Category: Warnings

The survey of 1,400 IT professionals shows that email access is the business tool most at risk when it came to ex-employees trying to access information remotely.

But confidential company documents, contact databases and administration systems were also at high-risk. ‘Firms need to build in rules saying what people can and can not access from the corporate network,’ said Thomas Raschke, IDC’s programme manager for European security products and strategies.

‘Access management is often an overlooked part of the business.’

http://www.vnunet.com/news/1158871

Security firm Symantec revealed that it documented over a six-month period almost 4,500 new Windows viruses and worms, more than 4.5 times the number recorded during the first six months of 2003.

PatchLink, which provides solutions it says can help businesses to patch vulnerabilities before hackers can take advantage of security holes, is one of the many companies providing patch management options. PatchLink’s Internet-based solution not only scans networks for security holes and then closes them, but also works with all Microsoft, UNIX/Linux, Novell NetWare, and Mac OS X operating systems.

Because every space station has its own set of PatchLink servers, the task of patching all of the servers isn’t left in the hands of a single person but is instead placed into the hands of numerous persons at the various offices.

The “Swiss army knife” approach to addressing problems, he added, won’t cut it. “There are Swiss army knives and there are tools for specific jobs,” he said, explaining that if businesses don’t have the right patch management systems in place, they could end up with compromised systems that would cost them large sums of money to fix. Effective patch management means testing patches and delivering them securely” added Chris Andrew, vice-president of product management at PatchLink.

If a big vulnerability hits, he continued, businesses that get their patches from vendors such as Microsoft may be left depending on solutions providers that are themselves adversely impacted by the vulnerability.

http://www.newsforge.com/article.pl?sid=04/10/12/2121230

Idenitification flexibility
CA hierachy
Cross Certification
Revokation
Other organization’s revokations
Liability
Idenitity Provisioning
Organization
Economic Model

http://www.ebcvg.com/articles.php?id=271

The problem means that fake movie files could be created that, when played by vulnerable Real software, would run a program instead.

The flaw appears in RealPlayer 10 for Windows and Mac OS X, the RealOne Player for Windows and Mac OS X and the Real Helix Player for Linux.

“Anyone who has RealPlayer is affected, and there are many people with RealPlayer,” said Marc Maiffret, chief hacking officer at software security company eEye Digital Security, the company that discovered the security issue.

RealNetworks could not be reached for comment.

The flaw occurs in a component of Real’s software that handles Real movie files with the .rm extension, according to eEye’s advisory.

Similar to the recent flaw in Windows applications that handle the JPEG image format, this vulnerability affects a widespread piece of software and could be used to create a virus.

“It’s similar to the JPEG flaw in the sense that just by viewing the file, or having the file ‘force viewed’ through a Web browser, your system can be compromised,” Maiffret said.

“I think both this JPEG vulnerability and the RealPlayer vulnerability are good examples of a type of threat that is becoming more prevalent: client-side vulnerabilities.”

Rather than finding a security hole in the operating system and gaining direct access to a computer, attackers are now increasingly looking at exploiting widely used applications.

Latest Bagle variant attempts download of potentially infected JPEG file alternatives other than patching,” Maiffret said.

http://news.zdnet.com/2100-1009_22-5393139.html?tag=default

“When you see the creation of zombie networks, you can almost see the life cycle of a spam and virus attack,” said Malcom Seagrave, head of security strategy for Energis. “It’s the same with DDoS [denial-of-service] attacks and those who steal data. We can’t prove it, but we think they are related. The attacks are well-organised and they are beating the security industry.”

Seagrave said combined threats, such as keystroke-logging Trojans embedded in spam, were causing serious damage to company networks. “Some of their methods, we just can’t work out,” he said. “But the most important way to stop this is user education.”

Botnets are readily available for hire on the Internet. According to anti-spam campaigner Steve Linford of Spamhaus, botnets are first set up for spammers to hire and then sold on — often for DDoS attacks – when they have been blocked by anti-spam firms.

Seagrave said he thought that online retailers needed to beef up their security in time for Christmas: “You’ll almost certainly see a DDoS attack coming before Christmas. Retailers will have to be wary as you can expect a growth in attacks this year”. The National Hi-Tech Crime Unit agreed that retailers face a security challenge this winter.

http://news.zdnet.co.uk/communications/networks/0,39020345,39168639,00.htm

Microsoft this week reiterated that it would keep the new version of Microsoft’s IE Web browser available only as part of the recently released Windows XP operating system, Service Pack 2.

That, say analysts, is a steep price to pay to secure a browser that swept the market as a free, standalone product. “It’s a problem that people should have to pay for a whole OS upgrade to get a safe browser,” said Michael Cherry, analyst with Directions on Microsoft. “We do not have plans to deliver Windows XP SP2 enhancements for Windows 2000 or other older versions of Windows,” the company said in a statement.

Three years have passed since Microsoft introduced its last new OS, and its upcoming release, code-named Longhorn, has been plagued by delays. Microsoft last month scaled back technical ambitions for Longhorn in order to meet a 2006 deadline.

Those ongoing security updates do not, as Microsoft points out, include the latest security fixes with Service Pack 2, released last month. Now it’s unclear whether even half the Windows world will have access to the shored up IE.

Of Microsoft’s approximately 390 million operating system installations around the world, Windows XP Pro constitutes 26.1 percent, Windows XP Home 24.7 percent, IDC said.

http://news.zdnet.co.uk/internet/security/0,39020375,39167607,00.htm