Check Point Pushes Virtual Security for VMware Environments
Check Point Software Technologies added to its virtual security lineup with new integration with VMware technology. - Check Point Software Technologies is expanding its virtual security offerings with an eye toward protecting VMware environments. With Security Gateway Virtual Edition (VE), Check Point has added integration with VMwares VMsafe technology in a bid to bring the same level of firewall and intrusi...
Spammers Stay Busy Despite Pushdo Botnet Hit
The disruption of the Pushdo botnet has not stopped spammers, despite nearly two-thirds of the botnet's command and control servers being taken out of commission. - From the shutdown of McColo to last week's disruption of the Pushdo botnet, spammers have continually found ways to stay in business. Nearly 20 of the 30 command and control (CnC) servers associated with Pushdo were taken offline last week due to efforts by security vendor LastLine. The servers...
HP WebScan Feature Can Expose Scanned Documents
Security researchers at Zscaler say many organizations are leaving themselves open to corporate espionage via the WebScan feature included in HP's all-in-one printers. - Research from Zscaler has exposed how a feature in Hewlett-Packard's all-in-one printers can be abused remotely to steal scanned documents. The feature, WebScan, allows users to remotely scan a document and have an image of the document sent from the scanner to their Web browser. Unfortunate...
How to Design a Secure DMZ
One core tenet of demilitarized zone (DMZ) design is to segregate network devices, systems, services and applications based on risk. Because of this, it's crucial to carefully plan and design a DMZ because it may not be easy to fix major flaws in the DMZ's design once it's live. Here, Knowledge Center contributor Michael Hamelin explains how to design a secure DMZ for your enterprise. - We have come a long way when it comes to DMZs (demilitarized zones). It's no longer a question of if your organization needs a DMZ, but rather, it's now a question of how you should design one. In computer security, a DMZ is a physical or logical subnetwork that contains and exposes an organiz...
Microsoft Releases New 'Fix-it' for DLL Vulnerability
Microsoft released some additional help today to plug security holes opened by the DLL loading vulnerabilities in many applications. - Microsoft released a quot;Fix-it quot; to help administrators deal with DLL loading problems believed to be affecting scores of applications. The new solution comes roughly a week after Microsoft released a security advisory on the issue. Along with the Fix-it, the company also pledged to addre...
Researchers Find Quantum Encryption Hack
UPDATE: A team of researchers has demonstrated a new way to crack quantum cryptography using bright light. - A team of researchers has uncovered a new way to crack the security of quantum cryptography. The researchers hailed from the Norwegian University of Science and Technology in Norway as well as the University of Erlangen-Nürnberg and Max Planck Institute for the Science of Light in Germany. Their fi...
Twitter Turns to OAuth for Application Authentication
Twitter has migrated to OAuth for authentication, meaning third-party apps will no longer have to store and send user credentials over the Internet when the application is used. - Twitter has completed its move to OAuth for authentication for all third-party applications. OAuth allows people to use applications without them storing their passwords. In the past, Twitter officials explained in a blog post, developers have been able to choose between basic authentication an...
Hackers Focus on Misconfigured Networks, Survey Finds
Misconfigured networks are the most popular target for hackers, according to a survey taken at the Defcon security conference in July. - Ever wonder what IT resource is the easiest for hackers to exploit? According to a survey of attendees of the annual Defcon security conference, the answer is misconfigured networks. The survey was conducted by Tufin Technologies, which polled 101 attendees of Defcon 18 in July. Seventy-six per...
Phishing Attacks Target CEOs
Hackers are routinely using social network sites and basic searches to find biographical information on corporate executives. And once they have that information, they're targeting these executives with personalized email messages designed to compromise computers, gain access to the network, and steal corporate information. Smarter Technology reporter, Ashley Daley, discusses the nature of these attacks and what you can do to avoid being the next phishing victim. - Video Content.
Trend Micro Targets Virtualization, Cloud Security
Trend Micro is moving ahead with its virtualization and cloud security strategy with new anti-malware technology for virtual environments and encryption key management for the cloud. - Trend Micro continued its push around virtualization and cloud security Aug. 31 with two new product releases. Part one of the announcement - which was made in conjunction with the VMworld 2010 conference running this week in San Francisco - is Trend Micro Deep Security 7.5, which leverages the...