Encryption
Encryption
In cryptography, encryption is the process of obscuring information to make it unreadable without special knowledge. While encryption has been used to protect communications for centuries, only organizations and individuals with an extraordinary need for secrecy had made use of it. In the mid-1970s, strong encryption emerged from the sole preserve of secretive government agencies into the public domain, and is now employed in protecting widely-used systems, such as Internet e-commerce, mobile telephone networks and bank automatic teller machines.
Definitions provided by Wikipedia - The Free Encyclopedia
Encryption Related Products
SnapGear can be deployed as just a firewall, as a VPN gateway, a UTM security appliance, or as a complete office network-in-a-box Internet appliance for small businesses, with all of the wide area networking tools needed to serve large enterprise remote offices.
More information
The GB-250 and GB-250e Firewall UTM Appliances are GTA’s entry level systems that provide big security for smaller business offices. Designed and priced to meet the needs of smaller organisations, the GB-250 and GB-250e include the same security and UTM features of our larger enterprise firewall UTM appliances, but scaled to fit the needs of offices with fewer than 50 employees.
More information
Sensitive Document Vault is a feature-rich secure repository and sharing platform for securing, storing and managing your organisation's most highly senstive information. Sensitive Document Vault places your most important files into discrete vaults that can be viewed via a web-enables interface. With more than ten layers of security working together, these Digital Vaults create an impenetrable electronic vault, or safe haven, in a network.
More information
AirMagnet's Handheld Analyzer is a convenient, inexpensive way to solve serious problems in the enterprise wireless LAN. The Handheld Analyzer helps IT staff make sense of end-user complaints to quickly resolve performance problems, while automatically detecting hundreds of security threats and other network vulnerabilities.
More information
Anytime, Anywhere, WLAN Monitoring and Troubleshooting. AirMagnet's WiFi Analyzer is the industry's most popular mobile field tool for troubleshooting enterprise Wi-Fi networks. WiFi Analyzer helps IT staff make sense of end-user complaints to quickly resolve performance problems, while automatically detecting security threats and other network vulnerabilities. Although compact, WiFi Analyzer has many of the feature-rich qualities of a dedicated, policy-driven wireless LAN monitoring system.
More information
The GB-2000 Firewall UTM Appliance Family provides powerful enterprise level security and comprehensive features that are easy to implement and administer. The GB-2000, GB-2000e and GB-2000X are all designed for SME organizations that desire a single, dedicated appliance to handle their complex network environments and multiple Internet security zones.
More information
3e-527 Access Point featuring 802.11a/b dual mode with integrated 8 port switch and wireless bridge. The 3e-527 combines the benefits of advanced access point features with an integrated 8 port switch in one secure case, built to withstand the rigors of harsh environments. The user management interface is designed to allow quick set up and installation. A key feature is the ability to auto-detect multiple bridges.
More information
3e525A-3 Wireless Access Point Maximum security and flexibility with outdoor or indoor use. The 3e525A-3 Wireless Access Point is packaged in a rugged NEMA 4/IP 67 weatherproof enclosure and conforms to 802.11a, 802.11b and 802.11g wireless standards.
More information
AppGate Mobility Server is an easy, secure and cost-efficient way of making information accessible via mobile devices, without the need of rebuilding infrastructure.
More information
Instant Messaging (IM) presents enterprises with a completely new set of threats to network security, bandwidth availability and program compatibility. Instant messaging’s always-on nature, lack of monitoring tools, known vulnerabilities and multiple available protocols make it a prime target for hackers and others with unscrupulous intentions. To help enterprises combat these threats, Secure Computing® developed the IronIM™ instant messaging security appliance.
More information
Uniquely designed for mid-sized businesses, the GB-800 and GB-800e Firewall UTM Appliances provide corporate level Internet security and unified threat management (UTM) features. Comprehensive firewall and unified threat management features combine into a single, dedicated appliance for completed Internet security.
More information
The AirGuard model 3e-527A3 is an 802.11b/g AP, 802.11a bridge, and an 8-port secure Ethernet switch. With DoD-proven security and easy-to-use mesh networking, it is suited for government, military, industrial, mobile, and metropolitan-area wireless infrastructures.
More information
The 3e-010F-C-2/3e-010F-A-2 Crypto Client software provides advanced interoperable 802.11i wireless data security with AES and 3DES encryption. These advanced security options include the standards as established by FIPS 140-2 Level 1 - the Federal Information Processing Standards mandated by the US Department of Defense for use in wireless environments.
More information
The RA510 Series of rack-mountable proxy appliances provides small to mid-sized sites with the power to extend remote access to employees, partners, and customers while delivering on demand endpoint security and information protection features.
More information
RSA SecurID® hardware tokens provide "hacker-resistant" two-factor authentication, resulting in easy-to-use and effective user identification. Based on RSA’s patented time synchronization technology, this authentication device generates a simple, one-time authentication code that changes every 60 seconds.
More information
The AirMagnet Enterprise Analyzer for Cisco is a software-only Wi-Fi troubleshooting solution designed specifically for Cisco Unified Wireless Networks. The Enterprise Analyzer software cooperates with your Cisco Wireless LAN controllers and lightweight access points to collect Wi-Fi data for expert analysis.
More information
The RA8100 Series of rack-mountable proxy appliances provides large-sized sites with the power to extend remote access to employees, partners, and customers while delivering on demand endpoint security and information protection features.
More information
BorderWare SteelGate is the leading application-based firewall appliance for perimeter network security to prevent attacks, block malicious behavior, control network traffic, and centrally manage the perimeter defense infrastructure in a single security solution. BorderWare SteelGate provides organisations with the ability to prevent network risks, enforce policies and ensure operational efficiencies.
More information
Vital Security Web Appliance NG-5100 is Finjan’s real-time web security solution for small and medium-sized businesses. This all-in-one appliance offers the most comprehensive and advanced web security solution on the market, protecting your users from Spyware, Trojans and other types of web-borne threats. Featuring Finjan’s patented real-time content inspection technology, NG-5100 provides zero-hour protection from new vulnerabilities and emerging threats that often bypass signature-based anti-virus, URL filtering and heuristics-based solutions.
More information
Vital Security Web Appliance NG-6100 is Finjan's real-time enterprise web security solution for organizations with high availability requirements. This appliance achieves the highest level of protection against malicious code, securing corporate networks and users from Spyware, Trojans and other types of web-borne threats.
