Network Security

  • add this feed to my.Alltop
    COMPUTERWORLD: Networking Security
  • Gumblar malware's home domain is active again

    6 Nov 2009 | 3:40 am
    ScanSafe researchers are seeing renewed activity regarding Gumblar, a multifunctional piece of malware that spreads by attacking PCs visiting hacked Web pages.
  • Six Steps to Pull App Security Back to the Future

    5 Nov 2009 | 12:55 pm
    OWASP will host its 2009 AppSec DC conference next week, hoping to arm IT security practitioners with knowledge to improve application security. For a taste of what to expect, organization member Matt Fisher discusses what's wrong with app security today and six ways to make it better.
  • Scramble on to fix flaw in SSL security protocol

    5 Nov 2009 | 12:03 am
    A flaw in the Internet's SSL protocol could be used to hack into SaaS servers, mail servers, databases and other secure applications, security researchers say.
  • FBI warns of $100M cyber-threat to small business

    3 Nov 2009 | 3:20 pm
    Cyberthieves are hacking into small- and medium-sized organizations every week and stealing millions of dollars in an ongoing scam that has moved about US$100 million out of U.S. bank accounts, the FBI warned.
  • Software shields online banking on infected PCs

    3 Nov 2009 | 8:49 am
    A U.K. security company is giving to banks, for free, security software that it says can block malicious software from manipulating online banking transactions or stealing data, even if the computer is infected.
 
  • add this feed to my.Alltop
    Computerworld Security News
  • Switchers Guide: Understanding Mac security

    6 Nov 2009 | 11:21 am
    When it comes to security, using Windows can feel like living in the heart of a big city--the kind of place where you can install all the locks and alarms you want, but you still worry. The vast number of computer users who run Microsoft operating systems form the biggest, juiciest target cybercriminals could dream of. Which is why there are more than twenty-two million unique examples of Windows malware out there.
  • Skype's legal storm clears

    6 Nov 2009 | 10:27 am
    Skype's cofounders, Janus Friis and Niklas Zennstrom, have agreed to transfer ownership of the remaining Skype technology that eBay didn't own, paving the way for eBay to complete its sale of a majority stake in Skype to an investor consortium.
  • Norwegian ISP doesn't have to block Pirate Bay, says court

    6 Nov 2009 | 9:12 am
    Norwegian ISP Telenor doesn't have to block access to file-sharing site The Pirate Bay, according to a ruling from the district court for Asker and Bærum on Friday.
  • Gumblar malware's home domain is active again

    6 Nov 2009 | 3:40 am
    ScanSafe researchers are seeing renewed activity regarding Gumblar, a multifunctional piece of malware that spreads by attacking PCs visiting hacked Web pages.
  • Postini technology to spread across Google Apps

    5 Nov 2009 | 4:23 pm
    The Postini technology that lets Google Apps Premier administrators control their e-mail environments by establishing and enforcing usage policies, rules and parameters will be extended to the other applications of the suite.
  • add this feed to my.Alltop
    Google: Network Security News
  • The state of the industry - SC Magazine US

    6 Nov 2009 | 1:10 pm
    CNN InternationalThe state of the industrySC Magazine USAccordingly, the network security perimeter will continue to be increasingly elastic with security companies having to adapt their wares to protect Cloud computing data security starts with internal strategy, experts saySearchSecurity.comExploring the CloudDirectionsMag.comall 62 news articles »
  • Increase efficiency of industrial Ethernet network - Control Engineering

    6 Nov 2009 | 12:42 pm
    Increase efficiency of industrial Ethernet networkControl EngineeringReliable network security: SSH enhances network security by transferring encrypted data over the Internet. Vincent Liu, product line manager of Moxa's
  • SonicWALL and ConnectWise Raise Bar With Enhanced Integration - CNNMoney.com (press release)

    6 Nov 2009 | 10:16 am
    SonicWALL and ConnectWise Raise Bar With Enhanced IntegrationCNNMoney.com (press release)With GMS 6.0, SonicWALL extends appliance management beyond Network Security and Secure Remote Access to encompass Email Security and Continuous Data Integration Behind Success In 2010Business Solutions Magazineall 14 news articles »
  • SonicWALL Upgrades Email Security System - Dark Reading

    6 Nov 2009 | 10:14 am
    SonicWALL Upgrades Email Security SystemDark Reading further by correlating and analyzing billions of data points from SonicWALL's GRID Network of email, Web and network security solutions in real time.
  • InfoSecter Adds Security Device Support in New Release - Reuters

    5 Nov 2009 | 8:04 am
    InfoSecter Adds Security Device Support in New ReleaseReutersBy continuing to expand security device support, the InfoSecter approach helps a larger audience improve the accuracy of their network security policy and more »
 
  • add this feed to my.Alltop
    Google Online Security Blog
  • Do machines dream of electric malware?

    Panayiotis Mavrommatis
    29 Oct 2009 | 3:17 pm
    Posted by: Oliver Fisher, Anti-Malware TeamWe've explored Google's anti-malware processes several times recently, as well as our efforts to work with webmasters to help protect their users. However, there's been some confusion about the objectivity of our scanning and flagging procedures.Google uses fully automated systems to scan the Internet for potentially dangerous sites. These systems help detect sites infected with malware and then add a warning that appears in Google search results and in many web browsers. We flag sites in this way to help protect users who might visit them. The…
  • Best Practices for Verifying and Cleaning up a Compromised Site

    Panayiotis Mavrommatis
    22 Oct 2009 | 10:38 am
    Written by Panayiotis Mavrommatis, Security Team As part of Cyber Security Awareness Month, Google's Anti-Malware Team is publishing a series of educational blog posts inspired by questions we've received from users. October is a great time to brush up on cyber security tips and ensure you're taking the necessary steps to protect your computer, website, and personal information. For general cyber security tips, check out our online security educational series or visit http://www.staysafeonline.org/. To learn more about malware detection and site cleanup, visit the Webmaster Tools Help Center…
  • Protecting Users and Ads from Malware

    Jay
    16 Oct 2009 | 2:05 pm
    Posted by Eric Davis, Head of Anti-MalvertisingAs part of Cyber Security Awareness Month, we're highlighting cyber security tips and features to help ensure you're taking the necessary steps to protect your computer, website, and personal information. For general cyber security tips, check out our online security educational series or visit http://www.staysafeonline.org/.At Google, we always aim to provide users with useful, relevant information. Readers of this blog know that we also work hard to detect malicious content on the web and protect users from harm. But did you know that we strive…
  • Show Me the Malware!

    Panayiotis Mavrommatis
    12 Oct 2009 | 3:53 pm
    written by Lucas Ballard, on behalf of the Anti-Malware, Anti-Malvertising, and Webmaster Tools teamsAs part of Cyber Security Awareness Month, we're highlighting cyber security tips and features to help ensure you're taking the necessary steps to protect your computer, website, and personal information. For general cyber security tips, check out our online security educational series or visit http://www.staysafeonline.org/. To learn more about malware detection and site cleanup, visit the Webmaster Tools Help Center and Forum.To help protect users against malware threats, Google has built…
  • The Malware Warning Review Process

    Panayiotis Mavrommatis
    9 Oct 2009 | 10:38 am
    written by Lucas Ballard and Ke Wang, Anti-Malware TeamAs part of Cyber Security Awareness Month, Google's Anti-Malware Team is publishing a series of educational blog posts inspired by questions we've received from users. October is a great time to brush up on cyber security tips and ensure you're taking the necessary steps to protect your computer, website, and personal information. For general cyber security tips, check out our online security educational series or visit http://www.staysafeonline.org/. To learn more about malware detection and site cleanup, visit the Webmaster Tools Help…
  • add this feed to my.Alltop
    Security Watch
  • iTunes Turns the Volume Down on Windows Autorun Security

    6 Nov 2009 | 4:04 pm
    Microsoft recently made an extraordinary move, unusual for any company, but especially for them: They removed features from Windows. Specifically, they removed support for Autorun on writeable media. Windows 7 shipped with this new lack of functionality and it was back-ported to Vista and XP. This was done, of course, in the name of security, after whole families of malware emerged to take clever advantage of Autorun in order to execute themselves on removable media and across networks. The most famous, and probably the last straw, was Conficker, which added Autorun support in the C variant…
  • Malwarebytes Claims IObit Copied Code

    6 Nov 2009 | 3:02 pm
    Malwarebytes said it plans to file suit against IObit, a Chinese antivirus vendor, for allegedly copying code used in Malwarebytes products. In an IObit forum post, Malwarebytes claims that it came across an antivirus signature for a keygen used to illegally unlock Malwarebytes' paid software, coded as Don't.Steal.Our.Software.A"Why would IOBit detect a keygen for our software and refer to it using our database name?" the company wrote in a blog post. "We quickly became suspicious. Either the forum post was fraudulent or IOBit was stealing our database. "So we dug further. We accumulated more…
  • What do AVGFree, Natalie Portman and John Cenas Have in Common?

    6 Nov 2009 | 1:25 pm
    Roger Thompson of AVG is blogging about fraudulent Twitter IDs, one of which (AVGfree) uses their trademarks. The others include NataliePortmanS and JohnCents5. Some of these Twitter IDs have links that send you to sites that push malware, some to harmless, but unrelated sites. It's all dishonest, especially when they are besmirching someone else's name. Thompson says that AVG has been trying to get Twitter to deal with the AVGfree problem for a while, but no dice. I just checked and it's still alive. Beware. Make no assumptions on Twitter that someone's looking out for you.
  • Sophos Tests Show Windows 7 Still Needs Anti-Malware (Duh!)

    6 Nov 2009 | 12:38 pm
    Test results published by Sophos show that Windows 7's (UAC) User Account Control does not prevent execution of 8 of 10 malware samples they chose. The conclusion: Windows 7 still needs anti-malware protection. I hesitated to write about this for a while because it's such a phony story. Nobody ever claimed that Windows 7 didn't require anti-malware or that UAC, per se, stops malware from executing. Furthermore, details of the tests and the malware selected are lacking in Sophos's write-up. Clearly, at least some of the malware samples are rogue anti-malware of the sort I wrote of recently,…
  • Mossad Hacked Syrian Official's Computer Before Bombing Mysterious Facility

    6 Nov 2009 | 9:25 am
    There's an old truism about computer security: If you have no physical security, you have no security at all. A story in Der Spiegel, described here in Wired, illustrates the point well. According to the story, in late 2006 a senior Syrian government official was staying at a hotel in London and left his notebook computer in his room. This gave Israeli agents the opportunity to plant malware on the computer. It was this malware which gave the Israelis the information they needed to locate and destroy the Al Kabir complex in eastern Syria, said to be an illicit nuclear facility. The computer…
 
  • add this feed to my.Alltop
    SearchSecurty: Tactics
  • Preventing SQL injection attacks: A network admin's perspective

    3 Nov 2009 | 5:32 am
    Your database administrators and application developers should certainly be following best practices to avoid SQL injections, but Michael Cobb explains how network admins can do their part to fight those security exploits.
  • Screencast: How to launch an OpenVAS scan

    27 Oct 2009 | 7:26 am
    In this screencast, Peter Giannoulis demonstrates the OpenVAS Linux/Unix-based assessment and penetration testing tool.
  • Endpoint protection best practices manual: Combating issues, problems

    20 Oct 2009 | 5:32 am
    In this endpoint protection best practices manual, you will learn how to employ effective endpoint security controls, technologies and policies, and well as defining methods and techniques for developing a multilayered defense system. This guide also highlights best practices for installing endpoint protection systems and information on endpoint protection product costs and pricing information.
  • Wireless network guidelines for PCI DSS compliance

    18 Oct 2009 | 9:00 pm
    The PCI Security Standards Council recently released additional guidance for WLANs, but do they make the compliance process easier? Contributor Ben Rothke examines the key points of the new guidelines and offers additional advice for organizations with existing Wi-Fi networks.
  • Aligning network security with business priorities

    6 Oct 2009 | 5:58 am
    Too often, network security administrators have their security budget requests nixed by executives because they weren't able to align their requests with business priorities. In this tip, learn how to make sure your security and business priorities mesh.
  • add this feed to my.Alltop
    Martin McKeay: Network Security
  • Good luck, Alan

    netsecpodcast@mckeay.net (Martin McKeay)
    5 Nov 2009 | 5:07 am
    Nine years at one company is almost longer than my entire career in information security.  But that’s how long Alan Shimel was at StillSecure.  Was being the operative word, since Alan has announced that he’s left the company and will be moving on to something new.  He’s not exactly sure what that is yet, but I’m sure Alan will be a valuable resource where ever he ends up.  He’s taking some time off to collect his thoughts and spend time with family, both of which are things I definitely consider time well spent. Thanks the Alan and Mitchell…
  • I’ll do anything! Absolutely anything!

    netsecpodcast@mckeay.net (Martin McKeay)
    4 Nov 2009 | 8:49 pm
    I love my children, I really do.  Especially when they remind me of some of the life lessons I learned long ago but have forgotten from my conscious mind.  And even more importantly when those life lessons are the same lessons that can be applied to the job I do on a daily basis.  Let me tell you a short story and how that relates to security in general and PCI specifically. As we all know, Halloween was only a few days ago and many of us have large bowls filled with candy sitting around the house.  My house is no different and like many other parents, we’ve tried…
  • The Network Security Podcast, Episode 172

    netsecpodcast@mckeay.net (Martin McKeay)
    3 Nov 2009 | 4:59 pm
    “The Episode that almost Wasn’t”  It’s been a day.  Shortly before we were scheduled to start, there was a pop and the power went out at Martin’s house.  Rich has issues of his own to deal with.  And Zach is … somewhere.  It was only because the local electric company responded quickly for the first time I can remember were we able to squeeze in a podcast recording between emergencies.  And now that we’ve recorded and posted, it’s time to put our noses back to the grindstone and work for a couple more hours. Network…
  • Turn off SSH on your jailbroken iPhone!

    netsecpodcast@mckeay.net (Martin McKeay)
    3 Nov 2009 | 6:17 am
    Jailbreaking an iPhone unlocks some very useful features that the iPhone is lacking and gives you the control over your device that you should have in the first place.  Just getting access to the xGPS project and it’s turn by turn directions has been more than enough reason for my friend Bob to jailbreak his phone multiple times.  But as Uncle Ben once told Peter Parker, “With great power comes great responsibility.”  Apple locked down the iPhone in part to protect users from the bad guys out there and if you’re in the Netherlands with a jailbroken…
  • The Reality Behind Facebook Ads

    netsecpodcast@mckeay.net (Martin McKeay)
    2 Nov 2009 | 5:55 am
    Micheal Arrington sure knows how to stir up a crap storm.  Saturday he started bringing to light the amount of scamming and dishonest practices behind ads and games on Facebook and MySpace.  I’m pretty sure that the people who think the ads are legitimate are in the minority, but even I was stunned by the sheer magnitude of the money changing hands behind the scenes.  I assume part of why I was unaware of the issue is my own limited of use of Facebook and complete refusal to visit MySpace.  Sure, there are rules that try to limit the scams, but the reality is that…
 
