Security
Windows PC Protection Guide Against Virus Threats
From Jamie Pert: At some point or another almost everyone with a Windows PC will become infected by some form of malware infection, perhaps the most annoying of these of late is the fake Privacy Protection software which looks genuine, but it is in fact part of a scam where hackers gain your money and credit card details so beware!
Before we get started let’s quickly state a few things, firstly if you receive messages reading “Security Warning – Malicious program has been detected. Click here to protect your computer” or “Firewall Warning – Hidden file transfers to remote host has been detected” ignore them, these are fake alerts. Secondly, if you fell for the scam and entered your credit card details you should call your credit card company immediately. Thirdly, don’t panic as we will now show you how to remove this nasty infection, however we can’t take any responsibility if this doesn’t work for you (so do it at your own risk), that said you would be very unlucky if something was to go wrong.
Above we have embedded an image which shows just what this fake software….read more at following link: http://www.product-reviews.net/2011/12/05/privacy-protection-virus-removal-guide/
How To Protect Sensitive Information on Android and iOS
From Good Technology, Inc.:
Let’s face it: IT administrators in America’s top corporations have their hands full protecting company information in a world gone mobile. Smartphones, and the smart employees who use them, can often circumvent security procedures, forwarding confidential memos or attachments to other phones or alternate email accounts without consideration for the vulnerability of that information.
Rather than limit access to information, today’s IT departments are finding new ways to safeguard the behaviors of their mobile workforce regardless of the devices they choose and prevent data loss or leakage across their networks. Here’s how they do it:
1. They start by enforcing strong passwords
Successful IT departments seek mobile device management solutions that allow them to enforce password policies, disable sequential numbers in passwords, or specify password timeouts. Many institute a remote wipe of specific applications and their data or wipe of the entire device after a failed number of incorrect passwords has been entered.
2. They secure both the device and the applications
IT administrators must be allowed to set and manage security policies at the application level, as well as at the device level. For example, implementing complex password policies at the application level provides a less intrusive user experience while ensuring corporate security. Device-level encryption cannot address risky behavior that occurs within applications themselves when users inadvertently share corporate data through 3rd party apps and cloud services. Even when phones are provisioned through an MDM solution, administrators simply have no control of security at the app level. By providing security and control at both app and device levels, IT can further reduce the risk of data loss.
3. They use strong encryption on the device and OTA
Diligent administrators insist on the strongest encryption and enforce the toughest authentication policies over-the-air. Because not all mobile devices support encryption, email and attachments stored on the device can easily be viewed by anyone. Security-conscious IT professionals ensure that all data gets strong AES 192-bit encryption even data that’s in transit between a device and servers behind your firewall. All information is secured throughout a complete end-to-end system.
4. They quickly respond to lost or stolen devices
When a mobile device becomes misplaced, lost, or stolen, the most secure companies act swiftly to eliminate risk of lost data. Through the use of web-based controls, administrators use any nearby browser to access a universal dashboard to instantly view and manage all mobile devices in their workforce from virtually anywhere, anytime and remotely wipe information from within apps or across the entire device.
Read more
Android OS Are The Main Target of Mobile Maleware Attacks
Credit: techcrunch
At the end of 2010, McAfee predicted that malware would reach the 70 million unique samples by the end of 2011 but has increased this prediction to 75 million unique malware samples reached by year’s end, which is the busiest in malware history, says McAfee. More at Techcrunch:http://techcrunch.com/2011/11/20/mcafee-nearly-all-new-mobile-malware-in-q3-targeted-at-android-phones-up-37-percent/
Firewalls Can’t Keep up With DDoS Attacks
By John E Dunn from PC World:
Companies still rely heavily on firewalls to defend themselves against denial-of-service attacks despite the fact that this class of device is often not up to the task, a new survey by F5 Networks has found.
The survey of 1000 medium and large organizations in ten countries found that up to 45 percent of respondents experience such attacks on a regular basis, a mixture of application and network-layer incursions.
