Month: December 2003

Core Security Technologies discovered that the Windows Workstation vulnerability announced by Microsoft last month could be exploited using the same type of data used by the SQL Slammer worm to spread across the Internet in just minutes. “We believe these new attack vectors make the vulnerability even more dangerous and critical as the proposed workarounds are not sufficient to close them and particularly because they outline a very plausible scenario for a highly efficient worm,” Ivan Arce, chief technology officer for security software maker Core Security Technologies, wrote in an e-mail to CNET News.com.

The company’s report also found that flaws in the Windows Messenger service, which allowed the MSBlast worm to spread this summer, could be exploited using the same “fire-and-forget” user datagram protocol (UDP) packets.

Core ST acknowledged that the patches will prevent the attacks and also urged people to apply the fixes.

More info: [url=http://zdnet.com.com/2100-1105_2-5118580.html]http://zdnet.com.com/2100-1105_2-5118580.html[/url]

It’s not an easy trek, becoming a security manager. But of all the possible security executive jobs out there, none is probably as challenging as the public-sector job.

The government CSO most likely has climbed his career mountain without a Sherpa or a harness to catch him if he falls. For starters, cultural and situational issues unique to government jobs make for a particularly tough journey for the government CSO. In the US Office of Management and Budget’s 2001 Government Information Security Reform Act report to Congress, for example, six IT security weaknesses in government were identified. They included a lack of attention to IT security by senior management and nonexistent IT security performance measures. In addition, the report cited poor security education and awareness, a lack of fully funded and integrated security, a failure to ensure that contractor services are adequately secure, and a problem with detecting, reporting and sharing information on vulnerabilities.

Although those weaknesses exist outside the public sector, they are exacerbated in government agencies where procedural problems and incompetent management can inflate them. Government security officers have less control than their civilian counterparts.

While industry executives are constrained by their budgets, government employees have to buy goods and services from a government-approved list, and they are bureaucratically hampered in their hiring. In the private sector, CSOs answer solely to the executive team. Public-sector CSOs have lists of executives they report to.

More info: [url=http://www.cio.com.au/index.php?id=1487268597&fp=16&fpid=0]http://www.cio.com.au/index.php?id=1487268597&fp=16&fpid=0[/url]

At InfoSecurity 2003, a conference and expo targeting enterprise security that opened Monday in New York City and wraps up Thursday, a slew of security providers rolled out a solid slate of creative new wares.

Network Intelligence released the newest version of its security event management (SEM) software, enVision 2.001. The new software, which is integrated into Network Intelligence’s own line of security appliances, sports additional device support, improved analysis of security events — it can handle as many as 50,000 sustained events per second, according to Network Intelligence — and a new method of calculating the severity of events based on Homeland Security’s severity levels.

Cryptolog launched Unicity, a software-only solution that deploys digital certificates to end users based on ‘zero knowledge’ authentication and virtual smart cards.

Unicity uses the technique to issue digital certificates — used to authenticate users for financial transactions, to access protected documents, and to encrypt and sign e-mail messages — without the need for cumbersome hardware, said Cryptolog.

OpenService used InfoSecurity to unveil Security Threat Manager 2.0, the latest edition of its real-time threat assessor and security monitor.

New to STM 2.0 are improvements to its reporting skills — it now links detected threats to the lines of business they target, giving administrators a clearer picture of what’s actually under attack — topology visualizations that provide a graphical view of threat activity and allow IT staff to ‘drill down’ into the attack.

NeoScale Systems announced the impending release of CryptoStor for Tape 1.2, a high-speed tape protection appliance that compresses, encrypts, and digitally signs data as it’s recorded on physical or virtual tape libraries.

New to 1.2 is support for IBM Tivoli Storage Manager, adding to existing support for backup apps from Veritas, Legato, Hewlett-Packard, and Computer Associates.

Based on a client/server architecture, Global Command Center lets administrators access, share, and synchronize firewall configurations across the enterprise; create and enforce firewall and VPN policies; and monitor and control firewall activity from a central location.

More info: [url=http://www.techweb.com/wire/story/TWB20031210S0005]http://www.techweb.com/wire/story/TWB20031210S0005[/url]