  • add this feed to my.Alltop
    Security Fix
  • Poking at Google's new privacy Dashboard

    6 Nov 2009 | 10:40 am
    Google this week unveiled a new feature called Dashboard, intended to give users a way to view -- and in modest ways limit -- the breadth of information the search giant collects about our online lives. To check out Dashboard, browse to this link, and sign in to your Google account. From there, you can manage which Google Documents you're sharing, edit your Gchat history, or clear out items from your Web search history, among other tasks. Google said it was launching the service "to provide users with greater transparency and control over their own data." The reaction from privacy experts has…
  • Updates for Adobe's Shockwave, Sun's Java

    5 Nov 2009 | 7:54 pm
    Sun Microsystems has issued an update to its Java software that fixes at least one security vulnerability. Separately, Adobe is pushing out a patch to plug four security holes in its Shockwave Player. The Sun patch brings Java 6 to version 17. If you're not sure whether you have Java or what version you may be running, visit this page and click the "Do I have Java?" link. If you don't have Java, you probably don't need it. If you do have it, make sure you've got this latest version. To update from within Java, open the Windows control panel, click the Java icon, then at the tab marked Update…
  • SnapNames: Former exec. bid up domain prices

    4 Nov 2009 | 2:10 pm
    SnapNames, the largest reseller of Web site names, Wednesday alleged that a former top executive secretly bid on tens of thousands of domain name auctions over the past four years, driving up costs for other bidders and enriching himself in the process. SnapNames owner Oversee.net said it learned about a month ago that the executive had been bidding on its domain auctions in violation of company policy that bars employees from doing so. Mason Cole, vice president of Oversee corporate communications, said the executive was dismissed Monday. The company Wednesday began notifying affected…
  • Business e-banking and the 6-figure password

    4 Nov 2009 | 11:40 am
    On Monday, Security Fix featured the story of Ronnie Cutshall, a Tennessee man who was caught up in an international money laundering scam after being recruited through a work-at-home job offer. That story mentioned that Cutshall received a $9,600 transfer from a company called American Realty, but that I didn't have any luck in tracking down the victim company. Today the American Realty company affected by that scam contacted me after reading my story (turns out they're located in Shalimar, Fla., not Georgia, as I had previously thought). A few weeks ago, an American Realty employee clicked…
  • Spike in Social Media Malware, Phishing Attacks

    4 Nov 2009 | 9:30 am
    E-mail scams targeting users of social media sites like Twitter and Facebook are blurring the lines between traditional phishing attacks and those designed to plant password-stealing malicious software on the victim's PC. For the past week, scammers have been blasting out e-mails that at first glance appear to be run-of-the-mill phishing scams aimed at stealing user names and passwords from Facebook users. The messages urge recipients to "update" their information by clicking a provided link and entering their Facebook user name and password at a counterfeit Facebook login page. Facebook…
  • add this feed to my.Alltop
    SearchNetworking
  • Enterprises demand next-generation firewalls with IPS, app visibility

    29 Oct 2009 | 8:58 am
    Next-generation firewalls are getting plenty of hype, but not many vendors have completely solved the firewall architecture challenges involved in combining firewalls with IPS and other network security functions.
  • Network user management

    14 Oct 2009 | 2:41 pm
    While networking professionals protect their network perimeters, they must be just as careful to manage users on the inside. How can admins enforce network security policies and allocate user permissions? Take a look at these problem user profiles to guide you in network user management.
  • Desktop virtualization network challenges: A primer

    13 Oct 2009 | 2:38 pm
    Virtual desktop infrastructure is seeing speedy uptake, but desktop virtualization network challenges mean investing in load balancing, traffic prioritization and even more bandwidth to support real-time applications to the desktop.
  • Preventing hacker attacks with network behavior analysis IPS

    13 Oct 2009 | 5:43 am
    Deter enterprise network attacks by learning how network behavior analysis can be used to protect data. Understand the advantages and disadvantages of anomaly-based and signature-based protection and how to use them together to secure your network against complex hacks.
  • Network security risks multiply when enterprises begin outsourcing

    7 Oct 2009 | 8:45 am
    Network security risks of outsourcing tech jobs worry IT executives, according to a new survey. Without the right protections, outsourcing could expose companies to a network security breach.
 
  • add this feed to my.Alltop
    Techworld.com Security
  • Gumblar malware attack surges again

    6 Nov 2009 | 4:48 am
    Malware hijacks Google searches to infect PCsScanSafe researchers are seeing renewed activity regarding Gumblar, a multifunctional piece of malware that spreads by attacking PCs visiting hacked Web pages.
  • Mcafee unveils Email and Web Security Appliance 5.5

    6 Nov 2009 | 4:38 am
    Appliance integrates McAfee's cloud-based global threat intelligenceMcAfee has announced the introduction of McAfee Email and Web Security Appliance 5.5 to help protect customers against the latest email and Web-borne threats, manage Web and email traffic and usage, and reduce system administration requirements. Designed for small and mid-sized businesses (SMBs), the solution would provide email and web security in a single, integrated appliance, said the company.
  • Google Apps adds Postini security software

    6 Nov 2009 | 3:59 am
    Postini policy enforcement layer moves beyond GmailThe Postini technology that lets Google Apps Premier administrators control their e-mail environments by establishing and enforcing usage policies, rules and parameters will be extended to the other applications of the suite.
  • Microsoft left Windows 7 open to hackers, says Sophos

    6 Nov 2009 | 3:30 am
    'Neutered' UAC misses 7 of 8 trojansMicrosoft's decision to reduce the number of annoying security messages that Windows 7 delivers when users install software makes the new operating system more vulnerable to malware infection than Vista, a researcher said today.
  • Another vendor offers iPhone authentication for e-banking

    6 Nov 2009 | 12:02 am
    Vasco follows RSA and Verisign in security app.Vasco Data Security is set to bring its Digipass product, used for two-factor authentication, to the iPhone and iPod Touch.
  • add this feed to my.Alltop
    Speaking of Security
  • RSA and VeriSign: forward together into the Cloud

    5 Nov 2009 | 4:00 pm
    RSA and VeriSign have come a long way over the last 15 years.  From a close origin to distant extremes, we are now going into a mature relationship with one another.  I can’t speak to everything that has gone before, but the two companies have evolved very differently while interacting positively and negatively over the years.
  • Evolution of Authentication

    4 Nov 2009 | 4:00 pm
    In the old days, authentication was people seeing people. You could spot someone and come to a decision as to whether they were who they claimed to be on the basis of things that you could discern with your five senses (mostly vision, hearing and scent).
  • Speaking of Security Podcast #167

    2 Nov 2009 | 4:00 pm
    Click to Download/Listen This week's Speaking of Security podcast features a discussion on the use of social media by the US government. Mischel Kwon, VP of Public Sector Security Solutions for RSA and a former Director for the US Department of Homeland Security is our guest.
  • The Blame Game: Security and Responsibility

    21 Oct 2009 | 5:00 pm
    “All the money I had is gone. I can weep and I can cry, I can wonder why.”* Recently a story came to light about a bank being sued by one of its customers after their account was hacked into by cybercriminals.  The customer is claiming that their bank failed to notice the suspicious transactions that drained their bank account.  
  • The Year of PKI is Here!

    21 Oct 2009 | 5:00 pm
    It’s 2009, and someone just asked me “is this the year of PKI?” I thought this was an old joke, but they were in earnest. Certificates are one of those things that many people fell in love with for their elegance and the promise that they could extend trust in many new directions.
 
  • add this feed to my.Alltop
    Hot Security News
  • BitDefender Top Ten Malware Threats for October 09

    3 Nov 2009 | 12:55 pm
    The top spot on BitDefender's Top Ten list of e-threats for October is once again Trojan.Clicker.CM, which is mostly present on websites hosting illegal applications such as cracks, keygens and serial numbers for popular commercial software applications. It is typically used to force advertisements inside the browser and comprises 9.47 percent of infected files this month.
  • Nov. 09 Microsoft Security Intelligence Report

    3 Nov 2009 | 12:29 pm
    Microsoft Corp. today released the seventh volume of the  (SIRv7), which indicates that worm infections in the enterprise rose by nearly 100 percent during the first half of 2009 over the preceding six months. Rogue security software remains a major threat to customers; however, 20 percent fewer customers were affected by rogue infections during the past six months.
  • StopSign AntiVirus and Anti-Malware is Windows 7 Compatible

    7 Oct 2009 | 1:19 pm
    The engineers at StopSign™ have updated their state-of-the-art malware and spyware Internet security programs to ensure they are Windows 7 compatible, even before the highly anticipated operating system hits the market for purchase by the general public. StopSign™, one of the leaders in antivirus and malware/spyware protection, is proud to announce its Internet security software is now Windows 7 compatible.
  • New Outlook Backup and Migration Software By Disk Doctors

    7 Oct 2009 | 1:11 pm
    Disk Doctors Smart Email Backup helps users to easily migrate Outlook emails along with all its settings &attributes to a newer version of Outlook or migrating Outlook from Windows XP/Windows Vista to Windows 7. Along with migration this tool provides a very simple complete Outlook Backup mechanism.
  • Microsoft Security Essentials, FREE Security Tool Just Released

    30 Sep 2009 | 2:20 am
    Microsoft Security Essentials, Microsoft Corp.’s new no-cost, core anti-malware service that helps protect consumers against viruses, spyware and other malicious software, is available starting Tuesday, Sept. 29. Microsoft Security Essentials, independently certified by West Coast Labs, is backed by the company’s global security response team and is built on the same award-winning core security technology found in the company’s security solutions for businesses. It requires no registration, trials or renewals and is available for download directly from Microsoft at…
  • add this feed to my.Alltop
    eWeek: Security
  • 10 Essential Third Party Security Apps for Windows 7

    6 Nov 2009 | 12:55 pm
    Now that users have their hands on Windows 7, it's time to secure it. They could always use solutions from Microsoft, like Security Essentials, but in many cases, third-party applications do a much better job of ensuring a system is kept secure. Third-party security apps for Windows 7 can be free or paid. In either case, users can find effective security applications to keep their data more secure. However, it's important to remember that some apps are more effective than others and that in no way can all of these applications keep the user's data totally secure. But the first step is to find…
  • Senate Committee Passes Data Breach Laws

    5 Nov 2009 | 3:20 pm
    The U.S. Senate Judiciary Committee passes two bills that establish federal guidelines for data breach notifications. - Two sweeping bills that would set new standards for data breach notifications made their way out of the Senate Judiciary Committee Nov. 5. The committee voted yes on the Personal Data Privacy and Security Act of 2009 (S.1490) and the Data Breach Notification Act (S.139). The vote means the bill...
  • Critical Windows Security Bulletins on Tap for Patch Tuesday

    5 Nov 2009 | 12:16 pm
    Microsoft is releasing six security bulletins next week as part of Patch Tuesday. Three of the bulletins address Windows security issues Microsoft has rated critical. - Microsoft will release six bulletins next week for Patch Tuesday, including three critical bulletins focused on Windows security. All totaled, 15 security vulnerabilities will be fixed in this release. Besides the critical Windows bulletins are three others rated quot;important. quot; Among t...
  • House Panel Approves Cyber-security Awareness Act

    5 Nov 2009 | 10:19 am
    Legislation would mandate that National Institute of Standards and Technology develop a plan to ensure cyber-security coordination within the U.S. government. - A U.S. House subcommittee approved Nov. 4 the Cybersecurity Coordination and Awareness Act, legislation that would require NIST (National Institute of Standards and Technology) to develop and implement a plan to ensure coordination within the U.S. government with regard to the development of i...
  • FBI: Online Banking Attacks Reach $100 Million Mark

    5 Nov 2009 | 8:02 am
    In an intelligence note, FBI officials say a mix of banking Trojans and phishing attacks has plagued victims - mainly public institutions and small and midsize businesses - to the tune of $100 million in attempted losses as of October. - Malware and phishing schemes targeting online bankers have spurred a jump in Automated Clearing House (ACH) fraud that has led to $100 million in attempted losses as of October, according to the FBI. In an intelligence note released earlier this week by the Internet Crime Complaint Center (IC3)...
 
