HTTP
HTTP
HyperText Transfer Protocol (HTTP) is the method used to transfer or convey information on the World Wide Web. The original purpose was to provide a way to publish and receive HTML pages.
Development of HTTP was coordinated by the World Wide Web Consortium and working groups of the Internet Engineering Task Force, culminating in the publication of a series of RFCs, most notably RFC 2616, which defines HTTP/1.1, the version of HTTP in common use today.
HTTP is a request/response protocol between clients and servers. The originating client, such as a web browser, spider, or other end-user tool, is referred to as the user agent. The destination server, which stores or creates resources such as HTML files and images, is called the origin server. Inbetween the user agent and origin server may be several intermediaries, such as proxies, gateways, and tunnels.
Definitions provided by Wikipedia - The Free Encyclopedia
HTTP Related Products
SnapGear can be deployed as just a firewall, as a VPN gateway, a UTM security appliance, or as a complete office network-in-a-box Internet appliance for small businesses, with all of the wide area networking tools needed to serve large enterprise remote offices.
More information
Secure Web (Webwasher) is the only Web Gateway Security solution available on the market that integrates caching and security, delivering bandwidth savings and reduced latency without compromising security! Coupled with Secure Web's #1 rated anti-malware engine and industry-leading TrustedSource global reputation service, Secure Web is security for the Web 2.0 world.
More information
Websense Enterprise is the leading employee Internet management (EIM) solution, used by more than 18,100 organizations worldwide, including half of the Fortune 500. As a server-based software solution, Websense allows you to transparently monitor, manage and report traffic flowing from your internal networks to the Internet.
More information
PatchLink Update is the number one selling patch and vulnerability management solution trusted by customers worldwide to protect their heterogeneous networks. With its patented Digital Fingerprinting Technology and the world's largest repository of patches, PatchLink Update continuously monitors networks to accurately and rapidly assess and remediate vulnerabilities. PatchLink Update ensures end-points are accurately patched and compliant for successful IT and regulatory audits, while reducing IT costs and improving productivity.
More information
F-Secure Anti-Virus Client Security offers protection against new breeds of threats. It is a centrally-managed solution consisting of tightly-integrated virus protection, spyware protection, desktop firewall, and intrusion prevention and application control software for desktop and laptop computers.
More information
The Inter-Business Vault enables the creation of secure instant wide area networks (WANs) for connecting enterprises with partners, customers and sub-contractors over the Internet - enabling them to exchange information as if they have deployed a shared WAN, but without actually doing so.
More information
AirMagnet's Handheld Analyzer is a convenient, inexpensive way to solve serious problems in the enterprise wireless LAN. The Handheld Analyzer helps IT staff make sense of end-user complaints to quickly resolve performance problems, while automatically detecting hundreds of security threats and other network vulnerabilities.
More information
Anytime, Anywhere, WLAN Monitoring and Troubleshooting. AirMagnet's WiFi Analyzer is the industry's most popular mobile field tool for troubleshooting enterprise Wi-Fi networks. WiFi Analyzer helps IT staff make sense of end-user complaints to quickly resolve performance problems, while automatically detecting security threats and other network vulnerabilities. Although compact, WiFi Analyzer has many of the feature-rich qualities of a dedicated, policy-driven wireless LAN monitoring system.
More information
AirMagnet Survey delivers fast, scientifically accurate site surveys for any 802.11a/b/g/n indoor and outdoor wireless network. This evolutionary software automatically gathers critical Wi-Fi and RF spectrum information from your enterprise network using multiple data collection methods and generates detailed Wi-Fi performance maps of the results for easy network deployment, capacity planning and optimization. It is the only survey solution to actively associate to APs and get real world uplink/downlink data rates, retry and packet loss information.
More information
GTA's platform-independent reporting software, transforms the data contained in GTA firewall logs into easy-to-read reports and charts. By using GTA Reporting Suite 2.0 network administrators have on-demand summary views of detailed log information which provide them with valuable insight into their network's utilization. Simply direct GTA firewall logs to the Firewall Control Center Server, which can be installed onto either Microsoft Windows or Linux hardware, and you're ready to generate intuitive reports.
More information
Today's dynamic Web 2.0 environment creates significant security challenges for organizations of all sizes. Protection is needed against Web-based threats and the numerous ways these threats attempt to enter and exit an organization - from Web sites and encrypted traffic to email or a combination of these methods. Solutions spawned in the Web 1.0 era will not meet the challenge. While Web 2.0 threats require all organizations and their security solutions to proactively protect all key Web protocols, most small to medium size businesses don't have the capacity or budget to deploy the numerous point security solutions needed for adequate protection.
More information
The ProxyAV 400 Series is a purpose-built solution designed for quick integration with ProxySG 800 for deployment in medium enterprise or distributed environments. It provides scalable performance with a choice of antivirus engines from Sophos and McAfee.
More information
AirMagnet BlueSweep is an easy-to-use freeware utility to identify and analyse any nearby Bluetooth device. As Bluetooth devices continue to become a bigger target for hackers BlueSweep gives Bluetooth users a way to know if their devices are vulnerable.
More information
Cyber-Ark's Enterprise Password Vault enables organizations to secure, manage, automatically change and log all activities associated with all types of Privileged Passwords such as administrator on a Windows server, Root on a UNIX server, Cisco Enable on a Cisco device, as well as embedded passwords found in applications and scripts.
More information
AirMagnet Planner makes it easy to build a detailed model of any WiFi environment. Simply load in a map of your location and simulate wireless performance based on the correct number, placement and configuration of APs. Tweak any number of these settings until you achieve full coverage for end-users while minimising signal bleed into unsecured areas.
More information
The AirMagnet Enterprise Analyzer for Cisco is a software-only Wi-Fi troubleshooting solution designed specifically for Cisco Unified Wireless Networks. The Enterprise Analyzer software cooperates with your Cisco Wireless LAN controllers and lightweight access points to collect Wi-Fi data for expert analysis.
More information
The Blue Coat SG810 Series represents the ultimate in a 1U rackmount proxy appliance platform. The 810 series is purpose-built, providing flexible control with wire-speed performance with up to 4GB of memory and 1.2TB of disk capacity. Utilizing a custom, object-based OS with integrated caching for performance, organizations can advise, coach and enforce granular policies down to individual users.
More information
The Blue Coat AV510 Series is a purpose-built solution designed for simple integration with Blue Coat SG810 and SG510 series solutions for medium enterprise or distributed environments providing scalable performance with a choice of antivirus engines.
More information
The Blue Coat AV810 Series represents the next generation in highend appliance platforms for enterprise Web AV. The AV810 series is a purpose-built appliance designed for scalable, enterprise performance, enterprise manageability, and factory-built integration with the Blue Coat SG
More information
With the same protection and acceleration features found Blue Coat's enterprise-grade SG8100 Series platform, the Blue Coat SG510 offers an affordable rack-mountable appliance solution for small enterprises and branch offices which have direct access to the Internet.
More information
Websense Express provides the industry’s leading content filtering and Internet security capabilities in a simple and affordable solution. It allows organizations under 1000 users to quickly and easily protect their employees from Internet risks by controlling access to inappropriate content and proactively blocking security threats before they have a chance to infect their systems.
More information
Protect and secure your Microsoft-based application infrastructure with a MSA Security appliance from Celestix's comprehensive product suite.
More information
Genesis 2.6 is RKeyTec’s flagship product. An expert system that optimises Microsoft Active Directory implementations allowing organisations to increase the security and ROI their entire Windows Infrastructure.
More information
v-Sentry is an exclusive new single-appliance, full application firewall that protects web applications and web services without sacrificing performance.
More information
i-Boost integrates seamlessly into any architecture without networking constraints. It supports both Transparent Proxy and Full Reverse Proxy modes.
More information
i-Trust is a strong, easy to use and affordable Web Single Sign On solution "Web SSO". The innovative idea introduced by Bee Ware is to use the Application Gateway as a primary Authentication Control Point. Running on the network perimeter, i-Trust agent first performs a secured perimeter authentication and then manages the application authentication. This new Web SSO concept is easy to deploy as it has no impact on the existing application infrastructure and is easy to manage thanks to its "User credentials" Auto Learning Mechanism.
More information
SIPassure is a VoIP Security Gateway, a new class of product that combines the best is a VoIP Security Gateway, a new class of product that combines the best features of an enterprise firewall, an Application Layer Gateway (ALG) and a Session Border Controller (SBC), with new innovative technology to take security for VoIP applications to the next level. SIPassure is designed to secure all Session Initiation Protocol (SIP) based applications including VoIP services, video conferencing and other messaging applications.
More information
Vital Security Web Appliance NG-5100 is Finjan’s real-time web security solution for small and medium-sized businesses. This all-in-one appliance offers the most comprehensive and advanced web security solution on the market, protecting your users from Spyware, Trojans and other types of web-borne threats. Featuring Finjan’s patented real-time content inspection technology, NG-5100 provides zero-hour protection from new vulnerabilities and emerging threats that often bypass signature-based anti-virus, URL filtering and heuristics-based solutions.
More information
Vital Security Web Appliance NG-6100 is Finjan's real-time enterprise web security solution for organizations with high availability requirements. This appliance achieves the highest level of protection against malicious code, securing corporate networks and users from Spyware, Trojans and other types of web-borne threats.
More information
Vital Security Web Appliance NG-8100 is Finjan's realtime web security solution for large enterprises and organizations. This appliance achieves the highest level of protection against malicious code, securing corporate networks and users from today's sophisticated and dangerous web-borne threats.
More information
The high-capacity NG-6600 is installed as an upstream transparent proxy, between the Vital Security Web Appliance and the Internet. Finjan's caching solution optimizes bandwidth utilization and enhances productivity, while our real-time security engines prevent malicious and inappropriate web content from entering the corporate network.
More information
As part of the industry's leading high-performance networking solution, the Juniper Networks DX application acceleration platform delivers a complete data center acceleration solution for Web-enabled and IP-based business applications.
More information
Protect your Internet gateway, mail servers, file servers, and mobile and desktop PCs with Trend Micro NeatSuite. An easy to manage solution, NeatSuite defends against hackers, viruses, worms, spam, spyware, bots, phishing attacks and inappropriate content. It delivers automatic threat prevention, protection and cleanup and supports other Trend Micro solutions for outbreak prevention and damage cleanup.
More information
Vordel XML Firewall protects XML applications from malicious attack and unauthorized access. By blocking a wide range of attacks on XML applications, it shields XML applications and allows them to be deployed in safety and confidence.
More information
Vordel SOAPbox allows developers to test the performance, scalability, and security of Web Services. Using SOAPbox, a developer can test how Web Services perform under load, how they deal with unexpected input, and what their traffic ceiling is. Vordel SOAPbox highlights security tokens, XML Signatures, and encrypted content in XML documents. SOAPbox supports established security technologies such as SSL and HTTP-Auth, as well as next-generation security technologies such as WS-Security and SAML.
More information
Spam, viruses, spyware, phishing, and inappropriate content can disrupt business operations and reduce productivity. Hidden in email and enabled by Web connections, these rapidly evolving threats consume network resources, drive up support costs, and endanger confidential information, employee privacy, and compliance efforts. Trend Micro™ InterScan™ Gateway Security Appliance is an all-in-one dynamic security platform that stops threats before they can damage your network.
More information
Now you can effectively secure your SharePoint environment with Trend Micro PortalProtect. It ensures the availability and security of this business-critical collaboration infrastructure, while also protecting the sensitive information resources by blocking viruses, worms and other malware and inspecting for inappropriate content or inadvertent misuse. One of the most mature solutions available, PortalProtect minimizes the impact on your infrastructure and administrators.
More information
Spyware can drain system performance and staff resources - fight back with Trend Micro Anti-Spyware Enterprise Edition. It delivers enterprise-class protection - high detection and automatic cleaning - in a small footprint. Anti-Spyware Enterprise Edition augments existing antivirus solutions. Preserve your investment in security infrastructure while protecting against all types of spyware, even those that use rootkits to avoid detection.
More information
Protect your users from viruses and malicious code by blocking them at the Internet gateway - before they reach endpoint devices and slow your network - with Trend Micro InterScan WebProtect for ISA. An easy-to-install addition to Microsoft ISA Server, InterScan WebProtect offers high performance, requires no additional hardware purchases and simplified management via a Web-based console.
More information
InterScan™ Web Security Appliance dynamically defends against Web-based attacks with integrated threat protection at the Internet gateway. Award-winning antivirus, anti-spyware, and a new Web reputation feature collaborate to prevent spyware downloads, block access to malicious websites based on reputation scoring, and detect spyware activity on clients to trigger agent-less cleanup. The Advanced edition also stops drive-by downloads by analyzing ActiveX and Java applets for threats, and blocks access to suspicious spyware sites by filtering URLs in real time. Compared to gateway security software, InterScan Web Security Appliance is optimized for faster deployment and less complexity to reduce the total cost of operations.
More information
Stop Internet threats when they try to enter your network with Trend Micro InterScan Web Security Suite. This software suite provides a complete solution that blocks spyware and malware attacks at the Internet gateway. It also prevents access to known malicious web sites and provides an option to clean infected end-user PCs.
More information
Kaspersky Security for Internet Gateway provides secure Internet access for all employees in the organization, automatically removing malicious and potentially hostile programs from incoming HTTP/FTP traffic.
More information
Protecting customer and other confidential data from malicious and accidental leaks is one of the top business and IT security challenges facing organisations today. Compounding this problem, CIOs and CSOs must protect their data amid pressure from regulatory and corporate compliance requirements, customer and competitive pressures, and the rising cost and publicity of data leaks. Websense® Data Security Suite is the leading solution for preventing data loss.
More information
Radware combined its purpose-built multigigabit application switching hardware with the powerful capabilities of the company’s APSolute™ operating system “classifier” and “flow management” engine. The result – AppDirector – enables accelerated application performance; local and global server availability; and application security and infrastructure scalability for fast, reliable and secure delivery of applications over IP networks.
More information
The Blue Coat ProxySG 210 provides an affordable appliance solution for remote offices where direct Internet access requires accelerated performance of business applications and granular control of web communications. At the edge of an organization’s application delivery infrastructure, the ProxySG 210 provides controlled acceleration of business applications across the globally-distributed enterprise.
More information
HTTP Related Product Families
Idealstor is a complete backup system with ejectable inexpensive IDE Hard Disks allowing users to run up to 12 simultaneous backups. A single bay unit will backup to 1 TB of data rising to 8 TB with an Idealstor appliance (native format).
More information
NorthSeas AMT is dedicated to a belief that good technology solutions are not necessarily overly complicated. NorthSeas brings to the e-mail management industry years of expertise in message switching and archiving from industries that demand integrity and efficiency such as telecommunications, financial services, and particularly, civil aviation.
More information
HTTP Related Industry News
Internet attacks up 28 percent in 2002 The Internet is an increasingly dangerous place for companies with cyberattacks up 28 percent for the first half of 2002 over the last half of 2001, according to a new report released Monday by security services company Riptech.
The Riptech Internet Security Threat Report tracked security data from the firewalls and intrusion detection systems of over 400 companies in over 30 countries from January 1 to June 30. Seventy-four percent of the companies in......
[more] ICSA Labs' Firewall 4.0 Certification Criteria is the First-Ever Customized Program to Test Products against the Unique Security Needs of Three Distinct User Groups Eleven Firewall Products Meet the Security Industry's Most Rigorous and Customized Testing Criteria MECHANICSBURG, Pa.--(BUSINESS WIRE)--Dec. 3, 2002-- ICSA Labs®, an independent division of TruSecure Corporation®, today announced that it has created the first testing and certification criteria that address the unique performance nee......
[more] Macromedia reports critical hole in Flash player Macromedia has warned of a "critical" security flaw in the latest version of its Flash animation player, and has advised users to install a new version that it released on the Web to fix the problem. The security flaw affects version 6 of the Macromedia Flash Player, which was released a year ago and has been installed on an estimated 75% of personal computers worldwide.
The vulnerability affects the integrity of the player's "sandbox", which i......
[more] VPN experts downplay 'splitting' headache At a time when protecting corporate networks is paramount, many users are steering clear of a feature of IP Security VPNs called split tunneling, a move that can give a false sense that remote-access networks are more secure than they really are, experts say.
Split tunneling was created to allow Web surfing and corporate VPN access simultaneously from remote PCs. The benefit of split tunneling is that corporations can conserve bandwidth needed for I......
[more] 802.3af powers up LAN, lowers cost The proposed IEEE 802.3af standard for supplying power over Ethernet cabling will ease deployment of IP telephones and wireless access points, and reduce the cost of powering the devices. Currently in draft status, the standard is expected to be ratified by June.
Traditionally, IP phones have required two connections: one to the enterprise LAN and another to the electrical AC network. Other network devices, such as wireless LAN access points, laptop compute......
[more] Lock up your computers! Crime is everywhere Did you know that 61 per cent of British businesses suffered computer-related crime last year? This astonishing statistic is supplied courtey of the British Chamber of Commerce. And if that were not hyberbolic enough for you, how about another "fact":
"93% of firms experienced a virus attack or irregular intrusion" last year. That's what the BCC claims, entirely plausibly we think
It is difficult enough to make a living as a plumber. or a haird......
[more] CA Pushes New Physical And IT Security Interoperability Standard The company unveiled the Open Security Exchange, which seeks to promote vendor-neutral specs for integrating the management of security devices and policies. Computer Associates is spearheading an initiative to create a standard that will allow physical security devices, such as building access cards, to interoperate better with traditional IT security applications, such as provisioning and access management apps and smart cards us......
[more] Comerica selects Cyber-Ark Valuting Solutions Companies to Deliver “User-friendly Security” that Automates and Safeguards Confidential Communications with Thousands of Treasury Management Customers over the Internet. Detroit and Dedham, Mass., — May 5, 2003 — Comerica Incorporated (NYSE: CMA) and Cyber-Ark® Software Inc. today announced that Comerica’s Treasury Management Services has selected Cyber-Ark’s Vaulting Technology™ to streamline and protect Internet-based communications with thousand......
[more] Fizzer Worm Wallops World Complex new virus spreading fast. The Fizzer worm, which first caught security experts' attention last Thursday, is hitting computer users across the globe early this week, spreading through email and popular file-swapping networks.
Tonight on "Tech Live," get the very latest news on Fizzer, and see how to get rid of this new menace.
Security firm MessageLabs says its scanners caught 18,000 email messages containing Fizzer on Monday alone. The virus spreads in m......
[more] Web applications open to hack attacks Resulting 'serious flaws' leave 97 per cent of sites open to abuse Only three per cent of web-based applications are secure enough to resist hackers, according to research.
Tests conducted on behalf of application testing specialist Sim Group show that 97 per cent of websites have 'serious security flaws', leaving data and systems open to abuse.
If the situation continues, trust in online services could be damaged, deterring already nervous consumers f......
[more] Barclays scam email exploits new IE flaw Con artists have begun using an address-hiding flaw to trick Barclays' online banking customers into revealing their personal details Customers of Barclays and other UK banks have been targeted by fraud emails that exploit a recently discovered vulnerability in Internet Explorer allowing attackers to disguise Web addresses, according to security experts.
The Barclays scam email appears to come from the bank, and directs customers to a site posing as B......
[more] Microsoft dodges Mydoom onslaught Microsoft is likely to largely escape unscathed by an attack from a Mydoom virus variant due today Security experts say the software giant's technical resources, bugs in Mydoom.B and the limited spread of the virus will cut damage to a minimum.
By contrast SCO's website has been unreachable for days thanks to the data barrage launched by the virus.
Anti-virus firms say the Mydoom outbreak seems to have peaked as infected PCs are found and cleaned up.......
[more] Why you must install a firewall -- now Anti-virus software won't protect you from the latest type of worm affecting Windows systems: you need a personal firewall. Here's why there's never been a better time to take this extra precaution If you haven't already installed a personal firewall on your Windows computer, consider this your last warning. MSBlast, the worm that exploited the buffer overflow in Windows' DCOM RPC protocol, wasn't the sort of email-borne pest that anti-virus software is goo......
[more] Security Flaw Found in Firewall Software Two dangerous software flaws that could become attractive targets for hackers have been discovered in widely used computer-security software made by Check Point Software Technologies Ltd If hackers create programs to exploit the flaws, which security experts found in Check Point's firewall and virtual-private network software, they could wreak havoc on the corporate networks they're designed to protect.
Check Point's firewalls are used to control Inte......
[more] US Government combats cyber terrorism The Department of Homeland Security's (DHS) implemented its National Cyber Alert System The system is designed to warn computer users of attacks from a growing army of online worms and viruses. Coincidentally, the official launch of the system by their National Cyber Security Division (NCSD) came hot on the heels of the MyDoom worm that clogged e-mail arteries around the globe.
In a further quirk of timing, the system experienced a baptism by fire when M......
[more] Security Flaw Found in Firewall Software Two dangerous software flaws that could become attractive targets for hackers have been discovered in widely used computer-security software made by Check Point Software Technologies Ltd If hackers create programs to exploit the flaws, which security experts found in Check Point's firewall and virtual-private network software, they could wreak havoc on the corporate networks they're designed to protect.
Check Point's firewalls are used to control Inte......
[more] 'Protect PCs' Microsoft users told Security experts have warned PC users running Microsoft Windows to make sure their anti-virus software is updated It comes after Microsoft earlier said that a critical flaw in its latest versions of Windows operating systems could leave PCs vulnerable to hackers.
It has urged home users and firms to download the free software repair patch from its website to fix it.
If users do not download the patch, and protect their computers, they could be left open......
[more] Police arrest Forces Reunited 'hacker' Police have questioned a Lancashire man suspected of hacking the Forces Reunited Web site The unnamed 29 year-old from Chorley, Lancashire was arrested and questioned last week by Wiltshire Police probing a cyber attack against the military equivalent of the popular Friends Reunited. After questioning, the man was released on police bail pending further inquiries.
A number of computers were seized from the man’s address and will now undergo forensic ex......
[more] F-Secure Antivirus Sales Record High During The Last Quarter of 2003 F-Secure reported revenues of 10.8 million euros for the 4th quarter of 2003 and 39.0m for the full year. The operating result was EUR 1.3 million positive for the fourth quarter. For the full year of 2003 the operating result was EUR 1.5 million positive and Profit Before Tax 4.3 m positive. The antivirus sales were record high and revenues increased by 40% in Q4 and by 21% in 2003. The good progress was due to positive develo......
[more] AirMagnet Unveils New Distributed WLAN Security and Performance Solution AirMagnet, the leader in wireless LAN (WLAN) security and performance solutions, today announced an entirely new version of its Distributed WLAN security and performance system. AirMagnet Distributed 4.0(1) includes a completely new network dashboard, advanced rogue access point (AP) blocking and tracing, extended security and performance policy management, and more than a dozen other new features that allow increasingly d......
[more] Comcast cutting off spam 'zombies' Internet service provider Comcast Corp. is cutting off Internet service for some customers whose computers are being used to relay spam messages, according to a company spokeswoman. Comcast has been contacting customers whose machines are being used as "zombies" to forward spam e-mail with warning messages. In some cases, the company has cut off Internet access to customers, some of whom are unaware their system is sending out the commercial solicitations, sai......
[more] SurfControl Helps Companies Strategically Manage Spam and E-Mail Threats Through New Online Tool ROI Calculator for Anti-Spam Tools Helps IT Managers Quantify and Communicate the Costs and Benefits of E-mail Filtering Solutions SurfControl, the world's number one Web and e-mail filtering company, today announced the availability of a free online resource to help corporate IT managers quantify the cost of spam and assess the business value of e-mail filtering solutions.
According to a recent stu......
[more] Witty worm exploits hole in ISS security product A new worm that exploited a hole in some of Internet Security Systems Inc.'s (ISS') intrusion protection products seems to be dying down after affecting thousands of IP (Internet Protocol) addresses since Saturday The so-called Witty worm, affecting some versions of ISS' BlackIce and RealSecure intrusion protection products, is "highly malicious" because it slowly destroys the system it infects, according to an alert from Lurhq Corp., a managed se......
[more] Eliminating Spam Requires Team Effort Online sales pitches for home mortgages, human growth hormones, dating services and, in some cases, hardcore pornography are deluging e-mail inboxes. This flood of so-called spam now reportedly accounts for more than half of all e-mail.
Spam is more than just frustrating; it can contain computer viruses, worms or other malicious code that is designed to damage computer networks, files and hard drives. Some spam is designed to download programs onto reci......
[more] Sober and Bagle Make a Dangerous Return This past Friday also brought a new Bagle variation (what else is new?). W32/Bagle.U-mm brings up the Window's Hearts card game when it infects. Bagle.U comes with blank message body, and a randomly named .EXE attachment. Like other Bagles, it opens a back door, and attempts to contact various web servers. It has been rated a medium to high threat by antivirus vendors. See our Top Threat W32/Bagle.U for more information.
A new version of the Sober vir......
[more] Web Braces for Netsky.V's Attack Worm's latest variant exploits old vulnerabilities and spreads without an attachment. The latest variant of the hugely effective Netsky series of worms is causing trouble by spreading without the use of an attachment. Slipping past many e-mail gateways, it can launch simply by being viewed in an e-mail program.
Rather than attaching the worm's executable code to an e-mail message, Netsky.V uses two separate vulnerabilities in Microsoft software to download th......
[more] Should you patch if your security-monitoring processes are good? The big news last week wasn't that Microsoft released a spate of (actually, four) security patches - it was, after all, the first Tuesday of the month, the day designated for patch release. The big news was in the form of a "good news - bad news" situation.
The good news was that more of you than ever downloaded the patches from Windows Update almost as soon as they were released.
The bad news was that Microsoft wasn't prep......
[more] 'Osama' Spam Onslaught Leads to Trojan A persistent new spam campaign that purports to show recipients pictures of Osama bin Laden being captured is in fact a ruse that could lead victims to download a malicious Trojan.
The e-mails have been flooding inboxes all over the Internet since Thursday, carrying a subject line that reads: "Osama bin Laden Captured." The sending address is spoofed, and the messages often appear in tightly grouped batches of eight or 10 e-mails at a time. The text of......
[more] CyberGuard Corporation Acquires Webwasher AG CyberGuard Corporation, the technology leader in network security, today announced that it is acquiring German high-end content security vendor Webwasher AG. Under the terms of the agreement, which was signed yesterday, CyberGuard will pay $40 million in cash and CyberGuard shares and up to an additional $10 million on a contingent basis for all of the shares of Webwasher. Webwasher will operate as a wholly owned division of CyberGuard.
"Adding t......
[more] Police arrest KPU website hacker The Jakarta Police announced on Monday they had arrested a man suspected of hacking into the General Elections Commission (KPU) website. Dani Firmansyah, a 25-year-old Information Technology staffer at PT Danareksa, was arrested on Thursday afternoon at his Central Jakarta office in the first high-profile cyber crime case to be successfully unraveled by the police.
Dani, who is also in his final year of study at the School of International Relations, Universi......
[more] Cyberslacking pays handsomely for some Every time you shop online or download porn at work, you're helping build a $562m industry Cyberslacking, or using the boss's bandwidth for personal activities like e-shopping or porn downloading, isn't just a corporate vice. According to a new study, it's helping spawn a $562m industry known as employee Internet management, or EIM.
"EIM is big business," said Chris Christiansen, research director for IDC's Internet Security Division. And Christiansen sh......
[more] HTML e-mail not worth the risk Many people are sending HTML e-mail for no obvious reason or benefit. HTML e-mail can be recognized by colored backgrounds or typefaces. It sometimes has designs or other decorations in the messages. Unfortunately, HTML e-mail is a security risk.
HTML messages can easily contain unwanted, mislabeled links, Web bugs, harmful active content, and outright worms and viruses.
Richard Smith warned of emerging e-mail vulnerabilities in 1999, when he listed dozens......
[more] China Struggles With Spam Foreign spammers export junk e-mail from Chinese servers, as country fights incoming spam problems of its own. Suresh Ramasubramanian knows about outsourcing. The company he works for, Hong Kong-based Outblaze, has made a business out of running e-mail and Internet services on behalf of other companies. But there is an outsourcing trend he and others are fighting to stop.
As China marks the tenth anniversary of its first full connection to the Internet, the growing......
[more] Bookie reveals $100,000 cost of denial-of-service extortion attacks "Our first attack was in November last year. We got a demand for $50,000 from an unidentified source." These are the words of a UK-based online bookmaker who has agreed to speak to silicon.com, on condition of anonymity, to reveal the full scale of the denial of service extortion threats that betting sites have been battling against for nine months.
The above scenario will be familiar to anyone involved in online betting. S......
[more] Old-school worm loves Windows applications The latest Lovgate worm variant can destroy access to hundreds of Windows applications as it spreads The latest variant of the Lovgate worm scans PCs for executable files and then renames them, a tactic used by viruses from a much older generation, according to antivirus companies.
The Lovgate worm first appeared in February 2003 and has since mutated many times. The most recent versions of the worm -- Lovgate.AE and Lovgate.AH -- were discovered on Su......
[more] European firms expect virus attacks to double Most large European companies are expecting the number of virus attacks to double over the next 10 years, according to a survey conducted by MessageLabs Email security firm MessageLabs on Monday said that almost 70 percent of European companies expect the number of email viruses to double over the next 10 years while 40 percent expect payloads to become more destructive.
This negative attitude comes despite software developers -- like Microsoft -- c......
[more] Security flaw found in Mozilla browser Developers on the open-source browser have released a fix for a vulnerability that affected PCs running Windows XP Developers at the open-source Mozilla Foundation have confirmed that the latest version of their Web browsers have a security flaw that could allows attackers to run existing programs on the Windows XP operating system.
The flaw, known as the "shell" exploit, was publicised on Wednesday on a security mailing list, along with a link to a fix f......
[more] High-speed wireless begins its standardisation journey The Institute of Electrical and Electronics Engineers (IEEE) will begin sifting through a record number of proposals for a high-speed amendment to the 802.11 standard next week, but wireless chip makers are already jumping the gun with pre-standard products.
802.11n is intended to more than triple the real throughput of wireless LAN (WLAN) by focussing on enhancements to the MAC (media access control) interface, rather than the physical l......
[more] August It Is For XP SP2
After almost a year of beta testing, Microsoft's Windows XP overhaul is finally ready for public consumption.
The oft-delayed Windows XP Service Pack 2 (SP2) will be released in early August as a free download optimized for both broadband and dial-up customers, a company executive confirmed.
"At this point, it looks like RC2 will be the final release candidate. We are on track to RTM (release to manufacturers) in August," said Matt Pilla, Senior Product Manager for......
[more] Have a flutter on a worm When will the next big worm strike be? Who will be the next high-profile victim of a DDoS attack? If you know, you could make money at Tradesports.com Controversial Irish Web site Tradesports.com will soon accept wagers on IT security disasters, such as the timing of the next big Windows virus or the most likely victim of a future DDoS attack.
Futures market broker Tradesports.com has been criticised in the past for allowing its customers to gamble on controv......
[more] ISPs look inward to stop spam Many major ISPs recently have come to this realization about the fight against spam: They are both part of the solution and part of the problem.
Every U.S. ISP uses anti-spam techniques to catch unwanted messages coming into their networks before they reach users. Recently, thanks to the urging of industry groups and coordination among providers, ISPs also are taking measures to limit the spam emanating from their networks. While no one is declaring the war......
[more] Service Pack 2: Patching the unpatchable Windows XP Service Pack 2 addresses many of the security problems of the past few years. But it can't do much about this year's model Two and a half years after promising a secure Windows, Microsoft is within a month - maybe - of releasing Windows XP Service Pack 2. It will do a lot to fix viruses and Trojans, but like a tired old general always fighting the last war it won't do much for the current and most lethal security threats we face.
Spyware is mo......
[more] Dell attempts to mitigate curse of spyware, trojans Giant PC Maker Dell has started a web site to guide the unwary about the wicked and annoying curse of spyware and viruses.
The web page provides a guide to how you secure your PC, and it also gives a few packages you could buy to stop your machine from slowing down or worse.
Not that Sunbelt, AOL 9.0 and Symantec may be the best software packages to prevent PC hell.
What's true is that many people in our broadband ready PC-laden world are......
[more] New SurfControl Resources Help IT Managers Increase the Value of IT Investments Deployment and Best Practices Guides Help Reduce Vulnerabilities and Optimize Network Resources Despite predictions for increased IT spending in 2004, many network managers are still facing pressure to help lower the total cost of ownership of the corporate network infrastructure, reported SurfControl (London: SRF), the world leader in enterprise Web and e-mail filtering. In response, SurfControl today introduced Su......
[more] Banks skewered by new Web scam Major companies, including several banks, have left themselves wide open to an online scam that could see malicious hackers get hold of thousands of people's personal and confidential details, including their bank account and credit card details.
Those affected include Barclaycard, Mastercard, NatWest, WorldPay, Reuters, Sky, even the UK's government listening post, GCHQ. Many hundreds of other sites are likely to be similarly affected.
UK security researc......
[more] Microsoft details XP SP2 conflicts Software giant publishes lift of nearly 50 programs that do not work after XP SP 2 is installed Microsoft Corp. has published a list of nearly 50 applications and games that may not work correctly after installing Service Pack 2 (SP2) for Windows XP.
The list, published in a knowledge base article on Microsoft's Web site, includes developer and backup tools, antivirus software and an FTP (file transfer protocol) client. The applications may not work correctly......
[more] New Download.Ject Attack Hits IM Networks The Download.Ject malware attack has resurfaced, using the popular AIM and ICQ instant messaging networks to spread itself.
According to an alert from PivX Labs, the worm targets several known flaws in Microsoft's Internet Explorer (IE) browser to redirect compromised machines to Web sites displaying adult advertisement and referral links.
PivX Labs described the latest attack as a variant of the Download.Ject attack, which hijacked a large number of......
[more] Who gives the best IT service and support? ZDNet UK is looking for the company that provides the best service and support for business IT purchases in the UK. This is your chance to nominate your best supplier. Have you had outstanding service and support from your IT supplier? If so, we want to hear about it. Your testimonial could help your supplier win the coveted IT Service and Support award in the CNET Networks UK Technology Awards 2004.
We are looking for those technology vendors -- wheth......
[more] SP2 May Spell Trouble for Agentless Patching Microsoft Corp.'s Windows XP Service Pack 2 has thrown patch management vendors into a tizzy. IT managers should be interested because, in an ironic twist, SP2 will likely make it harder to keep desktops and laptops up-to-date with the latest patches. The chief cause of the patching dilemma is the new Windows Firewall, which will be installed by default when desktop and laptop systems get SP2 through Microsoft's widely used update mechanisms. eWEEK La......
[more] Future Windows component could spur old-school viruses A planned component for Microsoft Corp.'s next version of Windows is causing consternation among antivirus experts, who say that the new module, a scripting platform called Microsoft Shell, could give birth to a whole new generation of viruses and remotely exploitable attacks.
Microsoft Shell, code-named "Monad," is still in development and is planned for release with the next version of Windows, known as "Longhorn." Monad will allow deve......
[more] Windows XP SP 2 - Helps control malware... but watch out for that firewall! The dust is finally settling after Microsoft's long-anticipated release of Windows XP Service Pack 2. This gargantuan set of patches and new features, which weighs in at a whopping 270 megabytes, is chock-full of new security fixes and capabilities. In fact, this release is more security-centric than any Service Pack we've seen from Microsoft ... ever! Of the myriad security features built into XP SP 2, including softwa......
[more] Security concerns put MSN Messenger beta on hold Microsoft has suspended the beta testing of the next version of its MSN Messenger client because of a potential security problem, a company spokeswoman said Wednesday. Testers discovered a potential security issue in the early version of MSN Messenger 7 shortly after Microsoft made the instant messaging client available to a select group of testers over the weekend, according to postings on MSN Messenger enthusiast Web site Mess.be.
The problem l......
[more] Noomy.A virus spreading via chat rooms IRC users hoodwinked with promise of software cracks and Kournikova screensavers Security experts have warned internet users to update their antivirus systems to protect against a newly discovered worm dubbed Noomy.A, which "could represent a new trend in malicious code techniques".
PandaLabs said that, although this sophisticated and dangerous worm has not yet spread significantly in the wild, it has a series of unusual but potentially effective character......
[more] Find the Web's Worst Security Flaws The SANS Institute identifies the top 20 Internet vulnerabilities of the year. IT security and research organization The SANS Institute is releasing its annual Top 20 list of Internet security vulnerabilities this week, with the intention of offering organizations at least a starting point for addressing critical issues.
"When you tell your systems people to test for thousands of vulnerabilities, your enterprise comes to a stop. What the Top 20 does is give y......
[more] Microsoft Probes Flaw in ASP.NET A glitch in the platform's processing of URLs could allow intruders to access password-protected sections of a Web site simply by altering a URL. Microsoft Corp. is investigating a reported security flaw in its ASP.NET technology that could allow intruders to access password-protected sections of a Web site simply by altering a URL.
The hole involves a glitch in ASP.NET's processing of URLs, a process known as canonicalization. According to an advisory posted Tu......
[more] Hackers can launch attacks over IM Hackers have created a 'proof-of-concept' instant messaging tool that can scan and disable networks Security experts have discovered an instant messaging tool that could change the way denial-of-service (DoS) attacks are performed.
Combining the open-source tool nmap -- a program that discovers devices on a network -- with an IM bot, hackers can infiltrate, steal information and carry out denial-of-service attacks on networks, says the director of security for......
[more] Google desktop search sparks security scare Risk of identity theft from public access PCs, warns security firm Google's newly released desktop search application creates profound security and privacy risks for any companies with public access PCs, security experts have warned.
"In a shared environment people can use this powerful Google search tool to deeply mine data from public access terminals," John McIntosh, managing consultant with IT and security consultancy Heulyn, told vnunet.com.
"Fi......
[more] Google patches one security hole, but another surfaces Search engine darling Google Inc. has patched a hole in its search engine the could have allowed malicious hackers to modify the content of the Google search results page or silently modify search results, but a new hole may have already appeared.
The vulnerability concerns the Google Custom WebSearch service, which allows third-party Web portals and other Web sites to use Google's servers to search content on their Web site. A flaw in Goo......
[more] Swash virus more of a washout, advises Sophos Sophos is advising users not to be alarmed if they hear mention of a new Windows email virus known as "Swash", or "Swash-A. It is easy to overreact when a virus appears sporting a brand new name and a variant letter of "-A", not least because the virus may sound newer than it really is.
Sophos advises that this "new" virus falls more naturally into the Mydoom family and should easily be recognisable as such. Sophos Anti-Virus, for example, has been......
[more] Hoax virus warnings and spam scams: The top 10 Here's what's been fooling email users this summer... The full top 10:
1. JDBGMGR (accounts for 14 per cent of all reports) - A hoax virus warning relating to the Microsoft debugger registrar for Java. Verdict: The purported seriousness of this virus warning has been eating up bandwidth worldwide. If you receive such a warning check with your anti-virus firm before mailing it out to everybody you know. They are invariably a hoax.
2. Budweiser fro......
[more] Google Desktop Security Warning Issued Two analysts issued independent warnings today suggesting Google's Desktop Search tool -- released in October -- poses security risks for the enterprise.
The most significant threat is when desktop search is used while connected to a virtual private network (VPN), according to Dana Hendrickson, an analyst with VPN Central.
In a similar alert issued to Meta Group clients, analyst Timothy Hickernell wrote, "Companies must be aware of potential security r......
[more] Aladdin Identifies Potential Mega Virus Related to JPEG Vulnerability Aladdin Knowledge Systems, Ltd. today announced it has identified a potential \'mega virus\' stemming from the recent JPEG vulnerability. Aladdin content security specialists based in Haifa, Israel have pinpointed three scenarios that could lead to a wide-spreading virus affecting organizations around the globe.
Mr. Shimon Gruper, vice president of technologies for the Aladdin eSafe Business Unit, outlines three possible sce......
[more] Spyware on German Firefox 1.0? Rumours that the German Firefox 1.0 browser is riddled with spyware aren't true, promises Mozilla.
The browser has been getting rave reviews - except in Germany where some users believed they'd downloaded something they'd be trying to get away from.
That was because the dot de version had an eBay function.
"We wanted to incorporate a search plug-in for eBay as we believe it would be useful to our users," says Mozilla.
Anyway, "The only purpose for any trackin......
[more] Google Stumbles With New Desktop Tool Google wants to help you effectively access the piles of information you store in the documents, e-mail messages, Web pages, and contact lists stuffed on your PC. And who better to help you than the most popular search engine on the Net, right? Not so fast.
Though it lacks a few features, the beta version of Google Desktop Search does give the same satisfying results for your PC that Google.com provides for the Web. But as it's designed now, GDS also deliv......
[more] A guide to proactive network security Behind our daily barrage of hacker attacks, announcements of new viruses and worms, and frequent risk of downtime is an opportunity. This is your opportunity to step away from the noise, for a moment, and take steps to build a more proactive network security model for your organization.
Countermeasures like firewalls or anti-anything (antivirus, anti-spam, anti-spyware, etc.) are all reactive security tools. They are necessary countermeasures and a part of......
[more] Russia has launched a computer virus against Chechen sites "Kavkaz-Center” administration announces that beginning from the evening of December 7 the main server www.kavkazcenter.com, located in Sweden, has been exposed to a strong DOS attack.
In the afternoon of December 8 the AntiVirus company F-Secure, dealing with the problems of net- and computer security, informed “Kavkaz-Center” administration that the company experts had spotted in one of the spread out in today’s internet so called vi......
[more] 2004 Review of the Year: Security Security has remained high on the agenda throughout the IT recession, and the year has seen some major steps forward, and a few steps back.
The year started with news of a worm that was going to make life difficult for systems administrators all year. MyDoom was detected in the wild in January, and the next month launched a denial of service attack against Microsoft.
There was more trouble for the company the following month when the FBI was called in to in......
[more] CyberGuard Boasts Two Product Lines In SC Magazine Global Awards Finals CyberGuard Corporation, a provider of proven, intelligent, security solutions that protect business-critical assets at Global 2,000 organizations and government entities worldwide, announced today that its line of premium firewall/VPN appliances and Webwasher Content Security Management (CSM) Suite 5.1 have been named finalists in the 2005 SC Magazine Global Awards in the "Best Firewall" and "Best Content Filtering" categor......
[more] Spyware: Is it clogging up your network? The cause of intermittent network connectivity problems can be hard to pin down in complex modern systems, but checking for spyware is a good place to start Organisations frequently ask me for assistance in diagnosing and resolving Internet problems. After a bit of detective work, I usually find that the problems are not really an Internet security issue. There's so much complexity in the corporate network these days, and so many places where a problem ca......
[more] Google Changes Algorithm to Fight Spam With the huge popularity of Blogs, it was only a matter of time before spammers realized that they could exploit Blogs by turning them into spam farms. Google’s algorithm relies partly on the link popularity and link reputation of a website. Spammers have been known to increase their search engine rankings by inserting their link on every Blog they can find. The result is that these spammers are artificially inflating their search engine ranking using ille......
[more] Why standards are important for wireless security Industry standards play a critical role in R&D, product development and marketing initiatives which in turn help organizations meet their business objectives. Standards simplify product development and reduce non-value-adding costs, thereby increasing a user's ability to compare competing products. Standards also represent fundamental building blocks for international trade and communications.
Successful businesses benefit from standards both......
[more] Patch now against virus-writing clowns F-Secure yesterday urged users of its anti-virus products to apply security patches following the discovery of potentially serious security vulnerability in 18 of its products. The security bug - unearthed by security researchers at ISS - involves flaws in the processing of ARJ archive files by an antivirus library that give rise to possible buffer overflow attacks. Desktop, server (Linux and Windows) and gateway version of F-Secure's security products all......
[more] PatchLink Update receives five out of five rating from Windows IT Pro In the February 2005 issue of Windows IT Pro Magazine, PatchLink Update received a "5 out of 5" product review rating from the publication. Receiving only positive comments, the patch and vulnerability management software product from PatchLink Corp. was noted for its large multivendor repository of tested patches and flexible policy-based configuration. The reviewer emphasized the comprehensive product's scalability, recomme......
[more] SurfControl E-mail Filter Receives Five Star Stating From CRN E-mail Filtering and Anti-spam Solution Achieves CRN Test Center Recommended Status From Leading Reseller Publication SurfControl, the world leader in enterprise Web and e-mail filtering, today announced SurfControl E-mail Filter has received a Five Star Test Center Recommended rating from CRN. The SurfControl e-mail filtering solution, which enables businesses to protect people, systems, and information from spam, spyware, phishing......
[more] Does Your Wi-Fi Hotspot Have an Evil Twin? Identity thieves are going wireless in their quest to steal your personal info. You may want to think twice before logging into a public wireless hotspot. Sure, grabbing a few minutes of connectivity is convenient, but identity thieves are discovering that, through "evil twin" attacks, hotspots are a great way to steal unsuspecting users' private information.
So how does an evil twin attack work? Let's say that I'm a hacker. I set up my computer to tra......
[more] Vernier Networks Wins eWEEK Excellence Award for Network Data-Stream Protection Vernier Networks today announced that its Adaptive Security Platform, EdgeWall, has captured eWEEK's Fifth Annual Excellence Award in the "Network Data-stream Protection" category and was selected from among hundreds of entries.
"We are honored to receive the eWEEK Excellence Award as it is further validation of the clientless approach we have taken to network access management and endpoint integrity," said Simon......
[more] SurfControl to Announce Third Quarter Earnings SurfControl plc, a world leading Internet Security Company providing multiple layers of enterprise threat protection, will announce 2005 third quarter earnings results and discuss operating highlights for the quarter ending March 31, 2005 on Tuesday, April 26, 2005.
SurfControl's Steve Purdham, CEO and Simon Wilson, CFO, will host the conference call to discuss the results at 1 p.m. EST (10 a.m. PST) in the United States. To register to participat......
[more] CyberGuard Provides Ten Tips for Corporations to Protect Customer Information from Identity Theft In the wake of the increasing cases of identity theft, Paul Henry, a leading security industry expert and Senior Vice President with CyberGuard Corporation, has developed ten recommended tips for corporate IT managers and Security Officers to protect customer information from identity theft. Mr. Henry has served as an expert commentator for a variety of media outlets, including NBC Nightly News, CN......
[more] Websense Master Database Grows to 10 Million Active Websites Websense, Inc. , the world’s leading provider of employee internet management solutions, today announced that the best-of-breed Websense(R) Master Database now contains more than 10 million active websites, including sites with malicious code such as viruses and keyloggers. Working in conjunction with the company’s award-winning Websense web filtering and web security software, the Master Database enables sophisticated filtering optio......
[more] Hackers aren't just picking on Microsoft Online criminals turned their attention to antivirus software and media players like Apple Computer Inc.'s iTunes in the first three months of 2005 as they sought new ways to take control of users' computers, according to a survey released on Monday.
While hackers continued to poke new holes in Microsoft Corp.'s popular Windows operating system, they increasingly exploited flaws in software made by other companies as well, the nonprofit SANS Institute f......
[more] Free security scan raises questions Security vendor Qualys is offering a free scanning service for the 20 most serious vulnerabilities recognized by SANS, a global nonprofit security training organization. SANS members from within government and business found more than 600 vulnerabilities within their networks in the first quarter of 2005. The 20 vulnerabilities Qualys will look for were chosen to help companies close the most critical holes in their networks.
However, ZDNet UK has found that......
[more] Virus writers claim Blair's email account was hacked The Prime Minister's email account is the subject of a spam scam that can infect computers with Trojan horses. Don't fall for it Cybercriminals claimed on Friday that the Prime Minister's email account has been hacked, in the latest attempt to attack PCs with malware.
On the same day Tony Blair won a third term in government, a spam message was sent out stating that malicious hackers had penetrated his email account.
The email contains a l......
[more] eSafe 5 Targets 'Drive-By' Spyware Sites A new version of Aladdin Knowledge Systems Ltd.'s eSafe gateway security software promises to protect users from a host of Internet ills, including so-called drive-by download Web sites used to place spyware on vulnerable systems, the company said.
Aladdin, of Tel Aviv, Israel, announced the availability of eSafe 5 at the Information Security Decisions conference here Monday. The addition of anti-spyware features comes as companies are struggling to def......
[more] Fake Microsoft Patch Triggers Virus Attack Like day follows night, a bogus "cumulative update" with a malicious attachment has followed Microsoft's patch day.
In what has become a monthly staple, virus writers are taking advantage of the heightened public interest around Microsoft's patching cycle to trick users into executing a malicious attachment.
The latest social engineering trick arrives via e-mail with an attachment that purports to be a "cumulative patch" for May 2005.
The claim is......
[more] Hotmail threatened by MSN flaw A cross-scripting security hole allowed malicious hackers to steal cookies from Hotmail users and get access to their accounts Microsoft took part of its MSN Web site offline over the weekend, after it learned of a flaw that could let an attacker gain access to Hotmail accounts, the company said.
The MSN Web site, http://ilovemessenger.msn.com/, contained a so-called cross-site scripting flaw, a Microsoft representative said on Monday. In its initial review of th......
[more] 
