World’s nastiest trojan fools AV software

Pounces on banking passwords

By Dan Goodin in San Francisco | http://www.theregister.co.uk/2009/09/18/zeus_evades_detection/

Posted in Anti-Virus, 18th September 2009 00:37 GMT

Watch the Application Security Regcast, right here

One of the world’s nastiest password-stealing trojans evades detection by the majority PCs running anti-virus programs, according to a study that examined 10,000 machines.

Zeus, a stealthy piece of malware that sits on a PC and waits for users to log in to bank websites, is detected just 23 per cent of time by AV programs, according to the study (PDF) (http://www.trusteer.com/files/Zeus_and_Antivirus.pdf) released by security firm Trusteer. Even AV programs with up-to-date malware signatures were unable to identify the infection a majority of the time, the authors said.

Zeus, which also goes by the name Zbot and PRG, escapes detection using sophisticated techniques such as root-kit technology, the Trusteer report said. The company is able to detect it by examining the fingerprint Zeus leaves when it penetrates an infected PC’s browser process.

A recent report estimated that Zeus is the No. 1 trojan, with 3.6 million infections in the US alone, or about 1 per cent of the installed base of PCs. Trusteer’s study, which found Zeus accounted for 44 per cent of the banking malware infections, was consistent with that finding. After sneaking onto a PC, it sits quietly in the background until a user logs on to a financial website. It then sends the login credentials to a remote server in real time, sometimes by use of instant messaging (http://www.theregister.co.uk/2009/08/27/zeus_adopts_instant_messaging/) programs.

Of Zeus-infected machines, about 31 per cent don’t run AV at all and 14 percent run AV that’s out of date. The remaining 55 per cent had AV programs that were up to date. ®

Related stories

Malvertisers slapped by Microsoft lawsuits (18 September 2009)

http://www.theregister.co.uk/2009/09/18/microsoft_legalaction_malvertising/

Malware lingers months on infected PCs (15 September 2009)

http://www.theregister.co.uk/2009/09/15/malware_persistence/

Trojan zaps banking credentials via IM (27 August 2009)

http://www.theregister.co.uk/2009/08/27/zeus_adopts_instant_messaging/

Hackers pwn Macca site with banking malware (8 April 2009)

http://www.theregister.co.uk/2009/04/08/macca_malware_attack/

Crimeware giants form botnet tag team (5 September 2008)

http://www.theregister.co.uk/2008/09/05/rock_phish_and_asprox_team_up/

Crimeware grifters scamming naive phishers (7 August 2008)

http://www.theregister.co.uk/2008/08/07/scammers_con_naive_phishermen/

Zeus virtually ports traffic manager to Windows (21 May 2007)

http://www.theregister.co.uk/2007/05/21/zxtm_4_windows/

‘Hacker’ threatens to expose health data, demands $10M

Hoax or the real thing? Virginia health agency Web site shut down but investigators mum

Jaikumar Vijayan | http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9132625

May 6, 2009 (Computerworld) Days after a hacker claimed to have broken into a database and encrypted millions of prescription records at the Virginia Department of Health Professions, it remains unclear what happened.

Whistleblower Web site Wikileaks.org last Sunday carried a report from an anonymous poster who said that the secure site for the Virginia DHP Prescription Monitoring Program (PMP) had been broken into by a hacker who made a $10 million ransom demand.

The alleged ransom note posted on the PMP site claimed that the hacker had backed up and encrypted more than 8 million patient records and 35 million prescriptions and then deleted the original data.

“Unfortunately for Virginia, their backups seem to have gone missing, too. Uhoh,” the hacker is supposed to have said in his note, a copy of which was available on Wikileaks. “For $10 million, I will gladly send along the password,” for decrypting the data, the supposed hacker wrote.

The expletive-laden note goes on to say that authorities have seven days to decide if they will “pony up” the money. If the ransom is not paid, “I’ll go ahead and put this baby out on the market and accept the highest bid,” the note says.

The hacker admits that while he is unsure about the worth of the data or who would want it, “I’m bettin’ someone will. Hell, if I can’t move the prescription data at the very least I can find a buyer for the personal data,” the hacker said pointing to the fact that the data included patients’ names, ages, addresses, Social Security and driver’s license numbers.

