Leona Lewis music hack may be publicity stunt

Imperva says Leona Lewis music hack may be publicity stunt

August 2009 (Eskenzi PR) - The reported hacking of Leona Lewis - a pop music protege of media mogul Simon Cowell - might be a publicity stunt, and not the "highest-profile hacking case the record industry has ever seen," says Imperva, the data security specialist.

"The Daily Mail reports that `hackers' have gained unauthorised access to the servers at Syco Records, and stole three unreleased songs by the former X Factor winner, and then `leaked' them online," said Amichai Shulman, Imperva's chief technology officer.

"I have to say that, if this really is the case, then the hacker has handed Ms Lewis, Syco and Mr Cowell a lot of free publicity on a silver platter. Or it could simply be a publicity stunt," he added.

The Imperva CTO went on to say that most hackers are driven by the chance to make money.

"The first thing I say when I see a data breach is - show me the money. And I don't see that here," he said. Record company internal networks contain business sensitive information about artist contracts, sales figures, etc. that could be used by attackers to produce revenues. I’d expect a real attacker to hit those before going public with a song that is already contracted to the record company.

"And since there is very little actual damage (if any) being caused to the record company, I have to conclude it's really a publicity stunt. It's a well-planned one however, as it involves minimal effort on the part of those concerned, so it promises to be a goodie," he added.

For on the latest Leona Lewis' `hack': http://preview.tinyurl.com/mxvn3k

For more on Imperva: http://www.imperva.com


US Court Grants Finjan a Permanent Injunction for Infringing Technology against Secure Computing

US Court Grants Finjan a Permanent Injunction for Infringing Technology Found in the WebWasher and TSP Products and Enhances The Jury’s Damage Award Injunctions and extended damages were granted on McAfee’s Webwasher and TSP products

San-Jose, Calif., August 2009 (Eskenzi PR) - Finjan Inc., a leader in secure web gateway products and the provider of unified web security solutions for the enterprise market, is proud to announce that the US District Court in Delaware has ruled in favor of Finjan, affirming a jury verdict against Secure Computing Corporation currently owned by McAfee. The Court issued a permanent injunction against the sale of the WebWasher and TSP Products for infringement of Finjan’s U.S. Patent Nos. 6,092,194 / 6,804,780 / 7,058,822. The Court also affirmed the jury’s damages award and determination that the infringement was willful and enhanced the damages’ award for the willful infringement of Finjan’s patents. The Court also agreed with the jury’s determination that Finjan does not infringe any of the patents asserted by Secure Computing.

“It is an important day for Finjan and a great win for Finjan’s web security technology,” said Gadi Maier, Chief Executive Officer at Finjan. “We are pleased with the Court’s ruling regarding our ownership rights to this technology and Finjan will enforce the injunction we obtained. Cybercrime continues to soar as was evidenced in the recent case of 130 million credit card details being successfully stolen by cyber criminals who designed their attacks to overcome traditional anti-virus protection. Finjan’s real-time web security technology via on-site appliances and cloud-based security is designed specifically to provide real-time protection against these types of advanced web threats and cyber crime techniques.”

Finjan is a leading provider of secure web gateway solutions for the enterprise market. Finjan Secure Web Gateway provides organizations with a unified web security solution combining productivity, liability and bandwidth control via URL categorization, content caching and applications control technologies. Crimeware, malware and data leakage are proactively prevented via patented active real-time content inspection technologies and optional anti-virus modules. Powerful central management enables intuitive task-based policy management, excellent drill-down reporting capabilities and easy directory integration for all network implementation options. By integrating several security engines in a single dedicated appliance, Finjan’s comprehensive and integrated web security solution enables quick deployment, simplified management and reduction of costs. Business benefits include real-time web security (no patches or updates needed), lower total cost of ownership (TCO), cost savings in administration efforts, lower maintenance costs, and reduction in loss of productivity. Finjan's security solutions have received industry awards and recognition from leading analyst houses and publications, including Gartner, IDC, Butler Group, SC Magazine, eWEEK, CRN, ITPro, PCPro, ITWeek, Network Computing, and Information Security. With Finjan’s award-winning and widely used solutions, businesses can focus on implementing web strategies to realize their full organizational and commercial potential.

For more information about Finjan, please visit: www.finjan.com


Swisscom IT cuts time spent on firewall management by half with TUFIN Securetrack

London, August 2009 (Eskenzi PR) – Tufin Technologies, the leading provider of Security Lifecycle Management solutions today announced that Swisscom IT Services, one of Switzerland's leading IT service providers, has selected its flagship product, SecureTrack to streamline its firewall operations. Swisscom IT Services core business covers system integration and the outsourcing of IT services such as consulting, workplace services, SAP management and E-Solutions. By implementing Tufin’s award-winning Security Lifecycle Management solution, Swisscom can more efficiently deliver its customers secure, reliable, uninterrupted access to their mission-critical applications while implementing the process controls needed for ongoing operations and to pass rigorous security audits.

“SecureTrack has provided us with such an unprecedented amount of visibility and control over firewall operations that I just can’t imagine life without it,” said Michel Müller, Senior Network Security Engineer, Swisscom. “We already had tight processes in place, but the automation SecureTrack introduced provided us with an overall snapshot of the state of our firewalls that enables us to operate in a much more agile, proactive, and strategic manner. We accomplish more in less time, with full confidence that we are operating in a secure, compliant fashion.”

Swisscom operates more than 150 firewalls, each containing over a thousand rules. First and foremost, SecureTrack provides complete visibility into all rule bases throughout Swisscom’s firewall operations. With SecureTrack’s complete display of each rule and object, the design team is able to easily check whether a proposed rule already exists or whether some of its requirements are already covered by other rules. This eliminates the occurrence of rule ‘shadowing’ (rule overlap) and results in overall improvement of firewall performance. By implementing SecureTrack, the time required to plan and implement changes was reduced by half, and flawless configuration of new rules and rule changes was ensured.

“Swisscom IT Services has joined a group of world class service providers that rely on SecureTrack to help maintain a highly secure and available network without sacrificing business agility,” said Ruvi Kitov, CEO, Tufin Technologies. “Our customers are always impressed with the immediate and dramatic efficiency gains SecureTrack provides, but what we find particularly fulfilling is watching them reap the longer term benefits – such as streamlined processes, increased agility, more strategic decision-making, and an improved security posture. As the push to outsource continues, SecureTrack will enable Swisscom’s to scale firewall operations in a very manageable, controlled, and compliant fashion.

For more information, please refer to the Swisscom IT Services case study, available for download at http://www.tufin.com/downloads/tufin_swisscom_case_study_en.pdf.

Tufin SecureTrack™ is the market-leading Security Lifecycle Management solution. SecureTrack enables organizations to enhance security, reduce service interruptions and automate day-to-day tasks through powerful firewall management capabilities and reporting. SecureTrack helps security operations teams to control and manage policy changes, analyze risks, and ensure business continuity and allows managers to easily understand the big picture and align operations with corporate and government security standards.

Tufin Technologies is the leading provider of Security Lifecycle Management solutions that enable large organizations to enhance security, ensure business continuity and increase operational efficiency. Tufin's products SecureTrack™ and SecureChange™ Workflow help security operations teams to manage change, minimize risks and dramatically reduce manual, repetitive tasks through automation. With a combination of accuracy and simplicity, Tufin empowers security officers to perform reliable audits and demonstrate compliance with corporate and government standards. Founded in 2005 by leading firewall and business systems experts, Tufin now serves more than 325 customers around the world, including leading financial institutions, telecom service providers, transportation, energy and pharmaceutical companies.

For more information visit www.tufin.com, or follow Tufin on: Twitter at http://twitter.com/TufinTech,
LinkedIn at http://www.linkedin.com/groupRegistration?gid=1968264,
FaceBook at http://www.facebook.com/home.php#/group.php?gid=84473097725
The TufinBlog at http://tufintech.wordpress.com/


Amazon cloud evangelist to give Storage Expo opening address

London, August 2009 (Storage PR) – This year's Storage Expo promises to be a ground-breaking event, with attendees able to gain direct access to some of the industry's most knowledgeable experts on the subject of data storage, information and content management.

Kicking off a comprehensive two-day education and seminar programme at the event - which takes place at London Olympia on October 14-15 - is a prestigious opening address from Simone Brunozzi, Amazon Europe's Web Service Technology Evangelist.

Mr Brunozzi will be giving his audience a case study presentation on Amazon's cloud services and activities, as well as outlining the potential benefits - and pitfalls - of cloud technology to businesses.

The Amazon Web Service Evangelist will expand on some of the plans outlined by Werner Vogels, Amazon's CTO, at last year's Structure 08 event in San Francisco.
According to Natalie Booth, Event Director at Storage Expo, Mr Vogels' prescient speech of last June (http://tinyurl.com/m5lrtr) talked about the imminent arrival of mainstream pay-as-you-go cloud services, and how a frictionless business model was the logical outcome.

"Amazon's CTO talked about the evolution of new business models that will be supported by leading edge cloud computing services, including the advent of multi-party payment models," she explained.

Booth says that Mr Brunozzi will detail Amazon's now extensive range of cloud computing services - many of which were still on the drawing board last June - and look at the suitability of cloud storage services for organisations of all sizes.

