Firewall
Firewall
In computing, a firewall is a piece of hardware and/or software which functions in a networked environment to prevent some communications forbidden by the security policy, analogous to the function of firewalls in building construction. A firewall is also called a Border Protection Device (BPD), especially in NATO contexts, or packet filter in BSD contexts. A firewall has the basic task of controlling traffic between different zones of trust. Typical zones of trust include the Internet (a zone with no trust) and an internal network (a zone with high trust). The ultimate goal is to provide controlled connectivity between zones of differing trust levels through the enforcement of a security policy and connectivity model based on the least privilege principle.
Proper configuration of firewalls demands skill from the administrator. It requires considerable understanding of network protocols and of computer security. Small mistakes can render a firewall worthless as a security tool.
Definitions provided by Wikipedia - The Free Encyclopedia
Firewall Related Products
The GB-Ware is a software firewall powered by GNAT Box System Software certified to ICSA 4.0 Corporate criteria. The GNAT Box System Software was designed from the ground up as an integrated firewall system with interoperability of features, easy installation and remote management. We supply the OS and firewall software - you supply the hardware.
More information
McAfee UTM Firewall (formerly Secure Computing SnapGear) is a complete office network-in-a-box Internet security appliance for small and medium-size businesses (SMBs). It features wide-area networking tools that you would normally only see with enterprise-class devices. Because the last thing SMBs need is another single-purpose security appliance to add to their network.
More information
The GB-250 and GB-250e Firewall UTM Appliances are GTA's entry level systems that provide big security for smaller business offices. Designed and priced to meet the needs of smaller organisations, the GB-250 and GB-250e include the same security and UTM features of our larger enterprise firewall UTM appliances, but scaled to fit the needs of offices with fewer than 50 employees.
More information
The AppGate Security Server can act as the core of the security solution. AppGate Security Server unifies all the necessary security elements such as authentication, authorisation, encryption, access control, client control etc. into one easy-to-manage, comprehensive solution.
More information
The AppGate Distributed Device Firewall protects windows systems by checking all traffic to and from the network. It can be used as a standalone product or as a companion to the AppGate VPN clients. Accompanied by an AppGate client, it can be configured to allow only one outbound connection, the authorised and encrypted secure tunnel, when connected to an AppGate server.
More information
Surf Sentinel is a complete and accurate content filtering solution that meets the requirements and demands of both users and technology providers. Surf Sentinel's core technology hosts and manages URL categorization, and policy management. Flexible interpretation of acceptable use policies is possible with over 70 content categories and over 100 million categorized URLs. Content is updated regularly.
More information
The GB-3000 Gigabit Firewall UTM Appliance is Global Technology Associates' flagship appliance. It offers the highest throughput and most comprehensive feature set in GTA's product line. The GB-3000 provides powerful network security and strong performance by delivering world-class protection and gateway threat management capabilities in a single dedicated appliance.
More information
The RA510 Series of rack-mountable proxy appliances provides small to mid-sized sites with the power to extend remote access to employees, partners, and customers while delivering on demand endpoint security and information protection features.
More information
McAfee Firewall Enterprise (formerly Secure Computing Sidewinder) appliances provide powerful centralised management and reporting tools to ease planning, troubleshooting, and configuration, while global reputation technology reduces up to 70 percent of unwanted traffic and blocks attacks before they occur.
More information
The RA8100 Series of rack-mountable proxy appliances provides large-sized sites with the power to extend remote access to employees, partners, and customers while delivering on demand endpoint security and information protection features.
More information
Intelligent Application Gateway (IAG) is a remote access gateway that boosts productivity by giving mobile and remote workers, partners, and customers easy, flexible, and secure access to virtually any application from a broad range of devices and locations. Using a combination of SSL VPN (secure socket layer virtual private network), a Web application firewall, and endpoint security management, IAG provides employees, partners, vendors, and customers with secure and easy access from a broad range of devices and locations including kiosks, PCs, and mobile devices.
More information
Unified Access Control from Juniper Networks combines user identity, device security state and network location data to create a unique, dynamic access control ploicy for each individual user and session.
More information
Used in combination with RSA SecurID authenticators, the RSA SecurID Appliance is designed to validate the identities of users by requiring the user to present a PIN (something they know) along with their token code (something they have) before granting access to valuable network resources.
More information
The Juniper Networks SA series SSL VPN appliances ensure theat remote and mobile employees, customers and partners have anytime, anywhere access to corporate resources and applications.
More information
The Juniper Networks Integrated Security Gateways (ISG) are purpose-built, security solutions that leverage a fourth generation security ASIC, the GigaScreen3, along with high-speed microprocessors to deliver unmatched firewall and VPN performance.
More information
The Juniper Networks NetScreen Series is specifically designed to deliver high-performance firewall/VPN security to large enterprise, carrier and data centre networks.
More information
H2A, GTA's firewall high availability solution, is a cost effective resilient network security solution. This feature is easy to enable utilizing an activation code. There is no additional software to install on the firewall systems. The H2A configuration is simple and fast, providing you with a solid highly available firewall system that is up and running in a matter of minutes.
More information
Palo Alto Networks' next-generation firewalls enable enterprises to see and control applications, users, and content - not just ports, IP addresses, and packets - using three unique identification technologies: App-ID, User-ID, and Content-ID.
More information
The Check Point Software Blade Architecture supports a complete and increasing selection of Software Blades, each delivering a modular security gateway or security management function. Because Software Blades are modular and moveable, Software Blades enable users to efficiently and quickly tailor Security Gateway and Management functionality to specific and changing security needs. New blades are quickly licensed as needed without the addition of new hardware.
More information
Web application firewall (WAF) appliance for improving the security and availability of business-critical Web applications and enabling PCI compliance.
More information
Trend Micro Mobile Security protects smartphones and PDAs from data loss, infections, and attacks from a central enterprise console that can also manage desktop protection. Encryption and authentication defends data integrity on lost or stolen devices. The anti-malware features block viruses, worms, Trojans, and SMS text message spam. Built-in firewall and IDS protects against hackers, intrusions, and denial-of-service attacks - potential threats to the increasing number of Wi-Fi-enabled mobile devices.
More information
The GB-2500 Gigabit Firewall UTM Appliance is one of GTA's most capable firewall UTM appliances. Designed for businesses with substantial network demands, the GB-2500 features a powerful Intel Dual-Core processor, two gigabytes of RAM and four gigabytes of static memory.
More information
The GB-2100 Gigabit Firewall UTM Appliance provides powerful, comprehensive protection and network reliability for organisations of all sizes. The GB-2100 Firewall UTM Appliance is designed for organisations that desire a single, dedicated firewall appliance to handle complex network environments and protect their businesses from outside exploits.
More information
The GB-820 Gigabit Firewall UTM Appliance Specifically designed for smaller offices, the GB-820 Firewall UTM Appliance provides gigabit performance with all the features and tools available in larger appliances, but in a space-saving desktop unit and with a budget-friendly cost.
More information
Firewall Related Product Families
Palo Alto Networks is the leader in innovative, next generation Firewalls. Founded by security visionary Nir Zuk, they offer real innovation in the firewall by enabling unprecedented visibility and control of applications and content - by user, not just IP address - at up to 10Gbps with no performance degradation.
More information
Firewall Related Industry News
Hacker Group Targets Countries That Censor Internet NEW YORK (Reuters) - Some of the world's best-known hackers unveiled a plan this weekend to offer free software to promote anonymous Web surfing in countries where the Internet is censored, especially China and Middle Eastern nations.
An international hacker group calling itself Hactivismo released a program on Saturday called Camera/Shy that allows Internet users to conceal messages inside photos posted on the Web, bypassing most known po......
[more] Ten steps to low-cost wireless LAN security Let me guess: Despite your best efforts to stop them, users are hooking low-cost 802.11b (Wi-Fi) access points (APs) to the corporate network. And, despite your best efforts, your CFO has zero interest in buying the tools you really need to secure these wireless LANs.
Here, then, are some relatively simple, low-cost ways to boost the security of your wireless LANs. They're not perfect, but they do provide at least a first line of defense. And if a......
[more] BT says: Protect your network from professional hackers It's not just the warchalkers you need to worry about... BT Openworld has this week thrown its weight behind the fight against 'Warchalking' - the practice of scrawling chalk marks on the outside of buildings with Wi-Fi networks to encourage passers by to surf on companies' unprotected bandwidth.
However, the UK ISP has warned that it's not just bandwidth pirates you need to worry about. Warchalkers have also drawn attention to the very......
[more] VPN, Firewall Sales Set to Climb Worldwide revenue from sales of virtual private network and firewall hardware and software will grow by 31 percent from $668 million in the third quarter of 2002 to $874 million in the third quarter of next year, according to research released Wednesday by Infonetics Research.
Worldwide annual revenue in this market will reach $4.9 billion in 2005, Infonetics said.
A key market driver is the ready availability of low-cost Internet bandwidth which enables......
[more] ICSA Labs' Firewall 4.0 Certification Criteria is the First-Ever Customized Program to Test Products against the Unique Security Needs of Three Distinct User Groups Eleven Firewall Products Meet the Security Industry's Most Rigorous and Customized Testing Criteria MECHANICSBURG, Pa.--(BUSINESS WIRE)--Dec. 3, 2002-- ICSA Labs®, an independent division of TruSecure Corporation®, today announced that it has created the first testing and certification criteria that address the unique performance nee......
[more] VPN experts downplay 'splitting' headache At a time when protecting corporate networks is paramount, many users are steering clear of a feature of IP Security VPNs called split tunneling, a move that can give a false sense that remote-access networks are more secure than they really are, experts say.
Split tunneling was created to allow Web surfing and corporate VPN access simultaneously from remote PCs. The benefit of split tunneling is that corporations can conserve bandwidth needed for I......
[more] Security spending to hit $13.5bn by 2006 Global revenues in enterprise security technology are predicted to reach $13.5 billion by 2006, up from $7.1 billion in 2002 last year. Intrusion protection, vulnerability assessment technology and security management tools are tipped to be key revenue generators in a new report by market watcher Datamonitor called Enterprise Security Product Markets.
While North America will remain the largest market, predicted to reach $6.9 billion in 2006, Latin A......
[more] Security Software Still Going Strong in Western Europe The Western European market for IT security software remains buoyant, according to a report just released by IDC. The report, entitled `Western European Security Software Forecast and Competitive Vendor Shares, 2002/2007,' says that, during 2002, sales for security software in the region were $2 billion.
This year, the IT research firm predicts, the market will increase by around 15 per cent and, by 2007, it will have reached $4.5 billion......
[more] Virus poses as Microsoft update A Windows virus masquerading as a security update from Microsoft is spreading via e-mail, warn experts. The worm, dubbed Swen or Gibe, comes as an e-mail attachment and exploits a two-year-old hole in Internet Explorer.
Nearly 35,000 copies of the worm in 82 countries have been reported by one security company, while another has classified it as a high risk.
Computer users are advised not to click on attachments in unknown e-mails and update their systems......
[more] Microsoft tweaks, new laws won't make '04 safer Looking back at security issues of 2003 and ahead to 2004 For computer security experts, 2003 started with the Slammer Internet worm and went downhill from there. The year, which included four major worm and virus outbreaks just in August, has been labeled the "year of the worm" and "the worst year ever" by more than one computer security expert.
All that activity meant good news for antivirus software companies, such as Symantec. It was bad ne......
[more] Security 2004: How it will shape up Even with growing security budgets and abundant technology choices, 2003 was a mixed year for information security professionals. Internet business processes, new technologies and more regulations combined to impose unique security concerns on overburdened security staffs. What's more, the year was punctuated by numerous malicious code attacks that led to business interruption, constant emergency activity and lots of overtime.
Security will remain a hot to......
[more] Spam with Trojan horse attacks eBay users Virus authors are using spam e-mails containing a Trojan horse program to help spread the latest version of the Mimail e-mail worm. The latest threat, which targets customers of eBay's PayPal online payment service, highlights a growing trend in which online criminals combine computer viruses, spam distribution techniques, Trojan horse programs and "phishing" scams to circumvent security technology and fool internet users, said Carole Theriault, securi......
[more] Handle security incidents in seven steps Your possibility of encountering a security incident grows each day. You don't want to wait until you're in the middle of a crisis before you begin to develop a rational plan for handling an attack. Being prepared for an incident is essential to the survival of your network and its resources. Incident handling begins with planning and establishing policies and procedures.
Developing a plan of attack for each type of security incident is crucial to the......
[more] Worms Hit Home It's early in 2004 and Microsoft is sick with nearly 65,000 viruses, it's crawling with worms, and there are enough packaged trojans sitting around to wreak havoc on almost any virile computer. It would be nice for security professionals to afford a week off from the world of viruses, worms, trojans, and backdoors to enjoy a long overdue vacation, but we all know the malevolent attempts of the next major outbreak are just around the corner. The fact that each of us can only contr......
[more] Viruses and hackers make Windows more secure Virus writers and hackers are helping Microsoft to develop more secure products, Bill Gates claimed yesterday Speaking at at the Developing Software for the future Microsoft Platform in London yesterday, just hours before the MyDoom virus began spreading like wildfire across the Net, Gates reiterated that security remains key priority for the software giant.
He acknowledged that better security is vital if its .NET strategy is to succeed.
Micr......
[more] Why you must install a firewall -- now Anti-virus software won't protect you from the latest type of worm affecting Windows systems: you need a personal firewall. Here's why there's never been a better time to take this extra precaution If you haven't already installed a personal firewall on your Windows computer, consider this your last warning. MSBlast, the worm that exploited the buffer overflow in Windows' DCOM RPC protocol, wasn't the sort of email-borne pest that anti-virus software is goo......
[more] Security Flaw Found in Firewall Software Two dangerous software flaws that could become attractive targets for hackers have been discovered in widely used computer-security software made by Check Point Software Technologies Ltd If hackers create programs to exploit the flaws, which security experts found in Check Point's firewall and virtual-private network software, they could wreak havoc on the corporate networks they're designed to protect.
Check Point's firewalls are used to control Inte......
[more] Security Flaw Found in Firewall Software Two dangerous software flaws that could become attractive targets for hackers have been discovered in widely used computer-security software made by Check Point Software Technologies Ltd If hackers create programs to exploit the flaws, which security experts found in Check Point's firewall and virtual-private network software, they could wreak havoc on the corporate networks they're designed to protect.
Check Point's firewalls are used to control Inte......
[more] Your computer could be a 'spam zombie' Next time you're looking for a culprit for all that junk mail flooding your inbox, have a glance in the mirror. Spammers are increasingly exploiting home computers with high-speed Internet connections into which they've cleverly burrowed.
E-mail security companies estimate that between one-third and two-thirds of unwanted messages are relayed unwittingly by PC owners who set up software incorrectly or fail to secure their machines.
David Lawrence, 4......
[more] Microsoft Sending Security Patches on a CD In a bid to target a security hurdle rampant with dial-up Internet users, Microsoft has rolled out a security update CD giveaway for users of Windows XP, Windows Me, Windows 2000, Windows 98, and Windows 98 Second Edition (SE). The Windows Security Update CD will ship with all of its "critical" patches released by the software giant through October 2003 and free anti-virus and firewall trial software.
The launch of a CD giveaway with security patche......
[more] Microsoft enlists developers in security push Microsoft is preparing updates to its programming tools that will be released in tandem with Windows XP Service Pack 2, a security-oriented release due out later this year. The company is building service packs for its Visual Studio.Net 2003 development tool and the .Net Framework--the software plumbing, or "runtime," needed to run Web services applications on Windows, a Microsoft executive told CNET News.com. The changes, which are designed to guide......
[more] Through the security looking glass The annual RSA Conference, which just concluded in San Francisco, is the technology industry's premier security event. After covering a half-dozen RSA conferences in the 1990s (including several for CNET News.com), I returned this year for the first time since 1999. Talk about a time warp.
As cybersecurity has become an ever larger concern, the data security industry has mushroomed. But although the lingo has changed from the prespam days, you can divide th......
[more] Bagle and Netsky battle for supremacy in war of the worms, Sophos advises Netsky virus removes Bagle as cyber war grows Expert virus researchers at Sophos have declared that a state of war exists between the creators of the Netsky and Bagle worms, both of which have spread widely across the internet in a number of different guises.
The author of the Bagle worms has encoded a number of abusive messages inside recent variants of his creation, attacking the Netsky worm's creator.
Meanwhil......
[more] Spammers target home PCs You may hate getting spam but unless you are careful you could be responsible for sending some of it. It is estimated that at least one-third of all junk mail messages is being relayed by home computers.
And to make matters worse your humble home PC was probably turned into a spam-spewing relay by one or more computer viruses.
Computer viruses have come a long way since the days when they were just a nuisance put together by a teenager with too much time on their......
[more] Microsoft aims to save users from themselves XP SP2 has features to encourage automatic downloads and installation of updates Most security issues and virus outbreaks happen because people don't know how to protect themselves or don't bother to do what they know they should. In the latest update to Windows XP, Microsoft Corp. has focused on helping people become more aware of what they need to do, and encouraging them to actually do it, Lead Program Manager for Service Pack 2 Ryan Burkhardt said......
[more] Security appliances, not software, are way forward IDC study points to new trend. Small businesses are rolling out security appliances, in place of security software, to lower the cost of increasingly complex security requirements, according to a new study.
Spending on server security appliances increased in Western Europe by 24 percent in 2003, with year-on-year growth of 46 percent in the final quarter of the year, according to IDC. Total spending in the region was $402.1 million (Ł219.4m)......
[more] Fixes are in for OpenSSL The group behind OpenSSL, a widely used open-source Web security program, released two patches for security flaws to block potential denial-of-service attacks, the organization's developers said on Wednesday. The flaws affect more than Linux systems that have the software installed. They could also hobble many routers and network devices that incorporate the software. Cisco Systems released an advisory on Wednesday, saying its PIX firewall devices and some routers could......
[more] ISP Gets Tough With 'Zombie' Customers Broadband provider Comcast is taking a tough new approach to targeting "spam zombies" -- those virus-infected, unwitting spam-sending computers among its broadband base.
The ISP is telling customers to get virus-scanning and firewall software loaded or risk losing their high-speed connection until the problem of virus infections on their computer is fixed.
In recent weeks, the cable broadband giant has been alerting surprised customers to the probl......
[more] 'Witty' Worm Wrecks Computers A quickly spreading Internet worm destroyed or damaged tens of thousands of personal computers worldwide Saturday morning by exploiting a security flaw in a firewall program designed to protect PCs from online threats, computer experts said.
The "Witty" worm writes random data onto the hard drives of computers equipped with the Black Ice and Real Secure Internet firewall products, causing the drives to fail and making it impossible to restart the PCs. Unlike ma......
[more] Stopping the enemy at the gate Over the past few years, security vulnerabilities have spiralled, writes Bloor Research analyst Fran Howarth. The CERT Co-ordination Centre, a federally-funded R&D centre operated by the Carnegie Mellon University in the US, publishes statistics of security vulnerabilities that are reported to it on an annual basis. In 1995, just 171 such incidences were brought to its attention; by 2003, that figure had risen to 3,784.
This increase in vulnerabilities is caus......
[more] Witty worm exploits hole in ISS security product A new worm that exploited a hole in some of Internet Security Systems Inc.'s (ISS') intrusion protection products seems to be dying down after affecting thousands of IP (Internet Protocol) addresses since Saturday The so-called Witty worm, affecting some versions of ISS' BlackIce and RealSecure intrusion protection products, is "highly malicious" because it slowly destroys the system it infects, according to an alert from Lurhq Corp., a managed se......
[more] Growing virus threat prompts bank to outsource network security monitoring Standard Chartered Bank is to bolster its defences against internet-borne viruses by outsourcing the monitoring and analysis of its network and firewall traffic across 500 sites worldwide. Security specialist NetSec will provide early warnings of hacking or virus attacks, a move the bank said would dramatically reduce threat response times.
A combination of increasing regulatory pressure and shortages of qualified secu......
[more] Witty worm crawls through ISS firewalls Network security company ISS is likely to face embarrassing questions from its customers following the discovery of new worm on Saturday that was exploiting flaws in its software. The worm, dubbed Witty.A, was designed to breach a security hole in the company's widely-used firewall product lineups, such as its BlackICE and RealSecure software series.
Reports from Internet monitoring firms suggest the worm is similar to Blaster, which appeared last Aug......
[more] Witty worm frays patch-based security The Witty worm first hit computers known to be vulnerable and emerged so quickly that most companies had no time to apply a patch, according to an analysis of the program The worm started spreading around the Internet last week, less than 48 hours after the first public description of the flaw was released. That's the fastest development to date of a worm from a vulnerability, according to a report published Thursday by the Cooperative Association for Intern......
[more] Witty sets a new worm record Report says malware beat patchers to the draw The Witty worm first hit computers known to be vulnerable and emerged so quickly that most companies had no time to apply a patch, according to an analysis of the program.
The worm started spreading around the internet last week, less than 48 hours after the first public description of the flaw was released. That's the fastest development to date of a worm from a vulnerability, according to a report published Thurs......
