F-Secure recently issued a Technology Preview of its new Exploit Shield technology. F-Secure is one of the security providers to offer such a shield to protect users from web-based malicious exploits and drive-by downloads, one of the most common ways to infect computers today. F-Secure Exploit Shield is unique in enabling ordinary consumers to get protection against ‘zero-day’ exploits for which a patch is not available. These are attacks against vulnerabilities that are unknown to vendors at the time of exploitation. Vulnerabilities in computer software open security holes that can allow exploitation. Patches, issued by the manufacturer of the application, fix the vulnerability.

F-Secure Chief Technology Officer Pirkka Palomäki explains: “F-Secure Exploit Shield would have protected Internet Explorer users against exploits of the latest vulnerability even before it was publicly known. It protects unpatched computers even before patches are available from the software vendor. All F-Secure customers will also benefit as Exploit Shield reports malicious websites to our Real-time Protection Network. Armed with this website information, our Security Labs are alerted faster than ever to new exploits on the Internet and can react to protect all our existing customers.”

The Technology Preview version of F-Secure Exploit Shield can be downloaded from
www.f-secure.com/labs for free. The technology in this stand-alone tool will be integrated into commercial F-Secure solutions during 2009. The Technology Preview protects against existing and future vulnerabilities in both Internet Explorer and Firefox browsers. It uses only a small amount of system resources and is compatible with other vendors’ antivirus software.

Back to Top

Cyberoam offers its customers and partners the Certified Ethical Hacking certification, recognized as crucial in today’s cyber warfare. By bringing the CEH v6.1 certification to India, it offers a first opportunity for technical personnel to enhance their technical and business skills with the latest body of knowledge.

CEH v6.1 is the latest in certification for Certified Ethical Hacking, offered by EC-Council, the globally recognized certification organization in various e-business and security skills. Over the years, EC-Council’s experience has translated into a wealth of knowledge and information that enable governments as well as corporates to take preemptive measures against malicious attackers by applying the same tactics back at them.

Over and above Cyberoam Security Certifications like CCNSP and CCNSE, the CEH certification enhances the technical and business knowledge of the holders and adds real value to their careers. Given the fact that hackers are getting smarter and more organized in their efforts to cause real damage, the certification is recognized by leading corporations and government bodies across the world as indispensable to keeping their networks safe from intruders.

The first sessions of the program are being held in Delhi and Mumbai from 5-9 January. Aspiring CEH holders are requested to contact Swati Dalvi at swati.dalvi@cyberoam.com or call +91-9769484841 at the earliest since batch sizes are limited and trainees would be taken on first-come-first-served basis.

Back to Top

Removable storage provider Imation Corp. has announced that it has uncovered data leak risks and other serious data security and financial risks in data centers due to improper destruction of used data storage products. Patient health records, social security numbers, bank account numbers and internal auditing procedures are examples of the kinds of information that is unknowingly “leaking” out of data centers. This disturbing trend is the result of companies improperly disposing of used data storage products at end-of-life, including a growing practice of selling used computer tape cartridges to so-called “recertifiers.”

Dr. Subodh Kulkarni, vice president, Global Commercial Business, R&D and Manufacturing, Imation, said, “Tests in our lab of more than 100 commercially obtained tape cartridges confirmed that significant data “leakage” is occurring as a result of the practice of 'recertifying' instead of properly destroying used tape. We take this issue seriously, because Imation's business is centered on security in data storage and our products are being resold and reused in ways that can compromise a company's information.”

“In our lengthy testing and analysis, which has spanned many months, we have confirmed industry guidance that the only way to properly dispose of data is to destroy the media itself,” said Dr. Kulkarni. “The technical truth is there is no practical and secure way to completely erase and 'recertify' most used tape products. We want to get the word out to both the data center managers and senior executives who may not realize the risks they are exposing their companies to with this practice.”

