Global Security Mag Online

Secutech announces the world's first specialist pavilion for HD/Digital Surveillance products

Marc Jacob — 2010-09-02T19:52:25Z

Special fringe programme caters to booming HD market

To meet an increasing demand for surveillance equipment, Secutech, Asia's leading safety and security fair will feature a new pavilion for HD/Digital Surveillance products at its 2011 show to be held from 20 – 22 April 2011 at the Nangang Taipei World Trade Center, Taiwan. The show is organised by Messe Frankfurt New Era Business Media Ltd, a leading integrated media company dedicated to the security industry, organising Secutech trade fairs as well as publishing 12 A&S magazines and operating several websites.

Mr Parson Lee, Managing Director, Messe Frankfurt New Era Business Media Ltd said: “High definition video can yield up to six times more pixels per second than analogue cameras and as a result, it has become one of the fastest growing product segments in the surveillance equipment market. To meet this increasing market, Secutech is setting up the world's first new HD / Digital Surveillance pavilion with 500 booths.”

This new pavilion is expected to attract 140 exhibitors and industry heavyweights such as ABus, Dahua, Dali, Everfocus, GKB, HDPRO, Hisharp, Hunt, KT&C, Moswell, Pinetron, Rapidos, Tamron, TBT, Videotec and Wonwoo have already signed for the show. Products and services in the new pavilion will range from HD cameras, speed dome cameras, DVR to NVR to video content analysis.

Special fringe programme caters to booming HD market

A number of forums and seminars will be organised during the show for the industry players to explore the latest HD trends and practical applications.

The HD Surveillance Forum is one of several Global Digital Surveillance Forum (GDSF Asia) events where the world's leading HD surveillance providers will share their insights into key issues such as standards, transmission requirements and new applications. This will be of particular interest to system integrators, IT installers, communications and end users.

The Composec HD Surveillance Seminar is especially designed for R&D and project managers. It will feature the most updated technology for WDR sensors, video analytics at edge, real-time compression and other control IC chips, which are widely used in large-scale transportation. In addition, it will cover the topics of storage, display and other interface upgrades and the change to an IP-based system.

For further information about Secutech, please visit www.secutech.com or contact Ms Veronica Chen at 886 (2) 2659 9080 ext 777 or email veronica.chen@newera.messefrankfurt.com.

20 – 22 April 2011 - Secutech
International Exhibition and Conference for
Electronic Security, Info Security, Fire and Safety
Nangang Taipei World Trade Center
Taipei, Taiwan

Secutech is part of Messe Frankfurt's global network of security trade fairs. Messe Frankfurt also organises five other leading security trade fairs: Intersec in Dubai, Secutech Thailand, Secutech Vietnam, Seguriexpo Buenos Aires and Intersec Buenos Aires. For more information, please visit www.intersec.messefrankfurt.com.

Vigil@nce - SSSD: connexion without password

Vigil@nce — 2010-09-02T17:46:40Z

This bulletin was written by Vigil@nce : http://vigilance.fr/

SYNTHESIS OF THE VULNERABILITY

An attacker can connect via SSSD and LDAP with an account without knowing the password.

Severity: 2/4

Creation date: 26/08/2010

DESCRIPTION OF THE VULNERABILITY

The SSSD daemon handles access to identities and authentication remote resources.

LDAP offers an authentication mechanism called SimpleBind who requires two arguments (username and password). Three modes, Anonymous, Unauthenticated and Name/Password are defined. In the first two cases, it is an anonymous authentication (empty password).

When an LDAP server is used for authentication, SSSD issues a SimpleBind query to the server and depending of the answer, allows or not access. However, in the case of the LDAP server allow Unauthenticated mode, if a blank password is used, the Unauthenticated mode will be used instead of Name/Password. The LDAP server then authenticate the user, SSSD too allowing access.

An attacker can therefore connect via SSSD with an account without knowing the password.

ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN

http://vigilance.fr/vulnerability/S...

Wick Hill appointed as distributor for Panasonic

Marc Jacob — 2010-09-02T17:27:06Z

Value added distributor, Wick Hill, has been appointed a distributor for Panasonic in the UK and Germany. Wick Hill will distribute Panasonic's range of unified comms solutions for businesses, running over IP.

This move represents a significant further expansion into the convergence market by IP experts Wick Hill, whose portfolio now also includes telecoms and converged solutions suppliers such as Samsung, Gamma Telecom and Oak.

Panasonic's Office Communications Solutions

Wick Hill will provide Panasonic's range of office communications products, but will focus on the Panasonic Network Communications Platform (KX-NCP), a range of business communications solutions, primarily for SMEs. These allow companies to easily implement unified comms, providing innovative IP telephony features and functionality over both local office and broadband managed IP networks.

The KX-NCP range offers full business communications features, built-in advanced applications, and a choice of fixed, mobile and advanced touch screen IP terminals.

It makes it easy for staff to always stay in touch and improves team productivity by using applications integrated with the communications solution.

The range facilitates increased mobility and remote working and can improve responsiveness to customers through the use of integrated applications, which speed up and monitor customer service levels. It also provides the opportunity to reduce costs through converged communications for voice and data, using integrated SIP telephony services.

Growth of unified comms and convergence

Research company MZA reported that the total UC applications market in the UK was valued at GBP 178 million (end user level) for 2009 and would rise to GBP 402 million in 2014. MZA's definition of unified comms was ‘Conferencing and Messaging.' Included in this were web, video and audio conferencing, as well as voice mail, unified messaging and enterprise instant messaging.

Trend Micro Delivers First Agentless Anti-Malware for VMware-Virtualized Datacenters

Marc Jacob — 2010-09-02T15:18:52Z

Trend Micro, a provider of security and compliance solutions for VMware environments, is the first security vendor to unveil an anti-malware solution that leverages the new VMware vShield Endpoint.

VMware vShield Endpoint strengthens security for virtual machines and their hosts while significantly improving performance for virtual machine (VM) protection by offloading anti-malware processing to dedicated security-hardened virtual machines delivered by VMware partners.

Integrating VMware vShield Endpoint APIs has enabled Trend Micro to create antimalware protection for VMs without requiring a third-party agent to be installed on each VM, thereby reducing memory and CPU load. As a result, Trend Micro is able to provide anti-malware protection for VMs, while minimizing performance and operational impact.

Trend Micro delivers agentless anti-malware for VMware through Trend Micro™ Deep Security 7.5, which was also announced today (please see press release here). Deep Security provides advanced protection for virtualized systems, and the latest version includes agentless anti-malware, together with IDS/IPS, web application protection, firewall, integrity monitoring and log inspection modules.

By leveraging VMware vShield Endpoint, Trend Micro is able to provide effective solutions to businesses that want the cost-savings and operating efficiencies of virtualization, but need the protection from malware and other Web threats that may compromise their networks. Trend Micro Deep Security is part of Trend Micro™ Enterprise Security – a tightly integrated offering of content security products, services and solutions which is powered by the Trend Micro™ Smart Protection Network™. Trend Micro Enterprise Security delivers maximum protection from emerging threats while minimizing the cost and complexity of security management.

Trend Micro Launches a Breakthrough Encryption Solution for the Cloud Public

Marc Jacob — 2010-09-02T15:04:17Z

Trend Micro announced the public beta availability of Trend Micro SecureCloud, furthering the company's mission to extend multi-layered protection to data residing in the private or public cloud. By applying new patentpending key-management technology combined with industry-standard encryption, SecureCloud gives control over data stored in public, private or hybrid clouds back to enterprises.

