The hugely popular social networking sites like Facebook and Twitter have become attractive targets for phishing and scamming attacks as online criminals follow the latest Internet trends that are attracting the most users.

The latest criminal action against social networking sites including Facebook and Twitter was reported by the F-Secure Response Lab on Friday. Pro-Georgia blogger Cyxymu’s accounts were targeted by a widespread DDoS (distributed denial of service) attack, causing millions of users of Facebook and Twitter to experience problems with the sites slowing down or being completely offline on Friday. Mikko Hyppönen, Chief Research Officer at F-Secure says: “Although this attack was targeted at a specific person, it affected the whole community. We may never know who was behind the Cyxymu attack, however they had access to significant bandwidth.”

Back to Top

Kaspersky Lab announced that Kaspersky Internet Security 2010 achieved the best results in testing conducted by PC Security Labs. The latest tests conducted by China's PC Security Labs in July 2009 assessed 23 popular antivirus solutions. The Kaspersky Lab product detected 99.58% of the malicious programs and received five stars for its performance. Kaspersky Internet Security 2010 did not produce a single false positive during testing. The antivirus products were evaluated on criteria such as malware detection level during static and dynamic testing as well as the number of false positives generated.

A collection of over 3,000 malware samples, including Trojans, rootkits, worms and viruses, was used to assess detection levels. Testing for false positives was conducted on computers running Windows XP SP3 using a collection of safe files.

Back to Top

Kaspersky Lab announces the successful OESIS OK certification of the new versions of its personal products. Certification in OPSWAT's OESIS OK system attests to a product's seamless interoperability with software solutions from market-leading vendors.

Kaspersky Anti-Virus 2010 and Kaspersky Internet Security 2010 attained OESIS OK certification in the Antivirus category. The Kaspersky Lab products were tested on criteria such as running correctly on supported operating systems, the absence of malicious code and integration with OESIS Framework, an industry standard for monitoring and managing security applications on endpoints.

OESIS Framework is a cross platform, open development framework which enables software engineers and technology vendors to develop products that detect, classify and manage thousands of third-party software applications.

Back to Top

Tata Communications has recently announced its hosted core banking solution (CBS) for Nainital Bank, a leading private sector bank, is ready to go live in the Delhi NCR region. CBS roll out for the rest of the branches would be completed shortly.

Tata Communications’ BFSI drive is spearheaded by its newly setup wholly owned subsidiary Tata Communications Banking InfraSolutions Ltd (TCBIL). TCBIL offers packaged banking solutions, referred to as “Bank in a Box”, like ATM services, card issuance and management, end-to-end POS acquiring, hosted core banking etc. TCBIL is strongly positioned for offering a robust Payment System for managing the dynamically changing expectations of the customers in the banking sector. TCBIL has begun the current financial year with an order book of US $100 million.

Nainital Bank has a network of 92 branches with a fifth of them in the Delhi NCR Region. The entire implementation is likely to get over in the next few months.

Back to Top

Ireland is to benefit from the creation of a new Masters Degree in security and digital forensics that has been inspired by the rising tide of cybercrime. 98pc of all Irish organizations have experienced incidents cybercrime.

The Institute of Technology in Blanchardstown has launched a Masters in Science in Computing in Information Security and Digital Forensics to provide students with an all round perspective on information security risk and proper management. It also covers the steps in conducting a digital forensics investigation where evidence may be needed to secure a prosecution in the case of wrong doing. 

Students will develop skills in each of the stream areas in identifying tools and techniques and learning how to implement solutions based on a problem-solving methodology.

Back to Top

Recognizing the growing demand for entry-level professionals with networking security and risk-management skills, Networking Academy recently announced the availability of a new Cisco CCNA Security course, which will be available to students globally via colleges and universities that are part of Networking Academy community.

Security and risk-management skills are among the most sought-after skills in networking, and global demand continues to grow. Organizations around the world are experiencing a shortage of qualified ICT (information and communications technology) candidates with the specialized knowledge and skills needed to administer devices and applications in a highly secure infrastructure, to recognize network vulnerabilities, and to mitigate security threats.

According to arecent study conducted by Forrester Consulting on behalf of Cisco, dedicated security roles are expected in 80 percent of the companies studied worldwide by 2012. Since 1997, Networking Academy has grown to reach a diverse population of more than 750,000 students each year in more than 165 countries.

