Link: http://titssn.org/signup.php

Greetings my fellow readers,

This is an early heads up for you our valuable blogs readers that we will be giving away a lot of great full version security solutions for FREE as a part of our contribution towards helping to provide more education, awareness and security for our online users. We value your support in reading our blogs and sending me your feedback and support so here’s a little something back from us to you.

There will be anti-virus suites, anti-malware suites and other detection, prevention and mitigation solutions from the vendors in our network. You must be an active member of our social network to win so join up now and get ready for some good stuff. All are invited so join us if you are not yet a member of the best new social network around.

http://titssn.org/signup.php

The giveaway details will be provided shortly as I work on purchasing the solutions to have enough to distribute.

Thank you and have a great day,

~Brett A. Scudder~

Link: http://titssn.net

Good day to you,

Last year I started a series of online presentations that were geared towards IT Security education, training and awareness and they had their ups and downs. One thing that is sure is that the information needs to get out to the people but more importantly is to get the right info and resources out. While I invited people to the sessions they declined to attend only to come back with questions of a similar issue a week or two later. Many people today still don’t know how they are impacted by these security issues or how to address them. My online sessions provided critical information about such things in an effort to let people know that IT Security IS a people problem, NOT an industry one and so they must get educated and be aware of what the threats landscape looks like and where they fit into it.

So this year, 2010, we are taking it one step further and introduce a monthly online IT Security Panel discussion to help address some of the issues that are out there in the wild. My aim is that by doing this online we can/will attract a wider range of people in the comfort of their homes, workplaces and places of learning.

I have met and talked with a few security experts who will be joining us at different levels of the security space to help to make this valuable and resourceful. More details will be posted as the sessions are aligned with the panelists so stay tuned.

Thank you and have a great day,

~Brett A. Scudder~

Link: http://titssn.org/signup.php

Good day to you,

It is always a challenge to drive the attention, traffic and visibility of technology and IT Security education, awareness and guidance to the masses as it isn’t one of those things they pay attention to until something happens or there is a need. As a Technology/IT Security leader for today and tomorrow, we, TITSSN, are always pushing for proactive approaches to getting the information, resources and value to the people so that we can stop, block and prevent successful attacks before they happen.

It is for this reason that we’re adding more value and incentives to our network to drive active membership on the site by giving a $50 USD gift certificate to every 100th new member. This will be monitored to ensure that the 100th member is actually a real person who does something on the site other than just signing up. We have put security measures in place to try and block all levels of spamming (posts, commenting, signup) in order to maintain the realness of our network and resources especially for these incentives. There will be other giveaways and incentives as we try to bring the value of the education and awareness to the global user base of people.

There is more to come as we look into the deliverables of our network and resources. A new partnership is in the works with a very popular publishing provider to offer printed materials in networking technologies (IP com, network security, storage), and Cisco® certification. These materials will be added into the Virtual gifts and other offers on the site to enhance the training and education of our members.

Our network was built to provide value and in so doing, we are adding value across the board for all.

There are some limitations in geographic locations for the recipients and we are working on these issues to ensure that everyone can and will benefit from what is being offered.

We thank you for your support as we build on this network and its resources.

http://titssn.org

Thank you and have a great day,

~Brett A. Scudder~

Link: http://secunia.com/advisories/35274/

TITLE:
Xvid Multiple Vulnerabilities

SECUNIA ADVISORY ID:
SA35274

VERIFY ADVISORY:
http://secunia.com/advisories/35274/

DESCRIPTION:
Some vulnerabilities have been reported in Xvid, which can be exploited by malicious people to potentially compromise an application using the library.

The vulnerabilities are caused due to boundary errors within the “decoder_iframe()", “decoder_pframe()", and “decoder_bframe()”
functions in src/decoder.c. These can be exploited to potentially corrupt memory via specially crafted video files.

Successful exploitation may allow execution of arbitrary code.

The vulnerabilities are reported in versions prior to 1.2.2.

SOLUTION:
Update to version 1.2.2.

PROVIDED AND/OR DISCOVERED BY:
The vendor credits John McDonald and Christopher Valasek of IBM X-Force.

ORIGINAL ADVISORY:
Xvid:
http://www.xvid.org/News.64.0.html?&cHash=0170b4e439&tx_ttnews[backPid]=64&tx_ttnews[tt_news]=7
http://cvs.xvid.org/cvs/viewvc.cgi/xvidcore/src/decoder.c?r1=1.80&r2=1.81

———————————————————————-

About:
This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

Subscribe:
http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/

Please Note:
Secunia recommends that you verify all advisories you receive by clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Link: http://titssn.net

Good day to you Mr. President,

It is good to see that you are taking a stance in the IT Security issues of today but the most fundamental problem we face is the concept that it is an industry or corporate problem. IT Security is a people problem and until we start seeing it that way our approach to the issues will always fail. The availability of information and resources to mitigate these issues needs to be centrally available and disseminated effectively across the board in an unbiased manner.

No man stands alone in this cyberwarfare, we must unify the effort to strengthen all links/angles as all are affected, no exceptions.

The problems of the technology space exist across all levels in personal, business and professional use. All are impacted by these issues and when a corporation is hacked and the data stolen, in most cases the end users are the ones that suffer because it is their personal info that ends up in the hands of the hackers or thieves.

I love the fact that you are a technology/gadget minded person as you’re aware of what they entail and how vulnerable we can be through them. I’m sure you would like to see these issues by more feature/resource rich securely and so we both share the same goals, security for all and across all levels.

How about helping us create better education and awareness initiatives like our ENGAGED. We need these levels of training, education, awareness and development at the lower school levels as well. Provide the funding needed to expand on the security users’ group communities and driving the availability of information and resources.

Let us work together on these initiatives and get over the power struggle issues.

We look forward to working with you and your administration sir.

Thank you and have a great day,

~Brett A. Scudder~

Link: http://titssn.org

Good day to you,

Here is the list of active groups on our social network to-date. Be sure to join in on the discussions and content that is being made available.

After Earth - Documentary by Mr. David Carlos
Application Security - developing secure applications and standards
Breach Notification Laws - country/state laws
Business to Business IT Security "BtBITS" - businesses protecting each other’s interests
Certified IT Security Professionals
Cloud Computing/Security - Issues, concerns, development, education and awareness
Computer Forensics - Data and Network
Cybersecurity - myths, issues, concerns, development, education and awareness
CyberWar - on, about, awareness, information, collaboration
Data Security - securing the data/information
DCITSUG – Washington DC IT Security Users Group
Emergency Security Response Program "ESRP"
Endpoint Security - What are they, why they are vulnerable and how to protect them
Hacking Unleashed - Ethical/Unethical - the world of hacking
I-CON Science and Technology Conference
Identity Theft - prevention, support and solutions
Incident Response - What happens when something goes wrong/bad?
IT/Security things/issues that make you paranoid
IT Security Best Practices – General
IT Security Facts and Myths
IT Security Leaders
IT Security Requests and Support
IT Security Service Providers ~ITSSP~
IT Security Threats Research and Development
IT Security Training and Development – General
IT Security in our educational institutions - curriculum upgrade
Linux Development, Security and Support
Mac OS development, Security and Support
Microsoft Small Business Server Security - Securing the server and components
Mobile Security - securing the mobile users/devices and they data they host
Managed Security Services Providers "MSSP"
NYeWin - New York Enterprise Windows Users Group
NYITSUG - New York IT Security Users Group
NYSBS - New York Small Business Server Users Group
Online Security - Securing your online experience
OWASP - Open Web Application Security Project
PAITSUG - Pennsylvania IT Security Users Group
PC Security at home
Perimeter Security - securing the perimeter
Please educate me and make me more aware, I am here to learn
Phishing / Social Engineering - definition, prevention, protection and the art of the trade
Physical Security - a critical part of your security model
Protecting your Privacy and Intellectual Property
Ready Rockaway - Disaster/Emergency Preparedness
Small Business IT Security - securing the small businesses
SPEAK - Security Professionals Engaged in Advanced Knowledge
Social Networkers United - the future belongs to us
Social Networking - security, trends, myths and best practices
TITSSN’s Adopt an Institution Program - ~AaIP~
TITSSN’s Code of Honor - Advocates for the future of professional Messaging
TITSSN’s Code of Honor - Advocates for the future of IT Security Education and Awareness
TITSSN’s ENGAGED ~ENabling Greater Awareness, Growth and Educational Development~
TITSSN’s General Network Members
TITSSN’s IT Security Community Outreach Program ~COP~
TITSSN’s IT Security Scholarship Program ~ITSSP~
TITSSN’s IT/Technology/Conferencing/Training/IT Security Operation Center
TITSSN’s Secure Medical Protection Program ~SMPP~
TITSSN’s Secure Mobile Professionals Network ~SMPN~
TITSSN’s Secure Minds Initiative
TITSSN’s Small Medium Business IT Security Summit ~SMBITSS~
TITSSN’s Windows 7/Vista SP2/Windows Server 2008 SP2 Testing and Development Group
The Compliance Suite (Regulatory/Non Regulatory)
The Framsyn Initiative
The IT Security Threats Landscape ~TITSTL~
The Parents Suite - a place for parents to collaborate on technology and security in the home/school
The Privacy Suite – it’s all about privacy
Viral Outbreaks - containment, response, prevention
Viral, Spyware, Malware Detection and Removal - the growing trends
Voices of IT Security
Wireless Security
Workplace Safety and Security issues