  • add this feed to my.Alltop
    Security Watch
  • Napatech announces WinPCAP support

    Napatech recently released WinPCAP support on its intelligent real-time network adapters. WinPCAP is an additional feature to the previously released Windows driver, believed to be the world’s fastest Windows driver for Ethernet applications. The same packet capture feature set and high performance can now be supported across Windows, Linux and ...
  • CREDANT Technologies Reports Strongest Quarter Ever

    CREDANT Technologies, the market leader in endpoint data protection solutions today announced their best quarterly revenue bookings in the history of the company. CREDANT enjoyed great success across the board in achieving these numbers, and particular success internationally, where they recorded 577% growth compared with the same quarter last ...
  • 356 big reasons for UK CIOs to switch to encrypted drives revealed

    Reports that UK chief information officers reported a whacking 356 data loss incidents in the last 12 months - approaching double that of the year previous - should sent shivers down the spine of any self- respecting IT security professional, says Andy Cordial, managing director of Origin Storage, the storage ...
  • Finjan says controlled access Web portals now prime target of cybercriminals

    As news of the Guardian web site hack broke on Sunday, Finjan, the business Internet security specialist, said that identity information on consumers and companies continues to be a prime target for criminal hackers. "As we identified back in May of last year (http://preview.tinyurl.com/ykml7ef) - when our researchers discovered a ...
  • Finjan warns companies as China prepares for cyber-espionage

    A report commissioned by a US Congressional advisory panel monitoring the security implications of trading with China has warned that China has started spying on the US government and major companies. And, says Finjan, the business Internet security specialist, now is the time for companies to start beefing up their ...
  • add this feed to my.Alltop
    Network Security Podcast
  • The Network Security Podcast, Episode 172

    rmogull
    3 Nov 2009 | 4:55 pm
    “The Episode that almost Wasn’t”  It’s been a day.  Shortly before we were scheduled to start, there was a pop and the power went out at Martin’s house.  Rich has issues of his own to deal with.  And Zach is … somewhere.  It was only because the local electric company responded quickly for the first time I can remember were we able to squeeze in a podcast recording between emergencies.  And now that we’ve recorded and posted, it’s time to put our noses back to the grindstone and work for a couple more hours. Network…
  • The Network Security Podcast, Episode 171

    martin
    27 Oct 2009 | 8:32 am
    Before we proceed with the show notes, may we please have a moment of silence for the passing of Geocities, the last refuge of the blink tag. (The rest of the show is all about security stuff, and we even have all three of us on together again, but I’m just too chocked up over the death of Geocities for proper show notes. It was as if a million cheesy fan sites cried out, and were suddenly silenced.) This really is Episode 171, even if I called it 170 at the beginning of the podcast – Martin Network Security Podcast, Episode 171Time:  38:54 Show Notes: Rapid7 Acquires…
  • Network Security Podcast, Episode 170

    martin
    20 Oct 2009 | 8:02 pm
    For the first time in a long time, Martin, Rich, and Zach are all together on the podcast. Sorry we missed last week, but we’ve all been dealing with job changes (Zach and Martin) or vacations in tropical paradises (Rich). After a brief wandering to talk about Halloween preparations, we get back on topic and catch up with some new stories, and a few from the week we missed. We talk about the evolution of security professionals, tokenization, and how the Danger/Sidekick thing had nothing to do with cloud computing. Network Security Podcast, Episode 170Time:  34:12 Show Notes: Josh…
  • Network Security Podcast, Episode 169

    martin
    6 Oct 2009 | 4:28 pm
    Rich is spending a well earned vacation with his wife somewhere south of the border.  Normally this means I’d get in touch with Zach, but this week he’s north of the border at SecTor.ca.  With any luck, Zach will be able to pick up a few interviews with some of the cool kids who got to go play in Toronto.  In the mean time I was left to fend for myself and called upon one of the people who got me involved in podcasting to begin with, George Starcher.  While George no longer has his own podcast, he’s a regular on the Typical Mac User Podcast, but is…
  • The Network Security Podcast, Episode 168

    rmogull
    29 Sep 2009 | 5:06 pm
    Despite a short discussion of Rich’s paranoia in the opening of the show, we mostly play it straight and stick to the security news. We found a few interesting stories this week, and the major theme seems to be “stupidity”. On one side is a prison that let an inmate reprogram their computer system, on the other a money-mule for scams that thought sending money-grams to foreign countries was a legitimate “work at home” job. Sigh. Network Security Podcast, Episode 168 Time:  29:53 Show Notes: Inmate locks staff out of prison computers. Multiple levels of hilarity…
 
  • add this feed to my.Alltop
    Tenable Network Security
  • Video: Web App Scanning With Credentials Using Nessus

    Paul Asadoorian
    5 Nov 2009 | 5:00 am
    Scanning web applications that require credentials can be a bit tricky as different applications may handle the authentication process in different ways. Nessus has configuration options that will allow you to define the authentication parameters for each application. Nessus also allows users to define pages that are not to be accessed during the web mirroring process, such as "logout.php", which prevents Nessus from being logged out of the application. We have produced a video demonstration that walks you through configuring authentication for your web application Nessus scans: You can also…
  • Video: Tenable Appliance Installation & Configuration

    Paul Asadoorian
    4 Nov 2009 | 5:00 am
    The Tenable Appliance is an easy way to get up and running quickly with Tenable products such as Nessus and Security Center. The Tenable Appliance is a virtual machine image that is compatible with: VMware ESX versions 3.5 and older vSphere/etc. 4.0 versions VMware Player, Server, Workstation and Fusion. We have produced a video demonstration that walks you through installation and configuration of the appliance: You can also find a full size version of the above video on the Tenable YouTube Channel. The Tenable Appliance is available for download in the customer support portal for all…
  • Tenable Network Security Podcast - Episode 10

    Paul Asadoorian
    2 Nov 2009 | 7:51 am
    Welcome to the Tenable Network Security Podcast - Episode 10 Announcements New blog post "Defeating Zombies: Five Ways To Improve Defenses" Tenable placed 270th on the Deloitte Fast 500 2009 list, Nessus was awarded a Silver "Reader's Choice" award from Information Security Magazine, and another "Reader's Choice" award from WindowsSecurity.com We're hiring! - Visit the web site for more information about open positions, there are currently 14 open positions! We also have a new Facebook Group called Tenable Security Is Hiring where you can go to get more information about open positions…
  • Defeating Zombies: Five Ways To Improve Defenses

    Paul Asadoorian
    30 Oct 2009 | 6:29 am
    Defeating Zombies Attackers have a number of avenues leading directly into your network, and more importantly, into your data. Each week I read about new data losses, phishing scams and the release of hundreds of new vulnerabilities and exploits. Organizations are employing a rear guard action that is not necessarily tuned to today's attack techniques. Tried and true defensive measures such as firewalls, anti-virus software, Intrusion Detection Systems provide "operational security", but even if this is running flawlessly, it is typically not enough. Security programs need to evolve with the…
  • Interview with Ron Gula, CEO of Tenable Network Securitry

    Ron Gula
    29 Oct 2009 | 3:54 pm
    I recently had the chance to be interviewed by a student from the John's Hopkins University Information Security Institute. The questions cover a wide variety of topics including hacking trends, certifications, penetration testing, compliance and patch management.
  • add this feed to my.Alltop
    Team Cymru Internet Security News
  • Creator of Space Invaders game alleged to be a 'Trojan' hits back at Symantec criticism

    7 Nov 2009 | 3:11 am
    "The creator of the Space Invaders game that was categorised as a Trojan by Symantec has hit back at claims that it is malware. Speaking with SC Magazine, Lose/Lose' creator Zach Gage claimed that he was aware and actually happy that anti-virus vendors were detecting Lose/Lose as malware, even though Lose/Lose actually is not malware, since malware means maliciously designed software, and Lose/Lose was never designed to intentionally hurt people. He described Lose/Lose as simply potentially dangerous software', and said: A lot of companies have decided it was malware, which I'm…
  • Internet provider is latest Twitter hack victim

    7 Nov 2009 | 1:48 am
    "Australian internet provider BigPond has become the latest internet company to be targeted by hackers on Twitter, after one of its accounts was hijacked as part of a phishing scam. The company, a subsidiary of Sydney-based telecommunications giant Telstra, said that the BigPondTeam Twitter account - which is used to provide information and support to customers - had been infiltrated by unknown criminal and used to trick users into handing over their passwords...."
  • Poll: Cloud Computing Has Financial Benefits, Security Concerns

    7 Nov 2009 | 1:17 am
    "A majority of executives polled by Deloitte (60. 9 percent) believe cloud computing will be a transformative technology in the industry and can drive financial benefits, or at least be useful for certain kinds of enterprise services. The executives were polled recently during the Deloitte webcast, "Cloud Computing in the Enterprise: Not If, But When and How?"Cloud computing enthusiasm was somewhat tempered by executives' concern over security and privacy, as 34...."
  • Spain And United States Top Global Ranking Of Bot-Infected Computers

    7 Nov 2009 | 1:11 am
    "Panda Security, the Cloud Security Company, today announced that PandaLabs, the company's laboratory for detecting and analyzing malware, revealed that Spain, with an alarming 44. 49 percent, tops the global ranking of computers that are infected with bots. These programs, once they have infected a computer, allow hackers to take remote control of the system and carry out a series of actions including sending spam and downloading viruses, worms and Trojans, etc...."
  • T-Mobile users still reeling from outage

    7 Nov 2009 | 12:46 am
    "T-Mobile customers are still seething after a major outage on Tuesday that left many people across the country unable to text and call their friends and business associates. The outage, which started Tuesday afternoon and lasted through the evening before being resolved, affected a wide swath of users, though T-Mobile said that only 5 percent of customers were affected. T-Mobile has yet to say what caused the problems...."
 
  • add this feed to my.Alltop
    Google: Internet Security News
  • Secret net security flaw exposed by accident - TechRadar UK

    6 Nov 2009 | 10:27 pm
    Earthtimes (press release)Secret net security flaw exposed by accidentTechRadar UKBy J Mark Lytle, Tokyo An unusual cloak-and-dagger operation being run by internet security experts has been exposed this week, after details of a flaw in Indiscreet tweet trips awareness of Web SSL vulnerabilityBetaNewsSerious SSL Vulnerability FoundInformationWeekCrippling SSL vulnerability discoveredFierceCIORegister -V3.co.uk -Dark Readingall 60 news articles »
  • Join the Internet security fan club - New Straits Times

    6 Nov 2009 | 6:28 pm
    Join the Internet security fan clubNew Straits TimesThe virtual club (www.kklub.net/) established by Kaspersky Lab, a developer of secure content management systems, deals with Internet security and antivirus
  • Kaspersky Labs introduces Mac security package - iTWire

    6 Nov 2009 | 3:29 pm
    Digital Post ProductionKaspersky Labs introduces Mac security packageiTWireInternet security stalwart Kaspersky Labs has introduced Anti-Virus for Mac. The company is recommending it especially for mixed-platform Sahara enters into strategic partnership with AfricaSD in bringing Kaspersky ITWebAnti-Virus For MacTidBITSKaspersky Lab Releases Antivirus AppPC WorldDigital Post Production -Market Wire (press release) -MacNNall 28 news articles »
  • 10 Essential Third Party Security Apps for Windows 7 - eWeek

    6 Nov 2009 | 1:00 pm
    10 Essential Third Party Security Apps for Windows 7eWeekmcafee enjoys a long tradition of providing security software for Windows. Its mcafee Internet Security, which costs $69.99 per year, addresses the vast
  • Verizon Expands Fast, Affordable DSL-Enabled High Speed Internet Service to ... - Reuters

    5 Nov 2009 | 9:02 am
    Verizon Expands Fast, Affordable DSL-Enabled High Speed Internet Service to ReutersThe company's popular Verizon Internet Security Suite (VISS) provides comprehensive online protection from spyware and viruses for as little as $5.99 a Verizon high-speed Internet expandsDaily Mail - Charlestonall 16 news articles »
  • add this feed to my.Alltop
    CyberInsecure.com
  • Windows 7 Default UAC Bypassed By 8 Out Of 10 Malware Samples

    CyberInsecure
    5 Nov 2009 | 9:20 pm
    A recently conducted test by malware researchers reveals that eight out of ten malware samples used in the test, successfully bypassed Windows 7’s default UAC (user access control) settings. The findings were also confirmed by a separate test done by another company, with an emphasis on how one of the most popular scareware variants bypassed [...]
  • Jailbroken Dutch iPhones Compromised, $5 Ransom Demanded From Users

    CyberInsecure
    5 Nov 2009 | 1:35 pm
    Yesterday, a message popped up on the screens of a large number of automatically exploited Dutch iPhone users, demanding $4.95 for instructions on how to secure their iPhones and remove the message from appearing at startup. The message said: “Your iPhone’s been hacked because it’s really insecure! Please visit doiop.com/iHacked and secure your phone right [...]
  • Facebook, MySpace Backdoor Exposed User Accounts

    CyberInsecure
    5 Nov 2009 | 1:27 pm
    Facebook and MySpace have closed gaping security holes in their sites that gave attackers full access to accounts that had automatic-login features enabled. The vulnerabilities were significant. Because the unauthorized access would be mapped to the victim’s IP address and website cookie, the intrusions would be virtually untraceable. Attackers were then free to upload photos and [...]
  • Swedish Signals Intelligence Agency Taken Offline By A Massive DDoS Attack

    CyberInsecure
    5 Nov 2009 | 1:24 pm
    The website of the Swedish Signals Intelligence agency (Försvarets Radioanstalt, or FRA) was taken offline by a massive DDoS attack this week. Fra.se was intermittently inaccessible from Monday night until Thursday morning, when full service was restored. The agency was in the news recently after Swedish legislators passed a law allowing FRA to tap internet communications [...]
  • Privacy Dashboard Service Launched By Google

    CyberInsecure
    5 Nov 2009 | 1:18 pm
    Google has launched a Dashboard service that’s designed to show how much the search engine giant knows about its users online activities. The service (http://www.google.com/dashboard) provides a summary of data associated with a specified Google account. Users gain the ability to view and manage data, which ranges from search engine queries and emails sent through Gmail [...]
 
  • add this feed to my.Alltop
    SecurityProNews: Internet Security
  • Nigeria Announces Early Results Of Anti-Scammer Initiative

    No one's sure how many there are to go, but according to a Nigerian official, there are about 800 scam email addresses and 18 criminals that can be considered "down." Mrs. Farida Waziri, the chairperson of a government agency, announced that some shutdowns and arrests occurred thanks to an initiative called Project Eagle Claw.Nigeria Announces Early Results Of Anti-Scammer Initiative Nigeria's Economic and Financial Crimes Commission is the force behind Project Eagle Claw, and with Microsoft's help, has just started ramping it up. Waziri explained in a statement, "We expect that Eagle Claw as…
  • MessageLabs Names Most- (And Least-) Spammed States

    When considering where to live, it's wise to look up stats about an area's climate, the cost of living, and its proximity to other important stuff in your life. Symantec's MessageLabs recently supplied some information about your odds of getting spammed, too.MessageLabs Names Most- (And Least-) Spammed States Somewhat surprisingly, the states you might imagine as being the "most wired" - California, New York, Washington - weren't at the top of the list. Instead, the state in which spam represents the highest percentage of all emails received is Idaho, with 93.8 percent. In an email to…
  • Enormous Malware Archive Creates Stir

    A Dutch company known as the Frame4 Group has created what's almost the computing equivalent of a Center for Disease Control lab. The Malware Distribution Project is, according to its own site, the "world's biggest private malware archive." Enormous Malware Archive Creates Stir Don't jump to the conclusion that the project's run by a bunch of supervillains; the malware samples are supposed to be "offered for the purposes of analysis, testing and malware research." Also, customers are screened, and a monthly access fee of about $1,235 should act to keep out some of the riffraff. It actually…
  • Avsim Hacker (Maybe) Brought Before Cops

    Perhaps people who like to spend their spare time in the cockpits of imaginary F-16s should be left alone. The man in charge of a flight simulator site that was attacked claims to have identified the hacker and forwarded information to the authorities. Avsim Hacker (Maybe) Brought Before Cops Avsim is one of the best-known flight sim communities in existence. It's been around for a long time, too. Unfortunately, a hacker managed to wipe about a decade's worth of modification info and forum posts from the site's servers back in May. Now, though, Tom Allensworth, the publisher and CEO of Avsim,…
  • Email Password Hackers Present Real Threat