Back to Top

AVG Technologies has announced the half-millionth download of its AVG LinkScanner software, a free product that protects consumers against web-based security threats and prevents their computers from being recruited for botnets like the ones that brought down Twitter and Facebook last week.

AVG LinkScanner is designed specifically to protect against Trojans, spyware, rootkits and other malware that tries to steal your private information via compromised web pages, where the bulk of computer infections are happening today. This includes backdoors that are created by infections that allow botnets the ability to access a computer. LinkScanner provides an additional, invisible layer of protection that lets you search and surf the Web safely. Moreover, this protection is provided in real-time, which is the only way consumers can stay protected against transient threats—60 percent of which last less than a day before moving on to another site—that occur even on well known and trusted websites.
AVG LinkScanner can be can be downloaded for free as a stand-alone product from http://linkscanner.avg.com.

Back to Top

Check Point Software Technologies Ltd. announced that Check Point IPS products protect customers against a newly discovered Berkeley Internet Name Domain (BIND) vulnerability. The exploit affects both commonly used UNIX and Windows based DNS servers and allows a remote attacker to create a denial-of-service condition.

The Berkeley Internet Name Domain (BIND) is a popular Domain Name System (DNS) implementation from Internet Systems Consortium (ISC). By sending a specially-crafted dynamic update packet to a BIND 9 server, a hacker can cause a denial of service by causing BIND to crash. The exploit is not limited to servers configured to allow dynamic updates. The vulnerability affects also all servers that are masters of one or more zones and slave servers that are configured to forward updates to their masters. Check Point integrated and dedicated IPS solutions protect against the threat by detecting and blocking maliciously crafted DNS packets.

Check Point's IPS Software Blade, IPS-1 appliances and SmartDefense are supported by Check Point update services, which provide ongoing and real-time updates and configuration advisories for defenses and security policies. Check Point protections are developed and distributed by Check Point's Security Research and Response Centers located around the globe. Users of Check Point SmartDefense are also protected against the new vulnerability.

Back to Top

IBM announced the release of the industry's most comprehensive solutions for helping to combat Web application attacks and to secure the integrity of data processed by Web applications, as part of its ongoing strategy to deliver its clients security solutions designed to address today's most significant security risks.

IBM's integration of its Web application security offerings can help enable enterprises to combat these types of attacks. The latest component of the solution, IBM Proventia SiteProtector 8.0, integrates a consolidated security management system with Rational AppScan, an industry-leading solution for Web application vulnerability and secure code testing; and IBM's recently announced Web application protection module for network and host intrusion prevention systems. This combined solution is designed to deliver multiple benefits to enterprises, including: reduced security management operational costs; improved security posture; consolidated reporting infrastructure; a common workflow system for managing security incidents; correlation of application vulnerabilities with potential security events and real-time attacks, enabling organizations to prioritize remediation to immediately address top threats.

IBM SiteProtector 8.0 is also a key offering in IBM's Information Infrastructure portfolio for improved security, management and encryption, announced last week. Other offerings include Proventia Server for Windows 2008 - helping organizations harness the security and compliance challenges in the heterogeneous datacenter, encrypted disk support for the System Storage DS5000; as well as IBM Tivoli Identity Manager 5.1 featuring role management for more effective enforcement of SOD, and Tivoli Security Information and Event Manager's NERC module, security products that help improve security with little or no productivity impact.

Back to Top

TrendWatch (http://us.trendmicro.com/us/trendwatch/), Trend Micro's online threat resource center, is revamped and refreshed with even more free tools, information, news and advisories, and resources for customers and partners to better educate themselves about the latest online threats and attacks—all consolidated in one, easy-to-navigate location.

Free Cloud-Ready Security Software plus Free Web Site Security tool are available for download at TrendWatch. VM Protection, gained from Trend Micro's recent acquisition of Third Brigade, is a free-of-charge software package for enterprises and service providers who want to fully take advantage of their virtual environments, up to 100 virtual machines. It complements the security-hardened VMware platform and helps organizations achieve protection and compliance for VMware virtual machines (VMs) that are deployed in private or public cloud computing environments.

The free software can be deployed quickly and managed centrally, and is integrated with the VMware platform. Multiple layers of protection are combined in a single software agent to increase security and gain visibility into malicious activity targeting VMs.

Back to Top