"Other topics scheduled for discussion include an explanation of the legal requirements for e-discovery, and how data destruction requests and certificates function in the cloud environment," she said.

"Coupled with a range of other important business topics - such as what companies need to define in their cloud service level agreements, and the risks plus rewards of this brave new world - Storage Expo's opening address promises to be a must-attend event in the business calendar," she added.

Alongside Amazons Opening address, visitors will be able to attend a range of keynote sessions including:

  • Andrew Reichman, Senior Analyst, Forrester will lead the keynote on optimising storage through the downturn: delivering first class storage on a third class ticket. Carla Arend, Program Manager, European Infrastructure Software, IDC Group will lead the panel on future directions that will shape your storage strategies for tomorrow.
  • Tony Lock, Programme Director, Freeform Dynamics will advise on what to look for when buying a virtualization solution and find out the top 5 tips for aligning business and IT objectives with ESG’s Managing Director Steve O’Donnell.
  • Rene Millman, Senior Research Analyst, Gartner Research will expose the truth and hype about cloud and Nigel Stanley, Practice Leader, Bloor Research will chair a panel on is your backup and archive effective.
  • John Abbot, Founder and Chief Analyst at The 451 Group will discuss disaster recovery and the changes server virtualization will bring and Jon Collins, CEO & Managing Director, Freeform Dynamics will lead the practitioner panel: how to manage your IT Director
This year we have changed the seminar programme with 2 key themes: “It All Starts With Storage” and “Don't Just Store It, Do More With It.”

The “It All Starts With Storage” stream will demonstrate optimisation of assets, reduction of cost, storage as an enabler, how to store unstructured data and creating a business case for storage. Key areas that will be covered include Virtualization, Thin Provisioning, SAAS/Cloud, De-duplication, Storage Infrastructure and Networks, Storage Architecture/SAN, Storage as a Platform, SSD's & Flash, IP Storage/FCoE and Data Centres.

The “Don’t Just Store It” stream, will include focus sessions on business intelligence, successful information management, and managing unstructured data. Key technologies will include: Enterprise Applications, Information Infrastructure, Sharepoint, BC/DR/Backup, Retrieval/Search, Security, Archiving/Email, Classification/DR, File Sharing/Collaboration, Data Warehousing/Mining and Content and Records management.

There will be several new show features including a Virtualization Showcase (including VMware Genius Bar & Partner Pavilion) we will also launch an exclusive area on the show floor dedicated to key software and hardware vendors who offer products and services which enable server, storage, application and network virtualization. There will also be separate zones on Cloud and Information Management and a Solutions Lab.

For more on Mr Brunozzi's opening address at Storage Expo: http://preview.tinyurl.com/n472q5

For more on Storage Expo: http://www.storage-expo.com


Crown Plaza Venice hotel booking fiasco could have been avoided

August 2009 (Eskenzi PR) - Web site code auditing could have avoided the 90,000 pound online booking loss incurred by the Intercontinental Hotels Group, says Fortify, the application vulnerability specialist.

Richard Kirk, Fortify's European Director, said that the online booking fiasco - in which rooms at the Crown Plaza Venice East Quarto D'Altino hotel were sold for pennies - has lost the group tens of thousands of pounds.

"Rooms, which normally cost between up to 150 pounds a night at the four star hotel in Venice, have been booked by savvy Internet punters, most of whom are well aware of the law of contract," he said.

"After the company initially blamed the fiasco on hackers, they quickly realised their own coding and data mistake - and are now effectively locked into completing the contract with customers," he added.

Kirk says that the incident, which will cause a hole in the hotel's annual profits, could have been avoided if the hotel group - or its booking IT services provider - had used standard code auditing techniques on the Web site server system and its allied data.

Standard auditing techniques that look for non-standard patterns in bookings, as well as erroneous low or high value card authorisations, would have picked up this anomaly, he explained.

According to Kirk, because of these failings in the audit process, more than 5,000 bookings were reportedly made within hours of the one pence rate being offered on the Crown Plaza Web site.

"The irony of the situation is that the hotel - and the Intercontinental Hotels Group - will probably gain in the publicity stakes, but this is an expensive way to learn that your Web site code auditing and allied safeguards have failed you," he said.

"Coming in the wake of a 40 per cent slump in first half year profits for the group, the IT director is probably not going to be too popular in the company boardroom," he added.

For more on the Crown Plaza Venice hotel fiasco: http://preview.tinyurl.com/oj3c54

For more on Fortify Software: http://www.fortify.com


Fowlers Revs Up With Numara Track-It!

Total cost of ownership was a key driver for implementing Numara Track-It!
Numara Track-It! outperforms the competition on price

Reading, UK, August 2009: Numara® Software, Inc., a leader in help desk management solutions, announced today that Fowlers, one of the longest established businesses in motorcycling, boasting a multi-franchise dealership selling, servicing and repairing new and used motorcycles and scooters, has chosen to implement Numara® Track-It!® 9.

Numara Track-It! 9 is the world’s most widely installed help desk and asset management solution and Fowlers chose to replace its existing subscription-based help desk tool with this market leading product. Numara Track-It! has recently been installed and Fowlers is now actively using it, having just gone live with the solution at the beginning of June. Implementation was quick, easy and painless. In fact, even at this early stage, the IT team members are confident about the capabilities of Numara Track-It!

Headquartered in Bristol, Fowlers’ IT department supports around 100 end users based in three different locations. The help desk receives around 350 queries per month from users who may be either in the retail division or part of the wholesale division, who rely heavily on a number of different IT systems to distribute spare parts and accessories. Additionally, Fowlers has a call centre, which is manned by over 30 operators. Colin Lack, IT Manager for Fowlers comments:

“We were previously using a competing service desk solution and decided to change. The main driver for this decision was focused around total cost of ownership. Up until a few years ago, I was delivering the support to the business with one part-time assistant and the cost for a two-user package was reasonable and the product worked okay. But as the IT department expanded to 3 full-time people and our requirements started to get more complex, we suddenly had to jump to a 5-person license (there was no incremental user option) and the price doubled. When we wanted to implement change management, the price would have doubled again because we needed to move to an enterprise licence and so this went on. Although it started out as a reasonably priced solution, as our demands grew, so the costs escalated, but the performance did not improve at the same rate. The more features we wanted, the more expensive it was getting and we therefore decided that it was time to look for a new solution.”

Fowlers researched the market for a new help desk solution and had a long list of companies. Colin Lack then attended the Service Desk & IT Support Show in April 2009 and visited various vendor stands. This quickly whittled the choice down to a short-list of two – Numara Track-It! and one other. Colin Lack continues:

“We choose Numara Track-It! over and above another competing product, because one of our original drivers was change management. Numara Software provided a full demonstration of the change management capabilities in Numara Track-It! during the show and we immediately felt that the product ticked all our boxes. The other product didn’t have change management, but they were hoping to release this feature later in the year. The other thing that really swung the decision for us was that Numara Track-It! is a very solid, out-of-the-box solution and we felt that there was less chance of things going wrong. With a small IT team of 3, the last thing we needed was to end up spending all our time supporting the help desk when it is supposed to be supporting us.”

Following the Service Desk & IT Support Show, Fowlers had a full demonstration of both products and preferred the robustness of the back-end support with Numara Track-It!, as well as all the customisable grids and templates. In addition to the help desk module, other add-ons that Fowlers has purchased include: Remote Control, MAC Audit, Deploy, Network Monitor and Recurring Word Orders. Colin Lack concludes:

“Price wise, Numara Track-It! was cheaper. For example, the other vendor insisted on one day of onsite consultancy and 4 days’ training and this really pushed the price up and we felt it simply wasn’t necessary.

We’re extremely happy with Numara Track-It! and even though we have only had the product working for a month, we can already see that this product has extensive capabilities and will suit our requirements for many years to come.”

Numara Track-It! has helped thousands of IT professionals around the world optimise Help Desk efficiency, systematically measure their service performance and maximise use of their technicians’ time. With over 48,000 customer sites, it is the world’s most widely installed Help Desk and Asset Management solution. For more information on Numara Track-It! please visit www.numarasoftware.co.uk.

Serving over 50,000 customer sites worldwide, Numara Software is a global leader in providing practical software solutions for service management to IT professionals. IT organizations of all sizes trust our award-winning solutions, featuring Numara Track-It! and Numara FootPrints, to track requests, automate workflows and support internal and external customers.

Unlike other complex, difficult-to-implement, and costly products, we offer robust, affordable and easy-to-use solutions that can be quickly deployed without disruption to your business. Our flexible solutions can be implemented right out of the box or configured to match your unique IT environment and business processes. They can also be leveraged to support non-IT operations, such as human resources and facilities, allowing you to optimize your investments in licensing, maintenance, training, and support.


Twitter security move positive but is it it enough?

Finjan welcomes Twitter’s new security move and advises adding SecureTweets for additional protection

San Jose, California – August 2009 (Eskenzi PR) - Finjan welcomes the news that Twitter has quietly started checking URLs entered into user messages on its microblogging service. The new level of security might still leave room for improvement on several fronts.

"Twitter encourages the use of shortened URLs, which could be a problem if, as some reports indicate, the Twitter URL check would only work on full-length Web addresses," said Yuval Ben-Itzhak, Finjan's chief technology officer.

