yup..can't argue with that.. both of this group are different in every subject that focus on :)
On Fri, Apr 23, 2010 at 12:03 AM, BRIAN RITCHIE <[email protected]>wrote: > Najmi, > > Just a thought on the subject again. While I am a very big fan of your > emails, and in fact look forward to receiving them due to the fact that I > hardly get the time to surf my RSS feeds for updates, I feel there is a need > to differentiate the content you send to both OWASP and MySec. > > OWASP = Web Application Security related items > > MySec = Everything within the realm of Security. > > I am a big fan of unity among groups and in fact preach it alot. I hate > differentiation but unfortunately for OWASP and MySec, the situation is > different. Think of OWASP's domain as a subset of MySec, meaning it only > gathers part of what you choose to share with MySec and only should look at > Web Application related content. I am forced to bring this up because OWASP > is an open group with working professionals both from Gov and Private as > well and I am concerned that they might raise the question of why they are > getting unrelated content. > > I'd like your thoughts on this as well as other members. If all of you > are ok with non Web Application related content sent to the OWASP list, then > I am more than happy. Just concerned with the backlash Najmi. Hope you > understand. :-) > > -BRIAN RITCHIE > > On Thu, Apr 22, 2010 at 11:08 PM, Muhammad Najmi Ahmad Zabidi < > [email protected]> wrote: > >> >> >> ---------- Forwarded message ---------- >> From: Microsoft Malaysia <[email protected]> >> Date: Thu, Apr 22, 2010 at 10:14 AM >> Subject: Malware, SPAM and Phishing >> To: [email protected] >> >> >> If you are unable to view this HTML eDM, please click >> here<http://click.email.microsoftemail.com/?qs=f808f27e3dd520f29e60a2e9d220a4006165bcc1617b310d09e51fd3d666a414342dcfee1d81d262> >> [image: >> Malware, Email Threats and Phishing - Still a Threat and Getting More >> Sophisticated in Nature!] >> >> In this edition of the Microsoft Security Intelligence Report Series – >> Part 3, we will be looking at malicious and potentially unwanted software. >> Specifically malware, email threats and phishing attacks. >> Malicious and Potentially Unwanted Software >> Infection data from several Microsoft security products demonstrates the >> highly localised nature of malware and potentially unwanted software. >> >> In the United States and United Kingdom, Miscellaneous Trojans account for >> the largest single category of threat with families such as Win32/Alureon >> and Win32/Vundo common in both locations. >> >> The top threat in France and Italy by a wide margin was the Miscellaneous >> Trojans family Win32/Wintrim. >> >> In China, many of the most prevalent families are Chinese-language threats >> such as the browser modifier Win32/BaiduSobar or password stealers that >> target players of online games, including Win32/Lolyda and Win32/Frethog. >> >> Brazil is dominated by Portuguese-language password stealers that target >> online users of Brazilian banks, led by Win32/Bancos. >> >> Spain and Korea are both dominated by worms, led by Win32/Taterf which >> targets players of online games. The prevalence of Taterf in Korea may be >> due in part to the worm’s propensity to spread easily in Internet cafés and >> LAN gaming centres. >> >> While security software is evolving, so is the sophistication of attacks. >> Customers therefore need to ensure they build a defence-in-depth approach to >> security and combine technology to ensure the greatest protection. >> *Microsoft® >> Windows® 7 and Windows® Server >> R2<http://click.email.microsoftemail.com/?qs=f808f27e3dd520f2f22873822ec887b95376eef14528613d179747ad051bc7fe2fab5fc10ef56a65> >> * together deliver security that extends beyond the desktop. >> >> *Malicious And Potentially Unwanted Software - Geographic trends by >> system "location" setting* >> Threat categories worldwide and in eight locations around the world, by >> incidence among all computers cleaned, 1H09 >> >> E-mail Threats >> The vast majority of e-mail messages received via the Internet are >> unwanted. Not only does this tax the recipients’ inboxes and the resources >> of e-mail providers, it also creates an environment in which e-mailed >> malware attacks and phishing attempts can proliferate. Blocking spam, >> phishing, and other e-mail threats is a top priority for e-mail providers, >> social networks, and other online communities. >> >> Here is a snapshot of some facts on email threats around the world in >> 1H09: >> >> - Forefront Online Protect for Exchange (FOPE) blocked 97.3% of all >> unwanted messages at the network edge >> - The dominant form of spam in 1H09 was product advertisements >> - Most spam was sent through botnets or other automated tools >> >> Using technology like *Microsoft® Forefront for