Government Security Mandates, Protocols, Policies and Response

US - CERT - United States Computer Emergency Readiness Team
US - CIA - Central Intelligence Agency
US - DHS - Department of Homeland Security
US - FBI - Federal Bureau of Investigation
US - NSA – National Security Agency

http://titssn.org

Thank you and have a great day,

~Brett A. Scudder~

Link: http://titssn.net/technologycenter

TITSSN offers a state-of-the-art conference center that provides the needed training, education and awareness services for tomorrow’s personal and business enhancement needs. Our facility maintains the latest technology products, solutions and services that will keep you current and ahead of the technology game. Our friendly staff is always willing to assist in your needs and can provide more information if needed.

Located 15 minutes from the JFK airport and 2 stops on the local subway train, our center is located in the beautiful town of Far Rockaway and its beach front splendor and comfort. A 5 minutes walk to the beach gives access to miles of beach front and boardwalk for your relaxation and comfort before or after your meeting/event.

We are technology leaders with a global presence that allows collaboration and networking for all. No matter what size business or need, we can fulfill it. Feel free to visit our website for more details and feel free to contact us if needed. We are here for you.

Our Center Services

Hosted group/office meetings (on and offline)
Internet access, browsing
Web Hosting (domain, messaging, Microsoft Exchange and more)
Teleconferencing Services (audio and video)
Presentation visual tools - projector and whiteboard
Professional messaging classes - email configuration, ethics, posture and use
Blogging - implementation, config, use and promotion
Mobile device configurations and setup (Smartphone’s, Blackberry’s)
Document scanning and imaging
Internet safety and security classes
Social Networking classes (Twitter, LinkedIn, Facebook, TITSSN)
IT Security training and awareness classes
Customized computer/technology training and development classes
Internship Programs—schools, colleges, universities
Web infrastructure development (blogs, websites, forums)
Monthly Group Networking meetings
Computer servicing, support, system cleanup and repairs
Business Workcenters—workspace for business operations
Security Threat and Health Assessment
Office/business networking

http://titssn.net/technologycenter

Thank you and we look forward to creating the perfect venue for your event/meeting.

~TITSSN~

Link: http://titssn.org

Good day to you my members, friends, connections, clients, partners, associates, et al,

Today I am very excited to send you a very special invitation to join us in our new home for you to benefit from what is being provided for you, and to help build on the collaboration and networking resources we’re making available for all on and about technology and IT Security. Don’t think of this as “another network”, think of it as a better network with a more targeted focus on two critical areas of our future, IT/technology and securing them. We’ve taken some of the best features of LinkedIn, Facebook and Ning and integrated them into our own with more to come.

We have put a lot of work into it and will continue to do so in order to make it more valuable as we move forward.