“Furthermore, the Twitter URL-check utilizes databases that need constant updates. This leaves a window-of-opportunity for cybercriminals to infect Twitter users’ PCs,” added Finjan’s CTO. “During the time elapsing between database updates, no adequate protection will be provided.”

Ben-Itzhak went on to say that Finjan applauds Twitter’s ongoing effort to keep its users safe, and suggests boosting the overall security of Twitter with the use of real-time content inspection technologies.

To provide current Twitter users with an additional layer of web security, Finjan offers its free SecureTweets browser add-on for Internet Explorer and Firefox. It provides users with look-ahead alerts on the safety of URLs as well as shortened URLs showing on Twitter and other Web 2.0 websites.

SecureTweets is simple, easy to use, and complements Twitter’s existing database-driven security capabilities since it utilizes real-time content inspection technology.

To download SecureTweets, please visit: http://www.finjan.com/SecureTweets

For more information about Finjan, please visit: www.finjan.com.

For alerts, please follow us on Twitter at www.twitter.com/SecureTweets

For information on Twitter URL check: http://www.computerworld.com/s/article/9136218/Update_Twitter_now_blocking_bad_URLs_but_imperfectly?source=CTWNLE_nlt_security_2009-08-04

Secure Gateway provides organizations with a unified web security solution combining productivity, liability and bandwidth control via URL categorization, content caching and applications control technologies. Crimeware, malware and data leakage are proactively prevented via patented active real-time content inspection technologies and optional anti-virus modules. Powerful central management enables intuitive task-based policy management, excellent drill-down reporting capabilities and easy directory integration for all network implementation options. By integrating several security engines in a single dedicated appliance, Finjan’s comprehensive and integrated web security solution enables quick deployment, simplified management and reduction of costs. Business benefits include real-time web security (no patches or updates needed), lower total cost of ownership (TCO), cost savings in administration efforts, lower maintenance costs, and reduction in loss of productivity. Finjan's security solutions have received industry awards and recognition from leading analyst houses and publications, including Gartner, IDC, Butler Group, SC Magazine, eWEEK, CRN, ITPro, PCPro, ITWeek, Network Computing, and Information Security. With Finjan’s award-winning and widely used solutions, businesses can focus on implementing web strategies to realize their full organizational and commercial potential. For more information about Finjan, please visit: www.finjan.com.


Stolen Lincoln playgroup laptop highlights danger of unencrypted data

Basingstoke, August 2009 (Eskenzi PR) - The theft of a laptop from a Lincoln woman - by the woman's boyfriend - may sound like a routine court case but, says Andy Cordial, managing director with Origin Storage, it could be lot more serious.

According to the MD of the storage systems integration specialist, the laptop contained the details of children attending a local playgroup - data, the loss of which could have serious consequences if it leaked on to the Internet.

"The bad news about this case is that even though the 21-year-old boyfriend has been prosecuted for the theft, the laptop has never been recovered," he said.

"The chairperson of the playgroup has told reporters that the personal details on the children was not stored on the notebook, which will come as a tremendous relief for the parents of the kids attending the group," he added.

But, says Cordial, this relief will be tempered by the fact that the parent's financial information was stored on the laptop and is now `in the wild.'

Even if the hard drive of the notebook is reformatted, the data can still be retrieved by anyone with technical knowledge, he explained.

Our own observations at Origin Storage about stolen laptops, he went on to say, is that most thieves only attempt a cursory deletion of documents on the desktop before `fencing' it on.

More than anything, this sad petty theft case highlights the need for data to be encrypted on a laptop owned by almost anyone, he noted.

"The cost of a hard drive that encrypts data on-the-fly has fallen significantly in recent times, so there really isn't any excuse for not buying an encrypting hard drive," he said.

"Just imagine what would have happened if the women had stored her employer's client financial details on the laptop. Now there's a potential lesson for any IT manager," he added.

For more on the Lincoln laptop theft case: http://preview.tinyurl.com/ncmoqz

For more on Origin Storage: http://www.orginstorage.com


Mobile laptop usage soaring - but what about company data security?

(Eskenzi PR) The apparently amusing tale of how New York coffee shops - apparently fed up with laptop users hogging their table space and using up electricity for hours on end - has a much darker message, says Sean Glynn, Director at Credant Technologies.

According to Sean Glynn with the endpoint data protection specialists, the story highlights the fact that laptop usage amongst business people has now reached critical mass.

"Thanks to the proliferation of public access WiFi and mobile broadband dongles, laptops used for business are no longer the preserve of road warriors," he said.

"Ordinary business people are now taking their laptops out on the road with them, on the bus, on the train, in the coffee shop and especially taking them home," he added.

According to Glynn, this proliferation of laptops poses a potentially very serious security risk for companies, as they are effectively losing direct control of their data.

You can, he explained, now buy a mobile broadband dongle from Vodafone in the UK for 39 pounds that comes with a gigabyte of data transfer and no major time limits. Extra gigabytes can be purchased for 15 pounds a time.

Factor in widespread usage of public access WiFi, he says, and the security risks of company data leaking out become all too apparent.

The solution, he went on to say, is to introduce encryption and authentication technology to the use of laptops and company data.

"That way, the valuable data stored locally on the laptops is secured, and can only be accessed by the accredited laptop user," he said.

"And at 15 pounds a gigabyte, the mobile data costs are containable without any commitment on the part of the company," he added.

For more on the New York coffee shop owner's laptop clampdown: http://preview.tinyurl.com/nskwg6

For more on Credant Technologies http://www.credant.com


Security players form alliance to tackle malware

AVG & other AV experts join forces to develop industry standards & best practices to keep consumers protected online

by Michael Smith (Veshengro)

IEEE's Industry Connections Security Group aims to formalize sharing of malware data among security players, while an analyst warns its focus may be too narrow.

A new security alliance has been established to formalize information sharing on security protection and develop industry standards and best practices.

The Industry Connections Security Group (ICSG) is parked under the IEEE Standards Association and includes mostly security heavyweights and antivirus players. The founding members are AVG Technologies, McAfee, Microsoft, Sophos, Symantec and Trend Micro.

Announcing the group in a blog post on Monday, Mark Harris, vice president of SophosLabs, said security researchers had a tradition of sharing virus samples, but that the sharing arrangements are often "based on individual relationships rather than formal agreements".

The formation of the group makes for a "more organized" security industry in the current landscape, where attacks are increasingly structured and malware samples grow at "astonishing rates", Harris said.

The ICSG currently has a malware working group but intends to add other working groups over time.

According to a presentation document dated 20 July, the group aims to improve the efficiency of collection and processing of the millions of malware file samples handled by security vendors each month by focusing on an XML-based metadata sharing standard. The standard is expected to undergo ratification by the end of this month.

Graham Titterington, principal analyst at Ovum, noted that the announcement of the group was both interesting and confusing. The rationale for the new alliance was the need for a more comprehensive approach to countering malware writers, but the focus of the group appears to be limited, he said.

"The group addresses all aspects of malware and its membership includes most of the main antimalware vendors – Kaspersky being the most notable absentee – and so the ICSG represents progress on countering the so-called 'blended threats'," he said.

"However, it does not seem to be taking the battle to the criminals or probing the criminals' business networks. The focus is on setting up the infrastructure and protocols to allow rapid information sharing on threats and making the day-to-day operation of the members more efficient."

Titterington added: "I would have expected a body affiliated with the IEEE to be putting more emphasis on the development of improved methods for disrupting criminal activity and on new ways of protecting users."

The problem with all of this still does not and never can address the real problem in the equation and that is called “stupidity”.

Too many users fall prey to their own stupidity by replying to certain emails or by opening things they should know better not to.

Many users have first of all no idea that they need AV and other anti-malware software and the most important thing is that most do not understand that their protection – if they have it – is only as good as the latest update.

“Update? What you mean update”, I get from many people, showing that they have no understanding that they need to update their AV and anti-malware software. Help!

Also, too many people think that (1) they cannot afford AV and anti-malware software and (2) because they think that only bought proprietary software will perform.

Both of those fears are, obviously, unfounded and for the ordinary user and the SOHO and SME, free versions of, say, AVG and others are more than adequate and in many instances it has been shown that the free versions outperform expensive, paid-for software.

The important thing, as mentioned before, is to keep any such software updated for your protection is only as good as the latest update.

Although many such software use heuristic systems to recognize patterns in an attempt to catch the “zero-day” attacks this may not always be successful and hence one should try to update with the latest signatures several times a day ideally.

The biggest problem as to infections of computers and networks are users that do not use their brains. Why would anyone want to click on a link to that says, for instance “see Brittney Spears' naked pictures” or that claims that something is breaking news such as “war with Russia declared” when there has been nothing about that on the radio, for instance.

The user often is the weakest link.

© 2009

1.7 million reasons for local authorities to use privileged data access

August 2009 (Eskenzi PR) - Reports that a number of local authorities are sacking staff for viewing personal data on the DWP's Customer Information System (CIS) comes as no surprise, says Cyber-Ark, but merely serves to highlight the need for highly privileged access to this kind of data.

According to Mark Fullbrook, the IT security vendor's European Director, taking a data silo approach to private data is now the optimum approach to allowing privileged access to information, as well as allowing the data to be shared between specific people on a carefully controlled - and encrypted – basis.

