Cyber Security Institute

Saturday, April 30, 2005

IT Vigilance Urged to Fight Malware, Bots, Root Kits

Stronger authentication, better firewalls and use of the latest software are needed to battle an expanding Internet threat environment.  At least that is the view of Microsoft’s David Aucsmith, architect and CTO, Security Business & Technology Unit.


Friday, April 29, 2005

Wireless gear makers update Wi-Fi for the office

Several wireless equipment suppliers, including Cisco Systems, Siemens Communications and Aruba Networks, are set to show off new products and enhancements at next week’s NetWorld+Interop trade show in Las Vegas.


Gates Pushes Auto Industry on Technology

Microsoft Corp. (MSFT) mogul Bill Gates and the leader of Ford Motor Co. (F) outlined a future in which software enables cars to fix themselves and avoid accidents.


Thursday, April 28, 2005

California bill would ban tracking chips in IDs

California lawmakers are joining the national debate on the merit of incorporating electronic identification devices in driver’s licenses, student IDs and passports.  A bill that would put strict limits on California’s use of such devices in all state-issued identity documents is making its way through the state’s legislature and was approved this week in a 6-to-1 vote by a senate judiciary committee.


Wednesday, April 27, 2005

Be Aggressive With E-Mail Policies

An aggressive, strategic, and proactive approach to e-mail hygiene is essential for businesses, large and small, according to Matt Cain, senior vice president at the Gartner Group, who participated in a recent webcast sponsored by IT Papers and CNET Networks.


Security bosses want encryption bans overturned

An international security consortium is set to lobby governments around the world to withdraw restrictions on encryption standards.


Tuesday, April 26, 2005

Wi-Fi-proof sheet gets UK government approval

Wireless hackers could soon face problems when trying to steal information, now that the British government has endorsed a transparent film that can block Wi-Fi transmissions and other wireless signals from travelling through windows.


Intoto Introduces Multi-Service Security Software

Intoto, a leading provider of network-centric secure gateway software for networking and communications Original Equipment Manufacturers (OEMs), has announced the availability of multi-service security software platforms for Small to- Medium Enterprise (SME) gateway applications.


Monday, April 25, 2005

Microsoft reveals hardware security plans

The next version of Windows, codenamed “Longhorn,” will have security features to take advantage of the trusted computing hardware now showing up in the marketplace, Microsoft executives announced recently.


Sunday, April 24, 2005

$5.2 bln will be spent on Wi-Fi, $115 mln on WiMAX in 2005

Telecommunications Industry Association (TIA) announced that 2005 Wi-Fi and WiMAX infrastructure revenues for the US are forecast to hit $5.2 bln and $115 mln respectively.


What Price Security?

All businesses take risks - especially if they can lead to rewards.  That’s partly what return on investment (ROI) is all about.  In exchange for money spent, you hope to reap something in return.  But what about investments whose returns aren’t easily measured in dollars and cents?  For example, how do you measure ROI for security?


Friday, April 22, 2005

The Defining Moment

Gently prod a convergence conscientious objector, and what you often discover is a misconception about what the term means.  Convergence does not mean ripping the IT security group out from under the CIO and stapling it to the hindquarters of the corporate security group, where a 70-year-old ex-cop security manager can proceed to ignore it.  Neither does it mean piling contract guard management on the already overloaded plate of a horn-rimmed, twentysomething firewall jockey who thinks “shredding” is strictly a snowboarding reference.


Thursday, April 21, 2005

Worm Lull, Windows XP SP2 Keeping Outbreaks At Bay

E-mailed worms pose less of a threat and Microsoft has been lucky so far, said a virus researcher Friday in explaining why 2005 has been relatively quiet on the security front.


Wednesday, April 20, 2005

Experts urge wireless security integration

Corporations should think of wireless security as an add-on to their existing security architecture, not as a separate entity, according to analysts and vendors at the Wireless Security Conference & Expo.


Microsoft, VeriSign Team on Wi-Fi Security Architecture

Citing the increased risk posed by mobile workers and wireless networking technology, Microsoft Corp. and VeriSign Inc. said that they are teaming up to help organizations secure Wi-Fi networks.


Tuesday, April 19, 2005

UK banks to set new industry online security standard

The community of UK banks is expected to establish a new standard practice for the use of two-factor authorization technology to combat online payment fraud, in the coming weeks.


Symantec Offers Free Anti-Spyware Beta

Symantec released a free beta of its integrated security suite that for the first time includes a full-featured anti-spyware component, a move by the Cupertino, Calif.-based company to fend off both its long-time rivals in the security space as well as smaller firms that specialize in spyware defenses.


2005: The Year of Internal Security

Internal security attacks can happen either maliciously or inadvertently.  But regardless of what prompts an internal security breach, one thing is for certain: The impact of internal security issues causes negative results on an organization from both a technical and business perspective.


Security Concerns for Migrations and Upgrades to Windows Active Directory

Most organizations are either at Windows Active Directory or they are contemplating that move now.  If you fall in the latter category, you have some decisions to make.


Monday, April 18, 2005

IBM Stresses App Security

IBM is planning to bolster its development tool set with features to help developers bake security into their applications.


Expanded Wi-Fi certification brings confusion, says Gartner

While they expand the test matrix against which all wireless LAN (WLAN) products will be tested for WPA/WPA2 certification, Gartner says, the move comes late and with questions.  The Wi-Fi Alliance will still call the ‘new’ certifications WPA and WPA2 and will allow a grace period during which ‘old’ WPA and WPA2 certifications can still occur.


VoIP is a threat to wireless security

Security standards for mobile computing and telephony have recently improved, analyst group Gartner claimed, but while service providers have strengthened the security of mobile internet and email connections, customers are going to have to pay extra for it.


How vulnerable is the ‘Net?

Security upgrades ongoing, but some argue more needs to be done.  The unusual activity began two weeks before the attack.  Officials from the Cooperative Association for Internet Data Analysis, which had begun monitoring Internet nameserver behavior at the start of 2002, noticed varying levels of performance degradation in early October of that year.  Little did they realize that on Oct. 21 they would witness a flood of ping messages on the Internet’s 13 DNS root nameservers that would cause the most notorious denial-of-service attack on the Internet to this date.


Malware Evolution: January - March 2005

Kaspersky Lab presents its quarterly report on malware evolution by Alexander Gostev, Senior Virus Analyst.  This report addresses questions such as why email worms no longer seem to be causing epidemics, the increase in worms targeting instant messenger applications, what effect the release of SP2 for Windows XP has had on security, and why adware and spyware are the latest buzzwords in the field of IT security.


Friday, April 15, 2005

Six Ways To Protect Against Zero-Day Attacks

In the last year, a series of viruses and worms that caused damage across the Internet in record time has made very clear how vulnerable our computer systems are.  The MS Blaster, Slammer, Sasser, and Korgo.W worms have shown that signature-based antivirus software and traditional firewalls are not enough to protect networks.  Everyone is worried about a zero-hour attack—- an attack based on a previously unknown vulnerability and completely immune to antivirus software.  What can you do to protect your network from such an event?


F5 Fires Up Powerful SSL VPN Solution

The FirePass 4100 appliance from F5 Networks is an impressive and powerful SSL VPN solution.


Thursday, April 14, 2005

Convergence: The Payoff…The Pain

The benefits of running a unified security operation are real.


Is Machine-To-Machine (M2M) The Gap In Your Security

Over the last ten years, major changes have occurred in IT.  With the Internet driving the pace, one of the most significant developments has been the rise of IP to become the dominant protocol.  Another key element has been the decentralisation of systems, with the perimeters of organisations rapidly disappearing.  Anywhere, anytime, anyhow access is now becoming increasingly achievable.  This ‘deperimeterisation’ of the network has significantly changed the security landscape.  Organisations now need to move from a reliance on powerful gateway security to a recognition that applications, departments and network segments need their own security.  While this challenge has been recognised and addressed by many businesses, one key area has been largely overlooked - that of machine-to-machine connections (M2M).


Microsoft Worm Cleanser Goes Rootkit Hunting

Microsoft’s worm-cleansing tool has been updated to detect and remove Hacker Defender, a notorious rootkit program used by malicious virus writers.


Monday, April 11, 2005

Security: It’s just a matter of asking the right questions

For many small and midsize networks, application security can often be a grey area.