More information
Vital Security Web Appliance NG-8100 is Finjan's realtime web security solution for large enterprises and organizations. This appliance achieves the highest level of protection against malicious code, securing corporate networks and users from today's sophisticated and dangerous web-borne threats.
More information
As part of the industry's leading high-performance networking solution, the Juniper Networks DX application acceleration platform delivers a complete data center acceleration solution for Web-enabled and IP-based business applications.
More information
Whether you are at home or on the go, Trend Micro Internet Security Pro safeguards your online transactions, identity, and irreplaceable files with the most comprehensive protection available. Get all the benefits of our proven Internet security plus enhanced identity theft protection, Wi-Fi validation, data theft protection, and system recovery.
More information
The ever escalating increase in XML traffic is resulting in multiple instances of XML Gateways across the network; inside the DMZ, at the data-center for acceleration and application offload to relieve key processing bottlenecks, and in front of key applications to identify service usage and behavior. To overcome potential operational control issues a single policy management point is recommended for centralized control.
More information
Voltage SecureMail addresses the critical need to secure email communications through the most comprehensive, yet easiest to manage and use email encryption solution available. Voltage SecureMail delivers a unique single push format that provides the best usability and lowest total cost by leveraging the power of Identity-Based Encryption (IBE). Only Voltage SecureMail supports policy-driven gateway-based solutions, client-less delivery, and client-based options all with a single message format, unlike other email encryption solutions that require multiple delivery mechanisms, extensive key management or expensive web based mail systems that fragment the communications channel.
More information
Voltage SecureFile™ enables organizations and users to easily and securely share files with individuals and groups - for single files and in bulk. Through the power of Voltage Identity-Based Encryption (IBE), Voltage SecureFile delivers the ability to encrypt to individuals and groups without the need to exchange certificates or utilize "phone-based" passwords. As information rights relationships change, Voltage SecureFile eliminates usability and management barriers to secure file sharing by dynamically enforcing group policies through automated key management.
More information
The Voltage Data Protection System delivers a comprehensive, centrally managed key management system that enables enterprises to ensure sensitive data is encrypted as it is collected, transmitted and stored. With the Voltage Data Protection System, enterprises now have the ability to implement comprehensive application-level encryption, regardless of infrastructure or application format requirements.
More information
Safend Auditor is a lightweight, intuitive, clientless software utility that illuminates enterprise endpoint blind spots – providing organizations with the visibility they need to identify and effectively manage endpoint vulnerabilities.
More information
The technology leadership and advanced solution designs fostered by Utimaco engineering have culminated in a forward-looking, modular approach to data security tailored to mid-sized and large organizations: SafeGuard Enterprise.
More information
Data is one of the most valuable assets that companies and organisations have. These assets are in even more danger since “mobile computing” has become a reality: sensitive information is stored on notebooks and removable media – without any firewall protection. Mobile devices and media, along with the sensitive and valuable information that is stored on them, are constantly exposed to loss or theft. A company’s management team is responsible for taking all appropriate steps to protect a company’s or organisation’s data.
More information
To protect the entire security infrastructure from being compromised, cryptographic keys have to be stored and managed in a hardened security environment. Purpose-built Hardware Security Modules (HSM) protect the keys, data and applications during storage and use. The use of Hardware Security Modules also helps to ensure regulatory compliance. Utimaco's SafeGuard CryptoServer is a tamper-resistant high-performance Hardware Security Module that is certified in accordance with stringent international security standards.
More information
In almost every organization, valuable information such as HR documentation, customer data, and research results is saved electronically without being protected. The current practice of saving data centrally on servers, multi-site workplace networking, and using mobile data media means that security risks are becoming greater. And as more organizations outsource their IT departments in an effort to reduce costs, their worries about data confidentiality increase accordingly.
More information
Thanks to the PDA a whole new world of opportunities is opening up – and a whole new world of risks. The very fact that PDAs are so portable means they are easily lost or stolen, along with the confidential data saved on them. In addition, Plug & Play functionality and wireless connection capabilities make them a serious threat to the security of company networks. Current PDAs are not equipped to combat these risks so comprehensive protective measures are imperative.
More information
The most frequent use of the Internet is to send e-mails. E-mails have established themselves as a standard part of the day's commercial traffic but, up to now it was not possible to represent all company-specific work processes involved in it electronically. The greatest challenge is to be able to securely exchange e-mail with confidential contents.
More information
As anyone responsible for data security already knows, most company data is either not stored securely or is e-mailed as plain text. Campaigns to secure internal and external communications by using public key infrastructures (PKIs) have so far failed to provide a comprehensive solution.
More information
By now more than 3.5 million BlackBerry devices are used world-wide within companies. The German Federal Agency for Information Security (BSI) issued a severe warning on the usage of these devices: “Due to the insecure architecture we can not recommend BlackBerry usage within security-sensitive areas of the government or companies threatened by espionage!” The key security issue is the root access of the push service to the mail infrastructure of the client.
More information
Seamless and transparent encryption of confidential data on all removable media to lower your business risk without impacting productivity. The convenience and widespread use of removable media creates vast security risks for enterprises. USB drives, external hard disks, cards, rewritable CDs and DVDs, etc. can contain gigabytes of sensitive information that can very easily fall into the wrong hands.
More information
Protecting customer and other confidential data from malicious and accidental leaks is one of the top business and IT security challenges facing organisations today. Compounding this problem, CIOs and CSOs must protect their data amid pressure from regulatory and corporate compliance requirements, customer and competitive pressures, and the rising cost and publicity of data leaks. Websense® Data Security Suite is the leading solution for preventing data loss.
More information
Websense Hosted Email Security provides protection at the internet level, eliminating spam and malware before they reach your network. The hosted deployment model provides centralized security with built-in redundancy, failover, and business continuity, while easing administration and optimizing network operating and capacity planning costs. Guaranteed by industry-leading SLAs, Hosted Email Security reduces business costs, eliminates the complexity and uncertainty of managing email threats, and provides the highest possible degree of protection.
More information
GTA Mobile VPN Client provides the vital ability for remote users to initiate VPN communications with corporate resources. Using VPNs, "road warriors" or telecommuters can safely access corporate networks from unsecured public networks or un-trusted local networks. A VPN Connection can also be used to connect end users that need a secure "end user to host" connection to transmit sensitive information over an intranet. GTA Mobile VPN Client used in conjunction with firewall-to-firewall gateway VPN Connection provides a total IPSec VPN solution. GTA Mobile VPN Client meets IPSec standards.