"It's interesting to note that Cardiff Council sacked a member of staff for looking at CIS information on celebrities. This was probably an employee looking to expend their knowledge of celebrities beyond the confines of Hello magazine, but that staffer could also have sold the data on to a national newspaper, so the fall-out for the council could have been very bad indeed," he said.

"It's also quite worrying that Computer Weekly's research has revealed that staff at 34 local authorities incorrectly accessed data on the CIS between 2006 and 2009, but that only nine members of staff were actually dismissed," he added.

Clearly, says Fullbrook, these incidents are 34 too many, but given the fact that local government employs 1.7 million full-time employees (source: http://tinyurl.com/pl9luj) - that's one in 35 of the UK's population - rogue employee actions of this nature are inevitable.
This is why it is essential that effective privileged controls be placed on the viewing and exchange of CIS data by local authorities across the UK, he explained.

And, he went on to say, the technology required - centering on highly secure storage and privileged email-driven exchange of the data - now exists to control access to the large databases such as the CIS.

"Our own Inter-Business Vault technology is a prime example of this, as it allows privileged access to the data, as well as allowing encrypted and auditable sharing of data between nominated members of staff as and when required," he said.

"There is simply no excuse for the UK's 430-plus local authorities not to use the technology that is available. And there are 1.7 million reasons for this," he added.

For more on local authority DWP-CIS unauthorised database accesses: http://preview.tinyurl.com/lhjglv

For more on Cyber-Ark: http://www.cyber-ark.com


“VirtualiSation and the Other Green Computing Initiative”

By Owen Cole, Technical Director UK&I, F5

Green IT within organisations has to be an initiative that results in positive bottom line impact, or it is doomed to failure as a strategy. Reducing power consumption and management expenses, as well as increasing efficiency of resources through consolidation and virtualisation is an effective route to lessening the impact on the environment as well as improving profitability. This article examines the technologies that can be used to achieve both these aims.

There’s been a lot of hype over the past year surrounding “green” computing and the drive to lower the impact of IT and data centres on the environment. While we’re all for the concept of green computing and reducing the impact of computing on our environment, we’re also cognizant of the reality that every IT organization also has to worry about the other kind of green: its bottom line.

The good news is that there is some amount of overlap between these green computing initiatives. Reducing power consumption and management expenses, and increasing efficiency of existing resources through consolidation and virtualization decreases both the impact of devices on the environment as well as on IT’s increasingly tightening budget.

Reducing Power and Heat
The easiest way to reduce the impact of any device on the bottom line, be it a server or networking equipment, is to reduce the amount of power it requires. Modern servers often draw variable amounts of power based on the processing power in use by applications. Similarly, some networking equipment and other devices provide the same functionality, drawing varying amounts of power based on their load and configuration. This can be beneficial in reducing the operating cost of the server or device, but like dealing with variable costs of bandwidth due to bursts in usage, also makes it difficult to estimate annual costs and budget appropriately.

Another simple, but often overlooked, facet is how many BTUs are generated by any given device. By decreasing the BTUs generated, there is less heat and thus less cooling required within the data centre. The costs of cooling a data centre are larger than those to heat one, owing to the fact that much of the heating needs in a data centre are inherently taken care of by the BTUs generatd by the devices it houses. Reducing these costs can have a significant impact on the operating expenses of any IT organization.

Reducing power consumption and generation of BTUs for devices and servers is something over which IT has no control. While IT can certainly use such ratings as part of its decision making process for purchasing, it really can’t do a thing to affect how much power is consumed or how many BTUs are generated by any given device. It’s simply a cost of doing business.

Yet IT can make decisions, both in purchasing and architecture, which reduce power consumption and heat generation by reducing the number of servers and devices that make up its data centre. Consolidation and virtualization are both ways in which IT can positively impact its bottom line.

The Impact of Consolidation
Consolidation has been an ‘initiative’ in IT for many years, and it generally revolves around the consolidation of the data centre in terms of the number of servers deployed to support mission-critical applications. While reducing the number of servers in the data centre, and thus rack density, both power consumption and heat generation can be positively affected.

Yet capacity needs must be balanced with consolidation efforts, and at some point consolidation is no longer possible. As the volume of users and application usage grows, so must the number of servers – and devices such as application delivery controllers – necessary to scale mission-critical applications.

Striking a balance between scalability and controlling costs is difficult, and thus far it has been nearly impossible to avoid the deployment of additional application delivery controllers as a mechanism for scaling out a data centre. Whether chassis or appliance-based, these devices have only added to the cost of power consumption and increased the generation of heat within the data centre, raising operational costs.

Solving this problem requires effort on both the part of the application delivery controller vendor to reduce the power consumption and BTU generation of devices while simultaneously providing a way to scale without increasing the number of devices required for deployment within the data centre. A single, chassis-based application delivery controller requiring less power and generating fewer BTUs that also scales via a virtualized bladed architecture can address the growing need for capacity without adversely impacting IT’s bottom line, or the environment.

The Impact of Virtualization
By architecting a new breed of chassis-based application delivery controllers that take advantage of virtualization not only at the server level but at the chassis and blade level, these new devices can provide better performance in a single unit than could previously be obtained with multiple appliance-based solutions or legacy chassis-models.

By virtualizing blades and CPUs, essentially creating a single, powerful processing matrix, this new breed of chassis-based application delivery controller can scale nearly linearly. This internal processing scalability means that every last drop of processing power is being used and can provide a much higher capacity than its legacy ancestors. By more efficiently using the processing power available, the performance per power unit is increased, making each transaction processed by the application delivery controller cost a fraction in terms of power consumption than would otherwise be possible.

Consider the comparison in Figure 1. Regardless of what the cost per kilowatt hour, there is a significant savings in terms of power when moving from the legacy chassis-model to a new, virtualized chassis-model. This has a significant positive impact on the environment as well as on the organizational budget. Given the higher performance capacity of the new chassis model, this also allows for fewer devices necessary to meet the growing traffic management and application delivery needs of today’s IT organizations, which lowers the cost of operations as well as management.

The management costs of such a new breed of application delivery controller are inherently lower than a traditional application delivery solution, owing to its virtualized architecture and the ability for the device – and IT manager – to manage the system as a single entity rather than as individual blades in a larger system. This reduces the amount of management necessary, and in turn reduces the costs associated with managing the device. This is especially true as capacity is added, as it would require multiple legacy chassis-based devices to match the processing power of a single virtualized chassis-based system. Each added device must be managed, and adds to the amount of power consumed and BTUs generated, making it much more expensive to scale.

Also having an impact are the BTUs generated by each device. There is a definitive cost associated with removing the heat generated by these devices in the form of cooling, so the lower BTU generation of the new breed of chassis-based solution is a definite boon both on the environment as well as on the budget.

It’s rare that an environmental friendly movement such as Green IT results in reducing costs, especially in its early stages. And yet in the case of this new breed of chassis-based application delivery controllers, that’s exactly the result. With the decreased management and power consumption costs and increased performance, these new application delivery controllers are both green as in grass and green as in cash.

F5 is exhibiting at Storage Expo, 14th – 15th October, Olympia, London www.storage-expo.com. The UK’s definitive event for data storage, information and content management provides the opportunity to compare the most comprehensive range of solutions and services from leading suppliers with a free and unrivalled education programme.

Courtesy: Eskenzi PR/Storage PR

Cross site scripting (XSS) flaws hit the Ministry of Defence

Fortify warns on Ministry of Defence XSS site flaw

August 2009 (Eskenzi PR) - The ongoing problem of cross site scripting (XSS) flaws has hit the Ministry of Defence, Fortify Software, the application vulnerability specialist, has reported.

Richard Kirk, Fortify's European Director, says that the MoD admitted to the flaw on Tuesday, after it was alerted to the XSS problem by a journalist who had been tipped off by the hacker group, Team Elite.

"XSS vulnerabilities are often found in Web applications which allow code injection by malicious Internet users into the pages viewed by other users. Examples of these flaws include client-side scripts. An exploited cross-site scripting vulnerability can be used by attackers to bypass access controls such as the same origin policy," he said.

"Research by Symantec in 2007 (http://preview.tinyurl.com/3q9j7w) revealed that around 80 per cent of documented site vulnerabities were down to XSS security problems," he added.

According to Kirk, in many cases of an XSS-driven infection, the infected user is usually unaware his/her computer has been compromised, and is leaking information
This, is he explained, what makes XSS flaws so insidious, as - in common with other similar security problems - the flaw on the MoD Web site could have re-routed users to a second, infected portal.

Kirk went on to say that the XSS flaw only appears to have affected the MoD's A to Z index, but the good news is that the MoD Webmaster appears to have responded almost immediately to the Team Elite warning.

Team Elite's Maciej Bukowski posted details of the MoD site flaw late on Sunday and the MoD was alerted to the problem after Bukowski contacted the ZDnet newswire on Monday.

"Since Bukowski was responsible for revealing a similar flaw on the MI5 Web portal last month, it looks like the message has got through and the MoD reacted swiftly to the Team Elite posting, as soon as ZDNet alerted them to the problem," said Kirk.

