Computer Internet network security News

Brad Pitt has overtaken Paris Hilton as the most dangerous celebrity to search for in cyberspace according to Internet security company McAfee. For the second year running, McAfee entered the glamorous world of Hollywood to reveal the riskiest celebrities in cyberspace.

Checking in on your famous friends is not only a guilty pleasure, but seriously dangerous for your PC. Fans searching for “Brad Pitt,” “Brad Pitt downloads,” and Brad Pitt wallpaper, screen savers and pictures have an 18% chance of having their PCs infected with online threats, such as spyware, spam, phishing, adware, viruses and other malware.

Cybercriminals are using A-listers’ names and images, like Beyonce and Justin Timberlake, to lure Internet users who surf the Web for the latest gossip, screen savers and ringtones to “fake” Web sites that look legitimate.

Actors Brad Pitt and Justin Timberlake are the most dangerous men to seek on the Internet, while Beyonce and Heidi Montag top the list for women.Paris Hilton, who topped 2007’s most dangerous celebrities, is noticeably absent from this year’s list. Also absent is Britney Spears who was ranked #4 in 2007.

In their second annual report, McAfee compiled the list, using the McAfee®SiteAdvisor® technology, of Hollywood celebrity names that produce the largest number of risky sites when searched for on the Web. The list includes:

More at Mcafee

News celebrity, cyberspace, online

Trend Micro, Inc. (TSE: 4704), a global leader in Internet content security, has been listed on the Dow Jones Sustainability World Index  for the fifth year in a row. The World Index comprises more than 300 companies that represent the top 10% of the leading sustainability companies out of the biggest 2500 companies in the Dow Jones World Index.

The Dow Jones Sustainability Index, which was launched in 1999, is the first global index to track the financial performance of the leading sustainability-driven companies around the world. According to Swiss-based SAM Group (Sustainable Asset Management), the partner of the Dow Jones Index, the annual review is based on a number of factors, including a thorough assessment of a company’s economic performance and environmental and social responsibility.

Organizations are assessed based on corporate governance, environmental and social reporting, customer relationship management, strategic planning, risk and crisis management, and talent retention.  These and other factors collectively suggest the quality of a company’s overall financial health, stability, and long-term value for shareholders.

“We are honored to achieve this recognition for five years in a row,” said Mahendra Negi, chief financial officer of Trend Micro. “Strategic vision, technological innovation, financial strength, and social and corporate responsibility will continue to be our focus, as well as the expectations of our customers and shareholders.”

For calendar year 2007, Trend Micro posted record consolidated net sales of 99,805 million Yen (or U.S. $848 million, 117.58JPY=1USD).  In 2008, the company announced the Trend Micro™ Smart Protection Network, a unique, next-generation cloud-client content security infrastructure designed to protect customers from Web threats including data-stealing malware.   The Trend Micro Smart Protection Network powers Trend Micro’s products and services as well as those of its strategic partners.  The announcement marked a new phase in Web threat protection – enabling Trend Micro to stop threats in the cloud, before they reach the network or endpoint.

About Trend Micro:
Trend Micro Incorporated, a global leader in Internet content security, focuses on securing the exchange of digital information for businesses and consumers. A pioneer and industry vanguard, Trend Micro is advancing integrated threat management technology to protect operational continuity, personal information, and property from malware, spam, data leaks and the newest Web threats. Visit TrendWatch at www.trendmicro.com/go/trendwatch to learn more about the threats. Trend Micro’s flexible solutions, available in multiple form factors, are supported 24/7 by threat intelligence experts around the globe. A transnational company, with headquarters in Tokyo, Trend Micro’s trusted security solutions are sold through its business partners worldwide. Please visit www.trendmicro.com.

News Antivirus, dow john, trend-micro

Trend Micro, Incorporated (TSE: 4704), a global leader in Internet content security, rolled out today the 2009 versions of its flagship consumer products. Trend Micro™ Internet Security and Trend Micro™ Internet Security Pro keep consumers’ data and personal information more secure from online threats by offering significantly lighter memory load, faster installation, and more effective protection. The products are powered by the Trend Micro™ Smart Protection Network, a cloud-client security infrastructure that correlates Web, and email threat data by using reputation technologies that compare threats against in-the-cloud threat databases.

