While this was the week where Windows 7 wasreleased with much coverage in the trade press, only one item appeared in DHSreports regarding the “default user account”. Mobile cryptographic keys appear to be at risk as reported in additionto more aggressive activity in the marketing and delivery of fake anti-virussoftware.

The DHS Daily Open Source Infrastructure Report (DHS) coversthe publicly reported material for the preceding day(s) not previouslycovered.  This weekly summary provides a selection of those items ofgreatest significance to the InfoSec professional.

Should you not be aware of even one of the items discussedbelow it would be wise to familiarize yourself with it.  The headline above each entry will take youdirectly to the DHS report which presented the item for ten business days fromthe date of inclusion.  The Source linkwill take you to the original source cited by DHS.


No report.  A holiday in theU.S.

35.October 16, SC Magazine – (International) Aggressive tactics used innew distribution and installation of fake anti-virus software. PandaLabshas identified a new and aggressive trend for selling fake anti-virus software.  Source: http://www.scmagazineuk.com/Aggressi...rticle/154886/


Nothingof significance.


Safer surfing for mobile users?

39. October20, Network World – (International) Security software protects mobileand remote Mac, Windows users. DeepNines Technologies is unveiling adesktop security agent that works in tandem with its content-filtering andanti-malware gateway to protect mobile and remote workers.  Source: http://www.networkworld.com/news/200...s.html?hpg1=bn


Does your mobile device leak its cryptographic key?

40. October 20, CNET –(International) Leaking crypto keys from mobile devices. Securityresearchers have discovered a way to steal cryptographic keys that are used toencrypt communications and authenticate users on mobile devices by measuringthe amount of electricity consumed or the radio frequency emissions.  Source: http://news.cnet.com/8301-27080_3-10379115-245.html


Defaultuser account in Windows 7 a security risk?

31.October 22, CNET – (International) Windows 7 default user accountcontrol worries experts. Corporate IT departments should be pleased withnew security measures in Windows 7, but consumers are still at risk of gettinghit by malware despite changes in the User Account Control (UAC) featuredesigned to help people be smarter when using applications, security expertssay.  Source: http://news.cnet.com/8301-27080_3-10380749-245.html

Note: The DHS only maintains the last ten days of their reports online.  Toobtain copies of earlier reports or complete summaries, go to:





More...