For more on the MoD XSS security flaw: http://preview.tinyurl.com/nu7kb2

For more on Fortify Software: http://www.fortify.com


Britney Spears hack highlights reputational risk of weak Web 2.0-based service passwords

Burlington, MA & Redwood Shores, CA. – The apparent hacking of Britney Spears' Twitter picture service account - with consequent false reports of her death - is a reflection of the increasingly mischievous nature of a small, young – and probably immature - section of the Web user base, says Imperva, the IT compliance and business risk mitigation specialist.

Mildly alarming as reports of Britney's premature demise were, they also came in the wake of incorrect Web reports from New Zealand of the actor Jeff Goldblum also having passed away," said Rob Rachwald, Imperva's director of marketing.

"What the complex online events leading up to the incorrect reports of the celebrity deaths spreading around the Web show us, however, is the sheer power of the Internet in terms of potential reputational damage," he added.

According to Rachwald, since Twitter's picture service currently only has a four-digit numeric password system, a brute force attack would be able to hack into the account in a matter of hours.

And, he says, as new Web 2.0 services evolve on the Net, the effort and focus of the application owners is going to be devoted to the fast availability of new features and commercial models.

As a result, he explained, the new services' IT security protection is likely to get left behind and will almost certainly not be integrated into the application.

For this reason, he went on to say, as well as being careful when it comes to setting secure passwords on these next-generation services, companies need to implement Web application firewalls alongside the services so as to afford better overall protection.

"The key issue here is that companies need to install additional security technology at the same time as when they deploy these new Web 2.0-based services in their organisation," he said.

"This is because Web application firewalls and other protective Internet security systems are becoming more and more important, as they can compensate for internal security control issues," he added.

For more on incorrect reports of Britney Spears' demise: http://preview.tinyurl.com/kn5m6a

Imperva, the Data Security leader, enables a complete security lifecycle for business databases and the applications that use them. Over 4,500 of the world’s leading enterprises, government organizations, and managed service providers rely on Imperva to prevent sensitive data theft, protect against data breaches, secure applications, and ensure data confidentiality. The award-winning Imperva SecureSphere is the only solution that delivers full activity monitoring from the database to the accountable application user and is recognized for its overall ease of management and deployment. For more information, visit www.imperva.com.


CREDANT Technologies extends data protection to Mac users

CREDANT Launches Mobile Guardian Enterprise Edition v6.5

Latest edition extends protection to Mac OS X, improves end-user transparency

DALLAS, August 2009 (Eskenzi PR) – CREDANT Technologies, the market leader in endpoint data protection solutions, today announced it has released CREDANT Mobile Guardian Enterprise Edition (CMG EE v6.5), which includes full disk encryption and protection for Mac OS X in addition to improvements in usability, transparency and manageability for endusers of Windows and Smartphone devices.

CMG EE v6.5 for Mac extends CREDANT’s data protection to all Mac OS X environments including Mac OS X v10.4 Tiger and v10.5 Leopard Systems. The new edition requires no additional IT overhead beyond software deployment, and enables enterprises to secure their Mac environments with the same level of data protection that CREDANT provides for Windows® workstations, handheld devices and removable media.

The CMG EE 6.5 release also adds key data protection enhancements in deployment, management and compliance reporting capabilities, all while improving usability and transparency for end users. Additionally, CMG EE 6.5 enables iPhone users to synchronize with their exchange servers securely.

“We have seen a dramatic rise in the number of Macs in corporate environments creating real challenges for enterprises to manage and secure their data.” said Chris Burchett, CREDANT’s Chief Technology Officer and co-founder. “Adding Mac support to the same central management console as used for all other endpoint devices enables our customers to close an important data protection gap, and satisfy the compliance regulations that drive such urgency for data security solutions.”

CMG EE 6.5 for Mac provides comprehensive, seamless support for Mac devices. IT administrators can secure all data across all Mac OS drives while maintaining transparency with existing enterprise applications and IT operations such as data backup and patch management.

Key features of CMG EE 6.5 for Mac:
· Data protection support for Intel-powered Mac laptops, desktops, handhelds and external media
· No impairment to operational efficiency or impact to end users
· Encryption of all data on physical and logical Mac drives, including multi-partition configurations
· Adherence to standard Apple packaging and configuration processes to fully support popular Mac OS enterprise management solutions such as LANrev™, LANDesk™, JAMF Casper Suite™ and Apple Remote Desktop®
· Accommodation of loosely managed Mac systems, even when transitioned to a larger, more actively managed environment
· Easy integration with other platforms, with no Pre Boot Authentication (PBA) required
· Integration with native Mac OS X authentication interfaces
· Full compatibility with virtualization systems such as Parallels® or VMware®
· Ongoing reports of deployment status, and proof that Mac endpoints are encrypted, via the CREDANT Mobile Guardian console and CREDANT Compliance Reporter

Organizations, and end-users, can also take advantage of a wide range of new usability enhancements and administration features to ensure efficient, effective management and compliance support. With a focus of enhancing manageability for system administrators, improving transparency for end-users and increasing flexibility for the organization, a few of the many new CMG EE 6.5 features include expanded encryption operational statistics and enhanced reporting, client-side encryption sweep control and policy-driven access options to unencrypted media.

More information about these and other important features of CMG EE v6.5 can be found at the CREDANT website – www.credant.com/products/cmg-enterprise-edition.html


Compliance does not guarantee security

Tufin: compliance does not guarantee security

(Eskenzi PR) News reports that some of the firms who have experienced data breaches in recent months were PCI-compliant highlights the fact that - even if a company has passed must on the regulatory front - this does not guarantee the integrity of their IT security systems, says Tufin Technologies, the security lifecycle management specialist.

"Complacency is the IT manager's worst enemy, especially when it comes to IT security," said Reuven Harrison, Tufin's chief technology officer.

"This fact was brought home quite clearly at last week's Black Hat security briefings in Las Vegas, at which researchers revealed company after company - and technology upon technology - whose IT security could be compromised," he added.

According to Harrison, as witnessed by the comments of Douglas Merrill, former VP of engineering with Google at Black Hat, if senior managers can become frustrated with an IT architecture, then the same thing can happen further down the management chain.

And when that happens, he says, the firm becomes a breeding ground for IT workarounds that allow staff to work more efficiently, but also allow them to circumvent their own security systems.

As a result of these pressures, having systems in place that check any and all IT security configuration changes for compliance with corporate policies, he explained, is rapidly becoming a critical competent of an efficient security regime.

You can also expect to see these pressures to work more efficiently increase as the effects of the economic situation that many companies now find themselves, said the Tufin CTO.

As a result, he noted, you can begin to understand why, if a company is PCI compliant - as was the case with Heartland Payment Systems - they can still be hit by a data breach.

"Regulatory compliance and best practice certifications are excellent indicators of management quality, but when it comes to security, the acid test is whether multiple layers of security are installed, and are reviewed - as well as tested - on a regular basis," he said.

"This is what security lifecycle management is all about. IT security has now become a state of mind and needs a holistic approach if management is stand a chance of beating the security demons," he added.

For more on PCI/IT security compliance issues: http://preview.tinyurl.com/l56jfj

For more on Douglas Merrill's comments at Black Hat: http://preview.tinyurl.com/mzmwon

For more on Tufin Technologies: http://www.tufin.com


Staff&Line Partners with ProServ

by Michael Smith (Veshengro) & C8 Consulting

St Albans, August 2009 – Staff&Line, a European leader in IT management solutions, has announced today that it has signed a new partner ProServ, an Amman, Jordan-based professional services firm specialising in IT process optimisation.

ProServ has been appointed as a Professional VAR for the Middle East and will resell EasyVista, Staff&Line’s fully integrated software suite for IT Asset and IT Service Management.

Well-established in this region, ProServ covers 16 countries which include Libya, Egypt, Sudan, Jordan, Saudi Arabia, Yemen, Oman, United Arab Emirates, Bahrain, Qatar, Kuwait, Iraq, Lebanon, Syria and Iran. ProServ also has sub reseller relationships with companies in Egypt, Saudi Arabia and UAE.

Staff&Line has invested heavily in its indirect channel strategy in the past 12 months and has a tiered partner programme that comprises Affiliates, Select, Professional and Elite VARs.

Gregory Lefort, VP Business Development comments: “We have a direct presence in France, Italy, Spain and Portugal and work with partners throughout the International region, USA, Asia Pacific and the Middle East. In fact in many areas, like the Middle East for example, we believe that a 100 percent channel strategy is the best way to develop our presence.”

“I am delighted that ProServ has joined our partner programme and believe that it has the breadth and depth to really extend our reach and we see many opportunities coming out of these countries. ProServ is a specialist in ITIL best practice and training and this really complements our offering.”

Staff&Line has over 3,300 clients within Europe currently utilising its EasyVista solution, and has been described as “Visionary” by Gartner Group. The company provides an integrated and modular solution covering all IT management requirements: inventory, audit, asset management for information technology and other types of assets (telecommunication equipment, furnishings, etc.), incident, problem and change management, providing an interface between users and the IT department via an online portal.

Emad Ghattas, Managing Director for ProServ, says: “EasyVista fits perfectly with our IT Service Management portfolio as it completes ProServ’s service offering of designing, creating, optimising, and implementing ITIL v3 policies and procedures. With a robust and comprehensive asset management system that is integral to EasyVista, our clients will realise tremendous benefits including reduction in software and hardware management and maintenance cost including better control on SLAs, SLOs, and contracts.”