Private and public clouds provide compelling business value in lowering costs and increasing business agility, but also present new security gaps and operational challenges that conventional defenses cannot resolve. For example, IDC conducted a survey of 263 IT executives, CIOs and their line of business colleagues to gauge their opinions and understand their companies' use of IT Cloud Services. Security ranked first as the greatest challenge or issue attributed to cloud computing. SecureCloud was designed to address these concerns: It alleviates data security, privacy and compliance risks associated with deploying information into any cloud-computing environment.

You're always in control because you hold the encryption keys SecureCloud's patent-pending approach integrates unique policy-based key management, industry-standard encryption and virtual-server authentication to safely and easily deploy data into private or public cloud environments. This lightweight approach enables cloud users to secure sensitive information without having to install a vastly more complex secure file infrastructure. It can deliver services in a private cloud that resides in the enterprise datacenter, a public cloud outside the enterprise managed by third-party service providers, or a hybrid cloud that combines private and public clouds. Since users choose and manage their own security solution, they gain the freedom and power to move to whichever provider or deployment model fits their needs.

SecureCloud gives users exclusive custody over their encryption keys, where other encryption solutions might share or keep custody of keys. This approach provides “separation of duties,” allowing cloud customers the ability to leverage the efficiencies and benefits of cloud services while maintaining authority over the information within their environments.

SecureCloud also helps users comply with security standards set in regulations like HITECH, PCI DSS and GLBA by safeguarding sensitive and personally identifiable information with strong encryption techniques. Ultimately, giving data owners the exclusive ability to dictate when and where encryption keys are deployed allows them to maintain complete control over their information and operate safely in any cloud computing environment.

Expanding Trend Micro's product family for public and private cloud environments Trend Micro has invested heavily in a family of multi-layered protection for cloud and virtual environments.

Currently, Trend Micro™ Deep Security prevents data theft, business disruptions, and compliance violations with comprehensive server security for today's virtualized datacenter. The latest release of Deep Security (see press release here) now includes agent-less anti-malware, virtualization-aware intelligence, and leverages VMware vShield Endpoint technology for stronger server protection against data breaches and greater compliance. In addition, Trend Micro™ Core Protection for Virtual Machines delivers malware protection for active and dormant virtual servers in VMware vSphere™ environments.

Trend Micro SecureCloud enhances an already broad solution lineup for cloud security, but is specific to the security and governance of data stored and used in private or public clouds. The new solution can complement and work alongside Trend Micro Deep Security: While Deep Security provides a secure container into which customers can put their applications and manipulate their data, SecureCloud encrypts and controls data stored outside the container so that only its encryption key owners can access it.

Trend Micro SecureCloud is part of Trend Micro™ Enterprise Security – a tightly integrated offering of content security products, services and solutions which is powered by the Trend Micro™ Smart Protection Network™ infrastructure. Trend Micro Enterprise Security delivers maximum protection from emerging threats while minimizing the cost and complexity of security management.

Trend Micro Announces Trend Micro™ Deep Security 7.5

Marc Jacob — 2010-09-02T14:38:26Z

Trend Micro announced the latest version of its advanced security software that protects operating systems, applications and data on physical, virtual and cloud servers, and virtual desktops. Trend Micro Deep Security 7.5, which leverages the latest VMware® vShield Endpoint API, now comes with a new agentless anti-malware module that adds to the product's existing toolkit of protections including: intrusion detection and prevention, web application protection, application control, stateful firewall, integrity monitoring and log inspection.

Together with its other modules, Deep Security is a comprehensive server and application protection software that enables physical, virtual, and cloud computing environments to become self-defending. Whether implemented as software, virtual appliance, or in a hybrid approach, this solution minimizes overhead, streamlines management, and provides strong, transparent security for virtual machines. Deep Security also helps enterprises to achieve compliance with important standards and regulations such as PCI, FISMA and HIPAA.

Trend Micro Deep Security 7.5 is designed to prevent data breaches and business disruptions from emergency patching by providing a line of defense at the system itself, whether physical, virtual or cloud.

What's NEW in Trend Micro Deep Security 7.5

Virtualization-aware, anti-malware module for VMware environments makes Trend Micro Deep Security one of the most comprehensive server security solutions available.

The new module integrates new VMware vShield Endpoint APIs for anti-malware protection of VMware virtual machines with zero in-guest footprint. It optimizes security operations to remove security brown-outs commonly seen in full system scans and pattern updates, and it tamper-proofs security from sophisticated attacks by isolating malware from anti-malware. Deep Security 7.5 creates a giant leap in manageability and performance standards over other AV in virtual server and virtual desktop environments. Integration with VMware vShield Endpoint APIs and VMware vShield Manager enables rapid deployment on VMware vSphere hosts and enables the Deep Security virtual appliance to immediately and transparently protect VMware vSphere virtual machines. Trend Micro has successfully implemented this latest API within Deep Security and will be collaborating with VMware for future solutions.

Powered by the Trend Micro™ Smart Protection Network™ Deep Security's anti-malware module also integrates with the Trend Micro Smart Protection Network, the core technology infrastructure behind Trend Micro solutions. It uses a number of patent-pending technologies and combines Internet-based (or “in-thecloud”) technologies with real-time correlation and analysis to provide immediate, realtime protection. Through this integration, Deep Security not only removes anti-malware pattern files altogether from the virtual machines, but the patterns that now reside in the virtual appliance have a much smaller footprint than with typical solutions.

Complements Trend Micro SecureCloud™ security platform, which empowers businesses to operate in the cloud, whether public or private. While Deep Security provides the secure container into which customers can put their applications and data, SecureCloud uses encryption and patented key management so enterprises can protect and control their data in the private or public cloud.

Pricing & Availability for North America

Deep Security 7.5 is in beta and expected to be available in Fall 2010. Pricing starts at $1000/cpu socket.

Special Offer: Hacker Halted - October 9-15 in Miami

Marc Jacob — 2010-09-02T12:43:00Z

Make plans now to attend the fifteenth annual Hacker Halted information security event - October 9-15 in Miami. The format includes a 4-day training Academy, followed by a 2-day conference on October 13-14 and 1-day of free Training (October 15) for all registrants. The two-day Conference features a comprehensive program presented in three tracks.

Readers of this message may also receive a $100 discount off the 2-day conference fees - pay just $1,199 instead of $1,299 which includes the free iPad - by registering with the code HHQZM3 on the electronic registration page at www.hackerhalted.com You MUST register by August 31 when this offer and discount code will expire.

For more information:

Carl Berndtson
berndtson@aol.com
www.hackerhalted.com

7 September, Singapore: The Asia CXO Leadership Summit 2010

Marc Jacob — 2010-09-02T12:17:00Z

Heraclitus, a 500BC Greek philosopher states that 'the only constant is change'. In the evolving business world, CEOs have begun to perceive the Corporate IT function as a strategic partner rather than an operational team, raising business expectations from the Board to the IT organization, resulting in pushing radically change to it.

Through the Asia CXO Leadership Summit 2010 hosted by MIG, our guest speakers will share some valuable insights and best practices to manage the accelerating change in IT environment.

Themed "Ready, Set, Sprint: The Acceleration of Change in IT" and designed exclusively for top-level IT executives and decision makers, this power-packed knowledge sharing summit will feature topnotch Industry Keynotes, Executive Insights Panels, Technology Updates, Case Studies and Networking Opportunities. Summit this year features some of hot issues in the industry, including:

Choosing Service Providers: Regional's Best of Breed or Sole Global?
Is Cloud Computing a Viable Solution?
Strategies and Tactics in Mobile Business
Taking Security to the Next Level
Enlist and Engage in Social Media
Technology and Trends in Business Intelligence
Running IT as a Business: Establish a Customer Centric Enterprise
Data Center Evolution: Directions and Best Practices
and more............

