It is time to get back to basics, and to really detail out your plan of attack. We invite you to read our ‘Back to Basics – How to Protect your Organizational Assets and Confidential Information. It is provided as a guideline only, however if you do have any questions, or would like some additional information please feel free to contact me directly. Getting_Back_to_Basics
Archives for May 2013
Solution offers combined gateway, endpoint, and cloud Web protection
BOSTON, MA – May 13, 2013 – Sophos today announced the availability of Sophos UTM Connected, the latest version of its award-winning UTM (unified threat management solution). This release introduces expanded UTM managed endpoint protection with unique Web in Endpoint functionality, broader wireless coverage for large scale wireless deployments and higher performance networking.
As the complexities of securing all networks have grown, so have the struggles for businesses to fully optimize the many point security solutions they have purchased. A UTM is the proven solution to address this problem, however most simply put layers of protection on a single appliance. The introduction of Web in Endpoint functionality lets Sophos UTM go a stage further and make security layers communicate and combine to deliver more effective protection. This approach simplifies user experience and delivers a higher level of overall protection on which customers can rely.
Robert Lemos, DarkReading
The Internet frequently represents evolution on steroids, and the malware ecosystem is no different.
Malware has quickly evolved to take advantage of weaknesses in digital defenses. In 2012, more than 40 million Windows systems were infected with malware, according to data collected by Microsoft in its annual Security Intelligence Report. And Google researchers found that, of four common antivirus scanners, the best only detected 25 percent of real-world malware, and combined, the scanners only caught 40 percent of malicious downloads.
Malware writers have honed their technique to do well against current defenses, says Srinavas Kumar, chief technology officer of TaaSERA, a security-service provider.
“The malware writers know how to get around antivirus software,” he says. “They can detect that antivirus is running or that IPS/IDS is watching and make it very difficult to blacklist them.”
To defend against the latest attacks, enterprise security professionals need to know why today’s malware is so successful. Culling data from a number of recent studies and discussions with security experts identifies five strategies for success.
SearchSecurity – Published: 02 May 2013
Fully one-third of all websites surveyed last year were found to be vulnerable on a daily basis to a “serious” flaw like cross-site scripting, information leakage or content spoofing, according to a report on site vulnerabilities released today by WhiteHat Security.
While industries like entertainment and media were relatively quick to fix website vulnerabilities (an average of 33 days), WhiteHat’s survey found that industry-wide the average was 193 days from first notification.
Retail, health care and insurance websites were among the laggards, each taking well over 200 days to fix their sites after notification. Frequently updated retail sites, for instance, generally pose greater security challenges for Web developers, experts said, because each code deployment introduces new vulnerabilities.
“It’s an unforgiving environment,” stressed Jeremiah Grossman, WhiteHat Security’s founder and chief technical officer. The proliferation of “broken code” results in a “race to see who can exploit vulnerabilities.” Hence, most security patches for websites don’t work.
Still, the remediation rate for all sites surveyed was 61% in 2012, the Web security firm found, compared to only 35% in 2007.
Tuesday 30 April 2013
A new threat is targeting Apache webservers, which are among the most widely-used webservers in the world, according to researchers at security firms ESET and Sucuri.
The threat is a highly advanced and stealthy backdoor being used to drive traffic to malicious websites carrying Blackhole exploit packs.
Researchers have named the backdoor Linux/Cdorked.A, and have described it as the most sophisticated Apache backdoor to date.
“The Linux/Cdorked.A backdoor does not leave traces on the hard-disk other than a modified httpd file, the daemon (or service) used by Apache,” said Pierre-Marc Bureau, ESET security intelligence program manager.
“All information related to the backdoor is stored in shared memory on the server, making detection difficult and hampering