The blog spam is being posted in high volume, and the spam all links to pages on free webhosting accounts, advertising typical high-paying affiliate keyword links.

Unusually for this sort of activity, the IP addresses used are from a small range, and additionally, actually geolocated as in the UK.

The level of activity is remarkably aggressive, which suggests someone new to blog spamming who doesn’t realise that the high spam activity is likely to see their proxies and free hosting accounts closed down reasonably fast.

We’ll be happy to help that process on the way.

Four years ago analyst IDC came up with the term UTM as a description of integrated network appliances that provide services such as gateway anti-virus, intrusion detection/prevention and basic firewalling.

WatchGuard has several new extensible services, including their popular LiveSecurity® Service, as well as virtual private networking (SSL VPN), advanced web (HTTP and HTTPS)

They have also carved themselves a good sized niche in the protection of telecommuters and branch offices, as well as the widespread use of the popular Firebox® X Core™ e-Series.

WatchGuard are now saying that they wish to make a jump to a new level of security features with a new series of solutions that they have dubbed XTM solutions.

They believe that a new round of security initiatives is now needed as threats are making a leap to a higher level of sophistication that is far less obvious and detectable.

According to WatchGuard these new threats are becoming far more targeted than the ‘throwing out a net and seeing what you can catch’ threats, which were prevalent a few years ago.

New threats, such as blended threats like phishing e-mails with interwoven malware payloads, are the path that the attacks are now taking and WatchGuard believes that security must now become more responsive and adaptable to deal with these new challenges.

They also believe that the solutions need to be highly adaptable to deal with as yet unknown threats, so that response times can be trimmed in the face of the ever changing types of threat encountered.

The solutions will need to have a more flexible and scalable gateway security appliance that can quickly and easily be customized or modified to meet a new threat in a flexible and adjustable manner.

They intend that their XTM solutions will, above all, be proactive to meet the threats head on, rather than taking up a defensive position in response to each individual threat.

A higher level of flexibility will mean that administrators will be in a position to more fully customise the solutions to suit their specific needs or perceived threat scenarios.

This way administrators can choose to emphasise one aspect of a solution over another by, for example, opting for a different Anti virus solution but still maintaining the XTM firewall, IPS/IPS in place.

The XTM will also allow for easy customisation by third parties to develop variations on the basic themes for far more tailor made use best suited to the individual company’s needs.

About WatchGuard Technologies, Inc.
WatchGuard Technologies, Inc. was founded in 1996 and has been involved in the advanced technology of network security solutions, providing mission-critical security to businesses worldwide.

The WatchGuard family of wired and wireless unified threat management appliances and WatchGuard SSL VPN remote access solutions, provide extensible network security, network visibility, management and control.

LiveSecurity(r) Service is a support, maintenance, and education program.

WatchGuard is headquartered in Seattle and has offices serving North America, Europe, Asia Pacific, and Latin America.

Obviously, as an employer, it’s important to know what is and isn’t on your server.

Above all, a server that has inappropriate content means employees will reduce in productivity, which equals a great loss for the employer.

ImageGuard(tm) MailAssessor is designed to scan email accounts without installing software, and works with Microsoft Exchange, Lotus Notes and Novell Groupwise, scanning images, files and attachments within servers.

ImageGuard MailAssessor uses two unique identification methods to determine inappropriate material, or material that threatens to produces risk.

First, the MailAssessor links suspect images and a blacklist of known inappropriate images and then uses image algorithms to identify potential threats.

Pixalert reports show that 29% of PCs in 2007 had inappropriate material on them, and 14% of email accounts had similar material.

Both figures represent an increase on the 2006 report, which shows 25% on PCs and 12% on email accounts.

Pixalert’s new system hopes to make employees aware that their media applications, such as PCs, and Email accounts, are being monitored, therefore potential inappropriate data that might usually be stored, may be left to its own accord.

The website includes advice, forums, blogs, career path, ask the experts, Q&A and other resources, and much much more, answering all your security related questions, and the unique difference to traditional news and information sites is that the content is created by the users, for the users.