A call seeking comment on the incident from the Virginia PMP program office was not immediately returned. A call to the Virginia State Police department seeking confirmation on whether it is investigating the reported incident also was not immediately returned.

As of today, the main PMP Web site and all links on the site were unavailable.

The PMP was set up in the wake of a spate of drug-abuse-related crimes and some deaths in the state involving the painkiller Oxycontin. It allows pharmacists and health care professionals to track prescription drug abuse, such as incidents of patients who go “doctor-shopping” to find more than one doctor to prescribe narcotics. According to a description of the program from a cached version of the site, there were more than 31.6 million records in the PMP database as of Jan. 1. Doctors, pharmacists and other authorized users make requests for data from the PMP database via a secure Web page, the description said.

The Richmond Times-Dispatch reported Tuesday that the FBI and State Police had confirmed investigations of a hacking incident at the PMP. The story also quoted Virginia Gov. Timothy Kaine as saying the compromised data was not the same as patient files from doctors’ offices. “These were not patient records, so it’s not compromise of health-care information about particular individuals,” the governor is quoted as saying in the Times-Dispatch.

The compromise comes at a time of heightened concerns about the privacy and security of medical data. President Barack Obama’s recently passed economic stimulus package includes a health care component that initially provides $20 billion for the creation of a national health records system. The bill mandates new privacy and security controls for health care data that are seen as being long overdue.

The controls go beyond those mandated under HIPAA (the Health Insurance Portability and Accountability Act) and are expected to be more strictly enforced than HIPAA rules have been.

The breach at the Virginia health agency highlights the “overall lack of compliance” with HIPAA within the health care sector, said Peter MacKoul, president of HIPAA Solutions LC, a consulting firm in Sugar Land, Texas.

“HIPAA by and large has been ignored, not because it is unimportant, but because of a lack of will to really [enforce] it,” MacKoul said. “Much like all other regulations, if there is no real enforcement, this type of thing will continue to happen over and over again.”

The reported incident in Virginia is identical to one reported by Express Scripts, a St. Louis-based prescription drug management company in October. The company said it received an extortion letter from data thieves who threatened to release millions of patient records if the company did not pay up.

As I look across the IT Security Threats Landscape ~TITSTL~ today, I am very, very concerned at the recent increase in “sophisticated and re-architectured” threats that are popping up online today. Every day there are thousands of new threats, variants and exploits popping up out of the wood works but today we’re seeing an increase in the ones that are more structured, well architecture and positioned to circumvent many security settings and solutions on the market today. As I look at these I can’t help but to ponder how seriously people take these issues or is the lack of education and awareness getting worse as more technology is being introduced in our society without proper knowledge of what they are.

Anyone can get internet services today in various forms, broadband (cable, DSL, satellite), mobile (EV-DO, 3G) and wireless wherever available. The introduction of Netbooks is adding to this mobile threats issue as they are so small, slick and loveable that people will be losing them more easily than the bigger traditional laptops.

So here’s the thought process on this.

What if there was an internet security law in place that states, you must protect your PC against the threats of today by running this, that and then some (depending on the OS of course)?

If found guilty of running a PC without these basic steps in place you will be fined, system confiscated and possibly arrested depending on the violations of let’s say, data loss of a number of people (depending on if this is a business or end user).

What if such a law was put in place, what do you think would happen and what would you do?

I can see it now, some car pulls up at your house and guys in black suits come out, walk in and take you and the system away because they have scanners roaming the internet looking for systems that are not running specified services/products/solutions.

You’re under arrest for violation of code WT123-Basic-internet-security-policy revision 2009 in the state of Wassu which resulted in the loss of 5000 people’s personal/private information.

Sounds like a movie doesn’t it?

Wake up, it may very well happen.

Our thoughts as I ponder on this myself.

~Brett A. Scudder~

The IT Security Attaché

For those who missed it here it is. Please take a few minutes to watch it. It may not be all that but is still some good facts about the state of IT Security today.

http://www.cbsnews.com/stories/2009/03/27/60minutes/main4897053.shtml

The Conficker Worm – my review

There have been many articles, reviews, information and posting about the Conf*ker as many people have started calling it. Depending on who you talk with you can replace the * with anything that suits your feelings towards it. The most interesting thing about this threat isn’t the fact that it’s neither a new one nor a new attack form, it’s the same old attackers doing the nefarious things they do but with a bit more sophistication. For me as an IT guy looking at all this, i’m getting the wow factor from some of the new developments and traits of the threat. So my take today will not be to overwhelm you with all the techno jargon and high level breakdown of the threat but just to speak on it in the most basic form so that even those who are non technical can grasp the severity of it.