More information
The Edge2WAN Series is a complete network load balancing appliance which support both outbound and inbound link balancing in addition to weighted application routing and built-in UTM security suite. The 50SXV product is well suited for SMB, branch offices and small ISP/multi-tenant deployments.
More information
The Edge2WAN Series is a complete network load balancing appliance which support both outbound and inbound link balancing in addition to weighted application routing and built-in UTM security suite. The 55SXV product is well suited for mid-sized offices and large branch offices looking for high availablility, additional bandwidth, and/or remote site VPN failover.
More information
GSS Mobile Office unifies mobility management over any Internet connection to optimise mobile access, centrally manage devices and connections, and control your costs. Users gain a single interface for simple, secure broadband access via the world's largest virtual network of Wi-Fi hotspots, international 3G mobile broadband, Ethernet broadband, satellite and dial. IT staff gain automated device management capabilities for discovering, inventorying, assessing and updating hard-to-reach remote and mobile devices over the Internet. To help companies manage their costs, service is priced on a flat-rate, active user basis.
More information
The BorderWare Security Platform is an easy-to-use, affordable Email and Web appliance that provides security and privacy of inbound and outbound traffic with best of breed technology to prevent Email and Web-based threats, including spam, virus, malware, URL filtering, blended threats, spyware, and network attacks like DOS (denial of service); data loss prevention; and, email encryption;. Specifically designed for organization's to centrally control, protect and manage both inbound and outbound Email and Web traffic, the BorderWare Security Platform consolidates reporting, policies and administration while correlating threats and security risks.
More information
Encryption Related Product Families
Voltage Security, Inc., an enterprise security company, is the global leader in information encryption. Voltage solutions, based on next generation cryptography, provide encryption that just works for protecting valuable, regulated and sensitive information persistently and based on policy. Voltage delivers power, simplicity and the lowest total cost of ownership in the industry through the use of award-winning Voltage Identity-Based Encryption™ (IBE).
More information
Encryption Related Industry News
Appliances, standards boost WLAN security When we looked at wireless LAN security last October in a previous Roundup, we painted a fairly bleak picture. At that time, virtual private networks (VPNs) were the best way to fix the well-known vulnerabilities in the Wireless Encryption Protocol (WEP), which guards most wireless LANs. But VPNs cost as much as $1,500 per wireless access point (AP) and often forced you to lock yourself into one vendor's gear.
Since then, we've seen progress on both......
[more] Ten steps to low-cost wireless LAN security Let me guess: Despite your best efforts to stop them, users are hooking low-cost 802.11b (Wi-Fi) access points (APs) to the corporate network. And, despite your best efforts, your CFO has zero interest in buying the tools you really need to secure these wireless LANs.
Here, then, are some relatively simple, low-cost ways to boost the security of your wireless LANs. They're not perfect, but they do provide at least a first line of defense. And if a......
[more] BT says: Protect your network from professional hackers It's not just the warchalkers you need to worry about... BT Openworld has this week thrown its weight behind the fight against 'Warchalking' - the practice of scrawling chalk marks on the outside of buildings with Wi-Fi networks to encourage passers by to surf on companies' unprotected bandwidth.
However, the UK ISP has warned that it's not just bandwidth pirates you need to worry about. Warchalkers have also drawn attention to the very......
[more] '$1m hacking challenge' product is flawed AlphaShield's "unhackable" consumer security device isn't unhackable, Spanish white hat hackers claim.
In a post to BugTraq, Infohacking.com reports that AlphaShield's appliances are prone to a flaw that could allow a cracker to inject packets into an established session. Potentially, this compromises the security of the device.
Infohacking.com recently evaluated the AlphaShield device. Faced with little technical information it took AlphaShield......
[more] Wireless PDAs and Smartphones: A Hacker's Heaven A real security threat is looming with wireless PDAs , WiFi devices and smartphones . These are the electronic marvels that are pushing the goal of wireless telecommunications to new limits. Industry watchers report that people are dropping their older PDAs like hot potatoes and snapping up the latest generation of wireless devices like crazy. The new PDAs and smartphones can receive e-mail and text messages just like desktop and laptop computers......
[more] Getting a grip on WLAN futures The wireless LAN world is a pretty bad offender when it comes to Alphabet Soup, what with 802.11b preceding 802.11a, and neither being the same type of thing as 802.11e*. So it was useful to hear Jan Haagh, a senior product manager in Proxim's WLAN division, talk through some of latest acronyms.
One to watch out for is WPA, or WiFi Protected Access. This will replace the original WEP wireless security standard, which turned out to be not very secure after all.......
[more] The Wireless-Security Balancing Act If you choose an EAP that doesn't gain de facto standard status, the access point will be to other EAP clients what a two-hole electrical outlet is to three-pronged plugs. Wireless LANs have been billed as the great security wasteland. But thanks to the 802.11b Wi-Fi community's frenetic activity in the last year, an abundance of good security choices now exist, with more on the way.
Wi-Fi security efforts have focused on encryption and authentication, wi......
[more] City sees the benefits of wireless networks Survey shows more businesses are convinced but security is still lax The third annual Wireless Security Survey of London has highlighted a significant increase in the use of wireless networks by businesses.
In the two years since the survey was first undertaken, the number of wireless networks used in the City has increased from 124 in 2001, to 328 in 2002 and 1078 in 2003.
The benefits of the technology appear to have convinced companies, and th......
[more] Wi-fi networks step up security The security of wireless networks used by businesses in London has improved significantly over the last 12 months, says a survey RSA Security found that 66% of the networks surveyed use the encryption system built-in to the wi-fi standard to help them prevent unauthorised access.
This is a big change since the last survey which found that only 37% had the security system turned on.
Despite this improvement, RSA said many firms were still making basic mista......
[more] Opportunities for Wi-Fi hackers on the increase London home to rogue access points IT managers are catching up to the dangers of Wi-Fi, but opportunities for drive-by hackers in London may actually be increasing. New wireless LANs are popping up very fast, and many of them are insecure 'rogue' access points.
This year, only two-thirds of the City's Wi-Fi networks have WEP (wired equivalent privacy), the basic Wi-Fi security standard turned on. That's not a great record, but it is better than l......