About half rated denial of service attacks as highly effective with 79 percent saying they still relied on firewalls to deflect them despite 42 percent finding that such devices were ineffective against conventional attacks at the network layer. More at PC World: http://www.pcworld.com/article/243743/firewalls_cant_keep_up_with_ddos_attacks.html#tk.rss_news
Microsoft Provides AppLocker Update
Microsoft has released a fix for a vulnerability in the security function AppLocker. It can get around by business information with Office macros and affects Windows 7 and Server 2008 R2.
AppLocker allows administrators to prevent the execution of specific applications. Microsoft had introduced the feature with Windows 7 and Server 2008 R2. Users can change the settings but with automatic script containing the commands “Sandbox_Inert” and “Load_Ignore_Code_Authz_Level”, overwrite, Microsoft warns in a Knowledge Base entry. It is even possible to start in a temporary directory stored malware.
Read more: http://m.zdnet.de/news/41557866/microsoft-bringt-temporaeren-fix-fuer-applocker-luecke.htm
McAfee Upgrades Cloud Computing Security to the Next Level
McAfee, an industry leader in cloud computing security, yesterday announced its latest enhancements to the McAfee Cloud Security Platform. As the industry’s only single content-aware platform it secures all primary channels of traffic – email, web and authentication – moving between an organization and the Cloud to help organizations safely and efficiently take advantage of Cloud-based services and solutions. The Platform can be deployed as an on-premise appliance, Software-as-a-Service (SaaS) or a hybrid combination.
“Organizations want to take advantage of the time- and money-saving benefits of the Cloud, but they have concerns around data security,” said Marc Olesen, senior vice president and general manager, Content and Cloud Security at McAfee. “Offering comprehensive security capabilities from both Intel and McAfee, we are developing and investing in technology that makes it possible for businesses to more confidently use and trust the Cloud, and subsequently benefit from the savings it can offer. ”
Read more here:http://goo.gl/UQjVz
Symantec Launches Tablet Security Program
Symantec have announced Norton Tablet Security alongside updates for Norton Mobile Security which further supports their Norton Everywhere initiative.
Norton Everywhere is designed to ensure that consumers are protected across the full range of devices that they own.
As handheld devices are set to become the most popular way to access the web by 2013, the security firm say that it’s more important than ever to ensure protection is extended to cover the full range of devices available.
More: http://www.ubergizmo.com/2011/11/norton-tablet-security-announced/
Facebook Adds Identity Theft Protection
Facebook is testing out two new security applications to help users protect their accounts from being compromised by dangerous third-party apps or hackers.
In an blog post from the last days, the social networking giant unveiled the “trusted friends” feature to help users regain control of their account and application passwords to prevent malicious third-party apps from accessing account data. The features are planned to rolled out within the next weeks.
Facebook has provided a number of security tools recently, including Login Approvals, Login Notifications and One-Time Passwords. It’s also developed back-end systems to block spam from user accounts, malicious links from being posted on the Wall and stop potential cross-site scripting attacks, according to an infographic the team posted on the blog. Even with the measures in place, more than 600,000 accounts are compromised each day, according to the infographic. More info here
Mobile Devices Security Threats in the Enterprise
As your mobile enterprise expands and devices grow more robust, security risks increase. With careful preparation, you can use the latest tools and expertise to protect your assets. Below I’ve added a link to a white paper to learn how to develop an enforceable mobile security policy and practices to secure your corporate data.
>Click here to download now
Why Hackers Loves Small Biz
A growing number of cyber-attacks are targeting small businesses, from construction companies to local grocery stores, presenting an emerging threat that government officials are trying to combat.
While attacks against large organizations like Sony and Citigroup have garnered attention this year, experts are increasingly worried about the digital vulnerabilities of small businesses, who often lack the resources to invest in cyber-security. 40 percent of all targeted cyber-attacks are aimed at companies with less than 500 employees, according to the security software provider Symantec. Read more: http://tinyurl.com/3owo4tr