So here goes.

If you get infected with the Conficker worm you’re screwed. Bottom line.

If this is a system that is on a business network it must be removed, quarantined, disinfected by any means necessary. Take no chances with this threat.

Get my drift?

Is this basic enough to understand?

Ok, let’s take it from another angle.

This worm is a blended (virus, worm, rootkit, botnet, adware, malware and the what else factor) threat in a blended threat with blended characteristics. It’s like catching a cold and getting a headache, ear ache, stomach ache, backache and chest pains all in one. It starts with a simple cold but quickly spreads to other critical areas of the body causing serious effects and harm. This threat is in a class by itself as it deploys various additional agents around the system that causes complete successful removal to be unclear.

If you have been infected with the worm you’re only real option is to completely wipe the system. Unplug, power down, power drain, complete power loss to all storage capacities of the system. This is a very serious threat.

As for those who have been asking about which anti-virus solution is best to protect against this, there isn’t one. Anti-Virus alone is not going to protect you from this threat and the blended effects. It will take a number of things to make this happen and here’s my list.

1.      System must be fully patched from all angles, the operating system, the applications, services, devices and drivers. When patching the Microsoft Windows operating system many people have auto update enabled but in different settings. Some have alert me of new updates but never apply the new updates. Some have it set to download and wait for my approval and they never approve the installation of the updates. Some have it set to download and install all updates. This is a good option to have. When patching the OS one must be prudent so as not to only apply critical patches but all software, severe and high updates as well. So I recommend if you’re doing the built in auto update please use the download and apply all. If doing it manually do a custom update which will reveal all the patches and updates needed.

2.      Anti-Virus alone will not protect you from this worm and most of the new threats in the IT Security Threats Landscape today and tomorrow. The need for an anti-malware solution is critical to combine the protective layers of web/content filtering, IDS/IPS, anomaly/heuristics based detection, network and proactive threat protections. This is a backup to the patching already performed on the system. A fully patched system can still be compromised if a targeted malicious code is allowed to reach it.

3.      Common sense if the name of the game and the winner of all security practices. Adding to the patching of the system and having the needed security solution comes the best practice of all, the user’s common sense in using the system effectively. As the person using the system one needs to pay very close attention to details in their messaging, web browsing and IM practices. Opening emails from known and unknown sources requires due diligence in thinking about the nature of the message, the contents and what is its relevance to you. A message from a known source may not have been sent by them but could have been the result of an infection on their system(s). This is the same for email and IMs. There are many IM worms that will hijack your IM client and send out messages to everyone in your contact list pointing them to a website for them to get a drive-by-download. Many people think very little of web based attacks while they are the fastest growing today because of the ease of infection and the delivery of the payload.

4.      User education and awareness. This is a very critical issue as many seem to think that these issues are a corporate or industry problem. When a threat like Conficker goes into the wild it is not targeting specific systems in specific industries only, it is doing a general attack across all systems within its path. IT Security is a people problem and we are all in its path whether we like it or not and no matter what OS vendor platform you’re on/running.

5.      Enable your built in firewall or get a third party one to put up some form of perimeter defenses.

6.      There are security suite solutions that bundles multiple security technologies and features in one suite. That may be a more viable option for you because of the integration and management options.

The fact of the matter is, we have these issues at the level they should have been years ago, in the media and across all industries as a people problem, not an industry one. I take the same approach to Conficker as I do to rogue Anti-Virus 2008/9 threat, if detected, wipe, clean, rebuild, reimage.

This isn’t something to play around with what is or if it is cleaned. The only way to be sure is to wipe it all out.

Thank you and have a great day,

~Brett A. Scudder~

The IT Security Attaché

This is from an email I sent out to my network distribution list today at 12 noon.

Good day to you,

This is a critical issue that has been highly overlooked and is a bigger problem than most people care to think. For those of us consultants who are responsible for our client’s infrastructure, please help them to understand where these laws apply and how it affects them. I’m bringing in someone from the attorney general’s office to do a presentation on this for us in the coming month. I’m trying to work with their schedule so stay tuned for the date of the meeting.