[more] Is the Superworm a Mere Myth? Terrorists are not using superworms and other network attacks because they don't reach their target that way," Mikko Hyppönen, director of antivirus research at Finland-based F-Secure, told TechNewsWorld. "Terrorists want to cause fear and panic. You still cause more fear and panic by killing people than by taking down Web sites If one thing is definite about Internet security and worm attacks, say experts, it is that cyber attacks are on the rise in 2004.
Conside......
[more] Vernier WLAN System 'Best Wireless LAN Solution' of 2004 The Vernier gateway IS 6500p wireless local area networks (WLAN) Integrated System earned Technology of the Year Recognition from InfoWorld Magazine. Flexible management and unparalleled scalability earned the wireless local area networks solution the ‘Best Wireless LAN Solution’ 2004 award. Vernier Networks(TM), the leader in secure managed access for the enterprise wireless local area networks (WLAN), announces that the Vernier gateway I......
[more] Is the Superworm a Mere Myth? If one thing is definite about Internet security and worm attacks, say experts, it is that cyber attacks are on the rise in 2004.
Consider the worldwide effect of highly publicized worms like last year's SoBig series and the recent Sinit Trojan and MyDoom outbreaks. Given the potency of some of these worms, security experts are bracing for what some say is an inevitable attack aimed at certain geographically based IP blocks, like those associated with the United......
[more] Security Still Reigns as Wireless 'Weakest Link' The flexibility of being virtually anywhere is the draw of wireless networks, but the back end of that benefit is the need for security. Although companies are tightening the security of Windows-based servers, they face some unknown risks when corporate data takes to the streets. After all, wireless Internet connectivity on notebook computers and PDAs carries all of the risks seen within corporate walls, but the dangers are magnified when security......
[more] F-Secure Antivirus Sales Record High During The Last Quarter of 2003 F-Secure reported revenues of 10.8 million euros for the 4th quarter of 2003 and 39.0m for the full year. The operating result was EUR 1.3 million positive for the fourth quarter. For the full year of 2003 the operating result was EUR 1.5 million positive and Profit Before Tax 4.3 m positive. The antivirus sales were record high and revenues increased by 40% in Q4 and by 21% in 2003. The good progress was due to positive develo......
[more] Is security getting any easier? Although governments and companies appear to be making significant headway on many security problems, don't expect headaches like spam to disappear anytime soon, according to security experts. Human error, combined with the increasing technical sophistication of malicious hackers, creates a situation in which security, ultimately, can never be perfect, security specialists on the cryptographer's panel at the RSA Conference here said Tuesday.
Invariably, indiv......
[more] Will IM be the next security culprit? Might instant messaging become the next preferred propagation method for computer worms and viruses? It's not such a remote prospect. The past year has witnessed the rise of several high-impact worms and viruses that shared three common transmission media: e-mail, network scanning or file sharing. While good patch policies and strong security postures minimized massive infections, a few attacks invariably slipped through the cracks and caused network havoc.......
[more] Row over how to junk spam Microsoft is proposing to stop spam by checking that messages are being sent by the person they claim to come from. The Caller-ID for e-mail idea is one of several proposals floated as a way to stem the rising tide of junk mail.
The internet's engineering body has set up an emergency meeting to sift through the different proposals and draw up a network-wide solution.
But some fear the competing proposals could cause confusion and spell the end of some widely-use......
[more] The Net Has An 'Insecurity' Complex RSA's second annual assessment of online security leaves little doubt that corporations have a long way to go. "Frustration" can pretty much sum up the feeling of Internet users in 2003 as the IT sector scrambled to thwart a barrage of hacks, attacks and flaws that compromised networked computers around the globe.
According to online encryption firm RSA Security, the outlook for easing those frustrations in 2004 is not very encouraging.
As part of its......
[more] Five new Bagles spreading Five new variants of the Bagle worm were released into the wild over the weekend, with two causing particular problems for enterprise antivirus software scanner technology, say experts Bagle versions C, D, E, F and G started propagating over the weekend and although the first three are very similar to the original Bagle--being spread through e-mail and infecting PCs of users who open the attachment--Bagle.F and Bagle.G are designed to slip past most enterprise antivirus......
[more] Firms Look to Limit Liability for Online Security Breaches In the face of ongoing attacks by computer hackers, some companies that store their customers' personal data are adopting a new defensive tactic: If your information is stolen, they're not legally responsible.
Across the Internet, retailers and other service providers that handle consumer transactions are requiring customers to sign agreements waiving any right to sue the companies if the businesses are hacked, regardless of how secu......
[more] Technology solution to slicing spam lags Lawsuits filed by some of the Web's biggest players against junk e-mailers have portrayed an industry united in the war against spam--but there are few signs of collaboration in developing technology standards that could be more effective in slowing the deluge. America Online, EarthLink, Microsoft and Yahoo scored a major publicity coup earlier this month, when they launched their first joint legal assault against spammers. The suits claim that hundreds......
[more] China wireless policy a "concern" The United States said China's attempt to impose its own technical security standard for wireless computer chips was "a matter of grave concern" that could result in a complaint to the WTO.
The US Trade Representative's Office, in a report on global barriers to trade, weighed in on the dispute, which is expected to shut US-based Intel out of the Chinese market for the fast-growing wireless data network technology.
Intel has said it would not comply with th......
[more] Universities, research centers retrench after hacks Academic supercomputing labs continue to clean up Linux and Solaris servers targeted by unknown attackers over the last month, as law enforcement officials investigate the crimes. The attacks compromised servers at several supercomputing labs and universities, including the San Diego Supercomputing Center, the National Center for Supercomputing Applications and Stanford University. While the attacker, or group of attackers, had access to many......
[more] How Secure Is Your Handheld? Your PDA may be more vulnerable than you realize, but protection is available. The number one threat to the sensitive data stored on your PDA or smart phone remains physically losing the device, but other threats are looming on the handheld horizon.
"When you send a defective PDA to the manufacturer for tech support, they usually give you a new one and then resell the old one," says John Girard, vice president and research director at Gartner. "Buying dead machin......
[more] China Downplays Wireless Security Delay The Chinese government downplayed Thursday a decision to delay adoption of new security standards for wireless communications as part of a key trade deal.
U.S. manufacturers had complained the new standards for wireless phone and computer transmissions would unfairly disadvantage them, and, in a broad trade agreement announced Wednesday with the United States, China said it temporarily would hold off on instituting any changes.