Date: 7 September, 2010 (Tue)
Time: 08:30 – 16:45
Venue: Marriott Singapore Hotel

Agenda: http://www.mig-events.com/cio-es201...

Sophos: Widespread phishing campaign lures McDonald's Fans with cash offer

Sophos — 2010-09-02T11:49:12Z

Sophos is warning computer users to be cautious following the discovery of a widespread spam campaign that is promising cash in return for completing a McDonald's customer satisfaction survey. The emails, claiming to be sent by 'McDonald's Survey Department' and with the subject line 'McDonald's Customer Survey' direct recipients to the survey that poses questions on McDonald's food.

Once the survey has been completed, computer users are asked to provide a raft of personal information, including their credit card number and security code, so that they can receive a $90 payment for taking the time to complete the questions.

"Exploiting online surveys is a popular way for scammers to make money as legitimate customer satisfaction surveys are increasingly common," said Graham Cluley, senior technology consultant at Sophos. "Although it's not unusual to be offered a reward or the chance of a prize for completing an online survey, a legitimate questionnaire will never ask you to part with your card details. I'm afraid anyone hoping to receive the cash from this survey is more likely to have their account emptied by the spammers."

Sophos believes that some users may be more likely to hand over their information to the scammers behind the McDonald's phish.

"It's ironic that some internet users may actually be more likely to hand over their credit card information because they are more used to receiving phishing emails pretending to come from online banks, not burger joints," explained Cluley. "The truth is, however, that phishers can use a multitude of disguises - posing not just as online banks, but social networks, online stores, web email providers and now fast food giants too."

Sophos recommends that companies protect themselves with a consolidated solution which can defend against the threats of spam, hackers, spyware and viruses.

I-Teco to Demonstrate its Solutions at VII International Exhibition "InfoSecurity Russia . Storage Expo. Documation'2010"

Marc Jacob — 2010-09-02T11:33:42Z

Ai-Teco will exhibit at the VII International Exhibition “InfoSecurity Russia. Storage Expo. Documation'2010” (Moscow, Sokolniki ExpoCentre, pav. 4, November 17-19, 2010) and it welcomes everyone interested in its solutions.

“Visiting our exposition, all attendees can see the newest systems of content filtering, protection against information leakage (DLP) and solutions in the security of personal data (according to the laws of Russian Federation), which will be demonstrated on the example of implemented projects”, - Oleg Kuzmin I-Teco, Director, Department of Information Security

I-Teco is a leading Russian company providing systems of information security, integration services, consulting, service support and outsourcing. The company implements complex integrated IT-infrastructure solutions and the informatization of major state structures, industrial and telecommunications companies, financial and insurance companies, small and medium businesses.

During last year, the company successfully implemented more than 360 large projects, its customers being:
Government institutions
Industrial organizations
Banks, investment, financial and insurance companies
Telecommunication companies and mobile network operators
Retailers and others

To know more information about the company and services it provides, please visit I-Teco booth А53 at theVII International Exhibition “InfoSecurity Russia. Storage Expo. Documation'2010.” http://www.infosecurityrussia.ru/20...

Groteck Business Media invites vendors to introduce their solutions to Russia's key security installers and system integrators on November 17-19, 2010 at the VII International Exhibition InfoSecurity Russia. Storage Expo. Documation'2010 in Moscow. www.infosecurityrussia.ru

Other exhibitors: Stonesoft, Check Point, Business Contiuity Asia Pacific, Qualys, Websence Aflex Distribution, and more

http://www.infosecurityrussia.ru/20...

Companies interested in exhibiting should contact Alla Aldushina, International Marketing Officer, Groteck at aldushina@groteck.ru, int@groteck.ru or +7 (495) 609-3231.

Groteck International Team www.infosecurityrussia.ru 17 - 19 November 2010 Sokolniki Expo, Moscow, Russia

Nexus and PortWise merge to create a market leader within Identity and Access Management

Marc Jacob — 2010-09-02T11:10:15Z

Nexus and PortWise have merged to create a market leader within Identity and Access Management, one of the fastest growing areas in IT. With the merger both companies can now offer the best information protection solution available on the market.

Digital information exchange must be secured from point to point; in servers, computers, cell phones and in the Cloud.

Today, IT and Internet, are central for handling sensitive information and knowledge. Access to the right information, for the right person, at the right time and from any location are decisive for companies and organisations ability to succeed in today's information society.

Nexus and PortWise specializes in customers with high demands on security and integrity. Existing customers includes Fortune 500 companies, banks, healthcare providers, police and military organisations.

Vigil@nce - HP-UX: privilege elevation using Software Distributor

Vigil@nce — 2010-09-02T11:03:36Z

This bulletin was written by Vigil@nce : http://vigilance.fr/

SYNTHESIS OF THE VULNERABILITY

A local attacker can elevate his privileges using Software Distributor.

Severity: 2/4

Creation date: 26/08/2010

DESCRIPTION OF THE VULNERABILITY

The Software Distributor product is used to manage softwares. Hewlett-Packard announced a local attacker can elevate his privileges using Software Distributor.

ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN

http://vigilance.fr/vulnerability/H...

Thursday, September 23, 2010 - Paris - 2nd International Symposium « The Digital Innovation: A Catalyst to Business Transformation »

Marc Jacob — 2010-09-02T10:49:38Z

As a part of its International Research Programme ISD (Information Systems Dynamics) designed to “better understand how the digital world will transform the way we live and do business”, the Foundation CIGREF is organising, on Thursday, September 23rd, in Paris – La Défense (9.00 – 18.00) its 2nd International Symposium on the theme: « The Digital Innovation: A Catalyst to Business transformation »

Guest Country 2010: CHINA

After Japan in 2009*, CIGREF will welcome Chinese academics, IT professionals and executives of Chinese companies who will discuss their vision of digital innovation, e-business and key issues related to the use of IS in China...

Two Key Speakers

Carl Dahlman, Professor at Georgetown University, USA, and Thierry Gaudin, President of Prospective 2100, France will share their insights on the emergence of China as a major technological power and innovation issues in the 21st century.

The symposium will also give the opportunity for North American scholars to present some "innovative business models" and share the first results of ISD projects.

An original roundtable

This symposium will end with a roundtable discussion which will give the opportunity to young graduates from different backgrounds and different countries to express their vision of digital innovation in companies as well as of the skills necessary for managers of tomorrow.

The programme of this 2nd symposium is available in French and in English on the website of the Foundation CIGREF.
Registration only by invitation: contact Anne-Sophie BOISARD asboisard@cigref.fr (limited seats available)

* The videos and presentations of the first Symposium 2009, organised by the Foundation CIGREF, are available on the website of the Foundation CIGREF

About FOUNDATION CIGREF (http://www.fondation-cigref.org/)
The Foundation CIGREF (under the umbrella of the Foundation Sophia Antipolis) was established in June 2008 to conduct an international research programme, called ISD (Information Systems Dynamics), designed to "better understand how the digital world will transform the way we live and do business. The Foundation is chaired by Bruno MENARD (CIGREF President and Vice-President IS sanofi-aventis). Jean-Francois Pepin is the Secretary General. The Scientific Programme is coordinated by Professor Bounfour (University Paris-Sud 11).

