Security vendors

Another way to spot a hacker

Thu, 05 Jun 2008 06:59:58 -0400

It continues to be hard to spot security vultures, but McAfee's "Mapping the Mal Web Revisited' outlines data from 9.9 million websites to spot the biggest security threats.

The report said that nearly 20 percent of all Hong Kong websites present a security threat. The other most dangerous sites are registered in China (.cn) and the Philippines (.ph). With that kind of information in your hip pocket, it just might be easier to spot and block sites from those locales.

For more:
- see this InformationWeek.com article

Symantec: Microsoft patches fastest

Mehan Jayasuriya — Fri, 11 Apr 2008 11:20:16 -0400

Mirror, mirror on the wall, who's the fastest of them all? If you're talking about security patches, it looks like the answer is Microsoft. Contrary to popular belief, Microsoft was found to be the overall fastest when it comes to patching vulnerabilities, in security vendor Symantec's latest security report on the malware industry. Covering the period from July 1 to December 31, 2007, the comprehensive report reveals that Microsoft released a total of 60 patches over the course of 2007, with an average patch time of 18 days during the first half of the year, and just six days during the second half. In second place was Red Hat, with an average patch time of just over a month--quite a bit higher than Microsoft. Meanwhile, Apple, HP and Sun all lag far behind.

For more on the report:
- see this Ars Technica article

Viruses hit 1 million mark

Mehan Jayasuriya — Tue, 08 Apr 2008 11:44:05 -0400

It was bound to happen sooner or later: According to security vendor Sophos, there will be 1 million distinct computer viruses and malware apps by the end of 2008. Now, you might be quick to dismiss that number as nothing more than fodder for alarmist headlines--and rightfully so--but there's a little more to the story than that. It seems that a whopping 25 percent of that malware was produced just in the last six months, which points to a rapid acceleration in malware on the web. Still, it's not all bad news. For example, one in 1000 emails currently contains a piece of malware; a major improvement on the one in 40 ratio that existed in 1995. And despite the growth of malware, security companies are logging upwards of 25,000 samples a day. "About 85 to 90 percent of malware families have a fix created for them almost immediately," Sophos chief technology officer Paul Ducklin said.

For more on current malware and virus trends:
- see this PC World article

Watch out for Valentine's Day spam

Thu, 14 Feb 2008 06:59:59 -0500

The potential for email spam on Valentine's Day is so great that even the FBI is getting involved. "With the holiday approaching, be on the lookout for spam e-mails spreading the Storm Worm malicious software," the FBI said in an alert posted to the home page of its Web site on Feb. 12. "The Storm Worm virus has capitalized on various holidays in the last year by sending millions of e-mails advertising an e-card link within the text of the spam e-mail. Valentine's Day has been identified as the next target."

The FBI was late in issuing its warning, according to an article in ComputerWorld. For several weeks, security vendors have been warning that the worm would use this romantic holiday to trick computer users into opening attachments or clicking links, letting the culprits in the door. Last year, the botnet Trojan made its first splash in January 2007, and researchers have long expected its return this Valentine's Day as well.

That's exactly how things have played out in the days leading to Feb. 14. Trend Micro's David Sancho spelled it out in a post to the company's blog on Monday, giving employees a short warning of what might be coming instead of flowers and chocolates. "The spammed e-mail messages are just plain text, but contain links that lead to malicious Web sites displaying one of eight cute Valentine images," Sancho said. "If you run the executable named 'valentine.exe,' your system will join the Storm botnet to start spamming other Internet users." "Not very loving of them," Sancho concluded.

For more on Valentine's Day spam:
- See this ComputerWorld article

SPOTLIGHT: PayPal buys security vendor

Fri, 01 Feb 2008 06:59:52 -0500

Sure, the usual way to shore up security is to hire a security vendor or consultant to come in and take care of business. If you're eBay subsidiary PayPal, however, you could just buy your own security vendor for $169 million... Article

Multiple threats in virtual networks

Thu, 23 Aug 2007 06:59:58 -0400

Vendors and CIOs are extremely excited about the potential that virtualization technology holds to restructure enterprise networks without requiring complete physical overhauls, by allowing multiple operating systems to run different applications on a single computer. But some experts are warning that the technology makes corporate systems more vulnerable to hackers because the systems are much more complicated than servers that run a single operating system and a single application. As the technology spreads, it's important that IT managers understand the implications of collapsing multiple servers into a single box--it does not change their security requirements. George Gerchow, technology strategist at security vendor Configuresoft, told attendees at the Center for Policy and Compliance in Colorado Springs, Colo. that virtualized environments are technologically challenging since each server separately faces the same threats as a traditional single server. How can CIOs prepare? Create strong policies, set up separate patching processes for virtual machines, and develop support tools that can track when virtual machines are installed on a corporate server.

