CyberSecurity June 21, 2005

Pages
- Home
- About
- Archives
- ArchivesList
- Contact
- email scam
- hacked
  - remove malware
- internet scam check
- Quiz
  - Security+ Module1
- Report A Scam
- scams
- DIACAP
Archives
- May 2020
- May 2019
- April 2019
- September 2018
- August 2018
- July 2018
- June 2018
- February 2018
- January 2018
- December 2017
- November 2017
- October 2017
- September 2017
- December 2016
- November 2016
- October 2016
- August 2016
- July 2016
- June 2016
- April 2016
- March 2016
- February 2016
- January 2016
- December 2015
- November 2015
- June 2015
- April 2015
- March 2015
- January 2015
- December 2014
- August 2014
- July 2014
- June 2014
- May 2014
- April 2014
- March 2014
- December 2013
- October 2013
- September 2013
- August 2013
- June 2013
- May 2013
- April 2013
- March 2013
- November 2011
- October 2011
- September 2011
- August 2011
- July 2011
- June 2011
- May 2011
- March 2011
- February 2011
- January 2011
- November 2010
- October 2010
- September 2010
- August 2010
- July 2010
- April 2010
- March 2010
- February 2010
- January 2010
- December 2009
- November 2009
- October 2009
- September 2009
- August 2009
- July 2009
- June 2009
- May 2009
- April 2009
- March 2009
- February 2009
- January 2009
- December 2008
- November 2008
- October 2008
- September 2008
- August 2008
- July 2008
- June 2008
- May 2008
- April 2008
- March 2008
- February 2008
- January 2008
- December 2007
- November 2007
- October 2007
- September 2007
- August 2007
- July 2007
- June 2007
- May 2007
- April 2007
- March 2007
- February 2007
- January 2007
- December 2006
- November 2006
- October 2006
- September 2006
- August 2006
- July 2006
- June 2006
- May 2006
- April 2006
- March 2006
- February 2006
- January 2006
- December 2005
- November 2005
- October 2005
- September 2005
- August 2005
- July 2005
- June 2005
- May 2005
- April 2005
Calendar

June 2005

S M T W T F S

1 2 3 4

5 6 7 8 9 10 11

12 13 14 15 16 17 18

19 20 21 22 23 24 25

26 27 28 29 30

« May Jul »
Categories

June 2005
S	M	T	W	T	F	S
	1	2	3	4
5	6	7	8	9	10	11
12	13	14	15	16	17	18
19	20	21	22	23	24	25
26	27	28	29	30

Archive for June 21st, 2005

Re: HELP ME!!!! "Trojan-Spy.HTML.Smithfraud.c" removal procedure

June 21st, 2005

Ben,

I need more information. Does it say this:

“A fatal error in IE has occured at 0028:C0011E36 in VXD VMM01) +
00010E36. Error was caused by Trojan-Spy.HTML.Smithfraud.c”

If so, it maybe the Trojan-Spy.HTML.Smithfraud.c. Go here for more info:

http://elamb.blogharbor.com/hacked/removesmithfraud.htm

You'll have to give me more information.

On 6/21/05, ben wrote:

Hello,
i have this blue screen which appears just before
my desktop comes up just after switching on my
system,logging off and on also, for one of my user
profiles. my system runs on win2000(sp3). I only
observe this screen when i want to log in as that
particular profile, others don't show this screen.
What i see is something like”a fatal error has
occured at IE …002d:C0011CDG…”,something of that
sort.
Your help will be highly appreciated. thanks

Posted in Certification/Security+/General Security Concepts/Malware, Malware by Bruce Brown

No Comments

[security-awareness] New Version of ISO 17799 Released

June 21st, 2005

———- Forwarded message ———-
From: laurahamp
Date: Jun 17, 2005 6:46 AM
Subject: [security-awareness] New Version of ISO 17799 Released
To: security-awareness@yahoogroups.com
A quick heads up that the new release of the security standard, ISO 17799, has this week been published. From the 17799 Newsletter:

------------------------------ The official revision of ISO/IEC 17799 is now available (June 2005). This new version has been in process for several years, and introduces a number of siginificant changes to ISO 17799. The old version, originally published in December 2000, has been withdrawn with immediate effect. The new standard now contains 11 'core' chapters, as opposed to 10, with existing chapters being renamed and re-organized. The new chapter format is as follows: 1) Security Policy 2) Organizing Information Security 3) Asset Management 4) Human Resources Security 5) Physical and Environmental Security 6) Communications and Operations Management 7) Access Control 8) Information Systems Acquisition, Development and Maintenance 9) Information Security Incident Management 10) Business Continuity Management 11) Compliance. The new version of the standard also introduces controls to address a range of issues not previously covered. These include topics such as outsourcing provision and patch management. Equally, other areas have been substantially extended or re-shaped, such as employment termination, and mobile/distributed communication. In addition to the content itself, several steps have also been taken to enhance the "user friendliness" of the standard. The standard has also been normalized to position itself to sit more comfortably alongside related security standards in the future. OFFICIAL SOURCES The following official outlet (BSI) has been updated to provide copies of the new standard (as opposed to the old): http://www.standardsdirect.org/iso17799.htm The ISO 17799 Toolkit, the standard's support and starter kit, has also been updated to include the new version: http://www.17799-toolkit.com For further information see the ISO 17799 Newsletter archive site at: http://17799-news.the-hamster.com -------------------------- I hope this is of interest. Laura Yahoo! Groups Links To visit your group on the web, go to:http://groups.yahoo.com/group/security-awareness/ To unsubscribe from this group, send an email to:security-awareness-unsubscribe@yahoogroups.com Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service.