Chinese officials d......
[more] 'Blaster-type event' forecast for summer Source code has been released that makes it easy to control PCs without critical Windows patches Program files designed to exploit two major vulnerabilities in Microsoft software are being used to attack computers, but security experts worry that worse -- such as an MSBlast-type worm -- could be ahead.
The warning comes after several security programmers released source code that makes it easy for an attacker to take control of any Windows computer th......
[more] THE A to Z of wireless terms and technologies Everything you need to know about Wireless Jargon 802.11a
54Mbps wireless Ethernet operating in the 5GHz band.
802.11b
The industry standard 11Mbps wireless Ethernet operating at 2.4GHz.
802.11e
Defines quality-of-service for wireless local area networks, to support voice-over IP for example.
802.11g
Successor to 802.11b, providing up to 54Mbps over the same 2.4GHz spectrum used by 802.11b.
802.11h
A supplement to 802.11a to ensure t......
[more] Don't let e-mail be your Achilles' heel Throwing money at a problem doesn't guarantee that it will go away. Sometimes the answer is to throw around a little common sense.
At the recent Enterprise Messaging Decisions 2004 conference, Kevin Beaver, founder and principal at Kennesaw, Ga.-based Principle Logic LLC, offered some plain-spoken advice to IT professionals on how to protect against messaging-system vulnerabilities without busting their budgets.
Beaver discussed common mistakes th......
[more] Secure E-Mail Specs Could Merge Microsoft meets with SPF author to craft a technology standard. After submitting its Caller ID e-mail authentication specification to a standards body, Microsoft is discussing merging its spec with another, called Sender Policy Framework, or SPF.
E-mail experts from Microsoft will spend a weekend meeting with SPF author Meng Weng Wong of Pobox.com, looking for ways to merge the closely-related Caller ID and SPF standards, according to Wong.
"Basically, we'......
[more] F5 Networks Makes $29M Security Splash With eyes fixed on the red-hot application security market, Seattle-based F5 Networks (Quote, Chart) will shell out $29 million in cash to acquire firewall specialist MagniFire WebSystems and fold it into a newly created security business unit.
F5 Networks, which markets server appliances to handle load balancing, said the new business unit will handle research and development, marketing, sales and services in the application security market.
The M......
[more] Backdoor program gets backdoored The author of a free Trojan horse program favored by amateur computer intruders found himself with some explaining to do to the underground last month, after his users discovered he'd slipped a secret backdoor password into his popular malware, potentially allowing him to re-hack compromised hosts.
The program in question is Optix Pro (Backdoor.OptixPro.12), a full-featured backdoor that allows an intruder to easily control a compromised Windows machine remo......
[more] Wardriving for WLAN security The 4th Annual Worldwide Wardrive (WWWD) is under way this week, with volunteers scanning the airwaves in a neighborhood near you for wireless LAN access points.
This year's WLAN discovery effort began June 12 and runs through June 19.
The WWWD is organized by a mixed group of security professionals and hobbyists who cruise areas to document the location of access points and how many of them have even minimal security. The goal is to boost awareness of the n......
[more] Father of the internet says email ID will cure spam If your name's not down, you're not coming in… Making mass emailers identifiable is the first step toward curing the epidemic of spam, said Vint Cerf, one of the architects of the internet.
Cerf, who co-created the TCP/IP (Transmission Control Protocol/Internet Protocol) of the internet and now works as chief corporate strategist for MCI, delivered opening remarks at the first inaugural Email Technology Conference.
The chief topic of de......
[more] ISPs Gang Up on Spammers Even unwitting spammers could lose Internet access under tough proposal. An industry organization representing heavyweight e-mail providers Yahoo, Microsoft, America Online, and EarthLink have teamed on recommendations for ending spam, including cutting off the senders' Internet access.
A Statement of Intent, released Tuesday by the Anti-Spam Technical Alliance (ASTA), lists suggestions and "best practice" recommendations for ISPs, e-mail service providers, governmen......
[more] Wireless security must improve in Europe Around 34% of businesses in London, Paris, Frankfurt and Milan are still leaving their wireless networks open to attack, according to the latest survey commissioned by RSA Security. Many install the networks without changing risky default settings.
The survey also recorded explosive growth in the number of wireless networks across the four financial centres, with the number in London rising 770% since 2001.
Wireless networks – also known as Wi-Fi......
[more] Stronger WLAN security standard approved The IEEE 802.11i specification, the latest set of rules to bolster security on wireless LANs, has received final approval, according to a co-author of the standard.
The IEEE 802.11i subcommittee signed off on the standard Thursday, according to a statement from Trapeze Networks that was attributed to Dan Harkins, a software engineer at the Pleasanton, Calif., WLAN equipment vendor. Harkins was a co-author of several portions of the specification.......
[more] Experts predict Wi-Fi explosion
Now that 802.11i is an official IEEE standard, paving the way for more secure Wi-Fi products, industry experts predict the business community's interest in the technology will skyrocket in the next year or two.
Frank Hanzlik, managing director of the Austin-based Wi-Fi Alliance, said the next step comes in September. That's when his group will start certifying products with WPA2, an update of Wi-Fi Protected Access, which the alliance introduced last year as......
[more] Security concerns still plague wireless take-up Wireless has many benefits, provided companies minimise the risks and rein in ad hoc networks 'Be afraid, be very afraid' is the attitude of many companies when faced with the prospect of using a wireless network.
Because wireless is about broadcasting data that often goes beyond company perimeters, businesses worry that it won't be secure enough. And who can blame them, with a regular stream of surveys highlighting gaping security holes?
Secur......
[more] Bulk mailer faces criminal charges A bulk e-mailer in Florida has been charged with electronically breaking into a massive data warehouse and stealing gigabytes of personal information on Americans, federal prosecutors said Wednesday. Scott Levine, 45, of Boca Raton was indicted by a federal grand jury in Arkansas for allegedly breaking into Acxiom's servers and downloading 8.2 gigabytes of data in what the U.S. Justice Department called one of "the largest cases of intrusion of personal data t......
[more] Wireless Laptops At Democratic Convention Pose Big Risk Next week, thousands will gather in Boston for the Democratic National Convention, many of them armed with wireless-enabled laptops that could present major security problems, a Boston-area firm said Thursday.
