[Cheyenne] [ Home | Products | Anti-Virus | Firewalls | General Security | Newsline | Experts ] --------------------------------------------------------------------------- ************************************************* THE CHEYENNE SECURITY NEWSLINE *************************************************** October 23, 1996 (Issue #3) THIS MONTH'S HOT STORIES VIRUS ALERT--MICROSOFT CD INFECTED The September edition of Microsoft's Solution Provider CD contains a document infected with the WM.Wazzu virus. This CD is distributed monthly to all Solution Providers and contains information on Microsoft products, logos, and other marketing and product information. The infected file is ED3905A.DOC and is located in the directory \SIA\MKTOOLS\CASE. Wazzu is a macro virus which infects Microsoft Word documents. It first appeared this spring, and because it was posted to an Internet newsgroup, the virus has become more prevalent in the past few months. While the Wazzu virus is not dangerous, it can be a nuicense --all Word documents residing on an infected PC or server will be altered. The latest updates for InocuLAN and Cheyenne AntiVirus can cure the Wazzu virus. For more information on Wazzu, and InocuLAN visit http://www.cheyenne.com/security/VBaseWazzu.html CHECKPOINT ANNOUNCES NEW FIREWALL CheckPoint Software Technologies LTD announced FireWall-1 3.0 which provides sophisticated new security and management features which enable network managers to define and manage a fully integrated and comprehensive security policy from a central security console. The new firewall features the ability to protect users from various hazards, including computer viruses, malicious Java applets and undesirable Web content. Cheyenne has teamed up with CheckPoint to create the industry's first integrated firewall and antivirus solution. CheckPoint Software will both integrate and distribute Cheyenne's InocuLAN anti-virus software with CheckPoint's FireWall-1 network security software, and the two companies will work together to further enhance their products for both the Windows NT and UNIX platforms. http://www.checkpoint.com CHOOSING ANTIVIRUS SOFTWARE Each environment is unique, and therefore deserves special consideration when it comes to choosing the right antivirus software. Cheyenne offers a paper which can guide you through this important decision by discussing the various technologies that are available to keep your system virus free. Whether you are choosing antivirus software for your home or for your network, this guide highlights topics relevant to managing anti-virus efforts in today's environment. Its informative, concise and sure to steer you in the right direction. You can find it at http://www.cheyenne.com/security/wpchoo3.html SECURITY ON THE NET 1996 Computer Crime and Security Survey Survey Highlights: * Respondents confirmed that their information systems are under siege: of those responding, 42% have experienced some form of intrusion or other unauthorized use of computer systems within the last 12 months. Over 50% of those who experienced intrusions, or attempted probes of their internal systems, traced those intrusions to on-board employees. Unauthorized probes were also prevalent from remote dial-in sources and Internet connections. In terms of frequency of intrusions, 22 of the respondents indicated that they had experienced 10 or more "attacks" on their systems with the past year. * Altering data in an unauthorized manner (known in the trade as "data diddling") was the most frequent form of attack reported against medical and financial institutions (36.8% of reported attacks on medical institutions and 21% of reported attacks on financial institutions). * Attacks from US.- owned corporate competitors are of serious concern. Over 50% of respondents cited US. corporate competitors as a likely source of attacks ranging from eavesdropping to system penetration, and reported that information sought in recent attacks would be of use to US. -owned corporate competitors. * The most significant concern of respondents in regard to eavesdropping, system penetration and attacks in which intruders forge a return address to gain access (known as spoofing) centered on independent hackers and external "information brokers" as likely sources. Disgruntled employees and corporate competitors were the next most significant concern in these categories. In terms of security procedures in place to address the above concerns, the survey revealed the following: *Over 50% of respondents don't have a written policy on how to deal with network intrusions. *Over 60% of respondents don't have a policy for preserving evidence for criminal or civil proceedings. *Over 70% of respondents don't have a "Warning" banner stating that computing activities may be monitored. (Absence of "Warning" banners hampers investigations and exposes an organization to liability.) *Over 20% of respondents don't even know if they've been attacked. *Less than 17% of respondents indicated that they would advise law enforcement if they thought they had been victimized. Over 70% cited fear of negative publicity as the primary reason for not reporting. To obtain a copy of the 1996 Computer Crime and Security Survey write: CSI 600 Harrison St. San Francisco, CA. 94107 (415) 905 2626. Hours 9:00 am to 4:30 pm PST. or email: prapalus@mfi.com **************************************** SUBSCRIBER INFO **************************************** Thank you for subscribing to the Security Newsline. You will receive this service monthly or in the event of a computer security or virus emergency. Your e-mail address will NOT be used or sold for marketing purposes. To UNSUBSCRIBE from the Security Newsline, send an e-mail to: listserv@listserv.cheyenne.com and type the following message in the body section: unsubscribe security_newsline To SUBSCRIBE from the Security Newsline, send an e-mail to: listserv@listserv.cheyenne.com and type the following message in the body section: subscribe security_newsline What do you think? What would you like to see? Please send your questions or comments to: newsline@cheyenne.com. Or visit the Cheyenne Security Center at: http://www.cheyenne.com/security And please forward this newsline to anyone you think may find it of value. Copyright 1996, Cheyenne Software. All product names and logos are the property of their respective companies. [Image][Image][Image][Image] | Home | Contact | Search | Whats New | Copyright © 1996 Cheyenne Software, Inc. All rights reserved.