Cyber Security Institute
Wednesday, July 30, 2008
X-Force® 2008 Trend Statistics
The IBM Internet Security Systems X-Force® research and development team discovers, analyzes, monitors and records a wide array of computer security threats and vulnerabilities. The implications of these trends provide a useful backdrop in preparing to enhance information security for the remainder of 2008 and beyond. The overall number of vulnerabilities continued to rise as did the overall percentage of high risk vulnerabilities. Web-based vulnerabilities and threats continue to increase: Over the past few years, the focus of endpoint exploitation has dramatically shifted from the operating system to the Web browser and multimedia applications.
Tuesday, July 29, 2008
Lancope Ships StealthWatch System 5.8 with Enhanced Network Behavior Analysis
Lancope(R), Inc., the provider of the StealthWatch(TM) System, the most widely used network behavior analysis (NBA) and response solution, today announced the general availability of StealthWatch System 5.8. he system-wide upgrade includes powerful new features that further utilize flow data, including Cisco IOS NetFlow(TM) or sFlow(R), to significantly extend the scalability and value of behavior-based anomaly detection and network performance monitoring for enterprise organizations. Key benefits of this release are IPv6 support and visibility, application awareness, risk management and network performance management that support numerous IT initiatives, including WAN optimization, PCI compliance (http://www.lancope.com/solutions/compliance/pci.aspx), MPLS migrations (http://www.lancope.com/solutions/networkoperations/mpls.aspx), IPv6 rollouts and data leakage prevention.
Lancope Ships StealthWatch System 5.8 with Enhanced Network Behavior Analysis
Lancope(R), Inc., the provider of the StealthWatch(TM) System, the most widely used network behavior analysis (NBA) and response solution, today announced the general availability of StealthWatch System 5.8. he system-wide upgrade includes powerful new features that further utilize flow data, including Cisco IOS NetFlow(TM) or sFlow(R), to significantly extend the scalability and value of behavior-based anomaly detection and network performance monitoring for enterprise organizations. Key benefits of this release are IPv6 support and visibility, application awareness, risk management and network performance management that support numerous IT initiatives, including WAN optimization, PCI compliance (http://www.lancope.com/solutions/compliance/pci.aspx), MPLS migrations (http://www.lancope.com/solutions/networkoperations/mpls.aspx), IPv6 rollouts and data leakage prevention.
Monday, July 28, 2008
The changing role of information security in the enterpirse
Information security professionals believe they are moving towards a more pro-active, risk-based approach to securing their organisations and away from just IT and technology-related activities. This is one of the key findings in a study by the Information Security Forum (ISF) looking at the Role of Information Security in the Enterprise (RISE).
Thursday, July 24, 2008
Top internal network threats in 2008 so far
Promisec discovered that 12% of infected computers had a missing or disabled anti-virus program, 10.7% had unauthorized personal storage like USB sticks or external hard drives, 9.1% had unauthorized peer-to-peer (P2P) applications installed, 8.5% had a missing 3rd party desktop agent, 2.6% had unprotected shared folders, 2.2% had unauthorized remote control software, and 2% had missing Microsoft service packs.
Wednesday, July 23, 2008
Website infection rate three times faster than 2007
The first half of 2008 has seen an explosion in threats spread via the web, the preferred vector of attack for financially-motivated cybercriminals. Over 90 per cent of the webpages that are spreading Trojan horses and spyware are legitimate websites (some belonging to household brands and Fortune 500 companies) that have been hacked through SQL injection. Sophos has identified that the number one host for malware on the web is Blogger (Blogspot.com), which allows computer users to make their own websites easily at no charge.
Tuesday, July 22, 2008
Security Service Tests Staff Vigilance Against Phishing Attacks
PhishMe, a new security SAAS offering from the Intrepidus Group, enables companies to launch mock phishing attacks against their own employees in the name of improving e-mail security. “We developed a Web-based portal which is PhishMe.com, which allows our clients to drive the creation and execution of mock phishing exercises,” said Intrepidus CEO Rohyt Belani. “We provided them all the tools ... so in under 30 minutes they can actually set up a mock phishing attack [that] closely mimics a real phishing attack that a spear phisher would execute against the employees.” Studies have shown spear phishing, which involves targeted attacks against a domain or organization, has picked up in the past several months.
