securingyour.info

Here we go again, patch Tuesday.  Microsoft will today release the patches for forty nine vulnerabilities and release sixteen bulletins four of which are marked as “Critical” the highest rating they can get. According to the Microsoft’s advanced notice a “Critical” rating is one that would allow the spread of internet worms without user action, to be honest anything that could compromise your organisations data and integrity is critical something they yet to understand. What has caused this sudden and rather large patch rush, you guessed it mostly to plug the holes used by the Stuxnet worm that targeted various key services and companies. Why you would run something like a Nuclear Power Plant or any country critical service on Microsoft is besides me really, its the equivalent of alarming your company or house then leaving the proverbial post-it note with the code on the front door. Nothing against Microsoft per se it has it’s place and time in any environment just not the most critical not until it far more secure and bug free than it is.

The products that are effected are listed below (basically everything):

Windows XP : Bulletins 1, 2, 3, 4, 6, 7,10, 11, 12, 13, 14, 15, 16

Windows Vista : Bulletins 1, 2, 3, 4, 6, 7,10, 11, 12, 13, 14, 15, 16

Windows 7 : Bulletins 1, 2, 3, 4, 6, 7,10, 11, 12, 13, 14, 15, 16

Windows XP : Bulletins 1, 2, 3, 4, 6, 7,10, 11, 12, 13, 14, 15, 16

Windows Server 2003 : Bulletins 1, 2, 3, 4, 6, 7,10, 11, 12, 13, 14, 15, 16

Windows Server 2008 : Bulletins 1, 2, 3, 4, 6, 7,10, 11, 12, 13, 14, 15, 16

Windows Server 2008 R2 : Bulletins 1, 2, 3, 4, 6, 7,10, 11, 12, 13, 14, 15, 16

Windows Sharepoint Services 3.0: Bulletins 5, 8

Microsoft Sharepoint Foundations 2010: Bulletins 5, 8

Microsoft Office Sharepoint Server 2007: Bulletins 5, 8

Microsoft Groove Server 2010: Bulletins 5, 8

Microsoft Office XP: Bulletins 8, 9

Microsoft Office 2003: Bulletins 8, 9

Microsoft Office 2007: Bulletins 8, 9

Microsoft Office 2010 32 bit: Bulletins 8, 9

Microsoft Office 2010 64bit: Bulletins 8, 9

Microsoft Office for Mac 2004: Bulletins 8, 9

Microsoft Office for Mac 2008: Bulletins 8, 9

Microsoft XML file converter: Bulletins 8, 9

Microsoft Word viewer: Bulletins 8, 9

Microsoft Excel viewer: Bulletins 8, 9

Microsoft Office Compatibility Pack: Bulletins 8, 9

Like I said just about everything, so do patch up there are some really serious holes being fixed and for that we can be grateful, even if it did take a potential nuclear disaster to make it happen.

It even happens to one of the most powerful intelligence people in the world chief Ronald K. Noble, identity theft is one of the easiest forms of information security to protect against. A few simple rules and all this could have been avoided. This is of course not the first time this has happened to a high profile intelligence officer, the now head of MI6 Sir John Sawers had his cover blown on facebook by a slip on humint. I am more than willing to help secure your private information should you need it chief Noble and Sir Sawers, give me a call anytime.

Full story on Chief Ronlad K. Noble
Full story on Sir John Sawers

Here we go again, this time a law firm storing sensitive company data on the publicly facing web server. It’s the price you going to pay for not securingyour.info next time give us a call and all the embarrassment could be avoided. I love the piece from UK Information Commission (ICO), just classic, the next question to be asked then is how secure, encrypted and protected is their information. I would make sure it’s up to scratch before blurting this out in the media, at least with the press in this country:

The ICO said that ACS:Law had a number of questions to answer.

“The question we will be asking is how secure was this information and how it was so easily accessed from outside,” said Christopher Graham.

“We’ll be asking about the adequacy of encryption, the firewall, the training of staff and why that information was so public facing.

Link to the full story on the BBC site

A typical example of whats called an insider threat, a threat that not even the best external security design or systems can stop.  The one that is built on poor access control, bad security policy and simple failure at the HR level to identify potential insider risks through regular people, roles and access assessment. Which should always be part of a regular security policy and procedure.

I agree 100% that security should not be disruptive to work flow or productivity but it must be in place, enforced and implemented. First and foremost to best suit the company’s interests, then the work processes and procedures then the employee roles and responsibilities.  There is no reason this can’t be achieved, there are POC’s all over the world from the Mom & Pops shop right through to the Blue Chip companies.

Security policy, Assessment and Access control the first three steps to avoid this happening to you, or your could simply call us.

Read the full story here

For further reading on the subject of Insider Threats read the eCrime Summary released earlier this year by CERT/US Secret Service/CSO magazine.

Source Data - http://www.net-security.org/secworld.php?id=8534

Click image for larger version