Josh's Security Notes - Issue 11

 

Each newsletter our security expert, Josh More, compiles a quick list of security tips and happenings to keep you in the know. Here are the newsworthy security events from last month:
 
1) Patch Management:
Microsoft released the largest patch set in history in October. Adobe and Java products are getting exploited due to lack of patching.
 
2) Sophos on Mac:
Sophos released a free Mac OSX agent for home users. It's gotten high marks from everyone that has reviewed it.
 
3) Nastier Malware:
Malware kits like Qakbot are starting to replace Zeus on people's machines. They are smaller, stealthier and nastier than Zeus. Zeus was last year's next-generation malware. These tools are the big threat of 2011.
 
4) PCI DSS 2.0
The new standard was released, impacting everyone that takes credit cards.
 
5) FireSheep / FireShepard
A tool was released to take over people's Facebook and Twitter sessions when using public WIFI.
 
6) Facebook Applications
Facebook apps were found to be leaking data that they shouldn't be.