I know this will be of great value for us all as we are all affected by the issues and there impacts and so we must build this great place of collaboration and networking about it. Please help to share this new resource and info.

About the network.

Our Technology / IT Security Social Network is a professional place where people come together to create a vibrant, resourceful, strategic and secure social atmosphere of networking, training, education, awareness and collaboration for, on and about technology and securing them.

We invite you to participate in the full functions and features of our network as we build on it to enhance its values and mission for the future. We ask that you share the word with your associates, friends, peers and everyone that is interested in the world of security and being more comfortable and secure in it. This network is specifically geared towards technology, IT Security and everything in and about it.

The focus of this social network is to build greater training, education, awareness and provide the guidance, advise, services and support needed to maintain the secure presence and stability of all infrastructures (homes, businesses (all sizes and types), schools, churches, etc) for all. We look forward to your participation in this effort as a professional, specialist, technologist, leader, contributor, reader, advisor or just a member wanting to learn more.

Please adhere to the policies and rules of the network so that all may find it a common professional place to collaborate in.

Please join us by signing up here http://titssn.org/signup.php

Thank you and have a great day,

~Brett A. Scudder~

Link: http://titssn.net

Good day to you,

So what’s the word with and about our network?

Ever since the info leaked about our social network I have received a number of interesting comments, inquiries and feedback and I can’t begin to tell you how excited (more now than ever) I am about this. For the past 8 months we have been working on the new structure of TITSSN to create a converged resource for the network to operate in/from due to the vast extensive reach of our education and awareness programs, initiatives and focus. We have an international presence that has created partnership and alliances in countries around the world and we had to factor in all these different variables. The language variables, time differences, cultural differences, legal differences and the aggregating of all of them all played a significant factor in this decision making process and we tried to create the most comfortable yet resourceful setting to work and grow in..

We looked at various content management systems and other collaborative solutions but when you really look into it, TITSSN is a network of partners, associates, customers, clients, fiends and peers in and about technology with a special emphasis on the security pieces of it. If it is a technology product, solution, device or tool, we provide the needed security, know how, solutions and guidance to support it. So in essence, TITSSN is a converged network of resources and as such is what we needed to address with this initiative.

So, how do we address that?

As a social network where our members, partners, associates, vendors, developers, security professionals, IT professionals and people in general will come to learn more about the state of the IT Security Threats Landscape, we are making every effort to harness the true education, awareness, support, services and resources needed to help create a resilient social network specific to technology and IT Security. As an industry leading organization comprising of industry specialists, executives, developers, professionals, vendors and educators, we must take this approach to making this happen in a concerted way thus we bring you, The IT Security Suite Network’s Social Network which will be officially launched on May 1st 2009.

The network will provide features such as:

Blogging
Forums
Featured products and recommendations
Featured companies and information about them
Special discount offerings on services and support from our network members
Polls
Recommendations
Points towards membership benefits
Interviews
Collaboration and networking
Events managing and distribution
Experts’ collaboration exchanging of ideas on specific topics, issues and things in the security space
Group discussions on specific topics
Audio/Video/Text IM features
Best practice guides on general IT security issues
Security requests and support
Employment/consulting opportunities
And webcasts.

Some of the groups already created to address specific topics such as:

CyberWar - on, about, awareness, information, collaboration
Viral Outbreaks - containment, response, prevention
Small Business IT Security - securing the small businesses
TITSSN’s General Network Members
IT Security Best Practices – General
IT Security Training and Development – General
Voices of IT Security
Incident Response - What happens when something goes wrong/bad?
Breach Notification Laws - state laws
IT Security Facts and Myths
NYSBS - New York Small Business Server Users Group
NYITSUG - New York IT Security Users Group
The Privacy Suite
The Compliance Suite (Regulatory/Non Regulatory)
ENGAGED ~ENabling Greater Awareness, Growth and Educational Development~
IT Security Requests and Support
IT Security Service Providers ~ITSSP~
IT Security Leaders
Wireless Security
Viral, Spyware, Malware Detection and Removal - the growing trends
Endpoint Security - What are they, why they are vulnerable and how to protect them
Computer Forensics - Data and Network
Hacking Unleashed - Ethical/Unethical - the world of hacking
Mobile Security - securing the mobile users/devices and they data they host
Physical Security - a critical part of your security model
Viral Outbreaks - containment, response, prevention
Business to Business IT Security "BtBITS" - businesses protecting
each other’s interests
Perimeter Security - securing the perimeter
IT Security in our educational institutions - curriculum upgrade

