesting Redmond Security Intelligence Report (SIR)

  1. Editor's Corner    
    • Interesting Redmond Security Intelligence Report (SIR)
    • Microsoft Launches Firefox, Chrome Attack Campaign
    • Invitation: Server Hardware, Database Reliability Survey
  2. Admin Toolbox
    • Admin Tools We Think You Shouldn't Be Without:
  3. Webinars & Seminars
    • Free Desktop Virtualization Seminar
  4. Tech Briefing
    • 23 Holes Fixed In Patch Tuesday
    • Embracing a More Heterogeneous IT Future 
    • 5 Cloud Security Companies To Watch
    • 8 Ways To Become A Cloud Security Expert
  5. Windows Server News
    • Speeding Windows Into The Cloud: Move Your DMZ To EC2 In 4 Steps
    • Why Choose One Cloud Computing Provider Over Another?
    • With Virtual Desktops, One Size Does Not Fit All
  6. Third Party News
    • Want To Manage VIPRE Business From Your Mobile?
    • VIPRE Business 5.0 — Release Announcement
  7. WServerNews FAVE Links
    • This Week's Links We Like. Tips, Hints And Fun Stuff.
  8. WServerNews - Product of the Week
    • NEW Free Tool – SNMP ENABLER for WINDOWS

NEW Free Tool – SNMP ENABLER for WINDOWS

This cool tool gives you the ability to remotely install and enable SNMP on any windows server or workstation on your network! Save time when deploying applications requiring SNMP! Download SolarWinds latest free tool and simultaneously enable SNMP on multiple machines.

Learn More>>

 

Editor's Corner

Interesting Redmond Security Intelligence Report (SIR)

Redmond just came out with their Security Intelligence Report (SIR) on October 11, with some VERY interesting numbers. First of all, they put zero-day threats in perspective. Exploits of zero-day vulnerabilities accounted for less than 1% of all exploit activity during the first half of 2011. The press is making a lot of noise about these, but the reality is that the numbers are not alarming. Lots of bark, not so much bite.

Redmond states that they want to provide IT with the data so that they can correctly prioritize, and I appreciate that intention. Jeff Jones, a director of security with Microsoft's Trustworthy Computing group said "For the person who has security as a day-to-day job, they need to worry about the things that are most prevalent and most severe."

I agree! And that is why the next item is so important. Redmond is scoring malware in a way that accounts for the multiple attack strategies most malware now employs, but they also use data from a different sources like malware killed by its Malicious Software Removal Tool (MSRT).

What Causes 45% Of Malware Infections?

Guess what, they concluded that 45% of all malware was spread through user interaction, aka social engineering. Jones said that "Exploits that use a social-engineered attack vector and require user interaction, by the MSRT data, are the most severe threats and the most prevalent."

Well in that case Redmond needs to change the prioritization of their patches, because at the moment an exploit that requires user interaction is only "important", whereas I would call that "critical" based on this data. Also, it shows there is an urgent need to end-user education, and turning off Autorun permanently. Not a bad point to make in Cybersecurity Awareness Month!

Here is a link to the full Redmond SIR report. It's a 160+ page PDF:
http://www.wservernews.com/go/1318583326031

And here is a nifty infographic that shows the big picture:
http://www.wservernews.com/go/1318583338375

SANS has a well hidden resource that shows which regulations require security awareness compliance. If your industry actually is regulated by one of these laws, you might be able to shake loose some more budget for security tools. Does your organization accept credit cards? (And who doesn't) then check out the PCI DSS section on page 1:
http://www.wservernews.com/go/1318583349437

Microsoft Launches Firefox, Chrome Attack Campaign

Julie Bort over at NetworkWorld wrote an article I liked a lot: "In what has become a classic Microsoft-ism, the folks in Redmond on Tuesday launched a website to convince the world that Internet Explorer is the only true safe browser, at least in comparison to Chrome and Firefox. The site www.YourBrowserMatters.org rates the security of browsers on a 1-4 scale. It tells those who use Firefox and Chrome why their browsers don't rate -- and is pretty much not interested in any other browsers.
http://www.wservernews.com/go/1318583407921

Invitation: Server Hardware, Database Reliability Survey

WServerNews and ITIC are teaming up to conduct an online survey on Server hardware and Database Reliability. The aim of this survey is to gauge user satisfaction with the reliability and uptime of your major server and DB platforms and your satisfaction with the pricing, service and support you receive from your vendors. Are the hardware and databases performing up to expectations? Are they too expensive or too hard to use? Tell us what you think.

