McAfee offers 'Sage' advice on security issues

New semiannual journal offers rants and raves from inside the company firewall.

Microsoft's Vista has improved security for Windows users, but "some of its choices still leave users vulnerable," writes David Marcus in McAfee's new semiannual journal on security matters.

Published by McAfee Avert Labs, the (PDF) was released on Wednesday. The journal, which made its debut in July 2006, is available from the McAfee Threat Center.

"The constant struggle between security personnel and malware authors is an arms race," said Dan Sommer in his editor's note. Sommer is publications manager at McAfee Avert Labs.

The journal is in part an advertisement for McAfee products. But it also includes reports by employees, such as Marcus, who is security research and communications manager for McAfee Avert Labs, on the newest security threats like SPIT.

Spam over Internet telephone (SPIT) will surpass e-mail counterparts, according to the journal. Telemarketers can bypass the national do-not-call list and make thousands of free calls using VoIP (voice over Internet Protocol). Spammers can use it to forge originating numbers and exploit unsuspecting VoIP users who will not expect phishing attacks coming from, for example, their bank's own phone number.

Other security threats covered in Sage range from mobile phone spyware to spam to endangered RFID (radio frequency identification) tags. There are also sections on statistics, including the fact that "35 percent of the packaged software installed on personal computers in 2005 was illegal."

Sage also covers topics like laptop security, and security risk management plans for people in the industry.

Featured Video

VTech hack exposes 5 million accounts, including kids' photos, chats

The toymaker stores personal data and photos in a way that may be easy for hackers to access. Also, Amazon shows off its latest design for delivery drones.

by Bridget Carey