Author: admini

Fidelis Security Systems Releases Next Generation of Extrusion Enhanced Reporting & Alert Management

Posted on by admini

“By bringing together these two best-of-breed technologies, customers can dramatically improve their awareness of and response to security incidents,” said Jeff Scheel, senior vice president of business development, ArcSight.

The newly released version of Fidelis XPS also includes enhancements to reporting and alert management capabilities, enabling business and technical users alike to manage and analyze alert information and trends through the redesigned workflow including incident handling and forensics analysis. “By utilizing these two best-of-breed technologies with the ability to share technical alerts and vital information from end-to-end, an organization can realize the value and full potential of maximum risk reduction in their data security investments.”

http://software.einnews.com/article.php?nid=6924

Read more

Exploit code loose for six-month-old Windows bug

Posted on by admini

“We will continue to monitor the situation and post updates to the advisory and the MSRC blog as we become aware of any important new information,” he said yesterday.

Also on Thursday, Microsoft published its monthly pre-patch notice outlining what would be fixed next week. Although six of the 11 expected updates will affect Windows, and two of those six will affect the editions called out by the April advisory, Microsoft does not provide enough detail prior to patching to determine whether one of those will fix the privilege elevation flaw.

http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9116924&source=NLT_PM&nlid=8

Read more

U.S. proposes digital signing of DNS root zone file

Posted on by admini

The operator of the .org TLD has also committed to the system, according to the Commerce Department.

But to get the full benefits of DNSSEC requires domain name registrars, domain name registries, Internet service providers and others to upgrade their software. “DNSSEC-signed root zone would represent one of most significant changes to the DNS infrastructure since it was created,” according to a notice issued by the Commerce Department in the Federal Register, a daily digest of U.S. government notices.

As it stands now, TLD operators send changes to the Internet Assigned Numbers Authority, which is part of the Internet Corporation for Assigned Names and Numbers. ICANN then sends the changes to the U.S. National Telecommunications and Information Administration, which is part of the Commerce Department. The heavy involvement of the U.S. government in how the Internet’s addressing system is administered, as well as the interests of VeriSign, has drawn criticism that the process is too U.S.-centric. And there appears to be a battle brewing over which entity will manage the cryptographic keys required to sign the root zone file.

http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9116900&source=NLT_PM&nlid=8

Read more

Spam Trends Down?

Posted on by admini

“Addresses on Intercage’s network range were being used to host command and control channels for botnets,” Mark Sunner, chief security analyst at the messaging security specialist said in a report summary.

Overall, the company’s research group found that the global ratio of spam traffic from previously unknown sources reached 70.1 percent (1 in 1.43 e-mails) of all e-mail in September, a decrease of 8.1 percent compared to the previous month.

In the world of message-based malware threats, MessageLabs reported that over 45 percent of the infection-laden e-mails it filtered represented newly-created attacks. One in 288.1 (0.35 percent) of all e-mails intercepted by the researchers harbored some form of phishing attack during the month. However, compared to other threats including Trojans and botnets, the sheer number of phishing e-mails decreased by 29 percent to 45.7 percent of all message-based attacks tracked in September. Phishing levels for Q3 2008 were at their lowest level since Q2 2006 and have continued to diminish since the beginning of this year, based on the company’s numbers.

http://securitywatch.eweek.com/spam/spam_trends_down.html

Read more

Symantec to buy e-mail security vendor MessageLabs

Posted on by admini

MessageLabs’ subscribers turn over the management of their e-mail and Web traffic security to the company and do not have to install on-site equipment.

The acquisition of MessageLabs gives Symantec an alternative e-mail security offering to BrightMail, the company’s antispam and antivirus appliance. “We think the opportunity to expand our footprint in the rapidly growing software-as-a-service market is significantly enhanced by this team becoming part of Symantec,” Symantec CEO John Thompson said in a conference call to discuss the deal.

MessageLabs’ service will be integrated into the Symantec Protection Network, an online-based backup, data-restoration and remote access service launched in April 2007 for small to midsize businesses. Adrian Chamberlain, CEO of MessageLabs, will lead the team and report to Enrique Salem, Symantec’s chief operating officer.

The company reported $145 million in revenue for fiscal year 2008, which ended July 31.

http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=security&articleId=9116620&taxonomyId=17&intsrc=kc_top

Read more

Data Breaches Reach Record High

Posted on by admini

According to the ITRC, subcontractor breaches, which affect multiple businesses, are listed as a single event.

As for the number of individuals affected by the breaches, it’s anyone’s guess.

Colleges and universities, on the other hand, are on pace to reduce breaches for the third consecutive year after accounting for 28 percent in 2006 and 24.8 percent in 2007.

Mobile data losses through laptops, thumbscrew drives and PDAs have accounted for the largest number of breaches both in 2008 (20.3 percent) and 2007 (27.8 percent).

http://www.eweek.com/c/a/Security/Data-Breaches-Reach-Record-High/?kc=WBGNLSTE10092008STR4

Read more