Category Archives: Security
LinkedIn Spam Attack
Interesting information from Cisco this week regarding the latest social media attack. Starting this week cyber criminals sent spam email messages targeting users of the LinkedIn social media community. This is the largest such attack known to date.
In the attack, victims are emailed an alert that contains a link with a fictitious social media contact request. This morning, these messages accounted for as much as 24% of all spam sent within a 15-minute interval. Clicking the link takes victims to a web page that says, “PLEASE WAITING…. 4 SECONDS,” and redirects them to Google. During those four seconds, the victim’s PC is infected with the ZeuS data-theft malware via a drive-by download. ZeuS embeds itself in the victim’s web browser and captures personal information, such as online banking credentials, and is widely used by criminals to pilfer commercial bank accounts.
This is not the first time that criminals have subverted brands associated with online social media. The criminals controlling the Cutwail botnet routinely send email messages impersonating major social networks and governmental organizations. What makes this attack unique is the combination of the extremely high volume of messages transmitted, the focus on business users, and the use of the ZeuS data-theft malware. This strongly suggests that the criminals behind this attack are most interested in employees with access to financial systems and online commercial bank accounts. According to the FBI’s Internet Crime Complaints Center, criminals stole more than US$100m in 2009 from commercial bank accounts using this and similar methods.
Organisations should encourage individuals to delete such requests, especially if they do not know the name of the contact. This is the second spam attack this month of this magnitude, preceded by the “Here You Have” email worm a few weeks ago. Cisco expects to see more spam messages containing malware sent to organisations in an attempt to collect personal information.
Keep updated with the latest Cisco security insight here.
Cisco Releases AnyConnect Secure Mobility Solution for the iPhone
Cisco AnyConnect Secure Mobility Solution is now available from the Apple App Store. The solution offers highly secure network connectivity from any Apple iOS 4.1 device, improving the productivity of mobile employees by giving them reliable access to business-critical applications while helping their organisations comply with corporate security policies. Nice demo of terminal services in action as well…
Find out more here.
Cisco ASA 5500 Series CSC Edition Overview
One appliance which packs a mighty punch!!! Threat protection and content control at the Internet edge provides comprehensive antivirus, anti-spyware, file blocking, anti-spam, anti-phishing, URL blocking and filtering, and content filtering, all available in a comprehensive easy-to-manage solution.
Microsoft ForeFront TMG and UAG
I have had the pleasure of discussing the latest Forefront technologies with incubation and pre-sales support team staff. The Forefront products protecting Exchange, Office Communications and SharePoint for anti-virus, malware, security are very popular and deployment is not complex. However I hope the following posting helps you understand the benefit of TMG and UAG from the Forefront family which deliver additional benefit especially in the area of remote access. Let me kick off by mentioning the difference between TMG and UAG
A. Forefront Threat Management Gateway is a comprehensive, secure Web gateway that helps protect employees from Web-based threats. It provides multiple layers of continuously updated protections, including URL filtering, antimalware inspection, and intrusion prevention. These technologies are integrated with core network protection features, to create a unified, easy-to-manage gateway that reduces the cost and complexity of Web security. Forefront UAG, on the other hand, delivers secure, anywhere access to messaging, collaboration, and other resources, increasing productivity while maintaining compliance with policy. Integrating a deep understanding of the applications published, the state of health of the devices being used to gain access, and the user’s identity—UAG enforces granular access controls and policies to deliver comprehensive remote access, ensure security, and reduce management costs and complexity.
Forefront Unified Access Gateway :
Forefront Unified Access Gateway (UAG) provides remote client endpoints with access to corporate applications, networks, and internal resources via a Web portal or site. Forefront UAG product documentation is organised into content categories. Use the topics in each category to help you design, plan, deploy, and administer your Forefront UAG servers.
Product Evaluation
The Product Evaluation section provides a summary of Forefront UAG features and what’s new in the latest release, and an overview of Forefront UAG architecture.
Getting Started
The Getting Started section provides the release notes, information about running Forefront TMG on the Forefront UAG server, a summary of unsupported scenarios, and an overview of the user interface and help.
Planning and Design
Use the Planning and Design section before you begin to deploy Forefront UAG. Planning and design guides help you to identify design strategies, and match them with your deployment requirements. Design guides are provided for each stage of deployment, including planning your corporate infrastructure, installation, array configuration, Forefront UAG DirectAccess deployment, application publishing, endpoint access control, and endpoint access component deployment.
Deployment
Use the Deployment guide as you install and initially deploy a single Forefront UAG server or an array of multiple servers, publish applications via Forefront UAG trunks, configure access mechanisms to control endpoint access, and prepare to deploy Forefront UAG components on remote endpoints.
Operations
Read information in the Operations section as you administer Forefront UAG servers and arrays, manage portals and endpoint access, and monitor and log Forefront UAG traffic.
Technical Reference
The Technical Reference section provides information about the Forefront UAG user interface, SQL Server logging fields, and registry keys that are used to configure Forefront UAG settings that are not available in the Forefront UAG Management console.
Troubleshooting
The Troubleshooting Forefront Unified Access Gateway (UAG) section provides information that can help you to troubleshoot Forefront UAG.
Forefront Threat Management Gateway :
Getting Started
The Forefront TMG Getting Started section provides information about what’s new in Forefront TMG, a comparison between Forefront TMG Standard Edition and Enterprise Edition, and a description of Forefront TMG Enterprise storage.
Planning and Design
Use the Forefront TMG Planning and Design section before you begin to deploy Forefront TMG. Planning and design guides help you to identify design strategies, and match them to your deployment requirements. Design guides are provided for each stage of Forefront TMG deployment and operations, including planning for high availability and scalability, installation, securing access to the Web and to internal corporate resources, protecting the computers and servers in your extended network, and administering your Forefront TMG deployment.
Deployment
Use the Forefront TMG Deployment guide as you install Forefront TMG, and configure networks and routing, Forefront TMG server and client settings, Forefront TMG arrays, and Network Access Protection. Under Forefront TMG Deployment you can also find end-to-end solution guides for interoperability with BranchCache, and for planning, deploying, and configuring a Forefront TMG secure Web gateway.
Operations
The Forefront TMG Operations guide provides information to help you set up secure access to the Internet and to corporate resources, configure the protection of computers and servers in your extended network, and manage day-to-day operations for your Forefront TMG servers.
Troubleshooting
The Forefront TMG Troubleshooting section provides information that can help you to troubleshoot Forefront TMG, including how to use diagnostic logging, troubleshooting instructions for Forefront TMG setup and installation, and troubleshooting Web access protection. Unsupported configurations summarizes common unsupported configurations and scenarios that you may encounter when deploying and maintaining Forefront TMG.
Technical Reference
The Forefront TMG Technical Reference section includes detailed reference topics about Forefront TMG, including documentation for administration tools, security applications, and other components that integrate with and build on the Forefront TMG platform.
Development Guide
The Forefront TMG Development Guide provides information for programmatically configuring Forefront TMG, and for developing and using custom extensions for this product.
