• Categories

  • Browsers
  • Business Software
  • Communications
  • Desktop Enhancements
  • Developer Tools
  • Digital Photo Software
  • Downloads
  • Drivers
  • Educational Software
  • Games
  • Graphic Design Software
  • Home Software
  • Internet Software
  • iTunes and iPod Software
  • Linux
  • MP3 Audio Software
  • Networking Software
  • Productivity Software
  • Screensavers and Wallpaper
  • Security Software
  • Software News
  • Utilities and Operating Systems
  • Video Software

• Archives

  • February 2012
  • January 2012
  • December 2011
  • November 2011
  • October 2011
  • September 2011
  • August 2011
  • July 2011
  • June 2011
  • May 2011
  • April 2011
  • March 2011
  • February 2011
  • January 2011
  • December 2010
  • November 2010
  • October 2010
  • September 2010
  • August 2010
  • July 2010
  • June 2010
  • May 2010
  • April 2010
  • March 2010
  • February 2010
  • January 2010
  • December 2009
  • November 2009
  • October 2009
  • September 2009
  • August 2009
  • July 2009
  • June 2009
  • May 2009
  • April 2009
  • March 2009
  • February 2009

• Links

  • Gadget Mania
  • Gadget Reviews
  • USB World
  

• Meta

  • Log in
  • WordPress
  • XHTML
Tweet

WatchGuard announces Top Threats to education

Education-related Threats Expected to Rise – According to the U.S. Department of Homeland Security, 25 percent of all cyber-security breaches involve schools, and although a majority of educators believe that their campus networks are more secure now than last year, WatchGuard predicts that significant breaches, vulnerabilities and threats will continue to plague schools and universities. WatchGuard deems the following to be the leading network, application and data threats to education:

– Malware & Spyware - As students and faculty utilize the Web for education as well as entertainment purposes, many unwittingly expose themselves to drive-by downloads, or corrupted websites, which injects malicious forms of software on their computers. Once infected, they risk becoming victims of identity theft or loss of personal information via spyware and keyloggers.
– Viruses – Today, e-mail remains to be one of the primary vectors for delivering viruses. Unfortunately, a recent survey showed that 27 percent of users fail to keep their antivirus signatures up to date.  With viruses taking on innovative polymorphic properties, antivirus signatures alone may not be enough to stop the next wave of new viruses to come.
– Botnets – It has been estimated that 15 to 20 percent of all school and university computers connected to the Internet may be part of a botnet. As part of a botnet, school and university systems may be used in a variety of unknown exploits, including spam delivery, denial of service attacks, click-fraud, identity theft and more.
– Phishing – Phishing scams continue to get more sophisticated and selective, with students being specifically targeted. A recent report states that phishing attacks via social networks achieve a success rate of over 70 percent, which indicates that a majority of students are vulnerable to phishing scams.
– Hacking - In a recent survey of education IT professionals, 23 percent ranked student hackers as one of their greatest threats to their network security. Whether the hacks are designed to alter grades or for more sinister purposes, student hackers continue to push the envelope for network and data protection.
– Access Control – Usage of mobile devices and wireless access continues to plague network administrators. Concerns of thwarting unauthorized user access to education IT resources is top of mind with many administrators. As use of mobile devices escalates, schools will face
increasing challenges in managing authorized network access.
– Social Networks – The number one threat to school and university networks is social networks, such as Facebook and MySpace.  Unfortunately, social networks act as an ideal platform to launch a myriad of attacks against students and faculty, including spam, viruses, malware, phishing and more. Adding to this, socially engineered attacks are often extremely successful due to the “trusted” environment that social networks create.

– Because of the sensitive nature of student and faculty information, such as social security numbers, credit card information, and other personal identifying data at risk, WatchGuard recommends that schools and universities review their security controls and IT policies regularly to ensure they have the most effective, up-to-date security solutions in place.

Source: WatchGuard Technologies

Enterprises confront the ugly truth of hidden malware in their networks

Trend Micro security threat assessments help enterprises discover stealthy malware slipping through their security systems.

Enterprises that have invested time, money and resources into implementing top-tier security products for their organizations were confronted with reality when they took advantage of the Trend Micro security threat assessment – a risk-free, 2-week security assessment that allows Trend Micro to monitor an enterprise’s security environment and help them discover how, why and where security threats happen.

