Link: http://titssn.org

Good day to you,

On May 1st 2009, TITSSN answered the call of providing a converged resource to address the needed online training, education, awareness and resources of the technology and security issues and challenges facing us today for tomorrow. As leaders in this field we understand the challenges being faced in dealing with the day to day management, learning and happenings of these threats and their impacts. While countries, companies and organizations are falling victims to these attacks, industries are suffering through the loss of revenue, privacy and productivity, and people are feeling and seeing the real effects of the real world we live in where the internet brings us together as a global connected network filled with valuable resources and resistance is futile, it is everywhere and is not going away.

We are still not seeing enough being done to educate people across the board and make them aware of these issues and their true impacts and so we’re taking the network to a higher level towards this initiative.

IT Security is a people problem, not an industry one and as such must be addressed effectively and accordingly.

So it is for this reason that we choose to build a social community to address these things together and to provide the training, education and awareness by the people who can speak of and about them at all levels, those who develop them, those who sell and support them, those who are out in the field fighting the good fight to prevent, mitigate and stop the growing rates of infections and compromises and those who want to learn more about being safer and secure together in one place. This is a work in progress and as we grow, so we’ll learn and so we’ll adjust to the need for changes. This is what we do on a daily basis as TITSSN continues to deliver its messages of security education, training and awareness now for a more secure future. We will be moving our operations into the social network immediately to help enhance the collaborative values, resources and functionalities.

The IT Security Suite Network’s Technology / IT Security Social Network is a place where people come together to create a vibrant, resourceful, strategic and secure social atmosphere of networking, training, education, awareness and collaboration for, on and about technology and securing them.

We invite you to participate in the full functions and features of our network as we build on it to enhance its values and mission for the future. We ask that you share the word with your associates, friends, peers and everyone that is interested in the world of security and being more comfortable and secure in it. This network is specifically geared towards technology, IT Security and everything in and about it.

The focus of this social network is to build greater education, awareness and provide the services and support needed to maintain the secure presence and stability of all infrastructures (homes, businesses (all sizes and types), schools, churches, etc) for all. Everyone is affected at all levels and so we must cultivate an open concerted atmosphere to address issues effectively. We look forward to your participation in this effort as a leader, contributor, reader, advisor or just a member wanting to learn more. Please adhere to the policies and rules of the network so that all may find a common group to collaborate in.

The networks address is http://titssn.org.

Features include:

Real-time chats
Blogging
Audio/Video/Text IM
Discussion groups
Polls
Events calendar
Products/Solutions recommendations
Featured products, people, service providers
Our own publications (recommendations, best practices, guides, reports, findings and educational info)
And much more.

Discussions and groups that are up and running:

Application Security - developing secure applications and standards
Breach Notification Laws - country/state laws
Business to Business IT Security "BtBITS" - businesses protecting each other’s interests
Cloud Computing/Security - Issues, concerns, development, education and awareness
Computer Forensics - Data and Network
Cybersecurity - myths, issues, concerns, development, education and awareness
CyberWar - on, about, awareness, information, collaboration
Data Security - securing the data/information
DCITSUG – Washington DC IT Security Users Group
Emergency Security Response Program "ESRP"
Endpoint Security - What are they, why they are vulnerable and how to protect them
Hacking Unleashed - Ethical/Unethical - the world of hacking
I-CON Science and Technology Conference
Identity Theft - prevention, support and solutions
Incident Response - What happens when something goes wrong/bad?
IT/Security things/issues that make you paranoid
IT Security Best Practices – General
IT Security Facts and Myths
IT Security Leaders
IT Security Requests and Support
IT Security Service Providers ~ITSSP~
IT Security Training and Development – General
IT Security in our educational institutions - curriculum upgrade
Microsoft Small Business Server Security - Securing the server and components
Mobile Security - securing the mobile users/devices and they data they host
Managed Security Services Providers "MSSP"
NYeWin - New York Enterprise Windows Users Group
NYITSUG - New York IT Security Users Group
NYSBS - New York Small Business Server Users Group
Online Security - Securing your online experience
OWASP - Open Web Application Security Project
PAITSUG - Pennsylvania IT Security Users Group
PC Security at home
Perimeter Security - securing the perimeter
Physical Security - a critical part of your security model
Ready Rockaway - Disaster/Emergency Preparedness
Small Business IT Security - securing the small businesses
SPEAK - Security Professionals Engaged in Advanced Knowledge
Social Networkers United - the future belongs to us
Social Networking - security, trends, myths and best practices
TITSSN’s Adopt an Institution Program - ~AaIP~
TITSSN’s Code of Honor - Advocates for the future of professional Messaging
TITSSN’s Code of Honor - Advocates for the future of IT Security Education and Awareness
TITSSN’s ENGAGED ~ENabling Greater Awareness, Growth and Educational Development~
TITSSN’s General Network Members
TITSSN’s IT Security Community Outreach Program ~COP~
TITSSN’s IT Security Scholarship Program ~ITSSP~
TITSSN’s Secure Medical Protection Program ~SMPP~
TITSSN’s Secure Mobile Professionals Network ~SMPN~
TITSSN’s Secure Minds Initiative
TITSSN’s Small Medium Business IT Security Summit ~SMBITSS~
TITSSN’s Windows 7/Vista SP2/Windows Server 2008 SP2 Testing and Development Group
The Compliance Suite (Regulatory/Non Regulatory)
The Framsyn Initiative
The IT Security Threats Landscape ~TITSTL~
The Privacy Suite – it’s all about privacy
Viral Outbreaks - containment, response, prevention
Viral, Spyware, Malware Detection and Removal - the growing trends
Voices of IT Security
Wireless Security

Government Security Mandates, Protocols, Policies and Response

US - CERT - United States Computer Emergency Readiness Team
US - CIA - Central Intelligence Agency
US - DHS - Department of Homeland Security
US - FBI - Federal Bureau of Investigation
US - NSA – National Security Agency

These are just a few of the topics, issues and groups that are available as we start off on this journey together and when you join us, you too can add to what is there if there is something of interest that is missing.

We look forward to your support and we know this will be of great value for you.

Thank you very much and have a great day. We apprecilove your business and support and look forward to serving you more.

~Brett A. Scudder~
The IT Security Attaché

Link: http://blogs.zdnet.com/BTL/?p=16082&tag=nl.e019

Conficker wakes up, updates, drops payload
April 9th, 2009
Posted by Andrew Nusca @ 4:09 am | http://blogs.zdnet.com/BTL/?p=16082&tag=nl.e019
Categories: Security

The Conficker worm is finally active, updating via peer-to-peer between infected computers and dropping a mystery payload on infected computers, Trend Micro said on Wednesday.

CNET’s Elinor Mills reports that researchers are analyzing the code of the software that is being dropped onto infected computers and suspect that it is a keystroke logger or some other program designed to steal data from the machine.

The software appeared to be a .sys component hiding behind a rootkit, which is software that is designed to hide the fact that a computer has been compromised, according to Trend Micro. The software is heavily encrypted, which makes code analysis difficult, the researchers said.

Just yesterday, Zero Day blogger Dancho Danchev noted that a Conficker copycat was already making its rounds.

According to a post on the TrendLabs Malware blog, the awakened worm tries to connect to MySpace.com, MSN.com, eBay.com, CNN.com and AOL.com as a way to test that the computer has Internet connectivity. It then deletes all traces of itself in the host machine, and is scheduled to shut down on May 3.

Mills reports:

Because infected computers are receiving the new component in a staggered manner rather than all at once there should be no disruption to the Web sites the computers visit, said Paul Ferguson, advanced threats researcher for Trend Micro.

“After May 3, it shuts down and won’t do any replication,” Perry said. However, infected computers could still be remotely controlled to do something else, he added.

The development was found when Trend Micro researchers noticed a new file in the Windows Temp folder and a large encrypted TCP response from a known Conficker P2P IP node hosted in Korea:

Two things can be summed up from the events that transpired:

1. As expected, the P2P communications of the Downad/Conficker botnet may have just been used to serve an update, and not via HTTP. The Conficker/Downad P2P communications is now running in full swing!

