Cyber Security Institute

Thursday, April 28, 2011

Symantec announces April 2011 MessageLabs Intelligence Report

This month analysis reveals that targeted attacks intercepted by Symantec.cloud rose to 85 per day, the highest figure since March 2009 when the figure was 107 per day in the run-up to the G20 Summit held in London that year.  MessageLabs Intelligence has also revealed that shortened URLs have become increasingly popular recently, being used to lure people to click on advertising links; a practice known as click-fraud.  In April, 1 in 168.6 emails contained malware and targeted attacks accounted for approximately 0.02% of these.

MORE...

Dropbox 1.2 Experimental Build Fixes Security Issue

Attackers could use the file on any other computer with Dropbox to download all files of the original owner, without entering the Dropbox login credentials or notifications in the Dropbox dashboard that another device was used to download the data.  Dropbox 1.2 introduces a new encrpyted database format to “prevent unauthorized access to local Dropbox client database” in addition to the security enhancements.  This is related to the security issue, as the user who discovered the vulnerability in first place did uncover it by analyzing the local Dropbox client database.

MORE...

Dropbox 1.2 Experimental Build Fixes Security Issue

Attackers could use the file on any other computer with Dropbox to download all files of the original owner, without entering the Dropbox login credentials or notifications in the Dropbox dashboard that another device was used to download the data.  Dropbox 1.2 introduces a new encrpyted database format to “prevent unauthorized access to local Dropbox client database” in addition to the security enhancements.  This is related to the security issue, as the user who discovered the vulnerability in first place did uncover it by analyzing the local Dropbox client database.


http://www.ghacks.net/2011/04/28/dropbox-1-2-experimental-build-fixes-security-issue/

MORE...

VCs and IT Security Firms: Not Much Love in the Air

Although security breaches make the headlines regularly and Washington has plans to upgrade the security of the United States’ national infrastructure, up-and-coming IT security companies are having difficulty securing investment funds.  “It seems there’s been a general shift among venture capitalists away from security,” Jim Pflaging, director and managing principal at SINET, stated at a private lunch at the 2011 IT Security Entrepreneurs’ Forum (ITSEF), held in Palo Alto recently.

MORE...

Monday, April 25, 2011

AT&T starts selling ‘cell tower in a suitcase’

For the first time, AT&T is selling small, portable cellular antennas that will allow corporate and government customers to provide their own wireless coverage in remote or disaster-struck areas.

MORE...

Wednesday, April 20, 2011

Data Security moves up the agenda & is now seen as important as cost savings within the public sect

The research, which was conducted using qualitative interview techniques with a range of public sector organisations across the UK shows that data security is now far higher on the agenda than in either of Becrypt’s previous two surveys.    The research showed that there has been a significant change in attitudes to data security in the public sector, with 92% of those questioned now having specific policies for dealing with sensitive data.

MORE...

Kaspersky -IT Security Policies Still Don’t Work According to New Research

Despite more than three quarters (77 per cent) of IT managers saying their company has a security policy in place for the use of tablets and smartphones, IT professionals are still downloading unauthorised applications onto their devices, according to online research released today by Kaspersky Lab, Europe’s largest anti-malware company.

MORE...

Wednesday, April 13, 2011

Kerry-McCain privacy bill: What you need to know

A privacy bill of rights is something that tech pundits have talked about for years, but now Senators John Kerry and John McCain hope to make it a reality with a bipartisan bill in the Senate called the “The Commercial Privacy Bill of Rights Act of 2011.”  The Kerry-McCain bill would force companies to let users opt out of data collection when used for behavioral ads or transfer to third parties. ...  For sensitive information—religion, health records or other stuff that can cause physical or financial harm if made public—companies would need users’ consent through an opt-in.

MORE...

Friday, April 01, 2011

Bank of America moves to further ramp up security with new CISO

Bank of America has named Patrick Gorman, a veteran government and corporate technology executive, as its new chief information security officer.

MORE...