[more] Gates talks speech, spam If Bill Gates gets his way, within 10 years speech technology will be ubiquitous and the unrelenting security headaches of today will be only a distant nightmare. Interviewed by Gartner CEO Michael Fleisher on stage here at the Gartner Symposium ITxpo 2004, Gates also touched on the importance of security, Web services, and visual modeling technologies.
In response to the question of which IT innovations will gain prominence within 10 years, the chairman and chief s......
[more] Windows XP security gets tighter Microsoft is preparing an update to Windows XP that is intended to make the operating system more secure. Dubbed Service Pack 2 (SP2) the update will close some loopholes that virus writers and malicious hackers have exploited to infect or take over PCs.
The add-on for XP will also include extras that block pop-up ads by default and give users a clearer picture of how secure their system is.
The update is due to be finished and released to users by the e......
[more] Security budgets soared in 2003 The combined revenues of 22 of the largest publicly listed pure-play IT security vendors grew 14 per cent last year The heavy hitters of the security market posted combined revenues of $5.33bn last year compared to $4.67bn in 2002, according to a study by analysts Datamonitor published today.
"A steady rise in security revenues in 2003 indicates that corporate budgets are becoming less constrained and that security remains top of CIOs' agenda. This indicates st......
[more] XP fix previews impact of a more secure Windows When Microsoft released the first public beta for Windows XP Service Pack 2 a few weeks ago, it knew the built-in security enhancements could cripple some corporate applications.
Companies testing XP SP2 say they are seeing some of that, but note a more significant development: Corporate users will have to change the way they develop applications and build networks to compensate for the security changes Microsoft is making to its desktop and s......
[more] New Netsky worms change their stripes New versions of the Netsky e-mail worm are spreading on the Internet and may be the work of a different author than previous editions of that worm, according to anti-virus software companies.
Netsky.S appeared on Monday and Netsky.T was detected Tuesday. They are the 19th and 20th editions of an e-mail virus that first appeared in February. Unlike earlier variants, the new Netsky strains open "back doors" on machines they infect, prompting at least one......
[more] Kazaa and eDonkey brace for NetSky-Q onslaught Zombie PCs infected with the NetSky-Q worm are set to launch distributed denial of service attacks against P2P and warez sites tonight.
The worm will attempt to flood the main Web sites of Kazaa and eDonkey with spurious traffic between 00:01 8 April and 11 April (time taken from system clocks). Other sites including www.cracks.st, www.cracks.am and www.emule-project.net are also targeted for attack. File-sharing networks themselves won't be aff......
[more] NetSky-V spreads on auto-pilot Yet another NetSky virus arrived on the scene today. NetSky-V spreads using a well known Internet Explorer vulnerability, connected with the handling of XML pages. Instead of depending on users double clicking on infectious email attachments, the worm can spread automatically across vulnerable Windows boxes.
Users can be infected by NetSky-V simply by reading an infected email.
Just as well then that NetSky-V, although it has been observed in the wild, is......
[more] Web Braces for Netsky.V's Attack Worm's latest variant exploits old vulnerabilities and spreads without an attachment. The latest variant of the hugely effective Netsky series of worms is causing trouble by spreading without the use of an attachment. Slipping past many e-mail gateways, it can launch simply by being viewed in an e-mail program.
Rather than attaching the worm's executable code to an e-mail message, Netsky.V uses two separate vulnerabilities in Microsoft software to download th......
[more] Spamhaus breaches great firewall of China Monitoring project works with Chinese authorities to crack down on spammers Anti-spam organisation Spamhaus is taking its crusade to China following an invitation from the Chinese government.
After the US, more spam is sent from China than any other country, and Spamhaus hopes to persuade the Chinese authorities to implement effective anti-spam legislation and technologies.
A team of Chinese volunteers will monitor spammers and report back to the UK......
[more] CyberGuard Corporation Acquires Webwasher AG CyberGuard Corporation, the technology leader in network security, today announced that it is acquiring German high-end content security vendor Webwasher AG. Under the terms of the agreement, which was signed yesterday, CyberGuard will pay $40 million in cash and CyberGuard shares and up to an additional $10 million on a contingent basis for all of the shares of Webwasher. Webwasher will operate as a wholly owned division of CyberGuard.
"Adding t......
[more] Execs Must Back Security Compliance Executives need to be proactive to bring their organizations into compliance. What do eating Big Macs, smoking tobacco products and driving while drunk have in common? They can kill you. But that doesn't stop millions of people from engaging in these activities anyway.
Despite warnings, people simply don't listen.
When it comes to information security, corporate executives are the same. Many CEOs, for example, are not the least bit risk-averse. They d......
[more] Damage control vital to antivirus policy Hackers and viruses here to stay - so focus on your response to attacks, advise experts Businesses cannot expect to avoid hackers and viruses and must be able to respond quickly to threats, according to senior IT executives.
Companies should concentrate on their response to attacks, said Paul Stimpson, global head of technology risk management service delivery at investment back ABN Amro.
Speaking at the Infosecurity 2004 show Stimpson said "At some p......
[more] Hidden 'backdoors' worry security firms The recent spate of Netsky and Bagle worms is not just a problem now: it may compromise thousands of PCs for the foreseeable future, say security experts Software "back doors" that can give hackers full control over an infected PC are becoming more difficult to detect because of the sheer number of viruses and worms that can now distribute this type of malware, say security experts.
The Bagle worm, which was first discovered in the middle of January, ha......
[more] 'Blaster-type event' forecast for summer Source code has been released that makes it easy to control PCs without critical Windows patches Program files designed to exploit two major vulnerabilities in Microsoft software are being used to attack computers, but security experts worry that worse -- such as an MSBlast-type worm -- could be ahead.
The warning comes after several security programmers released source code that makes it easy for an attacker to take control of any Windows computer th......
[more] Latest internet virus targets small businesses Scores of people returning to work after the Bank Holiday could have a nasty surprise awaiting them in the form of a new internet virus.
Experts warn small and medium-size businesses are most at risk from the virus known as Sasser, which spreads to computers direct from the internet, unlike most viruses transmitted through e-mails and attachments.
The virus, which came to light in the past couple of weeks, is thought to have infected about 2,......
[more] Hidden 'backdoors' worry security firms The recent spate of Netsky and Bagle worms is not just a problem now: it may compromise thousands of PCs for the foreseeable future, say security experts Software "back doors" that can give hackers full control over an infected PC are becoming more difficult to detect because of the sheer number of viruses and worms that can now distribute this type of malware, say security experts.
The Bagle worm, which was first discovered in the middle of January, ha......
[more] Internet virus causes global havoc A computer virus was spreading rapidly across the internet last night, causing disruption in homes and businesses from London to Sydney.
The internet worm, called Sasser, was discovered on the internet on Friday night and has already caused disruption in railways and coastguard operations as well as computer reservation systems and bank networks. A computerised mapping system at Britain's Maritime and Coastguard Agency was brought down by the worm, forcing......
[more] Sasser 'not our fault' says Microsoft The UK coastguard service lost the use of its computers and database-driven services for several hours after being hit by the Sasser virus - despite the fact a patch has been available for two weeks and further warnings from Microsoft were sent out last week.
As such the software giant says it is not to blame for this latest exploit of a vulnerability in its operating systems.
Coastguards were forced to revert to paper filing systems, telephones an......
[more] Emergency service hit by cyber virus A new Internet worm was spreading automatically worldwide and had probably already infected millions of computers, a Finnish anti-virus expert said today.
The Sasser worm could infect any computer that was switched on and contrary to most other worms or viruses was not spread by email, said Mikko Hyppoenen, head of anti-virus research at the Finnish Internet security firm F-Secure.
"This is one of few worms that spreads automatically. It is enough for......
[more] Home users learn virus lessons Consumers better prepared than many businesses Home computer users were better prepared for the Sasser worm outbreak than businesses, according to anti-virus company Sophos.
Sasser is an internet worm and does not need to be opened in an email to infect computers.
It exploits a security hole in Windows, scanning the internet for machines that have not installed the patch that fixes the flaw. It also seeks out PCs with no anti-virus software or firewall and sli......
[more] Companies taking computer virus attacks in their stride: security experts Computer virus attacks have become so common that companies are taking them in their stride.
Security experts that Channel NewsAsia spoke to say companies have accepted the fact that doing businesses on the Net will involve risks.
And they are willing to take those risks.
Once upon a time, computer viruses needed a user to activate them, by opening infected attachments in the email.
Now, they are getting smart......
[more] As the Worm Turns Eighteen-year-old Sven Jaschan told investigators in the now full-blown criminal case in northern Germany that his original intention was to build an antivirus program that would remove lingering MyDoom and Bagle variants from computers. How the mighty have fallen. The alleged author of the notorious Sasser worm, arrested almost a week ago, says he did not intend to cause damage with his creation.
Eighteen-year-old Sven Jaschan told investigators in the now full-blown crimi......
[more] Red alert over Symantec firewall flaw Four new vulnerabilities have been identified in Symantec's personal firewall products. Symantec warned yesterday that hackers could exploit the flaws to render targeted systems inoperable or execute remote code with kernel-level privileges. The problems were discovered during product testing of Symantec's client firewall application by security firm eEye Digital Security.
Affected consumer products include Symantec Norton Internet Security and Professio......
[more] Symantec Warns Of Flaw In Antivirus Program The flaw within Norton AntiVirus 2004 could let attackers take over a system and disable the application. Symantec Corp. is warning its customers about a security vulnerability within its antivirus application. The Internet security vendor ranks the flaw as "medium," while security research group Secunia pegged the flaw as "moderately critical."
The flaw, which resides within Symantec's Norton AntiVirus 2004 application, could let attackers run code......
[more] F5 Networks Makes $29M Security Splash With eyes fixed on the red-hot application security market, Seattle-based F5 Networks (Quote, Chart) will shell out $29 million in cash to acquire firewall specialist MagniFire WebSystems and fold it into a newly created security business unit.
F5 Networks, which markets server appliances to handle load balancing, said the new business unit will handle research and development, marketing, sales and services in the application security market.
The M......
[more] Backdoor program gets backdoored The author of a free Trojan horse program favored by amateur computer intruders found himself with some explaining to do to the underground last month, after his users discovered he'd slipped a secret backdoor password into his popular malware, potentially allowing him to re-hack compromised hosts.
The program in question is Optix Pro (Backdoor.OptixPro.12), a full-featured backdoor that allows an intruder to easily control a compromised Windows machine remo......
[more] VPN and Firewall Sales Rocket Worldwide Virtual Private Network (VPN) and firewall hardware and software sales jumped 11 per cent to $733m in the first quarter of this year over the last quarter of 2003.
And the market is expected to grow 12 per cent, to $823m, by the first quarter of 2005, according to calculations by Infonetics Research.
The market researcher found that while most VPN vendors reported single-digit growth this quarter, one market leading manufacturer enjoyed a "phenome......
[more] There’s no scaling a secure firewall Firewalls are an essential element of network protection, though they’re not the whole package. Selecting the most appropriate firewall for a network configuration is only part of the job; you must also configure it correctly and maintain it properly by updating it to reflect newly disclosed vulnerabilities and closing ports against new network threats.
The first step is to set a policy for firewall use. The policy you choose is far more important than t......
[more] IM Worms Could Spread In Seconds Enterprises whose workers use one of the free public instant messaging networks -- the likes of America Online's, Yahoo's, or Microsoft's -- risk malicious attacks that could make the quick-spreading Sasser worm look like a worn-out snail, said a security analyst Friday. "In instant messaging, we have a lot of the same security issues as in e-mail and networks," said Eric Chien, a senior researcher with Symantec's security response team. "Attacks can come in as......
[more] Spyware support costs run into millions Technical support lines buckling as users seek help Spyware is to blame for half of all PC crashes and is putting a strain on support helplines, according to industry analysts.
It is estimated that 90 per cent of all PCs are harbouring 30 or more pieces of spyware.
Microsoft told a US Federal Trade Commission workshop last month that this type of malware causes more than half of Windows operating systems failures reported to the company, but that use......
[more] Checkpoint Firewall-1 vulnerability announced VPNs allow for easy identification Security testing company NTA Monitor has today issued a vulnerability warning for the Checkpoint Firewall-1 system – Checkpoint Firewall-1 VPNs are apparently visible to external hackers, which makes it possible for attackers to identify the firewall type and version number.
A fingerprinting technique, developed by NTA Monitor and dubbed IKE Vendor ID fingerprinting, allows the specific version of Firewall-1 to......
[more] Zombie PCs: Silent, Growing Threat Spam, worms spread malware to build a spam-bot army of unwitting recruits. The seemingly endless spate of worm infestations over the last year has left something even more troubling in its wake: armies of zombie PCs that can be used to send spam, attack Web sites, and generally wreak havoc over the Internet.
Worms such as Sobig, MyDoom, and Bagle have been identified as containing malicious code (malware) that allows remote attackers to take over infected mac......
[more] CyberGuard Makes Offer For Secure Computing The acquisition, valued at just under $300 million, would be CyberGuard's fourth in about a year. Network security vendor CyberGuard Corp. said Monday it has made an offer to acquire Secure Computing Corp.
The acquisition will be a one-for-one stock exchange based on the companies' July 9 closing stock price, CyberGuard said in a statement. According to the statement, the swap would represent a 22% premium for each Secure Computing share. The deal w......
[more] Secure rejects CyberGuard offer San Jose-based Secure Computing Corp. says its board has rejected an all-stock takeover offer from rival CyberGuard Corp., a network security firm based in Ft. Lauderdale, Fla. The one-for-one, all-stock deal would be worth about $277.5 million based on CyberGuard's closing share price of $7.80 on July 9.
Thursday's announcement from Secure followed reports that CyberGuard has told the Securities and Exchange Commission that revenue for its first quarter endin......
[more] New SurfControl Resources Help IT Managers Increase the Value of IT Investments Deployment and Best Practices Guides Help Reduce Vulnerabilities and Optimize Network Resources Despite predictions for increased IT spending in 2004, many network managers are still facing pressure to help lower the total cost of ownership of the corporate network infrastructure, reported SurfControl (London: SRF), the world leader in enterprise Web and e-mail filtering. In response, SurfControl today introduced Su......
[more] The new face of cybercrime You once could explain away Internet attacks as destruction for destruction's sake. But many of the juvenile delinquents of the 1990s have since graduated from mere vandalism to hacking for monetary gain. One of the consequences of this change is spam. Who hasn't received dubious e-mail propositions from people purporting to be Nigerian merchants? Respond to them, and you risk joining a crowd of people who have lost huge sums in scams run by organized crime.
Most sp......
[more] The weakest security link? It's you In the late 1960s, Warren Moore was a young man working in the IT department at apparel giant Genesco. As a prank, Moore rewrote some code for the company's IBM mainframe to allow him to send anonymous messages to co-workers. But his joke inadvertently resulted in his message being inserted into a sales forecast report, which was about to be presented by a Genesco vice president.
"Luckily, they didn't fire me," said Moore, who now serves as an information......
[more] SSL making strides against IPSec VPNs Secure Sockets Layer remote-access gear is winning out over IPSec in some businesses because use of browser-based SSL technology can lead to cost savings, simpler administration and easier connections with partners.
Assent, a national equities-trading firm in Hoboken, N.J., lost potential business because it connects customers to Assent servers via IPSec VPNs, says Pankaj Chandhok, director of networking. The security policies of many potential customers......
[more] Better tools let hackers strike more quickly It's mostly bad news for network administrators at this year's Black Hat Security Briefings: Increasingly, attackers are using better tools to find vulnerabilities quickly, exploit flaws and hide their attacks. While some security experts point to zero-day exploits--code that takes advantage of previously unknown vulnerabilities--as a growing threat, a greater number are stressing the danger of online attackers' ability to quickly turn around attack c......
[more] PDA Viruses Could Get Nasty Pests could easily run undetected on handhelds and spread quickly online, security expert warns. Viruses that target handhelds can be even more dangerous than their cousins that attack PCs, spawning self-replicating programs that hide easily, a security researcher told an audience of security professionals at the Black Hat Briefings conference here this week.
The first virus aimed at Pocket PC handhelds, revealed last week, could be far worse if it were modified slig......
[more] Microsoft - the antivirus vendor? An executive of Microsoft in France divulged on Wednesday some of the software maker's plans for its highly anticipated entry into the antivirus software market.
A standalone antivirus product will be built from tools the company inherited through its 2003 acquisitions of GeCad and Pelican Software, according to a report published in silicon.com sister publication ZDNet France, citing the technical head of Microsoft's security project in that country, Nicolas......
[more] XP Service Pack 2 gets the green light The massive update to Windows XP has been released to manufacturing, and is expected to be available to business and consumers within weeks Microsoft on Friday wrapped up development on a long-awaited security update to Windows XP, paving the way for businesses and consumers to upgrade in the coming days and months.
The company said it has released Windows XP Service Pack 2 to manufacturing, following a series of delays. Microsoft will make the free updat......
[more] CyberGuard: Secure Computing deal off Fort Lauderdale, Fla.-based CyberGuard Corp. says it's giving up its efforts to buy Secure Computing Corp., of San Jose.
The network security firm offered to buy the California-based firewall vendor in a one-for-one stock exchange transaction July 11. Four days later, Secure Computing rejected the offer.
"While we were disappointed that Secure Computing's board of directors declined to explore the opportunity and continue to believe that it would have be......
[more] Windows update hardly a PC cure-all Microsoft's patch includes virus protection that requires special hardware, and firewall controls only incoming information An update to Microsoft Windows designed to fend off hackers, viruses and other security threats is long overdue but far from a panacea, security experts said.
With viruses and spyware running rampant, Microsoft - widely criticized for lax security - has released SP2, or service pack 2. It prevents pop-ups, enhances security, automaticall......
[more] Hunt for XP SP2 flaws in full swing While users are testing Service Pack 2 (SP2) for Windows XP to prevent compatibility problems, hackers are picking apart the security-focused software update looking for vulnerabilities, security experts said.
"We will see new vulnerabilities discovered in SP2 over the next few weeks. Give it a month or two and we will also see worms that affect SP2," said Thor Larholm, senior security researcher at PivX Solutions, a security services company.
Service Pac......
[more] Microsoft takes down SP2 swappers Microsoft has taken steps to stop its security update for Windows being shared on file-swapping networks. The SP2 update for Windows XP was being used by file-swapping activists to show how such systems can help get large, important files to lots of users.
But legal warnings from Microsoft have forced the file-swappers to end their experiment and stop making the software available to downloaders.
Now the only place people are able to get the update is from......
[more] Microsoft details XP SP2 conflicts Software giant publishes lift of nearly 50 programs that do not work after XP SP 2 is installed Microsoft Corp. has published a list of nearly 50 applications and games that may not work correctly after installing Service Pack 2 (SP2) for Windows XP.
The list, published in a knowledge base article on Microsoft's Web site, includes developer and backup tools, antivirus software and an FTP (file transfer protocol) client. The applications may not work correctly......
[more] South Pole 'cyberterrorist' hack wasn't the first It's a tale Tom Clancy might have written. From their lair in distant Romania, shadowy cyber extortionists penetrate the computers controlling the life support systems at a Antarctic research station, confronting the 58 scientists and contractors wintering over at the remote post with the sudden prospect of an icy death. After some twists and turns, the researchers are saved in the fourth act by an international law enforcement effort led by FBI......
[more] XP Service Pack 2: First security flaws found "Microsoft never claimed that SP2 would close all the security holes" Security researchers say they're starting to find flaws in Microsoft's latest major update for Windows XP.
Last week, German company Heise Security announced that two flaws could be used to circumvent the new warnings that Windows XP Service Pack 2, or SP2, normally would display about running untrusted programs, potentially giving a leg up to a would-be intruder's attempts to ex......
[more] Can IT keep up with malware authors? Web users and technology professionals alike are both battling a flood of malicious software - and it increasingly looks like the 'bad guys' are winning Are malware authors now too far ahead of information security professionals for the latter to ever recover?
Indications are information security professionals -- and ordinary users of information and communication technology -- are increasingly on the back foot.
A new report from a United States-based rese......
[more] The root of spam could be you The biggest single source of the spam that you receive may be you. Personal computers that have been infected with certain viruses and related types of malicious code are responsible for turning the humble home PC and broadband connection into the leading source of spam on the Internet.
Depending on who you believe, as much as 80% of all the spam sent on the Internet today comes from these compromised PCs - an estimate at the end of 2003 was 30%, indicating how qu......
[more] IT managers view SP2 with suspicion Upgrading to Microsoft's latest security patch will generate problems, most IT managers believe Most IT managers believe that upgrading systems to Microsoft's latest security patch for Windows XP could generate problems, according to a recent survey.
The InsightExpress study, which polled IT managers in the United States, found that 63 percent of respondents believed SP2 would prove the most difficult Windows update installation ever, with 3 percent noting t......
[more] CyberGuard rebuilds firewall around Linux CyberGuard Corp. has rebuilt its flagship firewall/VPN software on top of a Linux platform, and has started encouraging its customers to migrate to the new system, which promises more flexibility over the longer term. The three new TSP, or "Total Stream Protection", appliances see CyberGuard abandon SCO Group Inc.'s Unixware 2.3 operating system for CG Linux, a new custom-made hardened Linux based on Red Hat 8 and the 2.4 kernel.