Alongside the features are a range of blogs, which users can participate in, constructing a wealth of information on one blog relating to a particular subject.

Whether it be a current security issue, or potential future threat, users can blog or post in the forums about it.

Active members of the Forum include Peter Wenham, CISSP from the Communications Management Association, Andy Jones, CISSP from the Information Security Forum, Jon Collins, Service Director with analyst firm Freeform Dynamics and Chris Potter a partner with PricewaterhouseCoopers.

As soon as a user is logged on, the home page greets the user with a summary of the latest content including latest blogs, highest rated blogs and latest updates.

The community is no amateur composition either. Info security hopes the abundance of features will attract a wealth of security based knowledge, and therefore content, on the community over the coming months.

The fact that laptops continue to fall in price for a basic model is irrelevant, as the data stored on them becomes ever more valuable, with the average laptop containing data worth £550,000, and up to £5,000,000 in some cases, depending on its sensitivity.

This is why Absolute software stress that it is essential that correct precautions are taken to avoid such loss or theft.

Absolute Software provide a computer theft recovery, data protection and Secure Asset Tracking(tm) solution, ComputraceOne®, which can delete confidential data stored on stolen laptops, as well as recovering a vast number of laptops every year.

Visual deterrents are sometimes all that’s needed to make a thief steer clear of your laptop, a simple lock can some time do the trick.

Advertising a laptop is as bad as stealing one, you’re inviting theft, so instead of carrying the normal laptop bag, use less suspicious laptop carrying solutions, such as backpacks.

The not so obvious advice, as so many people do it, is don’t leave a laptop unattended.

Even in a work environment you may know 90% of people and feel safe, but what are the other 10% of people thinking while you leave your laptop unattended?

Last but not least, use indentification methods for your laptop.

Engrave company or personal details in, that are visually apparent, which may deter a thief, who will find it harder to sell it on as used goods with someone elses name on it.

Secure Web, previously known as Webwasher, will allow Joy Global to protect against threats designed with Web 2.0 in mind.

Web 2.0 is the phase of the internet in which we are now, and it refers to the greater capacity on the net for communication and sharing information in a wider variety of forms, such as blogs, wikis and folksonomies.

Secure Web will also allow the company to greatly increase flexibility with Web filtration and monitoring for employee use, as well as boost network security for inbound and outbound data.

Prior to using Secure Web, Joy Global had used security software provided by Blue Coat, however this system couldn’t work for the company in the long run, because it was a signature-based anti-virus solution which, with the advances in Web 2.0, leaves a network open to malware and active code exploits.

Secure Web acts in an entirely different fashion, because it is based on Secure Computing Company’s Trusted Source(tm) which, in real-time, monitors the behaviour of applications on the internet, and based on that behaviour assigns ‘reputation scores’.

Secure Web then analyzes all data going to and from the network, and based on the ‘reputation scores’ protects the network from any viruses, spyware, and malware, that may be attempting to gain access.

Because of the fashion in which Trusted Source evaluates in real-time, programs can be blocked long before a signature from it is accessible.

IT security manager for Joy Global, Adam Lance, said the company was extremely pleased with the options provided by the new software, and how much of an advance it was, in terms of security and malleability.

Another aspect of the Secure Web software is that it allows the company to delegate specific levels of net access to specific people, rather than having to establish a list of accessible websites which acted for all employees.

Joy Global’s managers used to have to go through each IP, which user that IP belonged to, and what they were using the internet for manually; now all that information can be gathered automatically into a report produced by the program.

Secure Web also allows for a single sign on, as no secondary authentication is needed to access the internet.

Joy Global has saved themselves time and money through Secure Web, as it offers multi-capability software, on little in the way of hardware.

Lance spoke about the time freed up for his team, as they no longer need to manually add website after website to the list of ‘allowed’ sites, which has lead to cost reductions and more work being completed on other IT projects.

The 8e6 application will allow related IT companies to possess the ability to put streaming media applications into categories, and by monitoring the application, the company can then identify whether blocking is the appropriate action.