There are some serious new threats on the loose and the more I look at them is the easier i’m seeing the rate of success in their deliverables. Our organization speaks to these issues and we must understand what they mean for those we’re helping to understand. This new variant of the Conficker worm has some nasty new tricks to it and while following its development and path, i’m more convinced that this is a new level of sophistication way above the rogue Anti-Virus/Anti-Spyware 2008/2009 threat we encountered last year that is still being a major pain point for IT today. Whether this is an April fools days joke or not, as you can see, the financial ramifications of negligence will be heavy.

Get those system (OS, applications, devices) patches updated and current. Most people tend to patch the OS and leave vulnerable applications running with system access to the OS that even fully patched is still vulnerable. Patching is an all round process that applies to the OS, applications running on it and the devices being connected to it. Even the device drivers are a point of entry to a system today so patch them if needed. Check on those security policies and rules and ensure they are up and running. We have a few days before April 1^st so talk with your people about this and let them understand the need for being prudent about it.

Make no mistake people, this is a new age where technology rules and the threats are more real than ever before. This is not someone physically walking in and taking your data, this is someone sitting anywhere in the world and having access to it (if allowed).

I posted this on LinkedIn here http://www.linkedin.com/answers/using-linkedIn/ULI/447971-3071950 for a broader visibility from the business professional’s community. More feedback and input will be found there as well. Spread the word.

Thank you and have a great day,

~Brett A. Scudder~

State Security Breach Notification Laws

As of December 16, 2008

http://www.ncsl.org/programs/lis/cip/priv/breachlaws.htm

Good day to you,

I want us to take a look at this issue because I had conversations with a few business owners at a recent conference and they were not aware of the laws of their state nor the impact it has on them as a business. So once again here is one of my education and awareness questions here on LinkedIn and I hope we can get some good feedback and input on it. Please keep in mind that the purpose of these questions is to build education and awareness on the subject so any referencing materials, links and verification is always valuable.

There are over 48 states in the US to date that have enacted a breach notification law and while I do believe that this is a flaw in the system for each to have its own, it’s a good start in the process. Maybe soon we’ll see this falling under one structure for effective governance. I believe we should have one national law that covers everyone because a data breach is the same no matter where it is done and the impacts can/will be the same across state lines. How it is handled in each state is another story which at most may not be enough for those who lost their data/privacy.

As a security professional, I am very much aware of the many ways in which our private data and information is very carelessly handled by many organizations but that is not the issue here, I want this to be about the laws and helping people to understand the need for knowing and protecting themselves, their customers and clients.

So, Do you have a breach notification law is in your country/state, do you know what it means and how are you affected by it.

Are SMB omitted from these laws and how do they feel about the financial backlash of the issue.

Do we know and understand of the recent laws of and around data security and the financial effects of it?

US State Security Breach Notification Laws as of December 16, 2008

http://www.ncsl.org/programs/lis/cip/priv/breachlaws.htm

Let us take this opportunity to build on these key issues as people need to understand what it really means for them. Know your technology/security/privacy laws.

Thank you and have a great day,

~Brett A. Scudder~

The IT Security Attaché

I posted this on LinkedIn here http://www.linkedin.com/answers/using-linkedIn/ULI/447971-3071950 for a broader visibility from the business professional’s community. More feedback and input will be found there as well.

New ransomware holds Windows files hostage, demands $50
‘Sobering’ turn by crooks ‘doesn’t bode well,’ says researcher
Gregg Keizer

http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9130539&source=NLT_AM

March 25, 2009 (Computerworld) Cybercrooks have hit on a new twist to their aggressive marketing of fake security software and are duping users into downloading a file utility that holds users’ data for ransom, security researchers warned today.

While so-called scareware has plagued computer users for months, those campaigns have relied on phony antivirus products that pretend to trap malware but actually only exist to pester people into ponying up as much as $50 to stop the bogus warnings.

The new scam takes a different tack: It uses a Trojan horse that’s seeded by tricking users into running a file that poses as something legitimate like a software update. Once on the victim’s PC, the malware swings into action, encrypting a wide variety of document types — ranging from Microsoft Word .doc files to Adobe Reader PDFs — anytime one is opened. It also scrambles the files in Windows’ “My Documents” folder.

