Security Education

Here are one or two resources some of you might find useful and interesting.

Infragard and the Center for Information Security Awareness have a Security Awareness in the Workplace program that looks worth a closer look. It consists of 14 separate lessons addressing key information security issues "that can impact in the workplace". The free lessons are presented as web-based Flash movies. People who complete the course can also register to be examined for a certificate. This isn’t free, but a nominal $24.95 doesn’t sound unreasonable. It ain’t CISSP or a GIAC qualification, but as a reward for working on security awareness, it might be a good investment.

 The US-CERT Current Activity page is a regularly updated summary of high impact security incident reports. To give you an idea of the sort of information you can find there, the current page includes:

  • May 29 VMware Releases Security Advisory
  • May 28 Microsoft Releases Security Advisory 971778
  • May 27 BlackBerry Security Advisory
  • May 26 Microsoft Releases Service Pack 2 for Windows Vista and Windows Server 2008
  • May 22 Novell Releases Updates for GroupWise
  • May 20 NSD DNS Buffer Overflow Vulnerability
  • May 20 Cisco Releases Security Advisory for CiscoWorks TFTP Vulnerability
  • May 20 Mac OS X Includes Known Vulnerable Version of Java
  • May 19 Microsoft Internet Information Services (IIS) WebDAV Request Vulnerability
  • May 18 Gumblar Malware Exploit Circulating

Of course, the page gives more information than this, and includes links.

Finally, the Anti-Phishing Working Group (check the web site: some pretty useful resources there). A project I’ve just caught on to is an education initiative called the AWPG/CMU Phishing Education Landing Page program. The intention is to catch potential victims who’ve clicked on a known phish link by redirecting them to an informational web site.

Find out more here. But don’t forget the Securing Our eCity initiative, either: www.securingourecity.org

David Harley BA CISSP FBCS CITP
Director of Malware Intelligence

 

Author David Harley, ESET

Follow Us

Sign up to our newsletter

The latest security news direct to your inbox

26 articles related to:
Hot Topic
ESET Virus Radar

Archives

Select month
Copyright © 2014 ESET, All Rights Reserved.