http://www.gss.co.uk/news/ IT Security industry news from Global Secure Systems. This newsfeed covers the latest stories on Viruses, Spam, Malware, Hacking, Wireless and IT Security product updates. en-gb Sat, 17 May 2008 17:57:42 +0100 Copyright: (c) 2008 Global Secure Systems Limited http://www.gss.co.uk/images/g_logo.gif 100 63 http://www.gss.co.uk/ Omar Hussain, CEO at Imprivata, commented, "We are seeing strong demand for the OneSign appliance in the NHS because it solves major problems for Trusts around password management and enforcing security policy. OneSign continues to be the most popular solution on the market for these organisations because it is easily implemented and delivers a real return on investment. Imprivata understands and suppo... http://www.gss.co.uk/news/article/5052/35_NHS_Trusts_choose_identity_%26_access_management_solution/ http://www.gss.co.uk/news/article/5052/35_NHS_Trusts_choose_identity_%26_access_management_solution/ Fri, 16 May 2008 09:00:00 +0100 IT Security Friend Connect violates Facebook's terms of service because it "redistributes user information from Facebook to other developers without users' knowledge," Facebook official Charlie Cheever wrote on the company's blog for developers. "Just as we've been forced to do for other applications that redistribute data in a way users might not expect or understand, we've had to suspend Friend Connect... http://www.gss.co.uk/news/article/5051/Facebook_to_Google%3A_Friend_Disconnect/ http://www.gss.co.uk/news/article/5051/Facebook_to_Google%3A_Friend_Disconnect/ Thu, 15 May 2008 09:00:00 +0100 IT Security The ants have been causing all kinds of trouble in five Texas counties in and around the Gulf Coast. Because of their sheer numbers, the ants are short circuiting computers in homes and offices, and knocking systems offline in major businesses. When IT personnel pry the affected computers open, they find the machines loaded with thousands of ant bodies."These ants are raising havoc," said Rog... http://www.gss.co.uk/news/article/5050/NASA_moves_to_save_computers_from_swarming_ants/ http://www.gss.co.uk/news/article/5050/NASA_moves_to_save_computers_from_swarming_ants/ Thu, 15 May 2008 09:00:00 +0100 IT Security Cyberwarfare has been on NATO's radar for the past year, following the widely reported cyberattack against member country Estonia in May 2007. The attacks, which security experts have compared to a poorly coordinated cyberbrawl, succeeded in knocking some financial systems in the country offline for several hours, prompting Estonia to ask for help from NATO. The attacks were sparked by the re... http://www.gss.co.uk/news/article/5049/NATO_to_set_up_cyberwarfare_center/ http://www.gss.co.uk/news/article/5049/NATO_to_set_up_cyberwarfare_center/ Thu, 15 May 2008 09:00:00 +0100 IT Security An SSH attack is a type of dictionary attack which aims to guess secure shell client usernames and passwords.Writing in the ISC's website diary, incident handler Scott Fendley warned security professionals to be aware of what he called a "significant new trend".He linked to statistics produced by denyhosts.net, a site which offers a script to defend against SSH hacking attempts, which ... http://www.gss.co.uk/news/article/5048/Brute-force_SSH_attacks_surge/ http://www.gss.co.uk/news/article/5048/Brute-force_SSH_attacks_surge/ Wed, 14 May 2008 09:00:00 +0100 IT Security However, the software raised a number of privacy concerns regarding how identifiable people and houses were in the images. Among the complaints Google received were those regarding a man pictured exiting a San Francisco strip club and a woman sunbathing. The search-engine is trialing face-detection technology, which will blur the faces of those caught on camera in Manhattan. If the technique ... http://www.gss.co.uk/news/article/5047/Google_blurs_faces_of_those_caught_on_Street_View/ http://www.gss.co.uk/news/article/5047/Google_blurs_faces_of_those_caught_on_Street_View/ Wed, 14 May 2008 09:00:00 +0100 IT Security Sebastian Muniz, a researcher with Core Security Technologies, developed the software, which he will unveil on May 22 at the EuSecWest conference in London. Rootkits are stealthy programs that