Author: admini

Virtual desktop security close to reality

Posted on by admini

Virtualized IPS acts as a filter scanning network traffic for known vulnerabilities and virus signatures and blocks them from the virtual machine level before they reach the physical operating environment, he said. The Virtual Security Solution will enable IT to keep vital security processes isolated from potential problems with the main operating system, giving IT managers better control of endpoint security. Malicious disabling or reconfiguring of security safeguards are becoming more prevalent among targeted attacks, said Gregory Bryant, general manager, digital office platform at Intel.

A recent survey of Canadian IT security managers and personnel revealed that between 63 per cent and 79 per cent are concerned about the disabling or misconfiguring of security systems by hackers and Trojans, by employees or by operating system and application patches. According to the report, IT managers’ concern about employees disabling system defences is rising among 27 per cent of Canadian respondents.

http://www.itworldcanada.com/Pages/Docbase/ViewArticle.aspx?ID=idgml-580e3312-4e56-4ff3-bcff-3c3f483c9bc9

Read more

Testing for Security in the Age of Ajax Programming

Posted on by admini

As an example, consider a hypothetical gourmet food e-commerce web site. This site displays a map of the world to the user, and as the user navigates the mouse pointer over each country, the page uses Ajax programming to connect back to the web server and retrieve a list of goods originating in that country. SQL injection vulnerabilities allow attackers to execute their own SQL queries and commands against the database, rather than those that the developers of the web site intended. The entire database, including customer names, addresses, and credit card numbers, could be downloaded by such a command.

The average QA engineer typically will be much more thorough. He might even set up an automated test script that will mouse over every single pixel on the screen, and he will check to see if there are any errors in the Ajax programming or underlying page code. But, even this extreme level of thoroughness won’t be enough to find the SQL injection vulnerability. By using a web browser (or automated script recorded from a web browser) as his test tool, the tester has limited his potential requests to only those which the browser can send, and the browser is itself limited by the source code of the web page.

In order to successfully defend against the hacker using SQL injection or some other attack, the QA engineer has to think like the hacker. They use tools that operate at a much lower level, tools that are capable of sending raw HTTP requests to an address and displaying the raw HTTP response. Like programming in standard hyperlink navigation or form submission, Ajax programming actions always have an HTTP request and response. So, armed with his low-level HTTP requestor tool, the hacker is now free to make attacks on the application that could never be possible with a browser alone.

In order to successfully defend against the hacker using SQL injection or some other attack, the QA engineer has to think like the hacker. An even better approach is to use an automated security analysis tool that performs these tests.

http://www.it-observer.com/articles/1242/testing_security_age_ajax_programming/

Read more

Protecting corporate reputation a key aim of IT security

Posted on by admini

All departments are affected by breaches to information security — it’s much more than just an IT issue, it’s a business issue.”

Mr. Murray was surprised to find that 61 per cent of Canadian respondents surveyed have limited or no security training for the end-users of technology — their employees.

“Over the long term, organizations need to create a culture of security in the workplace, where employees recognize the threats to their organization’s information security and how they can combat them,” he says.

When it came to staffing, almost two-thirds of Canadian organizations were found to be dedicating two or less full-time employees or equivalents to information security.

http://www.ottawabusinessjournal.com/287132340207207.php

Read more

Browser security holes surging in 2006

Posted on by admini

“There is no safe browser,” said Vincent Weafer, senior director with Symantec Security Response.

Legitimate companies such as 3Com’s Tipping Point and Verisign’s iDefense pay for this information, and there is also a growing black market for exploits. “Everyone has realised that targeting the applications on the desktop is a better way to break into businesses and consumers and steal things than server flaws,” he said.

Businesses and consumers may both be targets, but home users are the victims in about 86 percent of all attacks, according to Symantec.

And the US is the biggest source of online attacks, thanks to its large number of compromised machines with broadband connections, Weafer said.

Microsoft may lag as a browser patcher, but when it comes to operating systems, the company leads the pack, according to Symantec.

http://www.techworld.com/security/news/index.cfm?newsID=6955

Read more

Computer Virus Writers Plan Slow Spread

Posted on by admini

“If they are able to stay active longer, they make more money,” said Alfred Huger, senior director of engineering with the security response team at Symantec Corp., a software vendor that issued its twice-annual state-of-security report Monday.

Not too long ago, he said, a single person took control of as many as 400,000 computers at once with the help of malicious programs. Today, the average is less than 1,000, making such networks more difficult to track and shut down.

Huger said spammers have been compiling e-mail lists specific to geographic areas, by targeting a single Internet service provider that serves a particular region or by combing mailing lists devoted to a city’s happenings. Messages sent to those lists can be used for scams or the spread of malicious programs, such as those for stealing data.

Virus writers have also judiciously used Web sites with software vulnerabilities allowing for the spread of malicious code, Huger said. They will remove the malicious programs once enough users are infected and restore the malware later, he said. “They are very careful about the spread,” he said.

Many of the newer viruses spread primarily through social engineering — tricking a user into opening an e-mail attachment by making a message appear legitimate. Although virus writers have long used that technique, many had been trying to overcome delays inherent with the need for any user intervention, taking advantage of system flaws to automatically spread their programs.

Network worms such as 2004’s “Sasser” exploited flaws in Microsoft Corp.’s Windows operating system, automatically scanning the Internet for computers with the vulnerability and sending copies of themselves there. But the rapid spread also triggered rapid-response alerts among security vendors and prompted network operators to prioritize applying fixes to the Windows flaws.

High-profile threats, often more an annoyance than an effort to set up armies of rogue computers, are typically contained within a day or two. By contrast, botnet computers can stay active for months.

http://news.moneycentral.msn.com/provider/providerarticle.asp?feed=AP&Date=20060925&ID=6050838

Read more

New Gartner Hype Cycle Highlights Five High Impact IT Security Risks

Posted on by admini

They are no longer just executed by hackers for hobby or cybervandilism, but by professionals with a targeted aim at one person, one company or one industry,” said Amrit Williams, research director at Gartner. “For example, we have recently seen several companies hiring private investigators to spy on their competitors.”

Gartner said that social engineering and viruses will remain an everyday nuisance for chief information security officers through 2009.

Gartner urged organisations to incorporate penetration testing into vulnerability management processes and investigate more-aggressive intrusion detection and protection approaches that move beyond threat-signature-based approaches.

It also advised companies to evaluate managed security services when internal capabilities are not available or sufficient for advanced security activities.

Identity theft refers to the theft of an individual’s personal or financial information for the purpose of stealing money or committing other types of crimes. This continues to be a disruption as it can be used to send confidential information to unauthorised persons without the knowledge or consent of an e-mail user.

Gartner advised organisations to ask their existing desktop security vendor to provide an integrated anti-spyware solution.

They should also use their gateway and network security devices to provide anti-spyware capabilities in the network, a strategy that has proved effective in the fight against viruses and spam.

Defence against social engineering relies on deploying consistent security policies and practices that include; educational and clear reporting programmes as well as appropriate technology management. For example, to minimise the risk of sending confidential corporate documents or trade secrets to inappropriate recipients, organisations should use content monitoring and filtering tools.

More than 1,900 information technologies and trends across more than 75 industries, technology markets, and topics are evaluated by more than 300 Gartner analysts in the most comprehensive assessment of technology maturity in the IT industry. It highlights the progression of an emerging technology from market over enthusiasm through a period of disillusionment to an eventual understanding of the technology’s relevance and role in a market or domain.

http://www.gartner.com/it/page.jsp?id=496247

Read more