Novell and VMware Deliver SUSE Linux Enterprise Server for VMware®

Marc Jacob — 2010-09-02T10:43:28Z

Novell and VMware announced the general availability of SUSE Linux Enterprise Server for VMware®, the first step in the companies' expanded partnership announced in June of 2010. The agreement is designed to reduce IT complexity and accelerate the customer evolution to a fully virtualized datacenter. With SUSE Linux Enterprise Server for VMware®, customers who purchase a VMware vSphere™ license and subscription also receive a subscription for patches and updates to SUSE Linux Enterprise Server for VMware® at no additional cost. Additionally, VMware will offer technical support services for SUSE Linux Enterprise Server for VMware® for a seamless support experience available directly and through its network of solution provider partners . This unique solution benefits customers by reducing the cost and complexity of deploying and maintaining an enterprise operating system running on VMware vSphere.

SUSE Linux Enterprise Server for VMware® has the reliability, interoperability, and high performance customers have come to expect from SUSE Linux Enterprise Server, as well as the broadest application support among enterprise Linux operating systems, with nearly 6,000 application certifications. With SUSE Linux Enterprise Server for VMware, both companies intend to provide customers the ability to port their SUSE Linux-based workloads across clouds. Such portability will deliver choice and flexibility for VMware vSphere customers and is a significant step forward in delivering the benefits of seamless cloud computing.

With SUSE Linux Enterprise Server for VMware®, early adopter companies such as Online Computer Library Center (OCLC) are already starting to take advantage of the VMware and Novell offering. (deleted: The seamless support experience.....with VMware solutions.)

Vigil@nce: AIX, buffer overflow of ftpd

Vigil@nce — 2010-09-02T10:09:04Z

This bulletin was written by Vigil@nce : http://vigilance.fr/

SYNTHESIS OF THE VULNERABILITY

An attacker can use NLST in order to execute code.

Severity: 2/4
Creation date: 26/08/2010

DESCRIPTION OF THE VULNERABILITY

The NLST FTP command allow a user to list the content of a directory.

When a directory with lot of files is listed, a buffer overflow happen. Technical details are unknown.

An attacker can therefore use NLST in order to execute code.

ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN

http://vigilance.fr/vulnerability/A...

Vigil@nce - Cisco Unified Communications Manager: denials of service

Vigil@nce — 2010-09-01T20:26:49Z

This bulletin was written by Vigil@nce : http://vigilance.fr/

SYNTHESIS OF THE VULNERABILITY

An attacker can use SIP messages, in order to generate denials of service on Cisco Unified Communications Manager.

Severity: 2/4

Creation date: 25/08/2010

DESCRIPTION OF THE VULNERABILITY

Two denials of service were announced in Cisco Unified Communications Manager.

An attacker can send a malformed SIP message, in order to stop a process, which leads to a denial of service. [severity:2/4; CSCtd17310, CVE-2010-2837]

An attacker can send a malformed SIP REGISTER message, in order to stop a process, which leads to a denial of service. [severity:2/4; CSCtf66305, CVE-2010-2838]

ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN

http://vigilance.fr/vulnerability/C...

Vigil@nce: Linux kernel, memory disclosure via ioctl_standard_iw_point

Vigil@nce — 2010-09-01T16:47:13Z

This bulletin was written by Vigil@nce : http://vigilance.fr/

SYNTHESIS OF THE VULNERABILITY

An attacker can use ioctl SIOCxxx in order to read kernel data.

Severity: 1/4
Creation date: 31/08/2010

DESCRIPTION OF THE VULNERABILITY

The ioctl_standard_iw_point() function of the file net/wireless/wext-core.c handles IOCTL commands for the Wireless extensions driver. Each command can take in parameter an input / output buffer.

When handling an IOCTL command that returns data, the ioctl_standard_iw_point() function allocates a kernel space buffer to receive those data. The size of this buffer is passed in parameter of the function. The buffer is then integrally copied to the buffer passed in parameter. However, the ioctl_standard_iw_point() function does not properly check the size of the returned data. Therefore more data than necessary could be copied to the caller.

An attacker can therefore use SIOCxxx ioctl in order to read kernel data.

ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN

http://vigilance.fr/vulnerability/L...

Symantec Solutions Give Customers the Confidence to Virtualize Their Business-Critical Applications

Marc Jacob — 2010-09-01T15:18:13Z

Symantec Corp. announced key technology developments designed to help customers more effectively deploy, protect and manage their essential applications and databases running in virtual environments. Security, availability and data protection challenges have restrained many organizations from realizing the full benefits of virtualization for the applications that are critical to their businesses, including CRM, ERP and email. Symantec's integrated solutions for security, high availability, endpoint management, storage management and backup and recovery enable customers of all sizes to benefit from virtualization, trusting that their business-critical applications are secure, available and recoverable in spite of the high demand placed upon them.

Virtualization of business-critical applications has become mainstream, and many organizations are moving applications such as MS SQL, MS Exchange, Oracle databases, and SAP to virtual platforms. Virtualization provides simple and robust infrastructure availability, but until now has lacked solutions to protect applications inside virtual machines. Based on industry-leading Veritas Cluster Server technology, Symantec ApplicationHA integrates with VMware vCenter™ Server and VMware High Availability to ensure high availability for applications running in virtual machines. Symantec ApplicationHA complements VMware HA with application health monitoring and control. The recently announced ApplicationHA is the result of extensive collaboration between Symantec and VMware to help organizations accelerate the virtualization of business-critical applications while providing simple application-aware availability.

Storage Management

At VMworld 2010 Symantec is also unveiling Symantec VirtualStore, a new solution designed to minimize storage costs in VMware environments. As organizations scale their virtual environments, they face increasing storage requirements and performance bottlenecks associated with retaining hundreds or even thousands of virtual machine images. Based on Veritas Storage Foundation technology, VirtualStore is a software-based NAS solution that scales servers and storage independently, efficiently provisions virtual machines, and delivers advanced storage optimization capabilities for VMware environments. VirtualStore was developed in collaboration with VMware and integrates with VMware's management tools such as VMware vCenter Server and VMware vMotion™.

Backup and Recovery

Applications handle an organization's most important information, and regular, reliable and efficient backups are essential. But the backup process itself can't interfere with the performance of the production application. Symantec NetBackup 7 provides streamlined protection across both physical and virtual environments, helping organizations reduce complexity, maximize operational efficiency, centralize administration and simplify recovery. NetBackup 7 natively integrates with the VMware vStorage APIs for Data Protection, supports VMware vSphere™ 4.1, and delivers flexible, built-in virtual machine-optimized deduplication.

Symantec Backup Exec 2010 helps small and midsized organizations backup and restore an entire virtual machine or a granular data object from a single pass backup, reducing backup and recovery times and shrinking storage hardware requirements. Backup Exec 2010 includes new support for VMware vSphere 4.1 with block-level backups including incremental/differential support to reduce backup windows and storage costs. Data deduplication can also be applied to VMware client backups to further reduce and consolidate storage resources.

Security

Symantec is working closely with VMware to ensure Symantec security solutions work seamlessly in VMware deployments. Symantec security solutions are optimized for virtual environments and help harden servers, secure endpoints and enforce security policies. Symantec Critical System Protection provides real-time hardening and intrusion monitoring while maintaining high performance and availability. It protects the VMware vSphere host and guest instances with layered controls. The resource utilization leveling technology in Symantec Endpoint Protection is crafted to ensure simultaneous scans and updates don't impact performance of virtual hosts. The Symantec Protection Center centralizes security Symantec Solutions Enable Customers to Virtualize Business-Critical Applications with Confidence management, to manage, update and monitor security policies and configurations across both physical and virtual environments. Symantec Brightmail Gateway 9.0 is optimized for VMware vSphere and is certified as a VMware Ready™ Virtual Appliance, enabling customers to scale their messaging security infrastructure while taking advantage of the resource utilization benefits of virtualization.

