AXIGEN releases Version 7.3 with increased security and manageability
AXIGEN, the professional messaging solution vendor, announced today the commercial release of AXIGEN Mail Server 7.3, designed to be a perfect fit for the Service Provider segment and one more step towards hosted messaging. Only two months after the launch of the desktop-like Ajax Webmail interface, this new version comes to further emphasize the user-centric trend of the product, by focusing on effortless manageability and a higher level of security, through the introduction of a brand new Identity Confirmation system.
Placing strong focus on anti-spam protection, AXIGEN Mail Server 7.3 delivers, among other user-oriented functionalities, an extra layer of security, via a Challenge/Response – based Identity Confirmation method, to offer a highly reliable and customizable email platform.
By directing strong innovative efforts towards adapting to the extremely demanding segment of Service Providers (SPs), AXIGEN reaffirms itself as a “trail blazer”, as considered by The Radicati Group in the Market Quadrant 2009 on Messaging Platforms for Hosted Email Providers, being among those companies that “often shape the future of technology with innovations and new product designs”. Moreover, Radicati’s latest study on Email Platforms for Service Providers Market states “the company has shown huge potential in the past few years and we believe it will continue to innovate and reach new markets”, further acknowledging the product’s innovative qualities and its potential for in the cloud messaging.
“This new release proves yet again our commitment of meeting the ever increasing messaging requirements of today’s business environments. It is also a direct result of our long-term dedication and extensive efforts to present SPs with innovative solutions that they can use to build a higher-end range of Software as a Service (SaaS) offerings for corporate clients,” said Oana Bornaz, AXIGEN CEO.
One of the top nine messaging solutions for hosted email providers according to Radicati’s market studies, AXIGEN is internationally recognized as a top-grade messaging solution and has won the ServerWatch 2007 Product Excellence Award for Best Communications Server.
Source: Gecad Technologies SA
Passware software cracks BitLocker encryption open
Passware announces the release of the world’s first commercially available BitLocker decryption software.
Passware Inc., a provider of password recovery, decryption, and evidence discovery software for computer forensics, has created the first commercially available software to break Microsoft BitLocker hard drive encryption.
The new version of its flagship product – Passware Kit Forensic 9.5 – now recovers encryption keys for hard drives protected with BitLocker. The software scans a physical memory image file of the target computer and extracts all the encryption keys for a BitLocker disk.
BitLocker is an advanced, full-disk protection feature available in Windows Vista, Windows 7, and Windows Server 2008.
“Full-disk encryption was a major problem for investigators,” said Dmitry Sumin, Passware President. “We have been able to provide police, law enforcement, and private investigators with a tool that allows bypassing BitLocker encryption for seized computers.”
Passware Kit Forensic is a complete encrypted evidence discovery solution that reports all password-protected items on a computer and gains access to these items using the fastest decryption and password recovery algorithms. A portable version of the software runs from a USB drive and finds encrypted files and recovers files and website passwords without making any changes to the target computer.
Passware Kit Forensic 9.5 supports over 180 different file types and introduces recovery of passwords for PGP archives and virtual disks. The software supports Windows 7, Vista, 2003, XP, and 2008 Server.
Pricing and availability
Passware Kit Forensic is now available from Passware and resellers worldwide. Manufacturer’s suggested list price starts at $795. The software comes with 1 year of free software updates. Free trial licenses are also available.
Security Trends to Watch in 2010 – Symantec
Symantec 2010 Security Predictions
Antivirus is Not Enough – With the rise of polymorphic threats and the explosion of unique malware variants in 2009, the industry is quickly realizing that traditional approaches to antivirus, both file signatures and heuristic/behavioural capabilities, are not enough to protect against today’s threats. We have reached an inflection point where new malicious programs are actually being created at a higher rate than good programs. As such, we have also reached a point where it no longer makes sense to focus solely on analyzing malware. Instead, approaches to security that look to ways to include all software files, such as reputation-based security, will become key in 2010.
Social Engineering as the Primary Attack Vector – More and more, attackers are going directly after the end user and attempting to trick them into downloading malware or divulging sensitive information under the auspice that they are doing something perfectly innocent. Social engineering’s popularity is at least in part spurred by the fact that what operating system and Web browser rests on a user’s computer is largely irrelevant, as it is the actual user being targeted, not necessarily vulnerabilities on the machine. Social engineering is already one of the primary attack vectors being used today, and Symantec estimates that the number of attempted attacks using social engineering techniques is sure to increase in 2010.
Rogue Security Software Vendors Escalate Their Efforts – In 2010, expect to see the propagators of rogue security software scams take their efforts to the next level, even by hijacking users’ computers, rendering them useless and holding them for ransom. A less drastic next step, however, would be software that is not explicitly malicious, but dubious at best. For example, Symantec has already observed some rogue antivirus vendors selling rebranded copies of free third-party antivirus software as their own offerings. In these cases, users are technically getting the antivirus software that they pay for, but the reality is that this same software can actually be downloaded for free elsewhere.
Social Networking Third-Party Applications Will be the Target of Fraud – With the popularity of social networking sites poised for another year of unprecedented growth, expect to see fraud being leveraged against site users to grow. In the same vein, expect owners of these sites to create more proactive measures to address these threats. As this occurs, and as these sites more readily provide third-party developer access to their APIs, attackers will likely turn to vulnerabilities in third-party applications for users’ social networking accounts, just as we have seen attackers leverage browser plug-ins more as Web browsers themselves become more secure.
Windows 7 Will Come into the Cross-Hairs of Attackers - Microsoft has already released the first security patches for the new operating system. As long as humans are programming computer code, flaws will be introduced, no matter how thorough pre-release testing is, and the more complex the code, the more likely that undiscovered vulnerabilities exist. Microsoft’s new operating system is no exception, and as Windows 7 hits the pavement and gains traction in 2010, attackers will undoubtedly find ways to exploit its users.
Fast Flux Botnets Increase – Fast flux is a technique used by some botnets, such as the Storm botnet, to hide phishing and malicious Web sites behind an ever-changing network of compromised hosts acting as proxies. Using a combination of peer-to-peer networking, distributed command and control, web-based load balancing and proxy redirection, it makes it difficult to trace the botnets’ original geo-location. As industry counter measures continue to reduce the effectiveness of traditional botnets, expect to see more using this technique being used to carry out attacks.
URL Shortening Services Become the Phisher’s Best Friend - Because users often have no idea where a shortened URL is actually sending them, phishers are able to disguise links that the average security conscious user might think twice about clicking on. Symantec is already seeing a trend toward using this tactic to distribute misleading applications and we expect much more to come. Also, in an attempt to evade antispam filters through obfuscation, expect spammers to leverage shortened URLs shorteners to carry out their own evil deeds.
Mac and Mobile Malware Will Increase – The number of attacks designed to exploit a certain operating system or platform is directly related to that platform’s market share, as malware authors are out to make money and always want the biggest bang for their buck. In 2009, we saw Macs and smartphones targeted more by malware authors, for example the Sexy Space botnet aimed at the Symbian mobile device operating system and the OSX. Iservice Trojan targeting Mac users. As Mac and smartphones continue to increase in popularity in 2010, more attackers will devote time to creating malware to exploit these devices.
Spammers Breaking the Rules – As the economy continues to suffer and more people seek to take advantage of the loose restrictions of the CAN SPAM Act, we’ll see more organizations selling unauthorized e-mail address lists and more less-than-legitimate marketers spamming those lists.
As Spammers Adapt, Spam Volumes Will Continue to Fluctuate – Since 2007, spam has increased on average by 15 percent. While this significant growth in spam e-mail may not be sustainable in the long term, it is clear that spammers are not yet willing to give up as long an economic motive is present. Spam volumes will continue to fluctuate in 2010 as spammers continue to adapt to the sophistication of security software, the intervention of responsible ISPs and government agencies across the globe.
Specialized Malware – Highly specialized malware was uncovered in 2009 that was aimed at exploiting certain ATMs, indicating a degree of insider knowledge about their operation and how they could be exploited. Expect this trend to continue in 2010, including the possibility of malware targeting electronic voting systems, both those used in political elections and public telephone voting, such as that connected with reality television shows and competitions.
CAPTCHA Technology Will Improve – As this happens and spammers have a more difficult time breaking CAPTCHA codes through automated processes, spammers in emerging economies will devise a means to use real people to manually generate new accounts for spamming, thereby attempting to bypass the improved technology. Symantec estimates that the individuals employed to manually create these accounts will be paid less than 10 percent of the cost to the spammers, with the account-farmers charging $30-40 per 1,000 accounts.
Instant Messaging Spam - As cybercriminals exploit new ways to bypass CAPTCHA technologies, instant messenger (IM) attacks will grow in popularity. IM threats will largely be comprised of unsolicited spam messages containing malicious links, especially attacks aimed at compromising legitimate IM accounts. By the end of 2010, Symantec predicts that one in 300 IM messages will contain a URL. Also, in 2010, Symantec predicts that overall, one in 12 hyperlinks will be linked to a domain known to be used for hosting malware. Thus, one in 12 hyperlinks appearing in IM messages will contain a domain that has been considered suspicious or malicious. In mid 2009, that level was 1 in 78 hyperlinks.