With the likes of EURO 2008, Wimbledon, not to mention the 2008 Olympic Games, IT companies expect the usage of the internet to increase dramatically, especially the viewing of sports related results for the above events, and with the 2008 Olympic Games taking place within working hours, a quick peek on a streaming application will be very tempting to interested parties.

Streaming applications reduce work based productivity as well as reducing bandwidth, which can be a major issue in a commercial environment.

Video Streaming monitoring applications are one option, and putting a TV in the staff room could be another thing to combat the problem.

8e6 Technologies have strived to become the best in the industry, since their beginning in 1995, and have yet to become exactly that, but the new filtering system, which would be a bonus to any commercial organization by increasing productivity and reducing bandwidth used, can only help them in their quest for success.

The measures that the update requires - either installing firewalls around Internet-facing applications or having all customer application code reviewed for common vulnerabilities - are undoubtedly a useful step, forwarding any security strategy.

However, Secerno argues that, with its perimeter focus, the section fails completely to provide any safety provisions against the rising and detrimental threat of insider breaches and theft of data.

The insider threat covers everything from employees who have financial or other motives to obtain and sell data through to criminals who infiltrate an organisation with the sole intention of stealing information.

Retailers, who have seen consumer confidence eroded by a series of well-publicised breaches, are viewing PCI as a means to win back trust and alleviate fears of having consumer data stored internally.

However, in the face of increasing insider threats, the PCI Requirement 6.6 and the overall standard remain ineffective for security.

Even as a prescription for external attack prevention, PCI falls short - allowing cyber-criminals access to data that they can immediately use.

The Hannaford breach is a perfect example of data being targeted and stolen specifically for fraudulent means.

By the time the breach was realised, 4.2 million credit cards had been compromised, despite the supermarket chain being fully PCI compliant.

Secerno is calling on the retail industry to do the following:
* Mandate more stringent controls at the database itself, to actually achieve what PCI intends - protect stored credit card and other consumer financial data
* Mandate a universal definition of a data breach that works to the consumer’s benefit. The definitions and reporting requirements for data loss vary widely and many times the consumer learns about the breach months after its occurrence
* Do not fall victim to believing in only one type of threat - and that it is external. Internal threats are on the rise, and the PCI standard does not take private networks into account

“The PCI Data Security Standard has the best intentions, but as is the case with many compliance directives, it barely addresses the most immediate and upcoming threats to consumer data,” said Paul Davie, Founder of Secerno.

“PCI was historically written for ecommerce rather than general retailers where breaches have actually been taking place.

It is generally inadequate for addressing the sort of internal threat that can be exploited easily, such as by general or privileged users.

The standard says nothing about any malware other than viruses, it says nothing about encrypting internal data, it says nothing about protecting data on private networks and it says nothing about securing the database. Unfortunately, the internal threat is PCI’s blind spot.”

About Secerno
Secerno provides advanced, comprehensive and intelligent database security solutions.

Czarny will be involved in advancing Webroot’s innovations in the security software as a service (SaaS) market by leading product management and product marketing.

“With malware threats growing 500% year over year and every business e-mail inbox expected to get hit with more than 42,000 spam messages, businesses are recognising the need to take a more proactive approach to protecting their networks,” said Mike Irwin, COO, Webroot.

“It’s no surprise that we’re seeing a rapid increase in demand for security solutions that deliver more effective protection with lower cost of ownership and better manageability. Brian’s significant breadth and depth of experience in e-mail and Web security SaaS will be a great asset to the company as we continue to expand our portfolio to deliver solutions that meet and exceed these requirements.”

Czarny brings to Webroot an extensive background in building and executing go-to-market strategies for e-mail and Web security SaaS solutions.

He most recently led marketing for Code Green Networks, where as Vice President of Marketing he drove the adoption of the company’s data loss prevention solutions for small and medium-sized organisations seeking to protect personal information and safeguard confidential data.

Previously, Czarny was Vice President of Global Product Management at MessageLabs, where he drove the product strategy for the company’s email and Web security SaaS offerings sold to more than 16,000 organisations of all sizes and more than 7 million users around the world.

In that role, Czarny was directly responsible for managing global product management and product marketing, expanding the company’s SaaS offerings within email while pioneering new markets for SaaS, such as Web security delivered as a service.