EasyVista 2009, comes in two options – EasyVista Classic and EasyVista.com. EasyVista Classic is the traditional licensed option, installed on the customer’s site, while EasyVista.com means that the product is now available in SaaS (Software as a Service) mode.

Additionally, EasyVista has recently completed the PinkVERIFY certification of ITIL v3 compatibility for Service Management solutions. 11 processes were verified as being compatible with ITIL.

ProServ is a leading process excellence solutions’ provider in the Middle East with demonstrable experience in the financial services and manufacturing sectors. By aligning processes with business initiative, ProServ plays an integral role in reducing inefficiencies & waste and optimising productivity & profitability of its clients. Our partnership with iGrafx, IT Process Maps, MKS, and Staff&Line provides us access to a wealth of expertise and best of practices to assist organizations achieve process excellence, ITIL, CMMI initiatives, and improve IT governance. More information about ProServ can be found at www.i-proserv.com.

At Staff&Line they turn to good account 20 years of expertise as a pure player in the IT Management space in order to ‘Make IT Easy’. Their EasyVista solution is easier to deploy, use and maintain than other products in the market, without any compromise to features and functionality or its performance.

EasyVista, which is available in SaaS mode or license mode, is ITIL v3 compatible certified on 11 service management processes and covers all aspects of IT Management (IT Service Management, IT Asset Management, CMDB, automatic inventory, user portal) in a single, integrated and modular solution.

With over 60 certified partners worldwide Staff&Line has a direct presence in 6 countries (France, UK, USA, Italy, Spain, Portugal) and the company boasts over 3300 customers in practically every vertical sector including: banking, insurance, financial services, public sector, retail, healthcare, utilities, telecoms managed service providers and IT consulting).

For more information visit www.staffandline.co.uk


Microsoft announces Office 2010 web applications

Software giant to put free office applications online for Windows Live users

by Michael Smith (Veshengro)

Microsoft has announced plans to put free applications from its forthcoming Office 2010 software on the web.

In a move that pits it against Google’s free office document suite (Google Docs) the software giant said users of its Windows Live services and software such as calendars and instant messaging, will be able to use light-weight versions of many Office applications.

So what we are going to be seeing is yet another battle as to who can do it better and while MS has been doing office applications as software for ages Google has been in the clud with it longer.

Recently Google and Microsoft have been competing in each other’s dominant area. Last month, Microsoft released a new search engine, Bing, to challenge Google.

And Google hit back by announcing a move into the operating system arena with Chrome OS. This extension of its Chrome web browser is expected to be released next year.

I do not think, though, that Google will have to fear much from Bing, or whatever else a silly name MS might like to give its search engine. Unless it is going to be better than MSN Search which became Live Search and now Bing, it is not going to be any competition to Google whatsoever.

Web based office 2010 applications will include Excel, One Note, Power Point and Word. But the company warned they will have reduced functionality compared to the full installation of Office.

The full version of Office 2010 will include new features such as an image-processing tool and an enhanced cut-and-paste function for Word.

To give more ‘oomph’ to Power Point presentations the company has also included a video-processing tool. Microsoft also plans to include tools to deal with email management in Outlook.

Office 2010 will be released in the first half of next year and can be installed on PCs running Windows XP with service pack 3, Vista, and the yet-to-be-released Windows 7 operating system.

But Office 2010 is, once again, going to be, for PC installation, a rather costly piece of software and I cannot understand why the majority of users would want to bother forking out vast sums for something they can get for free in the form of Open Office, the Open Source software equivalent to Office.

I have been using Open Office now for years and have not looked back. No loopholes no exploits; just software that works. Thanks!

As for online documents; I guess I stick with Google Docs, thanks!

© 2009

Weak cloud password security highlights strength of local storage

by Michael Smith (Veshengro)

Basingstoke, August 2009 – Reports that researchers at the Black Hat security briefings in Las Vegas drove an electronic steamroller through password recovery systems on Amazon's EC2 and Microsoft's Online Office services come as no surprise, says Andy Cordial, Origin Storage's managing director.

"Password resetting and other security mechanisms in the cloud are always going to be a weak link, as long as user-friendliness comes ahead of security in the cloud computing beauty stakes," he said.

"Expecting regular Joes to whip out a two-factor authentication device for use with a cloud-driven service just isn't realistic. It's not going to happen," he added.

According to Cordial, whose company specializes in secure storage of the bricks and mortar variety, developing a transparent security system for use in the cloud is going to be a seriously uphill task for developers.

Even if the developers succeed in creating a viable and transparent authentication system that can be used on a notebook in a coffee shop in the real world, getting that technology to be accepted on a widespread scale is going to take time, he explained.

On the other hand, he said, installing a user-transparent but high-security hard drive or cluster of hard drives, in an office environment is very easy to implement.

So easy, he noted, that most users need not be aware of the fact their data is being encrypted - and decrypted - to military standards in the background and on-the-fly.

"Secure cloud computing will definitely be the norm for most users in about ten years' time. Until then, encrypted local storage will meet users' needs," he said.

"And the encrypted hard drive technology that is available today can also be acquired for a lot less than you might think," he added.

The biggest problem in all of password security, and especially as regards to “in the cloud” is the human factor.

As Andy Cordial, Origin Storage's managing director said, expecting regular users, the “regular Joes”, to whip out a two-factor authentication device for use with a cloud-driven service just isn't realistic. It's not going to happen. Also strong passwords made up of special signs and such are not going to happen either.

We may have come a little further than “password” for the password but that is about all. We have not gotten much further though, of that we can be certain.

Encrypted hardware technology, as in terra firma hard drives, is still the best choice. Also you can be guaranteed, unless the HDD in fact goes belly up or you really forget the password and have no way of getting at the data, that you can get to your data and that it is 100% your data.

Personally I have looked at “in the cloud” storage but have found all services, especially here the free ones, lacking in a number of ways, not the least of them being that the EULA of many of them state that as a user I would hand over copyright of all materials stored on their drives to them for use as and when they please. Sorry, pardon me? My material is my material, and that's it. I share the copyright with no one.

So, to sum up in the spirit of this: get yourself some good terra firma storage media in the form of external hard drives, servers, and such like and keep the data in house, regardless of the size of your enterprise and even for the home user.

For more on the Black Hat cloud (in)security revelations: http://preview.tinyurl.com/nmm9an

For more on Origin Storage: http://www.originstorage.com

This article was produced from a press release supplied by Eskenzi PR.

© 2009

Peru makes a big statement about reusing rather than recycling of electronics

by Michael Smith (Veshengro)

A lot is being talked about how reusing items is usually greener than recycling, and the more an item can be reused, the better.

This is definitely the case for electronics, since throwing them out or even trying to recycle them leads to environmental harm. One nation, it would appear, may just be a leader for this green practice, and that nation is Peru in South America.

Electronics shipped off to developing nations for "recycling" are often still perfectly good and usable, and often end up being broken up in a manner that is neither healthy for the environment nor for those doing the breaking up, the recycling.

A study called "Product or Waste? Importation and End-of-Life Processing of Computers in Peru," and reported at Greener Computing, found that that in Peru imported electronics do not go straight to e-waste dumps to be broken up for recycling but rather 85% of discarded computers sent to the country are reused instead of recycled.

While many countries certainly do not practice this kind of sorting and reuse, it is a practice that could certainly help mitigate the impacts of e-waste in developing nations and should be encouraged – alongside, of course, far better reuse, repair, and recycling practices in the developed nations where the e-waste shipments originate.

Why can we not for that at the country of origin, so to speak? Why can we not refurbish and reuse those computers wherever they are sent from? This could indeed be possible if we would not rely on Microsoft Windows and its need to have lots of memory and powerful processors but instead would migrate over to Open Source operating systems that are not power hungry such as Linux in it various guises.

It is my belief that such e-waste should first of not be seen as waste and secondly should be repaired and refurbished, where necessary, for reuse in the developed nations themselves. It can be done but we must rethink our use and our attachment to proprietary software.

The United States is the primary source of used PCs imported to Peru. Analysis of shipment value (as measured by trade statistics) shows that 87−88% of imported used computers had a price higher than the ideal recycle value of constituent materials. The official trade in end-of-life computers is thus driven by reuse as opposed to recycling.

This starkly underscores both the wastefulness of the US when it comes to electronics, and the great benefits of reusing products instead of recycling them. If other areas where electronics are recycled in toxic ways are helped to create a system for tracking incoming electronics as Peru has developed, perhaps we would see a drastic reduction in e-waste and pollution associated with unregulated e-waste processing.

I am also certain that we can find the same in other developed countries such as Britain and Germany, as an example. That is to say that perfectly good computers and peripherals are being sent abroad as e-waste simply because they have become, thanks to Microsoft and other proprietary software makers, “obsolete”.

But what does being “obsolete” mean as far as computers are concerned?

Primarily it means that those computers can no longer run the latest proprietary software from either Microsoft or other companies and hence upgrades are necessary and, as it is often cheaper, for companies and government at least, to buy new rather than to have refurbished those computers end up in the trash.

The same machines can, however, still can run full tilt and work well also in industry and government with Open Source software in general and operating system specifically and there is no need to discard them.

But very few companies and agencies seem to be prepared to go and use Open Source and hence we end up with all those waste PCs and such.