Although the convention itself will rely on a wired network, there are hundreds of unsecured wireless access points and cards around and about the FleetCenter, home to the convention, according to tests done by Newbury Networks, a......
[more] Norwegian hacker takes a bite out of Apple's iTunes The Norwegian hacker who broke the DeCSS DVD encryption has now cracked Apple's AirPort technology, which encrypts music sent between iTunes and wireless base stations Jon Lech Johansen, the Norwegian hacker famous for cracking DVD encryption, has cracked Apple AirPort Express.
Johansen has revealed the public key that Apple AirPort Express, a wireless networking protocol, uses to encrypt music sent between iTunes and a wireless base station.......
[more] Intel formally introduces tri-mode Wi-Fi chip Processor supports 802.11a, b and g As expected, Intel introduced its tri-mode wireless chip Thursday with several software enhancements to the product to help improve security and reliability, it said during a Webcast.
The Intel Pro/Wireless 2915ABG Network Connection allows laptops based on Intel's Centrino platform to connect to the three most commonly used wireless networks found in enterprises and homes. The first notebooks with the chip will b......
[more] Wi-fi nets get security makeover The security systems built into wireless networks have had an overhaul. The update uses stronger encryption and does a better job of letting only authorised users join wireless nets.
The improvements have been made to re-assure businesses that wi-fi networks can be made safe enough to be really useful and widely deployed.
However, with a lot of older, insecure wireless technology already installed, it could be a while before all networks are upgraded and mad......
[more] First Wi-Fi products get security certificate The Wi-Fi Alliance got its next certification programme off to a flying start, issuing WPA2 badges to a bunch of products that comply with the 802.11i security specification. The Alliance is readying other programmes for quality of service and the 802.11n fast Wi-Fi standard due next year.
The WPA2 certified products include generic designs from Atheros Communications and Broadcom, so customers can expect to buy products with the badges on by the en......
[more] First 'warspamming' case reaches court A landmark case in America could establish that spammers really do take advantage of insecure wireless networks A US citizen is thought to have become the first person to be accused of hacking a wireless network in order to send spam.
Nicholas Tombros, 37, is charged under the US CAN-SPAM act, which aims to clamp down on unsolicited junk mail. Prosecutors allege that Tombros used a laptop to sniff out insecure residential wireless access points in a Los An......
[more] Wireless security risk highlighted in student project New Zealand wireless network users might be exposing themselves to an invasion. With the growing use of wireless networking technology comes an increasing opportunity for security breaches if people don’t put precautionary measures in place.
An informal survey of homes and businesses in Palmerston North that identified 176 wireless networks found only about a quarter had security measures in place. “I was really surprised,” says fourth-yea......
[more] 802.11i: The next big thing The IEEE standard called Robust Security Networking is a force to be reckoned with. As an amendment to the original 802.11 WLAN standard, 802.11i replaces the original meager 10-page WEP discussion with more than 200 pages of detailed protocol on how to lock unwanted users out of your wireless network.
Approved in July, 802.11i products have started to appear in the market. Even though we received our test equipment before the final draft of the standard was ratifi......
[more] Gaps remain in Wi-Fi security Sadly the new WPA2 security spec won't make your wireless LAN invulnerable Here's some good news - the Wi-Fi Protected Access 2 (WPA2) spec is finally with us, and the Wi-Fi Alliance has begun certifying compliant products. "Hurrah," I hear you shout, "finally we can have secure wireless networks."
Now the bad news; starting with the fact that WPA2 is not so much a standard as an interoperability stamp for wireless encryption and authentication technologies conform......
[more] Some WLANs open to dictionary attack A dictionary attack tool designed to exploit a weakness the Wi-Fi Protected Access security for wireless LANs has been published on the Web.
The software, called WPA Cracker, exploits one option that can be used in WPA, usually in consumer applications or residential WLANs: a pre-shared encryption key. This key is simpler to use and deploy than using the more complex 802.1x for authentication.
With the pre-shared key, a common shared pass phrase is set f......
[more] WLAN Security Adoption Still Trailing Despite Widespread Use of Wireless in the Workplace Around 70 percent of British organisations are either already using or planning to use wireless connectivity as part of everyday business. Yet security remains top of the list when it comes to wireless networking concerns, with more than a third of companies admitting that they would have no way of knowing if their wireless security measures were breached. These are some of the main findings of an independ......
[more] Google Stumbles With New Desktop Tool Google wants to help you effectively access the piles of information you store in the documents, e-mail messages, Web pages, and contact lists stuffed on your PC. And who better to help you than the most popular search engine on the Net, right? Not so fast.
Though it lacks a few features, the beta version of Google Desktop Search does give the same satisfying results for your PC that Google.com provides for the Web. But as it's designed now, GDS also deliv......
[more] A guide to proactive network security Behind our daily barrage of hacker attacks, announcements of new viruses and worms, and frequent risk of downtime is an opportunity. This is your opportunity to step away from the noise, for a moment, and take steps to build a more proactive network security model for your organization.
Countermeasures like firewalls or anti-anything (antivirus, anti-spam, anti-spyware, etc.) are all reactive security tools. They are necessary countermeasures and a part of......
[more] Security is just a mouse click away Next time an e-card with a jolly message drops into your computer's inbox, think before you click it open – it could be a virus which will implant itself in your machine and spread before you even realise it.
Computer users across the world are struggling against a rising tide of viruses and spam which corrupt data, slow down or take over systems and fill inboxes with junk. Viruses are mutating and spreading so fast that anti-virus software cannot keep up.......
[more] Police granted powers to install spyware and Trojans The Australian police have been given the power to install spyware and Trojans on suspected criminals' computers under the new Surveillance Devices Act. The Surveillance Devices Act allows both Federal and State police to use keylogging and tracking software when investigating Commonwealth offences that carry a maximum sentence of three years, according to the Sydney Morning Herald.
Neil Campbell, the national security manager of IT services......
[more] Airwave hackers spark computer alert Almost two-thirds of wireless computers installed in offices, homes and public buildings have no basic security safeguards and can be snooped on by amateur hackers, according to a Sunday Times investigation.
The lack of protection means that e-mails and sensitive computer files can be accessed by hackers using little more than a laptop and an antenna.
The revelation has sparked concern among the police and will come as a shock to tens of thousands of......
[more] Access all areas Doubts about security have long discouraged many firms from deploying mobile computing. But wireless technology has moved on When many companies find it hard enough to control the IT use of office-based employees, how do you convince them that giving staff remote access is a good idea?
