Security Blog

Scriptlogic was acquired by Quest Software in August 2007, and Secure Copy 6.0 -- released in late January -- is one of the first Scriptlogic products to be branded under the Quest umbrella. The first Secure Copy was released by Small Wonders Software, which was acquired by Scriptlogic in 2003. ...Read the rest of entry >>

Stemming the flood of potentially spam has been a thorny issue for many email providers, who have struggled to product effective means to steam the ever-rising flood of spam. This struggle has all the hallmarks of a never-ending arms race, and email companies needed something to help them turn the tide -- or at least slow down the rising waters....Read the rest of entry >>

Companies are under siege from cyberattacks more than ever, with news of data breaches, phishing attacks, and other digital security exploits nearly a daily occurrence. So when news broke that online retailer Zappos (now owned by Amazon) had been the victim of a new cyberattack, I'm sure we shrugged our shoulders and collectively said "Here we go again." While the full details of the how and why of the Zappos attack are still to emerge, an email from Zappos CEO Tony Hsieh to employees earlier this week stated that "We were recently the victim of a cyber attack by a criminal who gained access to parts of our internal network and systems through one of our servers in Kentucky." Zappos immediately issued a forced password reset of all 24+ million customer accounts, and also sent an email to consumers telling them about the breach, advising them to reset their passwords, and pointing them to additional resources for information. I think Zappos handled the breach better than most, and could serve as a good example for other companies to follow. Companies that are slow to reveal an attack to their customers, or hide their heads in the sand, or immediately set out with a blame-shifting strategy deserve to be criticized. ESET Security Researcher Cameron Camp goes into more detail about what Zappos did right in a blog post over at the ESET Threat Blog, and I'd suggest that Camp's post should be required reading for the CEO, CISO, and IT/PR departments of every company that maintains a database of customer information. Here's one especially good bit of advice that Camp offers to any company who wants to maintain good relationships with their customers after a breach: Tell users where to find more information: [Zappos] put up a special website to disseminate information as it becomes available. This does two things: 1) established a central clearinghouse for relevant information, and 2) reduced the repetitiveness of the requests their support staff may r...Read the rest of entry >>

With polls and surveys continuing to show that IT professionals have concerns about security in the cloud, Check Point Software has unveiled a virtual appliance for Amazon Web Services (AWS) that should help alleviate some of the concerns of security-minded system administrators and security officers. According to Check Point, the company will be offering an AWS-friendly virtual appliance that can be configured to handle such security tasks as data loss prevention (DLP), application control, URL filtering, virtual private networking (VPN), and more. In a statement announcing the new products, Stephen Schmidt, chief information security officer at Amazon Web Services, applauded Check Point's decision to support AWS. "We offer a shared-responsibility security model that enables customers to choose a security solution that best meets their application’s needs, while AWS remains focused on providing a safe and secure infrastructure," Schmidt said. "We are excited that Check Point has embraced this model and is providing an innovative solution for customers." Check Point Software VP Network Security Products Oded Gonda stressed that while IT departments are moving to the cloud, most IT organizations are adopting a hybrid approach that leverages both on- and off-premise IT resources. "As many businesses plan to manage their IT infrastructure in the cloud, it’s important to protect both cloud and on-premise infrastructure to ensure that all corporate assets remain secure," Gonda said. "One of the best ways to achieve this is to enforce a consistent security policy across the organization." Check Point's announcement states that the new virtual appliance is available now, and pricing is "based on the existing software blade licensing and can be purchased through the Check Point worldwide network of value-added resellers." Find out more about the new Check Point virtual security appliances for AWS by visiting the Check Poi...Read the rest of entry >>

2011 will likely be remembered as one of the most infamous periods in IT history from a security standpoint. From attacks by Lulzsec and Anonymous to questions about mobile device security, 2011 had plenty of ulcer-inducing security episodes. The new year will likely have its own share of security headaches, and Symantec Senior Intelligence Analyst Paul Wood recently posted his take on what IT professionals may be losing sleep over in 2012. First on Wood's list is the continuing threat from advanced persistent threats (APTs) that target business and government infrastructure. Wood points out that many companies aren't paying attention to critical infrastructure prevention (CIP) programs developed by state and federal governments: "A recent Symantec Critical Infrastructure Protection (CIP) Survey found that companies are generally less engaged in their government’s CIP programs this year when compared to last. In fact, only 37 percent of companies are completely or significantly engaged in such programs this year, versus 56 percent in 2010." We've written a lot about mobile security issues in 2011, ranging from multiple cases of malware targeting Android devices to controversy around Carrier IQ, a company that develops programs that track subscriber data for wireless carriers. Woods quotes a Gartner report that indicates more that 461 million smartphones will be sold by the end of 2011, surpassing PC sales for the first time in history. The growth of cybercrime is another security trend to be wary of for 2012, with large criminal organizations developing tactics and strategies to separate businesses from their most important data. Woods sees that trend continuing in 2012: "Cybercrime’s spread from the criminal underground to the business mainstream was highlighted by a surge in targeted attacks. Symantec’s November Intelligence Report shows that targeted attacks are becoming more prevalent in 2011. Large enterprises, with more than 2,500 employees...Read the rest of entry >>