CyberGuard director of......
[more] SP2: Bad for your blood pressure? That's what some IT managers say, a survey finds. Even more believe it'll be the toughest Windows update ever. Most IT managers believe that upgrading systems to Microsoft's latest security patch for Windows XP could generate problems, according to a recent survey.
The InsightExpress study, which polled IT managers in the United States, found that 63 percent of respondents believed SP2 would prove the most difficult Windows update installation ever, with 3 per......
[more] SP2 May Spell Trouble for Agentless Patching Microsoft Corp.'s Windows XP Service Pack 2 has thrown patch management vendors into a tizzy. IT managers should be interested because, in an ironic twist, SP2 will likely make it harder to keep desktops and laptops up-to-date with the latest patches. The chief cause of the patching dilemma is the new Windows Firewall, which will be installed by default when desktop and laptop systems get SP2 through Microsoft's widely used update mechanisms. eWEEK La......
[more] One in ten could suffer with SP2 problems Research shows 10 per cent of PCs having problems with Windows XP update One in ten desktops will have problems with the Microsoft Service Pack 2 (SP2) update for Windows XP, claims an integration consultancy.
The upgrade was finally made available last month and focuses on closing security loopholes in the operating system. It was delayed after a variety of problems including incompatibility with applications.
Canadian firm AssetMetrix's survey of mor......
[more] XP SP2 glitches to trip up one in 10 upgrades - report One in 10 corporate PC users will encounter difficulties in upgrading to Windows XP Service Pack 2, according to AssetMetrix. Smaller firms will be hit hardest by compatibility problems between their applications and the much anticipated update of Microsoft's flagship operating system, the Canadian asset management firm says.
Microsoft has issued a list of applications that require modification in order to work properly with XP SP2. The li......
[more] XP SP2 puts security first If you haven't already downloaded Windows XP Service Pack 2, it's about time you did. Here's our guide to making it as pain-free as possible No matter how well designed a piece of software is, or how thoroughly tested it has been prior to its release, there are often problems that only come to light once the likes of you and I start using it on a large scale.
Irritating though it may be to discover glitches in a program you've only just installed, software companies w......
[more] Trojans with a Twist Trojans are a bad enough problem since they might allow remote access to a user's computer. One would think that having a firewall in place prevents a Trojan from opening backdoors in case of infection. But with Windows Firewall and the Win32.Surila.K Trojan that simply isn't always the case.
The reason is two-fold. The first reason is that while Windows Firewall is a decent effort on Microsoft's part to offer users a built-in firewall, many people consider the firewall to......
[more] Security 'job one priority at Microsoft' Microsoft emphasises that it thinks the battle against the 'bad people out there in cyberspace' is being won Microsoft chief executive Steve Ballmer says the task of trying to stay one step ahead of virus writers and hackers will be a never-ending battle.
Speaking at a gathering of UK press, Ballmer said Microsoft's "trustworthy computing" is far more than just a one-off initiative.
"We will be working on 'trustworthy computing ' for the rest of my days......
[more] Windows XP SP 2 - Helps control malware... but watch out for that firewall! The dust is finally settling after Microsoft's long-anticipated release of Windows XP Service Pack 2. This gargantuan set of patches and new features, which weighs in at a whopping 270 megabytes, is chock-full of new security fixes and capabilities. In fact, this release is more security-centric than any Service Pack we've seen from Microsoft ... ever! Of the myriad security features built into XP SP 2, including softwa......
[more] Hack attacks and spam set to increase IDC warns of the growing importance of enforcing security policies Spam and malicious attacks will rise over the next three years presenting IT departments with bigger security concerns than ever before, says analyst IDC.
IT security spending is set to almost double from 2.5 per cent of overall technology spending to four per cent within the next four years, while spam is will increase from 17 billion emails today to 23 billion by 2007.
'Almost half of ema......
[more] Call for overhaul of network security Organisations must improve their network security practices in response to new working practices and increased security threats, experts warn.Installing a firewall to protect the network is no longer sufficient defence, says David Roberts chief technical officer of security vendor Inkra Networks.'The biggest trend we see is security moving beyond simple perimeter firewall security, where before the focus had been on keeping the bad guys out in a Chinese-wal......
[more] 'Netsky' variant belongs to Baba family A worm by any other name still isn't a treat... Antivirus companies have mislabelled a worm they thought belonged to the Netsky virus family, a security expert has said.
Senior technical consultant at Sophos Graham Cluley said that antivirus firms should have labelled the virus as a 'W32/Baba' worm. But, he added, after F-Secure categorised the worm as a Netsky variant, many of other antivirus companies followed their lead.
"The guys in the labs have loo......
[more] Home PCs put cybersecurity at risk Internet users who are unaware of spyware on their computers are putting their own information at risk and unwittingly helping hackers and spammers, a study has found A study of home PCs in the US has found that about 80 percent had been infected with spyware almost entirely unbeknownst to their users.
The study, funded by America Online and the National Cyber Security Alliance, found home users mostly unprotected from online threats and largely ignorant to th......
[more] CyberGuard polishes Webwasher appliance New content security device incorporates software functionality Network security vendor CyberGuard has launched its first Webwasher appliance following its acquisition of the German software vendor earlier this year.
CyberGuard bought Webwasher for $40m in May in a bid to add functionality to its appliance range.
The CyberGuard WW1000 Content Security Appliance, aimed at the medium to large corporate marketplace, integrates Webwasher's Content Security M......
[more] We all live in a Windows submarine MPs and security experts are attacking the government for its decision to use Windows 2000 on its submarines The British government is defending its decision to implement Microsoft Windows 2000 on some of its Navy fleet.
MPs and security experts have asked Ministry of Defence (MoD) minister Geoff Hoon to explain why the department has chosen to use the operating system on some of its submarines and ships instead of Unix.
The MoD has so far implemented Windows......
[more] Webroot Survey: Companies Neglect Spyware Threat Corporations are experiencing a steady infiltration of spyware into enterprise networks, but only a small number have deployed an enterprise-class solution to combat the threat, according to a new survey conducted by Equation Research for Webroot Software (www.webroot.com), provider of privacy, protection and performance software.
"Corporations are risking lost productivity and intellectual property to this rapidly growing threat by not deployin......
[more] Worm takes aim at Google and Microsoft ...and, for some reason, the Hungarian prime minister... The latest variant of the Zafi worm was discovered on Wednesday and unlike the previous two variants, Zafi.C has been coded to launch a DDoS attack against Google.com, Microsoft.com and miniszterelnok.hu, which is the website of the Hungarian prime minister.
The Zafi worm has evolved since it was first discovered in April of this year. Zafi.A contained Hungarian text and only tried to send itself to......
[more] Millions of Bagle worms kill the Windows XP2 firewall Three new variants of the Bagle worm, which can disable the latest firewall protection in Windows, were discovered on Friday and antivirus companies are expecting a surge of infections during the day. Earlier this year Microsoft released a major security update for Windows XP, which was designed to strengthen the operating system’s defences against attack from viruses and hackers. One major part of the update was an improved version of its fi......
[more] Psst...now it's Cisco source code up for sale The Source Code Club has opened up shop again. The group of self-identified hackers has posted files online that it claims contains source code for Pix security firewall from Cisco Systems. The price for the proprietary software: $24,000.
"SCC is proud to announce the general availability of Cisco Pix 6.3.1 source code. This release is significant because Pix is vital to the security of many ultra-secure networks," read a Google group posting marked......
[more] WLAN Security Adoption Still Trailing Despite Widespread Use of Wireless in the Workplace Around 70 percent of British organisations are either already using or planning to use wireless connectivity as part of everyday business. Yet security remains top of the list when it comes to wireless networking concerns, with more than a third of companies admitting that they would have no way of knowing if their wireless security measures were breached. These are some of the main findings of an independ......
[more] Corporations Get Ready for Wi-Fi Universities and health care organizations have led the way in Wi-Fi installations -- and done the bleeding that takes place on the cutting edge. Now, U.S. corporations are learning from these leaders and evaluating how wireless LANs (WLANs) can benefit their companies.
Corporate IT executives came to the Angelbeat Mobility, Security, VoIP Executive Briefing on Monday to hear from vendors of wireless monitoring and security applications hoping to get their busi......
[more] Microsoft WINS Said To Be Vulnerable Microsoft said Sunday it's looking into reports of a security screw-up in Windows Internet Name Service (WINS), a component of its most popular server software, including Windows NT 4.0 Server, Windows 2000 Server, and Windows Server 2003. In a posting to its online support center, Microsoft said: "this security issue could make it possible for an attacker to take control of a WINS server remotely." As of Friday, November 26, however, Microsoft said it didn'......
[more] A guide to proactive network security Behind our daily barrage of hacker attacks, announcements of new viruses and worms, and frequent risk of downtime is an opportunity. This is your opportunity to step away from the noise, for a moment, and take steps to build a more proactive network security model for your organization.
Countermeasures like firewalls or anti-anything (antivirus, anti-spam, anti-spyware, etc.) are all reactive security tools. They are necessary countermeasures and a part of......
[more] Websense Announces Support for Microsoft Network Access Protection Technology Websense, the world’s leading provider of employee internet management solutions, today announced support for Microsoft’s new Network Access Protection (NAP) technology, a comprehensive architecture that provides IT administrators with secure management of client access to the network. Network Access Protection’s open architecture enables security technology vendors to deliver simple, comprehensive and secure manageme......
[more] Christmas worm speaks in many tongues Where's the early bird when you need it? A new worm with a Christmas message has been detected as it began spreading around the world this afternoon.
Zafi D, originally designed by Hungarian programmers, arrives with the subject line 'Happy Christmas'. However, the mutant version of the infection has become multilingual, appearing in English, Italian, Spanish, Russian, Swedish and several other languages.
Once the .pif, .cmd, .bat, .com or .zip file attach......
[more] What application-level security really means Recent advances in defenses that target malicious network traffic have made it possible to analyze that traffic in real time for potential threats.
These techniques enable visibility throughout the entire seven-layer OSI model of the network stack. In this model, the ultimate payload data is carried at the application layer. But the evolution of the term “application” has led to some confusion as to what defense at this level really means. Today, i......
[more] One in every ten emails infected by Christmas card virus, reports Sophos The W32/Zafi-D worm, which was discovered on Tuesday posing as a Christmas greeting, has continued to cause problems for unprotected computer users. Experts at Sophos report that the virus is currently accounting for 75% of all virus reports at Sophos's global network of monitoring stations in the last 24 hours.
The W32/Zafi-D worm, which is believed to originate from Hungary, spreads inside holiday season goodwill email......
[more] Microsoft Fixes 'Critical' XP Firewall Issue Fix prevents users from sharing their files and printers with the entire Internet. Microsoft has quietly released an update to Windows XP to fix a potentially serious configuration problem in the firewall that ships as part of Windows XP Service Pack 2.
Users who installed SP2 on their Windows XP machines and also have file and printer sharing enabled may have been sharing their files and printers with the entire Internet, according to Microsoft.
By......
[more] Are Security Vendors Tricking XP SP2? Windows Security Center may not know when your antivirus definitions are out of date. Microsoft says its Service Pack 2 update adds an additional layer of security to Windows XP-based PCs. However, recent PCW tests seem to show that at least two major security suites are crippling SP2's ability to offer users accurate security information.
SP2, which Microsoft rolled out in August, includes the new Windows Security Center. This feature alerts users when the......
[more] Linux holds out against attackers A recent 'honeynet' experiment showed that unpatched Linux systems held up for an average of three months before succumbing to Internet-based attacks Unpatched Linux systems are surviving longer on the Internet before being compromised, according to a report from the Honeynet Project released this week.
The data, from a dozen networks, showed that the average Linux system lasts three months before being compromised, a significant increase from the 72 hours life......
[more] Intrusion Prevention: A Lock To Dominate The New Year Heading into the new year, solution providers, vendors and industry analysts predict that 2005 will be the year of the intrusion prevention system. While 2004 was the year of the integrated perimeter security device, experts said the coming year will focus on devices and software solutions that hinge upon some kind of prevention of threats such as viruses, worms, spyware and adware, the programs that spark crippling distributed denial of serv......
[more] Access all areas Doubts about security have long discouraged many firms from deploying mobile computing. But wireless technology has moved on When many companies find it hard enough to control the IT use of office-based employees, how do you convince them that giving staff remote access is a good idea?
This is the dilemma that faces all notebook, wireless networking and remote-management software manufacturers and resellers. There are a lot of variables to consider. The process of providing a m......
[more] Government issues MySpool alert Warns users about protecting MySQL servers... The National Infrastructure Security Co-ordination Centre (NISCC) has issued an alert over the MySpool worm, which threatens Windows servers with weak passwords for root access to MySQL.
NISCC, which was set up to minimise risk to the UK's critical national infrastructure from electronic attacks, posted the warning on its web ite after its Australian counterpart AusCERT alerted users to the worm. It highlighted that t......
[more] Spyware: Is it clogging up your network? The cause of intermittent network connectivity problems can be hard to pin down in complex modern systems, but checking for spyware is a good place to start Organisations frequently ask me for assistance in diagnosing and resolving Internet problems. After a bit of detective work, I usually find that the problems are not really an Internet security issue. There's so much complexity in the corporate network these days, and so many places where a problem ca......
[more] Vernier looks for more security WLAN vendor jumps out of the wireless LAN into the firewall Wireless appliance vendor Vernier Networks has transformed itself into a network security vendor to avoid the shakeout of wireless LAN vendors. ITs new products are designed to lock down vulnerable network segments, devices and end users, and move it into the highly competitive world of firewalls.
A year ago, Vernier called itself a "leader in wireless LAN security" (link courtesy of the Wayback machine)......
[more] CyberGuard to roll out new look central controller Global Command Center, the security policy management system from CyberGuard has had a face-lift for version 3.0, leaving it with a look that promises a more consistent, graphical drag and drop environment for defining and implementing enterprise security policies. The addition of more intuitive GUI is expected to lead to better coordination of the processes managed through the central control system. Global Command Center is built around a qua......
[more] Microsoft's security strategy pilloried The software giant should be concentrating on securing Windows instead of trying to squeeze security firms out of the market, according to Gartner Microsoft has bought two antivirus companies and an antispyware company -- the latter acquisition has already produced an antispyware application for Windows -- since Bill Gates launched the Trustworthy Computing Initiative, which changed coding practices to make security Microsoft's first priority.
However, Ga......
[more] Virus promises Paris Hilton porn Adult footage used as social engineering hook Security experts have warned users to be wary of emails containing references to Paris Hilton after two different worms were discovered claiming to contain adult footage of the society heiress.
The new Sober-K and Ahker-C worms masquerade as X-rated videos of the popular celebrity, IT security firm Sophos warned.
Sober-K, which is spreading in the wild, mails itself using a variety of subject lines including 'Paris......
[more] Home Office in drive to stamp out botnets The Home Office has launched a high-profile campaign to secure the internet against hacking groups using networks of infected computers to launch worm, spam and denial of service attacks against critical businesses and services. The campaign, which features a website and an alert service to help non-IT specialists protect their computer systems, is designed to plug one of the weakest links in security on the internet: home and small business PCs.
Over t......
[more] What's on your PC? Spyware, Trojans and diallers That's what... if you're not careful Users are increasingly losing ownership of their PCs with a growing amount of spyware and malicious applications finding their way on to computers in homes and the workplace. Worse still, the infections may go largely undetected.
The issue of spyware has been a major concern so far during 2005 but figures released by Computer Associates show Trojans, diallers, keyloggers and hacker tools also exist on users'......
[more] Windows DoS flaw made public A well-known IP packet-handling problem has appeared in Windows, but Microsoft insists the vulnerability could only make machines run sluggishly if exploited A security researcher published details of a denial-of-service vulnerability on Monday that he claims allows hackers to trash Microsoft Windows systems by trapping machines in a processing loop.
The researcher, who posted the vulnerability under the name Dejan Levaja, claims that sending IP packets containing t......
[more] Why power plants need anti-virus Utility companies are been urged to review cyber security risks as the industry moves over from proprietary technologies to cheaper Windows-based systems. Attendees at an Industrial Cyber Security Conference in London on Tuesday 15 March were told that the control systems of utilities are becoming open to the kinds of attacks that bedevil corporate systems, such as computer worms and DDoS attacks, as power and water companies embrace the net.
What's the evidenc......
[more] The strange decline of computer worms Computer worms are becoming less commonplace as virus writers diversify their malware spreading tactics to create the maximum effect for the least possible effort. Email-borne worms, such as NetSky, Bagle and Sober, remain perennial favourites with malware authors but Slammer-style worms are becoming rarer, according to anti-virus firm F-Secure.
Mikko Hyppönen, director of anti-virus research at F-Secure, said that with the single exception of the Santy wo......
[more] Where, oh where, is my Windows firewall? I have a problem: I can't seem to find a good host-based firewall for my Windows servers. In fact, people constantly ask me what I recommend and I find myself with no good answer.
Even though most of my servers are already behind firewalls, I like having additional protection on the server itself. Sometimes I use remotely co-located servers where I have no firewall, and that makes me completely dependent upon software on the server itself.
It seems lik......
[more] Hackers target browsers to dodge firewalls Hackers are increasingly using attacks that exploit browsers rather than trying to batter through firewalls and other network protection devices, according to security firm Symantec.
Nearly half of the vulnerabilities reported by Symantec in its six-monthly Internet Security Threat Report covering July to December 2004 centre on web applications, and the numbers are rising quickly. Last year such threats accounted for barely a third of all vulnerabili......
[more] Web Postcards Hide Trojan Horse Programs Instead of friendly greetings, malicious software installs on your PC. Beware of Web postcards bearing greetings. That's the advice from the SANS Institute's Internet Storm Center, which is warning about e-mail messages that pose as Web postcards and then direct recipients to a Web site that installs a Trojan horse program.
The new attacks use sophisticated social-engineering techniques to trick users into installing Trojan horse remote-access programs......
[more] Fewer permissions are key to Longhorn security Questions remain about Microsoft's plans for a new user privileges model Software engineers who attend Microsoft's annual Windows Hardware Engineering Conference later this month could get their first taste of a new Windows user permissions model that could change the way thousands of programs are developed and run. But as the company prepares for the final Longhorn development push, questions remain about its plans for a new user privileges model......
[more] CyberGuard Provides Ten Tips for Corporations to Protect Customer Information from Identity Theft In the wake of the increasing cases of identity theft, Paul Henry, a leading security industry expert and Senior Vice President with CyberGuard Corporation, has developed ten recommended tips for corporate IT managers and Security Officers to protect customer information from identity theft. Mr. Henry has served as an expert commentator for a variety of media outlets, including NBC Nightly News, CN......
[more] Security gripes? Microsoft feels your pain It's not news to Microsoft that many, if not most, average Windows users have gripes about their PC experiences. In response, the software company is unveiling on Friday a new subscription-based computer fix-it service, aimed at automatically patching security holes, blocking viruses and spyware, and generally automating the chores of maintaining a computer's health.
Dubbed Windows OneCare, the service will draw in part on existing tools like the comp......
[more] Cyberguard brings networking to small businesses Cyberguard is coming out with a box that tries to be the only networking equipment needed in small offices.
Called SG565 the device includes a firewall, VPN support, intrusion protection, anti-virus software, traffic shaping, a five-port Ethernet switch and two USB ports that can support a printer and external storage. In addition to all that, it also includes an 802.11b and g Wi-Fi access point.
A box like this could support a small business......
[more] Critical Windows patch on the way Microsoft will release its latest batch of security alerts next Tuesday, including protection for Windows and Exchange As part of its monthly patching cycle, on Tuesday Microsoft plans to release 10 security alerts for flaws in Windows and other programs.
Seven security bulletins and fixes apply to the Windows operating system, and at least one of those is deemed 'critical' (Microsoft's highest risk rating), the company said in a notice posted to its Web site......
[more] Spyware creeps into Adobe reader A company called Remote Approach is using a feature in Adobe's PDF Reader to track how many times a PDF document has been accessed, according to a report in the Linux Weekly News.
For the feature to be used, a PDF had to be created, uploaded to the company's server to be tagged, and then distributed, the report said.
The tracking failed when the PDF was viewed by other readers such as Xpdf and Kpdf, and version 5 of Adobe Reader.
However, when the document wa......
[more] U.K. government is target of e-mail attacks NISCC warns of increasingly sophisticated attempts to steal sensitive information Critical infrastructure providers in the U.K. are being targeted in Trojan e-mail attacks designed to steal sensitive information such as passwords and documents, a national infrastructure security agency warned Thursday.
Tailored attacks against U.K. government departments, businesses, and other organizations have been occurring for a significant period of time and hav......
[more] Mass hack targets critical Windows flaw Ominous surge in TCP port 445 scanning activity A recent surge in port 445 scanning activity could herald impending hack attacks, and industry experts have warned firms to take "immediate steps" to ensure that the affected Windows ports are secure.
Gartner pointed to recent reports that security vulnerability sensors have noted an increase in activity on TCP port 445, which is associated with Microsoft's Windows Server Message Block (SMB) protocol.
"This......