This is the dilemma that faces all notebook, wireless networking and remote-management software manufacturers and resellers. There are a lot of variables to consider. The process of providing a m......
[more] Wi-Fi Alliance to Promote WLAN Security The Wi-Fi alliance will use its pull in the industry to improve security measures in wireless LAN hardware over the next year.
The Austin, Texas, trade organization, which confers the right to use the Wi-Fi label on hardware, plans to increase encryption requirements for certification. But members of the security task groups within the alliance stress that the onus of WLAN security still lies with the customer.
Last fall, the group quietly made support......
[more] Why standards are important for wireless security Industry standards play a critical role in R&D, product development and marketing initiatives which in turn help organizations meet their business objectives. Standards simplify product development and reduce non-value-adding costs, thereby increasing a user's ability to compare competing products. Standards also represent fundamental building blocks for international trade and communications.
Successful businesses benefit from standards both......
[more] Microsoft Warns of New Security Threat System monitoring programs, called rootkits, may pose a serious danger to your PC. Microsoft security researchers are warning about a new generation of powerful system monitoring programs, or "rootkits," that are almost impossible to detect using current security products and that could pose a serious risk to corporations and individuals.
The researchers discussed the growing threat posed by kernel root kits at a session at the RSA Security Conference in S......
[more] MS and security: good effort but no cigar Last week I watched the webcast of Bill Gates speaking at the RSA conference in San Francisco. He talked about Microsoft's plans to build upon the progress it's already made in security. These plans included better protection against spyware and spam. Gates also announced Microsoft's intention to release Internet Explorer 7, complete with a number of security improvements, by the end of this year.
Looking back, the company has indeed made notable progr......
[more] AirMagnet to complete a comprehensive Wireless solution for the US Government AirMagnet, Inc., announced today its participation in iGov's one-of-a-kind, turnkey, secure wireless networking solution that ensures interoperability among multiple wireless technologies and the wired network. iGov's new comprehensive solution, iSolutions for Wireless, combines sales, marketing, and engineering resources from 10 partners, including AirMagnet, that iGov has identified as industry leaders within the Fe......
[more] Wireless security still lax Report finds 36 per cent of the City's wireless networks left open to attack More than a third of businesses using wireless networks in the City of London are overlooking basic security, leaving themselves exposed to drive-by hackers.
The fourth annual Wireless Security Survey of London shows the number of wireless local area networks (WLans) increased by 62 per cent in 2004, with access points rising from 1,078 to 1,751.
But the research, conducted by security spec......
[more] Handheld Security Too Expensive For Enterprise? If your enterprise relies on PDAs and smartphones to get business done, you may be paying too much to secure it, according to a report issued Monday.
An analyst at IT research firm Burton Group found that the cost of a complete set of security products (antivirus, VPN, device security and management) can be higher than the cost of the device itself.
In his research report, "Handheld Device Security," Eric Maiwald surveyed the market of busines......
[more] CyberGuard Provides Ten Tips for Corporations to Protect Customer Information from Identity Theft In the wake of the increasing cases of identity theft, Paul Henry, a leading security industry expert and Senior Vice President with CyberGuard Corporation, has developed ten recommended tips for corporate IT managers and Security Officers to protect customer information from identity theft. Mr. Henry has served as an expert commentator for a variety of media outlets, including NBC Nightly News, CN......
[more] Microsoft finally acknowledges wi-fi security standard Year's delay - but Window XP supports WPA2 Microsoft has released native support for the IEEE 802.11i wireless security specification in Windows XP and its variants, nearly a year after the standard's ratification. The update, made available on Friday, gives Windows compatibility with WPA2 - the certification based on 802.11i - as well as a standard designed to help laptops connect to secure public hotspots.
The Wi-Fi Alliance's WPA2 is de......
[more] Dutch hacker love-in faces the chop A distinguished hackers' gathering scheduled to take place in July faces a ban by the local municipality. The mayor of Boxtel, in the Netherlands, cites "fear of breaches of law and order and danger to public safety". The organisers of What the Hack have been told they now need a permit for the event to happen.
Organiser Rop Gonggrijp, co-founder of the first ever Dutch Internet provider XS4ALL and former editor-in-chief of the 1980's hacker magazine Hack-Ti......
[more] Miscreants encrypt files, hold them for ransom In a new type of online attack, extortionists remotely encrypt user files and then demand money for the key to decode the information. In a case documented by San Diego-based Web security company Websense, the attack occurs after a user visits a Web site containing code that exploits a known flaw in Microsoft's Internet Explorer Web browser. The flaw is used to download and run a malicious program that in turn downloads an application that encrypts......
[more] How safe is your wireless network? Last week's security seminar in Croke Park kicked off with a nod to nostalgia: things used to be much simpler. The sentiment is certainly true for wireless networking. Eoghan Johnson, Irish sales manager for conference organiser Global Secure Systems (GSS), remarked 10 years ago networks were self-contained. Now, as wireless networks become more prevalent, they carry an additional security overhead.
Johnson introduced the results of a recent survey conducted......
[more] Citibank admits: we've lost the backup tape The retail finance division of Citigroup has admitted that a backup tape containing personal information on almost 4 million customers has gone missing. The United Parcel Service lost the tape on May, and it hasn't been seen since. CitiFinancial only noticed the tape was missing on May 20. The tape contains Social Security numbers and transaction histories on both open and closed accounts at the bank’s lending branches.
Citigroup says it has no reaso......
[more] Wireless perils are nothing new A short history of security hazards of wireless communications When wireless telephone handsets (ordinary phones useful for short-range wandering around the house and garden, not cellular telephones) were introduced into the home market years ago, teenagers very quickly discovered that it was the handset that controlled connection to the public switched telephone network. In other words, putting the handset down on the cradle or picking it up had nothing to do wit......
[more] Man Charged With Stealing Wi-Fi Signal Police have arrested a man for using someone else's wireless Internet network in one of the first criminal cases involving this fairly common practice.
Benjamin Smith III, 41, faces a pretrial hearing this month following his April arrest on charges of unauthorized access to a computer network, a third-degree felony.
Police say Smith admitted using the Wi-Fi signal from the home of Richard Dinon, who had noticed Smith sitting in an SUV outside Dinon's h......
