|
Sharing Security Developments, and Best Practices for corporate and home users
January 2007 - Posts
-
-
Many of the key currently unpatched vulnerabilities and their associated risk factors are being maintained here:
Microsoft Unpatched Vulnerabilities - ISC Master List
http://isc.sans.org/diary.html?storyid=1940
QUOTE: Vulnerabilities that are widely known and/or actively exploited are of great interest to our readers, here we try to keep an overview of them
|
-
While there have been noteable cases where sensitive information has been obtained by Internet crackers and criminals, the TJX security breach has started impacting folks and it's a good practice to always check banking and credit card statement vigilently each month.
TJX Security Breach - Stolen Credit Cards are being used
http://www.eweek.com/article2/0,1895,2087760,00.asp
QUOTE: Banking industry officials in Massachusetts are reporting that a string of local companies have already observed fraudulent activity related to the massive data breach reported by retail chain TJX Companies on Jan. 17.
Unlike many other highly publicized data losses reported by organizations such as the United States Department of Veterans Affairs, which have not yet been traced to any criminal activity, the information stolen from TJX during two specific incidents in 2003 and 2006 has already been put to use by fraudsters, according to the MBA (Massachusetts Bankers Association).
The MBA reported on Jan. 24 that several banks in the state, which is also home to the TJX corporate headquarters in Framingham, have reported incidents of fraud specifically related to the information that was lifted from the retailers' IT systems by unidentified outsiders.
|
-
AVERT Labs is a division of McAfee. This blog entry provides practical advise in being careful with email, websites, and protecting your PC with good security controls.
Internet Security - The Need for Common Sense
http://www.avertlabs.com/research/blog/?p=181
Quote: Memorizing lists of Do’s and Don’ts can be a bit daunting for people, so I’ve started advising people to look at their computer like it was their house. People can “come to your house” by email, via web-sites, by comment spam, by portable media or storage devices, whatever. Just like people can come to your real house by ringing your front door-bell, using the door-knob, crawling in a window, etc.
|
-
-
Users should continue to be cautious of all spam email and avoid all attachments.
Storm Worm - New Variants have Billing or Love Themes
http://www.f-secure.com/weblog/archives/archive-012007.html#00001094
QUOTE: A new round of malicious billing spam e-mails were received yesterday. All attachments have the filename of Rechnung.pdf.exe. Two variants emerged from these spams: W32/Nurech.X and W32/Nurech.Y.
Later in the day, the phrase "Love is all Around" was given a new meaning when another batch of Stormy was received. This new Stormy is still adhered to the theme of Love. Filenames of this new variant could be any of the following:
Flash Postcard.exe
Greeting Postcard.exe
Greeting Card.exe
Postcard.exe
flash postcard.exe
greeting card.exe
greeting postcard.exe
postcard.exe
|
-
This massively spammed trojan became the 1st MEDIUM risk virus for Symantec since May 2005.
ARTICLE: Storm Trojan Hits 1.6 Million PCs
http://www.informationweek.com/news/showArticle.jhtml?articleID=196903023
QUOTE: The goal of the Trojan seems to be to acquire a large botnet, or collection of compromised PCs, that can be used to send traditional scam spams or for later identity mining. Originally dubbed the "Storm worm" because one of the subject heads used by its e-mail touted Europe's recent severe weather, the Trojan's author is now spreading it using subjects such as "Love birds" and "Touched by Love," said Finnish anti-virus vendor F-Secure.
FIRST MEDIUM RISK VIRUS IN 18 MONTHS:
Symantec went to MEDIUM risk for the 1st time since May 2005, as most email threats have been well contained over the past 18 months.
http://www.symantec.com/security_response/writeup.jsp?docid=2007-011917-1403-99
|
-
It's rated as "low risk" as it requires user action plus it's probably unlikely to become a target for in-the-wild exploitation.
Microsoft Visual Studio ".rc" File Handling Buffer Overflow
http://www.frsirt.com/english/advisories/2007/0296
http://secunia.com/advisories/23856/
QUOTE: porkythepig has reported a vulnerability in Microsoft Visual Studio, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to a boundary error within the handling of ".rc" files that contain an overly long string after the "1 TYPELIB MOVEABLE PURE " text. This can be exploited to cause a stack-based buffer overflow and allows arbitrary code execution when a malicious ".rc" file is opened.
Successful exploitation requires that a user click on the "Ok" button or closes the message box when the "file not found" message box appears.
Affected Products: Microsoft Visual Studio 6 SP6 and prior
Solution: FrSIRT is not aware of any official supplied patch for this issue.
|
-
-
Unfortunately, this trojan horse disguised as breaking news coincided with one of Europe's most fercious storms. Please avoid all attachments on breaking news emails and check major news sites instead for pertinent information.
Storm Worm rages across the globe
http://articles.techrepublic.com.com/2100-1009_11-6151414.html
QUOTE: "Storm Worm," one of the larger Trojan horse attacks in recent years, is baiting people with timely information about a deadly, real-life front, security researchers said Friday. Over an eight-hour period Thursday, malicious e-mails were sent across the globe to hundreds of thousands of people, said Mikko Hypponen, chief research officer for F-Secure.
Storm Worm is already close to being as large as the bigger attacks of 2006, Hypponen said, though it's still smaller than Sasser and Slammer. People who open the attachment then unknowingly become part of a botnet. A botnet serves as an army of commandeered computers, which are later used by attackers without their owners' knowledge.
Additional Links below:
McAfee - DAT 4943 provides protection
http://vil.nai.com/vil/content/v_141316.htm
McAfee - Extra DAT protection
To receive an extra.dat file for this threat please visit: https://www.webimmune.net/extra/getextra.aspx
F-Secure: Small.DAM definition
http://www.f-secure.com/v-descs/small_dam.shtml
F-Secure: Storm-Worm spreads Quickly
http://www.f-secure.com/weblog/archives/archive-012007.html#00001087
EMAIL TO AVOID:
Subject:
230 dead as storm batters Europe
U.S. Secretary of State Condoleezza Rice has kicked German Chancellor Angela Merkel
A killer at 11, he''s free at 21 and kill again!
British Muslims Genocide
Attachment: Read More.exe, Full Clip.exe, Full Story.exe, Video.exe
|
-
This interesting weblog entry discusses an industrial strength client/server topology that's being used for spam generation. A server contains templates plus email addresses (e.g., 68GB worth - WOW). The spambot clients (a.k.a., zombies) then interact with the master servers to create all these text and image based spam messages we have to clean up after daily.
F-Secure: Commercial-grade redundant client-server backend systems for SPAM
http://www.f-secure.com/weblog/archives/archive-012007.html#00001085
QUOTE: Oh man, there's a lot of spam out there nowadays. The Warezov gang is using variants of Warezov and Medbot/Horst to send out medication and replica spam. The Rustock gang is using Mailbot.AZ and variants to send out stock spam. The Warezov gang is apparently operating from China and the Rustock boys from Russia.
Machines infected with Medbot use a client-server architecture. They connect to a central server to get further instructions as well as spam content and address lists. Then they get to the work of actually sending the spam.
The server addresses keep changing. Last week <<URL-removed>> was used to serve e-mail addresses to the bots. While investigating the case last week, we downloaded some 68 GIGABYTES of e-mail addresses from this server.
Another good example of the client-server architecture is the service running at <<URL-removed>>. This URL serves randomized HTML templates for different spam mails. The URL is live at the moment of this posting. If you access it and reload the page, you'll get a different spam template every time
|
-
-
The security primer is an excellent resource which summarizes key security risks and prevention techniques.
IT Security website - Network Security Primer
http://www.itsecurity.com/features/network-security-threats-011707/
Discussion of security risks and prevention techniques for:
1. Viruses and Worms
2. Trojan Horses
3. Spam
4. Phishing
5. Packet Sniffers
6. Maliciously-Code Websites
7. Password Attacks
8. Hardware Loss and Residual Data Fragments
9. Shared Computers
10. Zombie Computers and Botnets
|
-
-
An interesting 3 page article, as I definitely remember some past worms (e.g., Bugbear) that could infect network based printers and waste tons of paper. This article speculates that as other resources are hardened, currently unpatched resources like printers could become the next target? 
Article: The Surprising Security Threat Your Printers
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=277746
QUOTE: Networked printers — yes, printers — can open your corporate network to malicious attacks. They need security patches, too
... He described the kinds of mischief you could do with a compromised printer, including password-catching, password-snarfing (changing passwords), hijacking functions, grabbing print jobs and playing with a billing program. O’Connor, who says he has proved in his research lab that these hacks are possible, showed a video of himself exploiting these vulnerabilities in his lab during his Black Hat presentation.
... The question remains how many IT departments apply security patches to their printers. “One of the reasons this is a particularly nasty problem is that people don’t update their printer software,” security technologist Bruce Schneier wrote in his blog.
... The apathy toward printer security isn’t surprising, since printer attacks have been few and far between in recent years. That’s mostly because, right now, it’s easier just to hack PCs and laptops, says Dean Turner, senior manager for security response at Symantec Corp. But as those systems become more secure through tougher security standards and best practices, attackers will turn their tools to the next low-hanging fruit, Turner says. And unprotected printers are a logical target.
Bugbear and other viruses that can impact network printers
http://us.mcafee.com/virusInfo/default.asp?id=description&virus_k=99728
http://www.google.com/search?hl=en&q=printer+virus
|
-
-
This is a brief and interesting analysis by one of Kaspersky's analysts in Moscow. It illustrates the awareness that's still needed for wireless security protection.
Kaspersky Labs Blog - Please see JAN 16th entry
http://www.viruslist.com/en/weblog?calendar=2007-01
QUOTE: I live pretty close to the office, and my commute only takes about ten minutes - even in that time I was able to collect a fair bit of data which is shown in the picture below. Overall, I detected 40 Wifi networks: the totally unprotected networks are marked with a red dot, those with WEP enabled are marked with a yellow dot, and those with WPA are marked with a green dot.
Findings on the way to work
http://images.kaspersky.com/en/pictures/vlweblog-208187308.png
|
-
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=277590
QUOTE: In Hacking Exposed VoIP, which hit bookshelves last month, authors David Endler and Mark Collier argue that voice-over-IP technology “is about to hit critical mass” and will become a favorite security hole for hackers to slip through to disrupt IT operations. Endler and Collier hope their book can show not just how to crack a VoIP network — which it will — but also how to lock one down. According to Endler, who is director of security at 3Com Corp.’s TippingPoint division in Austin, hackers have begun to use VoIP in phishing exploits that emulate the interactive voice response systems of legitimate companies. “The rate of vulnerabilities will increase,” says Collier, chief technology officer at SecureLogix Corp. in San Antonio. Distributed denial-of-service attacks are likely and could be devastating to VoIP systems, Collier says, noting that even a modest DDoS attack could make it all but impossible to make VoIP calls because of quality-of-service issues. Then there’s the problem of privacy. “It’s extremely easy to listen in on a call,” Endler says. It isn’t that much harder to inject noise or even spam into VoIP communications.
|
-
-
As requested by the article, some brief comments are noted below:
1. I disagree with public disclosure of vulnerability details and exploit code, favoring private sharing with the vendors only.
2. Projects like MOBB, MOKB, and MOAB clearly demonstrate no product is safe and vendors need to work focus even more on making their products more secure.
3. Some findings might have a small benefit as vendors may patch security hole more expediently. However, this small gain in security is usually far out-weighed by arming the bad guys with leading edge exploit code that can be used against an unprotected public.
4. Microsoft and all vendors desire zero defects in their software, although it's not humanly possible. Security patches for any vendor are prioritized based on risk factors. With public disclosure, the inventories of outstanding patches might grow, because vendors scramble to provide protection for the unpatched leading edge exposures.
5. Softare vendors may need to add more folks and priority for security issues. Still, I see public disclosure often focused on embarassing the vendor rather than helping the cause of security.
6. Maybe there's some "middle ground" where as privately shared security concerns are logged with an assigned number and tracked publicly on websites. Very sketchy details would be shared on the nature of the vulnerability so there's a reduction of impact to the public, yet there might also be improved accountability by vendors.
7. As a bottom line, leaking even proof-of-concept exploit code to the public is dangerous, as it can be crafted into phishing, spyware, or worm attacks by folks who wish to harm others. I may have to "agree to disagree" with some of the security experts on perceived benefits of this process.
Vulnerability Disclosure: The Good, the Bad and the Ugly
http://www2.csoonline.com/exclusives/column.html?CID=28088
QUOTE: More than a decade into the practice of vulnerability disclosure, where do we stand? Are we more secure? Or less? If you see a glaring security hole in a sensitive application, what will you do? Will you notify the developer? The users? Other hackers?
|
-
Users and companies should ensure all JAN patches have been applied.
MS07-04 - Fully functional PC Hijack exploit developed in 3 hours
http://www.eweek.com/article2/0,1895,2082416,00.asp
Microsoft Security Bulletin MS07-004
Vulnerability in Vector Markup Language Could Allow Remote Code Execution (929969)
http://www.microsoft.com/technet/security/bulletin/MS07-004.mspx
QUOTE: The company's exploit takes aim at a "critical" bug in the way VML (Vector Markup Language) is implemented in Windows. It has been successfully tested on Windows XP SP2 and Windows 2000, with default installations of Internet Explorer 6.0. "This is a fully working exploit, [it] will give you full access to do anything on the target machine," says Immunity researcher Kostya Kortchinsky.
The exploit was created and confirmed in less than three hours after Microsoft's Patch Tuesday release on Jan. 9, a fact that clearly illustrates just how much the gap has narrowed between patch release and full deployment on enterprise networks.
In an interview with eWEEK, Mark Griesi, security program manager in the MSRC, said the risk is high because there is a remote unauthenticated attack vector that gives an attacker a way to hijack a vulnerable system without any user action. "That one should be your absolutely highest priority," Griesi declared.
|
-
This new ransomware worm written in Chinese and can physically delete files if you're not completely up-to-date on Microsoft security patches (e.g., exploits MS06-014). As a pre-caution on any destructive virus, always ensure you have a good backup system.
Also, never pay malware writers electronically as instructed by messages, as they may not be able to recover the files anyway and may also withdraw as much money as they can from an account.
Ransom-C - Destructive Chinese Ransomware exploits MS06-014
http://vil.nai.com/vil/content/v_141268.htm
QUOTE: More recently, websites were discovered to be hosting Exploit-MS06-014 that installs Ransom-C without a need for user interaction on vulnerable web browsers. They include legitimate financial news, medical websites, etc. that were believed to have been penetrated by the trojan author. When the exploit is successful, it follows to download and install a abc.exe.pif executable containing Ransom-C.
Our analysis shows that the files are not moved but effectively deleted from the infected computer including mounted drives on external media (e.g. memory cards, hard drives). This implies a reliable method to fully recover the files would be unlikely. Ransom-C drops a text file on the desktop reiterating its claims and reboots the system each time the pop-up window is closed.
|
-
This morning Sophos released several AV detection signatures for new Trojan Development kits circulating on the Internet.
|
-
While I still continue to use Adobe 8.0, I've been testing Foxit's PDF Reader and it truly works as advertised. Some observations include:
* 1.5MB Download (verses 20MB for Adobe 8.0)
* Almost instantly launches a PDF document (exceptional performance)
* Appears to be 100% compatible as a PDF reader (no issues found so far)
* Foxit can co-exist with Adobe 8.0 with no issues (you can make either your default PDF reader, by right mouse clicking on a PDF file and using the "Open With" facility.
* Adobe 8 has greater functionality, which is why it's much larger, (e.g., including web and other product integrations). However, in most cases these advanced functions may not be needed (esp. if you only want to view a PDF based document).
* The free version of Foxit will not integrate with IE so that you can view PDFs inside your browser (but you can download web based PDFs and then view them as documents, or still view them with Adobe 8 if desired). I see this as a minor trade-off for exceptional speed and full PDF reader functionality.
As a bottom line, Foxit is a keeper and nice free tool for PDF viewing.
Foxit Reader 2.0 for Windows
http://www.foxitsoftware.com/pdf/reader_2/down_reader.htm
Foxit Reader for Linux
http://www.foxitsoftware.com/pdf/desklinux/
Foxit Software - Home Page
http://www.foxitsoftware.com/
Foxit Reader End User License Agreement
http://www.foxitsoftware.com/pdf/rd_eula.htm
QUOTE: Foxit Reader 2.0 is a free PDF document viewer and printer, with incredible small size (only 1.5 M download size), breezing-fast launch speed and amazingly rich feature set. Foxit Reader 2.0 supports Windows 98/Me/2000/XP/2003. Its core function is compatible with PDF Standard 1.6. Version 2.0 introduces many exciting new features, including interactive form filler, multi-language UI support, on-demand download of add-on, self upgrade, Javascript support, improved printing speed, streamlined UI and much more.
WHAT FREE VERSION OFFERS: Foxit Reader 2.0 itself is free. As to add-ons, the critical add-ons are free while advanced add-ons are non-free. For example, you can use the following functions for free:
* View or print PDF document
* Fill out PDF forms and save them
* View PDF as text
* Critical add-ons, such as UI language package, JPEG2000/JBIG decoder, CJK package, GDI+ for early Windows version, etc
|
-
======================
New Security Bulletins
======================
Microsoft is releasing the following security bulletins for newly discovered vulnerabilities:
Important MS07-001 Vulnerability in Microsoft Office 2003 Brazilian Portuguese Grammar Checker Remote Code Execution
Critical MS07-002 Vulnerabilities in Microsoft Excel Remote Code Execution
Critical MS07-003 Vulnerabilities in Microsoft Outlook Remote Code Execution
Critical MS07-004 Vulnerability in Vector Markup Language Remote Code Execution
Microsoft Security Bulletins - January 2007
http://www.microsoft.com/technet/security/bulletin/ms07-Jan.mspx
|
-
It's always best to never open any attachments found in email messages. Virus writers will often use themes or special world events to trick folks into opening attachments.
New email viruses - Avoid all attachments related to Saddam
http://www.f-secure.com/weblog/archives/archive-012007.html#00001071
QUOTE: In a non-surprising move, malware writers are trying to exploit the publicity around the hanging of Saddam Hussein to their own advantage. So far we've seen three different examples of malware using Saddam-related themes.
These are now detected as W32/Banload.BSW, W32/Banload.BSX and Trojan-Downloader.Win32.Delf.acc. Two of these try to disguise their actions by opening up a YouTube page with the Portuguese search keyword "enforcado" (execution). More information is available in our descriptions: Banload.BSX, Banload.BSW and Delf.acc.
|
-
A good friend of mine shared this true account by email, which reflects the need to ensure your 401K account is safe from criminals out there. This full story found on the MSBNC account below is a good read.
Some safety tips for financial accounts include:
1. Very strong passwords on electronic access to any financial account
2. Use all the best practices of not sharing passwords, etc)
3. Only sign-up for 401K e-services you need (don't set up for bank EFT capabilities unless you need it)
4. Be careful how, when, and where you view your account (e.g., it's not good to view sensitive info on a public PC in a library or Internet Cafe)
5. Always look all banking, credit card, and 401K statements, monitoring your account for suspicious activity
6. Act on any incidents immediately, reporting this by phone and in writing to your 401K agency
7. Report to the SEC: enforcement (at) sec (dot) gov
8. If you've been done wrong, don't take "no as an answer - be persistent as documented in the case below"
9. Stay up-to-date on all OS, browser, and other software patches. Use a Firewall and a good Anti-virus product to ensure your system is clean from keyloggers, backdoors, or other malware
10. KEY TIP: The easier you make access for yourself, the easier it is for bad guys to invade your account, who are constantly looking for opportunities.
Article: IN AN INSTANT, RETIREMENT SAVINGS VANISH
http://redtape.msnbc.com/2007/01/one_moment_dave.html
QUOTE: One moment Dave DeSmidt had $179,000 in his 401(k) retirement account, the next he had nothing. In an instant, 25 years of savings had disappeared. With a few clicks, someone raided DeSmidt’s retirement account with J.P.Morgan & Co and ordered a full disbursement to a private checking account.
Then came the really bad news. While credit card and online banking accounts are legally protected in the event of fraud, DeSmidt’s brokerage account came with no such insurance. Two months after the theft, his balance still read $0. With hacking of brokerage accounts increasing, the legal gap facing DeSmidt and other victims has regulators and critics debating the need for new consumer protections.
‘I don’t have a clue’ The theft was the shock of a lifetime for DeSmidt, who plans to retire in a few years with his wife in their Mukwonango, Wis., home. "That was a pretty good chunk of what we were going to retire on," DeSmidt said. "I don't have a clue how it happened."
The theft occurred on Oct. 23, while DeSmidt was on assignment for his company in China, near Shanghai. Just before lunch, someone else logged onto J.P. Morgan's Web site from a computer connected to the Internet through Comcast Cable Communications in Cherry Hill, N.J., and entered DeSmidt's user ID and personal access code.
While DeSmidt slept on the other side of the world, his imposter found that he had a balance of $179,000.43 in his account. A few more clicks, and the DeSmidts’ linked checking account was changed to a Bank of America account and an electronic transfer of all available funds was requested.
SEC: Brokerage attacks ‘on the rise’
Computer criminals have made the logical progression from credit card fraud to online bank attacks and now to big-ticket brokerage accounts, analysts say. Hacker attacks on brokerage accounts make sense from a criminal’s point of view. Brokerage accounts tend to have higher balances, making them worthwhile targets. And while a six-figure transfer out of a checking account would surely trigger fraud pattern detection software, large transfers from brokerage accounts are fairly standard.
|
-
I've tried out the new Anti-RK tool and give it high marks. It must be carefully used by IT pros, as incorrectly removing legitimate start-up processes from a system can corrupt the OS startup environment. Still, I like it as a "discovery tool" as you can use it simply to "analyze and find" without removing or renaming start-up items like those found in rootkits or even hidden processes with legitimate software.
One great use of this is to examine a PC with pop-ups, slow-start ups, or possible spyware in the default mode and not check any removal boxes (simply to get an analysis of all hidden start-up routines). If a serious issue is found, other tools can analyze the environment and other special standalone tools or cleaners can be used.
While I found no rootkits in my testing, I did find 4 hidden start-up processes that I removed after research to ensure they were left-overs from products I had previously had on my PC at work. You remove by renaming (creating an *.REN extension), which allows recovery of a legitimate service if needed. My system is working great after using the tool and it seems to be a few seconds quicker now in booting up.
AVERT's Anti-Rootkit Beta - currently located here
and may move to another link later
http://vil.nai.com/vil/stinger/
AVERT - New location for Stinger utility
http://vil.nai.com/vil/averttools.aspx
The Rootkit Detective Beta can be downloaded here: http://download.nai.com/products/mcafee-avert/McafeeRootkitDetective.zip
QUOTE:
McAfee Avert Labs Rootkit Detective Beta
McAfee Rootkit Detective Beta is a program designed and developed by McAfee Avert Labs to proactively detect and clean rootkits that are running on the system.
McAfee Rootkit Detective should only be used by knowledgeable individuals at the direction of, and with the support of, a representative from McAfee Avert Labs or McAfee Technical Support. Improper usage of this tool could result in damage to your applications or operating system.
Download it
The Rootkit Detective Beta can be downloaded here.
Features
Following are the features of this program that are designed to proactively detect and clean rootkits from the system. This program is not dependent on any signatures and can proactively detect most of the existing and upcoming rootkits and allow the user to clean them.
- Designed to proactively detect the system objects like processes, files and registry that are hidden to the user.
- Provides information about all running processes in the system.
- Provides information about various system hooks like SSDT(System Service Descriptor Table) hooks, user/kernel IAT/EAT(Import/Export Address Table) hooks.
- Allows the user to clean/remove the malicious objects from the system by renaming/deleting the hidden files/registry.
- Allows the user to terminate the malicious processes.
- Users can submit samples using the submission feature present in the tool.
- Users can also collect the samples manually after renaming them and submit to stinger (at) avertlabs.com for further analysis.
|
-
This universal approach appears to be logical to use when studying for exams. Going beyond SQ3R, I'd recommend outlining chapters and even making audio summary tapes, CDs, or MP3s, that you can listen to in your car or walkman. Having a study partner to call out questions can also be helpful.
Exam preparation using SQ3R approach
http://www2.norwich.edu/mkabay/methodology/sq3r.htm
QUOTE: The key to passing the CISSP exam, in my opinion, is daily attention to expanding one's exposure to interesting and thought-provoking information and ideas in the field. As you know from my constant reiteration of the point in our classes at Norwich, I have nothing but contempt for cramming - it is not possible to remember what is learned in a rush for very long. Indeed, I teach all my students to use SQ3R (Survey/Question, Read/Recite, Review) a well-established study method that pays off with long-term integration and retention of knowledge.
Additional study techniques
While related to Project Management Certifications, they can be applied universally
http://www.allpm.com/index.php?name=PNphpBB2&file=viewtopic&t=498
|
-
More Posts Next page »
|
|
|