[more] CyberGuard targets small business with $750 U appliance CyberGuard Corp, a company that has made its name as a supplier of firewalls to big business and the defense sector, is to target small companies with a $750 all-in-one security appliance. Last month the company announced plans for an 'all in one' appliance for small businesses and branch offices later this summer. That unit, the SG565 was described as an $859 appliance that includes firewall and VPN features, anti-virus and intrusion preve......
[more] New worm lures users with 'breaking news' The Kedebe-F e-mail worm spreads via e-mail or file-sharing networks Internet users alarmed over news of Michael Jackson's death or dark conspiracies behind the demise of Pope John Paul II should perhaps be more concerned that they received another new e-mail worm.
Researchers at security firm Sophos PLC warned today of the spread of the Kedebe-F e-mail worm, which carries a variety of subject headers and messages touting breaking news. However, users......
[more] Today's Hackers Code for Cash, Not Chaos As volunteer director of the SANS Institute's Internet Storm Center, Marcus Sachs has an eagle-eyed view of Internet security, tracking cyber-threats in real time and raising awareness when malicious hackers launch attacks.
Sachs also directs the Washington operations of the Cyber Security Research and Development Center, which is operated by SRI International's Computer Science Laboratory under a contract with the U.S. Department of Homeland Security.......
[more] Malware authors up the ante Malware authors have increased both the volume and sophistication of their attacks over the last six months. In the first half of 2005 anti-virus firm Sophos detected and protected against 7,944 new viruses - up 59 per cent from the first six months of 2004. The number of keylogging Trojans has tripled in the first six months of 2005 compared to the first half of 2004.
More computer viruses and worms mean an unprotected Windows PC (without either firewall or antivir......
[more] GTA Announces GB-OS Version 3.7 Global Technology Associates, Inc. (GTA), a worldwide leader in cost-effective network security solutions, today announced the release of GB-OS version 3.7. This latest version is now shipping pre-installed on GTA's family of appliance firewalls - GB-2000, GB-2000e, GB-750, GB-500, GB-250 and GB-250e and GB-Ware, GTA's software firewall.
GB-OS version 3.7 contains numerous new standard features and product enhancements including: innovative Internet load sharin......
[more] Could blogging spread computer worms? Could RSS feeds become a conduit for the transmission of computer worms? Security experts are at odds over the possibility. Those who play down the threat point to the fact that no virus has ever used the propagation technique while others say it's only when a network reaches critical mass (as in the case of instant message and file sharing networks) that malware threats show their ugly head.
Personal firewall firm Zone Labs describes RSS feeds (together w......
[more] Desktop port proliferation a security risk? Software maker Opera's decision to support BitTorrent has added to some security experts' worries that applications which require open connections through firewalls are becoming increasingly popular.
Last week, the Norwegian company revealed that its latest technical preview adds support for downloading BitTorrent files, or torrents. BitTorrent, a peer-to-peer protocol that speeds files sharing by allowing every client to serve up pieces of a large f......
[more] Researcher Says Windows XP SP2 Has DoS Bug The flaw in Microsoft Windows XP Service Pack 2 will permit a denial-of-service attack against systems that are up-to-date, patched, and have the Windows Firewall set in the default configuration. Microsoft Windows XP SP2 has a bug in its kernel that could let attackers bring down the machine with a denial-of-service (DoS) attack, vulnerability tracker Secunia said Friday.
"Microsoft is currently investigating public reports of a possible vulnerabilit......
[more] Hacker disabled libraries' server A hacker with a taste for the Beatles played havoc recently with a computer that serves 21 suburban library districts, forcing a quick refresher in the Dewey Decimal System and triggering problems that still haven't been fixed.
The trouble began this month when technicians at Cooperative Computer Services in Arlington Heights noticed that someone had breached the server used to catalog and check out material at libraries in the north and northwest suburbs.
Ro......
[more] Is there method in Microsoft's security buys? While Microsoft's latest deals show it's committed to building its security muscle, some analysts say the company needs to focus on a clearer and more productive strategy. The software maker said it was making security its top priority when it launched its Trustworthy Computing Initiative three years ago. Since then, it has overhauled its in-house development to bolster security and has put its $38 billion war chest to work. It has been buying antiv......
[more] CyberGuard Breaks New Ground with Introduction of SG560 Security/WAN Appliance CyberGuard Corporation, a global provider of security solutions that protect the critical assets of the largest and most complex information networks for Global 2000 enterprises and government organizations, today announced the release of a feature-rich, compact, network security and Wide Area Network (WAN) connectivity device designed to secure small and medium businesses and the small branch offices of larger compa......
[more] First Jericho Forum Challenge winners announced Researchers from a Swedish security software house have scooped the first Jericho Forum Challenge at the BlackHat convention in Las Vegas.
Tomas Olovsson & Jamie Bodley-Scott of Appgate won the prize for their paper, Balancing the Equation; Enterprises moving to the de-perimeterised world need to adopt a ‘core’ mentality based on controlled access to systems, which was one of eight papers submitted.
They proposed replacing a central firewall......
[more] Government launches IT security website The UK government has teamed up with IT firms, banks and retailers to help fund a website to boost awareness of IT security issues for consumers and small businesses.
Sponsors of Get Safe Online include Microsoft, Dell, HSBC, Lloyds TSB and eBay, which is helping to design the site.
The sponsors have provided Ł150,000 which has been matched by the same funds from the Cabinet Office.
Due for launch in October, Get Safe Online will provide advice on how......
[more] Worm risk over Win2K flaw An unpatched flaw in a core component of Windows 2000 might be exploited to launch computer worms, security researchers warns. The flaw was discovered by security research firm eEye Digital Security. The firm is witholding details pending the release of a software patch. Microsoft is investigating the issue, which is complicated by its decision to wind down support for the operating system.
Mainstream support of Windows 2000, which is still widely used in corporate en......
[more] Secure Computing buys CyberGuard for $295m Secure Computing is buying rival CyberGuard for $295 million.
Secure Computing expects to see revenue jump from $110 million per year to $200 million, said Mike Gallagher, senior vice president of product development. The company has warned of product changes and lay-offs.
"There is overlap in some assets," said Gallagher, pointing out that Secure Computing's G2 Sidewinder firewall competes directly with CyberGuard's Total Stream Protection line of f......
[more] Early warning system launched for e-mail scams Sophos today launched a new early-warning system that proactively notifies banks, online businesses and other organisations of fraudulent e-mail scams that target their customers.
Based at Sophos's new $10 million research and development centre in Sydney, the Sophos PhishAlert service notifies subscribers of new phishing attacks so they can warn their customers and initiate action to immediately shut down fraudulent Web sites.
Developed in con......
[more] Defending against LAN phloods The latest buzzword in wireless LAN security involves a group of simultaneous but geographically distributed attacks that target a businesss authentication or network log-in structure.
Dubbed phlooding, the goal is to overload a business's central authentication server, according to wireless LAN security maker AirMagnet, which coined the term.
Company officials say they named it phlooding because it creates floods of incoming authentication requests.
According......
[more] Hotel hacking could pump smut into every room Hotel hybrid broadband internet and TV-on-demand entertainment systems are open to attack, security researchers warn. Penetration testing firm SecureTest has identified a number of vulnerabilities in the implementation of hotel broadband systems delivered using Cisco's LRE (long-reach Ethernet) technology. Using a laptop connected to a hotel network, SecureTest found it was possible to control the TV streams sent to each room or gain access to other......
[more] F-Secure Adds Behavioral Analysis to Enterprise Antivirus Software "Antivirus vendors are helping customers to tackle unintentional employee errors by developing security lock-down and admission control features, such as Internet quarantine in F-Secure Anti-Virus Client Security 6.0," said Thomas Raschke, an analyst at research firm IDC. F-Secure has launched a new version of the company's antivirus software, called Anti-Virus Client Security, that integrates spyware and spam protection with po......
[more] Hacker fear boosts IT security spending Fuelled by increasing fears of virus and hack attacks, global network security appliance and software sales continue to climb steadily, rising four per cent to $1bn between the first and second quarters of this year, according to newly published figures.
The latest Network Security Appliances and Software study from Infonetics Research also predicted that security appliance and software sales will grow by 23 per cent to $1.3bn by the second quarter of 20......
[more] Microsoft issues firewall bug warning Microsoft has warned of a bug in Windows Firewall that could create an exception in the firewall that would not show up on the user interface. The “unexpected behaviour” in the way the user interface handles malformed entries in the Windows Registry was “not a vulnerability”, the software giant said in a security advisory notice.
“Administrative privileges are required to access the associated section of the Windows Registry that contains this configuration......
[more] Computer terms 'confuse workers' Most office workers find computer jargon as difficult to understand as a foreign language, a survey suggests. Three quarters of workers waste more than an hour a week deciphering what a technical term means, the poll found.
Phrases like jpeg, java script and cookies are among the problem terms highlighted by Computer People. The recruitment firm, which questioned 1,500 workers, says effective IT professionals "understand the need to tailor their levels of jarg......
[more] US Internet security solutions developer, GTA seek to increase channels at GITEX 2005 GTA, Global Technology Associates, Inc. are looking forward to showcasing their ground breaking Unified Threat Management Appliances (UTM) to the Middle Eastern market at the Dubai, GITEX 2005 exhibition and are focusing on extending their channel relationships in the region. Global Technology Associates, established in 1992 are a privately owned US corporation and developer of Internet Security Solutions. With......
[more] Sophos exceeds growth expectations Global security provider is set to build on its successes with forthcoming firewall and adware detection launches Sophos, a world leader in protecting business against viruses, spyware and spam, today announced an increase in annual turnover of 19.2% to Ł66.2 million ($122.6 million USD) for the year ending March 2005. Sophos has achieved year-on-year growth, ahead of the industry average, thanks to strong market demand for its integrated IT security solutions.......
[more] Vernier Networks Extends NAM to Remote Users and VoIP Phones Vernier Networks today announced the addition of the EdgeWall Rx network access management appliance to its EdgeWall product family. EdgeWall Rx extends network access management to remote users, significantly reducing the risk of security threats and intrusions from external devices and limiting access to sensitive assets.
The company also strengthened the entire EdgeWall line by adding support for VoIP phones and bolstering existi......
[more] Internet crime shifts to Russia Trafficking in stolen credit cards has largely shifted to Russian-language Web sites after an international crackdown sparked disarray among English-speaking scam artists, a U.S. Secret Service official said on Wednesday.
The October 2004 raid, dubbed Operation Firewall, led to 28 arrests in seven countries and shut down several Web sites that served as online bazaars where scam artists could buy and sell credit-card numbers, drivers' licenses and other document......
[more] Hackers take aim at web-based apps Hackers are turning away from corporate networks and redirecting their attacks against business applications on the web, security experts warned today.
A report from Frost & Sullivan said that enterprises need to employ web application firewall (Waf) technology to protect web-based business applications.
Companies failing to deploy such systems leave themselves open to "multiple vulnerabilities" caused by a lack of proper attention to security factors b......
[more] F-Secure brings increased levels of protection and anti-virus support to Windows Mobile users F-Secure has announced it is to extend support for its F-Secure Mobile Anti-Virus to Microsoft’s Windows Mobile operating system. The solution brings new levels of protection for Windows Mobile users. Symbian Series 80 users will also get a new product called F-Secure Mobile Security, which contains a mobile firewall alongside anti-virus functionality.
With this latest release now in place, F-Secure M......
[more] Critical Windows patch may wreak PC havoc A Microsoft patch meant to fix critical security flaws in Windows 2000, Windows XP and Windows Server 2003 is causing trouble for some users, the company said Friday. The patch was released Tuesday to fix four Windows flaws, including one that experts predict will be exploited by a worm in the coming days. The flaw, tagged "critical" by Microsoft, lies in a Windows component for transaction processing called the Microsoft Distributed Transaction Coordin......
[more] Windows patch backfires on the security-minded Security-conscious Windows users who tweaked the operating system to protect their PCs better are getting hit hardest by a flawed Microsoft patch, experts said Monday. Microsoft has acknowledged that a patch released last week can cause trouble for some users. It could lock them out of their PC, prevent the Windows Firewall from starting, block certain applications from running or installing, and empty the network connections folder, among other th......
[more] Skype could pose security problems for companies, analysts say The growing popularity of Skype Technologies SA's free Internet telephony software could soon pose the same kind of security challenges for companies that other peer-to-peer (P2P) software technologies have created in recent years, according to security experts.
The warning comes after the disclosure this week of two critical flaws in Skype's software, one of which could allow malicious hackers to take complete control of compromi......
[more] Email Seen As Biggest Security Hole For Mobile Devices Email vulnerabilities represent the greatest source of risk for mobile devices, according to a recent survey by Good Technology.
The company surveyed 600 IT professionals about their concerns with the widespread use of handheld computing. Of those questioned, 79% considered email to be the biggest security threat. Another 26% regarded corporate intranet applications to be the greatest vulnerability.
"The enterprise mobile email and handh......
[more] Tsunami 'hacker' gets IT security day job When Daniel Cuthbert was convicted last month of gaining unauthorised access to a Tsunami fund-raising website, many people - including the trial judge - suspected his career in the IT industry was over.
These fears were unfounded, though. Cuthbert is hard at work at Corsaire, a UK security company.
Martin O'Neal, director at Corsaire, confirmed on Friday that Cuthbert had actually joined the company before his trial. O'Neal, though, isn't worried tha......
[more] No end seen to patching race System administrators may be dealing with security vulnerabilities more quickly, but the bad guys are still leading the race. That's because threats that exploit the flaws are also appearing sooner, according to research presented Tuesday.
Although patching practices improved in the last year, nearly 70 percent of systems are currently vulnerable and at risk of attack, Gerhard Eschelbeck, chief technology officer and vice president of engineering at vulnerability m......
[more] Windows 2000 vulnerability could allow hackers to launch remote denial-of-service Exploit code has been published that could allow an attacker to launch a remote denial-of-service attack on Windows 2000 machines using all service pack versions. Microsoft issued an advisory warning about vulnerability (CAN-2005-3644) in its implementation of the Remote Procedure Call (RPC) protocol.
The following five key steps are recommended to prioritise and implement proper protection against this vulnerab......
[more] F-Secure Anti-Virus Client Security wins prestigious InfoWorld-award F-Secure Anti-Virus Client Security 6 won prestigious InfoWorld Best Anti-Spyware Solution -award in their annual Technology of the Year Awards. The award is the latest addition to the long list of good reviews the product has received in European and US magazines.
"InfoWorld's Technology of the Year awards recognize the best solutions in the most important technology categories," said Doug Dineley, executive editor of the I......
[more] BlackBerry squeezed by DoS security bugs Research In Motion (RIM) has warned of a trio of vulnerabilities in its popular BlackBerry software that create a means for hackers to launch denial of service attacks. Patches are available to defend against only one of the vulnerabilities, but RIM has issued advice on how to guard against attack from the other two.
The most serious unfixed risk stems from a flaw in processing Server Routing Protocol (SRP) packets. This security bug creates a possible......
[more] Nazi worm author prepares Net meltdown A security headache is brewing as the payload of various Sober worms is activated tonight.
According to security experts that broke the worm's encrypted code, 5 January 2006 is the date set for it to download code from various Web addresses on the Net. As such, at the stroke of midnight, the worm's author may or may not choose to turn on various websites and causes widespread problems across the Internet.
The date coincides with the 87th anniversary of......
[more] OneCare sees drop in firewall use A recent blog entry by Microsoft's OneCare team notes a slight increase in the number of people turning off their firewall - prompting them to reiterate the need for software firewalls on Windows systems in general.
The entry notes that even users with hardware based routers and appliance firewalls should still use a software based firewall as well. It also suggests the amount of information that the OneCare software reports back to Microsoft. From the entry:......
[more] Users shying from OneCare firewall Microsoft officials have been trying to figure out what OneCare users’ beef is with the beta’s firewall, company technicians said this week. The Windows OneCare team said on its weblog that they have "noticed a slight increase in the number of people turning off their firewalls, with a corresponding decrease in the number of green (safe) machines." After noticing the trend, team members came up with four reasons PC users might be disabling the firewall.
Softw......
[more] Kama Sutra worm seduces PC users A new e-mail worm that spreads under the guise of pornographic content has jumped to the top of the worldwide virus charts. When run on a Windows PC, the worm copies itself to shared network locations and sends itself to e-mail addresses found on the target computer. The pest includes a timed attack that attempts to disable antivirus and firewall software and delete certain files, including Office documents, on the third day of the month, according to antivirus......
[more] Cambridge prof warns of Skype botnet threat Voice-over-IP apps could be used to cloak networks of zombies, used to launch denial of service attacks, a Cambridge professor has warned.
Armies of ordinary PCs - "botnets" - that have been infected by a virus and put under malicious control, could be controlled and orchestrated by messages hidden in VoIP traffic generated by programs such as Skype, warned Jon Crowcroft, Marconi professor of communications systems at Cambridge University.
Denial-o......
[more] Microsoft Readies Two-Way Firewall for Vista Administrator-run firewall expected to be 'highly configurable.' For its upcoming Windows Vista operating system, Microsoft is readying a new, highly configurable firewall designed to give administrators much greater control over which applications can run on the systems they manage.
After just over a month of testing by users of Microsoft's Community Technology Preview (CTP), the firewall is "very much on track" to be in the final Vista release sche......
[more] MS to omit anti-virus from Vista Microsoft will omit anti-virus protection in Vista, the next version of Windows, which it plans to ship late this year. As with previous versions of Windows dating back to Windows 2000 at least, Redmond is promoting Vista as a landmark improvement in Windows security.
Jim Allchin, co-president of Microsoft's platform products and services division, told reseller magazineCRN that safety and security, improved user experience, and mobility features will be key ad......
[more] Can 'scam sweeps' clean up the internet? Law enforcement's planning on it.. "I am looking for a trusted person to help transfer Ł100m in gold out of a secret account. In return you will keep Ł10m but you must tell nobody..."
Most people with email addresses have probably received an email like the one above - and the vast majority delete them straight off. But scams like this, which lure unwary internet users into parting with financial details or cash, are still finding victims.
The UK public......
[more] Manage & Secure Instant Messaging Akonix L7 Enterprise 4.3 Helps Companies With IM Compliance, Access Instant messaging has taken off as a popular method for people to use to “talk” in real time via the computer. From its origins as Internet Relay Chat and then the advent of ICQ and AOL Instant Messenger, instant messaging, or IM, has taken the world by storm.
It didn’t take long for users to bring their new communications tool into the workplace. Initially, it was purely for nonproductive pu......
[more] Portal helps IT staff to secure PCs Antivirus software vendor F-Secure has introduced a new hosted service for small and medium-sized firms to help IT staff ensure data security.
F-Secure Service Platform for Businesses is an always-on, automated tool based on the firm’s antivirus, anti-spyware and firewall technologies. It is also being marketed to service providers so that they can provide an opt-in security service to their own business customers.
The platform features an easy-to-use web-b......
[more] Beware the 'pod-slurping' employee Just watch that business data walk out the door... A US security expert who devised an application which can fill an iPod with business critical data in a matter of minutes is urging companies to address the very real threat of data theft.
Abe Usher, a 10-year veteran of the security industry, created an application which runs on an iPod and can search corporate networks for files likely to contain business critical data. At a rate of around 100MB every two mi......
[more] Small firms, growing security spending Smaller U.K. companies are preparing to "drastically" boost IT security spending as they move beyond anti-virus solutions to the deployment of firewall and intrusion-detection software to protect internet gateways. This finding emerged from the latest study by New York-based AMI-Partners. It predicts that security will be a greater budget priority as U.K. small and medium-sized businesses (SMEs) with one to 99 employees spend 10 percent more this year on IT......
[more] Denial-of-service hacking soars Denial-of-service (DoS) attacks, where hackers overload networks with data in an effort to disable them, have risen 50%, a security report says. The biannual Symantec Threat Report said phishing, where fraudulent e-mails demand passwords from unwitting users, rose 39% in the last six months. Web security firm Symantec said the trend in cybercrime was towards subtle theft and away from attention-seeking. It said "crimeware", tailored to steal financial d......
[more] Websense and Crossbeam Systems Combine Web Security and Unified Threat Management Websense, Inc., a global leader in web security and web filtering productivity software, today announced that they have teamed up with Crossbeam Systems®, Inc., a leader in unified threat management (UTM), to offer customers powerful web security capabilities to mitigate today's web-based threats. Websense® Web Security SuiteTM integrated with Crossbeam appliances offer organisations a comprehensive securi......
[more] PatchLink and ForeScout in security partnership US-headquartered security firm PatchLink has partnered with ForeScout Technologies, a provider of clientless network access control (NAC) and intrusion prevention solutions. The partnership will see customers provided with an integrated system for enforcing enterprise security policies at both the network and endpoint level. ForeScout's network security appliance scans for vulnerabilities transparently to the user, without requiring an agent and u......
[more] Yahoo e-mail under worm attack Symantec warns of mass-mail worm that exploits a vulnerability in Yahoo's Web e-mail A mass-mail worm that exploits a vulnerability in Yahoo's Web e-mail is making the rounds but the impact appears to be low, security vendor Symantec said Monday. The worm, which Symantec calls JS.Yamanner@m, is different from others in that a user merely has to open the e-mail to cause it to run, said Kevin Hogan, senior manager for Symantec Security Response. Mass-mail worms have......