    The next time you have something really important to tell someone, consider whether a drive over to his or her house wouldn't be a nice way of spending a few minutes. One reporter has found that it's quite easy (and perhaps all too common) for people to buy email accounts' passwords from hackers. Email Password Hackers Present Real Threat Tom Jackman wrote in an article for the Washington Post, "[S]ervices as YourHackerz.com are still active and plentiful, with clever names like 'piratecrackers.com' and 'hackmail.net.' They boast of having little trouble hacking into such Web-based e-mail…
  • add this feed to my.Alltop
    Computer Internet network security News
  • Use Online Mortgage Calculator!

    agnesbill2009
    6 Nov 2009 | 12:01 pm
    If you decided to obtain a mortgage on that occasion it is rational to first use a mortgage calculator. These basic instruments available online that might help a couple or a person establish whether or not they can in fact have enough money to buy new home. Using a mortgage calculator can help the [...]
  • Use Software To Clone Hard Drive Data And Protect Yourself From Computer Disaster

    system
    6 Nov 2009 | 3:00 am
    One of the worst things that can happen to your computer is to have a total computer failure, without having a backup of your data and applications. If you do not have a method in place that will allow you to recover from these types of disasters, your data is at risk. This can be [...]
  • How To Unlock Wii-Install Homebrew On Wii

    system
    5 Nov 2009 | 1:32 pm
    One of the trickiest thing to do is to learn how to unlock wii without ripping apart the console and installing a mod chip of any type. This is can be risky for the wii fancier as if wii is not unlocked properly it can render your wii. By unlocking your wii console you can [...]
  • Good Tutorials Flash – Animation 3d Studio Textures Tutorial Programing

    system
    5 Nov 2009 | 3:47 am
    There are good tutorials and cd tutorial there are bad tutorials. Good tutorials will help you learn all about a certain subject quickly. Bad tutorials will waste your time and leave you with not even a scrap of knowledge. If you are looking for a Photo Shop video tutorial, then you should always keep this [...]
  • Online Schooling Actually Began With The Introduction Of The “Computer Assisted Learning Center”

    system
    5 Nov 2009 | 2:00 am
    When the educational process takes place in an environment other than a live classroom, it is known as distance education. The idea of distance schooling can be traced by to the advent of the printing press. from the very earliest days of printing, it became possible to develop a learning method whereby the student learned [...]
 
  • add this feed to my.Alltop
    TaoSecurity
  • Tentative Speaker List for SANS Incident Detection Summit

    3 Nov 2009 | 4:11 am
    Thanks to everyone who attended the Bejtlich and Bradley Webcast for SANS yesterday. We recorded that Webcast (audio is now available) to start a discussion concerning professional incident detection.I'm pleased to publish the following tentative speaker list for the SANS WhatWorks in Incident Detection Summit 2009 on 9-10 Dec in Washington, DC. We'll publish all of this information, plus the biographies for the speakers, on the agenda site, but I wanted to share what I have with you.Day One (9 Dec)Keynote: Ron GulaBriefing: Network Security Monitoring dev+user: Bamm Visscher, David…
  • Bejtlich and Bradley on SANS Webcast Monday 2 Nov

    30 Oct 2009 | 5:46 pm
    Ken Bradley and I will conduct a Webcast for SANS on Monday 2 Nov at 1 pm EST. Check out the sign-up page. I've reproduced the introduction here.Every day, intruders find ways to compromise enterprise assets around the world. To counter these attackers, professional incident detectors apply a variety of host, network, and other mechanisms to identify intrusions and respond as quickly as efficiently as possible.In this Webcast, Richard Bejtlich, Director of Incident Response for General Electric, and Ken Bradley, Information Security Incident Handler for the General Electric Computer Incident…
  • Partnerships and Procurement Are Not the Answer

    28 Oct 2009 | 5:54 pm
    The latest Federal Computer Week magazine features an article titled Cyber warfare: Sound the alarm or move ahead in stride? I'd like to highlight a few excerpts.Military leaders and analysts say evolving cyber threats will require the Defense Department to work more closely with experts in industry...Indeed, the Pentagon must ultimately change its culture, say independent analysts and military personnel alike. It must create a collaborative environment in which military, civilian government and, yes, even the commercial players can work together to determine and shape a battle plan against…
  • Initial Thoughts on Cloud A6

    27 Oct 2009 | 6:25 pm
    I'm a little late to this issue, but let me start by saying I read Craig Balding's RSA Europe 2009 Presentation this evening. In it he mentioned something called the A6 Working Group. I learned this is related to several blog posts and a Twitter discussion. In brief:In May, Chris Hoff posted Incomplete Thought: The Crushing Costs of Complying With Cloud Customer “Right To Audit” Clauses, where Chris wrote Cloud providers I have spoken to are being absolutely hammered by customers acting on their “right to audit” clauses in contracts.In June, Craig posted Stop the Madness! Cloud…
  • Wednesday is Last Day for Discounted SANS Registration

    27 Oct 2009 | 4:50 am
    In my off time I'm still busy organizing the SANS WhatWorks in Incident Detection Summit 2009, taking place in Washington, DC on 9-10 Dec 09. The agenda page should be updated soon to feature all of the speakers and panel participants. Wednesday is the last day to register at the discounted rate.I wrote the following to provide more information on the Summit and explain its purpose.All of us want to spend our limited information technology and security funds on the people, products, and processes that make a difference. Does it make sense to commit money to projects when we don’t know their…
  • add this feed to my.Alltop
    Jon's Network
  • Barracuda Acquires Purewire

    admin
    13 Oct 2009 | 4:38 pm
    Barracuda Networks has acquired Purewire, which offers a web security service. This will be the second service product Barracuda offers, the first being their backup service. I had never heard of Purewire until today. There are a couple of demos about their web security service available here. They offer the same protection strategy as something like McAfee’s Web Gateway (Webwasher) but probably with less management overhead. In my experience, Webwasher was only a good fit for a large shop with the resources to fiddle with it all the time. With Purewire, Barracuda may be able to offer…
  • Facebook Application Control

    admin
    17 Sep 2009 | 9:32 am
    Palo Alto Networks regularly updates their software to detect and control more types of traffic to give customers more granular control. The latest content update included control over Facebook applications. If you are a company that wants to allow Facebook use for business reasons but want to avoid the distraction of the third-party applications, you can easily do that with a PAN firewall.
  • Chinese Schools Removing Green Dam

    admin
    15 Sep 2009 | 4:11 pm
    New York Times reports that some Chinese schools are uninstalling the government mandated filtering software because it is a management nightmare. The software must be installed on each computer, not from a central server, and can cause other programs to crash. via Sunbelt
  • Vericept as DLP

    admin
    15 Sep 2009 | 3:40 pm
    Dave at onDLP.com has noted that Vericept as a DLP solution is likely dead, since Trustwave will probably stop developing it as a product to sell and just use it as a tool in their compliance practice. That may be true. Like I said before, Vericept also has a good content monitoring solution that found favor with school districts and HR departments to augment standard URL filters. I hope things turn out well for those customers. I’m interested to hear what Trustwave plans for them.
  • Trustwave Buys Vericept

    admin
    11 Sep 2009 | 2:07 pm
    Vericept has finally been acquired. The terms of the deal are confidential. Vericept was the last stand-alone DLP company as far as I know. They have a unique product that goes far beyond DLP actually, fitting in nicely for companies, schools especially, that want to give HR a tool to enforce acceptable use policies.
  • add this feed to my.Alltop
    Roger's Security Blog
  • International Collaboration on Policies for Cybersecurity and Data Protection

    rhalbh
    5 Nov 2009 | 12:41 pm
    Since a few years we are working with the Council of Europe in a partnership to help to drive a Cybersecurity treaty. We realize that a problem a lot of Law Enforcement agencies have is inconsistent legislation which makes is unbelievably hard to catch the criminals. The Council of Europe treaty is a great starting point and has been ratified not only by most of the member states of the Council of Europe but by a lot of additional countries around the globe. Now, the European Union and the United States have agreed to treat such challenges as international issues and to develop joint policies…
  • Power of Knowledge: Security Intelligence Report v7

    rhalbh
    2 Nov 2009 | 8:06 am
    It is a good tradition since quite a while that we make the intelligence we have available accessible to the broad public. This will help out customers to protect themselves much better. The Security Intelligence Report (SIR) is built on a unparalleled set of sensors out there in the Internet: Malicious Software Removal Tool (MSRT): runs on 450 million computers worldwide each month. BING: performs billions of Web-page scans per year. Windows Live OneCare and Windows Defender: on 100 million + computers worldwide. Forefront Online Protection for Exchange: scanning billions of emails yearly.
  • Security Compliance Management Toolkit Series for IE 8 and Windows 7

    rhalbh
    30 Oct 2009 | 9:09 am
    Just a brief one: the Security Compliance Management Toolkit Series has been updated to incorporate Internet Explorer 8 and Windows 7. So, to help you to manage security and compliance in your environment, you should have a look at it: http://technet.microsoft.com/en-us/solutionaccelerators/cc835245.aspx Roger
  • Look at the Enhanced Mitigation Evaluation Toolkit

    rhalbh
    29 Oct 2009 | 5:26 am
    Recently we announced the availability of the Enhanced Mitigation Evaluation Toolkit. This is a toolkit which makes it easier to defend your application on different levels – free of charge. Read the post done by our Security Research and Defense guys: Announcing the release of the Enhanced Mitigation Evaluation Toolkit Roger
  • Secure Datacenter, Secure Cloud, Secure Government

    rhalbh
    28 Oct 2009 | 12:06 am
    At the moment I invest a lot of my time in a Whitepaper on Client and Cloud Security. There are a few fundamentals, which are already clear to me: You will not be able to run a trusted cloud ecosystem without a trusted client and trusted interactions. So, the End to End Trust model is needed in the cloud as well. A strong, federated identity metasystem is at the base of any cloud security Process transparency as an absolute need if you move to the cloud. If the provider tells you “you should not care about that, we take care of your security” – walk away from the deal. This morning I…
 
  • add this feed to my.Alltop
    SPYWARE NEWS - Google News
  • No more computer 'cavities' - Payson Roundup

    6 Nov 2009 | 3:12 pm
    No more computer 'cavities'Payson RoundupThe last visit on your post-Halloween cleanup quest should be to a competent spyware defender. New technologies in dentistry allow kids to get a coating on
  • 10 Essential Third Party Security Apps for Windows 7 - eWeek

    6 Nov 2009 | 1:00 pm
    10 Essential Third Party Security Apps for Windows 7eWeekThe software not only catches viruses and spyware, it also finds phishing schemes, provide firewall protection, parental controls, data backup, and more.
  • IObit Security 360 1.10 (Windows) - ZDNet

    6 Nov 2009 | 4:24 am
    IObit Security 360 1.10 (Windows)ZDNetIObit Security 360 is an free malware & spyware removal utility that detects, removes the deepest infections, and protects your PC from various of potential
  • Fend off spyware and protect your identity - What PC?

    6 Nov 2009 | 2:19 am
    Fend off spyware and protect your identityWhat PC?Spyware falls into a similar category, but rather than threatening to damage files and settings, it threatens personal data and privacy. and more »
  • Windows 7 Still Vulnerable to Viruses — Durr, Really? - Wired News

    5 Nov 2009 | 2:14 pm
    Telegraph.co.ukWindows 7 Still Vulnerable to Viruses — Durr, Really?Wired NewsTool should also be included to identify all areas of the OS in one interface where malware/spyware would run/inititate. If I have those tools and abilities Like It Or Not, Windows 7 Is HerePhiladelphia BulletinVista sold more pcs than Windows 7 didCNNMoney.com10 must-have downloads for Windows 7PC AdvisorEnterprise Newsall 518 news articles »
  • add this feed to my.Alltop
    Uncommon Sense Security
  • Widgititis

    2 Nov 2009 | 3:42 pm
    I know, that cool Podcast.com widget over there needs an update.  I tried that, but they are having "technical difficulties" at Podcast.com right now.  I'll be adding Exotic Liability, Threatpost podcasts, and others, with some details soon- if they get the widget fixed.  If not, I'll swap it out for a different widget. While you're waiting, head over to Pauldotcom and listen to me humiliate myself and several others on their Halloween episode.  Not or the faint of heart, easily offended, or anyone burdened by a sense of decorum.  The remaining parts of the…
  • diff MA 201 CMR 17.00

    30 Oct 2009 | 6:01 pm
    What changed in the latest "final" version of Massachusetts 201 CMR 17.00?  Here's what I see (emphasis is mine): Under 17.02, Definitions "Owns or licenses: receives, maintains, processes, or otherwise has access to personal information in connection with the provision of goods or services or in connection with employment." became "Owns or licenses: receives, stores, maintains, processes, or otherwise has access to personal information in connection with the provision of goods or services or in connection with employment. That's a big win, adding that little…
  • 201 CMR 17.00, Final Version (really, I think)

    30 Oct 2009 | 5:38 pm
    The "Final" (I think this is the third final version, but who's counting?) version of Massachusetts 201 CMR 17.00 was released today.  I believe this is really final, I doubt that anyone has the stomach for more of the political process that crafted this regulation.  Below is the complete and unedited final version.  The changes seem subtle at first glance, I'll follow up once I have time to review and compare. 201 CMR 17.00: STANDARDS FOR THE PROTECTION OF PERSONAL INFORMATION OF RESIDENTS OF THE COMMONWEALTH Section: 17.01: Purpose and Scope 17.02: Definitions…
  • ROSI, not that nonsense again.

    26 Oct 2009 | 6:04 am
    I recently listened to a panel discussion on the regulation which shall not be named and heard someone say something stupid (amazing, I know).  He tossed out some very large numbers of dollars that Hannaford Bros has lost and will likely lose in the future due to their breach, he said it could total up to one billion dollars over time- but that it could have been prevented with an expenditure of "only" ten million dollars.  I'm with him so far, even if I am skeptical of the accuracy of some of the figures.  Then he said that "ROI is the answer to your…
  • Holding a grudge.

