On his well-equipped bike, James Lyne cycled for 91 miles across central London to discover how many wireless networks he could find with outdated weak encryption or no encryption at all! With help from a GPS, two dynamos, and a computer pimped up with solar panels, thousands of unsecured wireless networks were discovered! Read the full article here - http://www.cybercrimesunit.com/warbiking-in-london/
The widely used fingerprint readers and software pre-installed on laptops sold by major vendors like Dell, Sony, and at least 14 others contains a serious weakness that exposes Windows passwords in seconds. Hackers are able to quickly recover account passwords if your laptop uses software from UPEK, according to security researchers. Apparently, laptops equipped with UPEK fingerprint readers and running UPEK Protector Suite stores account passwords in Windows registry almost in plain text. This behavior is similar to when users configure a specific account to log in automatically, which is considered as a very bad practice by most IT Security Pros. Read more here - http://arstechnica.com/security/2012/09/windows-passwords-exposed/
Organizations most often overlook simple steps that would help them protect their data! A breach can cost a company monetary and reputation loses hence, companies should consider implementing controls that enhance cyber security. But what is the best approach to guard against cyber security risks? The Division of Corporation Finance, a part of the Securities and Exchange Commission, has issued guidance on disclosure obligations related to cyber security risks and incidents. Read more here - http://www.sbnonline.com/2012/08/how-to-guard-against-cyber-security-risks/?full=1
Microsoft Security Compliance Manager (SCM) is a free tool that enables you to quickly configure and manage your computers, traditional datacenter, and private cloud using Group Policy and Microsoft System Center Configuration Manager. SCM 2 includes sample policies and DCM configuration packs that are tested and fully supported, all set baselines are based on Microsoft Security Guide recommendations and industry best practices, allowing you to reduce security threats. Read more and download SCM 2.5 from here - http://technet.microsoft.com/en-us/library/cc677002.aspx
Oracle has issued an out-of-cycle patch for vulnerabilities in Java 7 that have been widely exploited to spread malware. This Security Alert addresses security issues CVE-2012-4681 (US-CERT Alert TA12-240A and Vulnerability Note VU#636312) and two other vulnerabilities affecting Java running in web browsers on desktops. These vulnerabilities are not applicable to Java running on servers or standalone Java desktop applications. They also do not affect Oracle server-based software. Go to Oracle Security Alert for CVE-2012-4681 here - http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html