Author: admini

Tool Uncovers Inadvertent ‘Chatter’

Posted on by admini

Data seepage — not to be confused with data leakage — is where seemingly innocuous data gets exposed by your chatty client applications over public WiFi connections, or even inside the enterprise network.

Robert Graham, Errata Security’s CEO and David Maynor, its CTO, will use this Windows- and Linux-based tool to demonstrate just how much danger data seepage can pose, during their Black Hat presentation on March 1.If your users are working from an airport or Panera Bread WiFi connection, their machines are announcing themselves to anyone else on those machines, which makes your corporate network a target.

The Oracle client, for instance, will try to connect to its server if you have cached credentials on your laptop.

“And Apple is even more chatty than Windows.”

Next, Errata will develop a proof of concept showing how an attacker could set up a trojan server that could respond to the client’s requests, posing as an Oracle database, Web server, or a wireless access point, says Graham.

http://www.darkreading.com/document.asp?doc_id=117636&f_src=darkreading_section_296

Read more

Ensuring a Successful Partnership with Your MSSP

Posted on by admini

Organizations that select an MSSP as a security partner should be prepared to integrate the MSSP’s people, processes, and technology with their own to effectively improve their security posture.

Ensuring the long-term success of a security partnership is based on four key areas of focus: trust, operational extension, service reviews, and parallel roadmaps.

Managed security service providers that have earned certification under a widely recognized standard such as BS7799 have demonstrated their expertise in establishing, implementing, and documenting effective information management systems. Another certification, the Statement of Auditing Standard No. 70 (SAS 70) Type II, also provides client organizations assurances regarding specific control objectives that the MSSP has designed to meet customers’ unique needs.

Many companies, particularly financial services and other highly regulated organizations, require credible proof that an MSSP has processes and controls in place to provide a consistent, stable, and secure environment to safely monitor and manage customer data throughout the organization.

This requires an MSSP to have the depth and breadth of expertise to meet an organization’s current security needs.

http://www.it-observer.com/articles/1306/ensuring_successful_partnership_with_your_mssp/

Read more

3G Card Secures Laptops

Posted on by admini

But Dimitri Stiliadis, chief of architecture for Project Evros at Alcatel-Lucent Ventures, says the goal of the mobile project wasn’t just about the laptop theft epidemic. “It’s more about device management and remote control to handle the increasing population of laptops” in enterprises, he says. “It’s for patch management, backups, configuration managements, end-point security, and for [tracking and protecting] lost and stolen laptops.”

Still, Project Evros’ security features are the most compelling in this day of patch management woes and slippery laptops. “Project Evros does tackle a lot of the mobile security and device management issues that are plaguing enterprises that have a large mobile workforce,” says Sandra Palumbo, program manager for enterprise IT and communications services at The Yankee Group.

A thief would have to break the encryption algorithm and session key to get to the data, though.

The nonprofit Visiting Nurse Association of Northern N.J. will begin testing Project Evros cards sometime in the next week or so, says Michael Landsittel, manager of information technology for the association.

Project Evros is still only a prototype, and Alcatel-Lucent Ventures won’t give too much detail as of yet on its final product form, nor just how it will be distributed and marketed. But the plan is for release sometime this year, and the company also is considering this technology for PDA devices as well, says Alcatel-Lucent’s Skuler. The company is currently working with PatchLink to integrate with its patch management software, as well as with other patch management, backup, and configuration management application developers.

http://www.darkreading.com/document.asp?doc_id=117452&f_src=darkreading_section_296

Read more

Breach Insurance

Posted on by admini

For an annual premium as low as $1,500 a year — or as high as several hundred thousand — enterprises can buy policies that will reimburse them in the event of unauthorized system access, stored data losses, customer privacy violations, cyber extortion, and cyber terrorism. Depending on the coverage, your company could receive reimbursements not only for downtime caused by a hack, but for lost business or legal settlements with complaining customers. If you work in a company that’s a high-risk target, and maintains shoddy security systems and practices, you can expect to pay a high premium for insurance.

A site like MySpace has to concern itself with liability costs associated with libel or other offenses that might be committed via the site.

There are many types of coverage — AIG’s NetAdvantage plan alone has 10 different offerings — but they can all be divided into “first party” or “third party” coverage, experts explain. “To get this type of coverage, you have to go through a broker,” Davis says.

http://www.darkreading.com/document.asp?doc_id=117536&f_src=darkreading_section_296

Read more

Most IT Managers Expect Major Security Hit Every Year

Posted on by admini

The company this week released its IT Risk Management Report. Over the course of a year, Symantec analysts surveyed 500 IT executives and managers about the risks that their organizations are facing.

“As organizations are growing more and more dependent on their IT systems to conduct business, IT risk has become a primary concern for business leaders,” said Greg Hughes, an executive VP with Symantec, in a statement.

http://www.darkreading.com/document.asp?doc_id=116628&WT.svl=cmpnews2_3

Read more

CA’s New Host-Based Intrusion Prevention Provides Centralized Protection Against Online Threats

Posted on by admini

CA HIPS monitors both incoming and outgoing traffic and enables centralized management of access control policies.

“Today’s sophisticated threats require a multi-faceted defense that incorporates proactive threat detection and whitelisting, working hand-in-hand with existing antivirus and anti-spyware technologies,” said Robin Bloor, partner, Hurwitz and Associates.

CA HIPS uniquely facilitates the definition and implementation of security policies by allowing administrators to create policies based on user behavior and existing examples. This “learn-by-example” approach eliminates much of the time and effort typically required for administrators to define policies for specific roles, applications and/or resources.

“IT organizations are already dealing with twice as many threats as they did even just a year ago — and those threats are getting more complex and sophisticated all the time,” said Sam Curry, vice president, CA security management.

“CA HIPS enables us to provide our customers with an additional layer of security that complements CA’s anti-spyware and antivirus solutions which have already proven to be so effective for them,” said Jimmy Barter, vice president of business development, Net-Tek Networking Solutions, a total solutions provider who resells CA’s threat management products.

http://ccbn.compuserve.com/releasetext.asp?ticker=ca&coid=83100&client=compuserve&release=959159

Read more