    19 Oct 2009 | 2:40 am
    I should be over it by now, but I'm not. I can accept that 201 CMR 17.00 has been reduced to a feeble checklist which only provides real security in the form of political cover for OCABR, the Office of Consumer Affairs Abandonment and Business Regulation. I cannot accept OCABR's behavior during the process, however. The hearings were scheduled for weekday mornings in an inconvenient location in downtown Boston, an arrangement guaranteed to skew attendance to those with a business need or justification. The location and timing of the events was very effective at keeping average citizens (aka…
 
  • add this feed to my.Alltop
    Security Bytes
  • Israeli Mossad add Trojan Horse to Syrian laptop

    Robert Westervelt
    6 Nov 2009 | 6:18 am
    Data stealing malware helped Israeli spies reap data from official’s laptop. Sophos security guru Graham Cluley writes today about the Mossad, Israel’s intelligence gathering operation and how spies there gained access to a Syrian official’s laptop and uploaded a Trojan to collect data. According to German magazine Der Spiegel, the data collected using the malware helped Israeli officials plan a bombing run against a suspected Syrian nuclear facility in 2007. According to Der Spiegel story on the Syria bombing: The hard drive contained construction plans, letters and hundreds of photos.
  • Fragus exploit pack’s pricy business model locks users in

    Robert Westervelt
    6 Nov 2009 | 6:00 am
    The $800 attack toolkit comes with a self-destruct mechanism after a certain time period Security researchers at Symantec are closely monitoring the Fragus exploit pack, an $800 package of tools developed by cybercriminals to enable users to set up attack websites. Their latest findings have identified an effort by the toolset writers to clamp down on how the toolpack is used – an effort, no doubt, to keep the revenue stream open long after someone plunks down the hefty chunk of change needed to buy Fragus. The blog entry, written by Peter Coogan with help from researcher Cathal Mullaney…
  • New ransomware Trojan tricks victims to buy software fix

    Robert Westervelt
    2 Nov 2009 | 8:09 am
    Trojan Horse doesn’t ask for money, but sends victims to software that can eliminate malware file extension, according to Symantec Security Response Symantec has posted an interesting blog post about a new ransomware Trojan with a twist. Instead of asking for cash to unlock the files, the Ramvicrype Trojan encrypts files on victim computers and then sends victims seeking help via a search engine to a website where they can buy software that supposedly fixes the problem and decrypts the files. Older ransomware would push the the victim buy the keys outright. Symantec virus researcher…
  • Twitter warns of new phishing attacks

    Robert Westervelt
    29 Oct 2009 | 8:35 am
    Phishing campaign uses a direct message and a fake Twitter login page to pilfer credentials. Twitter issued a spam warning via a Twitter message telling users not to click on a direct message that sends users to a Twitter login page. The Twitter warning said the login page is a fake and attempts to steal login and password credentials. Once a victim types in their credentials, a fake Twitter fail-whale over capacity message is displayed. Sophos security expert Graham Cluley blogged about the Twitter phishing attempts on Wednesday, describing the fake Twitter message. calling on users of the…
  • Mozilla update repairs Firefox buffer overflow vulnerabilities

    Robert Westervelt
    29 Oct 2009 | 5:18 am
    Repairs fix several critical memory corruption errors and buffer overflow flaws that could cause the browser to crash and leave users vulnerable to attack. Mozilla issued an update to its popular Firefox browser this week, repairing more than a dozen flaws that could cause the browser to operate erratically and crash or allow remote attackers to target vulnerable users. The browser maker issued 10 advisories on Tuesday, five critical, fixing memory corruption errors, buffer overflow flaws and an object handling flaw that could enable an attacker to execute malicious code and gain access to…
  • add this feed to my.Alltop
    IHS
  • Back to work

    Johnny
    4 Nov 2009 | 8:24 am
    I’m now officially pain-free. What an answer to prayer. It’s kinda crazy how something like a “toothache” can throw me completely off. I couldn’t concentrate.. It was bad times. But now I’m back and the week is a bit crazy. To fill you in, I have to tell you about our school models. The used model: $50/student This setup relies on used equipment sent from donors. At St. John’s we put in 20 Compaq N610c’s donated by “Dean”. These are P4’s, and nice little machines. Including shipping and taxes, these come in at about $50 per…
  • No pain no gain

    Johnny
    31 Oct 2009 | 1:13 pm
    Or: Four days, two continents, four dental procedures in a pear tree. Location: Jinja, Uganda Sunday, October 25, 10:00 pm 48 hours to takeoff I leave for Norway to speak at Paranoia 2009 in 50 hours, and my tooth’s starting to bother me. Location: Jinja, Uganda Monday, October 26 10:00 am 36 hours to takeoff The pain is intense. I head into our little town and find the dental clinic. I explain the situation to the very kind receptionist then wait in the “lobby”. There are two “medical rooms” separated by curtains. The one on the right has pretty steady traffic.
  • Katana Security Distro v1.0

    26 Oct 2009 | 10:38 am
    Thanks to Ronin over at http://www.hackfromacave.com for this addition! Katana v1.0 (Kyuzo) is now available for all Informer subscribers. Click here: https://www.hackersforcharity.org/?pagename=SumaSubscribe if you'd like to subscribe! Katana v1.0 (Kyuzo) is a portable multi-boot security suite designed for all your computer security needs. The idea behind this tool is to bring together all of the best security distributions to run from one USB drive. Katana includes distributions which focus on Penetration Testing, Auditing, Password Cracking, Forensics and Honey Pots. Katana comes with…
  • Ridiculous Beautifulness

    Johnny
    25 Oct 2009 | 2:41 am
    The weather’s been insanely hot. It’s not even fully summer but the heat is already smothering. But sometimes the hottest of days present a ridiculous beautifulness that’s fully African. The view out our front door, taken with the camera’s color assist function boosting only the blue. The reflection in the car window isn’t photoshop.   AOET’s Rehaboth Integrated School in Njeru. The left-hand side of the building shows the room where our largest computer lab will be installed. I think we’ve just secured the funding for the rest of the machines.
  • St. John’s Wakitaka Part Two

    Johnny
    23 Oct 2009 | 11:00 pm
    This week we’ve been focused on St. John’s Wakitaka Secondary School in Wakitaka Uganda. This is the second phase of the project and we’re installing brand-new desktop systems, thanks to Paraben! The gear unloaded from the truck. PARABEN! =) Here’s Fred hanging out on the porch of the computer center. He’s waiting for them to unlock the door. Fred started unpacking while I went into town to get the server (registering back home on the SLOW Internet connection), RJ45 plugs, conduit, and mousepads. It should have taken an hour. This is Africa. It took me three. I…
  • add this feed to my.Alltop
    Cloud Security
  • RSA Europe 2009 Presentation Posted

    Craig Balding
    27 Oct 2009 | 2:57 pm
    Thanks to those that requested a copy of my RSA Europe 2009 presentation, “What Everyone Ought To Know About Cloud Security”.  RSA gave me the go-ahead to post it on my blog so here it is. What Everyone Ought To Know About Cloud Security View more presentations from craigbalding. Whilst at RSA, Mirko from Help Net Security asked me to talk on a 5 minute podcast about Cloud Security from a technical perspective (thanks Mirko!). This was my last high level presentation on Cloud Security issues - there’s lots of chewy cloud goodness to dive into hence future presentations will…
  • Slides from my BruCon Talk: “The Belgian Beer Lovers Guide to Cloud Security”

    Craig Balding
    21 Sep 2009 | 9:00 am
    I’ve received some requests for the slides I presented at BruCON, so here they are.  As the slides are mostly devoid of text, I’ve included the speaker notes.  The notes are not polished, hence treat accordingly ;-).  To view in “Full Screen” mode click on the icon at the bottom right of the slideshare embed below and click “Fit to Height” to see the notes. P.S If you weren’t at BruCON, you missed an excellent security conference - strong content, excellent organisation and facilities, friendly crowd.  Thanks to Benny & crew for being…
  • Cloud Security @ Brucon

    Craig Balding
    17 Sep 2009 | 1:15 am
    This evening I’m off to Brussels, Belgium to attend the very first Brucon - a 2 day information security conference aimed squarely at those curious about technologies from a security point of view.  I’m scheduled to talk about Cloud Security on the last slot on Saturday before the after-party.   Conscious of the timing and location, I’m employing some less-than-subtle marketing tactics to get “bums on seats” as you’ll see below. Here’s the abstract: In a hurry? The short version: learn about cloud security and in the process win a tasty Belgian…
  • Cloud Cartography & Side Channel Attacks

    Craig Balding
    30 Aug 2009 | 5:38 pm
    Last week, saw the release of a research paper called “Hey, You, Get Off of My Cloud: Exploring Information Leakage in Third-Party Compute Clouds” [pdf].  The abstract reads: Third-party cloud computing represents the promise of outsourcing as applied to computation. Services, such as Microsoft’s Azure and Amazon’s EC2, allow users to instantiate virtual machines (VMs) on demand and thus purchase precisely the capacity they require when they require it.  In turn, the use of virtualization allows third-party cloud providers to maximize the utilization of their sunk capital…
  • Introducing the Cloud Security Podcast…

    Craig Balding
    1 Aug 2009 | 8:26 am
    That’s right…you thought you couldn’t get enough Cloud Security…well, now you can hear myself and co-host Chris Hoff of Rational Survivability discuss recent cloudsec happenings. Cloud Security Podcast Episode 1 [If you don't see the player above, turn on Javascript] Brief show notes: Introductions Quick recap of what we mean by ‘Cloud Computing’ Recent news & events (with a focus on FUD) Groups developing cloud security guidance: Cloud Security Alliance, Enisa, Jericho Wrap-up Full show notes As this was our first foray into making our own podcast,…
 
  • add this feed to my.Alltop
    Schneier on Security
  • Friday Squid Blogging: Dentyne Ice Squid Ad

    schneier
    6 Nov 2009 | 2:13 pm
    Weird.
  • Interview with Me

    schneier
    6 Nov 2009 | 12:35 pm
    On CNet.com.
  • The Doghouse: ADE 651

    schneier
    6 Nov 2009 | 4:55 am
    A divining rod to find explosives in Iraq: ATSC’s promotional material claims that its device can find guns, ammunition, drugs, truffles, human bodies and even contraband ivory at distances up to a kilometer, underground, through walls, underwater or even from airplanes three miles high. The device works on “electrostatic magnetic ion attraction,” ATSC says. To detect materials, the operator puts an array of plastic-coated cardboard cards with bar codes into a holder connected to the wand by a cable. “It would be laughable,” Colonel Bidlack said, “except someone down the street…
  • Mossad Hacked Syrian Official's Computer

    schneier
    5 Nov 2009 | 10:48 am
    It was unattended in a hotel room at the time: Israel's Mossad espionage agency used Trojan Horse programs to gather intelligence about a nuclear facility in Syria the Israel Defense Forces destroyed in 2007, the German magazine Der Spiegel reported Monday. According to the magazine, Mossad agents in London planted the malware on the computer of a Syrian official who was staying in the British capital; he was at a hotel in the upscale neighborhood of Kensington at the time. The program copied the details of Syria's illicit nuclear program and sent them directly to the Mossad agents'…
  • The Problems with Unscientific Security

    schneier
    5 Nov 2009 | 4:11 am
    From the Open Access Journal of Forensic Psychology, by a whole list of authors: "A Call for Evidence-Based Security Tools": Abstract: Since the 2001 attacks on the twin towers, policies on security have changed drastically, bringing about an increased need for tools that allow for the detection of deception. Many of the solutions offered today, however, lack scientific underpinning. We recommend two important changes to improve the (cost) effectiveness of security policy. To begin with, the emphasis of deception research should shift from technological to behavioural sciences. Secondly, the…
  • add this feed to my.Alltop
    Security Uncorked
  • Mystery Solved: SQUIRREL (An Ode to…)

    jj
    16 Oct 2009 | 6:29 pm
    An Ode to SQUIRREL For months I’ve wondered    with eager anticipation       how Hoff, Jack and crew          created this new SQUIRREL Nation I prayed, I questioned, I pondered    for mental emancipation       but the enigma just grew          until I clicked the Disney station And so now I’ve uncovered    the source of SQUIRREL’s creation       I bet no one ever knew          about the SIMP-elation I present to you all for your viewing pleasure the definitive source of SQUIRREL Happy Friday !
  • Good, Bad and Ugly: On SecTor’s Wall of Shame

    jj
    8 Oct 2009 | 12:57 pm
    In the past 48 hours or so, rumours about the SecTor Wall of Shame have been circulating through the intertubes, blogs, twitter and exhibitor floor conversations. After an obviously agitated media member (a blogger for InternetNews.com) wrote this post about SecTor’s Wall of Shame, several security professionals attending the event began asking questions about the collection of data on the Wall. Honestly, I blew off most of the blogger’s statements due to his poor writing, agitated tone and obvious misunderstanding of the technology and security. I didn’t investigate until…
  • Retaliation: Network Security Talk at SecTor

    jj
    30 Sep 2009 | 10:33 am
    Now that I have all the important fun stuff out there for you on Why You Can’t Miss SecTor, I’ll tell you a little bit about my talk at the conference. My talk this year is different- it’s different from my talk last year at SecTor (Network Security Stripped) and it’s actually a stark contrast to the majority of my past talks. Event though I’ve spoken extensively on network security, 802.1X, wireless and NAC, my previous content was based on experience of actual implementations and extensive lab testing of these technologies over the years. THIS presentation,…
  • Why You Can’t Miss SecTor

    jj
    30 Sep 2009 | 5:00 am
    I haven’t been as consistent in blogging about the events I’m speaking at as I would like to be. I did want to take a few minutes from this crazy work week to remind everyone about SecTor, Security Education Conference in Toronto next week. I had the pleasure of speaking at SecTor last year and I’m returning again this year with new content. More on that below. I’ve heard SecTor referred to as the “Black Hat of Canada” among other things and I’d say that’s a fairly accurate description if we’re comparing status. In content, I have to say…
  • NAC document finally released: Catching the Unicorn

    jj
    18 Sep 2009 | 11:59 am
    Finally! Many of you know I’ve been working on this document for the better part of a year now. The concepts and ideas came together quickly during a flight from the West coast, but transforming all the thoughts to a cohesive document for a broader audience has taken a lot of time and help. Don’t be put off by the name. Believe it or not, the title has an actual meaning. I hope you’ll read the first pages of the document to understand where the title came from and why it’s relevant. There’s a permanent page for the white paper Catching the Unicorn. It includes a…
  • add this feed to my.Alltop
    PCI Blog
  • Only 3 Seats Left for Dallas CPISM/A!

