InfoSec News

CopyTrans provides important functionality that iTunes just doesn't: the ability to back up individual media files directly from your iPhone or iPod to your PC. I have reviewed CopyTrans in the past, mostly favorably, but the product hit a wall when the iPad and iPhone 4 were released: CopyTrans didn't work with either.
 
The Dell Latitude 13 ultraportable laptop inspires technolust when you first pick it up. It's sleek, it has a great keyboard, and it weighs less than 3.5 pounds without the power brick. The LED-backlit display looks pretty good for most desktop chores. And all of this laptop-PC goodness comes in a package just 0.65 inch thick.
 
IBM opened the doors to its Almaden Research Center this week to show what its scientists are working on, including some advanced technologies for storage and data analysis.
 
An emerging class of extremely low-power servers is helping Internet companies and hosting providers to slash their energy bills, and proponents say they could have a role in the enterprise as well.
 
Google had a good month in September, with its search share gaining and rivals Yahoo and Microsoft Bing taking a hit.
 
The FCC will look at ways to prevent so-called bill shock for mobile phone customers at its next meeting, even though a mobile trade association says customers are already well informed about their calling plans.
 
Microsoft will unveil devices running its new Windows Phone 7 operating system for the first time at an event in New York Monday that some experts predict will be a make-or-break product launch.
 
Ford is releasing a software development kit to more companies, inviting them to build applications for its Sync in-car voice-activated computer.
 
Traditional command center solutions providers beginning to embrace PSIM concepts of turning security data into business intelligence--and generating substantial PSIM-related revenue--include some heavy hitters: ARINC, Boeing, DAQ, GE, ICXT, Intergraph, Kaplogic, L-3, Magall Senstar, and Northrop Grumman.
 
Sen. Charles Schumer has introduced a bill that would protect municipalities and school districts against financial losses resulting from certain types of cybertheft.
 
The upcoming Tuesday promises to be a busy one at the Internet Storm Center. Tuesday October 12th is the next Microsoft Patch Tuesday and it looks like a record number of bulletins. If my math is correct it looks like 16 bulletins covering 49 vulnerabilites.
Detailed information can be found in the advance notification bulletin.
As a brief summary:

12 updates for various Windows flavors, including 3 criticals
1 important update exclusive to Windows servers,
1 critical update for Internet Explorer
2 important updates for Microsoft Office

I suggest that those of you responsible for testing, and rolling out these updates get some sleep this weekend while you can!
DIARYUPDATE:
A reader points out that Tuesday will also be the day that 81 Oracle patches are released.
-- Rick Wanner - rwanner at isc dot sans dot org - http://namedeplume.blogspot.com/ - Twitter:namedeplume (Protected) (c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
 
Citrix Systems' XenClient, its bare-metal hypervisor for desktop virtualization, is a work in progress and will primarily help IT professionals get comfortable with the product, according to company officials.
 
Microsoft's Bob Muglia, head of the company's Server and Tools Division, is gung-ho on cloud computing and on Microsoft's efforts to make it easier for customers to embrace the technology. He talked about what Microsoft is doing in an interview with IDG Enterprise Chief Content Officer John Gallant and and InfoWorld.com Editor in Chief Eric Knorr.
 
Microsoft's Bing search engine will give special treatment to search results from the archives of the French National Library, the two organizations announced.
 
Facebook launched a new feature this week that gives you a detailed overview of the data permissions that you've granted to apps. Here's how to find the new dashboard and adjust your settings.
 
Mark Gibbs takes a look at a video surveillance system with some good ideas and some annoying flaws
 
It's Friday, so let's have some fun. Ever read something on the Web that made you so mad, you just wanted to blast the entire page to smithereens?
 
The annual State of the CIO study provides Australian chief information officers with local research on leadership strategies, salary ranges, tenure and business priorities in mid to large organisations. CIOs in organisations with an average of 145 IT staff, supporting 7000 users participated in this year’s study and provided a benchmark for best-practice in IT business management. The study is part of a global research project which allows CIOs to compare their priorities and objectives with those of equivalent organisations in the United States.
 
The UAE's official news agency WAM today reports that the Telecommunications Regulatory Authority has said that Blackberry services will continue to operate after the previously set Oct. 11 deadline.
 
The first crop of smartphones with Microsoft's overhauled Windows Phone 7 operating system are being unveiled Monday. Microsoft's future in the mobile business hinges on consumers embracing what the CEO Steve Balmer says is the "delightful" OS.
 
Mozilla has released the first beta versions of Firefox 4 for mobile phones. Versions are available for download for Android-based smartphones and for the Nokia N900, Mozilla said in blog post on Thursday.
 
Motion sensing technologies like Microsoft Kinect won't be limited to PCs and video game consoles, Microsoft's chief research and strategy office Craig Mundie said in a speech at the Massachusetts Institute of Technology Thursday.
 
The CTIA mobile conference usually revolves around applications and services for mobile phones. But this year in San Francisco it's tablet computers that are the center of attention -- and not only because they are popular with consumers, as many might expect.
 
With the latest version of Apple TV, has Apple finally succeeded in marrying digital entertainment and the living room?
 
You're going on a business trip -- or maybe getting away for the holiday weekend -- and your smartphone has GPS, Google Maps and a weather app. Now what?
 
This week's overhaul of Facebook groups quickly led to an outcry over the way the service works, but the bigger lesson may be simply this: Be careful who you befriend.
 
Welcome to day 8! Today we want your opinions on patch management and system updates. In this modern world where the gap between vulnerability and exploit is rapidly closing, and exploit code is being delivered via popular websites and ads it is as important as ever to keep your system and applications up to date.
To get you started...when Iset up a Windows computer for my family and friends the following are essential:

ensure Windows Update is turned, set to install recommended updates and configured to install updates daily at a time when the computer is likely to be on.
install Secunia Personal Software Inspector (PSI). PSImonitors your Windows applications, lets you know when applications are out of date, and provides download links to help remediate. PSIis free for non-commercial use.

Now it's your turn. What tools and techniques do you use to ensure the systems under your control are up to date?
As usual the comment feature below or our contact form are awaiting your sage advice.
UPDATE:
Dave R. Commented that he likes to use WSUSOffline. It can be carried, software and patches, on a USB thumb drive. Just plug it in and patch.
-- Rick Wanner - rwanner at isc dot sans dot org - http://namedeplume.blogspot.com/ - Twitter:namedeplume (Protected) (c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
 

Internet Storm Center Infocon Status