[more] Spammed Trojan claims Bush/Blair Middle East oil cover-up Experts at SophosLabs, Sophos's global network of virus, spyware and spam analysis centers, have warned of a Trojan horse that has been spammed out to email addresses disguised as a message claiming that George W Bush and Tony Blair are conspiring with oil companies to push up petrol prices. Other disguises being used by the hackers to distribute the Trojan horse include news reports that Osama Bin Laden has been killed or Michael Jackso......
[more] Tool deletes Microsoft piracy alarm A security analyst has released a tool that lets users remove Windows Genuine Advantage Notification, part of Microsoft's controversial campaign against software counterfeiting. The tool, called RemoveWGA, was released this week by Guillaume Kaddouch, a French developer who also makes a firewall utility called Firewall Leak Tester. RemoveWGA is a response to Microsoft's revelation earlier this month that the Windows Genuine Advantage Notification program freq......
[more] Word attack spammed out as malicious email attachment Experts at SophosLabs, Sophos's global network of virus, spyware and spam analysis centers, have warned of a Trojan horse that has been spammed out in large quantities to email users around the world. The WM97/Kukudro-A Trojan horse has been spammed out in email messages, which can have a variety of subject lines including "worth to see", "prices", "Hi", and "Hello". The body of the message reads as fo......
[more] Academic breaks the Great Firewall of China Researchers from the University of Cambridge have found a way to launch denial of service attacks against China, using the country's own firewall Computer experts from the University of Cambridge claim not only to have breached the Great Firewall of China, but have found a way to use the firewall to launch denial of service attacks against specific IP addresses in the country. The firewall, which uses routers supplied by Cisco, works in part by inspect......
[more] AOL instant messenger worm poses as Microsoft's Windows Genuine Advantage AOL Instant messenger (IM) users were warned this week of a new worm that poses as Microsoft’s controversial Windows Genuine Advantage (WGA) program. Researchers at Sophos said the WGA worm, known as Cuebot-K, spreads by AOL Instant Messenger and registers itself as a new system driver service named wgavn. The malware uses Windows Genuine Advantage Validation Notification as a display name and runs during system startup, a......
[more] UK Consumers Wise Up To Internet Security Threats But Most Still Vulnerable To Online Scams Almost every UK consumer has taken steps to protect their computer from security threats, but most are failing to cover themselves against all online scams, according to new research from online shopping portal www.mutualpoints.com98% of 9,790 people surveyed in May said they had installed anti-virus software on their PCs, while 93% of the total sample had a firewall running. Just over four fifths (85.5%......
[more] Security mergers set to benefit buyers Increasing consolidation among security tool providers should make life simpler for IT managers Consolidation in IT security continued last week as Secure Computing announced a $273.6m deal to merge with CipherTrust, and SurfControl bought BlackSpider Technologies.Secure Computing acquired firewall and content-filtering company CyberGuard in January this year. Once CipherTrust's TrustedSource technology is on board, it aims to deliver the industry's first s......
[more] Australian firms spend less, feel less secure Analyst group Gartner claims that almost three quarters of American companies feel safer than they were a year ago but only 22 percent of Australian firms feel the same way. During the opening keynote speech at Gartner's IT Security Summit in Sydney on Tuesday, research director Rich Mogull told delegates that the results of the telephone survey were not skewed by "over-confident Americans"."In the US, 71 percent thought they were safe......
[more] Hackers shut out by World Cup security Security around the computer system used in the recent World Cup tournament held up well enough to prevent any significant problems. Avaya said Wednesday the network it designed recorded 5 million "unique firewall events" each day of the seven-week event, and while 128,000 breached the firewalls, there were no security-related or application outages recorded. "From a security standpoint, we never lost bandwidth or network resources due to re......
[more] CyberGuard Firewall/VPN V6.2.1 Receives Common Criteria Certification Secure Computing Corp. revealed that its CyberGuard Firewall/VPN v6.2.1, received the Common Criteria Certification EAL4+ using the US Department of Defense Application-level Firewall Protection Profile for Medium Robustness Environments. The company stated that to achieve this higher level of Protection Profile compliance, CyberGuard TSP was subjected to and passed months of rigorous government-defined independent vulnerabil......
[more] Cleeve School Creates a Wireless Hotspot and Remote Access Infrastructure to Support Flexible, Mobile Learning Technology college uses AppGate Security Server to deliver “anytime, anywhere, any device, any user” IT access for staff and students Cleeve School has installed advanced remote access capabilities and a wireless hotspot on its IT network, giving 1,500 students and staff flexible yet secure access to school resources round the clock and providing an enhanced learning environment. The Ch......
[more] GTA Expands Firewall Family with Gigabit Firewall Global Technology Associates, Inc., (GTA), today announced a high-powered firewall appliance, the GB-3000 Gigabit Firewall Appliance. The cost effective GB-3000 is designed for SME businesses with gigabit networks. The GB-3000 provides support for up to twelve network interfaces, ten of which can operate at speeds up to 1 gigabit per second. "Many SME businesses are moving to gigabit networks at their offices and the......
[more] Microsoft Takes Vista to Hacker Confab The annual Black Hat conference in Las Vegas plays host to the world's top hackers and security professionals, who come together to discuss the industry and delve into code. Microsoft is playing a major role at this year's event, inviting attendees to find holes in Windows Vista.A Vista beta build was handed out to about 3,000 experts on Thursday in hopes they will uncover flaws before the operating system is completed later this year. Microsoft's director......
[more] Skype teams up with McAfee Skype certifies McAfee Internet security suite 2006 Internet communications company Skype has certified McAfee's suite of anti-virus software.McAfee Internet Security Suite 2006, McAfee VirusScan 2006 and McAfee Personal Firewall 2006 have all met Skype's standards for security, quality and usability.The security collaboration will mean files sent using the Skype file transfer function will be easily scanned by McAfee products adding an extra layer of protection t......
[more] Brits beef up internet security Almost all (90 per cent) of Brits are taking measures to protect their home computers from viruses and spyware, research suggests, with the most popular security tools being antivirus and firewall software (86 per cent).A study by the British Computer Society (BCS) found 92 per cent of online shoppers now take precautions to protect themselves against fraud.The survey found growing public confidence in the safety of the internet, while respondents said they spend......
[more] Worms exploit critical MS06-040 Microsoft security vulnerability Experts at SophosLabs, Sophos's global network of virus, spyware and spam analysis centers, have warned computer users of malware that is exploiting a critical security vulnerability in Microsoft software. The W32/Cuebot-L and W32/Cuebot-M worms spread via AOL instant messenger, exploiting the vulnerability described in Microsoft's MS06-040 security bulletin. "Microsoft only issued a patch against the security hole used by th......
[more] Iran president's weblog spews malware - false Reports that the new website of the President of Iran is trying to install malicious scripts on the PCs of visiting infidels are almost certainly the result of a false alarm by security packages rather than a hostile attack.The new weblog of Iranian President Mahmoud Ahmadinejad made a splash in Western media when it launched earlier this week.In the first posting on the site, the bricklayer-look-alike-turned-Persian-President talks about his early......
[more] Norwich pioneers free city wi-fi Norwich is pioneering a free wi-fi project which covers three sectors of the UK city and its centre. The £1.1m, 18-month pilot has been live for three weeks and is backed by the East of England Development Agency. Paul Adams, from Norfolk county council said: "It allows people to see the benefit of wireless technology." The city centre, county hall and educational establishments such as the university all have wi-fi access. Mr Adams, director of c......
[more] SnapGear Awarded CRN Test Center's "Recommended" for Securing Wired and Wireless Access for SMEs Secure Computing Corporation, the experts in securing connections between people, applications and networks, today announced that Computer Reseller News (CRN) has awarded the "CRN Test Center Recommended" designation to the SnapGear SG565. The review praises the SG565 for delivering an exceptional all-in-one appliance that secures both wired and wireless access for small- and medium-sized......
[more] Companies told: Guard against new IT security threats or lose millions A failure by companies to adequately defend against IT security threats can cost them millions. And a failure to recognise that these threats are evolving, and the importance of continually upgrading to ensure appropriate security measures are in place, can cost them even more. Viruses, worms and hacking are no longer the only threats that must be tackled."Threats are evolving. We still worry about viruses, but spyware......
[more] Macdonald Group Boosts Operational Efficiency With Network Security Solution From AppGate Expanding hotel group deploys secure remote access solution for mobile workers and improves IT efficiency Macdonald Hotels and Resorts, the UK's largest privately owned hotel group, has implemented a secure remote access solution from AppGate to enable staff and managers to use laptops to access the corporate network securely from any location.As a result of continued growth, the company, which operates ove......
[more] Tracking down hi-tech crime If every hour a burglar turned up at your house and rattled the locks on the doors and windows to see if he could get in, you might consider moving to a safer neighbourhood. And while that may not be happening to your home, it probably is happening to any PC you connect to the net. An investigation by the BBC News website has established the scale of the dangers facing the average net user. Using a computer acting as a so-called honeypot the BBC has been regularly lo......
[more] Microsoft enters the anti-virus bear-pit Microsoft is setting the cat among the pigeons at this year's Virus Bulletin conference, the big chinwag for the security software industry. Ordinarily, blame for the lamentable state of awareness of internet security has fallen on Redmond, alongside clueless end-users and over-sensationalist journalists. Lately, though, Microsoft has tried to shake off the fall-guy role, and reinvent itself as security industry participant. In May it launched its own se......
[more] Microsoft Releases New OneCare Beta Microsoft released a new beta version of Windows Live OneCare on Monday, which is compatible with Vista, has international market support, and includes more back-up options. Microsoft announced a new beta version of Windows Live OneCare, version 1.5, on Monday. The security software is now compatible with Vista and available for download free of charge.OneCare 1.0 was released in June, and is still available for $49.95 per year. On Monday, Microsoft announced......
[more] UTM: more security, fewer boxes The benefits of unified threat management Network security, traditionally handled by a collection of separate boxes, is evolving into unified threat management (UTM). "The driving force behind UTM is the need to simplify the environment," says Mike Rothman, president and principal analyst of Security Incite, and former META Group security analyst. "Corporations have ended up with all these boxes -- firewalls, intrusion detection, antispam, antivirus......
[more] Security still a top priority for organizations The threat picture is much more complicated today compared to a few years ago," says Partik Runald, Senior Security Specialist, F-Secure Corporation Aiming to be 'Mr Reliable' in the security services arena, F-Secure Corporation provides solutions for workstations, gateways, servers and mobile phones that include anti-virus and desktop firewall with intrusion prevention, anti-spam and anti-spyware solutions, as well as network control solutions for......
[more] Block that Skype! Akonix Systems recently released a new appliance that lets IT departments impose some basic controls on the use of Skype. Akonix L7 Skype Manager is an offshoot of the company's L7 Enterprise instant messaging management system and its L7 Enforcer appliance for enforcing enterprise communications policies. According to Akonix vice president of marketing, Don Montgomery, the Skype manager answers a need articulated by company customers concerned about two widely separate issues......
[more] Australian Defence Force Academy Selects PatchLink to Protect Student Learning Environment The Australian Defence Force Academy, a unique institution which provides office cadets and midshipmen with military training and undergraduate education, has selected PatchLink’s industry leading solution, PatchLink Update, to secure its student learning environment. Contracted by Defence to provide undergraduate education, the University of New South Wales' Canberra campus, UNSW@ADFA, provides academic r......
[more] Time to simplify security software Complex security software that people need to buy in a store or online, then install and manage, should be replaced with a simple shield delivered nearly invisibly with an Internet access account, argues Siilasmaa, the chief executive of F-Secure.The small Finnish security company - it recorded €61.8m in revenue last year - specialises in security as a service. In Europe, it leads the market and provides security software to just over a third of all broad......
[more] Dref-N email worm promises breaking news A new email worm is using bogus news headlines to lure users into opening its payload, security firm Sophos has warned. The emails contain links to headlines such as the 'outbreak of nuclear war' and the 'death' of George W Bush and Vladimir Putin to allow hackers to infect computers and steal information.The Dref-N worm arrives attached to emails with subject lines such as 'White house news!', 'Incredible news' or 'ATTN TO EVERYBODY!', and tries to......
[more] Worm uses Real Media files to infect McAfee is warning of a new worm that modifies Real Media files and launches a malicious website without a user prompt. Once the page is open, the worm can spread over network drives and shared files to "download whatever the (malware) author wants to download," Craig Schmugar, threat researcher with McAfee Avert Labs, told SCMagazine.com on Wednesday.The worm initially infects a user's PC when he or she is duped into downloading an executable that s......
[more] Most surfers still ignoring IT security Most web surfers are at risk of potentially devastating hack attacks because they have failed to take basic IT security precautions. About three in four US online adults (74 percent) have not installed a hardware firewall, and about half (53 per cent) have neglected to install a software firewall, research conducted by Harris Interactive on behalf of Check Point claimed today.The report found that less than one in four (22 per cent) have installed a secur......
[more] Vista more secure than XP? Most of us who have played with the Aero interface and Flip 3D know how lovely Vista looks. However, is it really more secure than Windows XP? After all, both operating systems still need firewalls and anti-virus protection. I have been using Windows XP for years and I have suffered a virus infection on my PC exactly twice.On one occasion, someone in my household launched one of those bogus "screensavers" which had been sent by email. Even then, that person r......
[more] Watch out for festive scams 'TIS the season to receive Christmas cards and a growing number of them, conveniently, will come via the internet. There's only one problem: some of the emails promising an e-greeting from a friend or family member may instead be from a scam artist intent on obtaining your bank or credit card information.Stu Elefant, senior product manager for anti-virus company McAfee, says the danger is at this time of year people are more likely to click on these greetings in their......
[more] Get to grips with Vista's service hardening The services that run in Windows provide functionality for users, but they also offer a point of potential attack because they're well known to hackers and, in the past, have been easy to exploit. Network security experts have long recommended that administrators disable all unnecessary services on servers and workstations to reduce the chances of a service exploit. However, there are many services you can't disable because they must run for a computer......
[more] Wireless not worth hacking? For four years, I've been pretty clear about my personal opinions on wireless hackers. I don't worry about them. So when I say: "It's time to worry about wireless hackers," it's not just another security consultant scare story being recycled - it's because I think things have changed. What has changed? Easy: corporate networks have changed. It's no longer as easy as it was to penetrate a corporate firewall and compromise PCs on the LAN.By comparison, the Wi......
[more] Burglar-Proof Windows? Vista's new security features may be annoying, but they're good for you The Microsoft marketing hoopla set off by the Jan. 30 launch of Windows Vista will focus on the software's spiffy new look and enhancements such as greatly improved search abilities (see BusinessWeek.com, 1/15/07, "Vista: Upgrade-Or Trade Up?"). But the really important changes, mostly hidden, aim to improve Windows' leaky security. What you see of this may be annoying, but trust me, it's go......
[more] Security tools ready for Vista launch Microsoft is promoting Windows Vista as the most secure version of its operating system yet--but it's still recommending outside help to shield against common cyberthreats. All major security software makers, as well as many smaller ones, will have products available for Vista when the operating system is launched to consumers on January 30, Microsoft said Wednesday. That's a different story from last November, when Vista was released for businesses. At tha......
[more] Microsoft develops new tunneling protocol Microsoft is working on a new tunneling protocol for Vista and Longhorn that will provide secure network access from anywhere on the Net. The Secure Socket Tunneling Protocol (SSTP) creates a VPN tunnel that travels over Secure-HTTP, eliminating issues associated VPN connections based on the Point-to-Point Tunneling Protocol (PPTP) or Layer 2 Tunneling Protocol (L2TP) that can be blocked by some Web proxies, firewalls and Network Address Translation (NA......
[more] Microsoft to deliver patches by the dozen Microsoft on Tuesday plans to release a dozen security bulletins, including a "critical" one for its own anti-spyware and other security products. The bulletins, part of its monthly patch cycle, will provide fixes for an undisclosed number of security vulnerabilities, Microsoft said in a note on its Web site Thursday. The software maker plans to offer fixes for Windows, Office, Visual Studio, Microsoft Data Access Components (MDAC), and several of its s......
[more] Zhelatin mutants storm virus charts The Zhelatin virus is challenging Bagle and Warezov for the dubious honour of number one virus after eight new variants were detected in the past four days, security experts have warned.Kaspersky Lab said that Zhelatin.s, .t and .u were detected on 8 February, while Zhelatin.v was detected on 9 February. Four more variants, .w to .z, were detected during the weekend of 10-11 February.The most significant of these is Zhelatin.u, which Kaspersky Lab currently r......
[more] Windows Vista firewall weakness can be corrupted by attackers The firewall in Microsoft's Windows Vista operating system (OS) can be compromised to perform prohibited functions, according to new research from Symantec. Microsoft has touted Vista as its most secure platform to date, implementing a plethora of new security features, including an improved firewall.The software giant's OS is, by default, configured to block all third-party and unknown network communications, unless the user clicks o......
[more] Many Web application security vulnerabilities are not as serious as they seem When interpreting the results of a vulnerability assessment, you need to focus on what's important in your Web application security testing. There are three sides to the story when looking at Web application security testing: yours, the findings of your vulnerability assessment, and the truth. Whether you're using a commercial or open source scanner, you're undoubtedly going to glean a lot of information and come acro......
[more] Vista's tunnelling protocol poses risk Windows Vista's implementation of a tunnelling protocol called Teredo can be added to the list of security problems posed by the operating system, according to recent research from Symantec Advanced Threat Research. Teredo is one of the protocols introduced into Vista to support IPv6, but it also has unforseen side-effects, Symantec said, among them that it could allow attackers to evade organisations' security measures. "Tunnelling methods can be use......
[more] Many net users 'not safety-aware' Fewer than half of the UK's 29m adult internet users believe they are responsible for protecting personal information online, a survey suggests. One in six of the 2,441 people surveyed felt responsibility rested with banks. The research, for a government-backed online safety campaign, found 12% had suffered online fraud in the last year - at an average loss of £875. The same number (5%) had experienced fraud while shopping online as had had their bag, wal......
[more] AppGate's new Security Server makes securing internal networks easier AppGate Network Security introduces a new range of Security Servers with the ability to connect up to twelve different networks, making it easy to segment the internal network. AppGate Network Security introduces a new range of Security Servers with the ability to connect up to twelve different networks, making it easy to segment the internal network. The next generation of AppGate Security Servers, which feature faster proces......
[more] Thank you Superhacker, you saved my computer Many people leave their Wi-Fi link unsecured, leaving them open to fraud. But a new breed of ‘ethical hackers’ is helping, says Joseph Dunn Peter Booth was minding his own business last Sunday afternoon at home in Kippax, near Leeds, when the knock on the door came. On his porch was Andrew Mason, 6ft 4in and dressed in a black T-shirt. He was holding a laptop and a strange antenna that resembled a Pringle crisps tin on a stick. "Your computer has......
[more] Microsoft falls for Vista security hoax An April fools joke that aimed to expose sensationalistic media and educate non-security experts failed to find any victims.To get their point across, the self-proclaimed group of hackers set up a website that promised to issue an unpatched Vista bug every day this week.Pioneered by security researcher HD Moore last summer, weeks or months of security vulnerabilities have proven a powerful way to direct the public's attention to securi......
[more] Warezov worm surfaces again Mass mailings of the variant, Warezov.nf, started at 5am on Thursday, and already make up between 70 and 85 percent of malicious content in email traffic, according to Kaspersky.Like previous variants of Warezov, the worm spreads via email, disguised as an attachment. The attachment is a Trojan that downloads the latest version of the worm from a number of websites. Once downloaded, the worm copies itself to disk and loads automatically at start-up. Warezov then......
[more] Making sense of Websense's SurfControl buyout The move makes the combined companies more attractive as a potential acquisition by one of the big three IT security firms Websense's $400 million buyout offer for rival network filtering specialist SurfControl should help position the two companies for short-term growth and possible acquisition in the future, according to market watchers.Company officials and industry analysts agree that the marriage of the two network security filtering specialists......
[more] United States of Spamerica Over 60 percent of all e-mails sent to Irish inboxes during April were unsolicited, according to new figures released on Thursday. Web hosting and monitoring firm IE Internet, which intercepts thousands of e-mails everyday, said 61.94 percent of e-mails during the month contained spam, down by more than 2 percent on the preceding month. IE Internet's statistics are based on monitoring over 35,000 Irish businesses. "Our latest figures show that the United States an......
[more] Wireless security: Balancing act Organisations need to weigh the convenience of wireless networking against the risks to the integrity of their IT systems. Steve Gold reports.A quick glance around any high-street IT store will reveal that wireless networking - commonly referred to as WiFi - has taken off in a big way. It's now possible to buy a data-accelerated 802.11g WiFi-enabled broadband router for around £50.Suddenly it's possible for an employee of even smaller firms to go out and b......
[more] Phishers go round the world to hook Aussie victims Researchers from Sophos have traced the route of a phishing attack that targeted Australian banking customers - the fraudsters used numerous compromised servers in Korea, the US and Malaysia. According to Sophos, the campaign kicked off when an attacker posing as a security company called "antifraud" e-mailed Australian account holders to warn them that their online banking services were to be suspended."Please note that from May......