When a user tries to open one of the encrypted files, an alert pops up saying that a utility called FileFix Pro 2009 will unscramble the data. The message poses as an semiofficial notice from the operating system. “Windows detected that some of your MS Office and media files are corrupted. Click here to download and install recommended file repair application,” the message reads.

Clicking on the alert downloads and installs FileFix Pro, but the utility is anything but legit. It will decrypt only one of the corrupted files for free, then demands the user purchase the software. Price? $50.

“This does look like a new tactic,” said David Perry, the global director of education at antivirus vendor Trend Micro Inc. “But all online fraud is just minor variations of classic con games. This is just the ‘Bank Examiner’ played out on the Internet.”

That classic con, said Perry, typically involves a swindler posing as an official, a bank examiner or an FBI agent who asks for help in an investigation. The swindler convinces the mark to withdraw money from the bank — it’s needed to catch the nonexistent crook in the act — and promises to return the funds at the end of the case. Of course, the money vanishes, along with the grifter.

On the Web, data-hostage scams like this are called “ransomware” for obvious reasons. This isn’t the first time the tactic has been used, but it is remarkably polished, said Perry. “We’ve not seen ransomware with this level of sophistication,” he said.

Users who have fallen for the FileFix Pro 2009 con do not have to fork over cash to restore their files, according to other researchers, who have figured out how to decrypt the data. The Bleeping Computer site, for instance, has a free program called “Anti FileFix” available for download that unscrambles files corrupted by the Trojan horse. And security company FireEye Inc. has created a free online decrypter that also returns files to their original condition.

Alex Lanstein, a malware researcher at FireEye who blogged about FileFix Pro 2009 last week, called the turn from scareware to ransomware “sobering.”

“Although we broke the encryption, it’s a sobering realization of the state of malware that it is now actively extorting users by holding their data ransom,” Lanstein said. “Despite this version of FileFix being trivial to crack, it does not bode well for the future of Internet malware.”

If ransomware follows a similar path as scareware, criminals will be hustling to mimic FileFix Pro. According to some estimates, crooks make as much as $5 million a year pushing fake antivirus software.

25 March 2009

Apple Mac users warned of web-based malware threats RSPlug-F Mac Trojan horse distributed via HDTV website

IT security and control firm Sophos is warning Apple Mac users to be on their guard against websites hosting malicious code designed to infect their systems. The advice follows the discovery of a new version of the OSX/RSPlug Trojan horse that is being distributed via a legitimate-looking website offering HDTV software.

Apple Mac malware: Caught on camera from Sophos Labs on Vimeo.

“There is much less malware for the Apple Mac than there is for Windows, but that doesn’t mean that Apple fans can hide their head in the sand like ostriches,” said Graham Cluley, senior technology consultant for Sophos. “Mac users are no different to Windows users when it comes to falling for social engineering tricks like this – they are just as likely to install and run this program on their computer if they believe it will help them watch high definition TV.”

Sophos notes that the criminal gang behind this malware attack is targeting Windows computers as well as Mac OS X.

“Windows users shouldn’t be feeling smug about this attack against Mac users. If you visit the website from a Windows computer, it will serve up a malicious Windows executable from the Zlob family of malware rather than the RSPlug-F Mac OS X Trojan horse. By targeting both platforms with their malicious website, the hackers can kill two birds with one stone,” explained Cluley. “Once a piece of malware like this is in place on your computer, it can do whatever the hacker wants it to do. Mac users are gambling with the security of their data if they believe they are somehow magically immune from threats that Windows users have lived with everyday for years.”

Sophos experts have determined that the RSPlug-F Trojan horse changes DNS Settings on Apple Mac computers, meaning users may find they are taken to bogus websites which may attempt to steal personal information, display revenue-generating adverts, or install further malware.

The article was posted here http://www.sophos.com/pressoffice/news/articles/2009/03/mac-malware.html?_log_from=rss

Original URL: http://www.theregister.co.uk/2009/03/24/persistent_bios_rootkits/

Newfangled rootkits survive hard disk wiping

BIOS attack targets PC nether region

By Dan Goodin in San Francisco

Posted in Anti-Virus, 24th March 2009 22:17 GMT

Free whitepaper – Trend Micro delivers security cloud

Good day to you,

The Internet means different things to different people and i’d just like to get a sense of your feelings on it and why it is important to/for you.