Thursday, July 17, 2008
Reinvigorate your Threat Modeling Process
We think about threats against our assets: our families, our jewelry, and our sentimental and irreplaceable photographs (well, those of us old enough to have photos that never existed in digital form do). We model threats based on architecture: there’s a wall here, a picture window there, and an easily climbed tree that we can use when we forget our keys. And we model threats based on attackers. We worry about burglars and kids falling into pools. We also worry about the weather, be it earthquakes, snow, or tornadoes. If I wanted to sound like a management consultant, I’d say you employ a mature, multi-dimensional assessment process, with a heavy reliance on heuristics and low reproducibility across instances.
Increasing threat of confidential information loss
A national security and privacy survey sponsored by CA showed that security threats from within an organization now are a bigger problem than attacks from external sources. At the same time, the number of U.S. organizations reporting loss of confidential data and reduced customer satisfaction has increased by 55 percent and 65 percent, respectively, in the past two years. According to the CA 2008 Security and Privacy Survey, in 2008 more than 34 percent of organizations reported a loss of confidential information as a result of security attacks and breaches, up from 22 percent in 2006. Reduced customer satisfaction as a result of security attacks and breaches has also significantly increased from 20 percent in 2006 to 33 percent in 2008.
Tuesday, July 15, 2008
Know Your Cybercrime Enemy - the Latest Cybercrime Organizational Structures and Modus Operandi
In its Q2 2008 Web Security Trends Report, Finjan outlines the latest developments in the cybercrime commercialization economy Farnborough, United Kingdom, July 15, 2008 - Finjan Inc., a provider of secure web gateway products, today announced the latest findings by its Malicious Code Research Center (MCRC). In its latest trends report for Q2 2008, the center identifies and analyzes the latest Crimeware business operations, and provides a first-of-its-kind insider’s look at the organizational structure of Cybercrime organizations.
Saturday, June 28, 2008
2008 Security Survey: We’re Spending More, But Data’s No Safer Than Last Year
In the face of growing demand to target security investments based on risk management principles--a domain foreign to many CIOs and infosec practitioners--there’s wisdom to be garnered from our peers. Zero in on the information security risks facing your company, or you’ll likely find yourself overwhelmed. That’s the overall message of our 2008 InformationWeek Strategic Security Study, which polled nearly 1,100 IT and business professionals about plans and priorities for securing their companies’ assets. Getting the money for security isn’t the biggest problem: Fully 95% will see their budgets either hold steady or increase this year. It’s that the money isn’t making data safer.
Thursday, June 26, 2008
Web firewalls trumping other options as PCI deadline nears
Companies scrambling to comply with a Web application security requirement due to take effect next week appear to be heavily favoring the use of Web firewall technologies over the other options that are available under the mandate, according to analysts. The mandate from the major credit card companies is the latest adjustment to the Payment Card Industry Data Security Standard (PCI DSS). Essentially, it requires all entities accepting payment card transactions to implement new security controls for protecting their Web applications.
Monday, June 23, 2008
Security and Business: Financial Basics
You need to find and use the right financial metrics to communicate security’s value to your company. Here are pros and cons of four: TCO, ROI, EVA and ALE.
Saturday, June 21, 2008
Microsoft targets password stealers
Microsoft’s June 10 update of its Malicious Software Removal Tool (MSRT) was updated to detect and remove game password-stealing malware. As you all probably know by now, this month in MSRT was a very significant release for Gamers everywhere with the addition of a variety of password stealers directly targeting Online games. The main offender in this motley crew of badness is Win32/Taterf.
Friday, June 20, 2008
Desktop Virtualization Gets Military-Grade Security
Tresys Technology has released a desktop virtualization platform with a difference - it is designed from the ground up for organizations needing tight security, including military bodies. Tresys, which has a track record of providing military systems, said its VM Fortress can cut costs for organizations which would like to implement the consolidation programs offered by desktop virtualization, but haven’t taken the leap because of security concerns.
Firewall Vendors Look to Automate Policy Changes
For IT staff in global enterprises, adding a new employee is far more involved than finding a desk and a chair for the new hire. Typically, it means huddling over spreadsheets, muttering to themselves as they figure out what changes to make to access rights and policies while taking into account a labyrinthine array of legal, departmental and compliance rules.Multiply that scene by thousands of users, spread over different countries, and you have the massive, frequently chaotic process that takes place practically every week in major companies.In response, firewall vendors are looking to help IT fight back using policy management automation solutions, designed to simplify the task of managing policies—and minimizing the risk of human error.
81% of corporate PCs lack antivirus, firewall or patches
Sophos has revealed the results of its Endpoint Assessment Test, a free online scanning tool that checks endpoints for security vulnerabilities, defined as missing Microsoft security patches, disabled client firewalls and missing endpoint security software updates.