Not as Secure as They Think

Enterprises that thought they were secure discovered otherwise: The security threat assessment uncovered active malware and threats that had slipped through existing security infrastructures, and were residing undetected on corporate networks and endpoints on 100 percent of all participating companies from North America, Latin America, Europe and Asia Pacific. On average, these companies have over 11,000 employees and include those from the finance, heath care, government, education and manufacturing industries.

“The results garnered from our security threat assessment prove that as threats become more numerous and sophisticated, conventional security technologies such as endpoint antivirus, Web security gateways, email security gateways and IPS solutions are struggling to keep up,” said Jai Balasubramaniyan, director of product management and marketing. “The types of malware we found were more than just a nuisance, they were malicious and designed to steal data.”

Trend Micro security threat assessment provides an opportunity for participating enterprises to measure the effectiveness of their current security infrastructure. In just two-weeks, Trend Micro can reveal the answer in a customized executive report that identifies any security gaps and pinpoints exactly where the malware resides.

Between October 2008 and June 2009, Trend Micro performed over 100 assessments on enterprises worldwide and discovered that:

• 100 percent of them were infected with active malware.
• 50 percent had at least one data-stealing malware hidden in their networks.
• 45 percent had multiple data-stealing malware infections.
• 72 percent had at least 1 IRC bot.
• 50 percent had 4 or more IRC bots.
• 83 percent had at least 1 malware Web download.
• 60 percent had more than 20 malware Web downloads.
• 35 percent had at least 1 network worm.(1)

What’s Causing These Security Gaps?

While traditional security solutions are critical for a first line of defense, organizations still face a number of security gaps that are continuously exploited by modern-day malware. Today’s stealthy malware infiltrate corporate networks for a variety of reasons:

• Mobile users who go on and off the network with infected devices that compromise corporate networks.
• Inadequate remote office security, lack of onsite IT personnel, and lax policy enforcement impact security.
• Increased usage of easily exploited technologies such as P2P, file sharing, streaming media, and instant messaging.
• Unmanaged and unpatched endpoints such as legacy systems, contractors and guest laptops, USB devices, and other portable and mass storage devices.

Discover How, Why, and Where Threats Occur

Trend Micro security threat assessment utilizes a non-invasive, listen-only appliance that doesn’t interfere with network operations.

Trend Micro engineers quickly install the assessment appliance at the network layer on the core switch where it monitors network traffic to detect resident malware activities, such as botnets. The appliance also monitors inbound email and Web traffic to detect potentially infected messages and suspicious Web sites.

Traffic received by the appliance is analyzed using a combination of Trend Micro’s scanning engines and technologies and integrates with the Trend Micro Smart Protection Network, a next-generation, cloud-client security architecture that provides a unique approach to blocking viruses, spyware, spam, and Web threats before they reach business networks

At the end of the risk-free, 2-week assessment, Trend Micro will issue an enterprise-specific report that:

• Examines potential vectors of infection.
• Identifies malware, information stealers, affected assets, infection sources, and disruptive applications.
• Pinpoints specific problem areas by IP address
• Increases visibility into the company’s security network for better understanding of how the threats occurred, where they entered the network, and how to fill security gaps.

(1) Data based on 60 assessments

Source: Trend Micro Incorporated

Microsoft Security Intelligence Report Shows Rogue Security Software a Top Threat to Internet Users

Cybercriminals take advantage of increased online savvy and human nature.

Microsoft Corp. released the sixth volume of its Microsoft Security Intelligence Report, which showed a significant increase in rogue security software and evidence that threats are predominantly targeting common third-party desktop applications. This version of the report also showed that the No. 1 reason for data breaches remains lost and stolen computer equipment.

Released twice a year, the Microsoft Security Intelligence Report uses data gathered from hundreds of millions of computers worldwide to provide an in-depth snapshot of the threat landscape. With this volume, which covers the second half of 2008, Microsoft provides more information and insight about threats than ever before by offering new data on document file format attacks, the differences in malware affecting home and business computers, and phishing.

Rogue security software, also known as “scareware,” takes advantage of users’ desire to keep their computers protected. The rogue software lures them into paying for protection that, unknown to them, is actually malware offering little or no real protection, and is often designed to steal personal information. The Microsoft Security Intelligence Report shows that such programs are now among the top threats around the world. For example, two rogue families, Win32/FakeXPA and Win32/FakeSecSen, were detected on more than 1.5 million computers by Microsoft software, catapulting them into the top 10 threats in the second half of the year. In addition, Win32/Renos, a threat that is used to deliver rogue security software, was detected on 4.4 million unique computers, an increase of 66.6 percent over the first half of 2008.

