3Com Corporation announced that its new partnership with Tata Consultancy Services resulted in it being selected for the Andhra Pradesh State Wide Area Network (APSWAN) project. Under this deal, 3Com will provide high-end enterprise switching, routing and security solutions for the prestigious project that will connect 23 district offices in the state to increase efficiency in government operations.

In September 2009, the Andhra Pradesh government awarded TCS the country’s largest State Wide Area Network (SWAN) project on a five year Build, Own, Operate, and Transfer (BOOT) model. The project will enable the state government to start and run various projects for citizen services to boost G2G and G2C efficiencies that will help transform the e-governance structure.

3Com’s network will enable the state government to communicate and conference across all government offices over VoIP (Voice over Internet Protocol), which will reduce communication costs. Applications covering transport, healthcare, education and municipality will also operate on this e-governance network backbone, which is scheduled to be rolled out within 12 months.

Back to Top

It’s that time of year again. Christmas is just around the corner, the holidays are coming up, and it’s time to shop! BitDefender, a provider of anti-malware security solutions, offers up some simple tips to help consumers protect themselves from online scammers this holiday season.

Know where you’re shopping and read the fine print. Not every website and online shop is a safe and reputable merchant. The truth is that many online criminals are skilled at crafting very convincing, legitimate-looking online shopping sites. Be very careful who you purchase from.

If the merchant wants more than your name and email address in order to cash in that coupon, beware. A common phishing tactic targeting online shoppers utilises online promotions and sales to entice a consumer to enter personal information in order to receive coupons or other merchandise. While many reputable sites offer coupons or samples, they will never ask for excessive amounts of personal information to redeem them. Most only require a name and email address.

Back to Top

Array Networks Inc announced its SSL VPN solution has certified Windows 7 support. Additionally, Array announced a significant increase in Layer 3 VPN performance for its SPX Series Universal Access Controller (UAC).

With Microsoft certification, Array customers are able to utilize Windows 7 while maintaining secure remote access anytime, from any location. Array’s SSL VPN now includes certified, signed drivers for Microsoft’s Windows 7 Operating System. Array worked within Microsoft’s certification program to release this update in conjunction with Microsoft’s retail release of Windows 7. In addition to Windows 7 support, this release also features support for Mac OS X 10.6, also known as “Snow Leopard”.

Moreover, Array has upgraded Layer 3 performance for its SPX Series UAC. Users can now experience an overall 50% performance improvement for SSL-encrypted traffic in both LAN and WAN environments. With these upgrades, Array’s SPX enterprise customers can boost the productivity of their remote workers.

Back to Top

Symantec recently announced the findings of its Report on Rogue Security Software. The study's findings, based on data obtained during the 12-month period of July 2008 to June 2009, reveal that cybercriminals are employing increasingly persuasive online scare tactics to convince users to purchase rogue security software. Rogue security software, or "scareware," is software that pretends to be legitimate security software. These rogue applications provide little or no value and may even install malicious code or reduce the overall security of the computer.

To encourage unsuspecting users to install their rogue software, cybercriminals place website ads that prey on users' fears of security threats. These ads typically include false claims such as "If this ad is flashing, your computer may be at risk or infected," urging the user to follow a link to scan their computer or get software to remove the threat. According to the study, 93 percent of the software installations for the top 50 rogue security software scams were intentionally downloaded by the user. As of June 2009, Symantec has detected more than 250 distinct rogue security software programs.

To make matters worse, some rogue security software actually installs malicious code that puts users at risk of attack from additional threats. As a result, installing these programs can lower the security posture of a computer while claiming to strengthen it. For example, rogue programs may instruct the user to lower or disable any existing security settings while registering the bogus software or prevent the user from accessing legitimate security Web sites after installation. This, in turn, leaves users exposed to the very threats the rogue software promised to protect against.

To protect against rogue security software, Symantec recommends that both enterprises and users employ the latest protection from security risks, such as Symantec Endpoint Protection or Norton Internet Security. Users and enterprises are also advised to follow best practices for protection and mitigation outlined in Appendix A of the Report on Rogue Security Software Specifically, users should invest in and install only proven, trusted security software from reputable security vendors whose products are sold in established retail and online stores.

Back to Top

The shift from e-mail to instant communication via social networking websites is gathering pace. This trend also has some important security implications.  Cybercriminals have already responded to the changing patterns of communication by focusing more activity on popular social networks. Instead of logging in and out of the Internet to send their e-mail, many people are now constantly online with their computers and mobile phones. Social networking sites such as Facebook and Twitter have grown rapidly as people are making use of the constant stream of fast communications that they enable. 

F-Secure senior security response manager, Chia Wing Fei says, “E-mail account addresses can be faked and people are used to getting mails from ‘unknown’ persons, so they are skeptical of links sent via e-mail. It is often more difficult to recognize when a member of their Social Network has been hacked. People have not yet learned to be skeptical of the links forwarded by their ‘friends’ in social networks, which can lead to infection from malware or to websites promoting rogue products.”