Posted in Security Awareness by Bruce Brown

No Comments

Re: [AntivirusClub] virus ~77.vys
June 21st, 2005

Dear All,

several days ago my computer was infected by virus ~77.vys, it attack ms.word.
Please help me to remove it, I have tried to clean by mc.Afee & NAV, but they can not detect it.

Hi Indra,

What is it doing?

How did you orignally detect it?

I've done research and it sounds like a Macro virus. But it does not seem wide spread as I only

found one forum with anything about it:

http://www.infokomputer.com/forum/display_messages.php?mid=54578&fid=60&ids=54578

(don't even know what language that is)

Here is a page you should try out:

http://support.microsoft.com/?scid=kb;en-us;187243 It is about Macro virus' from microsoft

I believe it will give you more insight into what it maybe.

Have you tried Hijackthis detect it?

http://www.majorgeeks.com/download3155.html

Make sure you update it with the latest definitions

How to use Hijackthis –> http://forums.majorgeeks.com/showthread.php?t=38752

Not sure it hijackthis will detect macros.

Can you find the process running in Task Manager?

http://elamb.blogharbor.com/hacked/IDTools.htm

<*> To visit your group on the web, go to:
   http://groups.yahoo.com/group/AntivirusClub/

<*> To unsubscribe from this group, send an email to:
   AntivirusClub-unsubscribe@yahoogroups.com

<*> Your use of Yahoo! Groups is subject to:
   http://docs.yahoo.com/info/terms/

Posted in Certification/Security+/General Security Concepts/Malware, Malware, Malware/Virus by Bruce Brown

No Comments

Thoughts about Cross-View based Rootkit Detection
June 21st, 2005

Is having Cross-View based Rootkit Detection relevant since it can be tricked? Is Rootkit revealer enough? Joanna Rutkowska gives you a good perspective in this paper. http://invisiblethings.org

read more | digg story

Posted in security by Bruce Brown

No Comments

DIACAP Policy
June 21st, 2005

This is an overview of the DIACAP’s final draft.Â

The DIACAP includes the same things that the DITSCAP has with two major differerences: netcentric environments and GIG standards. With these two (and MANY other changes) it seems that this evolution of the DITSCAP has to take place. So many major levels of Information Assurance in the DoD and abroad have changed that DITSCAP will have to embrace them to stay relevant.

The DIACAP policies will come from DoD Directive/Instruction 8500.01E/.2. [fixed 22 Aug 07]

The DIACAP supports Information Systems transitioning to netcentric environments and GIG Standards by:

Ensuring uniformity of approach

Managing and disseminating Information Assurance Design, implementation, validation, sustainement and approach

Being able to handle differing system

facilitating a dynamic environment

Information Assurance will be implemented with Information Assurance Controls as defined by DoDI 8500.2 and maintained through a DoD wide configuration management process that considers the GiG architecture and risk assessments conducted at the DoD component level in accordance with FISMA.

The DIACAP will support the ongoing validation to maintain the Information Assurance posture of an Information System. DoD component IA Programs are the primary method of supporting the DoD Information Assurance Program.

Status of all systems in the DIACAP program will be available to all who have authorized access.

Posted in Assurance, Assurance/DIACAP, Assurance/DITSCAP, Security Awareness by Bruce Brown

No Comments

SUBJECT: DoD Information Assurance Certification and Accreditation Process (DIACAP)
June 21st, 2005

The Department of Defense Information Assurance Certification and Accreditation Process (DIACAP) is replacing with the DoD Information Technology Security Certification and Accreditation Process (DITSCAP). More on DITCAP can be found at the DOD's IASE website.

What is DIACAP?
The DIACAP is the DoD process for identifying, implementing, and validating information assurance controls, for authorizing the operation of DoD information systems, and for managing information assurance posture across DoD information systems consistent with the Federal Information Security Management Act (FISMA).

What is so special about the DIACAP?
It will replace DoDI 5200.40 and DoD 8510.1-M
Guide for compliance with the Global Information Grid
Supports Netcentricity.

Follow this link to my interpretation of the DIACAP Policy.

What will we have to do differently with the DIACAP. (soon)

Posted in Assurance, Assurance/DIACAP, Assurance/DITSCAP by Bruce Brown

No Comments

Pages

Archives

Calendar

Categories