    cmark
    26 Oct 2009 | 8:49 am
    The Dallas CPISM/A training and certification course has filled up quickly and we only have 3 seats left.  If you are interested in attending the November 10-13th event, sign up soon. After reviewing the registrants, this should be a very interactive course with some great comments and input from the participants and a very good opportunity to network.    If you are signed up already we will see you in Dallas in a few weeks!
  • Another End to End / Tokenization Entrant

    cmark
    25 Oct 2009 | 8:48 am
    Everyone who has read my blogs over the past few years or spoken to me about PCI DSS knows my feelings on end-to-end encryption and data replacement technologies.  I have a huge proponent and feel that these technologies will help secure our industry and provide significant benefits in reduction of PCI DSS requirements.  There are a number of companies entering the market with these solutions and we have another.  First Data recently announced their “First Data Secure Transaction Management” solution which combines end-t0-end encryption and tokenization.  You can read their…
  • China Expands Cyberspying in the US

    cmark
    22 Oct 2009 | 7:15 am
    The Wall Street Journal has a very interesting article out today that talks about cyberspying in the US.  A report released today by the U.S.-China Economic and Security Review Commission indicates that the Chinese government is ratcheting up their cyber espionage efforts in the US.  US companies have been specifically targeted.  The report says that US companies are being attacked to steal intellectual property and secret information from defense contractors and other companies.  The report states that Chinese cyberspies steal up to $50 billion a year in intellectual property.
  • California Taking a Step Back?

    hmark
    21 Oct 2009 | 11:25 am
    California has long been credited with the creation of the state breach notification law. For many in the security world breach notification and SB 1386 are practically synonymous. Over the years since its passage, however, breach notification laws have undergone a number of evolutionary changes - central reporting requirements, requiring organizations to provide details of the breach and the type of information that was potentially compromise are among those changes. The notion behind including these elements in the notification requirements is that a citizen that is well-informed is…
  • PCI DSS is “Insufficient?”

    hmark
    8 Oct 2009 | 11:06 am
    In a lawsuit filed in the wake of the Heartland breach, the plaintiff’s attorneys allege that Heartland knew that the PCI DSS was “insufficient” to protect cardholder data. Specifically, the lawsuit alleges, “Heartland executives were well aware before the Data Breach occurred that the bare minimum PCI-DSS standards were insufficient to protect it from an attack by sophisticated hacker…” They base this allegation on an earnings call held the November prior to the breach in which the CEO states that Heartland will “move beyond” the PCI DSS, which…
 
  • add this feed to my.Alltop
    Information Security Resources
  • Navy CIO Sees Future in Cloud Computing

    anthonymfreed@gmail.com (Information Security Resources)
    6 Nov 2009 | 4:27 am
    By Kevin L. Jackson, Vice President at Dataline During this week's Federal Executive Forum taping, Navy CIO Robert Carey discussed his views on cloud computing. Stating that the NGEN and CANES... [[ This is a content summary only. Visit my website for full links, other content, and more! ]]
  • Social Media Scams Plague Networks

    anthonymfreed@gmail.com (Information Security Resources)
    5 Nov 2009 | 10:00 am
    By Robert Siciliano, Identity Theft Expert We hear about a new Twitter phishing scam almost daily, whether it’s via direct messaging or a shortened URL. Not too long ago, it was big news when... [[ This is a content summary only. Visit my website for full links, other content, and more! ]]
  • Top Five Financial Sector Security Threats

    anthonymfreed@gmail.com (Information Security Resources)
    3 Nov 2009 | 6:17 pm
    By Kevin M. Nixon, Information-Security-Resources.com Security Editor With the threat of aftershocks in the US Stock market, continued bank closings and takeovers by the FDIC, serious... [[ This is a content summary only. Visit my website for full links, other content, and more! ]]
  • Two Vulnerability Scanning Tools Evaluated

    anthonymfreed@gmail.com (Information Security Resources)
    3 Nov 2009 | 6:17 pm
    By Bozidar Spirovski, CISSP, MCSA, MCP In terms of speed, Retina performed much faster. In terms of scan depth, Nessus has a small advantage, since it includes a web mirroring tool that is very... [[ This is a content summary only. Visit my website for full links, other content, and more! ]]
  • Everyday Life and the Expectation of Privacy

    anthonymfreed@gmail.com (Information Security Resources)
    2 Nov 2009 | 10:23 pm
    Coby Royer, Technical Product Manager for Symplified Regardless of what you feel should or should not be private, we all have a right to set expectations that we trust will be met. And as... [[ This is a content summary only. Visit my website for full links, other content, and more! ]]
  • add this feed to my.Alltop
    Decurity
  • Low Level Information Collection

    rocky@decurity.com
    27 Oct 2009 | 7:13 am
    This morning as my wife was leaving for work she noticed a extended cab pickup truck parked out in front of our neighbor’s house.  As she began to pull out of the driveway she noted that the driver got out and was beginning to go through the neighbors trash.  My wife parked at the end of the street and then called me.  I dismissed it at first but as I observed for a few moments I was amazed at how thoroughly this gentleman was going through each bag.  His urgency and purpose was like he was looking for a lost wedding ring. Needing something to do today I walked up to…
  • Upcoming Opportunities

    rocky@decurity.com
    20 Oct 2009 | 6:36 pm
    There are a lot of major changes going on at Decurity and soon enough we’ll be in a position to announce them to the world!  In the mean time this is just a quick note to say that Rocky DeStefano will be participating in a couple of fun information security events in the near future: 1.  NetWitness User Conference Nov 4-5 2009 in DC, Gabe Martinez and I are teaming up again and presenting some real-world examples of SIEM and NetWitness integrations in a technical training session on Nov 4th.  This integration is probably one of the most powerful enhancements you can make…
  • ArcSight Protect ‘09 Wrap-up

    rocky@decurity.com
    17 Sep 2009 | 8:50 am
    ArcSight Protect ‘09 was a whirlwind of activity for Decurity.  I would love to thank everyone that came up to the booth and gave us feedback on the blog, to all of our customers that stopped by and helped introduce us to their friends and of course to all my friends at ArcSight that made the week so enjoyable.  Technology advances announced as part of Protect ‘09: 1. ArcSight Logger 4.0 While still technically in Beta, this product goes a long way to resolving any perceived flaws in the technology.  Unstructured search, incredible insert rates, better and much fast…
  • Decurity’s “Back to School” Series: SIEM 201: SIEM Use Cases

    rocky@decurity.com
    30 Aug 2009 | 1:00 pm
    Part 2 of Decurity’s “Back to School” Series:  SIEM 201: SIEM Use Case Definition  For the full article click here Course Prerequisites: A while back I published a diagram and associated text illustrating the benefits of a combined SIEM and Log Management architecture. This diagram/post did a good job of explaining the features and functionality of Log Management and SIEM at a very high level. If you haven’t seen that post or if you haven’t read Decurity’s SIEM 101 previously I would encourage you to go back and take a look. Basic concepts from those…
  • Back to School - SIEM 101

    rocky@decurity.com
    23 Aug 2009 | 9:00 pm
    Just in time for “Back to School” Decurity presents “SIEM 101”: An introduction into SIEM functionality.  What is SIEM correlation? What does it deliver? What is the value to a business or organization?  What is aggregation, normalization, prioritization and how do they differ or enable correlation scenarios? Every SIEM Vendor seems to have a different definition and marketing spiel about the functionality of SIEM “correlation”.  Some times correlation is described in a manner that evokes thoughts of a magic trick, other times it is simply labeled as…
  • add this feed to my.Alltop
    The Security Catalyst
  • FTC Says Bloggers Must Disclose Freebies

    securitycatalyst@gmail.com (Michael J. Santarcangelo, II)
    5 Nov 2009 | 3:00 am
    by Aaron Titus The FTC recently announced new guidelines requiring bloggers to disclose when they get freebies in exchange for reviews. Adopted by a vote of 4-0, this is the first update of the FTC’s Guides Concerning the Use of Endorsements and Testimonials in Advertising in 29 years. The rules go into effect on December 1, 2009. The FTC press release emphasizes that under the new rules, “both advertisers and endorsers may be liable for… failure to disclose material connections between [them].” Material connections include payments or free products, which must be…
  • Into the Breach – Audio Series – Chapter 4 (The Solution: Manage People, Information and Risk)

    securitycatalyst@gmail.com (Michael J. Santarcangelo, II)
    3 Nov 2009 | 3:36 am
    Episode 5: Into the Breach: Chapter 4 (The Solution: Manage People, Information and Risk) Welcome to the continuation of the Into the Breach: Protect Your Business by Managing People, Information and Risk audio series. (Click this link) to learn more about this how this book solves today’s challenges and pick up a complete copy. This series, underwritten by Configuresoft, now part of EMC, is the full and unabridged audio version of Into the Breach, written by Michael Santarcangelo and read by the author. Join us for a new chapter released on the first Tuesday of each month (there are 13…
  • Securing the Toughest Times

    securitycatalyst@gmail.com (Michael J. Santarcangelo, II)
    29 Oct 2009 | 4:07 am
    by Ron Woerner Whether you call it lay-offs, downsizing, rightsizing, redundancies, a reduction in force, or whatever, a reduction in staff stinks.  Downturns in the economy often translate to a reduced volume of business, resulting in a correlated reduction in staff.  One of the hardest jobs in Security is ensuring that those who are asked to leave no longer have access to the organization’s resources.  This is especially hard when you know those affected.  However it’s critical that this tough job be done. The last thing you want or need is for an ex-employee to perform a…
  • Have a workable plan, or else…

    securitycatalyst@gmail.com (Michael J. Santarcangelo, II)
    27 Oct 2009 | 4:04 am
    by Martin Fisher As we continue to discuss the Basic Truths of Incident Response Leadership, we’ve briefly gone over the three Basic Truths as well as done a deeper analysis of  “Succeeding By Planning to Fail”. This brings us to: Basic Truth #2: Have A Workable Plan, or Else As an Incident Response Leader, one of the most valuable parts of your role is to create, test, exercise, and (when called upon) execute Incident Response Plans (IRPs).  IRPs run the gamut from a Post-It note on the wall listing contact phone numbers, to plans that take up several 3-ring binders on a shelf…
  • Playing games

    securitycatalyst@gmail.com (Michael J. Santarcangelo, II)
    22 Oct 2009 | 4:00 am
    by Jeff Kirsch Recently, my son told me a story about how he played chess with a friend at school. In his story, he said his friend executed a certain move; my son then asked me if I had ever tried that move. I was a bit confused; I’ve played chess on and off for at least 20 years, but I’ve never heard of this play. My son asked if we could play, and more importantly, if I could teach him. Looking at the clock, I thought about how I needed to get his siblings into bed, and that he needed to read a book for school. He promised to read his book while I put his siblings to bed. After…
 
  • add this feed to my.Alltop
    Security Warrior
  • Book Review: “The myths of Security” by John Viega

    Dr Anton Chuvakin
    6 Nov 2009 | 1:11 am
    My review for “The myths of Security” by John Viega has been posted to Amazon; I gave it 4 out 5 stars.Think about this book as a printed collection of blog posts – some a dozen pages, some half a page. John’s essays – all 48 of them - read like a typical blog: fun views on hot subjects, controversial opinions, new ideas for the future, dispelled myths, cool technology ideas, etc. I definitely enjoyed reading the book, even if most of the material was at least somewhat familiar to me. For starters, this was the first time that I have seen a book written by somebody employed by a…
  • Links for 2009-11-04 [del.icio.us]

    Dr Anton Chuvakin
    The Limitations of Risk Assessment | Blog | Infosecurity Security Adviser
  • Releasing Many Of My Security Papers!

    Dr Anton Chuvakin
    4 Nov 2009 | 5:05 am
    As you can guess, I have written a lot of fun security stuff over the years. I’ve been “liberating” my content for the community to read, starting from presentations (via Slideshare) Now, I am releasing most of my old paper content as well: My DocStoc collection My Scribd collection My Slideshare collection Feel free to check these periodically as I will be adding old papers from my collections for a long time (they also get auto-dumped to Twitter). BTW, I am doing it despite the fact that some of my writing from 2002 is quite embarrassingly naive :-) But I never, ever misspelled HIPAA!
  • Links for 2009-11-03 [del.icio.us]

    Dr Anton Chuvakin
    vadim_proskurin: Снова о террористах и антивирусах M86 Security Buys Finjan - Business Center - PC World
  • Monthly Blog Round-Up – October 2009

    Dr Anton Chuvakin
    2 Nov 2009 | 3:44 pm
    As we all know, blogs are a bit "stateless" and a lot of good content gets lost since many people, sadly, only pay attention to what they see today. These monthly round-ups is my attempt to remind people of useful content from the past month! If you are “too busy to read the blogs,” at least read these. So, here is my next monthly "Security Warrior" blog round-up of top 5 popular posts/topics. “Top Log FAIL!” is hot! The post summarizes the most egregious, reckless, painful, negligent, sad, idiotic examples of “Log FAIL.” Open source SIEM theme continues to…
  • add this feed to my.Alltop
    SC Magazine
  • Festi botnet appears

    6 Nov 2009 | 9:15 am
    There's a new botnet in town. Known as Festi, the network of zombie computers now is responsible for three to six percent of daily spam, or about 1.5 to three billion emails, according to the latest MessageLabs research released Thursday. The botnet, which was responsible for virtually no spam as recent as August, has managed to increase its output by recruiting new zombie computers and delivering significantly more spam from each compromised node. The junk mail typically pushes goods, such as male enhancement pills and jewelery. -- DK
  • Gumblar site infections return, WordPress among affected

    6 Nov 2009 | 8:05 am
    In the latest wave of Gumblar attacks, the backdoor script being used to infect sites has been causing some WordPress blogs and other PHP-based sites to crash, security researchers have warned.
  • Two data breach laws pass Senate Judiciary Committee

    6 Nov 2009 | 5:45 am
    A full Senate vote is the next stop for two federal data-breach notification laws.
  • Mass. data law finalized

    6 Nov 2009 | 2:52 am
    The Massachusetts Office of Consumer Affairs and Business Regulation this week filed a finalized version of its data security regulations, scheduled to take effect March 1, 2010. The requirements must be followed by companies handling the personal data of Bay State residents. The final version clarifies the deadline by which companies must impose the provisions on their third-party providers. Existing contracts with these third parties must include safeguard rules by March 1, 2012, but new or updated contracts must meet the March 1, 2010 deadline. -- DK
  • Microsoft to deliver six patches covering 15 flaws

    5 Nov 2009 | 8:48 am
    November's security update from Microsoft comes with six patches for 15 vulnerabilities -- nearly 20 fewer than last month.
  • add this feed to my.Alltop
    Verizon Business Security Blog
  • Weekly Intelligence Summary: 2009 – 10 – 30

    Dave Kennedy
    2 Nov 2009 | 9:10 am
    Most of the threat activity for this week was directed towards Facebook and Twitter users. Large e-mail campaigns for password reset confirmations led to compromised Facebook accounts and Trojan installations, with the primary goal of stealing bank account information. Sun issued advance notification to patch at least six vulnerabilities in Java on Tuesday, 2009-11-03. There is also an unspecified buffer overflow vulnerability in the current version of Java System Web Server. The Guardian Newspaper reported a “sophisticated” intrusion on their jobs site, and Gawker Media…
  • On Asset Valuation.