Cybercriminals see opportunities to make money from hacking Facebook and other social networking accounts, where the high level of personal trust within communities of friends provides them an ideal cover for scams and for spreading malware.

A personal message or a suggestion to visit a website received from a family member or a friend does not usually set the security alarm bells ringing. The Browsing Protection offered by F-Secure Internet Security does. Instead of clicking directly on a link sent by a friend, it is always a good idea to search for the link first and see whether F-Secure’s advanced Browsing Protection considers the web page to be safe.  A symbol next to the search results shows if the link should be treated with caution.

According to statistics from Nielsen Co., the number of users on social networking and other community sites increased by 31% in the period August 2008 – August 2009, while e-mail use increased by 21%. It may be too early to pronounce that e-mail is dead but the figures do highlight a growing trend.

Back to Top

F-Secure has located the first iPhone worm, dubbed as Ikee. It's currently spreading in the wild, but it's only able to infect devices that have been 'jailbroken' by their owners. Jailbreaking removes iPhone's protection mechanisms, allowing users to run any software they want.

Affected users will find that their iPhone wallpaper has been altered to a picture of Rick Astley (of Rickroll fame) and the message "ikee is never going to give you up". Chia Wing Fei, Senior Response Manager of F-Secure Security Labs said, "The worm targets users who have jailbroken their phone but have not changed their default root login password. It will search for vulnerable iPhones by scanning a handful of IP ranges - most of which are in Australia. At the moment, we have no confirmed reports of Ikee outside of Australia."

After Ikee infects a phone, it disables the SSH service, preventing re-infection.
The creator of the worm has released full source code of the four existing variants of this worm. This means that there will quickly be more variants, and they might have nastier payload than just changing your wallpaper or might try password cracking to gain access to devices where the default password has been changed.

Back to Top

ESET has announced ESET Mail Security 4 for Microsoft Exchange Server is now available for public beta testing. ESET Mail Security 4 for Microsoft Exchange Server significantly improves upon the mail security functionalities of its predecessor, ESET NOD32 Antivirus for MS Exchange Server. The beta test version is a precursor of the final product without full functionality and documentation. It is intended for experienced users and should not be installed on computers that perform critical tasks because it may cause errors or crashes.

Back to Top

Saltmarch Intelligence announced that data confidentiality and auditability topped the list of primary obstacles for the use of cloud computing technologies in their organizations, according to a recent survey of over 1100 Indian Business Technology professionals.

The survey conducted in the third quarter of this year measured perceptions of Business technology professionals including their important challenges in adopting Cloud, the drivers, how their organization's plan to use Cloud, the different stages of adoption, and the cloud platforms, applications, clients, infrastructure and storage used.

Speaking at the 2009 edition of Saltmarch Media's annual Business Technology Summit, Nils Puhlmann, Co-founder of the Cloud Security Alliance, said "New and emerging technologies like cloud computing and social networks are not only on the radar of many businesses and IT managers, but also on the radar of “the bad guys” who are using emerging technologies to circumvent or evade defenses that were built and designed for traditional, static systems with clear boundaries. But not only does the technology itself change, the way we consume it and follow technology trends as if they were fashion items seems to add to the growing challenges of security professionals. Information is produced at a rapid rate and more and more openly shared through new and agile collaboration channels that are no longer under our control."
The survey report is not available for public consumption and will be released from the Saltmarch Intelligence web site for purchase end November 2009. Information in this press release is exclusive to participating media.

Back to Top

Microsoft released the seventh volume of the Microsoft Security Intelligence Report (SIRv7), which indicates that worm infections in the enterprise rose by nearly 100 percent during the first half of 2009 over the preceding six months. Rogue security software remains a major threat to customers; however, 20 percent fewer customers were affected by rogue infections during the past six months.

In addition, the Zlob family of trojans, considered a top threat two years ago, has drastically declined due to Microsoft’s work to aggressively clean customer machines and customers’ diligence in applying software updates. For the first time, this report shares security best practices from countries that have consistently exhibited low malware infection. These best practices and security intelligence provide a valuable resource for business leaders who need to make accurate decisions based on the threats that are most pressing today.

The security intelligence contained in SIRv7 is collected through a broad community of customers around the globe who share Microsoft’s goal of obtaining the most accurate view of the threat landscape. Reporting mechanisms for the Microsoft Security Intelligence Report are diverse and comprehensive, including Microsoft’s Malicious Software Removal Tool (MSRT), on 450 million computers worldwide; Bing, which performed billions of Web page scans during the past six months; Windows Live OneCare and Windows Defender, operating on more than 100 million computers worldwide; Forefront Online Protection for Exchange and Forefront Client Security, scanning billions of e-mail messages yearly; and Windows Live Hotmail, operating in more than 30 countries with hundreds of millions of active e-mail users.

Back to Top