http://www.securityfocus.com/brief/299?ref=rss
Month: September 2006
Symantec consumer desktop upgrades likely to hit the enterprise
One change this year is in the desktop firewall. Symantec has determined that consumers are having a hard time configuring the firewalls based on prompts, so Norton Internet Security 2007 will set the firewall’s parameters based on its own analysis of how desktop software attempts to communicate with the Internet.
Norton Internet Security will also have a new “security history” feature to display the actions the software took or even undo them if desired.
While Norton AntiVirus and Norton Internet Security are available beginning tomorrow, the vendor envisions other consumer products for the future.
The third Windows XP-based based desktop product Symantec announced today, Norton Confidential, is a brand-new entry that was developed to protect consumers during e-commerce transactions. Norton Confidential will block consumers from visiting known or suspected phishing sites. While it does some target malware eradication, Norton Confidential does not contain the full antivirus/antispyware eradication capability of Norton AntiVirus. The purpose of Norton Confidential is to protect the transactions of Web users and ensure that a Web site is genuine, not a phishing site. “We keep score on nearly 120 different things on that Web site,” Rosenkrantz said, noting that the capability is based on the e-commerce protection technology gained through the acquisition of security start-up WholeSecurity.
Norton AntiVirus 2007 costs $40, and Norton Internet Security and Norton Confidential cost $50.
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9003162&source=NLT_AM&nlid=1
Massive DoS Attacks Against ISPs On The Rise
Providers, said Arbor, regularly report attacks beyond the capacity of core backbone sections of the Internet in the 10-20Gbps range.
The bulk of these DoS attacks originate with botnets, collections of compromised computers that criminals have acquired by infecting them with Trojan horses through other means, such as e-mail, spyware, or malicious Web sites.
http://www.informationweek.com/story/showArticle.jhtml?articleID=192701817
Six sensible steps to keep disaster recovery real
On this topic IBM aims continuous data backup software at SMBs One in five firms has no disaster recovery plan MessageLabs launches e-mail archival service Protecting Remote Office Data: D2D Backup/Recovery Solutions Protecting Microsoft Exchange: The Need for Disaster Prevention and Optimization Best Practices for Disaster Recovery Across the WAN Costs and Consequences: Securing sensitive data at the edge of the network and beyond Data Protection – A Top Priority: Reduce the Risk of Costly Data Breaches A Guide to Reducing the Risks of Costly Data Breaches security.itworld.com.
Ultimately IT is there to serve business, and disaster recovery planning should be no different. Well, most IT shops still don’t get it, according to EMC Canada consultant Iain Anderson. People are still making technology decisions, and not business decisions.
According to Paul Saxton, lead consultant in business resiliency at IMB Canada Ltd., recovery capabilities have to be matched to the business requirements. “Understand that disaster recovery and business continuity are part of overall risk management,” he says.
“One of the challenges I see all the time is that business continuity and disaster recovery fall back to the responsibility of IT, and IT’s normal response is to throw technology at it,” says Anderson, client director at EMC Corp. of Canada. Anderson says IT has a responsibility to understand how business workflow ties in to business applications, and how those applications in turn are supported by infrastructure. “We tend not to spend enough time communicating out there with the business units and understanding what their business problems are,” he says.
As a type of insurance policy, it’s helpful to know what threats and vulnerabilities you’re likely to come up against. Unless you’re in a tornado area, on a fault line or flood plane, you probably won’t be building a mirror site of your entire IT infrastructure. But going through that vulnerability and risk assessment can be a heated debate, says George Kerns, president and CEO of Fusepoint Managed Services Inc.
The budget for a recovery plan is large compared to the operating budget, and if the chance of a disaster occurring isn’t high, how do you avoid spending too much? “I think this has to come down to a rational conversation between the CIO and the CEO,” says Kerns. He says most business units believe their IT systems can be back up within hours, while IT will estimate a couple of days and an actual assessment of the technology will reveal a further gap.
“This is a big area where more testing needs to be done, with a more rigorous, more integrated approach and a stronger level of governance around it,” he says. And don’t test to pass; you have to test to fail, says Anderson.
Credit Card Giants Modify Security Specs
PCI, which includes specifications for both physical and logical security of credit card data, is required for all merchants who accept credit cards or store credit information. Merchants that don’t comply could face fines as high as $500,000, or, in extreme cases, could have their ability to accept credit cards revoked.
PCI 1.0 was issued two years ago, and merchants were supposed to have achieved compliance by the deadline of June 30 of this year.
Experts say the new guidelines are more clear about “compensating controls,” which give merchants a bit more flexibility in their deployment of encryption and other PCI requirements. David Taylor, vice president of data security strategies at Protegrity and a former industry analyst, isn’t so sure. “The new specs are definitely clearer, and that’s great, but I think a lot of merchants were hoping that the new rules would make it easier to comply, and that didn’t happen,” he says.
PCI auditors previously had hoped that PCI 1.1 would somehow divide the specifications between critical requirements — such as the need for encryption and firewalls — and best practices, such as thorough documentation and training.
http://www.darkreading.com/document.asp?doc_id=103292&WT.svl=news2_1
Stolen Data’s Black MarketStolen Data’s Black Market
“We’ve seen criminals hack into hospital systems just to get the Social Security numbers of the newborns. There’s no one, obvious group of organizations that hackers are targeting.”
There are still plenty of independent hackers out on the Web — just look at the recent Black Hat and Defcon conferences — who might sell vulnerabilities or stolen data by putting them up for auction.
Worms and viruses invented by independent hackers still make up a huge portion of the damage done to corporations each year, Pierson notes.
But the visibility of these individuals and their exploits sometimes belies the growing, but largely unpublicized threat from organized criminals who buy data from hackers or insiders and sometimes contract with them to collect data from a specific corporation, experts agree.
Pierson gives the example of stolen customer credit card data, which is sometimes handled by multiple individuals in a joint effort. While credit card information might be collected through the collaboration of phishers and spammers, that data might then be passed to “cashers” who forge credit cards that use the numbers. Then those cards will be passed out to a network of “mules” who use the cards for small purchases — the kind that might not be immediately detected by the victim — and thrown away. Then the syndicate of players might sell the account information to another buyer, just as the parts of a stolen car might be resold. A similar sort of “syndicate” might be formed to fence stolen business secrets or customer lists to competitors, or to other nations or terrorist groups, he says.
External hackers may be paid off; insiders may be disciplined or dismissed; and in some cases, the crime is never detected. Although there are cases in which external hackers break into an enterprise they find attractive, most targeted attacks involve some help from an insider, experts say.
http://www.darkreading.com/document.asp?doc_id=103198&WT.svl=news2_1