[more] Sophos awarded ITPro Editor's Choice, outperforming McAfee and Symantec Sophos Anti-Virus Small Business Edition 2.0 declared "outright winner" Sophos Anti-Virus SBE 2.0, Sophos's integrated protection solution for small businesses, has won the prestigious "Editor's Choice" award in a comparative test conducted by ITPro. ITPro tested McAfee Active VirusScan SMB Edition, Symantec AntiVirus 10.2, F-Secure Anti-Virus Small Business Suite and Sophos Sophos Anti-Virus Small Business Edition......
[more] Microsoft patches 11 bugs Microsoft has issued patches for 11 security vulnerabilities, five of them critical, in Windows, Office and the .Net Framework. The most serious of the batch is MS07-039, said security analysts who, unlike last month, had no trouble naming that critical hole as the one which should be patched first. "By far, this is the top of the list this month," said Andrew Storms, director of security operations at nCircle Network Security. MS07-039 patches a pair of bugs......
[more] City ignoring Wi-Fi risks London firms are still using insecure wireless encryption Revelations earlier this year that poor wireless security contributed to the theft of 45 million credit card numbers at US retailer TJ Maxx increased calls for firms to abandon Wired Equivalent Privacy (WEP), the protocol found to be at fault. But a recent survey of London's wireless infrastructure by RSA suggests WEP use remains widespread, and this is despite a new payment card industry (PCI) standard requiring......
[more] DIY Trojan tool discovered for sale A new kit for building and customising Trojan malware has been discovered for sale on the Internet. With the appropriate name ‘Pinch,' the tool lets criminals with little technical knowledge specify a number of parameters such as which type of password to steal from infected machines. Alternatively, the tabbed-based interface can be made to turn the program into a straightforward key-logger set to capture all keystrokes, take screenshots, or steal speci......
[more] AOL drops Kaspersky for McAfee Giant ISP and web services provider AOL is offering a free, special edition version of McAfee security software to users registered with its network. The offer replaces a previous offering based on Kaspersky technology, which was quietly taken offline several weeks ago. The customized product, based on McAfee's Internet Security Suite, combines anti-virus and anti-spyware with a firewall and identity theft protection. The AOL Active Virus Shield software, a pared-......
[more] MSN Messenger video-based exploit revealed Security experts are advising users of MSN Messenger to be wary of untrusted web cam conversations after exploit code was posted today for a zero-day vulnerability in the instant messaging (IM) application. The bug, rated "highly critical" by tracking firm Secunia, can be exploited when a victim accepts a malicious video from an attacker, prompting a heap-based buffer overflow. Results may range from a system crash to arbitrary code......
[more] Bigger Websense Vows Complete Protection Tech security providers have recently sought more safety in numbers, gobbling up other firms for hundreds of millions of dollars.Employee Internet use monitor Websense WBSN is the latest to try it, on the heels of Cisco Systems $830 million pick-up of IronPort Systems in June and Symantec's April buy of Altiris for $815 million.Websense's more than $400 million deal for its main rival, U.K.-based SurfControl, closed on Wednesday.With a market cap of......
[more] The top 10 reasons Web sites get hacked Experts say the people who actually build Web applications aren't paying much attention to security; a non-profit group is trying to solve that Web security is at the top of customers' minds after many well-publicized personal data breaches, but the people who actually build Web applications aren't paying much attention to security, experts say. "They're totally ignoring it," says IT consultant Joel Snyder. "When you go to your Web site des......
[more] Security expert: Storm botnet 'services' could be sold The owners of the Storm botnet, whose identities are as yet unknown, could be preparing to sell off the "services" of segments of the network, according to Joe Stewart, a researcher from managed security services company SecureWorks. Stewart claimed in a blog post on Sunday that the latest Storm variants now use a 40-byte key to encrypt their peer-to-peer traffic, meaning each node will only be able to communicate with nodes that use the sa......
[more] Cafe Latte attack steals data from Wi-Fi users If you use a secure wireless network, hackers may be able to steal data from your computer in the time it takes to have a cup of coffee. At the Toorcon hacking conference in San Diego this coming weekend, security researcher Vivek Ramachandran, will demonstrate a technique he's developed to attack laptops that use the WEP (Wired Equivalent Privacy) encryption system to log on to secure wireless networks. Developed in the late 1990s, WEP was the def......
[more] Russians behind attack PDFs, security researcher says An infamous hacker gang is sending malicious PDF docs, stealing financial data A notorious Russian hacker gang is responsible for ongoing attacks using malicious PDF documents, a researcher said today. Users can thank the Russian Business Network (RBN), a well-known collective of cybercriminals, for the malware-armed PDF attachments that began appearing in in-boxes yesterday, said Ken Dunham, director of response for iSight Partners Inc. If t......
[more] Microsoft desperately seeks fix for 'massive' Russian PDF attack Microsoft said it is working around the clock on a patch for a Windows flaw that is partly responsible for an ongoing attack wave of infected PDFs. The company has updated a security advisory to reflect the fact that exploit code is in the wild, but it may be too late for many. Security researchers said hackers have ramped up attacks using malicious PDF files that target the vulnerability. F-Secure called the surge in spam carryin......
[more] Leopard's firewall a 'mess,' breaks Skype A security researcher has found that the firewall included with the latest Mac OS is actually a step back from Tiger's firewall and can prevent some programs from running Leopard's firewall is confusing, inconsistent, switched off by default, and incompatible with some applications, a security researcher said Friday after analyzing the new security tool. "This firewall is a mess," Rich Mogull, a security consultant and former Gartner analyst, s......
[more] Microsoft exec calls XP hack 'frightening' A Microsoft executive calls the ease with which two British e-crime specialists managed to hack into a Windows XP computer as both "enlightening and frightening." The demonstration took place Monday at an event sponsored by Get Safe Online--a joint initiative of the U.K. government and industry. At the event, which was aimed at heightening security awareness among small businesses, two members of the U.K. government intelligence group Serious Organized......
[more] Half a million database servers 'have no firewall' Major security risk is enough to sustain another mass worm outbreak There are nearly half a million database servers exposed on the Internet, without firewall protection according to UK-based security researcher David Litchfield. Litchfield took a look at just over 1 million randomly generated Internet Protocol [IP] addresses, checking them to see if he could access them on the IP ports reserved for Microsoft SQL Server or Oracle's database. He......
[more] Researcher releases proof-of-concept VoIP hack Potential Trojan listens and records on the network or at the ISP level An expert has released a proof-of-concept program to show how easy it would be for criminals to eavesdrop on the VoIP-based phone calls of any company using the technology. Called SIPtap, the software is able to monitor multiple Voice-over-IP (VoIP) call streams, listening in and recording them for remote inspection as .wav files. All that the criminal would need would be to inf......
[more] Five security truths to protect your critical systems Anyone who tells you that your IT network is “100% secure” is either a fool, or greatly mistaken. Security is a moving target, and unfortunately, this target is being manipulated by the bad guys. With 2007 almost behind us, I reflect on the struggle enterprises and governments face in cyber security. This is not a holiday wish list, or resolutions for 2008, but read through these 5 notions and I can guarantee: you will wonder if you are doin......
[more] Malware honeypots wait for '08 The Web Application Security Consortium's Distributed Open Proxy Honeypot Project to track malware distributors will be relaunched in January An innovative malware honeypot project backed by a leading consortium of IT security experts is preparing to re-launch its global sensor network after Jan. 1 in an effort to dupe more cyber-criminals into handing over information about their latest attack methods. The Web Application Security Consortium's Distributed Open Pr......
[more] 40% of US SMBs do not believe their networks are secure Despite having anti-virus and anti-spam software as well as a firewall installed, four in 10 small and medium sized companies in the United States still do not believe their networks are completely secure, a new survey shows. In a poll of 455 IT executives in US SMBs, 42% said their networks were not secure even though 96% and 93% of respondents respectively said they had anti-virus and a firewall installed. 80% said they also used spam fi......
[more] Web hosting providers underestimate the security threat facing web applications Despite the highly publicized attacks on websites worldwide, many web hosting customers remain unprotected against the newest forms of attacks as cyber crime tactics evolve. Hundreds of thousands of web site operators - many with little or no technical expertise - rely on web hosting providers to keep their websites and web applications safe. Yet events such as the recent SQL injection attack that compromised more t......
[more] Mapping out Web apps attacks Attackers continue to use well-worn techniques, such as SQL injection, to exploit holes in popular Web applications but have also moved on to other targets, including government sites, and newer exploit methods, such as cross-site request forgery, according to the latest report filed by the Web Applications Security Consortium. The nonprofit industry group released the findings of its annual Hacking Incidents Database report this week, and despite the fact that cybe......
[more] Getting a grip on security - Indian style A survey of security in Indian organisations presents a fascinating insight into the risks perceived by IT professionals there. The Websense SOS “State of Security” survey questioned IT managers in 450 organisations in Delhi, Bangalore, Chennai, Mumbai and Hyderabad, included both large businesses and small and medium enterprises. Key findings include: Time spent on non work-related Web sites IT managers estimate that employees spend 5 hours per week on......
[more] Five basic mistakes of security policy TKAs I mentioned in my last article, security policies serve to protect (data, customers, employees, technological systems), define (the company's stance on security), and minimize risk (internal and external exposure and publicity fallout in the event of a breach). Security policy creation and dissemination are not just a good idea; both are mandated by a slew of corporate regulations, including PCI, HIPAA, and FISMA. This story presents five mistakes tha......
[more] What firewalls do and don’t do Over the last few years, security threats to companies have grown and altered dramatically and so have the defences. Traditional firewalls, installed over three years ago, are often not best suited for current threats and don't protect against a number of newer threats. What firewalls doA firewall is a system designed to prevent unauthorised access to or from a private computer network. Firewalls are frequently used to prevent unauthorised Internet users from acce......
[more] Staff actively seek enterprise security loopholes Enterprise users are "actively and intentionally" evading IT security controls and ignoring acceptable use policies, according to Palo Alto Networks' first annual "Application Usage and Risk Report." The recent survey results from Palo Alto, a firewall vendor, are based on traffic from 350,000 users in 20 organisations that span the financial services, manufacturing, healthcare, state/local government and healthcare industries. The report highli......
[more] Few expected to make June 30 PCI deadline for Web application security Retailers covered by the Payment Card Industry data security standard (PCI-DSS) have just about a month and a half left to comply with new requirements for protecting Web applications. But as with previous PCI-related deadlines, this one appears destined to pass with a majority of merchants unlikely to be in full compliance. After June 30, all merchants accepting payment card transactions will be expected to either use a spe......
[more] Six burning questions about network security Security issues often seem to smolder more than burn, but these six are certainly capable of lighting a fire under IT professionals at a moment's notice. Handle with care. Is server virtualization worth the risk? The benefits of moving away from traditional servers to virtual-machine (VM) arrangements are the cost savings in hardware consolidation and remarkable flexibility. But less-welcome consequences can be security gaps and virtual-server spraw......
[more] Do smart phone viruses really threaten your network? All evidence points to the fact that smart phone viruses will be a threat to your network even though they aren't at this moment. After all, the latest mobile devices are packed with more and more applications and corporate data, are enabled for real Web browsing and online collaboration, and can access corporate servers. What's more, they live outside your firewall and often make use of three wireless networks (Bluetooth, Wi-Fi and cellular).......
[more] PCI payment standards come into play Companies have been warned to be aware of Section 6.6 of the Payment Card Industry (PCI) standard that comes into force at the end of June. The new section mandates the use of web application code reviews or the installation of an application level firewall for any business dealing with online transactions. However, security experts also advise that the new requirements of the standard should not be treated as a 'rubber stamp' approval system for e-commerce......
[more] Small Business A Big Target For Cyber Attacks Once upon a time, most small-to-midsize businesses enjoyed a relatively secure status, free from malicious cyber threats. Not so anymore, experts say. "It used to be that SMBs were not a target just because of how small they were," said Andy Klein, senior product marketing manager, e-mail security division for SonicWall Inc., Sunnyvale, Calif. "So they could put up a Web server and no one would ever see it. But that's changed. Two, t......
[more] How secure is secure enough? If there is a Holy Grail in the information security industry, it surely is the answer to the question, "How secure is secure enough?" It's a question that many security managers have either avoided answering altogether or tried to quickly sidestep by throwing a fistful of mainly pointless operational metrics at anyone who cared to ask. But with a faltering economy beginning to put the squeeze on IT budgets, and security managers being asked to justify every dollar......
[more] Exploit reveals the darker side of automatic updates A recent study of Web browser installations showed that far too few are up to date with the latest security patches. And browsers aren't alone; as my dear old mum can attest, it can be hard to keep up with operating system and application patches when all you want to do is use your computer for work. It should come as no surprise that many PCs are vulnerable to security exploits that could otherwise be prevented. Firefox got top marks in the......
[more] Profile: Gary McKinnon Gary McKinnon has lost his appeal in the UK's House of Lords against extradition to the US on hacking charges. The BBC News website profiles his history and his motives. To hear the US government tell it, Gary McKinnon is a dangerous man, and should be extradited back to America to stand trial in a Virginia courtroom. One US prosecutor accused him of committing "the biggest military computer hack of all time". But Mr McKinnon has said his motives were harmless a......
[more] Is it possible to ban chat programs on an enterprise LAN? Q: How do I ban MSN Messenger, Yahoo Messenger, Skype and other chat programs on an enterprise LAN? My network connects to the Internet through a hub, and from the hub it connects a wireless router/modem to the Internet. I've tried blocking URLs and outgoing ports, but to no avail. I can't install any blocking software because I don't have a server in between the router and the network PCs. A: As you have discovered already, imposing con......
[more] Firewall Vendors Scramble to Fix DNS Problem Nearly a month after a critical flaw in the Internet's Domain Name System was first reported, vendors of some of the most widely used firewall software are scrambling to fix a problem that can essentially undo part of the patches that address this bug. The DNS flaw affects server software made by many vendors, including Microsoft, Cisco Systems, and the Internet Systems Consortium. Some firewall software undoes a source port randomization feature tha......
[more] Kaminsky reveals 'many ways' to attack with DNS Dan Kaminsky has revealed more details about the DNS flaw, and has said that he would do it all over again, despite receiving some harsh words from his peers in the security community. Kaminsky's full-time job over the past few months has been working with software vendors and Internet companies to fix a widespread flaw in the DNS (domain name system), used by computers to find each other on the Internet. Kaminsky first disclosed the problem on 8......
[more] German hackers poke hole in great firewall of China German hackers have constructed a route around the great firewall of China. The Chaos Computer Club said its technology will help athletes and journalists travelling to Beijing for the Olympic Games to circumvent censorship. Visitors to China are being offered USB sticks containing a browser that connects via the TOR proxy network. These "Freedom Sticks", regular USB drives with pre-installed copies of the TorBrowser and Torprojects......
[more] Olympians Connect with Fans through Blogs In a move that advocates say will bring Olympic athletes closer to fans, a Raleigh, North Carolina-based PC company is reporting the rapid spread of on-site blogging by competitors in the Beijing games. Officials at Lenovo reportedly say that more than 100 athletes are participating in their “Voices of the Olympic Games” blogging program, generating 1,374 athlete postings on the forum and reaching more than 8.5 million fans through third-par......
[more] The wolves inside your door While most companies invest heavily to prevent their defences being breached, the real threats are employees and a failure to secure wireless networks. Ireland has been rocked by revelations of laptops belonging to banks and state agencies, which contained thousands of private citizens’ information, being stolen. In the UK, disks containing data on thousands of welfare recipients got lost by a courier. Last year, it emerged that Irish customers of retailer TK Maxx......
[more] Many computer users lack basic security precautions, survey says Cybersecurity efforts in the U.S. government and among many businesses are improving, but many individual computer users still don't take basic precautions against cyberattacks, cybersecurity experts said Thursday. More than 90% of computer users surveyed recently on behalf of Symantec Corp. have antivirus software installed and updated, and 82% have antispyware protection, said Adam Rak, Symantec's senior director of public affa......
[more] Who has your data? Businesses not only need to be focused on their intranets but they also need to be vigilant to their outsourced data flow. The security team of a client had recently happened upon an application that one area of the company had been using for a few years, and felt that it warranted testing. This should have been run-of-the-mill. The application provided access to key data, over the internet, enabling what had previously been a complex paper-based process to be slimmed down to......
[more] Australia trials national net filters Is the Rudd government about to erect a Great Firewall of Australia - introducing a form of internet censorship that will infringe upon the freedom of computer users to browse the worldwide web? That is the concern of online civil liberties groups, as the Rudd government prepares plans for a field trial of internet service provider (ISP) filtering products, with a view to introducing them nationally. ISP filtering is the blocking of certain sites which the......
[more] New worm feeds on latest Microsoft bug One day after Microsoft issued a rare emergency Windows security patch, the bad guys have a few new ways to take advantage of the bug. Microsoft issued the patch more than two weeks ahead of its next security updates because the bug could be used to create an Internet worm attack and Microsoft had already seen a small number of attacks that exploited the flaw. This vulnerability lies in the Windows Server service used to connect with other devices on netwo......
[more] BotHunter aims to find bots for free Technology research firm SRI International released a free software tool on Monday to help system administrators detect botnet activity within their network. The program, called BotHunter, monitors the inside of a network to detect the two-way communications flows that are common between computers compromised by bot software and the command-and-control (C&C) server that is used to send commands to each infected machine. The software keeps tabs on the suspici......
[more] Microsoft warns of attacks on recent flaw A vulnerability fixed by the Microsoft late last month has become a target for two malicious programs, the software giant said on Tuesday. The security hole, caused by the flawed processing of remote procedure call (RPC) requests by the Windows Server service, was patched by Microsoft in late October, after the company received reports of limited attacks against customers. At least two malicious programs -- a network worm dubbed Conficker.A and a bot pro......
[more] SonicWall users exposed by license server breach A technical problem in a license management server at SonicWall Inc. created havoc last week for users of the company's firewall and e-mail security products, leaving many companies temporarily unprotected against spam, phishing and malware threats. It wasn't immediately clear how many customers were affected by the license server glitch, which began early last Tuesday and wasn't resolved until that afternoon. But numerous users posted angry mes......
[more] How to use public Wi-Fi safely Sandwich chain Pret A Manger became the latest venue to announce free wireless internet access this week. But while public 'hotspots' are growing in number, free bandwidth comes with an element of risk, warns security specialist David Hobson. Once you are associated to an access point, you are on the same network as others connected to the same access point, in the same way as plugging into the same network segment. A simple network discovery will show who else is......
[more] Firewalls failing to keep generation Facebook in check Workers are increasingly using online applications like Facebook and Google Apps as collaboration tools. How can businesses keep the net generation happy at work while keeping confidential data from leaking out of the enterprise? It's a question Sean Whetstone, head of IT services for Reed Specialist Recruitment, is wrestling with. Whetstone told silicon.com his company is concerned about online applications such as Facebook as people could......
[more] Ignorance of security policy does not exempt from security breaches Most large organizations maintain a detailed corporate security policy document that spells out the “dos and don’ts” of information security. Once the policy is in place, the feeling is of having achieved ‘nine-tenths of the law’, that is, that the organization is in effect ‘covered’. This is a dangerous misconception. Because much like in the world of law and order, while creation of law is fundamental, implementation and enfor......
[more] Check Point to acquire Nokia's security appliance business Check Point Software Technologies announced Monday it plans to acquire the security appliance business of cell phone giant Nokia. With the acquisition, the security software maker plans to use Nokia's security appliance business to broaden its footprint in the security appliance market. Check Point, which is predominately known for its security firewall business, has branched out into the security appliance business over the past five......
[more] Many workers in the office environment do not pay attention to security because of a false sense of confidence Cybercrime refers to criminal offences committed with the aid of communication devices, usually over the Internet. Anyone with a smattering of online knowledge should know something about some of these online dangers, even if they don’t fully understand them. The general public has been well advised not to respond to spam, not to open emails from unknown contacts, and only to shop on s......
[more] Indian Police on the hunt for poorly secured wireless connections At a conference in Mumbai last week, 80 policemen were taught about Wi-Fi connections and cybercrime and given the authority to order the owners of wireless routers to properly secure them with encryption and passwords. Police in Mumbai are reportedly on the hunt for poorly secured wireless connections, following an incident last year where hackers sent a warning about an imminent bombing from an innocent person’s Wi-Fi con......
[more] Lessons from the snow Heavy snow fall across Britain has highlighted weaknesses in UK’s digital infrastructure planning, just as clearly as it revealed the failure of the country’s physical infrastructure to cope. The snow brought chaos to roads, railways and airports, closing thousands of schools and businesses. London's almost entire bus network was suspended and 10 of the 11 underground lines were either down or part suspended. But the heaviest snow fall in 18 years has also shown how IT sy......
[more] French navy sunk by Conficker worm The French navy is the latest victim of the highly disruptive Conficker worm. The worm forced the navy to voluntarily cut network connectivity to stop the worm from spreading on its Intramar network last month. Web browsing and email messaging on the network were disrupted, and some users were forced to rely on more conventional means of communication such as the phone, fax or postal system, navy spokesman Jerome Erulin told the Ouest-France newspaper. The Fr......
