Open source IDS gets an Update
IT managers who want to get a handle on their security logs but don’t have the budget for big-ticket software can check out an updated version of the open source, host-based intrusion detection system OSSEC. OSSEC Version 1.1 performs log analysis, integrity checking, Windows registry monitoring, rootkit detection, time-based alerting and active response. OSSEC uses a client/server model with server software at a central location and distributed agent technology on managed devices. The software runs on most operating systems, including Linux, OpenBSD, MacOS, Solaris and Windows.
Phishers hook job site users
Attackers are launching targeted phishing scams from the job-related site CareerBuilder.com, according to one network manager, who says his engineering firm recently had to combat phishing techniques that use phony online resumes. Marc Cote, manager of network services at a Midwest engineering firm that routinely posts job openings on CareerBuilder.com, says the phishing e-mail includes a fake name with a cover letter stating the wish to be considered for employment, and a link to a Web site that supposedly contains the applicant’s resume. However, it is actually a phishing site that “then tries to execute a backdoor Trojan,” to take over the victim’s machine, Cote points out.
RSA to launch anti-fraud tool
RSA is set to launch in April its new RSA FraudAction Anti-Trojan service, designed to help companies secure their organizations, brands and customers from a new generation of crimeware attacks. These attacks, including session-hijacking Trojans and keyloggers, are being deployed to steal personal and financial data. RSA FraudAction Anti-Trojan service will provide a layered approach to dealing with these attacks, covering identification, analysis, blocking, and shutdown of attacks. This service is geared for financial institutions to help improve security of their businesses online, according to RSA.