Security

A computer Trojan that targets online banking users is evolving and spreading rapidly because its creators have adopted an open-source development model, according to researchers from cyberthreat management firm Seculert.

Researchers at a university in Bochum, Germany claim to have cracked encryption algorithms of the European Telecommunications Standards Institute (ETSI) that are used to secure certain civilian satellite phone communications.

The NoSQL movement has spawned a slew of alternative data stores, all of which attempt to fill voids left by traditional relational database implementations. But while it's easy to fit the various relational databases (MySQL, Oracle, DB2, and so on) under a single categorical umbrella, the NoSQL world is much more diverse, and the NoSQL label is too general. NoSQL data stores such as MongoDB and Cassandra are so vastly different from each other that apples-to-apples comparisons are practically impossible. Thus, within the world of NoSQL, there are subcategories such as key-value stores, graph databases, and document-oriented stores.

Security vendor’s latest report reveals what users are really concerned about when going online

Symantec is in an ongoing fight against hackers in the group Anonymous that last January attempted to extort a payment of around $50,000 from Symantec in exchange for not publicly posting stolen Symantec source code they had stolen for various older Symantec security products dating to 2006.

The cloud 'security strategy' involves adopting security solutions that seamlessly span physical, virtual and private/hybrid/public cloud environments while simplifying operational and management complexities. Roundtable attendees got down to business, discussion the 'practical steps' and issues and opportunities involved in securing the cloud environment. Jennifer O'Brien reports.

ARN pulled together a panel of industry representatives to discuss how to position security solutions successfully to 5-499 seat organisations in today’s economic climate. This roundtable was held in conjunction with Symantec.

The ARN round table was held in conjunction with Firewall Systems and its vendor partners, AirMagnet, Blue Coat, Check Point, Network Box, TippingPoint and WatchGuard.

It's a fact of modern life that archiving data is essential to prevent a data disaster. Still, something like one-third of computers are never backed up, according to 2257 respondents in a recent Backblaze poll carried out by Harris Interactive. The survey came to the dismal conclusion that a scant 7 per cent of users practice safe computing by archiving their systems on a daily (or nightly) basis.

Perhaps it was an omen of what was to come when the city of San Francisco on New Year's Eve 2010 couldn't get a backup system running in its Emergency Operations Center because no one knew the password.

If your IPv6 strategy is to delay implementation as long as you can, you still must address IPv6 security concerns right now.

Malware targeting Android-powered mobile devices and Apple computers top a list scams and security threats the people need to guard against this holiday shopping season.

Stealthy, sometime long-term cyber-espionage attacks to steal sensitive proprietary information -- what some now call "advanced persistent threats" (APT) -- have become a top worry for businesses.

Insentra's Ronnie Altit talks about some of the challenges with starting a business and the importance of building trusted relationships with partners

ARN caught up with Symantec Pacific region vice-president and managing director, Craig Scroggie, during Symantec Partner Engage 2011 to talk about the security vendor’s channel strategy, partners specialising and the current security landscape.

Wireless and networking specialist distributor, Lan 1, is celebrating its fifteenth birthday this year. NADIA CAMERON caught up with managing director, Daniel Lee, to discuss the importance of the NBN, potential acquisitions and his plans for the future.

More than anyone else, Jaak Aaviksoo has first-hand knowledge of what a cyberwar might feel like. In April 2007, Estonia's banking, media and government presence online was disrupted by several waves of distributed denial of service attacks that knocked services offline. The country is heavily wired -- 90 percent of all financial transactions are conducted over the Internet and 70 percent of the population files their tax returns electronically -- so the incident was widely felt by the country's 1.3 million citizens.

CIOs think of Symantec as a company that buys its way into new markets. Over the past decade the Cupertino, California, vendor has snatched up about 30 companies as it's evolved from an antivirus and tools seller to an aspiring enterprise infrastructure vendor.

Much outrage has been expressed about Google's new privacy policy. People are acting as if they are shocked that Google would consolidate the personal information it gathers from its customers through all of its varied services. What is shocking to me is that none of these people, including members of Congress, seemed to see it coming.

It seems like only yesterday I was writing an article about the merits of cloud computing, storing your precious irreplaceable data and photos online. At the time it was topical as the Victorian Black Saturday fires had devastated parts of the state. Many treasured memories were lost forever. I thought about online storage and backups once again when the floods and then cyclones ripped through Queensland recently.

While it doesn't quite rank up there with dumping hundreds of millions of gallons of crude oil into the ocean while your CEO goes yachting, Google's huge Wi-Fi spying "oops" may become the search giant's BP moment.

It seems many things in our industry come in vertical stacks. We have vertical network stacks, we have vertical protocol stacks and now we have vertical cloud stacks.

Quit Facebook Day may have flopped when it comes to creating a mass exodus of Facebook users, but those who care about privacy owe a debt of gratitude to the failed movement.

Microsoft NAP is an effective network gatekeeper for Windows endpoints, but initial configuration is complex, policies are basic, and reporting is absent. NAP is best used as a core technology deployed in combination with others for a more complete, manageable, and scalable solution.

IronPort S160

Many sandbox security vendors claim that their products stop all known and unknown attacks. Even assuming the ability to curtail all known attacks could be proven, it's simply impossible to believe that any piece of software could halt all unknown attacks. Of course, that doesn't prevent the vendors from making empty promises or the malware authors from proving them wrong.

The Internet is a scary place. Criminal malware lurks on legitimate and illegitimate Web sites alike, looking to steal your money one way or the other. Vendors have been scratching their collective heads attempting to make more consumers safer, more often. One of the results has been a class of anti-malware software that I call sandbox protection products. These items encapsulate Internet browsers (and e-mail programs and sometimes any other program you can run) within a virtual, emulated cocoon designed to keep malware from reaching and modifying the underlying host computer.

The news media is full of stories about e-mails and documents that were better off not sent. Last year an airline CEO accidentally sent an ultra harsh e-mail to complaining customers, the text of which was obviously not intended for the customers. Frustrated employees frequently send embarrassing internal memorandum to public news sources. And is there an e-mail user who hasn't regretted accidentally sending an e-mail to an unintended party? Whether e-mail or documents are sent intentionally or not, it is clear that content intended for a restricted audience is being shared with unauthorized parties on a regular basis.