Bits and Bytes – Blurbs Concerning Information Security
McAfee recently announced it has made its 200,000th known patch for malware (software with an evil intent). McAfee, one of the top three providers of security software noted the threshold was passed 60% more quickly than when the 100,000th piece of code was discovered. This indicates the bad guys are working very hard to stay ahead of the good guys.
The government’s auditor, General Accounting Office (GAO), has conducted an audit on FEMA’s practices of assisting victims of natural disasters. The emergency organization issued $2,000 debit cards to most anyone who asked. The audit showed the records kept on the recipients included false addresses, invalid SSNs and fake names. The GAO has not put a final number on the losses.
Automatic Data Processing (ADP) claimed it was tricked into exposing thousands of investors’ personal information. Fidelity Investments, Merrill Lynch & Co. and Morgan Stanley all indicated customer data was affected. The details of the prank were not released. More than 150,000 individuals were put at risk for identity theft.
Microsoft has suggested users of Window’s popular Office software not download any Office type files from any source, even if the sender is known. A piece of malicious software called “zero-day attack” may be embedded into any of the Office application files including PowerPoint. Microsoft is working on the problem and expects a fix to be released by August 8. Examples of files that should be avoided are any Word documents, Excel spreadsheets, Access databases or PowerPoint presentations.
A recently discovered hole in McAfee’s software security programs could have allowed an attacker total access to a subscriber’s computer system. McAfee was beginning to work on a fix for the problem when it discovered the software had already been corrected through a normal update. It is great when we are smarter than we thought.
The government’s auditor, General Accounting Office (GAO), has conducted an audit on FEMA’s practices of assisting victims of natural disasters. The emergency organization issued $2,000 debit cards to most anyone who asked. The audit showed the records kept on the recipients included false addresses, invalid SSNs and fake names. The GAO has not put a final number on the losses.
Automatic Data Processing (ADP) claimed it was tricked into exposing thousands of investors’ personal information. Fidelity Investments, Merrill Lynch & Co. and Morgan Stanley all indicated customer data was affected. The details of the prank were not released. More than 150,000 individuals were put at risk for identity theft.
Microsoft has suggested users of Window’s popular Office software not download any Office type files from any source, even if the sender is known. A piece of malicious software called “zero-day attack” may be embedded into any of the Office application files including PowerPoint. Microsoft is working on the problem and expects a fix to be released by August 8. Examples of files that should be avoided are any Word documents, Excel spreadsheets, Access databases or PowerPoint presentations.
A recently discovered hole in McAfee’s software security programs could have allowed an attacker total access to a subscriber’s computer system. McAfee was beginning to work on a fix for the problem when it discovered the software had already been corrected through a normal update. It is great when we are smarter than we thought.
posted by skgroner | 9:36 AM
<< Home