Latest Posts | Page 130


Last week Google announced a significant change to the way they disclose vulnerabilities. In cases where a zero-day vulnerability has made it into the wild and is being actively exploited, Google will now give 7 days to the software vendor whose product is being exploited before "...support(ing) researchers (by) making details available so that users can take steps to protect themselves." We hope that the details Google will make available do not include full disclosure or working proof of concept code. That being said, we agree that in cases where... [Read More]
by RSS Richard Henderson  |  Jul 30, 2012  |  Filed in: Industry Trends
Tags:
Distributed Denial of Service (DDoS) attacks are on the rise, and they're only getting stronger. This was driven home by The New York Times report on how anti-spam organization Spamhaus fell prey to one of the largest DDoS attacks in history. Few can forget the targeted DDoS assaults on global financial institutions JP Morgan Chase, Wells Fargo and Bank of America, Regions Bank and American Express - attacks that crippled the businesses for hours and cost millions in lost business, remediation and damage control. This doesn't even count the tens... [Read More]
by RSS Stefanie Hoffman  |  Jul 30, 2012  |  Filed in: Industry Trends
Microsoft's Internet Explorer 10 is the most secure web browser according to the results of a mid-May 2013 NSS Labs' analysis. Apple Safari 5, Google Chrome 25/26, Internet Explorer 10, Mozilla Foxfire 19 and Opera 12 were all evaluated against malware downloads and socially engineered malware. Results show that Chrome's malware download protection improved significantly, up to more than 83 percent from a 70 percent performance in NSS' October 2012 analysis, Browser Comparative Analysis Report - Socially Engineered Malware. IE earned a block rate... [Read More]
by RSS Stefanie Hoffman  |  Jul 30, 2012  |  Filed in: Industry Trends
In the following video, IT-Harvest's Richard Stiennon interviews John Maddison, Fortinet's vice president of marketing on how Fortinet views itself in the security market. Topics covered include network security performance, the depth and breadth of the company's product line and the company's technology innovation. [Read More]
by RSS Rick Popko  |  Jul 30, 2012  |  Filed in: Industry Trends
There's no shortage of reports on the latest network security breaches. Each incident holds its own valuable security lesson but it's beneficial to recognize the incremental successes paving the way to progress. That's exactly what Reuven Harrison of Fortinet's solution partner Tufin did in a blog published last week. Tufin is a security lifecycle management solution provider working with large organizations to enhance their security, ensure business continuity and increase operational efficiency. Tufin bolsters FortiGate multi-threat security... [Read More]
by RSS Stefanie Hoffman  |  Jul 30, 2012  |  Filed in: Industry Trends
It's rare that a week goes by without headlines of data breaches or malware attacks -- or the introduction of a solution to stop them in their tracks. The latter is increasingly important, thanks to a rash of exploits on LivingSocial, eHarmony, Sony and Evernote -- all part of a long, growing list of high-profile targets. The latest, greatest remedy is what researchers at MIT and RSA have dubbed "honeywords" -- a new way to deter hackers from leveraging databases of swiped passwords for financial gain. According to SF Gate, honeywords are fake... [Read More]
by RSS Stefanie Hoffman  |  Jul 30, 2012  |  Filed in: Industry Trends
Yesterday Twitter announced that it has enabled two-factor authentication for users of their popular service. As we wrote in our Two-Factor Authentication Solution Brief earlier this year: the password as you know it is dead. As we continue to move into a world where literally everything we do touches the Internet in some fashion, companies owe it to their users and customers ways of ensuring they provide safe and secure methods of authentication. Over the past couple of years, famous password breaches such as the RockYou breach have helped cybercriminals... [Read More]
by RSS Richard Henderson  |  Jul 30, 2012  |  Filed in: Industry Trends
Wireless network infrastructure - for anyone in business, it's a necessary evil and, perhaps ironically, one that isn't short on infrastructure. You need a controller and wireless routers or access points - lots of them -- enabling wireless networks to join an existing wired network. You'll have to invest in a site planner/survey tool, or risk incorrectly guessing where the APs should go. Users need to learn the new WLAN management system, integrate it into the server/LDAP and figure out how to not only add security, but maintain appropriate defenses... [Read More]
by RSS Stefanie Hoffman  |  Jul 30, 2012  |  Filed in: Industry Trends
Tags:
Of 200 enterprise security professionals recently surveyed by Enterprise Strategy Group, 79 percent report Web application security attacks in the past year. In a late April Network World blog on the topic, Jon Oltsik, a principal analyst at ESG, said the study also found thieves attacked Web application features and functions such as application authentication, configuration management, application authorization and session management. Oltsik says the good news is that there's more emphasis on secure software development lifecycles, developer... [Read More]
by RSS Stefanie Hoffman  |  Jul 30, 2012  |  Filed in: Industry Trends
Another Patch Tuesday is upon us, and both Microsoft and Adobe have important patches that you should implement right away if you're impacted. Adobe's big patch fixes a ColdFusion exploit that allows an attacker to access files located on a server with ColdFusion installed. There should also be a fix to Adobe Acrobat Reader. You can read Adobe's security advisory here. On the Microsoft side, we should see at least 10 patches that cover over 30 vulnerabilities which impact Windows, Internet Explorer, Office, Lync , Microsoft's .NET framework and... [Read More]
by RSS Richard Henderson  |  Jul 30, 2012  |  Filed in: Industry Trends