Back to Top

Check Point Software Technologies Ltd. announced a new authentication technology that leverages mobile devices to increase enterprises' network security. While other solutions require multiple processes, Check Point DynamicID is the first solution to send login credentials directly to an employee's mobile phone or wireless device via text message. DynamicID simplifies remote access management for administrators as well as the end-user experience for mobile workers by eliminating the need for Smartcards and tokens.

Check Point DynamicID makes deploying and managing Short Message Service (SMS) distributed one-time passwords (OTP) as part of two-factor authentication simpler and more cost effective for enterprises. Rather than installing a separate, dedicated server to generate random passwords and then working with a mobile service to disseminate the SMS messages, DynamicID incorporates all of the functionality into one solution. DynamicID also provides businesses a much simpler way to comply with regulations, such as Payment Card Industry (PCI) security standards, that call for two-factor authentication. An OTP sent through DynamicID expires once used or after a preconfigured time set by the administrator. DynamicID is included with Check Point Connectra NGX R66 secure remote access gateways. More information on DynamicID can be found at: http://www.checkpoint.com/products/dynamic_id/index.html

Back to Top

In its End of Year Data Security Wrap-up for 2008, F-Secure explains how 2008 has been another record year of explosive growth in the amount of malicious software (malware) on the Internet. F-Secure’s detection count tripled in one year, which means that the total amount of malware accumulated over the previous 21 years increased by 200% in the course of just one year.

In 2008 Internet security issues once again made global news, from the huge rise in the amount of malware produced in the Chinese language during the Beijing Olympics, to attacks on the computer systems of the presidential candidates in the United States. Three major London hospitals were affected by a computer virus outbreak, while the United States Department of Defense decided to ban the use of USB memory sticks because of the security threat they pose. In 2008 malware even went into space as an online games password-stealer made its way onto the International Space Station on an infected laptop.

Despite couple of successes, Internet crime is now more prevalent and more professional than ever before. F-Secure believes that against a background of steeply increasing Internet crime, the obvious inefficiency of the international and national authorities in catching, prosecuting and sentencing Internet criminals is a problem that needs to be solved. A call for the establishment of “Internetpol” to tackle online crime—made by Mikko Hyppönen, F-Secure’s Chief Research Officer—has been received with great interest internationally.

Back to Top

Prudent personal computer users do not entrust their private information to non-encrypted email. It is easy for a mildly-talented hacker to intercept email messages. If email messages include confidences about union negotiations, or personal financial information, the result could be more than embarrassing. It could be catastrophic.

Now Comodo, a leading provider of Internet identity and trust solutions, offers SecureEmail free to non-commercial users. With Comodo SecureEmail, Internet users can easily install encryption software that makes their emails unintelligible to anyone but the intended recipients. Whereas previous software required people exchanging encrypted emails to first exchange "digital certificates," Comodo's patent-pending technology enables recipients to claim a one-time-use digital certificate in order to read the message.

Digital certificates are electronic documents that may be installed on users computers. They are difficult to forge, since they are issued by official entities known as certificate authorities. When the recipient opens the encrypted message, he or she can decide whether to use the free single-use certificate, or to save a free certificate on his or her computer for future secure emails.

Back to Top

BitDefender announced that a new type of password -stealing application disguised as a Mozilla Firefox Plugin has been detected in the wild. The e-threat, Trojan.PWS.ChromeInject.A, is downloaded to a Mozilla Firefox Plugin folder and is executed each time the user opens Firefox.

Trojan.PWS.ChromeInject.A filters data sent by the user to over 100 online banking websites. The banking websites include: bankofamerica.com, chase.com, halifax-online.co.uk, wachovia.com, paypal.com and e-gold.com. Users infected with Trojan.PWS.ChromeInject.A have their login credentials sent to a web address similar to [removed]eex.ru. Both the domain and the hosting server are located in Russia, which could indicate the origin of this e-threat.

Back to Top

BitDefender researchers detected a new significant wave of e-mail spam purporting to verify and reinforce the “new security measures” from Chase Online Banking Team.