2. Conficker-Waledac connection? Possible, but we still have to dig deeper into this…

As for the second point, researchers said the worm tries to access a known Waledac domain and download another encrypted file, but they’re still trying to examine the connection.

More Conficker news on ZDNet:

· Dancho Danchev: Conficker worm’s copycat Neeris spreading over IM
· Adrian Kingsley-Hughes: Friday Rant - Conficker worm hype
· Ryan Naraine: Eyeballing Conficker with eye-charts and maps
· Tom Espiner: Conficker an April Fool’s joke? Maybe not

Andrew J. Nusca is an assistant editor for ZDNet.com. See his full profile and disclosure of his industry affiliations.

Link: http://theitsecurityattache.com/blogs/2009/04/01/my-first-system-refresh-for-2009-how-often-do-you-refresh-yours/

Greetings,

It’s that time of the year again and now I have more of a challenge this year as I have more systems to refresh. Every 2-3 months I do a complete system wipe and rebuild of my primary systems (now 16) to give them a clean start and a fresh look and feel. During the year I test so many products and solutions from the industry and once I have tested and like something, it gets added to my approved applications list and is allowed to be installed on my primary systems. It also give me a fresh build as I get rid of old install files or hidden threats that may have been left behind and now the system breathes and runs much better.

These are different from my test boxes that I may refresh daily, weekly or after a few months depending on what i’m testing on it and the period needed to properly deal with it.

As a senior executive on various committees, boards and teams, I take my security practices very seriously as a compromise on my end could lead to mass messaging or some kind of threat coming from my network which could lead to serious issues for my recipients. I am very vigilant about keeping the best of best practices for my organizations infrastructure with regular reviews and updates. As a security professional responsible for numerous organizations infrastructure, I practice these steps to protect myself and those who I collaborate with and the responsibility to protect the people and data in them. One can never be too cautious in this time and age of new and emerging technology and threats and so I try to stay on the cutting edge of the security issues.

So it is that time and my first refresh of which I am somewhat happy for as i’m getting ready to move most of my Vista boxes over to Windows 7. I have been playing around with some new products and solutions and will be moving over to them during this refresh cycle. The timing of this new Conficker worm couldn’t be any worse (or maybe better) as i’m refreshing between March 31st-April 1st. I’m also rolling out a hot new UTM ~Unified Threat Management~ device today as well and I look forward to its protective features and enhancements.

So away I go to start prepping for my refresh and trying to keep up on this Conficker issue which has set me back a day in my schedule.

Thank you and have a great day,

~Brett A. Scudder~
The IT Security Attaché

Link: http://theitsecurityattache.com/blogs/2009/04/01/titssn-takes-on-the-i-con-28-science-and-technology-conference-on-april-3rd-5th-in-brentwood-long-island/

FYI…

TITSSN takes on the I-CON 28 Science and Technology Conference on April 3rd-5th in Brentwood, Long Island
http://theitsecurityattache.com/blogs/2009/04/01/titssn-takes-on-the-i-con-28-science-and-technology-conference-on-april-3rd-5th-in-brentwood-long-island/

Link: http://titssn.net

TITSSN has always been a network of, for and about the community and we have always tried to find ways of working within it to make it the most valuable and successful experience ever for our members. In working with our communities in and outside of IT, we have found similar issues that reflected upon the need for creating a more resourceful and aggregated system that would put people, processes and things together, making it a more seamless integration for all. Our education and awareness training and development initiatives built on these findings so that we would address the issues on a more personal level as a team. The extensive experience and qualifications of the network members in their areas of business provides invaluable impact on what we see, hear, say and how we react to them.

It is for this reason that we are enacting a new initiative to aggregate all these issues, programs and initiatives under one umbrella that I believe will fix these problems, ENGAGED. ENGAGED, ENabling Greater Awareness, Growth and Educational Development, is an initiative that will take our education, awareness, training and development initiatives to a whole new level. Through ENGAGED, we are working with businesses, schools, libraries, churches and other institutions to deliver the needed resources for addressing the IT Security Threats Landscape of today for tomorrow.

