Vista’s UAC spots rootkits

By Grant Draper

Vista’s Account Control feature sets itself to one side, compared to any predecessors, by locating rootkits before they actually install.
You can’t get much worse than a rootkit - they install themselves on a system and from then onwards effectively have control, allowing them to do what ever they want, whether that’s deleting information or retrieving [...]

Social Networking sites vs EU Regulation

By Grant Draper

ENISA, the Information Security Agency, is calling for social networking sites to increase awareness of the risks such sites pose to its users.
The main targets include Myspace and Facebook, the big players in the industry, with literally millions of unaware users.
Unwanted audiences are able to see comments and pictures, and such activities can lead to [...]

Yahoo Lottery Scammers

By Grant Draper

Yahoo has filed a formal complaint and lawsuit against a group of individuals, the “Yahoo Lottery Spammers”, after several attempts to steal the public’s personal information by misleading them into a false sense of security, offering them a prize from Yahoo.
In a variety of emails, contestants were ‘awarded’ prizes, as long as they filled out [...]

Adobe Flash Player Bug

By Grant Draper

Hackers have come across an unpatched bug in the Adobe Flash Player software which is, apparently, very similar to a bug that was patched just last month.
The flaw allowed hackers to install unauthorised software on a victim’s machine and was being used to install botnet programs and password-logging software.
Obviously, from a security point of [...]

Secure Computing finds insider threats are biggest worry

By Alan Harten

Secure Computing Corporation an enterprise gateway security company, today announced the results of an IT Director survey that uncovers a rising concern about insider threats and widespread acknowledgement of being unprepared for emerging Web-based attacks.
When asked whether they believed insider or outsider threats posed a bigger problem to their organisation, more than 80% of the [...]

How to block spam IPs with htaccess

By Brian Turner

There are a number of reasons why you may want to block certain IP’s from blocking your site.
Firstly, certain IPs are commonly used for spam (blogs or forums). Others may be used by bots which are trying to run functions of your site in such a way as to crash it.
Either way, there is a [...]

Directors’ guide to information risk

By Grant Draper

A three way partnership in the form of IAAC, BT and the Information Security Awareness Forum (ISAF), will distribute directors’ guides on information security risk prevention.
The guides include a wealth of knowledge, almost a summary of the information held between its members.
The Directors’ Guides are the result of the distillation of this knowledge, which is [...]

ISP concern over data storage

By Grant Draper

UK based Internet Service Providers have expressed concern on the current government plans regarding data storage, especially in the recent ‘Communications Data Bill’ amendments which include:
• modify the procedures for acquiring communications data and allow this data to be retained,
• transpose EU Directive 2006/24/EC on the retention of communications data into UK law.
The amendments could see [...]

Cosmec Consulting and GRC statistics

By Grant Draper

Cosmec Consulting, who provide security information, have revealed the hurdles businesses face when it comes to IT security and to cooperate with the current GRC, or governance, risk and compliance.
Comsec has spoken with over 50 IT professionals, to establish that moulding both GRC and IT security is a challenge in itself.
The statistics are scary, [...]

Protegrity and Teradata’s new high speed encryptions

By Alan Harten

Protegrity Corporation, a provider of data security management solutions, and Teradata, enterprise data warehousing provider, have announced a new cryptography performance of over 6 million decryptions and over 9 million encryptions per second.
The Protegrity Defiance Data Protection System uses Teradata User Defined Functions, or UDFs to embed encryption/decryption functionality in the database.
Teradata’s UDF [...]

NinjaProbe To Be Upgraded With Snort IDS

By Rohan Parker

Leader in network monitoring software, Endace Limited, announced today that NinjaProbe is to be upgraded with a new applied watch command center and data mining agent, Snort.
The addition of the Snort IDS (intrusion detection system) will not only mean Endace’s product portfolio will have been reinforced, but so will one of the chief passive [...]

Cellcrypt hypes ultra-secure mobile calls

By Dave Nixon

UK stealth modemarket entrant, Cellcrypt, has begun touting an innovative encryption system that attempts to resolve a security dilemma most companies would rather avoid – insecure mobile phone calls.
Cellcrypt claim that governments and large companies in the financial sector have become progressively more anxious about the possibility of snooping on mobile phone calls of a [...]

Users hit by phony MP3 files

By Dave Nixon

Adware peddlers have found a novel method to deceive users, said security vendor McAfee.
The company stated that it has seen a vast increase in fake MP3 file distribution on peer-to-peer networks.
Even though the files have names that make them appear as audio recordings, they are essentially Trojan horse programs that attempt to install an [...]

Innovative security features supplement Google Apps

By Dave Nixon

Google Apps set of office tools is being supplemented by the addition of security for remote workers.
Google Web Security for Enterprise, the consequence of last year’s procurement of Postini, includes real-time malware defense and URL filtering with policy enforcement and reporting.
In a statement Google added that an additional feature extends the same protections to [...]

Microsoft to release four new patches

By Dave Nixon

Microsoft is scheduled to fix serious defects in its Word, Publisher and Jet database software this week.
Additionally the software vendor aims to release a lesser-critical update for its anti-virus products, addressing a defect that attackers could leverage to initiate a denial of service (DoS) attack against products such as Windows Live OneCare and Microsoft Forefront [...]

Veracode Takes Two At SC Magazine Awards

By Rohan Parker

At the annual SC Magazine Awards in Europe, well known provider of on-demand program security testing, Veracode have walked away with two of the prestigious awards.
The awards are in recognition of superior performance in the information security industry, and Veracode were awarded for their SecurityReview® program, which is the first on-demand security testing application [...]

20 Awards To Dimension Data At Cisco Event

By Rohan Parker

At the Cisco Partner Summit in Hawaii last week, Dimension Data left with a whole armload of awards, walking out with 20 in all, three of which were Global awards.
Dimension Data has created quite the profile for themselves, including Gold Partner classification on six continents, being valued at a total $3.8 billion, and having Cisco [...]

‘Green’ IT Security?

By Alan Harten

According to Wick Hill Group chairman Ian Kilpatrick the IT industry isn’t considered to be exactly at the forefront of ‘green’ computing.
Its record can be regarded as poor across a whole range of ‘green’ issues, especially in the areas of power consumption, toxic substance use, need for air conditioning and a low product life [...]

nCipher collaborate with Jack Henry/Symitar

By Alan Harten

nCipher, a company that produces software that can protect critical enterprise data have gone into partnership with Jack Henry & Associates Inc, who are providers of data processing services and integrated technology solutions and are focused mainly on assisting financial institutions.
The partnership is actually with Jack Henry subsidiary company, Symitar, who will offer nCipher’s CryptoStor [...]

New Data Risk Assessment Service From Pentura

By Rohan Parker

The first Risk Management Service Provider in the UK, Pentura, have announced the pending release of a new Data Risk Assessment Service.
The service will give businesses the opportunity to evaluate the risk level for business critical data.
Along with that, IT departments will be given the ability to constantly monitor data access behaviours surrounding [...]

Next Page »