These are just some of the features of the network and will be available for all at the time of launch as we try to bring everything together under the social networking model. As more people join they will be creating the needed pieces (blogs, groups, forums, polls, etc) that will be suitable for them. We are very excited about this and have been working diligently on testing and enhancing the features to make it very valuable and effective for all.

So stay tuned and get ready for this awesome new network and we look forward to the support of everyone towards this initiative. We will have an official press release for launch.

Thank you very much and have a great day. We apprecilove your business and support and look forward to serving you more.

~Brett A. Scudder~
The IT Security Attaché | http://theitsecurityattache.com | Blogs http://theitsecurityattache.com/blogs
President/CEO/Chairman/Founder/Security Architect
~TITSSN ~The IT Security Suite Network~ | http://titssn.net | TITSSN’s Blogs http://titssn.net/blogs

Link: http://theitsecurityattache.com

Good day to you,

Every day I talk with people across all vertical markets, business sizes, organizations and cultures about the IT Security issues being faced in our world today and how it impacts our everyday lives, and it is becoming one of those awakening kind of issues for many. Whether they like it or not, they know they are affected in one way or another. While most people tend to try and figure out if and where they fit into this Matrix, the recent mass media explosion of the Conficker worm created somewhat of a sense of understanding as many now saw it from a non technical aspect and as what it really is, a people problem.

As a security attaché, I have relayed this message of IT Security being a people problem and not an industry one for years but it doesn’t resonate well for many because they didn’t understand the matrix and how it worked. Now that they saw and heard of it on the TV (which is an even bigger influencer on people today), the same things we IT people have been trying to tell them now makes some kind of sense. Let us take away the fact that whether the media coverage on the TV was doing much justice or help for the issue(s), it did add a well needed visibility to the scope of the problem and that was very well needed today. It would be nice if we say a segment on the news specific to The IT Security Threats Landscape ~TITSTL~ and issues in and around it. They could bring in some professionals in the field to talk about the issues and what is going on and how people can protect themselves in it. That would be a well needed thing to see at that level today as we are going into this vast technology future of ours which we’re taking head on without looking at the real implications and effects of it.

The logic behind the issue is simple, because your system(s) are up and running and have not been wiped out nor shut down by a threat doesn’t mean it is safe, secure or threat free. In many of my health assessments I have shown the owner my findings of worms, trojans and other blended threats that are sitting on their systems because of lack of proper security solutions to protect them or the improper configuration of the solution being used. The fact that they are there is one thing, what they are doing is something else and both are critical issues to ponder.

While many will refute this fact, I have seen, worked and handled enough of these cases to state as a fact that many fall into this area of The IT Security Threats Landscape. A resident rootkit, keylogger, worm or whatever the variant may be, is actively working its way through your system and causing some form of data loss/theft or compromising the state of applications, connectivity or system stability that we security professionals deem critical. Here is another way to look at this.

If you went to the doctor for a cough that has been bugging you for a while and he says to you, you have a chest or respiratory infection would you tell him no?
If he says to you that you need antibiotics and some cold medicine do you tell him no?
Why not?
Because, this is his field of expertise and study and as such he can make this assessment based on his knowledge of the issue and the facts he has from testing you.
Are you a medical person to dispute his statement and will you seek a second opinion from someone else?

The fact that you’re still alive and well (somewhat, depending on how you define well) does not negate the reality of the issue that you are infected with something that is causing some kind of issue/effect on the body resulting in that cough which in our field of IT we would call an early warning. So, this is the same way in which we look at the IT Security issues of today and how people tend not to look at it. They haven’t gotten that early warning of a cough because the system hasn’t picked up on it yet and when it does happen, because they have not fallen and can’t get up this is not a critical issue. The system becoming slow and unresponsive is that early warning and at that stage most people tend to seek professional help depending on the need/use of the system and how critical it may be for business or even personal use.