Nothing specific, I just want to hear your thought on it as it comes to mind.

Thank you and have a great day,

~Brett A. Scudder~

More answers on LinkedIn here http://www.linkedin.com/answers/using-linkedIn/ULI/379604-3071950

Good day to you,

This is a conversation I kick off a lot as I try to get people to understand the two elements and when/how they are intertwined.

What does this presence mean to you and how much time have you put into framing and maintaining it?

Is this presence important to/for you?

What if this presence was stolen/framed, would you be affected, if so, how?

Your thoughts.

Thank you and have a great day,

~Brett A. Scudder~

More answers on LinkedIn here http://www.linkedin.com/answers/using-linkedIn/ULI/384092-3071950

Good day to you,

With technology becoming a more integral part of our everyday lives and more gadgets, devices, and electronics being converged on the information superhighway (World Wide Web ), at what age do you believe we should start the education and awareness of IT/Internet Security for our youths in the school systems?

Things like,

How to browse/use the internet safely,
Instant Messaging security and best practices
Social Networking security and best practices
Mobile security and best practices.
Online predators and how they target children and how to be protected from them.
What is are viruses, worms, trojans, spyware, malware, blended threats?
What are web attacks (like drive-by-downloads) and how they are orchestrated?
What is social engineering?
What is phishing?
What is SPAM and why is it being used today?
How do these threats proliferate?
Secure messaging implementation and use.
Defense-in-depth – definition, purpose and maintenance. Anti-virus, anti-malware, firewalls and intrusion detection/prevention.

Our Secure Minds Initiative is about integrating this level of training and education in the school’s curriculum and I wanted to get your thoughts as adults, parents, educators and professionals on this matter. I have seen 10-12yrs old who can hack into a network and do some serious things that IT Pros in their adult years can’t.

Why not nurture this knowledge and ability for good?

Please make note that I didn’t ask if it should, I asked at what age should this be done signifying that I believe it should and i’m for it. Imagine having our youths graduating from high/middle schools with this advance early knowledge and what contributions they would be to the IT field. Even if they don’t become IT professionals having this education and knowledge will help any organization they join stay more secure.

Your thoughts.

Thank you and have a great day,

~Brett A. Scudder~

More answers on LinkedIn here http://www.linkedin.com/answers/using-linkedIn/ULI/394739-3071950

Good day to you,

Here is another education and awareness question in my series on the use of your social security number today.

Ever since the financial crisis has begun (which isn’t just today, look 18 months back), more and more people have been trying to avert the issues and impacts of the job losses and downturn in the economic trends. For this reason, they have been opening themselves up to more “risky business” opportunities/ventures in the name of finding a job or making some quick money to pay the bills and put food on the table. This is a bad sign of worse things to come for these people and by us taking a look at this now we can help educate others.

As more people are jobless the use of the internet increases, it takes away the human face-to-face elements that would help to validate the business or offerings/opportunities. More job sites/opportunities offering the hopes of new jobs/loans with a request for signing up with personal/private info is only a fraction of the bigger issues.

This has lead to an increase in identity theft and the loss of people’s personal/private information that trickles down to the core of our lives. As the economy will get worse before it gets better and more “rescue” opportunities/offers are being circulated, one can only imagine the dramatic increase in phishing and social engineering scams that will come about as a result of the new stimulus package and government initiatives. Sometimes we give up this information because we don’t know how/where/where to do so and then it becomes an after the fact issue. We will address the identity theft education and awareness issues later.

So, let us take a concerted look at when/where/who should I give my social security number to and why, and what are the impacts of doing so.

Are there any protective laws in place for it?

Your thoughts/feedback/input.

Thank you and have a great day,

~Brett A. Scudder~
The IT Security Attaché

More answers on LinkedIn here http://www.linkedin.com/answers/using-linkedIn/ULI/417629-3071950

Good day to you,

I am creating a series of education and awareness questions (as usual) and this one is on Professional Messaging Ethics and the importance of having a proper subject that reflects the nature of the message.

As a recipient of thousands of messages daily, I cannot begin to tell you how important it is to look at my inbox and choose what messages are worth looking at first not only by sender by but the subject. Many times legitimate messages come in from new connections and they tend to be off on the labeling of the message and so it gets passed by inadvertently.