As a network of technical professionals, consultants, specialists, VARs and business executives, the ENGAGED initiative will add the much needed collaboration between the organization members and those we serve. One such enhancement will be a bi-weekly Live Meetings via Microsoft’s Live Meeting service to help with the adoption, training and development of its members on new and existing products and solutions in the security space. This will add the needed value of increased training on specialized products and services provided by the network. Our integration of working with the vendors directly will allow the additional benefit of having their high level technical people in the session to help with the understanding of the products and any problems and support we may need. TITSSN believes that it is through the proper training, understanding and knowledge of these products that we will be successful in supporting, deploying and managing them, and so we are adding more value through the use of live meetings.

On Monday April 20th, TITSSN will enhance the ENGAGED initiative by starting an IT Security Training and Development course for the youths in our local schools through their local office in Arverne NY. This course will be geared towards working with the youths of today who are growing up to be our professionals of tomorrow to give them a better look and feel of the space and what to expect from it. We are working with the local schools in the community to select a number of students who will participate in this course and get the needed exposure to today’s IT Security Threats Landscape ~ITSTL~ and how they can be valuable resources in making it better for tomorrow. This training course will not be the end all, be all for them as we plan on helping them throughout their professional development as mentors in the space. The initiative does not want them learning and forgetting and so future involvement on different levels will follow after the course is completed. Certifications will be awarded to each student that completes the course and passes a final hands-on test.

The training and development course will introduce them to the world of IT Security and all the factors that are in and around it. They will have hands-on access to the latest and greatest security hardware and software products ranging from Biometrics, IDS/IPS, UTM “Unified Threat Management” devices, anti-virus, anti-malware, firewalls and general IT products that are available today across the various operating system environments. This is an extension of our Secure Minds Initiative where we are trying to get the integration of IT Security into the school’s curriculum to enhance the preparedness of this needed area of specialty for the future. We need the realization of IT Security as a people problem to be one that resonates across all borders and cultures. We are on the brink of a global network catastrophe if this realization is not understood.

Through ENGAGED, we have negotiated special vendor pricing and offers to help get the needed security products and solutions out to the general public. As this have been a major issue for many, we are always working on ways in which to bring the networks power to use in negotiating special programs, offerings and incentives from the vendors for our initiatives. A part of our Secure Minds Initiative is to provide security products and solutions to the schools and this will help to make that more readily available through special programs we are hosting there. We are reaching out to our local government resources to funds this initiative through grants and other financial resources in an effort to minimize the costs and offer the products freely when and where we can.

To the business community, ENGAGED provides the needed sales, support and training and development to better prepare you, your company and employees to deal with the issues of the IT Security Threats Landscape. Leveraging our network and resources will be beneficial for you as we provide in-house training and development workshops to further build on this. As your local technology/security professionals, you can reach out to the network to find a resource in your area that can and will work with you. We have customized solutions that will work for you and your company no matter the size or location, if we’re needed we’ll make it there.

With so many resources now being forced online even from the government levels, using the internet and its resource is now a mandatory issues as local offices and resources are being cut as this new online presence becomes more useful. That being said, the use of the internet and its resources has increased significantly over the past year as social networking and other social media have played a key role in this new age of collaboration and networking. The future belongs to networkers and if you’re not a part of the new trend one tends to feel left out when asked if they are on a popular network like Facebook, Twitter or LinkedIn.

The present economic crisis adds a dire need for this engagement as more people are using the internet resources for job hunting and finding new homes to live. This is just the start of a change that will never go back to what it used to be, the internet is here to stay and is more than what it used to be 2 years ago.

TITSSN activates the ENGAGED initiative on April 1st 2009 with a series of kick off events for the month. On April 9th at TITSSN’s monthly meeting at the Microsoft Briefing Center in NYC, president/chairman/security attaché Mr. Brett A. Scudder will officially present the initiative to the organization and outlining a few additional aspects of it and how it will be executed. He will also cover the members ENGAGED aspects as well. Registration is open and available here http://www.clicktoattend.com/?id=137146

On Monday April 13th from 3-5pm, TITSSN will host a local reception at our office at 331 Beach 70th St, Arverne, NY, 11692 to highlight some of the technologies that will be a part of the initiative. This is a RSVP/registration event. Interested persons are asked to register here http://www.clicktoattend.com/?id=137140.