So here we stand dealing with people who are harvesters of thousands of people’s information and things about them (whether you know or like it) and they rest idle to this decadent behavior and mindset. Yet, unchecked, their systems sit comfortably hosting these blended threats which are sending/stealing critical private, personal, financial data/information to these hackers unbeknownst to them. The careless whisper of ignorance to these issues is the driving force behind the growing success of such threats today. A hacker have so much more to gain from you giving it to them than for them having to go through getting it from you and is why the botnet issue is such a growing one today. The use of keygens, crack files, peer to peer (P2P), unpatched applications and systems makes it so much easier to exploit what is available that one tends to wonder when and where does it end. It ends with user education and awareness on and about the threats landscape and what these issues are. It end when people start taking this seriously and realizes that you’re just as much a victim as anyone anywhere if you’re not protected properly.

It ends when you stop saying I have anti-virus protection and so i’m ok when you know you haven’ renewed that subscription over six months ago and so you’re missing all the latest and greatest signature based protection that it should provide. Anti-virus alone CANNOT protect you from the threats out there today, it has to be a layered approach where various solutions are in play to cover the needed layers.
It ends when you wake up from this illusion that my OS is more secure than the other and so I don’t have to worry about these security issues.
It ends when we stop underestimating the knowledge of your youths and start educating them much early on the proper use of the internet and the functions and features of it. IT Security must be a part of the school curriculum today as technology is our future for tomorrow and they are our next generation of professionals and leaders.
It ends when you start accepting the fact that you are as much a risk to me as I am to you if we’re not practicing basic IT Security best practices.
It ends when you stop taking the cheap way out of operating a business when hosting people’s private and confidential information which is priceless to them and they trust you to keep it secure. Have some respect for your customers and let them rest comfortable knowing that you have their best interests at heart in properly protecting your infrastructure.
It ends when you realize that these threats are released in the wild with no specific targets but the system(s) you’re using which unfortunately is in the homes, schools, workplaces and places of general interest.

The treats are not specific to government and their systems. It is not specific to the private or public sectors. It is not specific to the educational institutions and it certainly isn’t targeting the healthcare sector only. All are affected and are in the path of these threats because, they are all sharing the same interconnectivity transport medium, the internet and the internet respects no one and has no boundaries.

It is time that people take this as a basic part of their lives where one does not get consumed on questioning the validity or severity of the threat but questioning the readiness of themselves and their systems to face them. While our government may understand the real scope of these issues, their efforts to create effective management and policies to protect the country’s infrastructure are missing critical elements, the people and the roles they play in strengthening the protective layers or being a weak link and point of entry/compromise for what is being implemented. Unless we strengthen the people through education and awareness they will always be a weak link in the chain of protection.

When a company is hacked or they lose their data by whatever means there is, who suffers the most, the employees, the end users. The company suffers a data loss or has a breach but the actual data may be your private and confidential information. Even if the company loses its financial data, it has a much better recovery rate through insurance and such than an individual who now suffers from the loss of privacy and here in the US, credit ratings.

Think about the many places that have information about you that you consider to be private and confidential. Your employer has your social security info (and possibly family members who are covered by you), some financial info for direct depositing of your paychecks. Your 401K info. Health and life insurance info.
Your doctor has your private health records and, results. They have your family’s private info as well as some kind of visit may have been had over the years and that info is in the system.
Your bank has all your financial info and records. They may have your mortgage info as well (if you own a home). The car loan and all the info in it. Student loans and the works.

So think on these things and when you look at all of them, who is most affected in the event of a data loss or breach at any one of those kinds of organizations or businesses, you, the end user, consumer, employee.

IT Security is a people problem and must be dealt with accordingly. It is not about selling security, it’s about creating greater education and awareness about it so we can all contribute towards upholding the strengths of the protective security layers that are there for our protection.

Stop asking if this is real, ask yourself, how do I protect myself, my family, my business, my country from these elements and there effects. This is REAL.

When in doubt, reach out.

~Brett A. Scudder~
The IT Security Attaché

Link: http://theitsecurityattache.com/blogs

Hi all,

If your day went like mine then you must be beat, phew, what a week so far.