Over the past few years a variety of mass media outlets have reported on the dangers of EXIF data and geotagging, yet many get the information wrong, particularly when it comes to EXIF data and social media platforms like Facebook....Read the rest of entry >>

Microsoft is hoping to address issues with Windows Update with Windows 8, and released some new details of how Windows 8 will offer improvements in this area in their Building Windows 8 blog. ...Read the rest of entry >>

With the holiday season fast approaching, security vendor McAfee has released information about the “12 Scams of Christmas,” a list of what McAfee believes will be the most dangerous online scams of the holidays. Malware targeting mobile devices (particularly smartphones and tablets running Android) and social media threats topped the list, which was posted by McAfee's Gary Davis. In his blog post, Davis points to a survey by the National Retail Federation that indicates more than 52% of American smartphone users will use their phones for holiday research and shopping. A McAfee survey reveals that there has been a 76% increase in "malware targeted at Android devices in the second quarter of 2011 over the first, making it the most targeted smartphone platform." Read: Tips for Securing Android Phones Phony promotions on Facebook and other social media platforms are also an ongoing risk, with items like fake giveaways for airline tickets and other gifts being commonly used by cybercriminals to lure unsuspecting consumers into revealing their banking details, credit card numbers, and other personal information. Two particularly useful tips involve keeping an eye out for scams centered around delivery services like FedEx and UPS, as well as banks and other financial institutions. Davis describes these in additional detail in his post: A common holiday phishing scam is a phony notice from UPS, saying you have a package and need to fill out an attached form to get it delivered. The form may ask for personal or financial details that will go straight into the hands of the cyberscammer...Banking phishing scams continue to be popular and the holiday season means consumers will be spending more money—and checking bank balances more often. From July to September of this year, McAfee Labs identified approximately 2,700 phishing URLs per day. All of us know at least a few friends, family, and co-workers who tend to click first and think later, so all of these...Read the rest of entry >>

Arguably one of the most significant data breaches of the last decade, the cyberattack on RSA earlier this year that resulted in information about RSA SecurID tokens being compromised has had a wide-reaching impact on IT security. ...Read the rest of entry >>

Security in the cloud is on the minds of many IT administrators these days. While some fears of the cloud are unfounded, there are some real concerns that need to be addressed. Yet despite concerns about data in public clouds, former Citrix CTO Simon Crosby contends that cloud security should begin at the desktop. To address this issue, Crosby (who also co-founded XenSource) has partnered up with his XenSource partner Ian Pratt and Gaurav Banga, who was formerly the CTO of BIOS maker Phoenix Technologies, to launch Bromium, a new company focused on cloud security. While the exact details of what types of products Bromium will produce is still unclear, Crosby did reveal some of the thinking behind creation of his startup in a telephone interview earlier today. Bromium's Simon Crosby   Crosby believes that virtualization can be a powerful tool for cloud and overall IT infrastructure security, and hinted that Bromium's efforts would be in this direction. In a farewell post on his Citrix blog earlier this year, Crosby stressed that approach: There is an urgent need to dramatically shift the odds in favor of the good guys, and I remain firmly of the view that virtualization can offer a new toolset that can help to deliver a more secure and trustworthy computing infrastructure... Bromium is not ready to disclose its technology or products. We are fusing deep virtualization and security systems DNA to build a powerful set of tools that can offer continuous endpoint protection. Bromium does not intend to compete with any virtual infrastructure or security vendor. There is much more to tell, but we have a lot of work to do first. During our interview Crosby also argued that traditional attempts at securing the desktop had failed, and pointed to the flood of cyberattacks the industry has seen so far this year, ranging from the successful spearphising attack against RSA to the exploits of Anonymous and Lulzsec. "Everyone now understands that the traditiona...Read the rest of entry >>