Threat of an embedded security disaster
For many years, embedded systems have been quietly working behind the scenes of almost all modern technologies, from automobiles to factory floors to space exploration missions. Just as the early networked desktop PCs and servers were unprepared to address the new security implications of network connectivity, today’s embedded systems present a significant new security concern, which must be addressed immediately and systematically. Some of the critical security issues presented by modern embedded systems are: Diverse network-connected embedded systems use combinations of custom and COTS software, the details of which are typically known only to the vendor of each embedded device, making vulnerability assessment, risk analysis, and patch management difficult.
Wednesday, June 18, 2008
StoneFly Intros Encrypted IP SAN
StoneFly introduces first high-availability IP SAN with encryption to combat rising tide of data security breaches
Thursday, June 12, 2008
When it comes to data security breaches, the general public doesn’t need to know
When it comes to data security breaches, 78 percent of US IT decision-makers feel that companies do not need to inform the general public; this according to a recent survey by content security specialists Clearswift. Of the U.S. organizations polled, 19 percent had suffered a data loss in the last 12-18 months, and of those, 50 percent had experienced more than one.
Data thieves get focused (but buyers get sloppy)
Finjan: Commoditization of market driving more targeted attempts When it comes to online data theft, credit card numbers and bank account data are so 2007. Increasingly, thieves are after more-specialized information such as health care data, single sign-on credentials for remote log-in to corporate networks and FTP account data, according to a new report from security vendor Finjan Inc.
Monday, June 09, 2008
PGP Releases Bre-Boot Data Encryption For Mac OS X
While PGP already offers a data encryption solution for the Mac, the latest release adds a pre-boot authentication to the Menlo Park-based company’s data encryption offering for Mac’s Tiger and Leopard operating systems. Specifically, the disk encryption solution is aimed to protect the entire content of any type of removable media, including laptops, desktops, external drives or USB flash drives, including boot sectors, system and swap files.
Tuesday, June 03, 2008
Gartner Details Real-Time ‘Adaptive’ Security Infrastructure
Gartner Security Summit 2008—What if your network could proactively adapt to threats and the needs of the business? That’s the vision of the adaptive security infrastructure unveiled by Gartner. Neil MacDonald, vice president and fellow at Gartner, says this is the security model necessary to accommodate the emergence of multiple perimeters and moving parts on the network, and increasingly advanced threats targeting enterprises.
Secure remote access for Apple iPhone from Check Point
Check Point announced Check Point VPN-1 support for the Apple iPhone, allowing secure remote access to corporate network systems.
New Payment Card Industry compliance solution
Tufin Technologies today announced a new PCI Compliance solution as part of its SecureTrack security operations management product. It provides a comprehensive PCI-DSS Audit Report for security devices, helping IT security teams meet the standard’s requirements in various control areas from network security and data safety all the way to access control and accountability.
Apple releases Mac OS X security guide
Apple released its Security Configuration Guide for Mac OS X 10.5 “Leopard” on Monday, a 240-page document that describes ways for sophisticated Mac users to further secure their systems.
Monday, June 02, 2008
New Google Service Helps Infected Websites Clean Up
The search giant last month quietly added a new, free service called the Safe Browsing Diagnostic Page that tells whether a site flagged by Google as potentially dangerous is hosting malware, or helps distribute malware, for instance. The idea is to give owners of the compromised Websites more information to assist in their remediation and cleanup of the site, and to provide users more information on why the site has been flagged. The search giant’s automatic flagging of potentially risky Websites has been “highly accurate,” according to Niels Provos, senior staff engineer for Google, but it wasn’t easy for Webmasters and users to verify the results.
Thursday, May 22, 2008
Cyber crime on the rise in Canada
According to a recent survey commissioned by the Canadian Association of Police Boards, cyber crime is quickly becoming that country’s top crime. In a release issued by the CAPB, an official with the organization said that the average Canadian citizen is “now more likely to be the victim of a crime through the Internet than on the street or in their home.”
Wednesday, May 21, 2008
Organizations deal with a broad range of security threats
Spyware, viruses and worms continue to plague most organizations, but security challenges tied to the use of handheld devices and mobile and remote computing are growing at a rapid pace, new research commissioned by the Computing Technology Industry Association (CompTIA) reveals.
Microsoft expands security information sharing services to CERTs
Microsoft announced the extension of the Microsoft Security Cooperation Program (SCP) to include computer emergency response teams (CERTs), computer security incident response teams (CSIRTS), and other response and guidance organizations that represent a nation, region or population.