Visit www.barracudasecurity.com

Legend

Location Of Theft in AQUA BLUE
URL Of Linked Article In STEEL BLUE or GREEN
Full Content Of Article In BLACK
Theft Description In Body Of Article in RED

Wednesday, April 08, 2009

US MICROSOFT RELEASES SECURITY REPORT Microsoft Security Intelligence Report Shows Rogue Security Software a Top Threat to Internet Users - MarketWatch:

PRESS RELEASE
Microsoft Security Intelligence Report Shows Rogue Security Software a Top Threat to Internet Users
--Cybercriminals take advantage of increased online savvy and human nature.

Last update: 3:01 a.m. EDT April 8, 2009

REDMOND, Wash., April 8, 2009 /PRNewswire-FirstCall via COMTEX/ -- Microsoft Corp. today released the sixth volume of its Microsoft Security Intelligence Report, which showed a significant increase in rogue security software and evidence that threats are predominantly targeting common third-party desktop applications.
This version of the report also showed that the No. 1 reason for data breaches remains lost and stolen computer equipment.

Released twice a year, the Microsoft Security Intelligence Report uses data gathered from hundreds of millions of computers worldwide to provide an in-depth snapshot of the threat landscape. With this volume, which covers the second half of 2008, Microsoft provides more information and insight about threats than ever before by offering new data on document file format attacks, the differences in malware affecting home and business computers, and phishing.

Rogue security software, also known as "scareware," takes advantage of users' desire to keep their computers protected. The rogue software lures them into paying for protection that, unknown to them, is actually malware offering little or no real protection, and is often designed to steal personal information. The Microsoft Security Intelligence Report shows that such programs are now among the top threats around the world. For example, two rogue families, Win32/FakeXPA and Win32/FakeSecSen, were detected on more than 1.5 million computers by Microsoft software, catapulting them into the top 10 threats in the second half of the year. In addition, Win32/Renos, a threat that is used to deliver rogue security software, was detected on 4.4 million uniquecomputers, an increase of 66.6 percent over the first half of 2008.

Rogue security software and other social engineering attacks such as these compromise people's privacy and are costly; some take personal information and drain bank accounts, while others infectcomputers and rob businesses of productivity.

"We continue to see an increase in the number of threats and complexity of those threats designed to implement crime at a variety of levels online," said Vinny Gullotto, general manager of the Microsoft Malware Protection Center. "But as Microsoft and the industry continue to improve the security of our products and people become more concerned about their online safety and privacy, we see cybercriminals increasingly going after vulnerabilities in human nature rather than software. By working with others across the industry, Microsoft is helping combat the next generation of online threats through a community-based defense resulting from broad industry cooperation with law enforcement and the public."

The Security Intelligence Report also showed that as software companies have improved the security of their operating systems, attackers have shifted their focus to the application layer, where the majority of vulnerabilities are now being reported; nearly 90 percent of vulnerabilities disclosed in the second half of 2008 affected applications. The report also showed that Microsoft continues to make significant progress in secure software development and that newer versions of Microsoft software are more secure than previous versions.

Finally, the Security Intelligence Report showed that lost and stolen equipment, not computer hacking, continues to be the most common cause of security breaches resulting in data loss publicly reported in the second half of 2008 -- totaling 50 percent of reported incidents. To mitigate this threat, organizations must implement strong data governance practices to help protect data from criminal access.

Based on the key findings from the report, Microsoft is calling on the technology industry, law enforcement and policy makers to continue to work together to develop new ways to deter online criminals and help protect people online. Microsoft will continue to work with others toward its End to End Trust vision for a safer, more trusted Internet, which will require broad industry collaboration and technology innovations that are aligned with social, economic and political forces. Microsoft also recommends that customers and organizations use the data and prescriptive guidance outlined in the Microsoft Security Intelligence Report to assess and improve their security practices. The proactive steps Microsoft recommends for individuals and businesses include these:
    --  Configure computers to use Microsoft Update instead of Windows Update;
this will ensure the receipt of security updates for Microsoft Office
and other Microsoft applications, as well as security updates for
Microsoft Windows operating systems. More information on how to do this
is available at http://support.microsoft.com/kb/311047.
-- Make sure that updates also are enabled when possible for third-party
applications.
-- Use an anti-malware product from a known, trusted source, and keep it
updated. Be cautious not to follow advertisements for unknown software
that appears to provide protection (rogue security software).
-- Avoid opening attachments or clicking on links to documents in e-mail or
instant messages that are received unexpectedly or from an unknown
source.
-- Enterprise customers should ensure that policies are in place to help
secure all file shares and regulate the use of removable media.
-- Enterprise customers should use the Microsoft Security Assessment Tool
(MSAT), available at
http://technet.microsoft.com/en-us/security/cc185712.aspx, to help
assess weaknesses in their IT security environment and build a plan to
address the risks.
-- Enterprise customers should help control the use of remote management
software.

-- Detailed help and guidance on helping secure the home computing
environment is available on the Security at Home Web site at
http://www.microsoft.com/protect.


A full list of Microsoft's guidance, a downloadable version of the Security Intelligence Report, volume 6, and other related information is available at http://www.microsoft.com/sir.
Founded in 1975, Microsoft (MSFT:
Microsoft Corporation
Last: 18.760.000.00%
4:00pm 04/07/2009
Delayed quote data
Sponsored by:
MSFT
18.76, 0.00, 0.0%)
is the worldwide leader in software, services and solutions that help people and businesses realize their full potential.
SOURCE Microsoft Corp.
 http://www.microsoft.com

No comments: