admini – Page 207 – CyberSecurity Institute

Targeted Trojan attacks on the rise

Posted on October 14, 2006December 30, 2021 by admini

“Your problem is no longer how do I avoid being attacked, but how do I find where I’ve been compromised.”

Last year, computer emergency response groups in the U.K., Canada and Australia warned of such attacks. While the United States Computer Emergency Readiness Team (US-CERT) did not issue a warning, security firms confirmed at the time that U.S government agencies and companies had already been targeted by such malicious software.

A major problem for large companies, government agencies and other potential targets is that antivirus software is not good at stopping low-volume attacks aimed at single companies. Traditional antivirus programs detect widespread attacks based on matching to a known pattern and do not fare well against low-volume Trojans. “There is no value whatsoever in having signature-based antivirus when facing a targeted attack,” said Joshua Corman, host protection architect for Internet Security Systems (ISS).

Military agencies, human rights organizations and pharmaceutical companies are some of the types of groups that are being targeted by specifically aimed attacks.
timate programs as potential threats.

http://www.securityfocus.com/news/11418

A-Listing Your Apps

Posted on October 13, 2006December 30, 2021 by admini

“It’s back to the future with some of this,” says Andrew Jaquith, program manager for security research at the Yankee Group. Jaquith says the current approach of identifying and blocking the bad is starting to fail, with malware samples increasing at a rate of around 50 percent annually. “Whitelisting is increasingly becoming part of a well-balanced diet on the client,” he says.

And it’s quietly and slowly catching on beyond vendors such as SecureWave, Savant Protection, and Bit9 that have made a business out of whitelisting applications.

Many of the early whitelisting adopters today are small- to medium-sized organizations, where deploying this technology across desktops wouldn’t be as major an undertaking at say, a major Fortune 100 company. SourceMedia has been testing Savant Protection’s endpoint software with whitelisting for several months. “Conceptually, it makes a ton of sense,” says Ivan Latanision, vice president of information technology for SourceMedia, who adds the company hasn’t made its final decision on whether to purchase the tool yet.

Savant uses unique cryptographic algorithms and signature keys for each application on each desktop, rather than a server-based access control list. Patton Harris Rust & Associates has been running SecureWave’s Sanctuary software for whitelisting since last year — initially for device control and later for application control as well. John Loyd, vice president and director of IT for PHR&A, says the company installed the software for protection against zero-day attacks, ensuring its users aren’t installing illegal software, and to ensure the quality of apps its engineers use. Dennis Szerszen, vice president of marketing and corporate strategy of SecureWave, says antivirus blacklisting and Sanctuary’s whitelisting work best together. “We need to be triggering the AV processes so they can clean up what” they found.

http://www.darkreading.com/document.asp?doc_id=107320&WT.svl=news2_1

Email Looms as IT Threat

Posted on October 11, 2006December 30, 2021 by admini

What emerges from all this is far from the landscape described by email management vendors, in which organizations are eager to adopt technology to sort and save important email.

When it comes to archiving email, nearly 60 percent of respondents said they save email as part of regular backup. Just 3 percent reported outsourcing email archiving.

“As anyone who has gone through an e-discovery process can attest, finding and producing relevant emails from back-up is not the same as producing them from an archive in which the content is based on the subject and relevance of the email.”

According to the Radicati Group consultancy, the volume of email that the average corporate user sends and/or receives every day will grow 30 percent within the next four years, from 16.4 Mbytes in 2006 to 21.4 Mbytes per day in 2010. And unless companies start taking action, Mancini implies, they’ll be risking both their ability to produce relevant proof for compliance or litigation, but also their ability to benefit from increased use of email.

http://www.darkreading.com/document.asp?doc_id=107231&WT.svl=news1_2

Compliance: A Multi-Front War

Posted on October 11, 2006December 30, 2021 by admini

“Enterprises are doing all of their compliance work in silos, and they aren’t seeing the commonality between [the projects], particularly in the area of security,” says Stephen Barlock, North America security lead at Accenture. “The net result is that their compliance efforts are much too complex.”

Enterprises are also finding that the costs of their compliance efforts are rising, not falling, because of the growing number of independent, and sometimes redundant, regulatory efforts, says Mark Perry, vice president of global consulting services at Symantec, who will head the joint venture.

SOX and the Gramm-Leach-Bliley Act (GLBA) mandate data protection, but don’t give any IT specifics. The Health Insurance Portability and Accountability Act (HIPAA) and the Payment Card Industry (PCI) standards outline more specific requirements.

“What we encourage companies to do is build a matrix of the requirements,” says Chris Apgar, president of Apgar and Associates LLC, a compliance consulting firm. If they meet the most stringent security requirements on the matrix in each category, the result should be a security platform that meets the compliance mandates of all of them. For example, if you look at SOX and GLBA, they don’t say much about encryption,” Apgar says.

Accenture and Symantec are working on a way to automate the process of correlating the security requirements of each regulatory mandate and identifying the most stringent elements, says Accenture’s Barlock. “With this joint venture with Symantec in place, though, we think the days of doing this manually are numbered.” “If you want to encrypt email, a $250,000 package from Tumbleweed is a pretty sure thing to pass an audit,” he says.

http://www.darkreading.com/document.asp?doc_id=106910&WT.svl=news2_5

Oracle commits to rating vulnerabilities

Posted on October 11, 2006December 30, 2021 by admini

“Oracle introduced these changes as the result of feedback we received from many of our customers,” Eric Maurice, manager for security in the company’s Global Technology Business Unit, stated in the blog.

“We hope that these changes will help our customers assess the criticality of the vulnerabilities resolved with each CPU and help them obtain patching decisions from their senior management more quickly.”

http://www.securityfocus.com/brief/326

Conducted by Harris Interactive, the study found that IT executives are increasingly aware of energy

Posted on October 10, 2006December 30, 2021 by admini

For example, many companies are maxing out the power equipment in their data centers, which is needed to run and cool computing gear.

Virtualization technology will allow customers to potentially power down under-used resources and consolidate the computing load on other servers, Douglas said.

In addition, Sun is in negotiations with several utility providers in the United States to replicate a rebate program around Sun servers that the company established with California’s Pacific Gas and Electric, he said.

http://news.com.com/Data+centers+eye+power+costs/2100-1015_3-6124586.html?tag=nefd.top