TIME.com: The Invasion of the Chinese Cyberspies (And the Man Who Tried to Stop Them) -- Sep. 05, 2005 -- Page 1

The Invasion of the Chinese Cyberspies (And the Man Who Tried to Stop Them) -- Sep. 05, 2005 -- Page 1:

The most secure networks in the world are easily hacked by foreign states - how are businesses to secure themselves? If security is but an illusion, then American businesses must do better to expand business continuity and disaster recovery planning to deal with the real risk of economic terrorism. -Bryan

US Air Force scrambles after privacy breach | The Register

"The US Air Force has been forced to notify more than 33,000 airmen that their personal details might have been exposed following the discovery of a computer security breach. The notification comes after Air Force personnel officers discovered suspiciously high activity on one account into a careers database, called AMS (Assignment Management System), dating back to June."

This hack was done using existing and valid login credentials....Shows the need for good multifactor authentication.

-Bryan

Exploit for unpatched IE vuln fuels hacker fears | The Register

http://www.theregister.co.uk/2005/08/19/0day_ie_exploit_fears/ "Microsoft is investigating an IE security bug amid fears that a hacker attack based on the vulnerability is imminent. A flaw in Microsoft DDS Library Shape Control COM object (msdds.dll) is at the centre of the security flap."

This problem may be partially mitigated by blocking activeX at the perimeter until there is a patch/architecture fix from M$. Now, if the exploit comes in via HTTPS (secure tunnel) forget scanning for it - I know of only one company that makes an HTTPS scanning transparent firewall at this time...not Fortinet, not Cisco, not Checkpoint...

It may be that Finjan would stand a chance at stopping upcoming exploits that are 0-day, beating the AV community to the punch...we'll see.

Still, I recommend stopping ActiveX at the border preemptively.