Non-English Spam Will Increase – As broadband connection penetration continues to grow across the globe, particularly in developing economies, spam in non-English speaking countries will increase. In some parts of Europe, Symantec estimates the levels of localized spam will exceed 50 percent of all spam.
Source: Symantec Corp
IBM introduces new software to accelerate workload movement to System z
IBM announced 10 new software products to help companies lower application management costs by optimizing the System z mainframe for more workloads, such as data analytics, collaborative application development, application maintenance and other key business processes.
Given System z‘s ability to reduce costs through server consolidation, IBM and the industry have aggressively extended the breadth of new workloads for the mainframe via 3,800 z/OS-based and 3,000 Linux-based applications. The unique ability of the mainframe to host many application services on one system has helped System z achieve one of the industry’s lowest application costs per user. Minimal application costs are important for companies which rely on multiple applications to run their business.
The new products span IBM’s software portfolio to provide a range of benefits for System z customers. The benefits include optimal application connectivity, productivity, security and data management.
The new offerings complement IBM’s recent announcement of seven integrated hardware, software and services packages — IBM System z Solution Editions — to help customers deploy new enterprise workloads, such as data warehousing, electronic payments and disaster recovery.
The new products include:
– IMS 11 provides direct SQL access to IMS data from any distributed platform. This simplifies and speeds the process of connecting applications and data, while also enabling easier data replication and change capture processes. Enhanced Java support expands the number of developers available to support IMS applications and business services.
– New products from WebSphere to enhance business process management, connectivity and integration including: WebSphere Process Server for z/OS V7, IBM WebSphere ILOG Business Rule Management Systems, WebSphere MQ for z/OS V7.0.1, WebSphere Message Broker for z/OS V7.0, and IBM Problem Determination Tools V10. These products are designed to help clients discover insights that enable innovation, maximize the value of business interactions, and optimize productivity and resources. For a full list and description of the new WebSphere products visit: www.ibm.com/smartwork/businessagility
To help clients cut application maintenance costs, IBM offers:
– IBM Rational Developer for System z version 7.6 provides a modern GUI development environment, to increase developer productivity and lower the costs associated with maintaining and building multi-platform applications. The new offering helps attract next-generation workers, consolidates multi-language development into a single environment and dramatically reduces CPU usage of up to 50 percent, minimizing budget
expenditures.
– IBM Rational Team Concert for System z version 2.0 uses a new common repository to help teams to work together, share assets, automate processes and deliver software faster. The software expedites response times and cuts costs by consolidating disparate development team infrastructures and automating software development across multiple platforms, which is important for tiered applications.
– An enhanced set of IBM Rational Compilers for C/C++, COBOL and PL/I reduce application MIP requirements, while increasing developer productivity and reducing both capital expense and overall development costs.
To help clients gain better insights about enterprise assets and lower network management costs, IBM offers:
– Tivoli Asset Discovery for z/OS removes unused and obsolete software and helps determine software usage to plan effectively for the future and to run smarter systems.
– IBM Tivoli NetView for z/OS 5.4 improves network and automation control for data centers and change management. It provides an understanding of how network availability and events impact the business, helping customers deliver smarter, more automated systems.
– IBM Tivoli zSecure provides a mainframe security solution for automated analysis and reporting of mainframe events and compliance dashboards that lower auditing costs helping companies run a smarter more cost effective system.
Telcordia, Sodifrance and HVB Unicredit are among the companies worldwide already benefiting from the long-term economics of the System z platform.
“Telcordia’s data systems are designed to provide consistently high throughput all the time. Each system averages five million transactions per day, supporting an average of 250 gigabytes of active data,” said Paul Gandolfo, a senior technical specialist in application development and performance at Telcordia. “Our customers bet their businesses on the services we provide, and we bet our service performance and reliability on IBM’s Information Management System. Downtime is not an option.”
“Building an agile development team requires a multiplatform approach and Sodifrance uses Rational Developer for System z and Rational Team Concert for System z to help application teams synchronize their efforts and improve collaboration,” said Hugh Smith, project manager of Sodifrance. “Rational on System z offers a powerful and valuable combination for any company that wants to boost its development team’s productivity.”
“Programmers that are using Rational Developer for System z have found that development is more comfortable than with our existing set of development tools,” says Almut Geiger of HVB Unicredit. “Debugging in particular is much faster. Features like syntax checking, content assist, multiple views and error identification make development easier. For example, when there were coding errors before, a developer had to find the correct line number in the code and then try to determine what was wrong with the code. Now they just click on an icon, and they are led directly to the position of the error. It takes people some time to get familiar with a new environment, but when they become familiar with Rational Developer for System z, we are seeing an estimated 15 percent increase in development efficiency and a 10 percent increase in testing efficiency.”
System z, visit http://www.ibm.com/mainframe
System z software, visit http://www.ibm.com/software/os/systemz
Source: IBM
BitArmor launches new managed encryption software service
BitArmor offers integrated e-mail, USB and disk encryption solution delivered from the cloud
BitArmor, a leading provider of information-centric encryption software, today announced the availability of BitArmor DataControl 4.0, which includes delivery of encryption software as a managed service. The new service is the industry’s first integrated USB, e-mail and full disk encryption solution delivered from the cloud. BitArmor Managed Encryption is well suited for mid-market businesses, saving them time, money and deployment headaches while providing military-grade encryption to prevent data breaches and comply with state and federal data privacy regulations.
– Easy to afford – Saves tens of thousands of dollars
– Easy to deploy – Leverages existing infrastructure, no additional hardware required
– Easy to use – Encryption is completely transparent to users
– Easy to manage – Enterprise class security without the hassles
“A significant number of PCs and media devices carrying business-critical data aren’t properly encrypted, and this state of affairs is certain to cause disasters for enterprises,” said John Girard, VP and distinguished analyst in Gartner’s Info Security and Privacy Research Center. “Statistical odds suggest that this will happen to virtually every organization, whether small, midsize or large.”
Unlike large corporations, mid-market businesses do not always have the budget, IT resources or infrastructure in place to protect their data with enterprise-class security strategies and technologies. Through BitArmor’s SaaS (Security as a Service) delivery model, all customers can benefit from the advantage of commercial-grade, enterprise-class encryption and affordable data security.
“A.I.M. Mutual is committed to setting the standard in service excellence for our customers, which includes being on the forefront of addressing key data protection issues like the new Massachusetts’s Privacy Law,” said Ray Pata, Manager Systems and Programming of A.I.M. Mutual Insurance Companies, one of the top providers of workers compensation in Massachusetts and an “A” rated financial institution by AM Best Company. “BitArmor Managed Encryption is a great security model as it provides very strong but highly affordable encryption so A.I.M. Mutual can continue to protect our key assets in a fiscally responsible manner.”
“Our customers operating in a wide range of highly regulated industries need encryption as part of their overall defense strategy, but mid-sized companies don’t always have the resources needed to manage an enterprise deployment,” said Carl Kunzmann, Managing Partner of Wulf Consulting, an IT provider that specializes in managed solutions for mid-market businesses and is now offering BitArmor Managed Encryption to its clients. “A great example is Ursuline Senior Services, subcontractor to Pennsylvania’s Allegheny County Area Agency on Aging, which will use BitArmor Managed Encryption to provide an additional level of security and assurance that the confidential healthcare and financial data of the 5,000+ senior citizens it serves will not be compromised.”
As the inventor of patented Smart Tag(TM) technology, a revolutionary approach to data encryption that protects data wherever it goes, BitArmor is recognized for its ability to deliver strategic solutions for the industry’s most pressing data protection problems, including the industry’s only No-Breach Guarantee.
BitArmor Managed Encryption’s latest enhancements solve the unique data protection challenges of the small to medium enterprise market by providing military-grade encryption for laptops, USB devices and email attachments, in a simple-to-manage and affordable subscription-based SaaS model. This is in stark contrast to data encryption solutions offered by many vendors that are cost-prohibitive for smaller businesses because they require investments in disparate technologies, expert IT security resources, and dedicated servers.
New SaaS features with BitArmor Managed Encryption include:
Highest Grade of Encryption: Uses military-grade encryption to safeguard sensitive data;
Complete Control of Sensitive Data: Ensures customers’ sensitive data never enters the cloud by performing encryption processing functions on the client side;
Integrated Managed Encryption: Offers a single integrated managed disk, USB and e-mail encryption solution that is easy to use and completely transparent to end-users;
High Availability: Guarantees the highest level of availability with multiple redundant servers and offline capabilities that provide access to encrypted data in the event of a network outage;
Reporting for Compliance: Supports regulatory requirements with simple-to-use reporting capabilities;
Low Total Cost of Ownership: Allows administrators to easily deploy the solution within hours and securely manage users from a single console – without costly infrastructure investments or prior encryption and key management experience.
“Today’s businesses are faced with the seemingly impossible task of meeting data security requirements while managing IT costs,” said BitArmor CEO Patrick McGregor. “BitArmor continues to deliver the necessary innovations, like SaaS-based encryption, so that all companies can afford to protect their critical data without sacrificing business growth. BitArmor provides consistent value even as regulations and impending risk threats evolve.”
Source: BitArmor