cover up their tracks on a computer, making them extremely hard to detect. To date, the vast majority of rootkits have been written for the Windows operating system, but this will mark the first time th... http://www.gss.co.uk/news/article/5046/Hacker_writes_rootkit_for_Cisco%27s_routers/ http://www.gss.co.uk/news/article/5046/Hacker_writes_rootkit_for_Cisco%27s_routers/ Wed, 14 May 2008 09:00:00 +0100 IT Security The Asprox botnet, which specializes in sending phishing spam, is pushing an update to the infected PCs it controls, Joe Stewart, the director of malware research at Atlanta-based SecureWorks Inc., said today. The update is an executable file -- "msscntr32.exe" -- that installs as a Windows service dubbed "Microsoft Security Center Extension." But the executable actually installs an SQL injec... http://www.gss.co.uk/news/article/5045/Phishing_botnet_expands_by_hacking_legit_sites/ http://www.gss.co.uk/news/article/5045/Phishing_botnet_expands_by_hacking_legit_sites/ Wed, 14 May 2008 09:00:00 +0100 IT Security ENISA (European Network and Information Security Agency) wants to recruit an information security expert to become the head of its technical department. ENISA advises the Commission on everything related to communications networks and information systems.The successful applicant will lead teams devoted to three areas: security policy, risk management and security technology & architec... http://www.gss.co.uk/news/article/5044/European_Commission_seeks_security_genius/ http://www.gss.co.uk/news/article/5044/European_Commission_seeks_security_genius/ Tue, 13 May 2008 09:00:00 +0100 IT Security Measures to criminalise DoS attacks have been lying unused in existing laws since November 2006, and had been due to be activated this Spring. But that now won't happen until October, the Home Office said today in a statement."The Government intends to implement the changes to the Computer Misuse Act 1990, as set out in the Police and Justice Act 2006 and subsequently further amended in the S... http://www.gss.co.uk/news/article/5043/Home_Office_admits_delays_over_criminalisation_of_DoS_attacks/ http://www.gss.co.uk/news/article/5043/Home_Office_admits_delays_over_criminalisation_of_DoS_attacks/ Tue, 13 May 2008 09:00:00 +0100 IT Security "Our aim for this trial was to ensure that we continue to meet the growing capacity needs of the high-speed services we deliver," explained Daniel Hennessy, director of technical architecture at Virgin Media. "The live trial demonstrated how Juniper Networks high-performance routers can be used by service providers to leverage existing investments and cost-effectively and efficiently scale th... http://www.gss.co.uk/news/article/5042/Virgin_Media_to_offer_50Gbps_broadband/ http://www.gss.co.uk/news/article/5042/Virgin_Media_to_offer_50Gbps_broadband/ Tue, 13 May 2008 09:00:00 +0100 IT Security The British Educational Communications and Technology Agency (BECTA) filed a complaint with the UK Office of Fair Trading last October, and has now forwarded it to the Commission, it said late Monday. The complaint alleges that Microsoft's behaviour impedes the exchange of files between Office 2007 and competitors' products, and that its licensing practices in the market for software for schools are... http://www.gss.co.uk/news/article/5041/Becta_goes_for_Microsoft_over_Office_incompatability/ http://www.gss.co.uk/news/article/5041/Becta_goes_for_Microsoft_over_Office_incompatability/ Tue, 13 May 2008 09:00:00 +0100 IT Security Advocates of open source software argue that because of the large number of people working on such projects, bugs are quicker to spot and patch.But developer Marc Balmer's efforts have seemingly proved the opposite. He reported the filesystem bug in his blog on Saturday."Much to my surprise, I not only found this problem in all other BSDs or BSD-derived systems like Mac OS X, but also ... http://www.gss.co.uk/news/article/5040/Developer_reveals_25_year_old_software_bug/ http://www.gss.co.uk/news/article/5040/Developer_reveals_25_year_old_software_bug/ Tue, 13 May 2008 09:00:00 +0100 IT Security "This is an on-going campaign, with new domains [hosting the malware] popping up even this