New Mobile Phone Security System

By Alan Harten

Far from becoming more secure over the last few years, mobile voice communications have become more open to “tapping” by dubious individuals trying to gather all kinds of personal and business information.
All kinds of information of a highly sensitive nature is passed by voice conversations on mobile devices without any concern.
The same people making [...]

GSS says Oracle’s Cloud Computing move needs to be viewed with caution

By GSS

Global Secure Systems (GSS),a leading security consultancy, says that Oracle’s decision - announced at its World Forum last week - to license its technology for use in cloud computing environments, shows that the future of corporate IT is changing.
“Oracle’s decision to license its 11g database, its middleware and management tools, starting with the Amazon’s Elastic [...]

Qualys Launches PCI 3.0 With Web App Scanning

By Alan Harten

At the Gartner IT Security Summit in London yesterday, Qualys launched its new version of the highly successful QualysGuard, the PCI 3.0.
This new variant has an integrated Web Application Scanning (WAS) module.
The previous versions are the most widely used on-demand scanning application utilised for PCI compliance implementation.
The new feature will properly prove to [...]

New, Faster, Wireless Rogue Tracing and Containment

By Alan Harten

AirMagnet Inc has announced a new twist on the problem of tracing and blocking rogue devices that are physically connected to an enterprise network.
Unlike previous solutions for wireless LAN security systems the new set up does not use just one tracing mechanism, it makes use of a combination of elements.
Named the Enterprise 8.1 the [...]

WatchGuard Launches XTM 1050 In NYC

By Alan Harten

The Big Apple industry get together, Interop, was chosen by WatchGuard to showcase their new high security XTM 1050.
The XTM is capable of a new high of 10Gbps firewall and 2Gbps IPSec throughput via dual quad-core Intel processors, as well as advanced crypto-acceleration hardware.
It seems almost every day the industry announces a major new [...]

Pru upgrades Security and Monitors Employee activity

By Alan Harten

Big time international financial services player Prudential, like many other big companies, is trying to deal with the ever increasing rise in Internet-borne threats to its network and recently decided to upgrade their security platform to PGDS.
They selected Calyx to implement the changes to its web security solution. They in turn have been advising the [...]

New Guidance From IT Governance Institute Maps COBIT 4.1 With ITIL v3

By ISACA

To help enterprises take a comprehensive approach to IT governance and service management, the IT Governance Institute (ITGI) has released new guidance mapping COBIT 4.1 with ITIL Version 3. Titled COBIT Mapping: Mapping of ITIL v3 With COBIT 4.1, the document provides both a high-level and a detailed mapping.
In developing ITIL v3, the UK [...]

Airlines targeted in new malware threat

By Brian Turner

A string of new email spam this morning, all claiming to be payment receipts from US airlines - provided as a malware-laden zip file.
The following airlines were used in the headers in the ones we got this morning:
- Virgin America
- Delta Air Lines
- AirTran Airways
- Continental Airlines
- Northwest Airlines
- JetBlue Airways
Likely more airline names are [...]

msnbc.com: BREAKING NEWS spam

By Brian Turner

Hot on the heels of the CNN Alerts: my custom alert email spam comes a new variant: msnbc.com: BREAKING NEWS spam.
The emails follow the same format as the CNN spam, with the link to the supposed featured story going to an unrelated third-party website which attempts to attack the users PC.
The site tries to download [...]

ISACA says major DNS flaw affecting email comes as no surprise

By ISACA

ISACA, formerly the Information Systems Audit and Control Association, says that security researcher Dan Kaminsky’s assertion that the major DNS flaw that he identified recently also applies to email services comes as no surprise.
“Kaminsky said at this week’s Black Hat briefings in Las Vegas that the flaw not only allows hackers to force people to [...]

The pitfalls of FTP Servers

By Cyber - Ark

I’ve heard recently that there is a new craze for thrill seekers known as Russian Roulette parachuting – a one in six chance that the parachute might not open – but apparently this is just not close enough to the edge for some IT folks out there.
It seems the latest stunt is using FTP [...]

Bloxx to join Internet Watch Foundation

By Alan Harten

Bloxx, the web filtering specialist, today announced that it has become a member of the Internet Watch Foundation (IWF), joining around 80 members from a diverse range of organisations in their battle against illegal online content.
Eighteen months ago IWF released statistics regarding their activities, that revealed that they receive around 1,000 reports each month, which [...]

Vendor claims to nix URL-bypassing sites

By Dave Nixon

Proxy blocking company 8e6 has stated that its software can now curtail the proxy scripts that have lately swamped the Internet as a way of bypassing URL blocking systems.
Such scripts give non-expert users a method to evade the conventional web URL filtering systems employed by government, libraries, universities and companies by initiating private web [...]

ISPs accused of tampering with web pages

By Dave Nixon

Approximately one percent of the Internet web pages are being altered in transit, sometimes in a detrimental way, according to researchers at the University of Washington.
In a paper, set to be delivered Wednesday, the researchers document some worrying practices. In July and August they tested data sent to about 50,000 computers and revealed that [...]

Greynet Enterprise Manager upgrades to ensure secure use of Skype

By Janine de Blois

FaceTime Communications, a leader in internet and unified communications (UC), has announced its exclusive security product to monitor Skype usage.
Working with Skype for over a year their newest release of Greynet Enterprise Manager (GEM) is designed to detect malicious urls via Skype instant messaging.
It is the only vendor with the ability [...]

Finjan discovers website offering volume purchase of stolen credit cards

By Janine de Blois

“If further proof were needed that there is a very serious problem facing the card acceptance and processing industry, this is it,” said Yuval Ben-Itzhak, chief technology officer at Finjan.
“Prices are segmented depending on whether a card is a Classic Visa or MasterCard, a premium account such as a Gold, Platinum or Business/Corporate [...]

Spam hits 200 million cell phones in China

By Janine de Blois

China Mobile issued an apology to it’s customers after almost half the country’s cell phone users received unsolicited commercial text messages.
Seven online advertising firms took advantage of a management loophole that allowed them to send unsolicited SMS messages to over 200 million users.
Graham Cluley, senior technology consultant for Sophos called it a SMS [...]

Holes found on Kerberos

By Dave Nixon

The MIT developers of the Kerberos authentication system have issued patches for numerous grave security holes, which could let remote attackers acquire sensitive information, shut down a system or execute malevolent code.
The primary problem is with the Kerberos Key Distribution Centre (KDC) and involves the way the KDC handles incoming krb4 requests. The problem [...]

Highly critical patches released for Kerberos 5-multiple vulnerabilities

By Janine de Blois

Kerberos credits Jeff Altman of Secure Endpoints, and Red Hat Security Response Team for discovering critical vulnerabilities in various versions of Kerberos 5. The bugs may cause DoS (Denial of Service), or otherwise compromise vulnerable systems.
The first problem is the Key Distribution Center (KDC). Incoming krb4 requests can be exploited to crash [...]

Sophos combines NAC with endpoint security in free upgrade

By Janine de Blois

Endpoint Security and Control 8.0., released Tuesday, integrates anti-virus, anti-spyware, host intrusion prevention, application control, firewall and NAC to block viruses and spyware as well as ensure that computers are running authorised up-to-date software and adhere to company policies. Sophos research indicates two out of three corporate computers have out of date anti-virus, missing [...]

Next Page »