Endpoint Virtualization and Management

Desktops and laptops, rich clients and thin clients, physical desktops and virtual desktops, shared systems and dedicated systems each have their place in today's enterprise. With all of this disparity, manageability has become the next big challenge for IT. Symantec Endpoint Virtualization Suite turns this challenge into an opportunity with dynamic desktops and application provisioning, application conflict elimination, and proactive license compliance and optimization.

In addition, Symantec's endpoint management solutions seamlessly manage VMware environments and maintain the stability of tier-one applications. Altiris Server Management Suite 7.0 from Symantec provides the essential capabilities to discover, provision, manage and monitor server infrastructures across a range of physical and virtual platforms, allowing IT administrators to increase the availability of applications and automate manual efforts to ensure a consistent, reliable and supportable IT environment.

Imprivata delivers access to applications for VmWare View 4.5 Users

Marc Jacob — 2010-09-01T13:46:26Z

Imprivata®, Inc.announced that OneSign 4.5 is fully integrated with the recently released VMware View™ 4.5. The integration provides single sign-on (SSO) and extends strong authentication capabilities to enable secure and convenient end-point application access and user roaming desktops in a VMware View 4.5 environment.

Through this integration, Imprivata and VMware solve the access management challenges that organizations face as workforces become more mobile and users access an increasing number of applications using multiple devices. This comprehensive solution enables desktops to follow users throughout the organization, making electronic data available wherever they are with the touch of a finger or the tap of a proximity card. Imprivata OneSign can be configured to be fully location aware, meaning application, default printer and application settings are configured dynamically based on the particular workstation being accessed by the user.

According to a July 2010 research report from independent IT analyst firm The 451 Group entitled “Virtualized Desktops Grow Up,” author Steve Coplan, Senior Security Analyst, contends that desktop virtualization is not a panacea for endpoint security and that as adoption matures, new security requirements will emerge. Administrators will need oversight and visibility into activity on virtualized endpoints. Users of ‘desktops in the cloud' will need to be authenticated.

Imprivata OneSign®, Imprivata's flagship solution provides healthcare organizations with rapid single sign-on and strong authentication for all leading HIS vendors, including Cerner, CPSI, Eclipsys, Epic, GE Healthcare, Healthland, McKesson, MEDITECH, Siemens Healthcare, as well as all other types of applications. Key Imprivata OneSign features include OneSign FastPass, OneSign ProveID, OneSign Secure Walk Away, shared workstations and fast user switching, built-in support for a broad range of authentication and multiple card types, self-service password reset and seamless integration with context management solutions.

Shoden Data Systems UK expands across EMEA

Marc Jacob — 2010-09-01T13:22:47Z

Shoden Data Systems UK, a provider of server and data storage solutions, today announced the expansion of its European presence to France, Germany, Israel and Spain through channel agreements with Systemic, Comparex, Ankor Systems and IPM respectively. Shoden, whose parent company is Africa's largest independent IT solutions integrator, is already selling directly in the UK and Eire. Through these new channel agreements, Shoden will now be taking Data Domain, Fujitsu and Luminex solutions to the main European markets.

Shoden is actively looking for partners in the rest of Europe in order to target end users in each region with resellers offering local market knowledge. The company's partners will focus on businesses and organisations looking to maximise their mainframe-based infrastructures through the use of deduplication technology, one of Shoden's core offerings.

Shoden Data Systems UK is committed to developing unrivalled pioneering storage and server solution to organisations, including mainframe users, looking to benefit from the latest developments in technologies such as data deduplication. The company also differentiates itself by offering the highest levels of customer support and service.

CNL Launches Technology Alliance Program

Marc Jacob — 2010-09-01T11:40:24Z

CNL, a Physical Security Information Management (PSIM) software, is pleased to announce the launch of its Technology Alliance Program (TAP). CNL has taken a lead in the PSIM market by initiating this program. It will allow greater interoperability between disparate security technologies, giving End Users the ability to create optimised solutions for risk reduction within their organizations.

With increased End User demand for PSIM solutions, security system manufacturers are realizing the benefit of inclusion within these large enterprise PSIM deployments. The TAP program builds on the work CNL has achieved with manufacturers who share a common view on open and interoperable security systems. It recognizes the strategic value of partner's products and enables greater integration between technologies. This is achieved by creating a formalized relationship between CNL and these manufacturers, providing a host of benefits for these organisations including;

• Opportunity for joint demand generation through CNL's Channel Alliance Program

• Inclusion in large PSIM deployments

• Ability to influence the IPSecurityCenter™ Framework to provide competitive advantage

• Creation of Partner Solution Guides

• Joint marketing participation at strategic events

• A certified support statement

• CNL's Driver Development Kit (DDK), enabling partners to generate their own IPSecurityCenter drivers – a truly open approach

• Inclusion on the CNL website

• Invitation to the annual CNL TAP event

ISACA Certifies 1,000th CRISC

Marc Jacob — 2010-09-01T11:38:36Z

Four months into its rigorous grandfathering program for the Certified in Risk and Information Systems Control (CRISC) designation, ISACA has issued the 1,000th certificate.

The grandfathering program enables highly experienced professionals to earn the CRISC credential without taking an exam. ISACA, a nonprofit association of more than 95,000 IT professionals worldwide, requires applicants to prove at least eight years of IT and business experience, with six of those in any of the CRISC (pronounced “see risk”) domain areas and three in the risk-related domains:

· Risk identification, assessment and evaluation

· Risk response

· Risk monitoring

· IS control design and implementation

· IS control monitoring and maintenance

Since 1 April 2010, candidates from more than 83 countries have applied for CRISC certification. The early-bird deadline for the grandfathering program is 31 October 2010, but the program will remain open through March 2011. The first CRISC exam will be administered in June 2011.

ISACA also administers the following three certifications, which are globally recognized by many industries, government entities and professionals:

· Certified Information Systems Auditor (CISA), earned by 75,000 professionals since 1978

· Certified Information Security Manager (CISM), earned by 13,000 professionals since 2002

· Certified in the Governance of Enterprise IT (CGEIT), earned by more than 4,000 professionals since 2007

Vigil@nce: Windows, code execution via "DLL preload"

Vigil@nce — 2010-09-01T09:48:32Z

This bulletin was written by Vigil@nce : http://vigilance.fr/

SYNTHESIS OF THE VULNERABILITY

An attacker can use a malicious DLL in order to execute code in the context of the targeted application.

Severity: 2/4
Creation date: 25/08/2010

DESCRIPTION OF THE VULNERABILITY

An application can be separated in many libraries (Dynamic Link library - DLL).

When an application uses a function in a DLL, it is first loaded and the function is called. If the path of the DLL is not complete (or not specified), Windows looks up the DLL at many places (current path, system directory, ...) and load the first match, stopping the look up. However, no other controls takes place. A malicious DLL having the same name and the same interface as the original can therefore be placed in one of those path.

An attacker can therefore use a malicious DLL in order to execute code in the context of the targeted application.

ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN

http://vigilance.fr/vulnerability/W...

Zscaler Releases Q2 2010 “State of the Web” Report

Zscaler — 2010-08-31T21:09:40Z

Zscaler released its Q2 2010 State of the Web report. The report details the enterprise threat landscape and the variety of web based issues plaguing internet users.

It details how attackers are staying one step ahead of the game and enterprises are struggling to keep up. Here are some of the top findings detailed in the latest Zscaler State of the Web report:

Attackers were quick to leverage the biggest news stories of the quarter, including the World Cup and release of the iPad, in a variety of attacks

China has surged to a #2 ranking, up from #5 in Q1, when looking at countries hosting the most malicious sites

While corporate use of Internet Explorer 6 continues to decline, 1 in 5 employees continue to use the now nine-year-old web browser, despite the continued emergence of 0day threats and a lack of modern security features

Use of Facebook's ‘Like' buttons is also gaining popularity among attackers who are using the feature within the app and on other sites to promote malicious web sites

Twitter follower scams – sites set up to trick users into providing their Twitter credentials in exchange for more followers—continue to thrive

Wikileaks, the now infamous site known for publishing confidential documents related to the Afghan war, was a popular destination for employees, with traffic to the site spiking as various news stories of the leaks broke

Research into the top IP addresses hosting malicious content reveals just how frequently attackers relocate malicious content to avoid detection

Mass web based attacks are becoming increasingly common with misconfigured web applications permitting SQL injection and unpatched WordPress sites also being popular targets

"Attackers continue to target end users in the hopes of obtaining valuable data or to compromise machines to build botnet armies," according to Michael Sutton, VP of Security Research at Zscaler.

"While the goals have not changed, the techniques continue to evolve." He continued: “It is clear that security vendors must be able to quickly adapt and inspect web based content on-the-fly in order to identify and secure against emerging threats in this continually evolving environment.”

As a Security as a Services (SaaS) vendor with a global network of enforcement nodes, Zscaler encounters a multitude of attacks each and every day. The company's NanoLog technology, which is game changing in its ability to minimize logs exponentially without losing data, enables real-time reporting at the transaction level, giving Zscaler's research team an edge in drilling down on or identifying new threats. The new report summarizes the threat activity over the course of the quarter and identifies emerging attack trends.

To obtain a copy of the Zscaler State of the Web report, please visit: http://www.zscaler.com/zscaler-stat... 2010.html.

Check Point announced the new Security Gateway Virtual Edition

Emmanuelle Lamandé — 2010-08-31T18:22:16Z

Check Point announced the new Security Gateway Virtual Edition (VE).

The new Security Gateway VE is designed to ensure organizations can secure inter-VM traffic and external networks with granular firewall policies and integrated intrusion prevention capabilities to protect against malicious and unwanted network activity. In addition, organizations can automatically apply security policies to all existing or future virtual machines, without changing the existing network topology or downtime during live migration.

HID Global Launches FARGO® Direct-to-Card Printer/Encod

Emmanuelle Lamandé — 2010-08-31T18:14:53Z

HID Global introduced a new line of industry-leading direct-to-card (DTC®) FARGO® printer/encoders for organizations of all sizes that require personalized identity badges.

The line consists of the cost-effective DTC1000 entry-level printer for small organizations; the professional-level DTC4000 printer for small- to medium-size organizations with greater security and scalability requirements; and the advanced, DTC4500 professional printer for large corporations and government organizations with high-volume needs.

Depending on the printer model, options include technology card encoding (iCLASS®, Mifare, DESFire), dual-sided printing, dual-input card hoppers, lamination capability and more.

Additional features of the new FARGO DTC printer/encoders include:

The capability to print and inline encode technology cards in one pass through one physical connection (USB or Ethernet) ideal for organizations needing a streamlined card issuance solution
Enhanced security features, including printer password protection, fluorescent printing for cost effective and dynamic security and multiple custom holographic overlaminate options for added card durability and security
Flexible footprint to fit a variety work-area configurations
A reliable and intuitive design that requires minimal maintenance and training, featuring cartridge ribbon loading, color status indicators and SmartScreen ™ graphical displays similar to photocopy machines
Interoperability with Genuine HID technology guaranteeing compatibility with all HID solutions
2 year global warranty.

Availability

All FARGO DTC printer/encoders are available immediately through HID Global's worldwide network of distribution partners and system integrators.

LogLogic To Support VMware vCloud™ Director

Emmanuelle Lamandé — 2010-08-31T18:06:44Z

LogLogic announced that it plans to provide full support for VMware vCloud™ Director, as part of its LogLogic 5 product offering.

LogLogic 5 will provide 360 Insight by centralizing and structuring virtual machine operational information, like log data. The LogLogic 5 solution will have insight into how the VMware vCloud Director systems are configured, how they react under load, and how they are being used by the customers. The solution will alert data center personnel in real-time to operational issues. The alerts will be backed up with forensic discovery tools and all the evidentiary reporting needed.

Vigil@nce - Quagga Routing Suite: two vulnerabilities

Vigil@nce — 2010-08-31T17:48:01Z

This bulletin was written by Vigil@nce : http://vigilance.fr/

SYNTHESIS OF THE VULNERABILITY

Two vulnerabilities in Quagga Routing Suite can be used by an attacker to create a denial of service or possibly to execute code.

Severity: 2/4

Creation date: 24/08/2010

DESCRIPTION OF THE VULNERABILITY

Two vulnerabilities were announced in BGP.

An attacker can send a malicious BGP "Outbound Route Filtering" message in order to generate a stack overflow in BGP daemon. [severity:2/4; 626783, CVE-2010-2948]

An attacker can send a malicious BGP "update AS path" in order to generate a denial of service of BPG daemon. [severity:2/4; 626795, CVE-2010-2949]

ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN

http://vigilance.fr/vulnerability/Q...

Stonesoft announces StoneGate 5.2, a modular appliances

Marc Jacob — 2010-08-31T17:34:30Z

Stonesoft announced a selection of new modular appliances to the StoneGate product suite that enable clients to add or modify network interfaces to meet network connectivity needs. Rather than replace security appliances as network traffic grows, organisations can simply add connectivity through the new modular hardware components for StoneGate Firewall/VPN 5.2 and StoneGate IPS 5.2.

This is the latest development in Stonesoft's mission to increase the agility of today's networks. Many of today's corporate and public sector organisations are struggling to meet the increased network security demands of today's fast-changing, post-recession climate. As a result, there is an acute need for flexible, cost-effective network technologies that support the changing pace of business.

Stonesoft's new modular appliances include the StoneGate FW-1301, FW-3201 and FW-3205 firewall/VPN appliances and the IPS-3201, IPS-3205, SSL-3201 intrusion prevention system appliances. These devices allow organisations to easily add or modify network interfaces that connect the firewall or IPS to surrounding network infrastructure. Within minutes, a mid-sized enterprise can protect and inspect more network segments by simply adding network interface modules to their device(s).

In addition to flexibility, StoneGate 5.2 will deliver substantial cost savings to customers by extending the appliance life cycle. Instead of buying a new device and/or management centre as network traffic and security demands increase, organisations can simply add the appropriate hardware components. Additionally, they can reuse certain modules in other StoneGate appliances, thus further extending the return on investment and flexibility of the StoneGate network security solution.

Availability

The new modular StoneGate appliances FW-1301, FW-3201, FW-3205, IPS-3201, IPS-3205 and SSL-3201 are available for shipping during September.

Vigil@nce: Cisco IOS XR, BGP vulnerability

Vigil@nce — 2010-08-31T14:49:08Z

This bulletin was written by Vigil@nce : http://vigilance.fr/

SYNTHESIS OF THE VULNERABILITY

An attacker can send a BGP prefix with transitive attribute to generate a denial of service. Severity: 1/4 Creation date: 30/08/2010

DESCRIPTION OF THE VULNERABILITY

The Border Gateway Protocol (BGP) protocol is an route exchange protocol (called prefix). The BGP prefixes possess attributes.

When a prefix with a valid but not recognized attribute (transitive attribute) is received, the router needs to propagate this attribute has is. However, in this case, Cisco IOS XR corrupts the attribute before propagation. Peers connected to the router therefore close the BGP session.

An attacker can therefore send a BGP prefix with transitive attribute to generate a denial of service.

ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN

http://vigilance.fr/vulnerability/C...

Jon Mills, managing Sepaton: Tape, The Tyrannosaurus Rex of backup?

Jon Mills, managing director of Sepaton — 2010-08-31T13:20:11Z

Many businesses know that tape is the dinosaur of business continuity solutions, but find the idea of replacing their legacy backup systems with disk arrays too intimidating. In this article, Jon Mills, managing director of SEPATON, dons his paleontologist's hat, digs out his magnifying glass, and compares tape to Tyrannosaurus Rex to encourage anyone that doesn't see the need to evolve their backup to reconsider their plans.

At first you may not think there are any similarities between Tyrannosaurus Rex and storage tapes: one is a carnivore that died out at the end of the Cretaceous period, the other is a magnetic medium for high capacity data storage. Yet the features of each mean that they face an evolutionary dead-end and replacement by nimbler, more adaptable, alternatives. Let's look at some of the things they have in common:

#1 Limited evolution

Tyrannosaurus roamed the earth for up to two million years at the end of the Cretaceous Period, 65 million years ago. Magnetic tape has been used in the same way for data storage for more than five decades. While age itself is no failing, aging without evolving means you are not responding to your environment and cannot react to changes or adapt to survive.

Meanwhile, intelligent disk-based backup technologies, such a virtual tape libraries (VTLs) have evolved dramatically in the past decade to equal and better the data protection of tape at a price point equal to, or often less than, traditional tape-based back-up.

#2 They're unsteady

T. Rex weighed in at between 5.5 to over 7 metric tons. Its build, including its ‘signature' short arms and large head meant it could sustain serious injury on falling.

Backing up data to physical tape requires time and IT staff attention. It's not only time consuming and costly; because it's based on manual processes, backup is risky with tapes and the data itself is vulnerable to mechanical failures, human error, theft and damage throughout the backup lifecycle.

By comparison, disk-based backup solutions are inherently more secure than tapes. The technology stripes data across multiple disks to deliver hack-proof security as well as full failover capabilities within a disaster recovery strategy. VTLs also protect data from unrecoverable losses by eliminating the risk of failed backups or defective media.

#3 They're slow, and unable to compete with faster-moving replacements

It may be one of the longest-running debates in paleontology, but due to its build and physiology it's widely thought that T. Rex was limited to a speed of around 25 miles per hour, possibly less.

Tape is not fast. It's common for tape-based backups to take longer than the overnight backup window and for restoration of data from tape to require several hours or even days, well beyond the recovery time objectives of most businesses. Meanwhile, writing to disk is fast. De-duplication technology reduces the total ‘mass' of the backup and doing it all on-the-fly reduces backup times to as fast as 1 TB per hour per port (16TB per hour in the fastest appliances) for disk compared to 1/3 TB per hour per drive. Advanced disk-based backup solutions, such as VTLs, cuts backup and recovery times, reduce media costs and dramatically improve backup performance.

#4 A long, heavy tail

All the tape cartridge processes: the mechanical arms, the conveyor belts, the labeling, deciding on an off-site storage strategy, loading, unloading, driving them around or waiting for a white van to collect, or even posting them. This is the long, heavy tail of tape - writing the data to tape is only the beginning. VTLs and disk-based backup technologies however have no long heavy tail, providing a far more agile solution that saves organizations time and money.

#5 Slow to change direction

T. Rex had rotational inertia due to its centre of gravity, so could not change direction fast. A tape-based backup system has a strong linear direction that means organizations can't change direction easily. Disk-based virtual tape appliances are highly adaptable systems as drop-in replacements for tape racks, and once you have a disk array many evolutionary tracks present themselves: de-duplication, virtualization, off-site-over-fibre backup, security policies and data silos for cloud architectures, scalability (both up and down), and speed increases for seek and restore.

#6 Can't grab

T. Rex's forearms are one of its most obvious features, with an almost comedic reach. Tape's weak little forearms can't grab all that data rushing towards it at fibre-channel speeds and can't wrestle it down into manageable form. While a VTL with fibre channel and intelligent de-duplication and scalable server architecture can grab as much data as you can throw at it.

Conclusion

65 million years ago a meteor the size of Manhattan hit the earth, changing the climate and ending the dinosaurs' reign. Like missing data in a tape-based backup, the dinosaurs have gone forever. Yet both T. Rex and tape had their place in evolution, stepping stones to advances for coping with a challenging environment. While T. Rex is now confined to museums, television and books, physical tape storage still has a place, as an efficient means to archive long-term data.

The Age of the Mammals inherited the dinosaurs' legacy. In the world of storage, virtual tape libraries and disk to disk technologies have been proven to be the intelligent choice for protecting legacy investment, decreasing backup and restore times, and deploying a nimble infrastructure that can store more data at lower cost and for longer periods of time. These new technologies emulate existing physical tape libraries without disrupting current backup and restore infrastructure or policies. On top of that, return on investment is increased because current assets are better utilized and there is a seamless and cost-effective scalability to address rapid data growth.

So, isn't it time your storage infrastructure evolved?

SEPATON is exhibiting at 360°IT, the IT Infrastructure Event held 22nd – 23rd September 2010, at Earl's Court, London. The event provides an essential road map of technologies for the management and development of a flexible, secure and dynamic IT infrastructure. For further information please visit www.360itevent.com

Sanderson Wetherall consolidates email services in the cloud with Mimecast

Marc Jacob — 2010-08-31T11:41:49Z

Mimecast®, a unified email management company, has been selected by Sanderson Weatherall, a leading independent practice of chartered surveyors and property consultants, to provide cloud-based email security, continuity, policy control and archiving, across its five UK offices with immediate effect.

Sanderson Wetherall, who employ over 250 staff across offices in Leeds, London, Newcastle upon Tyne, Manchester and Teesside, were previously using several different providers to manage the areas of email security, email archiving and business continuity. The three year deal with Mimecast consolidates these services and integrates fully with the company's existing Microsoft Exchange and Outlook environments.

Operating across a broad range of areas in the public and private sectors, Sanderson Weatherall has grown rapidly and the need to scale the company's email infrastructure to match this growth was a factor in selecting Mimecast.

Adrian Rich, Partner, Information Technology at Sanderson Wetherall, commented; “It was after a great deal of industry research that we decided to award the contract to Mimecast, because the service genuinely offers the best overall functionality and integration. As we were consolidating previously independent IT services it was important to us to keep any disruption to our staff to a minimum and Mimecast really held up its end of the bargain. The team provided a seamless and professional integration without impacting on business. Furthermore, our ROI has markedly improved; we've made massive savings compared to our previous solutions and the bottomless archive service means that as our business grows there are no incremental cost implications.”

CloudSigma goes live with world's first full in-browser VNC access

Marc Jacob — 2010-08-31T10:39:01Z

CloudSigma AG is pleased to announce the launch of the world's first in-browser VNC client. By combining a number of technological innovations such as HTML5 with its own priorietary processes, the company has been able to deploy in-browser VNC access making management and control of its cloud servers significantly more convenient. Previously remote access and screen sharing had required customers to install a dedicated VNC client on their own machine which remains the case with other cloud computing vendors.

Boyan Hristov, head of the VNC development team commented 'Our company continues to use technology to make our clients' computing more accessible and intuitive. One of the results of this focus is this unique in-browser VNC feature. Now our customers have instant secure access to their servers from anywhere in the world; all they need is a modern web browser.'