Time to rethink...

© 2009

FSA £3m fine on HSBC could easily have been avoided

Cyber-Ark: FSA £3m fine on HSBC could easily have been avoided

(Eskenzi PR) – The three million pounds-plus fine imposed on three of HSBC's divisions for failing to adequately protect customer data could easily have been avoided if the banking group has made use of digital data vaulting technology, says Cyber-Ark.

~Reports that the FSA has hit HSBC's Life UK, Actuaries and Consultants plus Insurance Brokering divisions with heavy-duty fines are the direct result of the bank not using a secure mechanism to allow distributed access to customer's data," said Mark Fullbrook, UK and Ireland Director with the data integrity and security specialist.

"Data vaulting takes the best of encryption and IT security technologies to create data silos into which data can be stored, accessed on a shared basis and edited on a controlled - and auditable - basis," he added.

According to Fullbrook, data vaulting technology is at the heart of Cyber-Ark's Inter Business Vault (IBV) which not only allows data to be stored securely on a fully auditable basis, but also permits the information to be shared collaboratively between users.

The result with IBV is that files can be shared as easily and effectively as some of the cloud-based systems currently available, but with the important proviso that the data remains secure and under full control of the originating organisation concerned.

Most data security systems, he explained, are a trade-off between ease of access and the level of security involved, but IBV offers the best of both worlds, since it offers high levels of encryption and security plus relatively easy shared access.

The HSBC group has been criticised by the FSA for being careless about losing data on more than 180,000 of its customers that could fall into the hands of criminals, the Cyber-Ark Director said.

"If the bank had made a modest investment in IBV technology then it could have prevented this embarrassing - and expensive - situation occurring," he said.

"And you can probably guess who will end up paying for this mistake in the longer term - that's right, the bank's customers," he added.

For more on HSBC FSA fine: http://preview.tinyurl.com/mht6rk

For more on Cyber-Ark: http://www.cyber-ark.com


Twitter down again - another attack?

Breaking News...

Tuesday 08/11/2009
Time 1910 Zulu

Twitter down again, it seems, and cannot be reached. I would guess another cyber attack on the system. Watch out for Facebook and other applications.

1926 Zulu systems working again though wobbly.


Pro-Georgian blogger was the target of Internet attacks

by Michael Smith (Veshengro)

The cyber assaults of early August 2009 that temporarily derailed the websites Twitter, Facebook and LiveJournal were, according to Internet security company F-Secure, aimed at a pro-Georgian blogger.

The massive distributed-denial-of-service (DDoS) attacks were intended, so it would appear, to silence a blogger known as "Cyxymu" hammered Twitter, Facebook, LiveJournal and even YouTube, F-Secure researcher Mikko Hyponnen said in a message at the firm's website.

"Launching DDoS attacks against services like Facebook is the equivalent of bombing a TV station because you don't like one of the newscasters," Hyponnen wrote.

"The amount of collateral damage is huge. Millions of users of Twitter, LiveJournal, and Facebook have been experiencing problems because of this attack."

Facebook reported on Friday that it had isolated the trouble and service for its more than 250 million users had returned to normal.

I must say that I am a user of Twitter and of Facebook and had not even noticed that there has been a problem.

Cyxymu pages at Facebook and LiveJournal were targeted in the cyber assault, according to the Palo Alto, California-based social-networking hotspot.

Facebook said in a release that the attack appeared to have been directed at an individual who has a presence on a number of sites, rather than at the sites themselves.

"Specifically, the person is an activist blogger and a botnet was directed to request his pages at such a rate that it impacted service for other users."

Internet security specialists say the source of the attacks may never be determined with certainty if no one claims responsibility.

"Whoever is behind this attack, they had significant bandwidth available," Hyponnen said.

"Our best guess is that these attacks were done by nationalistic Russian hackers who wanted to silence a visible online opponent."

In "tweets" at popular micro-blogging service Twitter, Cyxymu blames Russian authorities out to stifle his online commentary.

The attacks may have had the opposite effect, with the number of people signed on to follow Cyxymu tweets more than quadrupling to 1,437 in the wake of the cyber assaults.

"My twitter is online!" a tweet proclaimed on Friday at the Twitter page of Cyxymu, who listed his location as Tbilisi. "Thank you all for support after ciber (sic) attack from Russia!"

Twitter and Facebook have teamed with US Internet powerhouse Google to investigate the attacks.

Google, who owns the online video-sharing website YouTube and also a Blogger service that were reportedly hit by cyber attacks.

Mountain View, California-based Google deflected the assaults and "prevented substantive impact to our services," a company spokesman said.

Classic DDoS attacks involve legions of zombie computers, machines infected with viruses, which are commanded to simultaneously visit a website.

Such a massive onslaught of demand can overwhelm website computer servers, slowing service or knocking it offline.

An everyday chatting tool for many, Twitter has also become a weapon for dissidents to circumvent censorship in places where freedom of speech is suppressed.

"The open exchange of information can have a positive impact globally and our job is to keep Twitter services running reliably to the best of our ability," Stone said.

The problem that we have been seeing here , though I must say it bypassed me entirely and |I did not happen to notice anything of it, shows how vulnerable computer systems, large and small, are to cyber attacks of any kind and how easy it could be to incapacitate not just, say, Twitter or Facebook or Blogger, but the national and international infrastructure of communication.

It must be said that many users are to blame as their computers are being turned into zombies in botnets due to their non-existent computer security procedures. Too many users have no idea as to the need to keep anti-virus and other anti-malware software updated on an at least once-daily basis though more often is better still.

Many users are also unaware of the fact that for personal use some of the best anti-virus and anti-malware software can be gotten entirely free for the asking from a variety of official sources on the Net, such as the AVG anti-virus, for instance.

In addition to that, in order to avoid nasty sited when following links, say, in Twitter, Finian also has made available free a browser tool that will verify links as safe, questionable or as dangerous and this tool certainly if very recommended.

While this will never stop such cyber attacks every additional secured PC around the world helps to cut down on the zombies.

© 2009

Finjan Prevents Zero-Day Exploit of Adobe Acrobat Reader and Flash Player Vulnerability

San Jose, California – July 2009 (Eskenzi PR) – Finjan discovered a new 0-day exploit “in the wild”. This time, cybercriminals are exploiting a vulnerability in Adobe Acrobat Reader and Flash player.

The zero-day vulnerability found (CVE-2009-1862) can be exploited to download and execute malicious code on the victim’s PC. Adobe announced that an update will be available on July 31, 2009 which will leave end users’ PCs until then unprotected.

The exploit was detected “in the wild” by Finjan’s Malicious Code Research Center (MCRC). As with the previous 0-day attacks reported by MCRC, Finjan’s unified secure web gateway (SWG) successfully detected and prevented the attempt to exploit the vulnerability and execute the code. By utilizing its patented real-time content inspection technology, Finjan’s SWG proactively prevented the attack without any update.

Web security products utilizing real-time code analysis technologies are the preferred solution to block such 0-day attacks and exploits. Yuval Ben-Itzhak, Finjan CTO explains: “Finjan customers are protected from these kinds of zero-day attacks, since Finjan’s Vital Security™ Web Gateway is able to detect such an exploit and block it without the need to have prior knowledge of the specific technique used by cybercriminals.”

For more information about this zero-day exploit and a snapshot of the actual code as found in-the-wild, please visit Finjan’s blog at: http://www.finjan.com/MCRCblog.aspx?EntryId=2307

For more information on Adobe Security Advisory about this vulnerability: http://www.adobe.com/support/security/advisories/apsa09-03.html

Finjan’s MCRC specializes in the detection, analysis and research of web threats, including Crimeware, Web 2.0 attacks, Trojans and other forms of malware. Our goal is to be steps ahead of hackers and cybercriminals, who are attempting to exploit flaws in computer platforms and applications for their profit. In order to protect our customers from the next Crimeware wave and emerging malware and attack vectors, Finjan MCRC is a driving force behind the development of Finjan's next generation of security technologies used in our unified Secure Web Gateway solutions. For more information please also visit our info center and blog.

For more information about Finjan, please visit: www.finjan.com.
For alerts, please follow us on Twitter at www.twitter.com/SecureTweets


Microsoft and Yahoo cooperate on Search

Bing now to be the search engine for Yahoo. Help!

by Michael Smith (Veshengro)

Bing, the reincarnation of Live Search, which was the reincarnation of MSN Search is now going to be the search engine in use by Yahoo and this is not a good idea, I would say. Bing or whatever its name was or may be in the future is not ever going to be competition for Google and Yahoo Search was better than MSN ever so, why the merger, I ask.

Will this co-operation/merger between Microsoft and Yahoo be good for the users?

Firstly I would say that this may turn a lot of current Yahoo users off and against the company and secondly I am not sure whether the monopoly commissions somewhere should not take a closer look at this. Mind you, not that that would ever bother Microsoft for they have taken no notice whatsoever so far of what, for instance, the European Union has told it to do.

However, it must also be seriously doubted that those two even combined can ever get anywhere near Google, as search engine or otherwise.

As a search engine MSN Search, in its various guises and incarnations, including its latest reincarnation as “Bing”, has always been rather mediocre and lagging behind Yahoo Search even and can never come anywhere close to Google and compete with it.

