CyTRAP Labs’ alerts - what is the diff?
| CyTRAP Labs | Telefon: +41 (0)44 272-1876 |
| Roentgenstrasse 49 | E-Mai: Info at CyTRAP.eu |
| 8005 Zurich | |
| Switzerland | |
- CyTRAP Labs’ security guides - having an impact
Our advisories are a bit different than most people might expect. Read on to find out why our alerts regarding IT security threats, malware and exploits could benefit you in your efforts to protect your information’s confidentiality and privacy better. Our advisories.
1) Are geared toward home users and Small and Medium-Sized Enterprises (SMEs) - our target group.
_WHY: Most advisories or alerts focus on security engineers and system administrators who require technical information to do their jobs. Helping SMEs and home users lacking technical expertise is needed, especially with the ever growing use of broadband connections to the internet and machines and modems staying connected for an ever longer time.
Also, in the U.S. latest research shows that 20% of employees have permission from their firm to work from home using the internet at least one day a month. In most European countries, 70% or more of the working population are employed by SMEs, making the latter an important part of a vibrant economy.
2) Focus is on the Windows Operating system.
_WHY: Over 90% of all PCs sold in Europe and in some countries have Windows pre-installed.
3) Cover most widely used software running on the Windows Operating system such as Microsoft Office (i.e. Excel, Word, Powerpoint, Outlook), Adobe Reader, Open Office, Mozilla Firefox, Eudora, and iTune/QuickTime from Apple.
_WHY: The above programs and some others are used by many SMEs and home users
4) Address the most popular open source software that runs on the Windows operating system.
_WHY: Increasingly such things as the OpenDocument standard are becoming the accepted ’standard’ for documents issued or accepted by public administrations (e.g., taxation office), while the use of open source software is becoming ever more accepted if not mandated in government offices (e.g., France, Denmark, Germany); in turn home users and SMEs are looking ever more favorably upon using such software (e.g., Germany - 30% or more of corporate and home-users browse with Mozilla Firefox).
5) Take into careful consideration that in early 2007 about 25% of PCs are still running on older versions of the Windows Operating systems, such as Windows 2000, 98 and 95.
_WHY: some users still have older PCs that are being used at home and while Microsoft no longer issues security patches for these operating systems and software (e.g., Word 97), users still must be able to limit their risks regarding exploits on these programs.
6) Provide an assessment what Risk the user has for being vulnerable regarding a new exploit or type of malware and, as importantly, the Impact / Worry index (i.e. how bad is it if I catch the bug - should I take cover?)
_WHY: For an enterprise with large and complex networks, nearly every new vulnerability could be rated as critical - highest risk level given to unpatched Microsoft vulnerabilities by SANS. However, for home-users or SMEs a highly targeted attack (usually those are launched against large firms) represents a moderate risk, while the impact (e.g., if one gets infected by the malware) could still be something one should worry about.
7) While we provide advisories, our primary focus is on prevention with our security guides (German and English) and the WinCurity blog (Mobile@Work serving telecommuters in German will be launched soon).
_WHY: Knowing about a current new virus threat does not prepare the user for the next one tomorrow. However, preventive measures and behavioral changes can help reduce the risk for being infected when the next pandemic happens (CyTRAP Labs’ security guides - having an impact).
_WHAT OUR ADVISORIES DO NOT PROVIDE_
A) Because our target group is home-users and SMEs, we refrain from addressing complex network issues regarding a vulnerability or exploit that might be important to a large network administrator. However, we do focus on technical and larger network issues in our Information Security this Week (since 2000).
B) We adhere to industry ethics that require one to inform the vendor first regarding a vulnerability and, as importantly, giving the firm time to fix the vulnerability and issuing the appropriate patch.
However, we issue an alert if we know that the exploit code taking advantage of a vulnerability is circulating on the internet and, thereby represents a threat to part of one of our user groups (e.g., 2007-02-03-Windows Vista zero-day #2 - vocie recognition vulnerability - what about home users with disabilities).
Others may not feel the same way and, instead, choose to wait (e.g., NL-Gov CERT did not issue an alert, while U.S. CERT did did issue an alert about this zero-day exploit by Monday, 2007-02-05 at 16:31 GMT - 54 hours after CASEScontact and CyTRAP did)
_WHERE CAN ONE SIGN UP?_
As the above shows, we focus on home-users and SMEs when it comes to our advisories and alerts. Most importantly, our information is written for people who are not engineers by training.
Our step-by-step guidelines and checklists are empowering users in effectively minimizing their risk exposure against a variety of threats:
- Sign up with CyTRAP Labs and CASEScontact.org - subscription portal
_More information_
If you are interested in finding out more see also here:
No Tags
