admini – Page 152 – CyberSecurity Institute

McAfee to pay $465 million for Secure Computing

Posted on September 22, 2008December 30, 2021 by admini

The Santa Clara, California-based company said on Monday it will pay $5.75 per share of Secure Computing’s common stock, representing a 27 percent premium to the San Jose, California, company’s closing price of $4.52 on Friday.

Secure Computing shares rose 23 percent to $5.56 on Nasdaq, while McAfee shares fell 1.7 percent to $36.68 in morning trading on the New York Stock Exchange.

McAfee Chief Executive Dave DeWalt said the purchase will help round out McAfee’s line of products that help protect business networks. The Secure Computing purchase will add 22,000 more customers in that area, he said.

Jefferies & Co. analyst Katherine Egbert said that while Secure Computing has great technology for protecting computer networks from hackers, it has a reputation for being difficult to use. Ives called the McAfee deal “a better choice (for Secure Computer) than continuing to embark down a bumpy road in a tough macro environment.”

http://news.yahoo.com/story///nm/20080922/tc_nm/securecomputing_mcafee_dc

Only 35% Of Oracle Users Continuously Monitor For Suspicious Activity

Posted on September 20, 2008December 30, 2021 by admini

Abramson said it hasn’t been unusual for him to stumble across views of sensitive data while fulfilling consulting contracts. More and more, companies are pulling their production data forward into unsecure areas where business partners, outside contractors, consultants, or even customers can see it.

Encryption features generally may be applied to database tables as data is stored in them, and Secure Backup guarantees that only encrypted data flows out to the backup tapes. “If used fully, these measures reduce serious risks,” said Abramson, but he also acknowledged that Oracle alone can’t cover all areas of security exposure.

Both Oracle and several third parties are making products available that monitor database activity, watching for suspicious activity and alerting managers when someone seems to be attempting unauthorized activity.

http://www.informationweek.com/news/security/app_security/showArticle.jhtml;jsessionid=NHV10EELD1SC4QSNDLPSKH0CJUNN2JVN?articleID=210602800

SandBox Analyzer for Linux and addition of file-format exploit support

Posted on September 20, 2008December 30, 2021 by admini

In addition to these improvements, the recent release of the Norman SandBox includes a new emulator, advancing functionality, boosting analysis speed by 10%, and increasing detection by nearly 20%.

SandBox Analyzer Pro also gained important debugging features and functionality.

http://www.net-security.org/secworld.php?id=6542

Microsoft to release secure coding model

Posted on September 16, 2008December 30, 2021 by admini

Starting in the fall, the company will allow companies to download its Secure Development Lifecycle (SDL) Optimization Model, which allows organizations to gauge the completeness and maturity of their own software development programs as well as identify gaps in their practices, Steve Lipner, senior director of security engineering strategy at Microsoft, said in an interview transcript posted by company online.

The SDL Optimization Model and SDL Threat Modeling Tool will both become freely available in November, the software giant said.

http://www.securityfocus.com/brief/820?ref=rss

UN Agency Working On Tech Standards To Get Rid Of Anonymity

Posted on September 15, 2008December 30, 2021 by admini

Not surprisingly, the proposal for such a technology was first suggested by a Chinese official, who has long tried to control the use of the internet in that country.

Also, as the article notes, the ITU has no power over the internet these days, but has been pushing to get more power, which is why it’s worth following what they’re discussing behind the scenes.

http://www.techdirt.com/articles/20080912/1602272259.shtml

DHS Report Says Leave Laptops At Home

Posted on September 15, 2008December 30, 2021 by admini

In a document titled “Foreign Travel Threat Assessment: Electronic Communications Vulnerabilities,” published June 10 by the DHS’s critical infrastructure threat analysis division and recently posted to Wikileaks, DHS urges business leaders and U.S. officials to “leave [electronic devices] at home” when traveling.

Recognizing that for some it may be impossible to travel without a laptop and phone, DHS recommends buying a single-use cell phone locally, carrying a designated “travel” laptop with a minimum of information on it, and using temporary Internet e-mail accounts that are not associated with a corporate or government entity.

“Even with these strategies, however, travelers should assume that all communications are monitored,” the DHS Threat Assessment says. “All visitors should be aware that they have no reasonable expectation of privacy in public or private locations,” the bureau warned.

Peter P. Swire, a law professor at Ohio State University’s Moritz College of Law and a senior fellow at the Center for American Progress, says travelers ought to take such warnings seriously and practice good computer hygiene.

Nonroutine searches, such as a strip search, are distinguished by their invasiveness and require a “reasonable suspicion” that the person searched is involved in an illegal activity. It’s not clear from a legal perspective whether laptop searches are routine or nonroutine, and it probably won’t be until the Supreme Court rules on the issue or Congress passes a law requiring reasonable suspicion for searches of electronic devices, which could happen next year.

http://www.informationweek.com/news/security/vulnerabilities/showArticle.jhtml?articleID=210601724