It’s 3am and i’m scanning the wires, net and blogs to see what’s up with Conficker so far. All is well and from the looks of things you still have time to get those patches loaded, get that anti-virus/anti-malware loaded, configured and run a full/deep scan.

I just completed a full scan of my network and double checked my logs and settings and everything looks ok. We’re still early into the day and so who knows.

For those who are saying it could be a joke/hoax and not preparing for it,
What if it isn’t?
Would you want to be prepared even if it isn’t?

I see that the anti-virus vendors have been busy. Some have released 4-6 new definition updates over the past 12 hrs and that’s a good sign. It means they are still working diligently on helping us stay secure. By the time it hits morning here in the US everyone should be running some April 1st 2009 definitions as I expect there will be at least 1 or 2 within the first 8hrs. If you’re not running with an April 1st def, then make sure you’re at least at March 31st after running an auto update for definitions.

I haven’t slept since Saturday just from prepping for today and helping people get their systems patched, updated and secured but I am surely going to catch a few zzzzzzz in a few.

The day is young, be safe than sorry, patch and secure up and rest well.

Until later when I rise,

The IT Security Attaché

Link: http://theitsecurityattache.com/blogs

TITSSN’s March online security webcast – Security is not an option, it’s a must. Five overlooked ways of securing your systems effectively.
Sunday March 22nd at 7pm

TITSSN continues its monthly online security webcasts/presentation/forum and invites everyone to join us.

As technology continues to grow and the increase in new products and solutions become inundating, we’re seeing more avenues of risk associated with this growth across the board. On Sunday March 22nd at 7pm we will be taking a look at five critical ways in which we sometimes overlook securing our systems and end up becoming compromised.

Whether this is a home or business system, security is not an option as you never know if or when this system may be used to cross the line. This webcast will give a detailed look at these five issues that have pervasively increased the risks of the threats landscape with little or no interaction from the end user(s). The threats are the same across the board so all are affected.

This will be a live meeting session that offers the needed interactivity (voice and video) for getting the message across effectively.

All are invited as we continue delivering our education and awareness initiatives on/about IT Security and it being a people problem, not an industry one.

—————————————————
When: Sunday, Mar 22, 2009 7:00 PM (EDT)
Duration: 1:00

TITSSN continues its monthly online security webcasts/presentation/forum and invites everyone to join us.

Brett Scudder has invited you to attend an online meeting using Microsoft Office Live Meeting.

https://www.livemeeting.com/cc/usergroups/join?id=7S86HQ&role=attend&pw=8%3Ehg%28ZR%2Fz

Meeting time: Mar 22, 2009 7:00 PM (EDT)

Add to my Outlook Calendar:
https://www.livemeeting.com/cc/usergroups/meetingICS?id=7S86HQ&role=attend&pw=8%3Ehg%28ZR%2Fz&i=i.ics
——————————————————

Thank you very much and have a great day. We apprecilove your business and support and look forward to serving you more.

~Brett A. Scudder~
The IT Security Attaché | http://theitsecurityattache.com | Blogs http://theitsecurityattache.com/blogs
President/CEO/Chairman/Founder/Security Architect
~TITSSN ~The IT Security Suite Network~ | http://titssn.net | TITSSN’s Blogs http://titssn.net/blogs
My LinkedIn profile - http://www.linkedin.com/in/titssn | TITSSN’s IT Security Forum Board http://titssn.net/forum
Follow me on Twitter http://twitter.com/TITSSN

Link: http://titssn.net

Good day to you,

TITSSN is very pleased with our new president’s focus on the national cyber infrastructure as it had been one of our most intimate concerns during him campaign. Our motto over the years has been that the problems being faced in the IT Security space was not an industry one, but a people one and as such warrants the need for a more global concerted effort towards its education and awareness initiatives. The impacts and effects of the IT Security Threats Landscape reverberates through ever layer of our lives at home, school and work and as such is more than just a simple issue at hand. Yet, unchecked, these issues are not getting the time and attention needed to be seen as serious as they really are today for tomorrow.