Unless something of a miracle happens this merger is going to be a wasted exercise and may lead to users abandoning Yahoo, for example.

There are enough users who have a gripe against Microsoft but still use Yahoo, even though Yahoo uses web beacons, for instance, as homepage, for email and such and this “joint venture” of Yahoo with MSN could very well be the straw that breaks the camel's back and might lead to an exodus of users from Yahoo to elsewhere.

I personally am amongst other a Yahoo user with an email account, yahoo groups and My Yahoo homepage, using the latter also as an aggregation agent for RSS feeds and such. However, due tot he fact that Yahoo email cannot be collected onto email clients anymore I have migrated my business email to Gmail and may, sooner or later, also take my homepage to Google.

While Gmail has a strange interface when it comes to the webmail part it downloads just like any old-fashioned POP3 to most email clients and that is just what many of us need.

Since the merger there seem to be also quite a lot of small annoying hiccups on Yahoo such as on Mail when one tries to delete a message one needs two attempts often. Not very helpful when one is in a hurry to do things.

So, I do not see this merger as a good thing for users and neither for Yahoo.

© 2009

DESlock+ Achieves ‘Five Star’ Accolade

SC Magazine recognises DES’ “intuitive way of handling removable media”

London, UK: (C8 Consulting Ltd) - Data Encryption Systems Limited (DES), the UK-based leader in software copyright protection, data encryption, secure messaging and data storage solutions, is pleased to announce that its flagship product, DESlock+ Version 4.0, has just received a five star rating in leading IT security magazine, SC Magazine. This is the highest accolade the magazine awards products under review.

The review, which was published as part of a Group Test on various encryption tools, was published in SC Magazine US, and can also be found online at the SC Magazine website. DES achieved full marks for performance, features, support and value for money and gained an overall rating of five stars.

Nathan Ouellette, product reviewer at SC Magazine, comments: “A unique feature that we liked is the way DESlock+ handles removable media such as USB drives. Users are able to utilise USB tokens without having to encrypt the entire drive. An encrypted folder is created on the stick and any PC with the DESlock+ client software installed will mount the drive from the encrypted folder, making the root folder of the drive equate to the encrypted data. Data is visible or hidden depending on whether the host has the agent installed.”

DESlock+ Version 4.0 was launched at this year’s Infosecurity Show, and has since been gaining a lot of interest. The product adds full-disk and policy-driven removable storage encryption to the well established granular encryption features of DESlock+. The revised back-end updates to the software now allow for a greater degree of control and policy enforcement from the DESlock+ Enterprise Server module and Administration Console. The product is also in the process of qualifying for a US government standard, FIPS 140-2 approval, with certification imminent.

David Tomlinson, Managing Director at DES, explains: “We are delighted that the hard work we have put into product development over the past year has paid off. As a relatively small company, we are very proud to have been tested against the rest of the industry and to have come out with top marks - even beating some of the bigger brand products on the market, such as BeCrypt and Credant. This review demonstrates what we already knew, and that’s that DESlock+ is a market leader when it comes to encryption.”

DESlock+ Version 4.0 is available immediately, with prices starting at just £45 per licence for business users (based on the purchase of 1000+ licences). Prices vary according to the size of the order, so for full pricing options, or to get a quote, please visit: www.des.co.uk, or contact the DES sales team on: 01823 352357 or via email at: sales@des.co.uk.

Since 1985, Data Encryption Systems has been the UK’s most successful manufacturer of software protection dongles, software copyright protection systems, and secure handset reprogramming accessories. Data Encryption Systems markets and supports products used by tens of thousands of businesses worldwide to protect applications, copyrighted materials, medical records, government files and other confidential and personal information. The company’s flagship product, DESlock+, has been awarded SC Magazine’s Best Buy for three years running. DESlock+ licences, the DESlock+ Administrator’s Tool and USB hardware tokens can be purchased at the company’s website: http://www.deslock.com.


Instant message dangers are growing

One in 78 links sent via Instant Messenger is now to malicious content

by Michael Smith (Veshengro)

According to findings by the security company MessageLabs 1 in 78 links sent via instant messaging (IM) programs is to malicious content, and it does not matter, it would seen, which service is being used.

The company said this was an increase of 78 per cent over the past six months.

Paul Wood, intelligence senior analyst at MessageLabs said the increase in threats was down to hackers breaking through Captcha technology. And you all thought that was a safe way, didn't you.

This technology, which involves the user having to read a distorted image of a word and enter that text correctly, is often used when people register for an IM account.

“Bypassing Captcha technology enables the bad guys to create large numbers of fake but valid online accounts", said Mr Wood. "

These are used by spammers to send malicious links via IM that redirect victims to spam websites and sometimes compromised websites.”

The report also found that levels of spam, or junk email, were unchanged since May, remaining at 90.4 per cent. The company said this was largely due to the several hours during which Cutwail, one of the largest and most active botnets, was inoperative following the shutdown of California-based internet service provider, Pricewert LLC on 5 June, 2009.

It must also be said, though, regardless of the fact that so many spammers and malicious accounts are being set up on IMs users especially also must learn to be more vigilant. In addition to that, if using, say, Twitter, then there are is great piece of technology available free from Finian, another security firm, to install into your browser that will check all links sent.

On IM the best advice is that if you do not know the person then do not accept any links for him or her. As simple as that. Do not be open to anyone and everyone to add you as a contact. Make sure first that you know the person and, above all, have good anti-malware software installed on your PC and maintain good OpSec.

© 2009

Google promises end to viruses - Fortify says: don't be hasty

(Eskenzi PR) - Google's engineering director has promised that his company's forthcoming Chrome operating system will see "the end of malware," but, says Fortify Software, the application vulnerability specialist, users shouldn't forget their software may also be flawed.

"You can have the most bug-free operating system in the world – which is what energy companies have in the shape of the SCADA-compliant embedded firmware that drives their critical systems - but if the software has bugs in it, you're dead in the water," said Richard Kirk, Fortify's director.

"The plans of Linus Upson, Google's engineering director, outlined in the latest New Scientist magazine are laudable and, if they turn out to be correct, will make computing a lot safer for everyone, but the plethora of software that is available - and being developed all the
time - makes the task of eradicating viruses impossible," he added.

According to Kirk, this isn't to decry Google's plans for a secure operating system, although he noted that the company's plans took a battering this week when two flaws were revealed in the Chrome browser application.

The irony of Upson's plans is that embedded firmware versions of Windows are already in active use on SCADA-compliant systems in critical government and utility grids the world over, he explained.

The downside of using an embedded operating system is that it cannot be easily updated, but that is a small price to pay for a more secure computing environment, the Fortify director went on to say.

"Google's promise of a flaw-free operating system with Chrome is a really great idea and we applaud that, but our business is based on helping software developers boost the security of their applications during the code audit stage," he said.

"And given that our clients anticipate code auditing to be an integral part of their development plans for some time to come, I think Google's promise to eradicate viruses is a bit on the optimistic side," he added.

For more Google's no-virus operating system plans: http://preview.tinyurl.com/nt8m3k

For more on Fortify Software: http://www.fortify.com


Criminals could capture data from wireless keyboards

A piece of Open-source software could be hijacked by criminals to steal people's personal data, according to security firm

by Michael Smith (Veshengro)

Cyber-criminals could use so-called “sniffer” software to steal sensitive data from users of wireless keyboards, so says Symantec, the makers of Norton Security software.

The security firm said that an open-source project, dubbed Keykeriki, which has been developed by a group called Remote-Exploit.org and theoretically is intended to be used as an educational tool or to test the security of wireless keyboard transmissions, could be dangerous to users of wireless keyboards.

This is because the software and schematics can be downloaded from the Internet, there is nothing to stop criminals using it as a remote keystroke logger that can capture every keystroke without having to install malware onto a PC, said Symantec.

“The criminal implications of this are immediate and obvious. It would mean that someone would be able to remotely capture every keystroke made without having to install anything on to the system and capture personal, sensitive information such as passwords and bank details,” said Symantec.

The company “strongly recommends” using wired keyboards in the office and public places to avoid making critical data vulnerable.

I must say though that this appears, yet again, to be an attack by the proprietary software companies and those that love closed codes on Open Source software.

While it may be a case that cyber-criminals could use the software and even change the code as it is an open source application I am sure there are other keyloggers out there that are in use by such criminals that have been written by this or that member of their criminal fraternity.

To blame the fact that the software is Open Source is, in my opinion, once again, as said, an attack on Open Source.

On the other hand I can but agree with Symantec's recommendation to use wired keyboards. Not only are those safer in use as no signals being transmitted – via the ether – that could be “sniffed out” and also wire keyboards are (1) cheaper and (2) greener.

While wireless keyboards and rodents may be nice as there are no wires cluttering up the desk I personally prefer wired keyboards and mice and that for the previously mentioned reasons, including and especially the security aspect.

But before we all go off the deep end here I think we must also consider that the range of wireless keyboards is not really all that great and the “sniffer” would have to be rather close to the transmitter and transmissions of such a wireless device. Most wireless devices do not cover more than a few yards and unless the “sniffer”, as said, is very, very sensitive it should not be able to do much at all.

Obviously one must be careful and, as Symantec stated, it is therefore best to use wired keyboards, for security alone.

© 2009