Rogue security software and other social engineering attacks such as these compromise people’s privacy and are costly; some take personal information and drain bank accounts, while others infect computers and rob businesses of productivity.

“We continue to see an increase in the number of threats and complexity of those threats designed to implement crime at a variety of levels online,” said Vinny Gullotto, general manager of the Microsoft Malware Protection Center. “But as Microsoft and the industry continue to improve the security of our products and people become more concerned about their online safety and privacy, we see cybercriminals increasingly going after vulnerabilities in human nature rather than software. By working with others across the industry, Microsoft is helping combat the next generation of online threats through a community-based defense resulting from broad industry cooperation with law enforcement and the public.”

The Security Intelligence Report also showed that as software companies have improved the security of their operating systems, attackers have shifted their focus to the application layer, where the majority of vulnerabilities are now being reported; nearly 90 percent of vulnerabilities disclosed in the second half of 2008 affected applications. The report also showed that Microsoft continues to make significant progress in secure software development and that newer versions of Microsoft software are more secure than previous versions.

Finally, the Security Intelligence Report showed that lost and stolen equipment, not computer hacking, continues to be the most common cause of security breaches resulting in data loss publicly reported in the second half of 2008 — totaling 50 percent of reported incidents. To mitigate this threat, organizations must implement strong data governance practices to help protect data from criminal access.

Based on the key findings from the report, Microsoft is calling on the technology industry, law enforcement and policy makers to continue to work together to develop new ways to deter online criminals and help protect people online. Microsoft will continue to work with others toward its End to End Trust vision for a safer, more trusted Internet, which will require broad industry collaboration and technology innovations that are aligned with social, economic and political forces. Microsoft also recommends that customers and organizations use the data and prescriptive guidance outlined in the Microsoft Security Intelligence Report to assess and improve their security practices. The proactive steps Microsoft recommends for individuals and businesses include these:

• Configure computers to use Microsoft Update instead of Windows Update; this will ensure the receipt of security updates for Microsoft Office and other Microsoft applications, as well as security updates for Microsoft Windows operating systems. More information on how to do this is available at http://support.microsoft.com/kb/311047.

• Make sure that updates also are enabled when possible for third-party applications.

• Use an anti-malware product from a known, trusted source, and keep it updated. Be cautious not to follow advertisements for unknown software that appears to provide protection (rogue security software).

• Avoid opening attachments or clicking on links to documents in e-mail or instant messages that are received unexpectedly or from an unknown source.

• Enterprise customers should ensure that policies are in place to help secure all file shares and regulate the use of removable media.

• Enterprise customers should use the Microsoft Security Assessment Tool (MSAT), available at http://technet.microsoft.com/en-us/security/cc185712.aspx, to help assess weaknesses in their IT security environment and build a plan to address the risks.

• Enterprise customers should help control the use of remote management software.

• Detailed help and guidance on helping secure the home computing environment is available on the Security at Home Web site at http://www.microsoft.com/protect.

A full list of Microsoft’s guidance, a downloadable version of the Security Intelligence Report, volume 6, and other related information is available at http://www.microsoft.com/sir.

• Recent Posts

  • Bitdefender Special Discount: 29% OFF for the Leap Year
  • Vintage Camera for iPhone and iPod Touch
  • How Online Communication Connects Generations
  • 2012 Best DVD Ripper for Mac and Video Converter for Mac
  • Crackle Voice-controlled Experience on Xbox 360
  • ESET has been named a 2011 Top Rated Product by AV-Comparatives
  • Microsoft Provides Tips to Help Protect Your Online Image
  • Register Now for the 2012 TopCoder Open!
  • Apple All-New iTunes U App for iPad, iPhone and iPod touch
  • Free Adobe Photoshop Lightroom 4 Beta Delivers Unparalleled Image Processing
  • Macworld | iWorld: More Than 100 Brand New Products Debuting for the Apple Platform
  • IBM Brings the Power of Analytics to Social Business
  • TomTom Provides Customers with More Details about How It Uses Their Location Data
  • CES 2012: Mobile Security V6.0 for Android
  • CES 2012: ZappoTV Beta Android Version of Popular iOS App

• Tags

  2009 Adobe America antivirus Apple application app store browser business cybercriminals data protection download encryption FileMaker free IBM internet iPad iPhone iPod touch Mac Malware Microsoft news office online PandaLabs Panda Security productivity protection safety security Security Software SIIA social media software Software News tech technology threats Trend Micro US USA Windows Windows 7