By eliminating the need for any software installation, customers can instantly configure and control their cloud servers even when not accessing from their usual computing locations.

Enterprise Friendly

A growing number of CloudSigma's customers come from the enterprise space. Enterprise customers are looking for solutions that offers secure access from within their corporate environment. Unfortunately traditional VNC access is often not possible due to restrictions on software installation and/or firewall rules within an enterprise environment. The in-browser VNC solution allows enterprises to access their cloud servers securely over the HTTPS port without having to modify their firewall settings or potentially compromise the security of their in-house desktop machines by allowing installation of third party software.

Improving Security

In-browser VNC offers a number of key advantages over using an external VNC client. By routing all VNC traffic over the HTTPS port, all VNC data traffic is fully encrypted end to end. The in-browser solution also keeps server access within the controlled, secure access area of the web console. VNC access is established via a new modal window within the browser and without the user needing to input any additional password. Accessing servers through an external client requires inputting a VNC password which is often written down by the user or stored insecurely by the VNC client itself. Keeping access from within the web console maintains clear control reducing the risk of infrastructure becoming compromised.

Turning Innovation into Improved Service

CloudSigma's motto is 'freedom through technology'. The company puts this into practice by embracing and incorporating the best new technological innovations in ways that directly benefit their customers. The recent maturing of HTML5, websockets and other technologies has for the first time made full in-browser VNC access possible. This latest product release is the result of several months of intensive development and testing.

Panda Security Receives Top Score in Most Recent AV-Comparatives.org Security Suites Performance Test

Marc Jacob — 2010-08-31T09:53:19Z

Panda Security announced that Panda Internet Security 2011 obtained the Number One rank in the most recent Security Suites Performance Test from independent reviewer, AV-Comparatives.org. Panda Security received the highest certification level of Advanced+ and performed better overall than all of the competition including Symantec, ESET, AVG, Kaspersky, F-Secure and Trend Micro. This test released on August 23 reviewed the impact of security suites on system performance, and underscores the effectiveness of Panda's proactive and cloud protection technologies in detecting new malware while minimizing impact on users' PCs performance.

“It's becoming increasingly important that antivirus software provides high detection and remediation rates without degrading system performance,” said Andreas Clementi, chairman, AV-Comparatives.org. “Panda Security's approach in bringing malware detection and analysis into the cloud has proven to be an effective way to tackle this complex issue.”

All of the consumer and business solutions offered by Panda Security benefit from Collective Intelligence, the company's proprietary cloud-based technology for automating the identification and remediation of malware threats instantaneously. Collective Intelligence leverages Panda's global network of millions of users, what it refers to as the Power of Community, to deliver real-time protection against new and unknown threats. This protection model decreases PC resource consumption significantly, and is the primary reason for the product's high scores in PC performance impact. Panda Internet Security 2011 and Panda's other consumer security suites boast a 50 percent improvement in performance on Windows 7 environments when compared to last year's versions.

In addition to the performance impact review by AV-Comparatives.org, Panda Security has achieved top scores in many recent independent tests including:

• Full Product Test by AV-Test.org (August 2010): Panda Internet Security 2010 received excellent scores in all categories, accomplishing top rank along with two other vendors. According to Andreas Marx, CEO of AV-Test.org, “Panda Internet Security was one of only three products to receive the highest scores during this exhaustive test which was performed over a period of 12 weeks.”

• PC Security Labs Total Protection Test (August 2010): Panda Internet Security 2010 achieved both “5 Star” rating and a special award for “Top Detection” out of all tested solutions by the Chinese independent lab.

• Product Review by Computerworld (July 2010): Panda Internet Security 2010 was reviewed by Frank Ohlhorst who concluded that the product offers “maximum protection with minimum fuss.”

• Retrospective/Proactive Test by AV-Comparatives.org (May 2010): Panda Antivirus Pro 2010 obtained the top score for its proactive capabilities, and detected impressive amounts of new malware using only heuristics and generic signatures.

• On-Demand Malware Detection Test by AV-Comparatives.org (February 2010): Panda Antivirus Pro 2010 achieved top scores, scoring 99.2 percent in the detection of the tests sample set.

Tufin Techologies “Hacking Habits” survey Cites misconfigured networks as The Main cause of breaches

Reuven Harrison CTO of Tufin Technologies — 2010-08-31T09:36:14Z

Tufin Technologies announced the results of its annual “Hacking Habits” survey, designed to better understand how trends in the hacking community impact corporate security teams. Responses from security professionals attending the DEF CON18 conference in Las Vegas last month revealed that 73% came across a misconfigured network more than three quarters of the time – which, according to 76% of the sample, was the easiest IT resource to exploit.

Reuven Harrison, Chief Technology Officer and Co-Founder with the security lifecycle management specialist, was surprised to find that 58% of respondents also viewed network misconfiguration as being caused by IT staffers not knowing what to look for when assessing the status of their network configurations. He said the survey is notable because more than half the survey respondents actually work in corporate IT. “The really big question coming out of the survey,” says Harrison, “is how to manage the risk that organizations run dealing with the complexity that is part and parcel of any medium-to-large sized company's security operations. “

This question was answered by Tufin's DEF CON18 research, which revealed that 18% of professionals believe misconfigured networks are the result of insufficient time or money for audits. 14% felt that compliance audits that don't always capture security best practices are a factor and 11% felt that threat vectors that change faster than they can be addressed play a key role.

Automating configuration and security management is the best way forward to solving this problem, says Harrison. With an increasing number of self-described black (11%) and grey (46%) hat hackers landing corporate security positions, the focus has overwhelmingly been on how easily we can break things - less than 30% of the sample is motivated by the desire to actually fix broken systems.

"And when you factor in the issue that 60% of the DEF CON18 respondents said they had a day job in the corporate world, it's clear that IT managers need to address the security shortcomings of their networks by remediating the network misconfiguration issue. Only by configuring their network resources correctly can companies hope to beat these security issues," he added. With 75% of respondents calling themselves hackers, Harrison says that network managers need to sit up and smell the coffee on the fact that network misconfiguration is now a primary security issue for their IT staff.

It's also worth noting that 43% of DEF CON18 attendees view planting a rogue member of staff inside a company as one of the most successful hacking methodologies. When this issue is added to the sizeable majority of security professionals that come across misconfigured systems on a regular basis, you begin to realize the scale of the security problem that networking professionals face.

"This realization is made worse when you consider that 57% of the security professionals we surveyed classified themselves as a black or grey hat hacker, and 68% of respondents admitted hacking just for fun," he said. With networks so easily penetrated, it's no surprise that 88% believe the biggest threat to organizations lies inside the firewall.

It's not all doom and gloom emanating from the DEF CON18 survey, as Tufin found that 58% of attendees said they did not believe outsourcing security to a third party increased the chances of getting hacked, and almost half the sample believe it would not increase the chances of any sort of security or compliance issue.

"This disproves the commonly-held theory that the benefits of outsourcing security are cancelled out by an even greater set of risks. Security outsourcing has matured to the point where companies can confidently outsource parts or all of their security operations - especially when service providers offer automated tools to help with network management and configuration. With cloud computing approaching in the fast lane, this has to be good news," said Harrison.

Tufin's ‘Hacking Habits' survey was conducted amongst 100 registered DEF CON 18 attendees. The 14-question “Man-on-the-Street” survey was conducted by the registration desk and outside randomly selected talks over the course of the show. All responses were voluntary and completely anonymous. For a pdf containing the survey questions and exact breakdown of responses, please contact the appropriate regional media contact.