[more] Caught in a Web of Viruses, Spyware, Hoaxes, Spam, Phishers, Pharmers and Every Other Scam? Online Shopping Still Beats Going to the Mall Research shows that eCommerce trends are moving upward. With so many good security products available and better security awareness, people are taking charge of their online shopping experiences and coming back for more. Consider this scenario for a moment: You are at the mall and standing in line to purchase a few items. As you mindlessly wait your turn and f......
[more] U.K. cops want to attack terrorism Web sites British police want to launch DoS attacks on terrorism sites and to make it an offense to fail to disclose encryption keys. A list of antiterror recommendations from the Association of Chief Police Officers has been handed to Members of Parliament in the wake of the London bombings this month, as the government reviews laws on how to tackle terrorism.
Under the proposals, it would become an offense to fail to disclose encryption keys and to use the......
[more] Wireless hijacking under scrutiny A recent court case, which saw a West London man fined £500 and sentenced to 12 months' conditional discharge for hijacking a wireless broadband connection, has repercussions for almost every user of wi-fi networks. It is believed to be the first case of its kind in the UK, but with an estimated one million wi-fi users around the country, it is unlikely to be the last.
"There are a lot of implications and this could open the floodgates to many more such cases,......
[more] The Case of the Stolen Wi-Fi Whether you're unwittingly sharing your wireless LAN or poaching, be aware of the risks. Benjamin Smith III and Gregory Straszkiewicz both were arrested for allegedly stealing something no one could see, hear, or feel. That thing was valuable enough for victims to press charges in both cases. But the arrests were over something many consumers throw out their windows every day: a Wi-Fi signal.
The idea of a police car roaring down the street to catch a roving "Doom"......
[more] Most Spyware Born in The USA Spyware purveyors are developing and deploying new tactics to deliver infectious malware to corporate PC's faster than IT executives can enlist solutions to block them.
And most of the malicious code is coming from within United States, according to a study released today.
Spurred by the increasing potential for big profits, spyware developers are successfully pushing new tactics at rates that are overwhelming many businesses, according to the "State of Spyware"......
[more] Spammers Add Use of Legitimate Katrina Relief Websites to Growing Arsenal of Tools, Warns SurfControl SurfControl, a world leader in enterprise threat protection, today issued a security advisory to enterprise IT departments and individuals about an alarming rise in unsolicited Spam e-mail messages carrying URLs of legitimate donation websites. SurfControl's Global Threat and Analysis Center believes this is an attempt to condition people to respond to unsolicited e-mail without fear of harm, i......
[more] Microsoft Beefs Up IE 7 Security Microsoft will dump SSL 2.0 encryption in the upcoming Internet Explorer 7 for a stronger security protocol, TLS 1.0, the IE 7 development team has revealed.
The default settings for the HTTPS protocol in IE 7 will be for TLS (Transport Layer Security) 1.0. In the current Internet Explorer, TLS must be enabled by the user, via the Tools/Internet Options/Advanced menu.
IE 7 will also block access to Web sites that offer up a problematical digital certificate.......
[more] AirMagnet Introduces BlueSweep Utility for Bluetooth AirMagnet, Inc., the leader in wireless LAN (WLAN) security and performance solutions, today introduced its BlueSweep software, designed to identify nearby devices with Bluetooth wireless technology and alert users to potential Bluetooth security risks. The AirMagnet software identifies and tracks devices up to 300 feet away and lets users know what their own Bluetooth devices are doing. BlueSweep runs on laptop computers that support Windows......
[more] Sober Virus Clones Taunt AV Vendors A new batch of Sober virus clones has been spammed around the world to seed botnets for malicious use, anti-virus vendors warned Tuesday.
The appearance of the latest threat comes 24 hours after law enforcement authorities in Germany predicted the Sober mutants would appear as e-mail attachments in German or English.
According to F-Secure Corp., an anti-virus vendor based in Finland, at least four new versions of the virus have been detected. All are capabl......
[more] AirMagnet's WLAN analyzer goes remote The latest version of a wireless LAN analyzer from AirMagnet announced Monday, allows remote scanning over any LAN or Internet connection and can run on a Centrino-equipped laptop without a separate Wi-Fi card.
AirMagnet Laptop Analyzer is software that roving network administrators and installers can load on a notebook PC and use to study activity on an enterprise wireless LAN. Among other things, it can detect radio wave interference and security violati......
[more] Police investigate charity credit card data hack Police at Scotland Yard's computer crime squad are investigating the hacking of a UK charity website that has resulted in the theft of almost 3,000 credit card details.
Hackers breached the security of the Aid to the Church in Need website on Sunday 27 November and stole the credit card details, names and addresses of 2,800 charity donors held on the system.
The fraudsters have already used the stolen credit card details and have even telephone......
[more] Hackers snatch users' info from online store 'Your money or your data' A maker of popular role-playing games was forced to shut down its online store for four days after hackers pilfered email addresses, user names and encrypted passwords.
White Wolf Publishing, creator of video and table-top games such as World of Darkness and Vampire: The Requiem, received a message from an "international group of hackers" on 11 December saying they had penetrated the company's online security defence, said a......
[more] Idealstor Launches Ibac 3.0 Idealstor, a leading manufacturer of removable disk-to-disk backup solutions, has announced that Ibac 3.0, a new version of its data protection software, is now available to customers. Ibac 3.0 introduces target folder encryption and Idealstor’s Quick System Recovery (QSR) disk.
Protecting sensitive information from prying eyes even after it has been backed up has become increasingly important. Encryption is increasingly recommended and may eventually be mandated a......
[more] Idealstor Bolsters Encryption for Disk Backup Idealstor is introducing new encryption and system restore capabilities to coincide with the company's upgraded Ibac 3.0 removable disk-to-disk backup appliance.
Currently shipping, the new version of Ibac marks the debut of Idealstor's target folder encryption and QSR (Quick System Recovery) disk options.
Target folder encryption allows administrators to choose specific data which is to be encrypted using 128-bit DESX or Triple-DES encryption t......
[more] IPsec dead by 2008, says Gartner The IPsec protocol that has served remote access so well for the last decade is now in its death throes, Gartner has prophesised.
In a new report, it predicted that by 2008, the use of IPsec will have been swept away by its younger technological rival, SSL, for much of the market. By that year, two-thirds of teleworking remote access employees - and 90 percent of casual access users - will have adopted SSL.
In the last three years, SSL has attracted three mill......
[