Many people don’t realize that an email is something that may have no end to where it reaches and so creating a proper posture is very critical to both sender and recipient.

So my question to the professional’s community is,

How important is the subject line of a message to you?

Your thoughts.

Thank you and have a great day,

~Brett A. Scudder~
The IT Security Attaché

More answers on LinkedIn here http://www.linkedin.com/answers/using-linkedIn/ULI/414712-3071950

Good day to you,

When I see an article like this I tend to sit back and go wow, where have I been living and what have I been seeing/hearing or, am I in denial to the truth. I have always said that we, the people in the field who live and die working in the field, have always seen thing different from the people in these high level positions and is why they fail to implement the proper things needed because there is in synergy between us and them.

It’s like a cop on the street who has to deal with the everyday violence and issues but he’s able to quell them and bring peace in his areas because he’s know and knows how to deal with people. While these issues are real and happening everyday they don’t get reported back to the precinct and so the captain (or seniors) thinks all is well and can say that there district is not violent nor has issues like anywhere else. It’s not that you don’t have issues, you’re just not getting the info about them because they are not critical enough to report in or cause a major stir. Yet, unchecked, the high profile ones are added to the statistics and generate facts.

They don’t come down to our neck of the woods and talk with us to see what is “really going on” in the world, instead, they use statistics that is published by some agency or group. Well, I must be in denial because I truly see this as a growing problem and have talked with parent/student alike who have been victimized online to the point that it affects their offline experience/life.

So, before I get carried away in myself and this issue (as it really upsets me), i’d like to throw this out to this professional’s network to get your real professional insight/thoughts on the report of the report.

http://www.nytimes.com/2009/01/14/technology/internet/14cyberweb.html

Thank you and have a great day,

~Brett A. Scudder~

More answers on LinkedIn here http://www.linkedin.com/answers/using-linkedIn/ULI/398900-3071950

Hi all,

I really had to bring this to your attention and if you’d like to add your thoughts that’d be great. The report has prompted my desire to see the real report that was submitted for them to come to this conclusion. I’d like to have a sit down with them to shed some light to the issues from another angle, the "unreported cases".

As I said, there’s a lot that goes on that doesn’t get reported so where does that info go and what influence (if any) would it have on the real state of affairs about online threats to children. Children are being used as backdoors and an access point to private/personal information about the family, the home and financial status, not just for sex or sexual acts.

If there wasn’t a threat why do we have taskforce and other agencies manning it?

I guess you can tell that i’m very worked up over this one huh. It just shows how limited the mindset is at that level. It’s like saying if I teach the children to secure the door by always locking it I don’t have to worry about the windows.

————————————
The question on LinkedIn.
http://www.linkedin.com/answers/using-linkedIn/ULI/398900-3071950

Your thoughts – "Report Calls Online Threats to Children Overblown". What do you think, is this for real or not?

Good day to you,

When I see an article like this I tend to sit back and go wow, where have I been living and what have I been seeing/hearing or, am I in denial to the truth. I have always said that we, the people in the field who live and die working in the field, have always seen thing different from the people in these high level positions and is why they fail to implement the proper things needed because there is in synergy between us and them.

It’s like a cop on the street who has to deal with the everyday violence and issues but he’s able to quell them and bring peace in his areas because he’s known and knows how to deal with people. While these issues are real and happening every day, they don’t get reported back to the precinct and so the captain (or seniors) thinks all is well and can say that there district is not violent nor has issues like anywhere else. It’s not that you don’t have issues, you’re just not getting the info about them because they are not critical enough to report in or cause a major stir. Yet, unchecked, the high profile ones are added to the statistics and generate facts.

They don’t come down to our neck of the woods and talk with us to see what is "really going on" in the world, instead, they use statistics that is published by some agency or group. Well, I must be in denial because I truly see this as a growing problem and have talked with parent/student alike who have been victimized online to the point that it affects their offline experience/life.

So, before I get carried away in myself and this issue (as it really upsets me), i’d like to throw this out to this professional’s network to get your real professional insight/thoughts on the report of the report.

http://www.nytimes.com/2009/01/14/technology/internet/14cyberweb.html  

Thank you and have a great day,

~Brett A. Scudder~