The infrastructure of our country relies heavily on a strong technology backbone and unless the proper security education and awareness is provided at all levels, our points of vulnerabilities and exploitation increases with every new device, gadget or piece of technology that is added to it. It is for this reason that over the past few years, we have risen to the challenges of promoting the education and awareness values of IT Security and why it is imperative that people understand the real impact and effects it has on us as a people. This isn’t an issue that is for us as individuals, it is about how we as individuals creates an impact that affects others through the use of messaging (email, IM and text), browsing, file sharing, peer-2-peer networks and general PC etiquette.

I am as much a risk to you as you are to me and thus the global infrastructure is at risk unless we cultivate this mindset of security consciousness. This new era of warfare is a technological one that allows an individual to sit at a PC and launch massive targeted attacks against people, processes, critical infrastructure, governments and countries, without even knowing who you are nor do they care of the intended impact. The need to create hysteria and massive downtime effects drives them to do this without any regard for those who suffers the effects. This is where we are today and is why we need to do this sooner than later.

This is the reason why we kicked off our Secure Minds Initiative to create an educated/aware resilient global network of IT Security Minded people who can secure and protect themselves from IT/Internet threats. We want this administration to realize the need for integrating IT Security into the lower school systems so that our youths can better be prepared for the technology age ahead before they reach high school and college levels. Educating their young minds will help to strengthen the weakest links and bind the chains of the infrastructure much more secure. Parents should also play their part and not leave this up to the school systems to foster this needed education and awareness of basic internet/technology best practices.

As internet broadband services become more mainstream to the average user and the connection speeds increases, the effects of the IT Security Threats Landscape bears heavily on those who are not properly secured and protected either through the protective solutions or just the educational awareness of how to be more secure. The increase in use of instant messaging, social networking and email adds an immeasurable list of ways in which we are at risk. Our future is very strong with the presence of technology at the heart of it and no matter how much we invest in it, the needed for better education and awareness will circumvent whatever is put in place because the human element plays such a significant role in these issues.

We will continue to provide the public outreach and educational programs needed to facilitate the enhancement of this needed resource for our people across the board. Our community outreach programs add the needed one on one communications and access to our IT/Security professionals who are able to talk with community members about these issues and are there as a local go to resource. We are integrating these educational resources into social networks and services to enhance the safe, secure and collaborative resources they provide. We don’t have to fear technology, we just need to secure it by having the proper education and awareness backed by the needed useful solutions.

As in anything we do at this level, there are those who talk about these issues and then there are those who listen and decide on what next steps to take. Here at TITSSN we cover the entire process of listening, research and development, training and awareness and providing local hands on resources to people, processes and things to complement the circle of competence and confidence. Delivering the message of IT Security doesn’t take high levels of technical skills or levels of specialty in the space, it takes the simple understanding of why this is an important part of our world today and why we need to take an active part in being stronger links in the chain of our infrastructure.

Applying the configurations and settings does require that you be aware of what is needed, how to do it and what the effects will be. This does require some level of technical understanding as the impacts of not configuring it properly can lead to bigger problems. And so the process of this initiative is a staged one, one that begins with creating the resources for providing the education and awareness, the other for promoting those resources and then delivering them effectively. As we look forward to this new era of change(s), one tends to feel a sense of wow, what is going on, are we ready for this and if not, do I have a choice. It is not a question of if, but when, and it is that when we must prepare for.

TITSSN is that leading force providing the pathway of resources, education, awareness, services and deliverables to compliment this new era of technology and its focus. We look forward to bringing this whole process together for those who are looking to be more aware of how to protect their privacy, intellectual property and identity on and offline. There isn’t a line between both as they are very much intertwined, it is the knowledge of how and why that create a blur in the mindset to think that the online and offline worlds are truly separate. We must get past this level of thinking and move forward with the mindset of convergence as we brace ourselves for these upcoming changes.

We welcome this new administrations focus on these issues and looks forward to working with them towards a more converged and resourceful technology experience. We are here and will answer the call if and when needed, to take these initiatives to the next level.

Thank you and have a great day,

~Brett A. Scudder~
President/Chairman/IT Security Attaché
~TITSSN~