morning," said Paul Ferguson , a network architect with anti-virus vendor Trend Micro . "The domains are changing constantly." According to Ferguson, over half a million legitimate websites have been hacked by today's mass-scale attack, only the latest in a string that goes back to at least January. All... http://www.gss.co.uk/news/article/5039/New_attacks_break_500%2C000_websites/ http://www.gss.co.uk/news/article/5039/New_attacks_break_500%2C000_websites/ Tue, 13 May 2008 09:00:00 +0100 IT Security Data Availability and Connect let users move their personal profiles and applications to other websites. "Social is in the air," says Google's director of engineering David Glazer. During a conference call at Google's California headquarters, Mr Glazer told reporters: "Google Friend Connect is about being the 'long tail' of sites becoming more social." "Many sites aren't explici... http://www.gss.co.uk/news/article/5035/Google_helps_the_web_to_go_social/ http://www.gss.co.uk/news/article/5035/Google_helps_the_web_to_go_social/ Tue, 13 May 2008 09:00:00 +0100 IT Security Confidential details on six million people have been stolen from government servers in Chile and published on the internet, local reports claim.The hacker broke into both government and military servers and copied the individuals' ID card numbers, addresses, telephone numbers and academic records into a technology blog, according to El Mercurio, one of Chile's oldest newspapers.The hac... http://www.gss.co.uk/news/article/5038/Chilean_government_servers_breached_by_hacker/ http://www.gss.co.uk/news/article/5038/Chilean_government_servers_breached_by_hacker/ Mon, 12 May 2008 09:00:00 +0100 IT Security The GP, based in Essex, bypassed the security system entirely, The Sun newspaper has reported. He was able to access sensitive medical records, including addresses, without using the special swipe card for authorised access. A spokesperson at Connecting for Health, the NHS department that is running the programme, said the GP had been able to access the system without the card becaus... http://www.gss.co.uk/news/article/5037/GP_logs_into_NHS_Choose_and_Book_without_security_pass/ http://www.gss.co.uk/news/article/5037/GP_logs_into_NHS_Choose_and_Book_without_security_pass/ Mon, 12 May 2008 09:00:00 +0100 IT Security After June 30, all merchants accepting payment card transactions will be expected to either use a specialized firewall for protecting their Web applications or to have completed a Web application software code review for finding and fixing vulnerabilities in these applications. Companies that fail to implement either measure will be deemed to be out of compliance with PCI starting June 30. "M... http://www.gss.co.uk/news/article/5036/Few_expected_to_make_June_30_PCI_deadline_for_Web_application_security/ http://www.gss.co.uk/news/article/5036/Few_expected_to_make_June_30_PCI_deadline_for_Web_application_security/ Mon, 12 May 2008 09:00:00 +0100 IT Security A bigger factor was that this time around, I was prepared. And I've come to see the audit not as a reproach to my work but as a quantitative affirmation of all the things I've been saying we need to do to keep our data safe. Of course, even quantitative results can be misleading, misguided or misconstrued, depending on the expertise of the auditor. And quite often, what most people will look ... http://www.gss.co.uk/news/article/5031/Security_Manager%27s_Journal%3A_Getting_the_best_from_an_audit/ http://www.gss.co.uk/news/article/5031/Security_Manager%27s_Journal%3A_Getting_the_best_from_an_audit/ Mon, 12 May 2008 09:00:00 +0100 IT Security Or is that the bad news? Despite having a reputation as the least vulnerable of Microsoft's operating systems, Vista still managed to record 639 unique vulnerabilities over roughly the last half year, which puts it in a worse position than the ageing Windows 2000, which experienced 586 over the same period. Windows XP, which still accounts for the overwhelming volume of the Windows user base,... http://www.gss.co.uk/news/article/5034/Vista_as_insecure_as_Windows_2000/ http://www.gss.co.uk/news/article/5034/Vista_as_insecure_as_Windows_2000/ Fri, 09 May 2008 09:00:00 +0100 IT Security