|
|
and will never be wiser on the morrow than he is today.
Tryon Edwards (1809-1895); US author, lexicographer.
- Weekly summary -
Oxygen3 24h-365d, by Panda Software (http://www.pandasoftware.com)
Madrid, September 27, 2003 -This week, Oxygen3 24h-365d has reported the
news summarized below(*).
- Prevention: the best weapon for protecting computers (09/22/03).
In practice, the best weapon for protecting computers is to implement
several preventative measures including definition of adequate security
policies, procedures for continuous updating of security products and staff
training. Although executives are aware of these needs, companies do not
take protection measures, so systems and data are all too often exposed to
attacks.
- ATCP update for Novell NetWare 6 (09/23/03).
Novell has reported the publication of a new version of the TCP
implementation for NetWare 6 servers. The update corrects several
vulnerabilities, like the failure in the Initial Sequence Number (ISN)-. In
the TCP update for Novell NetWare 6 the TCP.nlm and BSDSock.nlm have also
been changed to fix an issue with transparent proxy being accessible from
the public site.
- Security update for Mac OS X (09/24/03).
Apple has released security updates for Mac OS X that correct several
vulnerabilities which could allow Denial of Service (DoS) attacks or even
remotely compromise the affected computers.
- Virus Hits Federal Visa-Checking System (09/25/03).
Several sources -including ZDNet and abcNews- have published that the system
used by the U.S. government for checking every visa applicant for terrorist
or criminal history, has been disrupted by the Welchia worm (detected by
Panda Software as Nachi.A).
- Fraudulent means of obtaining information over the Internet (09/26/03).
The term 'phishing' is used to refer to any technique used for tricking the
user into giving confidential information (such as account numbers, credit
card numbers, passwords, etc.). Most of these attacks are carried out via
fraudulent e-mails, sent by the attacker, which prompt users to confirm
certain information about their account. In order to trick users in handing
over this information, the message uses a range of reasons from
modifications to security systems to warning of account cancellation if this
data is not updated and confirmed in a limited deadline. In practice, if you
are not sure of the legitimacy of a message asking for confidential data,
the most recommendable thing to do is to contact the corresponding entity,
through a secure channel (telephone, e-mail address, bank office, etc.).
(*) The complete articles corresponding to these summaries are available
from the Oxygen3 24h-365d archives at:
http://www.pandasoftware.com/about/press/oxygen3/oxygen.asp
NOTE: The address above may not show up on your screen as a single line.
This would prevent you from using the link to access the web page. If this
happens, just use the 'cut' and 'paste' options to join the pieces of the
URL.
|
|
|
 |
|
No Comments Allowed for Anonymous, please register |
|
| |
|
Login |
|
 |
|
|
|
|
· New User? · Click here to create a registered account.
|
|
|
Article Rating |
|
|
|
|
|
|
Average Score: 0
Votes: 0
|
|
|