As always, we know that you’re busy. This survey should take only a few minutes to complete. All responses are kept confidential. The survey is for informational purposes only. No one will call or Email you with any sales pitches.

Once again, ITIC and WServerNews are giving away a free iPad and a free iPod to the survey respondents who provides the most insightful response to the final essay question. So be sure to leave your Email address along with your comment within the Essay question response. Once the survey is finalized, we'll publish the Executive Summary and survey highlights in a coming issue. To thank you, anyone who completes the survey can get a complimentary copy of the Report once it's published by Emailing: [email protected]

Here’s the link to the survey:
http://www.wservernews.com/go/1318583486531

Quotes of the Week

"Optimism is essential to achievement and it is also the foundation of courage and true progress." -- Nicholas Murray Butler

"The world of achievement has always belonged to the optimist."-- J. Harold Wilkins

"A pessimist sees the difficulty in every opportunity; an optimist sees the opportunity in every difficulty." -- Winston Churchill

Warm regards, and thank you for being a WServerNews subscriber. No trees were killed in the sending of this message, but a large number of electrons were terribly inconvenienced. Please tell your friends about us. They can subscribe here:
http://www.wservernews.com/go/1307096257843

Stu Sjouwerman
email me: [email protected]

 

Admin Toolbox

Admin Tools We Think You Shouldn't Be Without

mPowerTools - an AD Admin essential!  200+ reports, bulk import/export, scheduling, GPO/File Share Reports. Eliminate scripting! ONLY $1,299 for limited time! 
http://www.wservernews.com/go/1318848040430

Finally. A Better Way To Audit Activity on Windows Servers. Centrify DirectAudit records and replays privileged user sessions on Windows servers.  There's never been a better way to know if your IT contractors and outsourced staff are solving problems…or creating them. Download the Free Trial NOW.
http://www.wservernews.com/go/1318848158947

Free Service: Email Exposure Check. Find out which addresses of your organization are exposed on the Internet and are a phish-attack target:
http://www.wservernews.com/go/1318583634156

Frustrated with gullible end-users causing malware infections? Find out who the culprits are in 10 minutes. Do the Free Phishing Security Test on your users!
http://www.wservernews.com/go/1318583652140

 

Webinars & Seminars

Free Desktop Virtualization Seminar

Coming to 5 cities throughout the remainder of the year, independent expert and desktop virtualization guru Brian Madden will update you on where the desktop virtualization market is in 2011, focusing on what’s real and what’s not. Spend just a few hours out of the office to take advantage of a live Q&A, peer networking opportunities and tons of valuable information.

Register today!
http://www.wservernews.com/go/1318583725578

 

Tech Briefing

23 Holes Fixed In Patch Tuesday

Nine of the 23 flaws Microsoft fixed with patches this month are rated "critical," meaning attackers could exploit them to break into vulnerable systems with little or no help from users. Eight of the nine critical bugs are in Internet Explorer. The remaining critical flaw is corrected in an update for the .NET Framework. Three of the vulnerabilities fixed with these updates were disclosed publicly prior to today, including a flaw in Windows Media Center that Redmond believes crooks are likely to soon figure out how to reliably exploit. Here is the Microsoft Security Bulletin Summary for October 2011: http://www.wservernews.com/go/1318583819828

Embracing a More Heterogeneous IT Future

Paul Thurrott wrote in his blog, (and something I reluctantly agree with): "It's been a tough decade for IT. We've seen the rise of important consumer technologies—iPods, smartphones, and then tablet devices—which have leaked into the workplace in a viral way not unlike the adoption of early PCs. Although this mania was initially resisted (anyone remember who poured Krazy Glue in the USB ports?), IT finally gave up the fight, with even governmental institutions glumly embracing the so-called consumerization of IT. Today, iPhones, iPads, and other iWhatsits are everywhere, not just in homes but in boardrooms around the world.