[more] Check Point reinvents security with 'software blades' Check Point has come up with a new security architecture it hopes can put the best bits of the unified threat management (UTM) concept into a form that will appeal to high-end installations such as data centres. In the new Software Blade architecture, each security function - firewall, VPN, intrusion detection - runs as a separate piece of software within the same software environment, and atop a range of operating systems, including VMware.......
[more] Experts sound scam threat warning Experts are warning of an increase in the number of fake anti-virus websites. Hackers are tricking people with a false warning, saying that the computer is infected with a Trojan and getting users to buy a fake anti-virus product. A number of sites were closed last year when authorities in the US took action to stop sellers of "scareware". But despite the closures, the number of sites continues to grow, with one expert saying it was "the biggest......
[more] German office for information security claims internet safety is poor, as almost half of users are unprotected Security levels on the internet have been described as ‘catastrophically poor'. A representative of the German government made the claim at the CeBIT Computer Fair in Hanover, with BSI chief Hartmut Isselhorst claiming that as soon as a user goes online they become a target. Yuval Ben-Itzhak, chief technology officer at Finjan, said: “Research from the BSI, the German federal off......
[more] Juniper offers multi-vendor threat management Juniper is set to launch software to allows security products from competing vendors to share and analyse log information in order to determine the root cause of network problems and fix them. Called Adaptive Threat Management, the data-sharing software includes upgrades to its SSL VPN and Unified Access Control devices that enable them to publish log information to a UAC server that shares the data with other platforms. The interface between the SS......
[more] ATM malware appears, Diebold issues security update Diebold, which has fielded recent criticism over the reported insecurity of its voting machines, is now fighting off news that its ATMs also can be compromised. Security firm Sophos reported this week that it received three samples of a trojan that was customised to run on Diebold-manufactured cash machines in Russia, said Graham Cluley, Sophos' senior security consultant. The malware was able to read card numbers and PINs -- then when the att......
[more] Big jump in online banking fraud Software allowing fraudsters to track what you type led to the level of online banking fraud more than doubling in 2008, according to a banking body. Fraudsters use a device called keylogging - when keystrokes on a computer are tracked to gather passwords and credit card numbers. Online banking fraud jumped to £52.5m last year, up from £22.6m in 2007, said UK payments association Apacs. Total fraud losses on UK debit and credit cards rose by 14% to &......
[more] The convergence of SIEM and log management Though Security Information and Event Management and log management tools have been complementary for years, the technologies are expected to merge. Here's a look at what you can expect in second-generation log management and SIEM solutions. SIEM emerged as companies found themselves spending a lot of money on intrusion detection/prevention systems (IDS/IPS). These systems were helpful in detecting external attacks, but because of the reliance on sig......
[more] Enterprises still neglecting WLAN security Most European enterprises are neglecting their wireless LAN security, with an alarming number using only the most basic security protection for their wireless networks. So discovered a Motorola survey carried out by Vanson Bourne, which found that over half (65 percent) of large European companies use the same security measures for both wired and wireless networks, when in reality, they need different handling. The survey questioned 400 IT directors at......
[more] Final countdown to Conficker 'activation' begins Security watchers are counting down to a change in how the infamous Conficker (Downadup) worm updates malicious code, due to kick in on Wednesday 1 April. Starting on 1 April, Windows PCs infected by the latest variant of the Conficker worm (Conficker-C) will start attempting to contact a sample of 50,000 pre-programmed potential call-home web servers from which they might receive updates, a massive increase on the 250 potential web server locale......
[more] Regaining app-centric visibility, control Enterprises need a better way to control software-as-a-service, cloud computing, Web 2.0 and other applications that are hosted outside the enterprise because the traditional port-based approach has ceased to be effective. Moving beyond port-based traffic classification isn't easy, but because the "threat industry" now has application-level exploits and applications are at the heart of many data leaks, enterprises must rise to the challenge.......
[more] IT administrator faces five years for network extortion An IT administrator faces up to five years in prison after he tried to extort money from his former employers by threatening to crash the company’s servers. Viktor Savtyrev, 29, pleaded guilty to extortion after he threatened his former employers with computer crashes. He also threatened to enlist Eastern European hackers to launch attacks against his former employer, New York investment firm Third Avenue Management. "My comrades for......
[more] Businesses losing fight against employee apps Enterprises are struggling to control the use of consumer applications within the workplace, despite the panoply of security tools being used within corporates. According to research from security start-up Palo Alto Networks, nearly half of all bandwidth within corporate environments is being consumed by personal applications such as YouTube, peer-to-peer filesharing and various other consumer applications. Peer-to-peer is a particularly frequent pro......
[more] IPv6 security guru fields questions Although he acknowledges that businesses have yet to embrace IPv6, security guru Scott Hogg says that doesn't mean IT executives can ignore the security problems that the next generation Internet protocol can present. After all, he notes, operating systems such as Microsoft Vista and Linux are already IPv6 capable and thus any networks that use them might be handling IPv6 traffic without their operators' knowledge. In this question and answer session, Hogg, wh......
[more] Many companies are not in control of their firewalls With the economy taking quite a bashing and the housing market looking pretty miserable the question might be: Where is the silver lining? And I think I made have found it for those poor souls who have just seen their plans of moving to a new house dashed – you don’t have to tidy up! Let’s face it if you lived more than a couple of years in the same place you really don’t want to start packing. After all how much of the “jun......
[more] When good security kills performance Continuing on my recent theme of security pain points, I'm finding that many companies suffer horrible log-on delays because of their computer security defenses. I'm not talking about a minor inconvenience. I'm documenting 8- to 10-minute boot-ups and log-ons versus 1.5 minutes without the host-based firewall or anti-virus software that's getting in the way. It doesn't matter which operating system the end-user is running. The problem affects both Windows and......
[more] Spammers target corporates with new technique Spammers seem to be working a little bit harder these days, according to Symantec, which has reported that unsolicited email made up 90.4 percent of messages on corporate networks last month. That represents a 5.1 percent increase over last month's numbers, but it's nothing out of the ordinary. For years, spam has made up somewhere between 80 percent and 95 percent of all email on the Internet.Symantec reported that nearly 58 percent of spam is now......
[more] Spammers find new way to bust filters Spam is on the rise once more, thanks in part to a new technique. Unsolicited email accounted for 90.4 percent of all messages received on corporate networks during April, an increase of 5.1 percent from the previous month according to Symantec's MessageLabs Intelligence unit.Adam O'Donnell, a researcher at Cloudmark, a provider of anti-spam tools, noted that in addition to using botnets, spammers in recent months have been experimenting with a new wa......
[more] PCI compliance accused of becoming meaningless if it is not correctly enforced The requirements for PCI compliance have been described as ‘woefully inadequate'.Paul Henry, security and forensic analyst at Lumension, claimed that breach after breach of credit card data has become all too commonplace, and PCI should raise the bar and increase the minimum acceptable standards to become compliant in light of these many failures.Pointing to the Heartland incident, Henry stated that PCI had &ls......
[more] Learn to love your log files Considering how much information is available in log files, you'd think companies would pay more attention to them. Client computers, servers, firewalls, network devices, and other appliances generate reams of event logs every day, but these logs often go ignored. Although it's a security sin, it's understandable on many levels. First, logs can contain vast amounts of uninteresting events. In fact, most logs are nothing but noise. With the rare exception, most logs......
[more] One in five IT security managers cheat on an audit to get it passed According to the annual "Reality Bytes" security survey by Tufin Technologies of IT security managers and technical staff, 20% admit to cheating on an audit to get it passed. The survey also discovered that 63% of companies only check and audit their firewalls from anything between 3 months to a year, with a staggering 9% never bothering to check their firewalls at all. 51% admitted that their firewall rules are "a mess." The s......
[more] Security Manager's Journal: We've been blind to attacks on our Web sites Our Web sites are under attack! And my company's firewall and intrusion-detection systems seem to have been giving a lot of people around here a false sense of security. Of course, as the security manager, I can't afford a false sense of security, so I recently took some steps to find out just what was going on within our Web servers' network traffic. And it turns out that many attacks have been getting through our firewa......
[more] Security taking a hit as companies bitten by crunch IT security has been neglected due to the economic downturn, according to security experts. Bruce Schneier, BT's chief security technology officer, told a European Network and Information Security Agency (Enisa) event on Friday that organisations are struggling to keep on top of workloads that have increased due to layoffs. "Times are tough, even for criminals," said Schneier. "Organisations are dealing with more disgruntled emp......
[more] Opera Unite could be security risk say researchers Users installing Opera Unite, Opera's new web development platform, could at risk from being hijacked by cyber-criminals, according to security researchers. Opera Unite lets users run a web server from their desktops. The browser connects to an Opera proxy server, which then allows the browser to serve content to the rest of the Internet. This simplifies things for home users who want to host their own web pages; with Opera's architecture, they......
[more] The 10 dumbest mistakes network managers make When you look at the worst corporate security breaches, it's clear that network managers keep making the same mistakes over and over again, and that many of these mistakes are easy to avoid. In 2008, Verizon Business analyzed 90 security breaches that represented 285 million compromised records. Most of these headline-grabbing incidents involved organized crime finding an unprotected opening into a network and using it to steal credit card data, Soc......
[more] Majority of vulnerabilities now being exploited The number of exploits being written to target specific software vulnerabilities could be at all-time highs, new threat figures have suggested. Fortinet's Threatscape report for June, which actually covers the period between 21 May and 20 June, reveals that of the 108 new vulnerabilities added to its firewall intrusion detection system in the period, 62 were being actively exploited. This is equivalent to a 57.4 percent exploit rate, a rise over......
[more] Map out your zone defense A good exercise for any security admin is to map your security domains or zones. The idea is that a map of the inputs and outputs of your organization's data pathways will give you a clearer idea of the users, gateways, systems, and data that you are trying to secure. Unless you know about it, it's impossible to secure it. And, as the saying goes, a problem well defined is a problem half-solved. Start with all of the ways that people can enter your environment: LAN, WA......
[more] Few businesses are likely to be insured against the result of cyber attacks According to The Wilson Organisation, insurers and underwriters are predicting a rise in white collar extortion as the recession continues to bite and unemployment figures increase. Worryingly many businesses do not have insurance cover for data or business loss. “According to a DTI Information Security Breaches Survey, a third of UK businesses think general business insurance provides full cover for damage to the......
[more] Nine things about botnets that will scare your pants off I wondered just how deep and wide the botnet problem goes. What I learned with just a little bit of research is enough to make you want to return to the days of stand-alone computing. The reality is worse than most people suspect. Let me share nine known things about botnets that will scare your pants off. At the very least, perhaps this article will prompt you to step up your effort to keep your corporate PCs off the illicit botnets. 1.......
[more] Breach Security unveils two new ModSecurity Rules Breach Security has announced two new ModSecurity Rules developments, the ModSecurity Core Rule Set (CRS) and the commercial Enhanced Rule Set (ERS). Breach Security said that the CRS is now an official OWASP project that facilitates community collaboration. The ERS has been enhanced to address the attack vectors such as cross-site request forgery (CSRF), remote file inclusion (RFI) and HTTP parameter pollution. The company said that ModSecurity......
[more] Human brains not wired for modern IT security Security expert Bruce Schneier told delegates at the Black Hat USA 2009 conference that the human brain is not suited to IT security in the modern world. Schneier said in his address that, in evolutionary terms, the human brain cannot deal with the complex threats that dog the modern environment, and that computer security is unlikely to be solved in our lifetimes. "We have Stone Age brains. We respond to stories not data," he said. "......
[more] Trend Micro revamps threat resource site Anti-malware vendor Trend Micro has revamped its online threat resource centre to include new free tools designed to boost security and provide IT staff with greater visibility into the threat landscape. The TrendWatch site has had a complete redesign to offer information on current threat activities, educational videos and threat analysis reports, according to the firm.>New to the site is VM Protection, a free software tool designed to help enterpris......
[more] FAQ: The ins and outs of DoS attacks Thursday's denial-of-service attack that knocked Twitter offline for a few hours and affected Facebook, LiveJournal, and Google Sites and Blogger wasn't your average attack. Typically, someone who has a bone to pick with a specific Web site will round up some hijacked PCs and use them to try to shut the site down. In this case, whoever was responsible was trying to block access to a specific user's accounts and not the sites themselves. Denial-of-service at......
[more] Don't sell your corporate secrets on eBay While firewalls and anti-intrusion measures are part of the standard corporate IT security kit, important areas in the lifecycle of data are often overlooked, as Kroll Ontrack's Adrian Briscoe explains. Every couple of years, a research team makes the headlines after buying discarded hard drives, laptops or desktop PCs to see what kind of data they can salvage. In 2003, research was conducted by two graduate students - Simson Garfinkel and Abhi Shelat -......
[more] How to Prevent a Heartland-Style Data Breach The United States Department of Justice announced today the arrest of Albert Gonzalez, a 28-year old Miami man, in the largest identity theft prosecution on record. Gonzalez is accused, along with two as-yet-unnamed Russian co-conspirators, of compromising more than 130 million credit and debit card accounts from a variety of targets including Heartland Payment Systems and 7-Eleven. While the Department of Justice should be commended for the successf......
[more] Check Point provides businesses with preemptive protection against Microsoft exposure Check Point Software Technologies Ltd has announced that Check Point IPS solutions shield customers against exploits associated with the FTP Service in Microsoft Internet Information Services vulnerability. Successful exploitation of this unpatched vulnerability could allow hackers to take over an affected company’s systems. Although no Microsoft patch is currently available for this vulnerability, Check Point......
[more] 7 Ways Security Pros DON'T Practice What They Preach IT security pros are often driven to drink -- literally -- over the daily battles of their job: bosses unwilling to accept the rationale for some new security investment, employees who regularly infect their computers by doing things that have nothing to do with their jobs, and vendors who don't understand the company's needs. But in a recent, unscientific and informal poll CSOonline conducted over such social networks as Twitter and LinkedIn,......
[more] PCI survey finds some merchants don't use antivirus software Consumers face a greater risk of losing control of their data when doing business with smaller retailers, as many haven't made investments to comply with the Payment Card Industry's Data Security Standard (PCI DSS), according to a new survey. The survey, which covered 560 U.S. and multinational organizations, asked respondents a variety of questions about their investments and deployment of technology to comply with PCI DSS, which was......
[more] Microsoft launches free security Microsoft has released its free computer security package to the public. From 1700 BST on 29 September, Windows users will be able to download the software from Microsoft's Security Essentials website. The free software gives basic protection against viruses, trojans, rootkits, and spyware.
The Essentials software is Microsoft's second try at making an own-brand security package.
Prior to release, a beta version of Microsoft's Security Essentials (MSE) software,......
[more] Q&A: Nick Lowe, Check Point head of northern Europe V3.co.uk sat down with Nick Lowe to discuss the need for consolidation in the security space, and the effects of the recession. V3.co.uk: What are your customers most worried about in these current times?Nick Lowe: There are probably three main things I'm hearing on a regular basis. The first relates to what a security infrastructure will look like going forward. This gets exaggerated the more senior you go in an organisation. Cloud computing,......
[more] Windows 7 security: Five things you should know Microsoft says Windows 7 is the most secure version of the Windows operating system ever developed. Big deal, right? I am pretty sure that Microsoft has made that claim for every new version of Microsoft Windows in the past 15 years, and that it is a valid claim. What else would you expect? Is Microsoft going to come out with a new operating system and make it less secure than its predecessor? I think not. Still, while the marketing around Windows......
[more] The four most common myths of Cyber Security Incidents and exploits crafted by an effective and growing menace are threatening the continuity of, and confidence in, the very core of our commercial and social infrastructure. In just 90 criminal investigations performed in 2008, where data compromise was confirmed, the Verizon Business RISK team (a leading computer forensics group) reported more than 285 million consumer credit records stolen. This number far exceeds the combined total confirmed f......
[more] Switchers Guide: Understanding Mac security When it comes to security, using Windows can feel like living in the heart of a big city--the kind of place where you can install all the locks and alarms you want, but you still worry. The vast number of computer users who run Microsoft operating systems form the biggest, juiciest target cybercriminals could dream of. Which is why there are more than twenty-two million unique examples of Windows malware out there. Using the Mac, by contrast, is like......
[more] Google Reader Koobface spotlights security risk 2.0 The rising use of social networking and collaboration apps on corporate networks has spawned increased security risks beyond potential productivity losses, firewall vendor Palo Alto warns. The warning coincides with the appearance of a variant of the Koobface worm linked to Google Reader accounts controlled by hackers. Aside from acknowledged business benefits, Web 2.0 applications can transfer files, propagate malware, and have known security......
[more] 64 percent of websites contain serious flaws Cross-site scripting and SQL injection remain the top methods of attack. Vulnerabilities in web applications remain the primary avenue of attack for cybercriminals, according to a WhiteHat Website Security Statistics Report released this week. Organisations building custom web applications are particularly at risk, says the report, which measured data collected from January 2006 to October 2009, across more than 1,300 websites.
The problem is exacerb......
[more] 3 Basic Steps to Avoid Joining a Botnet Banging the drum for security awareness never gets old. As much as CSOs try to get folks to bone up on safe practices (both online and in the office), there are always going to be some who need reminding. Online, the biggest battle these days is against botnets: networks of infected computers which hackers can use -- unbeknownst to the machine's owner -- for online crimes including sending out spam or launching a denial of service attack. Unfortunately, t......
[more] Check Point adds web app and widget control Soon businesses that run Check Point security tools will be able to understand how thousands of web applications and web 2.0 widgets are used, giving executives better control over what employees do with their computers at work. The company is developing a software blade that customers can buy to address use of social websites and web applications. Check Point has licensed extensive libraries from FaceTime that identify 4,500 web applications and more......
[more] Hackers view the holiday season as the ideal time for hacking business computer systems Hackers are ready to take advantage of skeleton staff running IT departments over the holidays. According to Michael Hamelin, chief security architect with Tufin Technologies, the Christmas and New Year - holiday periods are the times when the heavy-duty hackers come out to play. "And whilst you're doing your shopping or putting your feet up, our research shows that the would-be `Neos' of this world stop wat......
[more] Compliance as Security: The Root of Insanity There is an ever-increasing pressure for security executives to be a champion of compliance within their respective organizations. Given that there seem to be new or changing compliance requirements emerging on a fairly regular basis, this can be viewed as both a blessing and a curse. As our government acquires increasing financial interests in some private business sectors, this trend may continue to escalate.
The blessing is that in some instances......
[more] Hacker to plead guilty to Heartland breach Albert Gonzalez has agreed to plead guilty on charges of hacking into Heartland Payment Systems, 7-Eleven and Hannaford Bros. After admitting to the TJX hacks three months ago, Albert Gonzalez has now agreed to plead guilty to charges he broke into the network of Heartland Payment Systems and several other companies to steal more than 130 million credit and debit card numbers. The plea agreement was filed Tuesday in a US District Court in New Jersey. G......
[more] Businesses need to understand the security issues of Web 2.0 and Social Networking The adoption of Web 2.0 makes the job of keeping email and the web free from attacks, malware and spam even more difficult. Yet, simply closing access to unapproved tools can be short sighted as unhappy employees drift to rival businesses with more enlightened policies. Web 2.0 is growing with increasing momentum and businesses seem to be harnessing some of its benefits to bring them closer to their customers and......
[more] Top Five Reasons For Security FAIL The Internet security industry has seen every type of security solution fail. While there are exceptions, one can learn some general principles as to why things fail. Below are some observations. The weakest link
"Security is only as good as its weakest link." This is probably the most well-known adage. Surprisingly however, many security solutions fail because of it, as the weakest link is often not obvious. This is best demonstrated with a couple of examples......
[more] Hacker pierces hardware firewalls with web page On Tuesday, hacker Samy Kamkar demonstrated a way to identify a browser's geographical location by exploiting weaknesses in many WiFi routers. Now, he's back with a simple method to penetrate hardware firewalls using little more than some javascript embedded in a webpage. By luring victims to a malicious link, the attacker can access virtually any service on their machine, even when it's behind certain routers that automatically block it to the ou......
[more] Three lessons for businesses from the Google attack The cyberattacks against Google and more than 30 other technology companies by adversaries operating out of China highlights what some call the Advanced Persistent Threat (APT) confronting a growing number of U.S commercial entities. The term has been used for some time in government and military domains to describe targeted cyberattacks carried out by highly organized state-sponsored groups with deep technical skills and computing resources.
S......
[more] Hackers ran detailed reconnaissance on Google employees The hackers who infiltrated the computer systems of Google earlier this month first carried out sophisticated reconnaisance and may even have posed as friends of Google employees, according to McAfee chief technology officer George Kurtz. In a project dubbed Operation Aurora by the security giant, hackers are likely to have used sophisticated social engineering techniques and advanced reconnaissance work to target individuals at the compan......
[more] From Passwords to MFT, Cyber-Ark Has a Vault for That There's a school of thought that says open source development yields greater security because the heightened transparency ensures that problems are identified and fixed at a quicker pace. There's another school of thought that says true security is obtained by building your own stuff and then concealing its existence. Cyber-Ark is an advocate of the second approach with its Digital Vault, which serves as the foundation for a series of securi......
