admini – Page 156 – CyberSecurity Institute

Data breach discovery, disclosure outpaces 2007

Posted on August 26, 2008December 30, 2021 by admini

“Those companies become victims of the breach as much as the individuals whose information has been affected,” said Linda Foley, founder of the ITRC. “In many cases they entrusted a vendor to provide a service to safeguard information at the highest level, and when they transport it from one place to another unencrypted, they’re not taking it to the highest level… Companies need to have a better understanding of the contractual obligations of the firm they outsource payroll and other processes to, Foley said.

Foley said the growth in the number of breaches from year to year can no longer only be attributed to required reporting laws and media investigative work. Since each state has its own law requiring notification, companies are not held to one consistent standard to report a breach. Some states are adding language to the law, making it a requirement to provide public notification of the breach notification letters issued to customers, Foley said.

The researchers said current breach laws are problematic because they leave any action, such as canceling a credit card, up to the consumer.

Foley said the ITRC’s breach response program provides a consultant to the company to advise them on an appropriate breach notification letter and first responder calls.

http://searchsecurity.techtarget.com/news/article/0,289142,sid14_gci1327048,00.html

X-Force® 2008 Trend Statistics

Posted on July 30, 2008December 30, 2021 by admini

— Vulnerabilities affecting Web server applications are climbing and so are the attacks, both evidenced by newcomers to the most vulnerable vendor list and this year’s automated SQL injection attacks.

— Although standard Web browsers are becoming more secure, attackers continue to rely on automated toolkits, obfuscation, and the prevalence of unpatched browsers and plug-ins to successfully gain hold of new endpoint victims.

— In the first half of 2008, 94 percent of public exploits affecting Web browserrelated vulnerabilities were released on the same day as the disclosure.

· Independent researchers are almost twice as likely to have exploit code published on the same day as their vulnerability disclosure in comparison to research organizations.

· Although virtual machine breakout vulnerabilities tend to get a lot of attention from the press, they are rare and predominantly target x86 platforms and Type II (virtualization solutions that require a host operating system).

· “Complex” spam (spam that uses images, PDFs, or complex text/HTML) is on the decline and a simpler type of spam is taking its place.

· This simpler spam relies on Web links and short text messages inside spam e-mails, which may be more difficult for some antispam technologies to detect.

· For the first half of 2008, a password stealer family that targets online games is in first place on the top ten malware list, and, in the password stealer category, gamerelated malware takes 50 percent of the top ten spots overall.

http://www-935.ibm.com/services/us/iss/xforce/midyearreport/xforce-midyear-report-2008.pdf

Lancope Ships StealthWatch System 5.8 with Enhanced Network Behavior Analysis

Posted on July 29, 2008December 30, 2021 by admini

“This release introduces a market breakthrough with flow-based enterprise-wide visibility of IPv6 communications that demonstrates the maturity of Lancope’s flow collection technology,” said Adam Powers, CTO of Lancope. “StealthWatch proactively responds to market drivers, such as IPv4 address space depletion, Windows Vista and U.S. Federal mandates, that increase the demand for IPv6 support in network monitoring solutions.”

“We are very excited about this release of StealthWatch.

“As the national IPv6 test center for Ireland and with over 40 active projects, it is critical for us to gain visibility into IPv6 network” said Jerry Horgan, chief infrastructure officer of the Telecommunications Software & Systems Group (TSSG, http://www.tssg.org) of Waterford Institute of Technology.

Powers added, “StealthWatch delivers enterprise-wide picture of communications and interdependencies between users, applications, and systems to expedite troubleshooting and proactively address network performance issues,” said Adam Powers, CTO of Lancope.

By providing network visibility of IPv6 networks, StealthWatch helps enterprises manage risk, reduce the mean time to resolution (MTTR) and improve the end user experience. StealthWatch’s pervasive monitoring delivers visibility before, during and after IPv6 rollouts to minimize threats, such as neighbor discovery attacks, amplification attacks, application vulnerabilities and tunneling. Enterprises can now use StealthWatch behavioral analysis and response to aid WAN optimization.

Introducing powerful network security capabilities that support multiple, ongoing compliance initiatives, StealthWatch’s newly enhanced bot detection and packet capture search capabilities dramatically reduce network risk by minimizing MTTR.

Other enhancements include deepening integrations with existing network infrastructure and third-party technologies to authenticate users and provide high availability credentials.

http://www.prnewswire.com/cgi-bin/stories.pl?ACCT=104&STORY=/www/story/07-29-2008/0004857757&EDATE=

Lancope Ships StealthWatch System 5.8 with Enhanced Network Behavior Analysis

Posted on July 29, 2008December 30, 2021 by admini

“This release introduces a market breakthrough with flow-based enterprise-wide visibility of IPv6 communications that demonstrates the maturity of Lancope’s flow collection technology,” said Adam Powers, CTO of Lancope. “StealthWatch proactively responds to market drivers, such as IPv4 address space depletion, Windows Vista and U.S. Federal mandates, that increase the demand for IPv6 support in network monitoring solutions.”

“We are very excited about this release of StealthWatch.

“As the national IPv6 test center for Ireland and with over 40 active projects, it is critical for us to gain visibility into IPv6 network” said Jerry Horgan, chief infrastructure officer of the Telecommunications Software & Systems Group (TSSG, http://www.tssg.org) of Waterford Institute of Technology.

Powers added, “StealthWatch delivers enterprise-wide picture of communications and interdependencies between users, applications, and systems to expedite troubleshooting and proactively address network performance issues,” said Adam Powers, CTO of Lancope.

By providing network visibility of IPv6 networks, StealthWatch helps enterprises manage risk, reduce the mean time to resolution (MTTR) and improve the end user experience. StealthWatch’s pervasive monitoring delivers visibility before, during and after IPv6 rollouts to minimize threats, such as neighbor discovery attacks, amplification attacks, application vulnerabilities and tunneling. Enterprises can now use StealthWatch behavioral analysis and response to aid WAN optimization.

Introducing powerful network security capabilities that support multiple, ongoing compliance initiatives, StealthWatch’s newly enhanced bot detection and packet capture search capabilities dramatically reduce network risk by minimizing MTTR.

Other enhancements include deepening integrations with existing network infrastructure and third-party technologies to authenticate users and provide high availability credentials.

http://www.prnewswire.com/cgi-bin/stories.pl?ACCT=104&STORY=/www/story/07-29-2008/0004857757&EDATE=

The changing role of information security in the enterpirse

Posted on July 28, 2008December 30, 2021 by admini

Adrian Davis, senior research consultant and author of the report comments:Without doubt, our research shows that information security professionals want to change; to become information risk professionals and true business partners to add value and shape business strategy and processes. This change will involve more than just re-labelling job functions, activities and responsibilities. Skill sets will need to change, as will the way security professionals communicate with their businesses and measure performance.The ISF study examined where security in organisations is headed along with the security value proposition and challenges that have to be faced. Using this extensive research work and analysis including input from over 160 senior security professionals in some 100 major ISF Member organisations from around the world, Adrian Davis and his team identified key areas of change and drivers for change, and looked at the future for information security.

Davis added:It is clear that Information security is changing radically and will continue to change. The pressure for this comes from within the profession and from external forces such as businesses, regulators and changes in culture and behaviour.Although differences exist between both geographical regions and industry sectors, common themes can be identified.

The Report entitled, the Role of Information Security in the Enterprise, is one of over 200 authoritative reports available free of charge to ISF Members.

http://www.net-security.org/secworld.php?id=6357

Top internal network threats in 2008 so far

Posted on July 24, 2008December 30, 2021 by admini

Promisec announced its findings from security audits of more than 100,000 corporate endpoints.

These audits were conducted in the first six months of 2008 in enterprises of different sizes and revealed that not even one organization was completely clean from internal threats, and the minimum number of threats found was three.

http://www.net-security.org/secworld.php?id=6350