Prior to MessageLabs, Czarny held a number of senior marketing management positions at established and emerging technology companies including CS Technology and DirectWeb, a startup software and hardware as a service company.

Czarny has been regularly quoted as an industry expert on a range of security and messaging topics in media and broadcast outlets around the world including The New York Times, Wall Street Journal, Business Week, Information Week, eWeek, CNN, ABC 20/20, and CNBC. Czarny holds Bachelor of Arts degrees in Journalism and Political Science from Pennsylvania State University.

He is based out of Webroot’s offices in Mountain View, California.

Webroot Details
Webroot provides security software for consumers, enterprises and small and medium businesses worldwide, with its Spy Sweeper(r) line of antispyware and antivirus products.

Webroot AntiSpyware Corporate Edition (formerly Spy Sweeper Enterprise) is a centrally managed solution that aggressively blocks, detects and eradicates spyware on desktops across the network.

Webroot AntiSpyware Corporate Edition with AntiVirus offers combined protection for spyware and viruses.

Webroot recently entered the Software as a Service market and will now offer a range of web-based email management and protection services.

The Threat Management System 3100 (TMS) delivers deep packet inspection (DPI) of more than 80 critical IP services and applications running on the network, such as DNS, HTTP, VoIP, IM and P2P, while also delivering application-layer attack detection, surgical mitigation and reporting.

This unique combination allows service providers to maintain availability, reduce support costs and optimise current or future business services.

By tightly integrating TMS into the Peakflow SP platform (”Peakflow SP”), Arbor Networks delivers a solution that combines network-wide anomaly detection and traffic engineering with carrier-class threat management that automatically detects and surgically removes only attack traffic while maintaining legitimate business traffic.

Additionally, TMS complements Peakflow SP’s other mitigation techniques, including fingerprint sharing, Border Gateway Protocol (BGP) black-hole routing, BGP flow-spec and support for other mitigation technologies.

The Peakflow SP platform offers an industry-unique combination of macro-level (IP flow) and micro-level (deep packet inspection) analysis to address all network security threats.

Competitive solutions require operators to log-in to multiple devices to address a single security threat.

This creates a cumbersome and inefficient process at a time when split-second decision making is paramount.

TMS streamlines operations and speeds reaction time by providing users with a single console and common user interface for thwarting multiple attacks.

In addition, TMS can reduce operating expenses through simplified provisioning and uncomplicated ongoing maintenance.

Peakflow SP enables service providers to leverage the same solution used for infrastructure visibility and security to deliver new, differentiated, revenue-generating managed services, such as MPLS VPN visibility and DDoS protection.

More than forty of the world’s leading service providers are utilising the Peakflow SP platform to deploy network-based offerings in an easy and scalable way to protect their enterprise customers’ networks from DDoS and other cyber attacks that disrupt corporate networks and business continuity.

In order to optimise the deployment of these services, a service provider can choose from several TMS models.

There are also multiple ways that a TMS device can interface with the network, such as: in-line with fail-safe hardware bypass, BGP off/on ramping, or a SPAN port.

In addition, features such as mitigation templates, auto-mitigation, TMS grouping and statistics all ease the provisioning and operation of these managed DDoS services-which ultimately cuts costs and increases profitability.

Arbor Networks Details
Arbor Networks is a provider of security and network management solutions for global business networks, including more than 70% of the world’s Internet service providers and many of the largest enterprise networks in use today.

Arbor delivers secure service control solutions that both protect global networks from the edge to the core from a host of threats, as well as help customers gain network-wide visibility they can translate into actionable business intelligence to generate new forms of revenue and maintain a competitive advantage.

Arbor’s solutions give customers a single, unified view into their networks’ performance, helping them to quickly detect anomalous behavior, mitigate threats and enforce policy.

Arbor also maintains the world’s first globally scoped threat analysis network - ATLAS - which uses technology embedded in the world’s largest ISP networks to sense and report on comprehensive worldwide threat intelligence
http://www.britemedia.co.uk/forum/showthread.php?p=1694#post1694