The online form, which claims to be the financial institution’s portal, spoofs several visual identification elements, such as the logo and general layout, but its domain appears to be registered in Turkey (.tk). When users confirm via a PHP script, phishers are able to steal the data. The retrieved information could be employed to empty bank accounts, but also for subsequent spamming, phishing or vishing purposes.

“In terms of security, the repercussions of the critical economic context and unprecedented changes into the financial realm translated into highly increased spamming and phishing activities,” said Vlad Vâlceanu, Head of BitDefender Antispam Research. “For e-criminals, the general concern and panic are an ideal opportunity to gain access to sensitive information. Now more than ever, users should be extremely cautious when handling their financial and personal data throughout the Internet.”

Back to Top

ESET has again secured a prestigious "Advanced+" rating from AV-Comparatives, an independent antivirus software research outlet. The new evaluation, completed in October 2008, studied the impact of antivirus software on system performance across four categories, and ESET finished first in three categories: file copying, encoding/transcoding and boot time.

The boot test measures the time it takes to boot up and shut down the software, and ESET had the fastest boot time, with results that showed 2-10 times less slowdown than its competitors. ESET also finished first in file copying, which AV-Comparatives called the most important test. AV-Comparatives provides a three level ranking system (Standard, Advanced and Advanced+). For the performance test, the awards are given based on the overall impact assessment results from the four subtests. ESET finished in first place with a "very fast" rating.

Back to Top

Microsoft announced 10th December a vulnerability in WordPad text converter related to converting files from Word 97 formats. WordPad is a standard program installed in most Windows versions. The attacker will distribute an infected attachment in an email body and the infection will be executed when the user opens the attachment. The payload on the victim machine may include remote code execution giving the attacker the same user rights as the local user.

A new sophisticated DNS changer trojan has been reported recently, compromising the DNS in an infected environment. Systems infected with such a trojan serve as a DHCP server, answering to DHCP requests in internal networks. When they answer DHCP requests they serve rouge DNS information to the clients, redirecting them to malicious sites. The serious matter with this technique is that only one single infection in a network can potentially redirect all local devices within that network to malicious sites.

A new vulnerability in Microsoft Internet Explorer has recently been revealed. A 0-day exploit using this security hole has been reported. Computers may be infected by just visiting an infected web site using Internet Explorer, so far limited to version 7 on Windows XP and Windows 2003. Norman recommends all users to act carefully when using Internet services, avoid visiting new and unknown websites, and not to open email attachments from unknown submitters.

These threats come in addition to the general increase of malicious software often distributed as greetings in the Christmas holiday period. We experience increased activity from authors of malicious software in this period, and we will encourage Internet users to be extra careful.

Back to Top

Security software from AVG effectively blocks attempts by cyber criminals seeking to capitalize on the recently discovered vulnerability in Microsoft’s Internet Explorer web browser. The vulnerability enables unauthorized third parties to take control of users’ PCs by tricking them into visiting poisoned web pages.

AVG assured computer users that its commercial AVG 8.0 security software products have provided protection against this vulnerability since December 11th. AVG estimates that its software has already blocked close to 5,000 attacks against 3,000 users since Microsoft announced the flaw. Computer users can immediately safeguard their systems by downloading a trial version of AVG software at www.avg.com. According to Roger Thompson, AVG’s Chief Research Officer and original developer of the LinkScanner technology, the likely perpetrators of this particular IE vulnerability exploit are the same people who have been stealing World of Warcraft passwords from users for the past couple of years.

Back to Top

Fortinet announced broadened worldwide access to its Fortinet Certified Network Security Administrator (FCNSA) and Fortinet Certified Network Security Professional (FCNSP) certification programs through the selection of Pearson VUE as the exclusive test center provider for Fortinet certification exams. Fortinet is also adding two new training programs for its FortiMail multi-layered e-mail security and FortiDB database vulnerability appliances.