    Alex Hutton
    29 Oct 2009 | 8:31 am
    Last week on Twitter, Jeremiah Grossman, Whitehat Security, asked if there was a simple way to perform asset valuation. Since then there have been posts from Russell Cameron Thomas, Andrew Jaquith, and Gunnar Peterson on the subject that have all been very interesting. The answers provided ranged from the simple to the complex. Before we talk about asset value and Infosec, let’s first discuss some accounting concepts (I always like to get the unpleasantness out of the way as soon as possible). To begin with, our IT assets usually are utilized in what we might think of as an…
  • Weekly Intelligence Summary: 2009 – 10-23

    Dave Kennedy
    23 Oct 2009 | 2:33 pm
    The following is the executive summary paragraph to the weekly Intelligence Summary report Verizon Business Cybertrust Security’s Risk Team provides. The purpose is to capture in one paragraph the most risk-significant events, over the past week, from an enterprise perspective. The most risk-significant event this week was Oracle’s quarterly release of a Critical Patch Update, but none of the vulnerabilities are the target of known attacks. Data breaches dominate the rest of the week’s events with news of medical records off-shored for transcription being sold on India’s…
  • Weekly Intelligence Summary: 2009 – 10-16

    Dave Kennedy
    16 Oct 2009 | 11:39 am
    The following is the executive summary paragraph to the weekly Intelligence Summary report Verizon Business Cybertrust Security’s Risk Team provides. The purpose is to capture in one paragraph the most risk-significant events, over the past week, from an enterprise perspective. Risk relevant events this week were dominated by security bulletins from Microsoft and Adobe. Infrastructure component vulnerabilities have also been announced, but without widespread reporting and discussion among security professionals. Availability failures disrupted service for T-Mobile Sidekick users, all of…
  • Security decision methods poll Results

    Wade Baker
    12 Oct 2009 | 9:41 am
    A couple of weeks ago, I wrote a post on how we in the security industry make decisions. After a bit of waxing philosophical, I proposed a list of decision “methods” I regularly see in use among organizations. I also created a small survey (that contained a few additional methods) to capture your experiences for comparison. The response was not overwhelming by any stretch but the results are below (click the image to make it bigger). Realizing that our sample set is not randomized, is self-selected, and very small, we can’t draw too much from the results. However, they do roughly follow…
 
  • add this feed to my.Alltop
    Infosec Ramblings
  • Interesting Information Security Bits for 11/06/2009

    kriggins
    6 Nov 2009 | 5:47 pm
    Good afternoon everybody! I hope your day is going well. Here are today’s Interesting Information Security Bits from around the web. I can’t remember if I pointed to part one of this, but I think I did. Anyway, here are the answers. There is a link to part 1 if you haven’t seen it yet. Can you find the vulnerabilites? Part Two << Security Ninja Tags: ( challenge answers ) The Atlanta NAISG chapter is celebrating their one year anniversary. You should go check it out next week if you are in the area. Atlanta NAISG November Meeting >> Andy ITGuy Tags: ( meetings…
  • Interesting Information Security Bits for 11/05/2009

    kriggins
    5 Nov 2009 | 3:48 pm
    Good afternoon everybody! I hope your day is going well. Here are today’s Interesting Information Security Bits from around the web. There is some truth in this post. A corollary is the mommy/daddy principle. I’ll ask mommy and if I don’t get the answer I want I’ll ask daddy. Network Security Blog >> I’ll do anything! Absolutely anything! Tags: ( general ) The CFP for Metricon is open. Mini Metricon 4.5 Call For Participation << The New School of Information Security Tags: ( conferences cfp metricon ) This is a must see. YouTube – Marcus J.
  • Interesting Information Security Bits for 11/04/2009

    kriggins
    4 Nov 2009 | 7:57 pm
    Good afternoon everybody! I hope your day is going well. Here are today’s Interesting Information Security Bits from around the web. Be careful. It doesn’t appear that it is very hard to turn you Windows 7 install into an wireless access point. Errata Security: Windows 7 includes soft-ap Tags: ( windows-7 wifi ) Some good tips for making sure your Wordpress install is as secure as possible. 10 Ways To Secure Your Wordpress Install Tags: ( wordpress ) Offensive Security is setting up the next iteration of milw0rm. Leaders in Online Information Security Training >> Offensive…
  • Interesting Information Security Bits for 11/03/2009

    kriggins
    3 Nov 2009 | 5:07 pm
    Good afternoon everybody! I hope your day is going well. Here are today’s Interesting Information Security Bits from around the web. A few days ago I pointed out an article that discussed some issues with the default settings for UAC in Windows 7. This article shows that the criticism in the other article is well earned. Windows 7 vulnerable to 8 out of 10 viruses | Chester Wisniewski’s Blog Tags: ( virus windows-7 ) Interested in cross-subdomain cookie attacks? Check out the paper that mckt wrote. It is based on his presentation at Toorcon recently. Skeptikal.org: Cross-subdomain…
  • Interesting Information Security Bits for 11/02/2009

    kriggins
    2 Nov 2009 | 1:21 pm
    Good afternoon everybody! I hope your day is going well. Here are today’s Interesting Information Security Bits from around the web. A very good article on an issue that we need to think about as those who are very social media focused are working in our organizations. Lifestyle Hackers – CSO Online – Security and Risk Tags: ( social-media ) You know you’ve been wanting to try it. Electric Alchemy: Cracking Passwords in the Cloud: Breaking PGP on EC2 with EDPR Tags: ( passwords cloud cracking ) Wonder what the latest changes to MA 201 CMR 17.00 are? Jack does us all a…
  • add this feed to my.Alltop
    Verizon Business Security Blog
  • Weekly Intelligence Summary: 2009 – 10 – 30

    Dave Kennedy
    2 Nov 2009 | 9:10 am
    Most of the threat activity for this week was directed towards Facebook and Twitter users. Large e-mail campaigns for password reset confirmations led to compromised Facebook accounts and Trojan installations, with the primary goal of stealing bank account information. Sun issued advance notification to patch at least six vulnerabilities in Java on Tuesday, 2009-11-03. There is also an unspecified buffer overflow vulnerability in the current version of Java System Web Server. The Guardian Newspaper reported a “sophisticated” intrusion on their jobs site, and Gawker Media…
  • On Asset Valuation.

    Alex Hutton
    29 Oct 2009 | 8:31 am
    Last week on Twitter, Jeremiah Grossman, Whitehat Security, asked if there was a simple way to perform asset valuation. Since then there have been posts from Russell Cameron Thomas, Andrew Jaquith, and Gunnar Peterson on the subject that have all been very interesting. The answers provided ranged from the simple to the complex. Before we talk about asset value and Infosec, let’s first discuss some accounting concepts (I always like to get the unpleasantness out of the way as soon as possible). To begin with, our IT assets usually are utilized in what we might think of as an…
  • Weekly Intelligence Summary: 2009 – 10-23

    Dave Kennedy
    23 Oct 2009 | 2:33 pm
    The following is the executive summary paragraph to the weekly Intelligence Summary report Verizon Business Cybertrust Security’s Risk Team provides. The purpose is to capture in one paragraph the most risk-significant events, over the past week, from an enterprise perspective. The most risk-significant event this week was Oracle’s quarterly release of a Critical Patch Update, but none of the vulnerabilities are the target of known attacks. Data breaches dominate the rest of the week’s events with news of medical records off-shored for transcription being sold on India’s…
  • Weekly Intelligence Summary: 2009 – 10-16

    Dave Kennedy
    16 Oct 2009 | 11:39 am
    The following is the executive summary paragraph to the weekly Intelligence Summary report Verizon Business Cybertrust Security’s Risk Team provides. The purpose is to capture in one paragraph the most risk-significant events, over the past week, from an enterprise perspective. Risk relevant events this week were dominated by security bulletins from Microsoft and Adobe. Infrastructure component vulnerabilities have also been announced, but without widespread reporting and discussion among security professionals. Availability failures disrupted service for T-Mobile Sidekick users, all of…
  • Security decision methods poll Results

    Wade Baker
    12 Oct 2009 | 9:41 am
    A couple of weeks ago, I wrote a post on how we in the security industry make decisions. After a bit of waxing philosophical, I proposed a list of decision “methods” I regularly see in use among organizations. I also created a small survey (that contained a few additional methods) to capture your experiences for comparison. The response was not overwhelming by any stretch but the results are below (click the image to make it bigger). Realizing that our sample set is not randomized, is self-selected, and very small, we can’t draw too much from the results. However, they do roughly follow…
  • add this feed to my.Alltop
    Amrit Williams Blog
  • Gartner Magic Quadrant Under Fire – Lawsuit Alleges Defamation and more

    amritw
    22 Oct 2009 | 11:31 am
    A storm is brewing throughout the analyst community as one of the largest and most influential technology analyst firms comes under fire for one of their highest prized research artifacts – The Gartner Magic Quadrant (MQ) – ZL Technologies has filed a lawsuit alleging damages from Gartner’s Email and Archiving MQ and the MQ process [...]
  • Microsoft Security Essentials Impact on Enterprise Security

    amritw
    30 Sep 2009 | 9:15 pm
  • 50th “Beyond The Perimeter” Podcast HighLights

    amritw
    21 Sep 2009 | 4:10 pm
    Not too long ago I embarked on a creating a podcast series that would provide more regularity than the blog. Beyond the Perimeter has been a tremendous amount of fun and as we just posted our 50th podcast I wanted to reflect on some of the highlights and wonderful guests we have been honored to [...]
  • Has Technology Killed Privacy?

    amritw
    16 Sep 2009 | 9:50 am
    From Computer World UK (here) There is little doubt that advances in technology have radically changed many aspects of our lives, from healthcare to manufacturing, from supply chains to battlefields, we are experiencing an unprecedented technical revolution. Unfortunately, technology enables the average person to leak personal information at a velocity that few understand. Take a moment and [...]
  • The Long IT Security Industry Winter

    amritw
    9 Sep 2009 | 10:58 am
    I recently had the opportunity to sit down with Peter Kuper and discuss the impact the economic crisis has had on the IT security industry on the latest Beyond the Perimeter podcast (here). Peter Kuper, former analyst Morgan Stanley and SC Gowen, now associated with the IANS (Institute for Applied Network Security) organization notes that [...]
 
  • add this feed to my.Alltop
    TradePub: IT Security
  • Protecting Your Network Against the Growing Danger of Web Attacks

    4 Nov 2009 | 11:20 am
    Web-borne malware is now more common than malware that enters an organization through email. The number of Web sites discovered per day, that carry malware increased 400% in 2008. This drastic increase in infected sites can cause serious issues for your business. Organizations need to proactively protect their networks both by instituting acceptable usage policies for employee web usage as well as implementing a solution to combat these malware intrusions.In this white paper you will learn:How malware enters networks through the webHow to combat these threatsHow MessageLabs hosted solution…
  • Email Archiving: A Business-Critical Application

    4 Nov 2009 | 11:20 am
    Today's businesses are especially vulnerable to accidental email loss, compliance demands, and the threat of e-discovery. Yet these same companies often have the fewest resources for combating these risks on their own. Many businesses today are turning to email archiving services to eliminate losses. Additional benefits of professional email archiving services include greater employee productivity, less need to rely on company storage servers, and increased protection. Email archiving also protects email 24X7 with enterprise-level backup and support. Data is secured at multiple sites and…
  • Converged Threats on the Security Landscape

    4 Nov 2009 | 11:20 am
    Business users can easily fall victim to malicious links in email, instant messages, and rogue or compromised Web sites. In a single click of the mouse, a user can unwittingly access a Web page that installs malware and other unwanted software on the user's PC, leading to possible system damage, information or identity theft and all kinds of potential compliance violations. Your users need a reliable computing environment; you need failsafe network protection. In this white paper, discover how state-of-the-art scanning technologies used in MessageLabs' leading security solutions guard your…
  • Beyond Demonstrating Compliance: The Reinvention of Internal Audit

    2 Nov 2009 | 2:20 pm
    Slash Time to Produce ReportCut Total Cost to Produce ReportReduce Non-Compliance IncidentsAn unceasing focus on compliance, and an increasing focus on managing risk, created greater pressure from the Board and heavier workloads on the internal audit function. How are Best-in-Class organizations reallocating their internal audit resources to achieve the greatest value-add?Request Free!
  • The State of Resilience and Optimization on IBM Power Systems: Research Findings Based on Surveys of IBM i and AIX Users

    1 Nov 2009 | 12:20 am
    This report includes the input of over 2,000 companies running AIX and IBM i (i5/OS) environments regarding their data protection, recovery and optimization technologies and strategies. Learn how your peers are striking the balance between the often conflicting priorities of IT availability, system performance, service level agreements, IT staffing and budgets. Written by: Information Availability InstituteRequest Free!
  • add this feed to my.Alltop
    symantec.com
  • What’s Behind the News—Maybe a 419 Scam?

    Samir Patil
    6 Nov 2009 | 12:32 pm
    Scammers based in Nigeria have long been known for using legitimate email formats for spreading infamously fraudulent 419 messages. We have already monitored e-card services, social networking invites, and various other services provided on social networking sites. Yet another example is a calendar service being abused for sending scam messages.
  • Spam and Phishing Landscape: November 2009

    Dermot Harnett
    5 Nov 2009 | 4:48 am
    October 2009 saw spam volumes averaging at 87 percent of all email messages, which is consistent with spam volumes observed in August and September 2009, but 10.6% higher than October 2008.
  • Fragus Exploit Kit Changes the Business Model

    Peter Coogan
    4 Nov 2009 | 11:26 am
    The Fragus exploit pack showed up on our radar a few months ago and has been steadily growing to become one of the most prevalent exploit packs being seen in the wild today by Symantec. It is similar to other popular exploit packs available—such as Unique, YES, Eleonore, and Liberty—but it brings some new and interesting features with it.
  • Phishing Attach

    Joji Hamada
    3 Nov 2009 | 11:23 pm
    Recently, I've been seeing phishing attacks using Web forms attached to emails making the rounds again. This type of phishing isn't so common but is used on occasion, so I want to take this opportunity to remind everyone not to fall for this trick.
  • OSX.Loosemaque: It’s Not Just a Game Anymore

    Ben Nahorney
    3 Nov 2009 | 12:40 pm
    Threats targeting the Macintosh platform are much less common than those targeting Windows. The same can be said about video games, where Windows is the dominate platform of the two. Combining games and malware has happened before, but a Mac game performing malicious activities? That’s something relatively new.
 
