Computer Internet network security News

It’s a good sign of growing interest in an area of security when you have speakers from Google and Microsoft giving consecutive talks, alongside colleagues from the Anti-Phishing Working Group, a popular browser provider (KDE), major research universities (Harvard, MIT and Stanford) and a range of security vendors (Bharosa, Passfaces, RSA Security, Symantec and VeriSign). This was the cast of presenters at last week’s second Workshop on Trustworthy Interfaces for Passwords and Personal Information (TIPPI), which I organized with Stanford University professor Dan Boneh.
TIPPI is about making the user interface for authentication more trustworthy. The goals are to give the user confidence that (1) the interface to which the user is providing credentials is the correct one, and (2) the interface is requesting credentials on behalf of an authorized application…

Original post at blog@rsa.com (Burt Kaliski)

Computer security Systems Computer security Systems

Click here to listen/download (10:52).
This week’s podcast features an in-depth interview with David Strom, technology writer and the author of Web Informant, a blog covering topics such as eCommerce, Web site usability, web product marketing and more. Burt Kaliski from RSA Labs also offers a report on the recent Workshop on Trustworthy Interfaces for Passwords and Personal Information (TIPPI) at Stanford University.
Related Links:

David Strom’s Blog Web Informant
TIPPI Workshop
RSA Laboratories

Original post by blog@rsa.com (Podcast Producers) and plugin by Elliott Back

Computer security Systems Computer security Systems

In May a contest was open on Datarescue’s forum:

http://www.datarescue.com/ubb/ultimatebb.php?/topic/4/375.html

There were some nice tries but nobody guessed it right.
It seems Datarescue will have to repeat the contest with another question

If you are curious to learn the correct answer, please read on.

Original post by Security Wonk and powered by Img Fly

Computer security Systems Computer security Systems

In China, UTM (Unified Threats Management) has been rocketing in recent months, not only in the media, but also in the real market transactions. International vendors, such as Fortinet, Watchguard, Sonicwall, ZyXel, bomb the newspapers, journals and other soft-ad everyday, while Cisco, Juniper, Symantec, Securecomputing, McAfee and etc. keep talking on their vision of UTM directions. Of course, the prediction of IDC’s report on UTM market that UTM will occupy 57.6% of total firewall, vpn, and anti-virus market share is one of the main stir and encouragement to the investment. Then, how is everything going about those local security vendors? Yes, they won’t just stand by and watch the growth, instead they are deeply involved in this arena.

During the past 1-2 years, most of those major players in China security market have been brewing and rolling-out their UTM products. Kingsoft is one of the top three local anti-virus vendors in China(the other two is Rising and Jiangmin). Recently, they inked the agreement with xScreen on the UTM product OEM cooperation. In conjunction with their desktop antivirus/firewall/IDS, anti-virus gateway and server protection, no one would like to ignor their competition in the total security solution for SMB.

According to the UTM description by IDC, anti-virus is one basic function of UTM devices, ie. it’s easier for those anti-virus vendors to turn to catch up UTM market. So it’s an easy job to predict that Rising/Jiangmin/CA-JC won’t wait long time to sell their UTM.

As to the UTM market, OEM is doomed to be a good choice for those vendors who want to break into this market. Because a single core technology within a UTM, such as firewall, VPN, IDS engine, and anti-virus engine, is a little bit overwhelming for an average vendor to develop from the much beginning. As a proof of my point, IDC’s report list reflect the anti-virus engine OEMed in the major UTM products. So again it’s easy to predict there are more and more vendors choose OEM to enhance their features and shorten the rolling-out time. It must leave such technology companies as xScreen a big space to make money and grow.

Computer security Systems Computer security Systems, Computer-security, computer-threats, threat-management

A researcher has discovered a security hole in Qualcomm Inc.’s (qcom) Eudora e-mail program that could allow a hacker to run code on a user’s machine.

The exploit requires that a user open an e-mail file and click on a link in the message, said Bennett Haselton, a Webmaster for Peacefire.org who reported the flaw.

When the user clicks the link, the code is executed. The trick,  is to mask the warning that Eudora normally displays when a user tries to run an executable file that is sent as an attachment.

The hacker would send the user two attachments, the executable file and a hyperlink that points to the other attachment. If the user clicks on that, the executable code will run without displaying the warnings.

Users can fix the problem by editing their Eudora program to add a warning for links. Qualcomm also plans to add the warning in future versions of the software.

Uncategorized eudora

Terminal 4 at Heathrow was packed like a box of sardines… This was quite odd – normally this late in the evening the place is half-deserted, but now it was full of people looking utterly annoyed. Probably some heavy flight delays, I told myself and went to look at the Departures monitor, but it looked pretty normal.
It must be the check-in system, then. A computer glitch, or maybe a staff strike. But it wasn’t either of these: when I had edged my way through the crowd to get to the check-in area, the desks were relatively free and I was quickly face-to-face with the friendly British Airways check-in clerk.
“A bit busy today, isn’t it?” I asked, pointing at the human mass behind me…

Original post by blog@rsa.com (Uri Rivner) and powered by Img Fly

Computer security Systems Computer security Systems

Click here to listen/download (10:52).
Research In Motion’s Mike Kirkup talks about using the BlackBerry® as a strong authentication token. We also interview Sam Tuohey, CTO, Stanford Federal Credit Union, about why financial institutions are working together to fight online fraud.
Related Links:

RSA SecurID® Token for BlackBerry Handhelds
BlackBerry Security Overview
RSA® eFraudNetwork Community

Original post by blog@rsa.com (Podcast Producers) and powered by Img Fly

Computer security Systems Computer security Systems

June 14 & 15, 2006
Day one of the Burton Conference held little to no surprises. As a caveat, I am spending my time in the “Identity *” track, so my observations will be heavily influenced by the information shared in those sessions.
By no surprises I mean that the keynote of the “Identity Management Landscape” session delivered by Jamie Lewis discussed all the expected areas that are covered within the I&AM umbrella: identity assurance and authentication, provisioning, role-based access control, federation systems, and application development…

Original post by blog@rsa.com (Pam Cyr) and powered by Img Fly

Computer security Systems Computer security Systems

So I’ve been a pack a day smoker for a lot of years and every so often I get the urge to try and quit. This time I’m going to cheat and try a product called the Nicorette Inhaler. Let’s face it besides being unhealthy, smoking in Canada is damn expensive. At a price of between $10 and $12 CAD for a pack of 25 it’s an extremely bad habit.
First thing tomorrow morning, most likely 5 am, I begin my latest journey into the life of a non smoker. Hopefully with my little crutch, Nicorette Inhaler, I’m successful in my quest.
Wish me luck
Dave / Atribune

Read more at atribune

Computer security Systems Computer security Systems

Yesterday afternoon, WHY and I worked out a holistic enterprise internal control framework. We named it as 12345678! Pyramid Framework. It help integrate the enterprise execution, IT control and security control methodologies and countermeasures.

1. One Priority: Execution
2. Two Hands: Technology and Management
3. Three Layers: Decision Makers, Managers, and Execution
4. Four Phases: Plan, Do, Check, Act
5. Five Layer Controls: Control Environment, Risk Assessment, Control Activities, Information and Communications, Monitoring
6. Six Risk Elements: Assets, Threats, Vulnerabilities, Safeguards, Risks and Opportunities
7. Seven Information Criteria: Confidentiality, Integrity, Availability, Efficiency, Effectiveness, Compliance, Reliability
8. Eight IT Processes: Planning and Organization, Acquisition & Implementation, Delivery and Support, Monitoring and Evaluation

Do you like it? We know there has been much space left for it to be perfect. But it help guide your thinking ways when you prepare proposals or do planning. Its original form is in Chinese. Click here for more.

If you think it helpful or have any suggestions, just leave me a comment.

Uncategorized

Click here to listen/download (10:59).
With the buzz around this week’s Burton Group Catalyst Conference, we focus on Identity and Access Management (IAM) in this week’s podcast. Toffer Winslow, vice president of product marketing and product management for RSA Security, talks about web access management and the business drivers for adoption. We also introduce Speaking of Security blogger, Pam Cyr, director of business development, RSA Security, whose first blogging assignment is from the Burton Group Catalyst Conference in San Francisco.

Related Links:

This week’s Press Releases
Burton Group Catalyst Conference

Original post by blog@rsa.com (Podcast Producers) and software by Elliott

Computer security Systems Computer security Systems

Seems as though our friends at virtumonde have gone a couple steps further in thrawting our attempts at removal.
Firstly they added code to change the clsid on every reboot and it is almost 100% random.
Secondly they have made a mutex that detects HijackThis’s running process hijackthis.exe and if it detects it, it hides itself from it. Renaming HijackThis.exe to any other name lets you see the BHO and Winlogon entries just fine.
Detection for this new variant, ShellImplRes.dll variant, is going to be difficult and I am currently working on it.
For the time being I have added code for manually adding a file to the list in VundoFix.exe. To add a file simply right click the list box (white box) in the main VundoFix window. Select “Add More Files?” from the menu that comes up. This will open a new VundoFix window where you can type or paste the extra filename(s), including the path, into and then click the “Add Files” button. Doing this will add the file to the list on the main VundoFix screen. Once you are done adding extra file(s) click the close window button to return to the main VundoFix window. Now continue with running vundofix in the normal way.
Atribune

Read more at atribune

Malware Malware