Author: admini

Mobile virus growth outpaces PC malware

Posted on by admini

Carter also highlighted the similar evolution of mobile viruses, with a few skilled virus writers and a larger group of script kiddies who adapt the work of others.

McAfee has set up mobile virus research groups in its worldwide monitoring stations to track the problem and has released a mobile antivirus scanner. The scanner itself is fairly basic, as it relies totally on signature files and is reactive, but the company is hoping to add heuristics that block malware by its behaviour in future versions.

Several other security software companies have also released packages for mobile phones and corporate telephony departments. Ericsson has just signed up to sell Trend Micro’s mobile security software.

“As the capabilities of smartphones increase, it is ever more important for enterprises to protect themselves from the growing security threat these devices can pose,” said Katarina Löweberg, director of mobile applications at Ericsson Enterprise. “For the first time, mobile operators now have a way to offer their enterprise customers centrally managed protection for smartphones against malicious mobile code such as SMS spam and viruses.”

http://www.vnunet.com/2150470

Read more

Firms: Don’t expect federated IDs soon

Posted on by admini

Some security and e-commerce companies have touted a future where consumers can sign in once and use that federated authentication throughout the commercial Web. In the past, Microsoft has tried to turn its Passport online identity system into the backend authentication system for e-commerce providers, but privacy experts worried that the move would give a single company too much power in managing consumer information.

http://www.securityfocus.com/brief/141?ref=rss

Read more

Good security news in short supply

Posted on by admini

New attack vectors will grow precipitously
Look for a big increase in the number of attacks via instant-messaging clients, Internet Protocol telephony, cell phones, Bluetooth and XML.
Rootkits become familiar to the masses
Rootkits become familiar to the masses A rootkit is an extremely clandestine type of malware that hides itself within operating system kernels or application binaries.
Secure development processes become mandatory
Users are simply fed up with sloppy vulnerability-ridden code and weak security support from most independent software vendors. Look for large organisations to clamp down by placing contractual demands on software providers mandating that they implement security processes and metrics or take a hike. Microsoft is ahead of the pack in this area, while “unbreakable” Oracle lags way behind and could lose major contracts as a result.
Security management moves to network operations
At an enterprise level, network security depends on spotting anomalous activities and capturing security events.
Key management becomes a major new requirement
Database, networking, storage and firewall vendors either have or will add encryption to their solutions in 2006.
More security outsourcing It’s hard enough to administer a firewall and intrusion detection systems, to also deal with abundant security solutions for e-mail, IP telephony, Web services, wireless devices, and so on.

Read more

‘Security in the cloud’ is not the way to go

Posted on by admini

It is for this reason that a choice between implementing network security in the middle of the network — in the cloud — or at the endpoints is a false dichotomy. An organization had no choice but to put its firewalls, IDSs and anti-virus software inside its own network. Security would be vastly improved if the major carriers implemented cloud-based solutions, but they’re no substitute for traditional firewalls, IDSs and IPSs.

http://www.computerworld.com.au/index.php/id;1786107200;fp;16;fpid;0

Read more

Enterprises use freeware to beat cyber-spies

Posted on by admini

The AISSM report also revealed that Australian enterprises are under attack from both internal and external threats. According to the report, 57 percent of respondents said they found spyware installed on multiple computers; 22 percent revealed that they have discovered at least one illegitimately installed keylogger on their system, which Turner describes as ‘mindblowing’.

http://www.zdnet.com.au/news/security/soa/Enterprises_use_freeware_to_beat_cyber_spies/0,2000061744,39237993,00.htm

Read more

Microsoft, RSA, Sun And Encryption

Posted on by admini

Active Directory is one of the most widely used technologies by Microsoft customers.

RSA Security then stepped up to advance the authentication ball with a bunch of partners that will build in its encryption software to more hardware devices, including USB, wireless and Flash memory cards.

And Sun announced its plans to integrate its Elliptic Curve Cryptography (ECC) in its Java System Web Server 7.0, which is a big chunk of its Java Enterprise system.

In the past few years, smart cards have not taken off in the mainstream business world, but with three major technology players making moves to advance encryption into more devices, that’s changing.

Released to a new beta in late January, IE7 now includes support for an InfoCard for users to add authentication and encryption to Web-based transactions. The roadmap includes expanded capabilities that customers will see in future versions of Windows Server, he said, which is still code-named “Longhorn.”

http://www.internetnews.com/dev-news/article.php/3585216

Read more