Exchange and >> SharePoint<http://click.email.microsoftemail.com/?qs=f808f27e3dd520f2af29925f920e53e40c97ef7b0584fcafa54433cc9017a1e0b8637d04bdb3b57e> >> * reduces SPAM entering an organisation’s perimeter and from being >> circulated further through email and collaboration servers. >> Phishing >> Legitimate websites belonging to innocent parties that have been >> compromised are often used by attackers to host phishing pages or distribute >> malware. In many cases, just visiting these sites can be dangerous, since >> attackers often create exploits that can silently download malware to >> vulnerable computers as soon as the user loads the page. Installing *Security >> Updates<http://click.email.microsoftemail.com/?qs=f808f27e3dd520f2a00816b67182013d3a99dbbb42cd70955cff23dd9c2d522c5622c5e6bb5106d9> >> * for the operating system, the browser, and any installed browser >> add-ons in a timely manner can greatly reduce users’ chances of being >> victimised. >> >> Microsoft maintains a database of known active phishing sites reported by >> users of Internet Explorer and other Microsoft products and services. When a >> user attempts to visit a site in the database with *SmartScreen >> Filter<http://click.email.microsoftemail.com/?qs=f808f27e3dd520f2488d15e128b074ba410b528c8f7d60496ca71e5d6058c89e015c5c4f66cc24be> >> * in Microsoft® Internet Explorer 8 enabled, Internet Explorer checks the >> URL against the database. If the site has been reported as a phishing site, >> Internet Explorer blocks navigation to the site and displays a warning. >> Microsoft monitors traffic to the reported phishing URLs and uses the >> information to improve its filtering technology and its efforts to track >> suspected phishing sites. >> >> *Malicious Web Sites - Analysis of phishing sites* >> Unique attempts at Phishing blocked by smart screen filter in Internet >> Explorer 8 >> Phishing impressions tracked each month in 2H08 and 1H09, indexed to >> January 2009 >> >> After remaining mostly consistent throughout 2H08 and through April 2009, >> the number of impressions suddenly almost quadrupled in May and rose even >> higher in June. However, the number of actual phishing sites decreased, with >> analysis showing social networking sites the target of 76% of phishing >> attacks in 1H09. >> >> *Malicious Web Sites - Target institutions* >> Impressions for each type of phishing site each month in 1H09 >> >> To find out more about malware, email threats and phishing, *read >> the >> report<http://click.email.microsoftemail.com/?qs=f808f27e3dd520f219ca985ad5b819b6a118eea43cdf8533be3e06dbeebfcdad961c856fc7dc2160> >> * on our site. And do remember to look out for the final part of our >> Security Series, Part 4, where we’ll provide some valuable recommendations >> on how to keep your *computers, data and your enterprise safe*. >> Unsubscribe<http://click.email.microsoftemail.com/?qs=f808f27e3dd520f24cec7f4d564729154473bd98f7d392bfee674daf87c5a39920c77e5416051b96>| >> Update >> your >> profile<http://click.email.microsoftemail.com/?qs=f808f27e3dd520f24cec7f4d564729154473bd98f7d392bfee674daf87c5a39920c77e5416051b96> >> © 2010 Microsoft Corporation Terms of >> Use<http://click.email.microsoftemail.com/?qs=f808f27e3dd520f2b16d5a314abf791d0be0a2bd102e60f2a4162da62efbf4d391875e2d54cb86fd>| >> Trademarks<http://click.email.microsoftemail.com/?qs=f808f27e3dd520f2f6bf09c1705ff6099723e7b0829330beb5a8c86565f2453968ab5847f6d2f8a8>| >> Privacy >> Statement<http://click.email.microsoftemail.com/?qs=f808f27e3dd520f274643788b3164e97dd5199f22319419b050a7cdb99492b643c9c84daaf8bef39> >> [image: >> Microsoft] >> >> Update >> Profile<http://click.email.microsoftemail.com/?qs=f808f27e3dd520f237344e7acf647126f973d3d8a9bc5ddb675d3ee14c5557545cb7747ffd014482> >> >> -- >> You received this message because you are subscribed to the Google Groups >> "MySecurity" group. >> To post to this group, send email to [email protected]. >> To unsubscribe from this group, send email to >> [email protected]<mysecurity%[email protected]> >> . >> For more options, visit this group at >> http://groups.google.com/group/mysecurity?hl=en. >> > > > _______________________________________________ > Owasp-Malaysia mailing list > [email protected] > https://lists.owasp.org/mailman/listinfo/owasp-malaysia > > OWASP Malaysia Wiki > http://www.owasp.org/index.php/Malaysia > > OWASP Malaysia Wiki Facebook > http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420 > -- Muhd Syazwan @ jipang_menjerit http://blog.ubuntuseekers.com http://blog.syazwan.info [email protected] [email protected]
_______________________________________________ Owasp-Malaysia mailing list [email protected] https://lists.owasp.org/mailman/listinfo/owasp-malaysia OWASP Malaysia Wiki http://www.owasp.org/index.php/Malaysia OWASP Malaysia Wiki Facebook http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420