Fortinet is adding two new training programs to meet the demand for greater knowledge of its email and database security appliances. The "FortiMail Email Filtering" course, available now, is a two-day hands-on classroom session which provides a comprehensive understanding of the administration and maintenance of Fortinet's FortiMail secure messaging platform as well as the configuration of product features for optimized protection against advanced email threats. The "FortiDB" course, to be offered in 1Q09, is a workshop designed to provide the skills necessary to implement Fortinet's new database security solution. The FortiDB appliance provides scalable levels of database security vulnerability assessment and compliance policy solutions.

Back to Top

SET has announced that ESET Online Scanner is now available for public beta testing. ESET Online Scanner provides users the ability to scan and clean their systems without installing antivirus software. New features include enhanced browser support, destination scanning, anti-stealth (anti-rootkit) technology, and the ability to quarantine all infected files. It also features a new GUI and support for 64-bit platforms. The beta test version is a precursor of the final product without full functionality and documentation. It is intended for experienced users and should not be installed on computers that perform critical tasks because it may cause errors or crashes.

Back to Top

IBM announced a set of actions to bolster its security solutions that can help clients save costs while navigating the "perfect storm" of security threats created by a global economic slowdown, unprecedented cybercriminal activity, and costly and complex legacy security infrastructures.

The actions by IBM's Internet Security Systems (ISS) division were prompted after IBM X-Force, an elite team of security experts, detected two startling developments. First, they identified a 30 percent increase in network- and Web-based security events over the last 120 days, with the total number rising from 1.8 billion to more than 2.5 billion worldwide per day, according to data pulled from its managed security services client base of approximately 3700 clients worldwide. Second, IBM detected a 40 percent increase within the last 120 days in its clients' access of IBM virtual security operations centers. IBM's managed security services clients—businesses and governments around the world—can use the virtual operations centers (VSOCs) to monitor and verify network- and Web-based attacks. A significant portion of the increase came from clients that had not previously logged in to the security operations centers in more than six months.

In response to these findings, IBM ISS will introduce new identity and access management services that help combat online threats. These services help organizations define system users and manage who has access to sensitive data and applications, increasingly vital as the IBM X-Force Quarterly Report released in early December shows more than 42 percent of vulnerabilities are caused by weaknesses in access and identity management. For the first time, IBM will offer a formal program that enables strategic providers to resell managed security services. Under this program, strategic providers would be able to offer IBM-backed managed security services, further expanding customers who can benefit from IBM's global expertise.

Back to Top

IBM announced new cloud computing services to help businesses of all sizes take advantage of this increasingly attractive computing model. With today's announcements, IBM is applying its industry-specific consulting expertise and established technology record to offer secure, practical services to companies in public, private and hybrid cloud models.

IBM Global Business Services will use an economic model for assessing the total cost of ownership for building private clouds, and/or moving data and applications offsite in a public or hybrid cloud model. IBM Global Technology Services is announcing new services to help clients install, configure and deliver cloud computing inside the data center. Spanning IBM systems, software, services and IBM's lauded research and X-Force arms, cloud security service is aimed at re-architecting and re-designing technologies and processes to infuse security and to shield against threats and vulnerabilities in the cloud.

In addition to new services, IBM is helping new clients move into the cloud. One of Houston's largest and fastest-growing human services agencies, Neighborhood Centers, serves over 200,000 citizens in Southwest Texas and delivers key services including economic development, citizenship and immigration, early childhood development programs, a K-5 charter school, and seniors' programs. The non-profit organization depends on IBM cloud services to back up server and PC data from distributed environments and store it in secure offsite locations.

Back to Top

Sophos announced that Sophos Endpoint Security and Control has been awarded the accolade of VB100 in the December 2008 edition of Virus Bulletin magazine. This is the 44th time that Sophos has won a prestigious VB100 award, confirming its ability to detect 100% of the viruses in the wild, and its position as one of the most powerful anti-malware products available.

Back to Top