The Ides of March: Come and Gone!

By dhadaway - Last updated: Tuesday, March 16, 2010

Infotex has released an upgrade to our portal, my.infotex.com, with the introduction of a new “blog site” based on Wordpress instead of Geeklog. This site will eventually be the authentication point for all classes of users (from public through client and associate to various levels of employee.)

Filed in Infotex News

Hello World!

By swaugh - Last updated: Monday, March 15, 2010

As you have probably already noticed, we have updated our security portal recently with a few changes. This is the initial release of our long vaunted Portal 2.0 project. This new content management system will be the base upon which we migrate and build components from our old site.

Filed in Infotex News

Phishers Used Facebook to Penetrate Financial Firm’s Computer System

By bfagel - Last updated: Wednesday, March 10, 2010

We have talked about Social Media in prior posts. The following is one of the reasons why.

Phishers used Facebook to burrow their way into the network of a large US financial company last year. The attackers took control of one employee’s Facebook account and using information culled from that individual’s friends’ profiles, sent what appeared to be personal messages to several other company employees about pictures taken at a company picnic. The phishers learned of the picnic through postings on the hijacked account. When one of the other employees received a message asking her to click on a link that would allow her to view the pictures, her computer became infected with keystroke logging malware.

Read the Full Article

Filed in Vulnerability News

Trojan Found in Battery Charger Software Download

By bfagel - Last updated: Wednesday, March 10, 2010

A download for the Energizer DUO battery charger software has been found to contain a Trojan horse program. The malware is capable of sending files to the attackers or downloading even more malware.

Read the Full Article

Filed in Vulnerability News

Free Security Awareness Posters

By dhadaway - Last updated: Tuesday, March 9, 2010

Microsoft (Yup, of all people, Microsoft) has made a few Security Awareness posters available. They’re quite good. If you’re looking for something to post by the water-cooler, these are great candidates.

Read the Full Article

Filed in Controls

Auto-Reply Basics

By bfagel - Last updated: Tuesday, March 2, 2010

Technology. It’s here and people are not afraid to use it. They want to take full advantage of its possibilities. No stone left unturned so to speak. This includes an e-mail system’s Auto-reply feature. When we are out of the office, we don’t want our clients or other business associates to sit and wonder why we are not responding to their e-mails. We want them to be aware that, for the time being, we are out of the office and will get back with them when we return.

Read the Full Article

Filed in Infotex News

FFIEC Retail Payment Systems Booklet Updated

By bfagel - Last updated: Thursday, February 25, 2010

The FDIC has issued the following Financial Institution Letter:

Summary:
The Federal Financial Institutions Examination Council (FFIEC) has issued an updated Retail Payment Systems booklet. The booklet is part of the IT Examination Handbook series and serves as guidance for examiners, financial institutions, and service providers on identifying and controlling risks related to retail payment systems and related banking activities.

Read the Full Article

Filed in Article Reviews

Banking Passwords Often Used for Other Sites

By bfagel - Last updated: Friday, February 5, 2010

According to an article post, nearly three-quarters of computer users have the same password for their online banking accounts that they have for other, less secure websites.

Read the Full Article

Filed in Article Reviews

The User Level: Social Engineering

By bfagel - Last updated: Friday, January 29, 2010

Social Engineering is the practice of receiving information you are not authorized to have through means of deception and exploitation. Social engineering is when someone tricks another person into giving them information under false pretenses.

Read the Full Article

Filed in Infotex News

Update Your Threat List!

By bfagel - Last updated: Tuesday, January 26, 2010

If you are looking to update your security awareness training materials (and in some cases, your Acceptable Use Policy), here is an EXCELLENT article that can help.

Read the Full Article

Filed in Vulnerability News