The first ENGAGED members Live Meeting session will be on Wednesday April 22nd from 7-9pm and the info will be sent to active members.

As food and refreshments will be provided at our local meetings and events and we need to ensure that we have enough to cover our guests so registration for these events is a must.

Thank you very much and have a great day.

TITSSN ~The IT Security Suite Network~
We are Security - your Security - our Security - IT Security. Our Security is Safe and Secure.

Link: http://titssn.net/mess

Hi all,

So it’s that time of the year again and the promotions and marketing have been underway for our MESS ~Mobility/Endpoint Security Summit~ coming up on May 19th 2009 at the Microsoft Briefing Center in NYC. This year we will be getting a look at the upcoming Windows Mobile v.6.5 and 7 and some of the hot new gadgets and devices out there. With the new Netbooks and Smartphone’s a hot item on the streets we’ll be doing a feature and possible giveaways at the event.

Of course we will be having a special guest speaker and Mr. Ernie “Ghostbuster” Hudson has confirmed that he will be with us again this year. He happens to be filming a new movie in NYC at the same time so that’s even better for us. So exciting.

You won’t know unless you attend so hey, reserve your seats as soon as they become available. Registration opens on April 19th. Seats are limited to 250 people on a first come first serve basis so you know the deal.

Anyway, I have to start phase two of the event planning and marketing so look forward to seeing more info and updates on MESS over the coming weeks. Here is the event page http://titssn.net/mess.

The countdown begins NOW……….

Thank you and have a great day,

~Brett A. Scudder~
The IT Security Attaché

Link: http://farrockcc.net/blogs

Good day to you,

The Far Rockaway Community Coalition embraces the future of networking and collaborating through social networks as the new wave of communicating and sharing resources. We have built a presence on these networks to enhance the reach of our initiatives to those who are already up and running on the most popular networks today. To those who have not yet gotten into the social networking wave, here’s your chance to join in now and enjoy the benefits of it.

As such, we’re hoping to capture the hearts and minds of our community’s online gurus to help us bring the visibility and awareness of who we are and what we’re hoping to accomplish here in Far Rockaway. So if you’re a member of these popular social networks we ask that you join us and help in building out the vast resources and values of our awesome community of Far Rockaway.

Here are the networks and locations and please feel free to join. We’re in the process of adding more contents and info on them but the foundation is created and we now have to build on it.

Facebook - http://www.facebook.com/group.php?gid=34975979783

LinkedIn - http://www.linkedin.com/e/gis/1336987

Twitter - http://twitter.com/FarRockCC

MySpace - http://groups.myspace.com/farrockcc

Ning - http://farrockcc.ning.com/

As you can see, we’ve covered the personal and professional sites and have made our presence known and impression felt. Now we need your help to disseminate the info to others and get the community rolling.

Over the coming weeks I will be hosting education and awareness workshops on social network and the networking/security/privacy aspects of it at my office. The dates will be announced soon so stay tuned and get ready for some serious networking.

Thank you very much and have a great day. We apprecilove your business and support.

~Brett A. Scudder~
President/ Chief IT Security Officer
The Far Rockaway Community Coalition

Link: http://www.linkedin.com/answers/using-linkedIn/ULI/394739-3071950

Good day to you,

With technology becoming a more integral part of our everyday lives and more gadgets, devices, and electronics being converged on the information superhighway (World Wide Web ), at what age do you believe we should start the education and awareness of IT/Internet Security for our youths in the school systems?

Things like,

How to browse/use the internet safely,
Instant Messaging security and best practices
Social Networking security and best practices
Mobile security and best practices.
Online predators and how they target children and how to be protected from them.
What is are viruses, worms, trojans, spyware, malware, blended threats?
What are web attacks (like drive-by-downloads) and how they are orchestrated?
What is social engineering?
What is phishing?
What is SPAM and why is it being used today?
How do these threats proliferate?
Secure messaging implementation and use.
Defense-in-depth - definition, purpose and maintenance. Anti-virus, anti-malware, firewalls and intrusion detection/prevention.