Well, I've got bad news for you. This isn't a fad. What you're seeing is an outright revolution and a peek, I think, at a far more heterogeneous technology future. Your ability to roll with these changes, and embrace rather than fight the widening of end-user technology, could very well determine whether you're even necessary in the future, let alone successful." I suggest you read the whole article: MORE:
http://www.wservernews.com/go/1318583886031

5 Cloud Security Companies To Watch

Security is one of the major impediments to enterprises moving their resources into the cloud. So, it's not surprising that numerous cloud security companies are springing up, attempting to address specific cloud security issues, like protecting virtual machines or encrypting data in motion. Here are five up-and-coming companies - some still in stealth mode - that hold a great deal of promise. Story at NetworkWorld:
http://www.wservernews.com/go/1318583961406

8 Ways To Become A Cloud Security Expert

Christine Burns at Network World figured this one out. "Information about how to securely navigate in the public clouds is, well, cloudy. We asked enterprise IT folks and IT consultants what resources they turned to get educated on this particular topic. The responses can loosely be broken down into three categories: niche conferences; big conferences, and authoritative voices accessible on the Internet. Here they are:
http://www.wservernews.com/go/1318584012531

 

Windows Server News

Speeding Windows Into The Cloud: Move Your DMZ To EC2 In 4 Steps

The move to the cloud can be a scary leap, but some aspects of a data center, like the DMZ, are ready to move to an off-site provider. This expert tip will guide you through this shift in four easy steps, no matter what provider you choose to go with: http://www.wservernews.com/go/1318584456250

Why Choose One Cloud Computing Provider Over Another?

The number of cloud services providers on the market can be overwhelming. Which provider is right for you? Let our experts help you narrow it down with this featured article:
http://www.wservernews.com/go/1318584511140

With Virtual Desktops, One Size Does Not Fit All

Server-hosted VDI is only one of many desktop virtualization technologies IT pros combine to deliver Windows desktops today. See how your peers are mixing up traditional PCs, VDI, app virtualization and other remote desktop technologies with this popular piece of content:
http://www.wservernews.com/go/1318584554656

 

Third Party News

Want To Manage VIPRE Business From Your Mobile?

GFI is interested in your opinion and feedback in regards to a mobile phone app that would allow you to remotely manage your VIPRE Business (formerly VIPRE Enterprise) server. This brief survey should take just 2 minutes to complete. Participants will be eligible for a chance to win a $100 Amazon.com gift card (U.S. residents only). Start here:
http://www.wservernews.com/go/1318584700562

VIPRE Business 5.0 — Release Announcement

GFI Software is very pleased to announce the release of VIPRE Business version 5.0. VIPRE Business is the successor to the VIPRE Enterprise family of products.

The version numbers for this release are as follows:

The headline features for version 5.0 include:

- Management Console Improvements

Improvements to the version 5.0 console are centered on ease-of-usability, and feature an updated look and feel. High-visibility toolbar buttons have been added to allow quick access to frequently-accessed areas.

- Agent Software Performance Improvements

Improvements to the version 5.0 agent focus on stability and performance, and resolving past issues that could have caused critical errors in isolated incidents.

- Agent Deployment Made Easy

The VIPRE Site Service and agent software will now automatically provision the Windows Firewall configuration with the necessary exclusions, in addition to displaying new agent installation dialogs. This allows for easier deployment by ensuring that the agent is able to successfully communicate and obtain updates, without requiring manual intervention to adjust the Windows Firewall settings.

- Incompatible Software Removal

Version 5.0 features new technology that automatically handles the removal of most third-party antivirus products prior to installing the VIPRE agent, allowing for easy migration from other antivirus products. This mitigates common risks associated when multiple antivirus products coexist on a single computer.

- Easy Remote Site Management

Version 5.0 simplifies the ability to remotely manage sites via a dedicated communication layer. This allows for easy connectivity to other sites without requiring direct database connectivity as in version 4.0. This is now handled via port 18088, as opposed to SQL port 1433.

- Built-in Database

New installations of version 5.0 will now use a built-in database, removing the Microsoft SQL Express 2005 prerequisite that existed in version 4.0.

- Audit Trail

Audit trail capabilities have been added at the site level, allowing quick and easy access to view configuration changes made within the product.

Here is the download page for both Business and Business Premium:
http://www.wservernews.com/go/1318584732625

 

WServerNews FAVE Links

This Week's Links We Like. Tips, Hints And Fun Stuff

 

WServerNews - Product of the Week

NEW Free Tool – SNMP ENABLER for WINDOWS

This cool tool gives you the ability to remotely install and enable SNMP on any windows server or workstation on your network! Save time when deploying applications requiring SNMP! Download SolarWinds latest free tool and simultaneously enable SNMP on multiple machines.

Learn More>>