For more details on virtualization:
- read the article in Computerworld

CIOs seek out NAC on the net

Thu, 16 Aug 2007 06:59:58 -0400

One of the more interesting high-wire acts in the enterprise IT space is how CIOs manage the tension between opening their networks to mobile workers, customers, partners and suppliers, and securing the integrity of their information resources. Network access control, or NAC, is emerging as an interesting topic of discussion in IT, because of its promise of introducing some measure of order in the chaos that is the extended enterprise. NAC is the process whereby devices are checked for security risks prior to admission onto a network. A survey conducted by ComputerWorld shows that there is still a gap between discussion and implementation of this technology. Only about 14 percent of respondents said that they apply endpoint checks for application and operating system patching; the presence of firewalls or anti-virus or anti-spyware tools; USB-attached devices; and password strength. Cost and complexity account for most of the gap between the level of checking desired and the level of checking actually implemented.

For more on the NAC report:
- read the article in Computerworld

Enterasys execs get jail time for accounting fraud

Wed, 04 Jul 2007 20:01:39 -0400

White collar crime can mean serious time. Four former executives with computer networking and security vendor Enterasys Networks have been sentenced
to prison terms for their roles in an accounting fraud that cost investors millions of dollars. The executives were convicted on conspiracy and fraud charges during a December 2006 trial. Former Enterasys CFO Robert J. Gagalis to was sentenced to 11.5 years in prison. Gagalis was convicted of one count of conspiracy, two counts of securities fraud, one count of making false statements to auditors of a public company, and four counts of wire fraud. Bruce D. Kay, a former Enterasys finance executive, was sentenced to over 9 years in prison. Starting in mid-2001, the four defendants and other Enterasys executives inflated the company's revenue figures as a way to meet the expectations of financial analysts and to maintain or increase the price of the company's stock.

For more on the Enterasys scandal:
- learn more in this Infoworld Article

Mass targets: evil email with a twist

Wed, 04 Jul 2007 20:01:38 -0400

Meanwhile, CNET is reporting that personalized email attacks are on the rise. The most recent trend involves an illicit campaign that focused on some 500
executives in what is believed to be the first "mass-targeted" malicious software attack, according to security vendor MessageLabs. Targeted attacks generally bypass security measures by addressing emails to a particular person.; these emails usually contain the name and job title of the victim in the subject line. MessageLabs says that on June 26, it intercepted 500 email attacks targeted at individuals in senior management positions at several companies around the globe. The company usually only sees 10 targeted attacks per 200 million emails per day. Chief Investment Officers were targeted in 30 percent of the attacks, while 11 percent of the intended victims were CEOs and 6 percent were CFOs.

For more on mass-targeted email attacks:
- read more in this CNET Article

Thwarting attacks with host-based anti-malware tools

Tue, 17 Apr 2007 20:01:38 -0400

Host-based technologies can target a range of threats from spam to rootkits while providing network repair. Host-based anti-malware products have two components: a security agent that resides on the desktop and a central management server, or host. The agent detects threats such as viruses, spam and rootkits while providing protection. The server portion manages and updates the agents and produces reports. These products also sometimes include firewalls and host intrusion prevention solutions. Other methods of thwarting malware include gateway appliances that sit on a network perimeter or routers and switches with enhanced security. Major security vendors like McAfee, Cisco and Symantec offer a multitude of choices, and Microsoft is poised to enter with its Forefront Client Security product. Although there are many choices, IT managers seem to want security products that can help them protect networks from threats that come from all sides.

Learn more about your security options:
- read the article at TechTarget

ALSO:
- read this on malware
- this on the malware risks of Vista
- this on malware writers
- this on malware as a security headache
- and this on malware that's hard to detect