McAfee offers 'Sage' advice on security issues

Published by McAfee Avert Labs, the second issue of Sage (PDF) was released on Wednesday. The journal, which made its debut in July 2006, is available from the McAfee Threat Center.

"The constant struggle between security personnel and malware authors is an arms race," said Dan Sommer in his editor's note. Sommer is publications manager at McAfee Avert Labs.

The journal is in part an advertisement for McAfee products. But it also includes reports by employees, such as Marcus, who is security research and communications manager for McAfee Avert Labs, on the newest security threats like SPIT.

Spam over Internet telephone (SPIT) will surpass e-mail counterparts, according to the journal. Telemarketers can bypass the national do-not-call list and make thousands of free calls using VoIP (voice over Internet Protocol). Spammers can use it to forge originating numbers and exploit unsuspecting VoIP users who will not expect phishing attacks coming from, for example, their bank's own phone number.

Other security threats covered in Sage range from mobile phone spyware to spam to endangered RFID (radio frequency identification) tags. There are also sections on statistics, including the fact that "35 percent of the packaged software installed on personal computers in 2005 was illegal."

Sage also covers topics like laptop security, and security risk management plans for people in the industry.