Web Threats Weekly - Cyber Security NewsProtect Your Business Through Educating CustomersCompanies need to show some leadership on the privacy and security front by educating customers about how to protect themselves online. That's the advice from Canada's largest credit union, which we've asked to provide tips for this week's Web Threats Weekly. "Every organization that has a web presence ought to provide information for customers on how to protect their computers and their information," says Vancity Manager of Information Security Geordie Cree. Their site provides easy-to-find information on privacy choices clients can make, computer security suggestions, and a section where clients can report an incident if they encounter suspicious email, fall victim to online fraud or personal information is compromised or threatened. For instance, clients are reminded that they will never be sent an email asking to provide personal or account information. Basic security precautions like configuring your firewall, keeping operating systems and applications patched, securing wireless and using strong passwords are must-do's, even if it can seem challenging at times to keep up. As more organizations provide better security information, particularly in easy-to-follow video presentations, it will be easier for good security habits to filter down to the general population, where understanding about security is improving. "At the end of the day, it's surprising to see how many people out there who still aren't aware of the risks," Cree says. "Some people are still clicking on any links they get, following phishing sites and don't have antivirus software installed. As a credit union, we’re trusted with our members’ money. Providing members with information on how to protect themselves and their money online is a simple way we can help, and frankly it’s the responsible thing to do." Web Threats, Network Security and Online Protection Link-FestWe've had our eye on some very informative and entertaining blog posts and articles great for helping business managers and IT people get a handle on the security landscape. Here are a few of our favorites this week: New Online Threat: Recession Malware (Security Management) - This article outlines three schemes cyber criminals are using to target companies that are already reeling in the current economic climate. A good overview, with some excellent tips for keeping your organization safe from the bad guys. Google Docs Security Breach Should Encourage People Not to Use Google Health (Search Engine Roundtable) - A security breach leads some to question whether Google Health is really ready for prime time. I wonder where they might have gotten the idea that the security framework isn't quite there yet for people to put their private medical information on third-party sites? Our own little post on Google Health, perhaps. Investment in Proactive Security Beats Cost of Doing Nothing (Pacific Coast Informer Blog) - What are a few days of your business operating normally worth to you? How much would it cost your business to get shut down for days or weeks at a time? Then, compare that with the cost of being proactive about security. That's the message of this informative post that emphasizes something that is often overlooked - when companies suffer a security breach, their initial losses from disruption of revenue stream can be significant, even greater than what it will cost to fix the vulnerability and get rid of the unwanted presence left behind by hackers. For more information about security, Vaclav recommended checking some of PCIS' resources, including Web Threats Weekly, the Managers Cheat Sheet for IT Security white paper and the Pacific Coast Informer Blog. Learn More About Web Security at Our WebinarPCIS is producing a web security webinar to help organizations better understand how to identify and prevent web vulnerabilities. This is a great opportunity for web developers, webmasters, IT people and other professionals who need to know about enabling better web security for their organization. Registration numbers are limited, so please check in next week for details about how you can participate. |
March 18, 2009Web Threats Weekly is distributed by: Pacific Coast Information Systems Ltd. Toll-free 1.877.744.7558 In this issue:* Protect Your Business Through Educating Customers * Web Threats, Network Security and Online Protection Link-Fest * Learn More About Web Security at Our Webinar * Hacker Bait * Mythbusters Tip #17 * Spam-Alot Web Threats Weekly helps organizations protect their business and their customers from known online threats. Give us your feedback and suggestions for Web Threats WeeklyResources Links: |
 |
Hacker BaitThe latest Hacker Bait list contains websites of e-commerce, social networking and popular new media sites that have been found to have vulnerabilities that hackers and cyber criminals could exploit. This is not a complete list of all vulnerable sites on the Internet, but only represents websites where vulnerabilities were found within the past 90 days. These are only the latest additions to an ever-growing club of sites found to be insecure according to various public sources and online tools used in the web security industry. If you would like more information on our data and why these sites are listed here, please contact PCIS Hacker Bait Sites With Vulnerabilities Discovered in Past 90 Days
|
Mythbusters Tip #17"Firewalls are simple to set up for your security."We're not sure where this impression came from, but firewall configuration is one of the last things you want to assign to the new guy on his first day. Poorly-configured firewalls can block legitimate users or customers, or on the other end, leave your sytems open. Firewall
configuration isn't something you can just guess at. Find a trained and
certified expert to set up, configure and maintain the firewall. The
initial set-up out of the box can provide some protection, but a
firewall must be monitored and maintained to ensure vulnerabilities are
closed off, especially for enterprise-class firewall users. Let the
experts handle this. Spam-AlotSpammers are linking to blogs, profiles and other pages on these trusted sites to give victims a false sense of security that the links can be followed safely. These sites may not have been hacked, but following the spam links to these sites and clicking on links shown there can result in harm to your computer. If you would like more information on our data and why these sites are listed here, please contact PCIS Spam-Alot Websites Exploited Since March 12, 2009
|
||||
Boonbox and Pacific Coast Information Systems Ltd.Boonbox is a division of Pacific Coast Information Systems Ltd., specializing in products for web security, network security, password management and data backup. PCIS is a Vancouver-based company which provides strategic consulting, application development, technology solutions and managed services to companies and government organizations throughout North America. |
|||||
|
HOW TO SUBSCRIBE/UNSUBSCRIBE SUBSCRIBE: To subscribe to Web Threats Weekly, send a blank email message with subject line "SUBSCRIBE" to informer@pcis.com UNSUBSCRIBE: If you do not wish to receive future issues of Web Threats Weekly, send a blank email with subject line "UNSUBSCRIBE" to:informer@pcis.com and we will promptly remove you from our distribution list. WE WANT YOUR FEEDBACK Our purpose for providing this free service is to keep our clients and business contacts informed of technology developments. This information can help them resolve common problems and achieve their full potential by strengthening their business processes and infrastructure. Your input is important to us and we welcome your ideas for new features and how we can continue to improve our service to you. Send your comments and suggestions to informer@pcis.com or contact us directly at 604.844.7558 |
|||||
