Google Analytics

Search This Blog

Tuesday, May 20, 2014

Computer Security Updates Week 3 of May 2014

Refer to Computer Security Updates Week 5 of Apr 2014; the biggest news were IE zero-day vulnerability and the OpenSSL Heartbleed bug.

For this week / last week, here are / were the biggest news.
  • PR - May 19, 2014 - Sophos Strengthens Management Team with New Leader for Network Security and New Sales Leader in Germany
  • USA Today - May 15, 2014 - Adware for Mac OS X Gaining Momentum
  • PR - KL - May 12, 2014 - CA Technologies Joins FIDO Alliance
  • PR - PJ - May 15, 2014 - Kaspersky: Fake AV Invading Mobile App Stores
  • The Star Online - May 14, 2014 - Tabung Haji Detected Two Internal Security Incidents
  • PR - May 7, 2014 - McAfee and partners launch www.passworday for World Password Day
  • PR - KL - May 5, 2014 - CA Technologies Releases New CA Identity Suite
  • FireEye Blog - Apr 17, 2014 - The Economics of Security



PR - May 19, 2014 - Sophos Strengthens Management Team with New Leader for Network Security and New Sales Leader in Germany

Sophos today announced the appointment of Bryan Barney as senior vice president and general manager of the Sophos Network Security Group, and Karl-Heinz Warum as regional vice president of sales for Germany, Northern and Eastern Europe, Middle East and Africa. With these appointments, Sophos continues to build for long term growth as the channel-centric IT security provider of choice for small and mid-market customers and pragmatic enterprises of any size.

Karl-Heinz Warum, SophosBryan Barney, Brocade

Details.

USA Today - May 15, 2014 - Adware for Mac OS X Gaining Momentum

USA Today reported that the maker of adware removal software, Bitdefender, acknowledged that many Mac users have had their machines 'infected' by an adware application known as Genieo which is bundled with freeware applications which targeted both Mac and PC-based computers.

According to the report, once installed, Genieo hijacks overwrites the browser's homepage and default search engine.

This scenario presents an opportunity for other malwares which may capitalize on similar deployment method should the trend persists amongst Mac users - yet to be seen.

http://www.usatoday.com/story/tech/2014/05/15/mac-users-adware-spyware/9149465/



PR - KL - May 12, 2014 - CA Technologies Joins FIDO Alliance

Today, CA Technologies announced it has joined the FIDO (Fast Identity Online) Alliance, an industry consortium delivering standards for simpler, stronger authentication during online transactions.

As a leader in user authentication and a sponsor member of the FIDO Alliance, CA Technologies will contribute its expertise in multi-factor and risk-based authentication, and identity and access management, to the group’s work to create industry-accepted, open specifications to enhance the authentication process.

Details.

PR - PJ - May 15, 2014 - Attack of the Clones: Fake AV Invading Mobile App Stores

Kaspersky Lab recently found two such programs imitating the company’s products in two different official app stores for mobile devices.

The first fake app was discovered in Windows Phone Store;the second fake app imitating the Kaspersky Lab brand was for sale on Google Play and was called Kaspersky Anti-Virus 2014.

If imitation is the sincerest form of flattery, Kaspersky Lab is not feeling flattered by fake anti-virus apps proliferating on mobile app stores such as Google Play, pretending to be Kaspersky Lab products that don’t exist.

This is important to smartphone users. To put it in perspective according to the IDC Worldwide Mobile Phone Tracker 2014, as of Q42013, the market share for Android is 78.1% while iOS comes in at 17.6% and Windows Phone sits in third place at 3.0%. Even if 1% of global Android smartphone users fall for fake AV, the effects can be significant.

Details.

The Star Online - May 14, 2014 - Tabung Haji Detected Two Internal Security Incidents

The Star Online reported that two Lembaga Tabung Haji employees were jailed over offences of hacking the fund's database.

The two employees were found to be guilty by session court over their involvement in helping pilgrms to jump queue using two different methods.

http://www.thestar.com.my/News/Nation/2014/05/14/court-Tabung-Haji-pilgrims/


PR - May 7, 2014 - McAfee and partners launch www.passworday for World Password Day

Security breaches large and small are becoming rampant across the world –Heartbleed being the latest large-scale example. Consumers need to be aware of just how serious password protection is and to start taking action, transforming passwords from being ‘Hackable to Uncrackable.’

That is why in observance of the annual World Password Day on May 7th,McAfee, part of Intel Security, and its partners are helping to educate consumers worldwide on the importance of password safety in the wake of multiple global security breaches. .

This year, McAfee along with the likes of Dell, Acer, Lenovo, Toshiba and others encourage consumers to take the Official World Password Day pledge and change or update their passwords on the new http://www.passwordday.org website, a dedicated destination for password education. The site also features:
  • Password Blaster web video game
  • Password Strength Meter
  • McAfee’s Heartbleed Test Tool
  • Animated educational GIFs
  • Tips and tricks for upgrading your passwords
Details.

PR - KL - May 5, 2014 - CA Technologies Releases New CA Identity Suite

Today, CA Technologies has announced the availability of CA Identity Suite, a new, one-stop identity management and governance solution that transforms data into business information and simplifies identity management and access governance across the enterprise.

The CA Identity Suite streamlines access requests, approvals and governance processes for the business stakeholder by translating traditional IT jargon into language and terms a business user understands.

Details.

FireEye Blog - Apr 17, 2014 - The Economics of Security

The conventional ROI approach is to based around the concept of how many security events a security product is capable of detecting.

This is not good enough for latest security landscape because threats are getting more sophisticated, big-data driven and interwined.

FireEye blog proposed a concept of blending together the quantitative metrics such as the costs of a solution (capex & opex), incident levels and overlay those values with qualitative insight.

Qualitative insights are referring to: Noise to incident ratio,Volume versus impact,How actionable is the solution,Business outcome.

http://www.fireeye.com/blog/corporate/2014/04/the-economics-of-security.html

No comments: