A peer-to-peer (or P2P) computer network is a network that relies on the computing power and bandwidth of the participants in the network rather than concentrating it in a relatively low number of servers. P2P networks are typically used for connecting nodes via largely ad hoc connections. Such networks are useful for many purposes. Sharing content files (see file sharing) containing audio, video, data or anything in digital format is very common, and realtime data, such as telephony traffic, is also passed using P2P technology.
Blue Coat Reporter provides identity-based reporting on Web communications enabling enterprises to evaluate Web policies and manage network resources more effectively.
The Blue Coat SG810 Series represents the ultimate in a 1U rackmount proxy appliance platform. The 810 series is purpose-built, providing flexible control with wire-speed performance with up to 4GB of memory and 1.2TB of disk capacity. Utilizing a custom, object-based OS with integrated caching for performance, organizations can advise, coach and enforce granular policies down to individual users.
With the same protection and acceleration features found Blue Coat's enterprise-grade SG8100 Series platform, the Blue Coat SG510 offers an affordable rack-mountable appliance solution for small enterprises and branch offices which have direct access to the Internet.
FaceTime Internet Security Edition enables the safe and productive use of the Internet including web browsing, IM, P2P, Skype and other realtime communications applications. Purpose-built and integrated to provide total visibility and control, FaceTime Internet Security Edition allows organisations to implement powerful policies that detect, secure, manage and enable realtime collaborative applications while preventing malware threats, minimising information leakage, and control employee Internet use.
Unified Security Gateway is a secure Web gateway appliance that enables organisations to integrate management, security and compliance of Web usage, greynet applications such as public IM, Skype and P2P, and enterprise-class unified communications platforms such as Microsoft’s OCS and IBM Lotus Sametime.
FaceTime Enterprise Edition is a comprehensive solution for the security, management and compliance of real-time communications, consisting of user policy management, message hygiene, spyware prevention and targeted remediation, archiving for compliance, blocking unauthorised usage, and protecting the network against sophisticated user workarounds.
Real-Time Guardian (RTGuardian) is the most advanced perimeter security solution for managing web browsing, securing an authorised IM and P2P usage and blocking the spread of malware in the enterprise. RTGuardian integrates with FaceTime IMAuditor to form the industry's leading IM Security and Compliance Solution. With FaceTime Greynet Enterprise Manager, RTGuardian provides the ability to identify and remediate infected endpoints.
Greynet Enterprise Manager (GEM) provides total visibility and control over IM and P2P communications channels with integral targeted spyware infection remediation. Working in conjunction with FaceTime's RTGuardian, the most advanced gateway security solution for greynets, GEM delivers clientless, non-intrusive targeted remediation and inoculation to efficiently clean and prevent spyware infections at the desktop.
The Blue Coat ProxySG 210 provides an affordable appliance solution for remote offices where direct Internet access requires accelerated performance of business applications and granular control of web communications. At the edge of an organization’s application delivery infrastructure, the ProxySG 210 provides controlled acceleration of business applications across the globally-distributed enterprise.
FaceTime Communications is the leading provider of security solutions enabling businesses to secure and control greynet applications such as instant messaging, Skype, web conferencing and P2P file sharing.
Fizzer Worm Wallops World Complex new virus spreading fast. The Fizzer worm, which first caught security experts' attention last Thursday, is hitting computer users across the globe early this week, spreading through email and popular file-swapping networks.
Tonight on "Tech Live," get the very latest news on Fizzer, and see how to get rid of this new menace.
Security firm MessageLabs says its scanners caught 18,000 email messages containing Fizzer on Monday alone. The virus spreads in m...... [more]
Almost half of Kazaa downloads 'threaten security' Free software and files downloaded from P2P network Kazaa will pose one of the most significant threats to corporate security in 2004, according to research from risk management specialist TruSecure. Last year was reportedly the worst ever in terms of virus attacks, disruptive worms and security threats, but 2004 is likely to be even worse. TruSecure expects problems to arise from the sheer volume of both corporate and home users unknowingly dow...... [more]
New Worms Mean March Madness for IT Pros The latest "Bagle" worm is something corporate network users definitely didn't order this morning, but it's the return of the Netsky worm that has many security experts worried.
First appearing Friday afternoon, the five Bagle worms -- Bagle.A, Bagle.B, Bagle.C, Bagle.D, Bagle.E and Bagle.F -- wriggle into e-mail in-boxes via a password-protected .zip file, which many anti-virus software applications can't access.
"This is just one more method of...... [more]
Lawmakers Launch New Anti-Spyware Bill Two champions of last year's Can Spam Act have introduced legislation in Congress to outlaw invasive software such as spyware and adware from being secretly installed on computers.
Currently, these type of programs often piggyback on downloaded files without the user's consent, transmitting information about Internet traffic patterns and generating pop-up advertisements.
Known as Spyblock (Software Principles Yielding Better Levels of Consumer Know...... [more]
Virus top 10: A Sobering return Social engineering and home users give virus writers a hand MyDoom, the virus that took down SCO's website and had a pop at Microsoft and the RIAA into the bargain, has lost its place at the top of the chart for most reported virus in February.
February's malware figures from antivirus firm Sophos show that young upstart MyDoom.A has lost out to old hand Sober.C, with 35.3 per cent of all virus reports in February, compared to 25.3 for MyDoom.A.
The Sober...... [more]
Virus writers exchange coded insults The authors of the MyDoom, Bagle and Netsky worms have been insulting each other by inserting lines of text into their malware - while keeping one step ahead of antivirus companies Security researchers have discovered that the authors of MyDoom and Bagle are exchanging insults with the author of Netsky using text that is hidden inside the virus's code.
Since Friday, more than 10 variants of the Netsky, Bagle and MyDoom worms have been discovered. Mutants s...... [more]
Illegal file-sharing still 'widespread' on UK corporate networks UK firms are still allowing widespread illegal peer-to-peer (P2P) file-sharing on their corporate networks despite the threat of legal action from record companies and the security risk it poses.
The findings are revealed in a survey of 500 UK IT managers and HR officers by web and email filtering software company SurfControl.
Two-thirds of those surveyed claim their organisation takes P2P file-sharing seriously. But when...... [more]
Trust me I'm clean, claims virus The latest in a long line of NetSky variants, Netsky-P, tries to lull users into a false sense of security by containing spoofed disclaimers from anti-virus firms.
NetSky-P, first spotted over the weekend, was programmed to begin mass mailing yesterday. After encountering only a few copies of the virus during its "seeding" period, email filtering firm MessageLabs blocked 200,000 copies of the worm yesterday afternoon.
Like previous versions, NetSky-P is...... [more]
Kazaa and eDonkey brace for NetSky-Q onslaught Zombie PCs infected with the NetSky-Q worm are set to launch distributed denial of service attacks against P2P and warez sites tonight.
The worm will attempt to flood the main Web sites of Kazaa and eDonkey with spurious traffic between 00:01 8 April and 11 April (time taken from system clocks). Other sites including www.cracks.st, www.cracks.am and www.emule-project.net are also targeted for attack. File-sharing networks themselves won't be aff...... [more]
Reducing the risk from P2P downloads How employee use of peer-to-peer sites is more than just a nuisance P2P is a concern to any organisation, but on a more critical level it is also illegal.
Downloading pirate material not only infringes on existing copyright laws but, since March this year, it is a breach of the European Union Directive on the Enforcement of Intellectual Property.
This recently created intellectual property legislation makes US digital media rights laws pale in compariso...... [more]
XP Service Pack 2 Glitches Turn Up Many companies are taking a wait-and-see approach to Microsoft's newly released Windows XP Service Pack 2. Some early adopters are reporting problems, and even Microsoft admits that the security-oriented SP2 may cause conflicts on some systems. What can users - both businesses and consumers - expect from Microsoft's newly released, long-awaited and many-times-delayed Windows XP Service Pack 2?
For starters, probably an awful lot of glitches. It is widely expec...... [more]
Price isn't right for new Bagle variant Yet another variant of the mass-mailing Bagle worm began spreading widely yesterday. Bagle-AQ (AKA Bagle-AL or Bagle-AC) normally spreads by emails containing an infectious attachment. The attachment name is variable, but always contains the word "price". The attachment is always ZIP, although it could sometimes be encrypted. In these cases the email contains the password in an image.
This archive contains a HTML file and the worm's payload, an EXE file....... [more]
Ha, ha you're infected A new version of the infamous Bagle worm series is spreading widely across the net.
Bagle-AS (AKA Bagle-AZ) normally arrives in emails with a price or joke-related (infected) attachments with exe, cpl, scr or com extensions. Subject lines are picked one of a series of innocuous greetings such as Re: Hello, Re: Thank you! or Re: Hi.
Open these on a vulnerable Windows box and you get the pox. The worm scours the hard disk of infected PCs for the email addresses of potenti...... [more]
MyDoom seeks to destroy antivirus firms Antivirus companies are perplexed by a spate of recent viruses which contain messages in which the writers threaten to attack them Worm writers have threatened to attack antivirus companies F-Secure, Symantec, Trend Micro and McAfee.
In the latest version of MyDoom – MyDoom.AE – the authors embedded a message ridiculing rival worm NetSky and promising to attack the antivirus companies.
The message has left antivirus companies unsure of what to expect.
"...... [more]
Virus writers undeterred by Microsoft bounty There's too much money to be made from malware say AV firms... Antivirus companies say malware writers are undeterred by Microsoft’s $250,000 bounty after discovering another variant of the mass-mailing worm MyDoom over the weekend.
Since the start of 2004, the people responsible for creating MyDoom and Netsky have released on average more than one new variant every week. The latest version includes a message warning antivirus researchers to expect m...... [more]
Kazaa Tops Spyware List Computer Associates, a world wide technology firm, named the top five spyware threats currently on the Internet. Topping this list of dubious distinction is an old time favorite of the P2P community - the former king of file-sharing, Kazaa Media Desktop.
Those familiar with Kazaa Media Desktop know about its array of crippling third party software. Such third party software, often referred to as spyware or adware, cause system slow downs, reduced Internet performance an...... [more]
Weary and wary of spyware Former teenaged dot.com millionaire Benjamin Cohen turns to online espionage to track down the latest spyware developments Unsurprisingly, running an online business involves being online for most of the day. One of the constant "joys" that lights up my working days are adware and spyware, annoying little programmes that hijack your computer, change settings and bombard you with "relevant" advertising messages.
There are numerous ways these little blighters can get on...... [more]
Two out of Three UK Company Networks Hit by Spyware A new survey of 500 UK IT departments by SurfControl plc has found 62% of networks are known to have been infected by spyware. More than one in eight of the IT directors, CIOs and managers that participated were unable to identify whether or not their network had been infected.
IT departments are using a range of tactics to protect networks against malware, including desktop anti-spyware software (59%), content filtering (47%) and prohibiting...... [more]
MP3 zapping malware worms onto P2P network Vigilante virus writers have launched an offensive against file traders with the release of a worm that deletes MP3 files on infected PCs.
The Nopir-B worm, which appears to have originated in France, poses on P2P networks as a program to make copies of commercial DVDs. In reality the application offers no such function. Instead it attempts to delete MP3 music files on infected PCs. Nopir-B also attempts to disable various system utilities and wipe .C...... [more]
Aladdin Sees Dramatic Increase in Email Traffic with Outbreak of Win32.Sober.s Aladdin Knowledge Systems Ltd. today announced that its Content Security Response Team (CSRT) identifies the new Win32.Sober.s worm as a medium to high risk for corporate networks worldwide. Aladdin eSafe customers are proactively protected without a need for signature updates.
Win32.Sober.s is a mass-mailing worm that continues to quickly infect computers throughout the United States and Germany by disguising itsel...... [more]
Aladdin announces eSafe 5 for spyware protection and Web security Aladdin Knowledge Systems Ltd. has announced the availability of Aladdin eSafe 5 that is presented as transforming the way Web security is handled in large organisations, addressing the latest spyware/adware threats with multi-layered comprehensive content protection.
Also introduced in Aladdin eSafe 5 is a gateway solution featuring four layers of spyware protection. Designed to fight the ever-increasing spyware epidemic, Aladd...... [more]
Security Firm Warns of IM Worm Less than a week after sounding the warning bell regarding a barrage of threats coming through public Instant Messaging (IM) clients, Akonix Security Center said it has discovered another bug.
The latest IM spyware worm, is named Chode-D, is moving rapidly over leading public IM networks, the security center said. The worm has been classified as a "medium risk."
The firm said it is using its IM malware, SPIM and protocol update system, which automatically push...... [more]
Parents and employers targeted in anti-P2P drive 'Download our seek-and-destroy software and we won't tell on you' The music and film industries are giving people who have swapped songs and other copyrighted material over the internet a new way to repent for their illicit ways.
A free program released on Thursday, called Digital File Check, will uninstall or disable file-sharing programs on people's computers. The International Federation of the Phonographic Industry (IFPI), a London-based affi...... [more]
Worm spoofs Google on infected PCs Virus writers have developed a worm that spoofs the behaviour of internet search engine Google, varying the results displayed to suit the requirements of hackers.
P2Load-A modifies the HOSTS file on infected PCs by replacing the original with a file downloaded from a remote website under the control of hackers. When users run a search, the results are normally shown correctly - but sponsored links are different. For some searches, other links appear which hav...... [more]
Skype could pose security problems for companies, analysts say The growing popularity of Skype Technologies SA's free Internet telephony software could soon pose the same kind of security challenges for companies that other peer-to-peer (P2P) software technologies have created in recent years, according to security experts.
The warning comes after the disclosure this week of two critical flaws in Skype's software, one of which could allow malicious hackers to take complete control of compromi...... [more]
P2P Attacks Up; IM Hits Down IM security solutions provider Akonix Systems said its research team tracked 22 new attacks on Peer-to-Peer networks in October, a 19 percent increase over September.
The attacks on networks such as eDonkey and Kazaa came at the same time the Akonix Security Center tracked a decrease in attacks on Instant Messaging networks during the same time frame.
Don Montgomery, vice president of marketing at Akonix Systems, said October marked the first month that P2P attac...... [more]
Instant messaging attacks rise in 2005 MSN and AOL's IM networks experienced a sharp increase in security incidents in 2005 Security attacks over instant-messaging (IM) networks became more prevalent in 2005, according to a study published on Monday.
The MSN network experienced the largest number of IM security incidents in both 2004 and 2005, while year-on-year incident growth rates were largest on AOL's AIM network, according to the report, from IM security vendor FaceTime Communications.
In...... [more]
SurfControl Enables Detection and Control Over Unauthorized Skype Implementations SurfControl, the world leader in Internet content protection, today announced its ability to detect and control unauthorized Skype usage on the corporate network.Skype is a subscription-based Internet client that enables users to make calls anywhere in the world at the cost of a local call. An amorphous application, Skype uses indiscernible encryption and is capable of working through virtually any network address...... [more]
Spyware Trail Leads to Kazaa, Big Advertisers The StopBadware.org coalition, funded by Google, has listed the Kazaa file-sharing application at the top of a list of noxious software programs that present a threat to business and consumer users. The coalition, which counts Sun Microsystems and Lenovo among its sponsors, will recommend in its inaugural Badware Report that users stay away from Kazaa and three other programs that can be combined with Trojans and bots for use in data theft attacks....... [more]
New IM, email bot creates own p2p network Email and instant messenger users are being warned about a new bot in the wild that creates a peer-to-peer (p2p) network of infected host PCs. The "Nugache" worm is spreading as both an email attachment and on AOL an MSN instant messenger (IM) networks, according to a warning from Websense Security Labs. "The command and control channel that is used is unique, as the bot appears to connect to infected peers instead of a static list,"...... [more]
Killjoy Trojan deletes warez and smut Virus writers have created a Trojan that deletes illicit files from compromised Windows PCs in addition to harvesting data from infected machines.Erazer-A is spreading (albeit modestly) across P2P networks, where it poses as useful program files, or through chat programs.If executed, the malware scours folders used for P2P apps for AVI, MP3, MPEG, WMV, GIF, ZIP and other files. It then erases any porn, warez, music or any other matching file type found in P...... [more]
Akonix: Highest Number of Spim and Malware Filter Updates Issued This Year Akonix Systems, the provider of the most deployed instant messaging (IM) security and compliance products in the world, today announced its Security Center team tracked 31 attacks against IM networks in May, the largest number of threats this year. New worms identified in May include Browaf, Kassbot, Nugache and Propmsn. The most common attack was Tilebot, which had five variants of the original virus. Overall, Akonix se...... [more]
KaZaa users warned of p2p worm Researchers are warning peer-to-peer (p2p) application users of a new proof-of-concept virus that acts similarly to the W97M/Melissa malware. The virus, MSH/Cibyz, which is based on Windows PowerShell, was released by members of the RRLF virus group, according to an advisory from McAfee. PowerShell is a command line shell and scripting language that runs on Microsoft XP, Windows Server 2003, Vista and Longhorn operating systems. The malware is a low risk to home an...... [more]
Hackers try to crack Windows PowerShell Virus writers in Austria have reportedly developed malicious code that targets Windows PowerShell, the command line interface shell and scripting language product being developed by Microsoft. Security company McAfee warned this week that it had detected the worm, called MSH/Cibyz. MSH/Cibyz is designed to spread using the Kazaa file-sharing network, and the worm runs in PowerShell, which is due to ship in the second half of this year. PowerShell, formerl...... [more]
Sophos offers free application killer Sophos has become the first security vendor to give a standard anti-virus client the ability to block a range of risky applications, including VoIP, instant messaging, and P2P programs. The new feature comes in the form of a free signature upgrade to the company's Anti-Virus 6.0 software, and can stop a named list of programs from running on any PC on which the software is installed. Notable on this list are Skype and Google Talk, IM clients such as AIM, MS...... [more]
Akonix Records Highest Number of IM Attacks in 2006 Akonix Systems, the provider of the most deployed instant messaging (IM) security and compliance products in the world, today announced its Security Center (www.imsecuritycenter.com) researchers tracked 64 attacks against IM networks during the month of September, the most IM threats recorded in 2006. IM networks have experienced a total of 237 attacks this year. New worms identified include Licat, Sohanat, Yautoit, AutoIt, IMNames and Xrobots...... [more]
Spam Trojan Installs Own Anti-Virus Scanner Veteran malware researcher Joe Stewart was fairly sure he'd seen it all until he started poking at the SpamThru Trojan-a piece of malware designed to send spam from an infected computer.The Trojan, which uses peer-to-peer technology to send commands to hijacked computers, has been fitted with its own anti-virus scanner-a level of complexity and sophistication that rivals some commercial software."This the first time I've seen this done. [It] gets...... [more]
Top hacker targets named Internet Explorer, web apps and VoIP make the list... Microsoft's Internet Explorer has been named one of the internet's top 20 hacker targets by a leading security organisation.The SANS Institute also said Microsoft Office and Windows Libraries and Services are some of the most vulnerable applications available on computers today.But Microsoft was not alone in the annual list - Apple's Mac OS X was also catalogued, along with "configuration weaknesses" in Unix...... [more]
Webwasher 6.0 Delivers Industry's Most Advanced, Proactive IT Security Web Gateway Security Solution Integrates TrustedSource Global Reputation System; Introduces Proactive Anti-Malware Protection Secure Computing Corporation, a leading enterprise gateway security company, today announced Webwasher 6.0, a new and enhanced version of its award-winning Web Security Gateway, protecting enterprises from inbound and outbound security threats. Webwasher 6.0 marks the initial integration of CipherTrus...... [more]
New version of Skype now harder to detect Skype-blocking companies have been scrambling to update their products after the recent release of a new version of the software that is even harder to detect and block. The beta of version 3.0 was made available only two weeks ago and, as expected, the client has been re-engineered to make its presence on network traffic tougher to spot, according to leading Skype-blocking outfit iPoque.There have been a number of subtle but important alterations in 3....... [more]
Akonix Tracks 38 Malicious Code Attacks over IM Networks in April Akonix Systems, a provider of instant messaging (IM) security and compliance products, announced that its IM Security Center researchers tracked 38 malicious code attacks over IM networks during the month of April, an increase of 23% from March.The company said that although IM threats are substantially higher than last year's overall, this is the first time in 2007 that the number of attacks increased when compared with the prev...... [more]
Akonix: 80% Increase in Harmful IM Activity Akonix Systems, Inc., provider of the most deployed instant messaging (IM) security and compliance products in the world, today announced its IM Security Center researchers tracked 36 malicious code attacks over IM networks during the month of June, an 80% increase over May. This brings the total number of threats for the first half of 2007 to 206, which is 79% more than the same time period last year. New IM worms identified include Checkout, Impard,...... [more]
Akonix: 80% Increase in Harmful IM Activity Akonix Systems, Inc., provider of the most deployed instant messaging (IM) security and compliance products in the world, today announced its IM Security Center researchers tracked 36 malicious code attacks over IM networks during the month of June, an 80% increase over May. This brings the total number of threats for the first half of 2007 to 206, which is 79% more than the same time period last year. New IM worms identified include Checkout, Impard,...... [more]
Policeman sacked after P2P data leak A Japanese policeman has been sacked after the personal information of thousands of people relating to criminal investigations was leaked on to the internet from his computer. The officer, who worked for the Metropolitan Police Department in Tokyo, accidentally revealed the details via peer-to-peer (P2P) file-sharing software on his PC.He had allegedly installed the Winny file-sharing software on to his machine and was unaware that sensitive data was being ma...... [more]
Net criminals shun virus attacks Hi-tech criminals have found novel ways to carry out web-based attacks that are much harder to spot and stop, warn security experts. Some cyber criminals have exploited file-sharing networks and popular webpages to attack targets. The malicious hackers have turned to these methods instead of going to the trouble of hijacking home PCs. Using these methods the hi-tech criminals have staged some of the biggest attacks security experts have ever seen. Attack pa...... [more]
IM attacks up nearly 80 percent, Akonix says - and P2P is worse Loose lips sink ships, and flying fingers scuttle computers Malicious code attacks over instant messaging networks are up almost 80 percent over last year, according to a new study from vendor Akonix. In July, the company, which develops IM hygiene and compliance appliances and services, said it uncovered 20 malicious code attacks over IM in July. The total number of threats for 2007 so far is 226, the company said. That number is a...... [more]
DOT Looks to Avoid Further P2P Leaks The U.S. Department of Transportation is taking several steps to prevent further exposure of internal information, after more than 90 agency documents were exposed on a peer-to-peer network. The documents were inadvertently exposed on a file-sharing network after the teenage daughter of a telecommuting DOT worker installed a P2P client on an agency PC containing the information. Daniel Mintz, the department's CIO, said the incident prompted the agency to qui...... [more]
Man charged over P2P ID theft scam Police have arrested a Seattle man over allegations he used P2P networks to swipe sensitive financial data from the PCs of file sharing fans.Gregory Kopiloff, 35, allegedly used the Limewire and Soulseek P2P networks as conduits for identity theft. Investigators reckon he used the software to scour users' systems on the hunt for income tax returns, student financial aid applications, credit reports and other documents that might give con men enough information...... [more]
ABN Amro suffers p2p data breach A former employee of Citi's ABN Amro Mortgage group in the US leaked the personal information of more than 5,000 customers via a peer-to-peer (p2p) file-sharing network. The former employee reportedly compromised three spreadsheets containing more than 5,000 government issued numbers. Data-leak prevention vendor Tiversa traced the breach back to a Florida computer with BearShare software installed, according to an Associated Press report. The data was leaked from...... [more]
Akonix: 22 IM Attacks This Month Company predicts upcoming spike in malicious activity as companies prepare unified communications rollouts Akonix Systems, Inc., a provider of policy and risk management products for real-time communications, today announced its IM Security Center researchers tracked 22 malicious code attacks over instant messaging (IM) networks and a 50% increase in threats on P2P networks during the month of October. Although the number of monthly IM threats decreased from Sept...... [more]
Security policies? Workers ignore them, survey says It's one thing to have a companywide information security policy in place. But it's a whole different ballgame to get employees to actually follow the policies -- even those that are IT types. A startling number of technology professionals often knowingly ignore security policies or break them because they are unaware of them, according to a survey of more than 890 IT professionals by the Ponemon Institute LLC. "The key take-away is that...... [more]
Virus writers charged with copyright violation Japan has arrested its first suspected virus writers, but in a strange twist the three suspected creators and distributors of a strain of P2P malware have been charged with copyright violation, in an arrest that recalls Al Capone's prosecution for tax evasion. The trio were cuffed by cops in Kyoto on suspicion of involvement in a plot to infect users of the Winny P2P file-sharing network with a Trojan horse that displayed images of popular anim&eac...... [more]
IM attacks get nastier Attacks on instant messaging systems continued to grow more sophisticated and dangerous in January, according to Akonix, a vendor of messaging security systems. The company tracked 14 new attacks on IM systems in January, finding that while the number was relatively low, the attacks are getting better at targeting users. IM attacks are a relatively recent phenomenon, but have grown drastically in number in recent months. In July Akonix said the number of threats over the...... [more]
BlackBerry servers ripe for the hacking Many companies running BlackBerry Enterprise Server (BES) could be inadvertently opening a door to attackers, a penetration testing company has found. Penetration testing consultancy NTA Monitor found that most of its customers running the BlackBerry Server with Microsoft Exchange were taking the path of least resistance by opening unencrypted ports from the heart of their network to service providers. The providers, in turn, opened a return back to the BE...... [more]
The Case Proves the Danger That Using P2P Services for Illegal Software and Media Downloads Now Poses Seattle-based Gregory Kopiloff, who made security history last November by becoming the first person to be indicted on peer-2-peer (P2P) identify theft charges, has been sentenced to 51 months in prison. The case, says David Hobson, managing director of Global Secure Systems, a IT security consultancy, proves the danger that using P2P services for illegal software and media downloads now poses....... [more]
IM malware spikes in April Instant messaging attacks leapt 162 percent in April according to security firm Akonix. The company tracked 21 new malicious code attacks over the month. The jump accompanies a boom in take-up of enterprise unified communications systems (UC) over the past few months, a fact that is unlikely to be a mere coincidence, Akonix said. UC systems are designed to bring together all a company's communications systems onto a common internet protocol (IP) infrastructure, and of...... [more]
Akonix Tracks 10 New IM Attacks in May Akonix Systems Inc., a provider of unified policy management products for instant messaging (IM) and unified communications, announced that its IM Security Center researchers tracked 10 new malicious code attacks over IM networks in May, bringing the 2008 total to 73. New IM worms identified in May include Flocker, Foto-nue and Mondez. LdPinch was the most common with two variants. In addition, attacks on P2P networks, such as Kazaa and eDonkey, increased...... [more]
File-sharing breach at investment firm highlights dangers of P2P networks -- again Wagner Resource Corp. recently learned the hard way what Pfizer Inc. and many other companies have similarly discovered in the past: installing peer-to-peer file-sharing software on corporate computers is a bad idea. The Alexandria, Va.-based investment firm last week had to notify about 2,000 of its clients that their names, Social Security numbers and birthdates had potentially been exposed on the LimeWire P2P...... [more]
New Trojan in the wild targeting multimedia files Secure Computing is warning of a new Trojan in the wild that is infecting multi-media files on a victim’s hard disk. The initial infection happens from a pirate software site better known as a Warez site, where users go looking for an illegal crack or serial key to run copy-protected software. According to Secure Computing’s security advisory, when trying to play back the infected files, the user is fooled into believing a codec is needed...... [more]
How to Approach Access Control in the Social Networking Age “Here comes trouble,” say John Yun and Jay Kelley from Juniper Networks. Trouble in this case means social networking. Like instant messaging and e-mail before it, social networking can cause worries to companies that haven’t learned to adapt - and real trouble to companies that haven’t learned how to manage it. Enterprises are beginning to adopt social networking applications. They’re doing it for the sam...... [more]
Is it possible to ban chat programs on an enterprise LAN? Q: How do I ban MSN Messenger, Yahoo Messenger, Skype and other chat programs on an enterprise LAN? My network connects to the Internet through a hub, and from the hub it connects a wireless router/modem to the Internet. I've tried blocking URLs and outgoing ports, but to no avail. I can't install any blocking software because I don't have a server in between the router and the network PCs. A: As you have discovered already, imposing con...... [more]
Akonix: Steady Uptick in IM/P2P Attacks Akonix Systems, Inc., the leading provider of unified policy management products for instant messaging (IM) and unified communications, today announced its IM Security Center researchers found steady growth in IM and P2P threats through the first seven months of 2008. With 40 unique threats in July on the heels of the year's peak month of 51 threats in June, the current trendline shows a projected growth of 107% for the year. New IM worms identified this...... [more]
BT deploys Blue Coat ProxySG appliances to protects its corporate network from Web 2.0 threats The use of social networking sites has soared over recent years, with an estimated 64 million people worldwide using the technology for both social and work related purposes. For many employers, an outright ban of such sites is simply not realistic and a growing number are now actively embracing the use of networking sites and other Web 2.0 tools such as P2P (Peer to Peer) and Wikis in order to encoura...... [more]
Secure Web gateway for effective data loss prevention in an SSL world Businesses are increasingly moving to SSL-encrypted traffic on their network for greater security and data protection. In fact, in 2007, Enterprise Strategy Group estimated that SSL-encrypted application deployments had increased by 50 to 55 percent. However, more SSL traffic on the network inhibits the effectiveness of a data loss prevention solution. In response to this new application profile that favors SSL traffic, organ...... [more]
Medical data leakage rampant on P2P network The risk of patient information disclosures on peer-to-peer (P2P) networks is much higher than if a health care worker loses a laptop or removable storage device, according to new Dartmouth College research. Dartmouth College business professor Eric Johnson has written a report called “Data Hemorrhages in the Health Care Sector” and plans to present his findings later this month at the Financial Cryptography and Data Security conference, J...... [more]
Final countdown to Conficker 'activation' begins Security watchers are counting down to a change in how the infamous Conficker (Downadup) worm updates malicious code, due to kick in on Wednesday 1 April. Starting on 1 April, Windows PCs infected by the latest variant of the Conficker worm (Conficker-C) will start attempting to contact a sample of 50,000 pre-programmed potential call-home web servers from which they might receive updates, a massive increase on the 250 potential web server locale...... [more]
Expert claims press are overhyping Conficker Reports of the Conficker worm are being vastly exaggerated and it will not have as big an impact as is being predicted, according to a researcher. Rick Howard, director of security intelligence at iDefense, claimed that press coverage has overhyped the issue of Conficker, and although it is dangerous, the security community has known about this worm since the first variant. Howard said: "The mitigation recommendations are the same for this fourt...... [more]
Conficker begins stealthy update The Conficker worm has started to update infected machines with a mystery package of data. Computer security firms watching the malicious program noticed that it sprang into life late on 8 April. The activity on its update system delivered encrypted software to compromised machines. It is not yet clear what the payload contains. The Conficker virus variants are thought to be present on millions of PCs around the world. Spam connection The...... [more]
Five ways to tempt and tame Gen Y The Facebook generation can be dream employees - if you know how to manage them. Danny Bradbury offers tips for keeping them under control and productive. They're young, precocious, tech-savvy - and they like shiny stuff. Generation Y knows what it wants, and if managers and employers want to retain their talents, then they'd better give it to them. The newest generation of employees grew up with technologies that appealed to consumers, such as Facebook, MySpac...... [more]
Call to 'disconnect file-sharers' Persistent illegal file-sharers should be cut off from the net, an alliance of UK creative industries will tell the government later. The alliance wants the government to force internet service providers (ISPs) to disconnect users who ignore repeated warnings about sharing illegal content. John Woodward, head of the UK Film Council, said illegal file-sharing was hurting film-making and risking jobs. The coalition says more than 50% of net traffic in the UK is i...... [more]
Researchers build auto-destruct code for personal data Researchers at the University of Washington have developed software that will automatically delete files like emails within a pre-set time limit. The Vanish software allows the user of any web-based service to encrypt a message, but instead of the user keeping the key, it is put into a global peer-to-peer (P2P) network for a specified time before disappearing, making it impossible to decrypt the message. "Today many people pick up the...... [more]
Fake Antivirus: 5 software titles you should definitely NOT install We take a closer look at some of the more common scareware traps; what to look out for, how to identify the fakes and 5 rogue security software packages you should try and avoid at all costs. Bogusware, scareware or rogueware - whatever you prefer to call them, are all different names given to describe roughly the same thing: rogue security products that masquerade as the real thing.
According to numbers published by the Anti-P...... [more]
Inhibiting employee use of Web 2.0 applications is a double edged sword With strong evidence now emerging that allowing employee access to Web 2.0 sites is beneficial, many organisations are starting to reverse their decisions to ban the new internet. However, with no controls in place to manage sites accessed and content posted, companies are still in danger from data leaving undetected, employees posting negative and possibly libellous comments and escalating bandwidth usage. Organisations th...... [more]
Google Reader Koobface spotlights security risk 2.0 The rising use of social networking and collaboration apps on corporate networks has spawned increased security risks beyond potential productivity losses, firewall vendor Palo Alto warns. The warning coincides with the appearance of a variant of the Koobface worm linked to Google Reader accounts controlled by hackers. Aside from acknowledged business benefits, Web 2.0 applications can transfer files, propagate malware, and have known security...... [more]
Conficker still a threat, one year on Saturday marked the first anniversary of the detection of the first variant of the Conficker virus. One year ago, on November 21, what is now called ‘Conficker A' was detected, a virus which propagated itself through the internet by exploiting a vulnerability in a network service (MS08-067) on various Windows operating systems. Microsoft released an emergency out-of-band patch in October last year to close the vulnerability, but many PCs remained unpatched...... [more]
Five ways to lose your identity (and wallet) this holiday season The holiday season is almost here, and even in a recession, huge numbers of people will likely be shopping online for gifts this year. The rush by shoppers to the Web makes the season a great time for online retailers. It's also a great time for hackers looking to steal data and money from the unwary millions expected to search for great deals online. The growth of holiday hackers has annually prompted security analysts, identity...... [more]
Illegal file sharing still rife Illegal file sharing levels are still not declining despite a recent crackdown by the government, according to new research from British recorded music industry body the BPI. The firm interviewed over 3,000 UK respondents aged 16-54 and 1,012 said they were downloading or filesharing music on peer-to-peer networks or from other web sources. While levels of illegal file sharing remained pretty much the same throughout 2009, the BPI warned of an increase in the use...... [more]
FTC warns nearly 100 firms of P2P data leaks In what appears to be a warning shot, the Federal Trade Commission has sent out letters to about 100 companies, informing them about sensitive and confidential data from their networks being found on publicly available peer-to-peer networks. The letters stem from an FTC investigation during which the agency discovered numerous examples of health-related information, financial records, driver's license and Social Security numbers, and other data leaked...... [more]
Security tips for large and small businesses Whether your business is a big fish or a small-fry home office, you can get hacked just the same, and the stakes are higher than a few canceled credit cards. Here are a few tips to protect your users and your networks--steps that even enterprise-class security specialists may slip up on. Know Who Might Be Targeted - and How and Why
With the recent news of attacks on US companies including Google, many business owners might be thinking, "That wouldn't...... [more]
If you need more information about P2P, please feel free to contact us with your P2P questions using our contact form.