“In this year’s release, we focused on developing products that offer smarter protection against data-stealing threats, along with the smallest impact on computer resources. Customers will experience up to over 40 percent lower memory usage and nearly 50 percent faster boot-up time,” said Carol Carpenter, vice president of global marketing for the consumer business unit. “Then, by leveraging the Trend Micro Smart Protection Network, Trend Micro offers our customers the strongest real-time protection against the latest Internet threats while enjoying online activities to the fullest.”

New and enhanced features help consumers “get smart” about Internet-usage

– An enhanced Home Network Security Management function allows users to see and remotely manage other computers in their home network through a graphical home network map and block wireless network intruders. Plus, Trend Micro provides an extra layer of protection by scanning for suspicious links from email, Web sites, or instant messages. Spam blocking is also bolstered – - regardless of volume, spam gets blocked without adversely affecting computer performance.

– With enhanced parental controls, parents can better tailor controls depending on the particular family member. New functionalities include the ability to control the date and time each child can go on the Internet. Parents also have the option to specify categories of information (such as home addresses, telephone numbers, passwords, etc.) they do not wish to be sent from a computer.

– The Security Activity Dashboard gives customers a comprehensive and customizable snapshot of all the security activities on their computers through easy-to-use charts and graphs. By learning more about when and how their computers can be attacked, users can surf more securely and intelligently.

– The Quick Scan feature checks for threats in the places they are more likely to hide in a fraction of the time that Full Scan takes. It works alongside the product’s state aware feature, meaning scans and updates happen only when it’s convenient for users — no inconvenient in-product messages while they are watching a video, conducting a PowerPoint presentation, or playing a computer game.

– For those who would like to extend the Trend Micro protection to their smartphones, Trend Micro Internet Security Pro offers mobile security against viruses, SMS text message spam, malware attacks, data theft and service disruptions.

Trend Micro consumer security suites come in two flavors: Trend Micro Internet Security and Trend Micro Internet Security Pro. Trend Micro Internet Security Pro offers additional features that are optimized for performance, laptop usage away from home, and online banking and shopping.

Pricing & Availability for North America

Both Trend Micro Internet Security and Trend Micro Internet Security Pro will be available online on September 11 at http://www.trendmicro.com/. They will be in stores in North America starting in mid-September. The subscription prices for one year are $49.95 and $69.95, respectively for Trend Micro Internet Security and Trend Micro Internet Security Pro.

About Trend Micro:

Trend Micro Incorporated, a global leader in Internet content security, focuses on securing the exchange of digital information for businesses and consumers. A pioneer and industry vanguard, Trend Micro is advancing integrated threat management technology to protect operational continuity, personal information, and property from malware, spam, data leaks and the newest Web threats. Visit TrendWatch at http://www.trendmicro.com/go/trendwatch to learn more about the threats. Trend Micro’s flexible solutions, available in multiple form factors, are supported 24/7 by threat intelligence experts around the globe. A transnational company, with headquarters in Tokyo, Trend Micro’s trusted security solutions are sold through its business partners worldwide. Please visit http://www.trendmicro.com/.

Copyright© 2008 Trend Micro Incorporated. All rights reserved. Trend Micro, the Trend Micro t-ball logo are trademarks or registered trademarks of Trend Micro, Incorporated. All other product or company names may be trademarks or registered trademarks of their owners.

SOURCE: Trend Micro, Incorporated

CONTACT: Andrea Mueller of Trend Micro, +1-408-863-6583,
andrea_mueller@trendmicro.com

Web site: http://www.trendmicro.com/

News Antivirus, network, trend-micro

Google has sketched a plan for such a system in a patent application. Initially filed in March 2007, the application, which is not available on Google’s Patent Search site, was posted on the U.S. Patent and Trademark Office site on Thursday.

The system would require end-users to have mobile devices that can operate on different types of networks, including Wi-Fi and the various incompatible cellular technologies, as well as multiple operator networks.

In one scenario described in the application, a user might have a device that is configured to use the least expensive option for connectivity at all times. When at home, the device would attach to the user’s Wi-Fi network. Outside, it would switch to the cellular network.

But once outside, the device could periodically search for other available service providers, asking the service providers to bid for the chance to offer service to the customer. The device could automatically switch to the network that has the best price without interrupting a user’s voice call or data connection.

On the back end, a program on the phone could contact each of the available networks individually, or the phone could instead communicate with a central server that handles the negotiations with each service provider.

A user could also set different parameters, not just based on price. “In addition to cost as a factor in selecting appropriate telecommunications providers, users may opt for alternative auction models based on maximal bandwidth offered, best coverage/reliability, or some combination of options,” the application reads.

Portions of Google’s proposal are already available from other providers on the market, but the search giant could have difficulty implementing the broad vision because mobile operators might not see an incentive for joining the program.

T-Mobile currently offers a phone that automatically uses a customer’s home Wi-Fi network to carry calls when the user is at home, seamlessly switching calls to the wide area cellular network if the user leaves home while on a call.

News google, mobile, networks, wifi

A botnet is a number of Internet computers that, although their owners are unaware of it, have been set up to forward transmissions (including spam or viruses) to other computers on the Internet. Any such computer is referred to as a zombie – in effect, a computer “robot” or “bot” that serves the wishes of some master spam or virus originator. Most computers compromised in this way are home-based.Botnet is also know as zombie army.

According to a report from Russian-based Kaspersky Labs, botnets — not spam, viruses, or worms — currently pose the biggest threat to the Internet. A report from Symantec came to a similar conclusion. Computers that are coopted to serve in a zombie army are often those whose owners fail to provide effective firewalls and other safeguards. An increasing number of home users have high speed connections for computers that may be inadequately protected. A zombie or bot is often created through an Internet port that has been left open and through which a small Trojan horse program can be left for future activation. At a certain time, the zombie army “controller” can unleash the effects of the army by sending a single command, possibly from an Internet Relay Channel (IRC) site. The computers that form a botnet can be programmed to redirect transmissions to a specific computer, such as a Web site that can be closed down by having to handle too much traffic – a distributed denial-of-service (DDoS) attack – or, in the case of spam distribution, to many computers. The motivation for a zombie master who creates a DDoS attack may be to cripple a competitor. The motivation for a zombie master sending spam is in the money to be made. Both of them rely on unprotected computers that can be turned into zombies.

As the spam market has become profitable, and ISPs usually discontinue service to subscribers who send spam, botnets were found to be an effective resource for sending spam. Furthermore, many compromised computers contain address books of email addresses which can be incorporated into the list of addresses to send spam to. Zombies that are not actively sending spam at any point in time can be configured to scrape the web looking for new email addresses to spam, adding further value to the botnet.

A secondary objective of the botnet is to find and compromise additional computers. While this is not considered a primary objective in and of itself, the expansion of the botnet via assimilation of new computerselps it perform the primary objectives more efficiently. Thus, this secondary objective is often the bulk of a botnet’s tasks. Many computer networks, especially those using Microsoft Windows computers running the default settings, inherently trust other computers on the same network. Thus, a single compromised machine on such a network constitutes an attack vector against other machines on the network. Other secondary botnot objectives include website advertisement clicking, web browser toolbar installations, keylogging, and social bookmarking poll manipulation.

Botnets are used as a weapon in online crime. From spam, phishing attacks, virus propagation, and now click fraud, these networks are an increasing threat to the internet.

Symantec’s latest Internet Security Threat Report indicates that bot networks now dominate the threat landscape. Symantec identified an average of 9,163 bot-infected computers per day from June to December 2005. The U.S. accounted for 26 percent of the world’s bot-infected computers, higher than any other country.

Dealing with botnets is not an easy task because these networks are an illegal collection of hundreds, thousands, tens of thousands or even hundreds of thousands of compromised computers all being controlled with a common infrastructure by a master crook. One botnet in Holland was reported to consist of 1.5 million machines all under one group’s control.

Computer security Systems botnet, Computer hacking, hackers, zombie army

Just a day after it released Firefox 3.0.2 to fix 11 vulnerabilities, Mozilla Corp. said that an overlooked password bug requires a fast-track update it hopes to launch next week.

Late Wednesday, Mike Beltzner, Mozilla’s director of Firefox, said that the bug, which prevents some users from accessing their browser-saved passwords, means another update is necessary. “While this doesn’t affect all Firefox users, it is a significant regression and has triggered a fast-release Firefox 3.0.3 which will contain a single fix,” Beltzner said in a message to the mozilla.dev.planning group.

The bug popped up in Firefox 3.0.2, which Mozilla released Tuesday, after developers added a fix to make the browser’s password manager work on international domain name (IDN) sites. IDN sites are those that have non-ASCII characters in their URLs, such as addresses with Arabic, Hebrew or Chinese characters, or ones with non-English diacritical marks.

According to Beltzner, users who have saved passwords on IDN sites or some non-English domains will be unable to access those passwords or save any new passwords after updating to Firefox 3.0.2.

“There is no permanent data loss, the saved data is just inaccessible,” Beltzner noted.

Regression bugs aren’t unknown to Mozilla or Firefox. Last November, the company rushed a release out the door to fix five bugs it had introduced in the previous version of the browser, which had been posted for download about a week before.

A fix for the password regression bug has been crafted and is being tested, Beltzner added.

Browsers security firfox, mozilla, password

Security researchers warned today that a new class of vulnerabilities dubbed “clickjacking” puts users of every major browser at risk from attack.

Details of the multiple flaws — six different types, by one count — are sketchy, because the researchers, who presented some of their findings at a security conference earlier this week, have purposefully kept their information confidential as at least one vendor works on a fix.

Although the clickjacking problem has been associated with browsers — users of Internet Explorer, Firefox, Safari, Opera, Google Chrome and others are all vulnerable to the attack — the problem is actually much deeper, said Robert Hansen, founder and chief executive of SecTheory LLC, and one of the two researchers who discussed the bug in a semi-closed session at OWASP AppSec 2008 on Wednesday.

n an interview on Friday, he called clickjacking similar to cross-site request forgery, a known type of vulnerability and attack that sometimes goes by CSRF or “sidejacking.” But clickjacking is different enough that the current anti-CSRF security provisions built into browsers, sites and Web applications are worthless.

“At a high level, almost everyone is affected by it,” Hansen said. “The problem is that a lot of people who spent a lot of time defending [against cross-site request forgery] didn’t see this coming. This works completely differently, and has much wider-reaching issues. [Attackers] can get users to click a button [in clickjacking] where they may not be able to get them to click a button in JavaScript.”

Hansen’s research partner, Jeremiah Grossman, chief technology officer at WhiteHat Security Inc., explained how attackers could exploit clickjacking vulnerabilities.

“Think of any button on any Web site, internal or external, that you can get to appear between the browser walls,” Grossman said in an e-mail on Friday. “Wire transfers on banks, Digg buttons, CPC advertising banners, Netflix queue, etc. The list is virtually endless and these are relatively harmless examples. Next, consider that an attack can invisibly hover these buttons below the users’ mouse, so that when they click on something they visually see, they actually are clicking on something the attacker wants them to.”

Hansen seconded Grossman’s example with one of his own. “Say you have a home wireless router that you had authenticated prior to going to a [legitimate] Web site. [The attacker] could place a tag under your mouse that frames in a single button an order to the router to, for example, delete all firewall rules. That would give them an advantage in an attack.”

Hackers would not need to compromise a legitimate site in order to conduct a clickjacking attack underneath it, Hansen added.

Browsers security browser, clikjacking, firefox, Internet Explorer security

Passwords control access to resources or devices. This is accomplished through the definition a password or secret that is used in order to authenticate requests. When a request is received for access to a resource or device, the request is challenged for verification of the password and identity, and access can be granted, denied, or limited based on the result. As a security best practice, passwords must be managed with a TACACS+ or RADIUS authentication server. However, note that a locally configured password for privileged access is still be needed in the event of failure of the TACACS+ or RADIUS services. A device can also have other password information present within its configuration, such as an NTP key, SNMP community string, or Routing Protocol key.

The enable secret command is used in order to set the password that grants privileged administrative access to the Cisco IOS system. The enable secret command must be used, rather than the older enable password command. The enable password command uses a weak encryption algorithm.

If no enable secret is set and a password is configured for the console tty line, the console password can be used in order to receive privileged access, even from a remote virtual tty (vty) session. This action is almost certainly unwanted and is another reason to ensure configuration of an enable secret.

The service password-encryption global configuration command directs the Cisco IOS software to encrypt the passwords, Challenge Handshake Authentication Protocol (CHAP) secrets, and similar data that are saved in its configuration file. Such encryption is useful in order to prevent casual observers from reading passwords, such as when they look at the screen over the muster of an administrator. However, the algorithm used by the service password-encryption command is a simple Vigenère cipher. The algorithm is not designed to protect configuration files against serious analysis by even slightly sophisticated attackers and must not be used for this purpose. Any Cisco IOS configuration file that contains encrypted passwords must be treated with the same care that is used for a cleartext list of those same passwords.

While this weak encryption algorithm is not used by the enable secret command, it is used by the enable password global configuration command, as well as the password line configuration command. Passwords of this type must be eliminated and the enable secret command or the Enhanced Password Security feature needs to be used.

The enable secret command and the Enhanced Password Security feature use Message Digest 5 (MD5) for password hashing. This algorithm has had considerable public review and is not known to be reversible. However, the algorithm is subject to dictionary attacks. In a dictionary attack, an attacker tries every word in a dictionary or other list of candidate passwords in order to find a match. Therefore, configuration files must be securely stored and only shared with trusted individuals.

Encryption cisco, Encryption, Password-management

Cisco Systems Inc. has issued a set of security patches for the Internet Operating System (IOS) software, used to power its routers and switches.

The patches were published Wednesday, the date Cisco had previously set aside as the latest release date for its twice-yearly IOS patches. Cisco also published 12 security advisories describing the bugs, noting that many of these vulnerabilities could be exploited by attackers to crash an IOS device.

One of the bugs, a flaw in SNMP, could be exploited by an attacker to seize control of the router. However, only specially configured Cisco uBR10012 series devices, used by telecommunications companies to connect broadband customers to the Internet, are affected by the flaw, Cisco said.
Symantec rated this flaw critical and on Wednesday advised users of these devices who have configured their routers for line-card redundancy to apply the patches as soon as possible.

Cisco is not aware of any attacks or previous public disclosures that were based on the flaw.

Other bugs that were patched affect Cisco’s multicast, SSL processing and Session Initiation Protocol software.
Read More at Cisco

News cisco, patches, updates

Mesh technology is not new. It is a technique that has been tried with varying success by a number of vendors of proprietary broadband wireless technology for some time. Some firms have met with great success in developing mesh technology for military applications for example. It is basically a physical network based NLOS workaround approach dependent on enhanced radio and routing capability. WiMAX does incorporate support for mesh networks into its technology. Several Forum members are prominent mesh technology vendors. Work is currently ongoing to define the 802.16m standard for mesh systems. The Municipal mesh network explosion of the past year has proven to be a strong driver of the broadband wireless marketplace. Conceptually, mesh technology makes a great deal of sense. In a mesh network, a wireless or wireline backhaul circuit provides main bandwidth to an area with, for example, heavy tree cover or small hills or geographic features that reduce line of sight coverage. Networks, especially those using license-free frequency bands with such features are ideal candidates for mesh networks. In one example, a residential subdivision or series of subdivisions receives a single bandwidth signal from a distant relay tower. Then each home with service receives signal using a mesh radio, which acts as both a base station and a CPE radio thus leapfrogging service about the neighborhood from rooftop to rooftop or in the case of a city from streetlight to streetlight. This means that any other home could conceivably get signal access from several different other houses and in the event of an obstruction or failure of one node, the radios could switch access paths. Technically, many experts consider mesh somewhat more difficult to deploy with large networks. Older mesh techniques often used a CSMA/CD approach to signal polling meaning that the level of crosstalk between radios could become very high, choking the network itself with overhead. The cost of a radio able to function in the dual base station/CPE radio modes is usually higher. Also, if there is failure and one leg of the mesh is fed through a single node this can create chokepoints. Those successful in deploying older mesh networks typically took conservative approaches. They did not load the mesh networks very heavily. They strove to avoid creating choke points when circling around hills by creating new cells (using independent wireless backhaul to reach over hills where possible and then re-distributing with mesh) rather than pushing the mesh configuration. Some of the newer techniques for mesh rely more on pre-mapped multiple routing paths for example. In this method, the radios scan for the optimum routing for each node to receive signal as well as potential fail-over paths. However, only the one routing system is used unless there is an outage. This can significantly reduce system cross-talk and overhead. This is just one of the innovative new mesh techniques available today. The current trend appears to run towards equipping mesh radios with multiple radios in multiple spectrum ranges. For example, a mesh radio may handle its backhaul and crosstalk tasks with a 5.2/5.3 GHz band radio and then deliver service through a 2.4 GHz WI-Fi channel. This also reduces overhead on the customer side. Some companies have launched dual WiMAX/Wi-Fi mesh solutions utilizing licensed band WiMAX frequencies for backhaul with traditional Wi-Fi techniques to deliver service to users. Innovations in multiple-input, multiple-output (MIMO) antenna systems offer promise of improved service. In fact, the past year has seen an explosion in the number of vendors fielding mesh technology solutions. The innovation curve for mesh is the highest in history and the solutions being fielded today are without a doubt the best overall product ever delivered for mesh systems. Mesh technology, like many wireless techniques is another tool in the belt of the creative wireless service provider for reaching customers that other broadband methods cannot. It should be used when cost effective and technically justified.

Computer-security mesh, wimax, Wireless network security

Fatal error: Allowed memory size of 8388608 bytes exhausted is an error because the script exceed the limit allowed by the server for a particular page. You can fix it if your server admin give permission as follow.

You’ll need to adjust a PHP.ini setting. Ask your hosting provider where you need to edit PHP.ini settings. Their FAQ on their website could be a good place to start. Either you’ll need to put the specific setting in a php.ini file, or in a .htaccess file. These will be in the root of the folder where your website is (probably public_html). The .htaccess file will already be there because of a Drupal installation (if you installed Drupal in that folder). Anyway, you’ll need to add:

memory_limit = 12M if your host said you need to add it to a php.ini file.

(You’ll need to create this file and upload it to your server via FTP since you’re on shared hosting. You can make a text document on Windows and rename it to php.ini. If you create the text document and it does not have a file extension (like .txt at the end) you’ll need to show file extensions.)
- OR -

php_value memory_limit 12M if your host said you need to add it to a .htaccess file

Server security memory exhaust, PHP security, script error, Server security

Identity management is now the most important transaction security issue for UK banks. In a survey of security budget holders and influencers of UK banks by Thales, 73% of respondents cited identity management as the top transaction security concern. Integrity of data (64%) and the security of the network (45%) were found to be the next most important transaction security issues.

By investigating the payment transaction security behaviour of UK banks, the survey uncovered the factors that are driving security investments in this area. It is imperative that banks know their customers, yet the survey clearly showed the difficulty that banks have authenticating identities and verifying the validity of the end user.

Some of the key findings of the survey include:
o In 2005, identity management moved from being fifth to the most important driver for transaction security spend
o The number of UK banks assigning separate budgets for identity management has risen from 22% to 60% since 2003
o 82% see added value in managing all customer identities from one platform
o 100% of the banks surveyed believe the internet has prompted investment in transaction security, with 36% stating the internet to be the most important driver for spend in this area

The survey also revealed that 64% of UK banks’ transaction security infrastructures are either receiving or require immediate upgrade. Furthermore, 100% of UK banks surveyed indicated that they plan to upgrade these systems within the next two years.

54% of the banks surveyed find the internet threat of phishing to be either important or very important to their IT transaction security investment decisions. The increased investment in identity management, which is helping to counter the threat of phishing, may explain why phishing is not a high priority for UK banks’ IT security spend.

Paul Meadowcroft, head of transaction security of Thales’ e-Security activities, said: “New transaction technologies and channels are continuing to develop and these results clearly show that in today’s e-business world, banks need a flexible and dependable trust model. Identity management is now the primary transaction security focus for UK banks and the complexity of banking transaction infrastructures is increasing. The task is to simplify the problem before complexity leads to inefficiency, mismanagement and increased likelihood of fraud. The time has come for a more strategic approach to be taken to identity management and transaction authentication.”

Data Security payment transaction, security infrastructures, security issue, transaction security