[more] Combining SSO with strong authentication devices provides two-factor authentication for improved security Technology has evolved to address the challenges of the modern business market. Mobile working and round-the-clock communication have tested information security, as has the need to lock down data from the inside-out. Securing the firewall was previously top of the CISO agenda, but today, securing internal access to applications by employees is equally important. Internal and external regula......
[more] Researcher blasts iPhone security protections A security researcher presenting at the Black Hat security conference in Washington DC has suggested that major flaws exist in the Apple iPhone. Researcher Nicolas Seriot said that Apple was leaving major holes in the smartphone for its software which could possibly allow attackers and malware developers to craft applications which steal user data such as recent calls and locations. "Overall security improves with each new iPhone version, but some b......
[more] Security tips for large and small businesses Whether your business is a big fish or a small-fry home office, you can get hacked just the same, and the stakes are higher than a few canceled credit cards. Here are a few tips to protect your users and your networks--steps that even enterprise-class security specialists may slip up on. Know Who Might Be Targeted - and How and Why
With the recent news of attacks on US companies including Google, many business owners might be thinking, "That wouldn't......
[more] Apple delivers record monster security update Apple today patched 92 vulnerabilities, a third of them critical, in a record update to its Leopard and Snow Leopard operating systems. Security Update 2010-002 plugged 92 holes in the client and server editions of Mac OS X 10.5 and Mac OS X 10.6, breaking a record that has stood since March 2008. The update dwarfed any released last year, when Apple's largest patched 67 vulnerabilities. "The sheer number, it's almost so daunting that you don't......
[more] Yahoo targeted in China cyber attacks The Yahoo e-mail accounts of foreign journalists based in China and Taiwan have been hacked, according to a Beijing-based press association. Rival Google has been involved in a high-profile row with the Chinese government following similar cyber-attacks against Gmail accounts. The Foreign Correspondents' Club of China (FCCC) has confirmed eight cases of Yahoo e-mail hacks in recent weeks.Yahoo said it condemned such cyber-attacks.But the FCCC accused Yahoo......
[more] Great firewall of News Limited saves $5.5M a year Blocking people from accessing unproductive Web sites has saved News Limited an estimated $5.5 million a year the company's top security professional estimates. Just as the federal government hatches its plans to implement the great firewall of Australia in the form of Internet filtering, News Limited has seen success by blocking employees from accessing public Web services it deems unproductive. News Limited's national IT security manager Bob H......
[more] Social networking raises legal, regulatory issues for businesses Popular social networking sites, such as Facebook, Twitter, and LinkedIn, are causing a stir in the financial services community as well as other highly regulated industries as companies seek ways to control how the sites are used to communicate with potential clients and colleagues. Social networking sites have proved valuable for sales-lead generation, marketing and general broker-client relations, but regulators have been quick......
[more] Palo Alto Networks tackles Facebook privacy Network security firm Palo Alto Networks has added tools to its firewall which it claims will make it easier for companies to lock down Facebook, specifically the privacy risks associated with its plug-ins. The company said that increasing enterprise use of Facebook makes it vital to ensure that it is being used securely, particularly concerning personal information being shared with third parties."The new default Facebook privacy settings are d......
[more] Oracle boosts database security with Secerno buy Oracle has announced the acquisition of database firewall provider Secerno in a move designed to expand its growing portfolio of database security products. The Secerno technology, which has won many plaudits and independent awards in the industry, is based on its SynoptiQ Engine which is able to analyse database activity, suggest policies and, crucially, prevent unauthorised access. Oracle said that Secerno's products would extend its existing d......
[more] The biggest botnets: Is your PC part of one? There are hundreds of botnets, ad hoc networks of Windows PCs that are infected with one or more programs to let them do the bidding of their controllers, some are far more trouble than others. While you can't afford to ignore any botnet threat, here are some of the worst of the worst. "When it comes to botnets, size does matter," said Scott Emo, head of endpoint solutions at Check Point, a network security company. That's because "the......
[more] Security Manager's Journal: Without patch management, you are nothing. Does it all come down to patch management? As a security manager, I pursue many initiatives, striving to protect the company on many fronts. But patch management is a key metric of our risk exposure, since there is a direct correlation between security incidents and patch compliance. So, in a way, it does all come down to something as basic as patch management, because if we fail there, we can't be secure. Of course we have......
[more] Palo Alto Offers 'Read Only' Facebook Access Network security vendor Palo Alto Networks announced Tuesday that its firewalls can now control which groups of users have access to specific Facebook functionality -- reading, posting, chatting, sending messages, using apps, or other plug-ins -- as well as when. Furthermore, any Facebook activity can also be scanned to ensure that data doesn't contain confidential information and to ensure it's not part of an unfolding security incident, such as a......
[more] Enterprise users get tips on iPhone 4 video calls Apple has released guidance aimed at enterprises looking to use the iPhone 4 for internal video calls. The company recommends that enterprises open up a number of their network ports in order to take advantage of the phone's FaceTime feature. "Internet traffic moves through a firewall based on service-identification numbers that are referred to as ports. Certain ports must be open for FaceTime to work," the firm said."Network admi......
[more] The pros and cons of Windows 7 security Businesses are eyeing a transition to Microsoft Windows 7, and with a wealth of security features that are part of it, it's worth figuring out the good and bad about each of them, says Gartner analyst Neil MacDonald, who notes in some cases, third-party security products might be the better fit. The AppLocker feature in Windows 7 offers an application-control capability that lets the IT manager set up a list of applications allowed to run, said MacDonald......
[more] 4 reasons why execs are the easiest social engineering targets Security managers are often concerned about employees who use Facebook at work and fall for the 419 "I'm trapped in London and need money" scam. Others might still have some in their organization who are convinced it is the Prince of Nigeria who wants to share his fortune. And with spear phishing, a targeted email attack in which messages are created to look like they come from an employer, bank or other trusted source, now a common......
[more] McAfee moves into Mac security space McAfee has released a pair of security offerings for MacOS X. The company said that it would be extending its Internet Security and Family Protection offerings to the MacOS X platform. Both products target end user markets and will require MacOS 10.5 or later. The Internet Security offering will offer basic malware detection and firewall protections along with the McAfee Site Adviser web security service and the Secure Search tools.For families, the company......
[more] Honeypots stick it to insider threats One of the more popular benefits of setting up honeypots on your organization's network is to learn about malware and hacker behavior, but I often recommend that companies install a low-interaction honeypot on internal networks to simply report anything that touches it. See, honeypots are fake assets. Nobody should access them. Thus, they often can be used for finding trusted insiders or partners doing things they were not authorized to do. Case in point: R......
[more] Cyber crime costs businesses each $3.8 million per year Study also finds that cyber crime -- including Web attacks, malicious code, and rogue insiders -- results in about one successful attack each week new study of 45 U.S. organizations found that cyber crime -- including Web attacks, malicious code, and rogue insiders -- costs each one of them $3.8 million per year, on average, and results in about one successful attack each week. "First Annual Cost of Cyber Crime Study," condu......
[more] Patch Tuesday puts serious pressure on admins Security experts have warned administrators to ignore Microsoft's latest Patch Tuesday update at their peril, despite it covering a record-tying 34 vulnerabilities. A third of the vulnerabilities are rated 'critical', suggesting work needs to start immediately, but firms need to think carefully about what order to fix them in. Of the many patches issued by Microsoft, the security firm Symantec highlighted in a blog post that the SMB pool overflow vul......
[more] Researcher: Code-execution bug affects 200 Windows apps About 200 Windows applications are vulnerable to remote code-execution attacks that exploit a bug in the way the programs load binary files for the Microsoft operating system, a security researcher said Thursday. The critical vulnerability, which has already been patched in Apple's iTunes media player for Windows and VMware Tools, will be especially challenging to fix, because each application will ultimately need to receive its own patch,......
[more] Microsoft releases tool to block DLL load hijacking attacks Microsoft on Monday responded to reports of potential zero-day attacks against a large number of Windows programs by publishing a tool it said would block known exploits. However, the company declined to confirm whether any of its own applications are vulnerable, saying that it is currently investigating Microsoft-made software. Monday's security advisory was its first public reaction to a wave of reports from researchers that develope......
[more] Secure Your Virtualized Infrastructure Whether it's physical infrastructure or virtual, the same security concerns apply. Viruses, bots, worms, and other malware can enter the network by way of a virtual connection, just as they can through a physical machine, and employees can create accidental or purposeful data breaches. But although the worries are the same, there are security issues that are particular to the virtual world. Here are some tips for keeping your virtualized infrastructure secu......
[more] Don't let company politics dictate your security priorities A company recently hired me specifically to improve its password policy. At five characters long, zero complexity, and no forced expiration changes, these passwords would be considered nearly nonexistent to most hackers -- and the client knew it. I quickly learned that the client had several other significant security problems, including porous firewall rules, outdated antimalware software, horrible patching, and hundreds of domain adm......
[more] Lower Your Data Center's Exposure To Security Risks Security threats to businesses and their networks come from numerous sources: hackers, malware, user error, and attacks by competitors and even governments. Moreover, rapid technological evolution has generated security threats that didn't exist a few years ago, along with increased employee and customer interactivity. Failure to keep up can be a disaster waiting to strike. If your IT department has been taking its security for granted, a fres......
[more] Stuxnet pinned for killing Indian satellite As speculation mounted that Israel's military created the Siemens-targeting Stuxnet worm, a US security researcher claimed to have evidence it was also responsible for destroying an Indian broadcasting satellite. "There are more and better theories to explain Stuxnet's motivation than just Israel and Iran, as others have posited," Jeffrey Carr, author of "Inside Cyber Warfare" and Forbes‘ The Firewall blog wrote. While Stuxnet......
[more] Sick PCs should be banned from the net says Microsoft Virus-infected computers that pose a risk to other PCs should be blocked from the net, a senior researcher at software giant Microsoft suggests. The proposal is based on lessons from public health, said Scott Charney of the firm's trustworthy computing team. It is designed to tackle botnets - networks of infected computers under the control of cybercriminals.Putting machines in temporary quarantine would stop the spread of a virus and allow......
[more] The must-have requirements of Cloud-based network security While some of the technical underpinnings that make up the Cloud's ‘secret sauce', are relatively recent innovations, the business case for managing critical IT functions as services - inside or outside the firewall - is not a new concept. At the end of the day, the Cloud is just another way to outsource IT functions, and the same fundamental concerns that exist with more mature outsourcing offerings need to be addressed - such as,......
[more] Sophos delights Mac users with free antivirus Security software company Sophos has finally broken ranks and decided to offer Mac users a free antivirus product without hidden strings. Branded, free-to-use antivirus products for Mac OS X are almost unheard of and the examples that do exist are designed to tempt users into upgrading to get more features and support or lack some features. Sophos Anti-Virus Home Edition for Mac looks like becoming the first ever full-featured Mac security software......
[more] How ID card database will be destroyed Identity cards may be history for British citizens - but what about all the personal details collected by the government and stored on its national identity database? Anyone who imagined it would simply be a case of an official somewhere hitting delete is in for a rude awakening. The Home Office is seemingly planning an orgy of destruction, as expensive and barely-used equipment is removed from offices and destroyed - all in accordance with government guide......
[more] The new Facebook threat to business The Boy Billionaire, aka Facebook CEO Mark Zuckerberg, has done it again. His proposal to turn Facebook messaging into a sort of universal communications platform is probably the worst idea of the year. It's bad for the privacy of users and for corporate IT, which will have to deal with a huge spike in hard-to-defend Webmail. Ultimately, it may well be bad for Facebook, which will likely see its fairly pristine messaging service overrun by spammers and hackers......
[more] Is a next-generation firewall in your future? The traditional port-based enterprise firewall, now looking less like a guard and more like a pit stop for Internet applications racing in through the often open ports 80 and 443, is slowly losing out to a new generation of brawny, fast, intelligent firewalls. The so called next-generation firewall (NGFW) describes an enterprise firewall/VPN that has the muscle to efficiently perform intrusion prevention sweeps of traffic, as well as have awareness......
[more] Juniper gobbles Altor Networks in $95m startup snack Juniper Networks has acquired partner Altor Networks for $95m in cash, to beef up the security of networks and virtualized servers using its switches. Altor, which was founded in 2007, is located in Redwood Shores, California, and has created a firewall and intrusion protection system combination that was designed from the ground up to be used in virtualized networks linking virtualized servers to each other. The company was founded by Amir Be......
[more] Microsoft delivers 40 fixes for December Microsoft has posted its final scheduled security update for 2010. The company said that the December 'Patch Tuesday' release would include 17 bulletins which address a total of 40 different security vulnerabilities. The bulletins include fixes for vulnerabilities in Windows, Internet Explorer, Office, SharePoint and Exchange. Of the 17 flaws, just two were rated as critical and listed by Microsoft as top deployment priorities.The two critical bulletins a......
[more] Security Manager's Journal: Buried in SIEM configuration I mentioned in my previous column that in my new job, I inherited a project to implement a security incident and event management (SIEM) tool. In response, several readers e-mailed to tell me about their experiences. Here's what I've learned in tackling this project over the past couple of weeks. There are a few different ways to use SIEM. It can alert you to anomalous behavior and malicious code. By pulling in data from our antivirus sca......
[more] Websense's five security predictions for 2011 In 2011, enterprise IT departments will face the added challenge of safeguarding all those employee smart phones and the corporate data they carry as hackers will make smart devices a prime target, warns one security expert. Patrick Runald, senior manager of security research at San Diego, Calif.-based security technology vendor Websense Inc., in explaining the first of five of his company's security predictions for 2011, said the problem is enterpri......
[more] Analysis: Hybrid security here to stay Vendors to keep pushing layers of products. The market for on-premise, end-point security software is unlikely to be displaced by a growing focus on security in the cloud, industry experts say. According to Gartner security analyst Rob McMillan, virtualisation and cloud computing were driving an evolution in enterprise security demands. He likened the shift to the advent of the internet, which came with greater information flow - and security risks - than e......
[more] Firewall rules management fine-tunes operations Organizations have been building security into their business infrastructure to avoid incurring additional acquisition and operational costs from standalone security products. Firewall rules management vendors are responding to this demand by prioritizing features that facilitate the integration of security operations with network and IT teams. Security vendors in this segment -- such as AlgoSec, RedSeal, SecurePassage, Skybox, and Tufin that were......
[more] Keep your firewall rulebase in shape Firewall rule which if unmanaged can leave gaping security holes, performance degradation and management issues. Firewall rules are born and modified as a result of access requests from users or IT projects. And over time, they become irrelevant - because applications, services and networks change, and users leave. These unused or "stale" rules are a hidden menace to your firewall policy rulebase. First of all, they slow down performance - since the......
[more] Check Point offers virtual blades for enterprise security Check Point has released four new security applications for enterprises, the first products in its 3D Security program that is designed to match security requirements with business best practice. The four applications are being released as a free upgrade to existing customers of Check Point's R75 security platform. The ‘virtual blades' cover application control, identity awareness, data loss prevention and mobile access. The modules......
[more] Anonymous security firm hack used every trick in book An attack by Anonymous on security firm HBGary used a combination of software vulnerabilities and social engineering to pull off a highly sophisticated hack, it has emerged. A SQL injection weakness in a third-party content management product used to post content on HBGary's website allowed a cadre of hackers from Anonymous to steal hashed versions of passwords used to update its website. A brute force dictionary-based attack on these passwor......
[more] Facebook and web apps threaten network security The world is very different from the days when email ruled the roost and Yahoo, not Google, was the first search engine name that rolled off your tongue. In 1995, the worst security threat was a virus on a floppy disk. But in 2011 the security landscape has completely changed; cyber crime is a huge industry and computers have the ability to bring down the networks of whole countries. The internet is not just web browsing and email any more, it's Fa......
[more] New Palo Alto software enforces security policies on all corporate laptops Palo Alto Networks is coming out with software that extends its next-generation firewall protection to individual laptops no matter where they are when they tap into business networks. Called Global Protect, the software agent sets up an SSL session over the Internet to the nearest corporate Palo Alto security gateway, which enforces the security policies that have been set up for that particular user and device. The com......
[more] Security Manager's Journal: New firewalls should increase protection This week, my company began deploying new firewalls. The old ones have been in place for more than six years; the new ones will allow us to take advantage of the next generation of features. Today, application-based (Layer 7) firewalls provide far more flexibility than was available before. The methods of inspecting traffic enable us to allow or deny traffic based on a variety of factors. In addition, the firewall we chose, whi......
[more] Your handy PC security checklist In this emerging age of cloud computing, it's easy to remain focused on the server side of the security equation. However, with crafty cyber criminals running rampant and the continued rise of APTs (advanced peristent threats), securing end-user systems remains critical. Hackers and other troublemakers have a variety of ways by which to turn a PC a perfect access point for wreaking havoc, be it via an outsider exploiting an unpatched vulnerability or an insider t......
[more] Pointing fingers over outsourced data The issue of outsourcing and the risks that it poses has been raised following the Epsilon breach this week. In a similar vein, I recently asked several companies about outsourcing and risk and if outsourced data was breached, who would be responsible for it? There are two sides to this, firstly if you choose to outsource then it could be interpreted that it is your provider's responsibility as they were breached so they should take the blame, then again it......
[more] Barracuda hack shows importance of defence-in-depth The database break-in at Barracuda Networks highlights that no one is immune to attack, but the email and web security vendor also may have overlooked some basic security tenets that made it more attractive to hackers, said its executives and industry experts. The attack against Barracuda occurred on Saturday night when the company's web application firewall was offline for maintenance. The incident provides takeaways for other organizations, n......
[more] 'Boil the ocean' data loss prevention needs to change Check Point is pushing its vision of consolidating disparate security products, managed from a single dashboard and centred on enterprise firewalls. Consolidating security offers better control, Gil Schwed, Check Point's chief exec, told delegates to the security vendors' annual conference in Barcelona on Wednesday. Check Point's 3D security approach brings together three strains - policy, people and enforcement - on technologies such as anti......
[more] Sophos to buy firewall maker Astaro Security vendor Sophos plans to buy Astaro, a maker of network security software. The deal, announced Friday, gives Sophos an array of new products for securing corporate networks from online attacks. Sophos is best known for its antivirus software. Founded in 2000, Astaro makes the Astaro Security Gateway appliances that work as all-in-one security tools, combining a firewall, virtual private network, and Web and e-mail security.The company, which has 220 emp......
[more] Hard data on why your users should avoid file-sharing sites Of course your company's firewall blocks access to RapidShare.com, Easyshare.com, and other well-known file-sharing sites. Your users probably hate you for it. After all, when they need to send a large file to somebody outside the corporate firewall, the file-sharing sites make access fast, easy, and free. And no doubt your users have found plenty of devious ways to work around IT file-sharing restrictions: going to proxy servers or les......
[more] Check Point boss looks beyond 'weapons' for security defence Interview: De-perimiterisation and the move to cloud computing will not alter the central place the firewall occupies in corporate security architectures, according to Check Point chief exec Gil Shwed. Check Point is advocating a three-phase strategy of security policy enforcement centred around the firewall, user education and enforcement as a means of reducing costs while improving security for corporates. The technology part of this......
[more] We're doomed to insecurity in the cloud and on thin clients Working in the IT security field, you spend every waking hour stvriving to improve protection and lower risk. Then another computing technology emerges -- the Internet, wireless networking, mobile computing, social networking, and so on -- and you have to learn every security lesson all over, as if something new and surprising has come along. In the past few weeks, we've seen authentication token leaks from Facebook; a rise in mobile ma......
[more] Security industry relying on obsolete technology The security industry is relying on outdated technology for network protection and is missing huge security holes, according to one of the inventors of the modern firewall. Nir Zuk was one of the key developers behind modern firewalls in the early 1990s. He helped develop the first modern enterprise firewalls with Checkpoint, before moving onto intrusion prevention devices and further research into building more intelligent security products. A se......
[more] Just four per cent of smartphones and tablets are protected against malware The mobile security software market will be worth $1bn by 2013 as the need for protection on smartphones and tablets against a growing number of threats becomes essential, according to Juniper Research. The market will grow to $3.6bn by 2016 when over 277 million devices will be protected, up from just four per cent, or around 27 million, according to the firm's Securing and Protecting a Mobile Future white paper. Report......
[more] IT managers still rely on firewalls, yet fail to rework security strategies More than two-thirds of IT decision makers have consolidated their security elements to take advantage of less cost, simplified management and tighter security. A survey of 305 European IT decision makers by Fortinet found that 69 per cent of respondents had consolidated their security elements, while 79 per cent said that they will continue consolidating more security over the next 12 months. Patrice Perche, senior vice......
[more] VMware preparing data loss prevention features for vShield At the upcoming VMworld conference, VMware plans to highlight new data-loss prevention capabilities in an updated version of its virtual system security product, vShield. In vShield 5, VMware is adding a way to do data discovery to find out whether sensitive data, such as that for healthcare, payment card or sensitive financial information, is being held in the VMware virtual-machine environment being scanned. But more DLP functions, suc......
[more] If you need more information about Firewall, please feel free to contact us with your Firewall questions using our contact form.