  • add this feed to my.Alltop
    Optimal Security
  • Sesame Street Simple Facebook Guide to Surviving Malicious Attacks

    Paul Henry
    30 Oct 2009 | 11:02 am
    It certainly seems that not a week goes by without hearing about yet another attack on Facebook users. Last week it was a phishing scam driven by a botnet, and this week, we have two new and different phishing scams — one cleverly tricking users into revealing their passwords and another installing malware that quietly waits for the user to start a banking transaction only to steal their login credentials. Clearly, the 300 million active users have made Facebook a ripe target for those with malicious intent. The more than 2 billion pieces of content shared across Facebook each day represent…
  • Who Owns Your Data in a Social World?

    Don Leatham
    27 Oct 2009 | 8:00 am
    Over the past months it has been interesting to watch the furor over certain End-User License Agreements and the definition of data ownership.  Most draconian was the idea that once posted by a user, the data transferred ownership to the social networking site.  This of course has huge implications to an individual user, especially for professionals that use social sites to propagate their content.  However, when taken in context of a corporation or organization, this issue conjures up some very serious questions about data ownership and protection: What social networks are employees using…
  • Why Governator’s Veto of New CA Data Breach Law is a Bad Idea

    Chris Merritt
    21 Oct 2009 | 11:01 am
    Gosh, my apologies dear readers (Hi Mom), it’s been a while since I’ve written a post … not for a lack of news, but my day job has kept me hoppin’ lately. But the news out of California was enough to jolt me out of my lethargy. Seems the Governator has vetoed SB 20, the widely anticipated follow-on to the groundbreaking SB 1386 that I wrote about back in April. This new law, which was passed by the State Senate after some modification asked for by the California Chamber of Commerce, is designed to provide additional information to consumers in the event of a breach…
  • Moving from a Threat Centric to Trust Centric Endpoint Management Model

    Paul Zimski
    19 Oct 2009 | 4:58 pm
    There’s been a lot of talk about what role whitelisting will play in the endpoint protection suites of the future.  Opinions dissent about what it will take for whitelisting to become easily implementable for users and whether it will replace or augment the traditional anti-virus approach.  Whatever the opinion, I think most folks can agree that there are more malware threats coming at us than we can keep up with today and a better overall approach to endpoint management (and ultimately change control) is needed for the future. Historically, most security suites have been designed around…
  • Chained Exploits: The Business Side of Hacking

    Paul Henry
    19 Oct 2009 | 12:36 pm
    As far back as a decade ago, attacks consisted of simultaneously launching strikes utilizing multiple vulnerabilities to gain a foothold in a target network and then following up with privilege escalation attacks to make it more worthwhile for the bad guys. For many years, we simply referred to these attacks as blended threats. While “Chained Exploits” may be fairly a new term, it is certainly not a new methodology within the hacking community.  These proven hacking attacks have long been a part of the attack theater and are once again gaining more attention as the bad guys transition…
  • add this feed to my.Alltop
    Sourcefire, Inc.
  • Sourcefire Announces 2009 Third Quarter Results

    29 Oct 2009 | 4:03 am
    Largest Revenue and Earnings Quarter in Company History Q3 Revenue: $27.4 million, an increase of 35% year-over-year Q3 GAAP Net Income: $2.7 million, or $0.09 per diluted share Q3 Adjusted Net Income: $4.6 million, or $0.16 per diluted share COLUMBIA, Md.--(BUSINESS WIRE)--Oct. 29, 2009-- Sourcefire, Inc. (Nasdaq:FIRE), a leader in intelligent Cybersecurity solutions, today announced financial results for its fiscal third quarter ended September 30, 2009. “Sourcefire’s strong performance this quarter was balanced across our business,&...
  • Sourcefire Launches Vulnerability Protection Video Series, Active Malware Report, and iPhone Application

    26 Oct 2009 | 6:02 am
    Sourcefire Delivers Security Updates via YouTube, Twitter, iTunes and iPhone, Enabling Security Professionals to Access Critical Security Information from Virtually Anywhere COLUMBIA, Md.--(BUSINESS WIRE)--Oct. 26, 2009-- Sourcefire, Inc. (Nasdaq:FIRE), a leader in intelligent Cybersecurity solutions, today announced the launch of its new Vulnerability Research Team (VRT) Vulnerability Report video series, Active Malware Report, and iPhone application. These new resources are designed to provide IT security professionals with the tools and intelligence necessary to stay ahead of emerging…
  • Sourcefire Named to Deloitte Technology Fast 500 List for Third Consecutive Year

    22 Oct 2009 | 6:04 am
    National Award Recognizes the Fastest Growing Companies in North America COLUMBIA, Md., Oct 22, 2009 (BUSINESS WIRE) -- Sourcefire, Inc. (Nasdaq:FIRE), a leader in Cybersecurity, today announced that the company has been selected for the third consecutive year to the Deloitte Technology Fast 500, this year ranking 348. The Deloitte Fast 500 program lists the fastest growing technology, media, telecommunications, life sciences and clean technology companies in North America based on their percentage revenue growth over a five-year period. Sourcefire(R) achieved its ranking on this year's…
  • Sourcefire Continues Adding Channel Partners In EMEA Market

    12 Oct 2009 | 5:01 am
    New partner signings expand reach for Sourcefire products across region WOKINGHAM, England--(BUSINESS WIRE)--Oct. 12, 2009-- Sourcefire, Inc. (Nasdaq:FIRE), a leader in Cybersecurity, today announced the addition of twelve new channel partners in the Middle East, Eastern Europe, Benelux and the Nordics. Sourcefire® has also appointed two new regional managers to support its new channel partners in the Middle East and Eastern Europe territories. “Expanding in these markets is an exciting and progressive milestone for Sourcefire. Directing additional resources to these regions is a…
  • Inaugural Sourcefire Virtual Customer Summit Draws over 700 Attendees

    7 Oct 2009 | 6:01 am
    Complete Presentation Archives Now Available Online for Users to Access Anytime COLUMBIA, Md.--(BUSINESS WIRE)--Oct. 7, 2009-- Sourcefire, Inc. (Nasdaq:FIRE), a leader in Cybersecurity, today announced that its first-ever Virtual Customer Summit, held on Thursday, October 1, 2009, drew more than 700 attendees. The online summit, which included sessions by Sourcefire® and Snort® experts and customers who discussed leading techniques for identifying and protecting against the latest Cybersecurity threats, is now available online at:…
  • add this feed to my.Alltop
    SophosLabs
  • Fake Facebook e-mail “Subject: updated account agreement”

    Julie Yeates, SophosLabs UK
    6 Nov 2009 | 5:46 am
    It has been a busy week so far for the writers of e-mail exploits and this Friday morning they continue to try to trick the public into installing their malware. The latest threat to fall into the Sophos spam traps purports to come from Facebook and requests the user to update their account agreement by unzipping and executing an attached file called agreement.exe. Dear Facebook user, Due to Facebook policy changes, all Facebook users must submit a new, updated account agreement, regardless of their original account start date. Accounts that do not submit the updated account agreement…
  • How a phish works

    Victor
    5 Nov 2009 | 9:28 pm
    Recently we have received a PayPal phishing email and it looks like this. It is not hard to spot that this email is a phish since clicking on the link does not take us to PayPal.com but to some remote site (which is already blocked by Sophos’s web appliance). The web page loaded from this site disguises itself as PayPal.com as shown below. However, this web page is just an image of the real PayPal.com web page. All the tabs and links on this fake web page can not be selected and only the email address and password text field can be used. This is another obvious sign that the web site…
  • Is it art? Controversy over OSX/LoseGame-A

    Pob, SophosLabs, UK
    5 Nov 2009 | 3:12 am
    Last week, SophosLabs released detection for OSX/LoseGame-A and following Symantec’s publishing detection (which they call OSX.Loosemaque) there has been some controversy about whether this is a game or malware (see 1, 2, 3). From my point of view this is malware. Why? The warning screen isn’t  multi-lingual if English isn’t your first language you will still recognize ‘PRESS ANY KEY TO CONTINUE’. Even if English is your first language a child looking for games on the computer will not read the warning but press through to the game. Would our corporate customers…
  • You have won a lottery!!!

    Liang Zhang, SophosLabs AU
    4 Nov 2009 | 10:48 pm
    Malware coming in the form of attachments is not unusual these days. However, malware can also be found in links provided within e-mails: According to its name,  “You have won!.pdf”, it suggests to people that they have won some kind of a lottery.  However,  the URLs lead you to a malicious file, which seems to have been taken down (access to which is already blocked by Sophos’s web appliance). So, please beware of such malicious links and their fake claims that you have won some money ;-). If you are curious of what you did win, you can always click on the link…
  • From Server/Outlook update to FDIC to facebook phish: now with a twist

    SavioL, SophosLabs, Canada
    3 Nov 2009 | 5:06 pm
    In the past few weeks, the authors behind Zbot has been busy. Around October 12 we have seen the server upgrade spam with links. Later on the 14th we’ve seen the same campaign with the malware attached to similar-looking server upgrade notices. By the 22nd of October, the spam messages touts Outlook updates. For a few days during the past week, the group has turned their attention to the Federal Deposit Insurance Corporation (FDIC), spamming out links to malware sites with the message below: With the global economy as it is, notice of bank failures would certainly draw a lot of…
 
  • add this feed to my.Alltop
    Sophos: Graham Cluley's blog
  • Think you've won a MacBook Air? Beware email malware attack

    Graham Cluley, Sophos
    6 Nov 2009 | 7:05 am
    Apple's super-skinny MacBook Air is one of the most desirable laptops on the planet - which means it's not too surprising if criminals try and take advantage of its allure to infect unsuspecting computer users. And that's exactly what hackers are doing today in a malicious email campaign that has been spammed widely out across the internet. Unsuspecting computer users may find an email with the subject line "Congratulations" in their inbox this morning, telling them that they "have won todays Macbook Air" and that they should open the attached file (called winner.zip) for more information.
  • Mossad hacked Syrian laptop before bombing nuclear facility

    Graham Cluley, Sophos
    6 Nov 2009 | 4:17 am
    According to reports in Der Spiegel, agents working for the Israel's Mossad intelligence service planted a Trojan horse on a computer belonging to a senior official in the Syrian government, gathering information which lead to an air-raid on a nuclear project in Syria's eastern desert. The attack on the partly-constructed Syrian nuclear facility occurred in September 2007, a year after a top Syrian official is said to have left his laptop in his room in a swanky hotel in Kensington, London. According to Der Spiegel: [The Syrian official] was under Mossad surveillance and turned out to be…
  • Just how much does Google know about you?

    Graham Cluley, Sophos
    6 Nov 2009 | 3:29 am
    Google has announced a new product: Google Dashboard. The search engine giant - who today changed its logo to celebrate the 40th birthday of "Sesame Street" - is attempting to respond to the concerns of some internet users that Google is gathering too much data about individuals through its various cloud services. The thing is that you may have shared information with a Google service in the past, only to have forgotten about it in the mists of time. Dashboard makes it easy to recall all those Google services you may have signed-up for in the past (for instance, if you chose not to upload all…
  • Broken English email can lead to an infected PC

    Graham Cluley, Sophos
    5 Nov 2009 | 3:18 am
    We've been seeing a fair number of emails in our traps today, written in rather poor English: Hello, you remember me? We with you had a rest, here about which I told photos to you, see attach zip file Attached to the email (which has the subject line "Greetings") is a file called document.zip. If you're a regular reader of the Clu-blog then you should know the drill by now. It would be risky to open the email attachment as it's bound to contain malware, right? Bingo. You got it. In this case Sophos identifies the Trojan threat as Mal/EncPk-LE or Troj/ZipMal-F. But there are some folks out…
  • Mac shoot-em-up zaps your files - but is it game over for common sense?

    Graham Cluley, Sophos
    4 Nov 2009 | 9:02 am
    There's something of a brouhaha happening at the moment regarding a Mac OS X shoot-em-up arcade game called "Lose/Lose". The Galaga-like video game was first brought to my attention by Methusela Cebrian Ferrer over on the iThreats blog at the end of October (although it was being reported in the gaming press for at least a month before that). Methusela advised users who saw the opening screen to immediately quit by pressing CMD+Q, before the game held true to its promise and began to delete your files. Because that's exactly what it does. While you're having fun zapping aliens it (quite…
  • add this feed to my.Alltop
    TRUSTe Blog
  • Cloud Computing Explained in Cute Video

    John Gamble
    4 Nov 2009 | 11:07 am
  • New Facebook Privacy Policy

    John Gamble
    2 Nov 2009 | 3:58 pm
    Last Thursday Facebook (a TRUSTe seal holder) unveiled its new privacy policy and submitted it for public comment (which will end 12:00 p.m. PST on Nov. 5). This announcement follows through on Facebook’s pledge to provide users with even greater transparency and choice when it comes to information collection and sharing on the website. TRUSTe commends Facebook for its continued innovation in the privacy field by allowing users to directly participate, permitting them to both comment and vote on policy changes at the company. TRUSTe has worked with Facebook’s team in reviewing…
  • [VIDEO] Social Networking: The Challenges of Privacy and Openness

    John Gamble
    2 Nov 2009 | 9:53 am
    Check out video below from the event “Social Networking: The Challenges of Privacy and Openness”, which TRUSTe jointly hosted with the Center for Democracy and Technology (CDT) at Google’s Mountain View (CA) campus last month. Speakers include: -Chris Conley, Technology and Civil Liberties Fellow, ACLU Northern California -David Glazer, Engineering Director, Google, and Board member, OpenSocial Foundation -Tim Sparapani, Director of Public Policy, Facebook. You can find video of the event in its entirety at CDT’s YouTube homepage located here.
  • TRUSTe CEO to Speak at OTA Conference

    John Gamble
    26 Oct 2009 | 9:35 am
    On Thursday, October 29, I will be speaking at the Online Trust and Brand Protection Summit, a conference aimed at addressing how today’s leading online brands can augment consumer protection and brand reputation, and learn industry best practices for building and maintaining consumer trust. I look forward to joining other industry experts on a panel entitled, “Treating Consumers & Site Visitors as Family vs. Foes,” to discuss how online businesses can create policies and practices that encourage consumer confidence. The panel will review different methods and approaches to…
  • Venture Capitalist Superstar and TRUSTe Board Member!

    John Gamble
    23 Oct 2009 | 11:50 am
    Theresia Gouw Ranzetta of Accel Partners (and a TRUSTe Boardmember) was interviewed on CNBC as part of the channel’s week-long series on women and power.
 
Log in