Our Secure Minds Initiative is about integrating this level of training and education in the school’s curriculum and I wanted to get your thoughts as adults, parents, educators and professionals on this matter. I have seen 10-12yrs old who can hack into a network and do some serious things that IT Pros in their adult years can’t.

Why not nurture this knowledge and ability for good?

Please make note that I didn’t ask if it should, I asked at what age should this be done signifying that I believe it should and i’m for it. Imagine having our youths graduating from high/middle schools with this advance early knowledge and what contributions they would be to the IT field. Even if they don’t become IT professionals having this education and knowledge will help any organization they join stay more secure.

Your thoughts.

Thank you and have a great day,

~Brett A. Scudder~

More answers on LinkedIn here http://www.linkedin.com/answers/using-linkedIn/ULI/394739-3071950

Link: http://www.linkedin.com/answers/using-linkedIn/ULI/417629-3071950

Good day to you,

Here is another education and awareness question in my series on the use of your social security number today.

Ever since the financial crisis has begun (which isn’t just today, look 18 months back), more and more people have been trying to avert the issues and impacts of the job losses and downturn in the economic trends. For this reason, they have been opening themselves up to more “risky business” opportunities/ventures in the name of finding a job or making some quick money to pay the bills and put food on the table. This is a bad sign of worse things to come for these people and by us taking a look at this now we can help educate others.

As more people are jobless the use of the internet increases, it takes away the human face-to-face elements that would help to validate the business or offerings/opportunities. More job sites/opportunities offering the hopes of new jobs/loans with a request for signing up with personal/private info is only a fraction of the bigger issues.

This has lead to an increase in identity theft and the loss of people’s personal/private information that trickles down to the core of our lives. As the economy will get worse before it gets better and more “rescue” opportunities/offers are being circulated, one can only imagine the dramatic increase in phishing and social engineering scams that will come about as a result of the new stimulus package and government initiatives. Sometimes we give up this information because we don’t know how/where/where to do so and then it becomes an after the fact issue. We will address the identity theft education and awareness issues later.

So, let us take a concerted look at when/where/who should I give my social security number to and why, and what are the impacts of doing so.

Are there any protective laws in place for it?

Your thoughts/feedback/input.

Thank you and have a great day,

~Brett A. Scudder~
The IT Security Attaché

More answers on LinkedIn here http://www.linkedin.com/answers/using-linkedIn/ULI/417629-3071950

Link: http://www.linkedin.com/answers/using-linkedIn/ULI/398900-3071950

Good day to you,

When I see an article like this I tend to sit back and go wow, where have I been living and what have I been seeing/hearing or, am I in denial to the truth. I have always said that we, the people in the field who live and die working in the field, have always seen thing different from the people in these high level positions and is why they fail to implement the proper things needed because there is in synergy between us and them.

It’s like a cop on the street who has to deal with the everyday violence and issues but he’s able to quell them and bring peace in his areas because he’s know and knows how to deal with people. While these issues are real and happening everyday they don’t get reported back to the precinct and so the captain (or seniors) thinks all is well and can say that there district is not violent nor has issues like anywhere else. It’s not that you don’t have issues, you’re just not getting the info about them because they are not critical enough to report in or cause a major stir. Yet, unchecked, the high profile ones are added to the statistics and generate facts.

They don’t come down to our neck of the woods and talk with us to see what is “really going on” in the world, instead, they use statistics that is published by some agency or group. Well, I must be in denial because I truly see this as a growing problem and have talked with parent/student alike who have been victimized online to the point that it affects their offline experience/life.

So, before I get carried away in myself and this issue (as it really upsets me), i’d like to throw this out to this professional’s network to get your real professional insight/thoughts on the report of the report.

http://www.nytimes.com/2009/01/14/technology/internet/14cyberweb.html

Thank you and have a great day,

~Brett A. Scudder~

More answers on LinkedIn here http://www.linkedin.com/answers/using-linkedIn/ULI/398900-3071950