News Posts matching "Security"

Return to Keyword Browsing

Symantec Report Reveals 81 Percent Increase in Malicious Attacks in 2011

Symantec Corp. today announced the findings of its Internet Security Threat Report, Volume 17, which shows that while the number of vulnerabilities decreased by 20 percent, the number of malicious attacks continued to skyrocket by 81 percent. In addition, the report highlights that advanced targeted attacks are spreading to organizations of all sizes and variety of personnel, data breaches are increasing, and that attackers are focusing on mobile threats.

Malicious Attacks Continue to Grow Rapidly

Symantec blocked more than 5.5 billion malicious attacks in 2011, an increase of 81 percent over the previous year. In addition, the number of unique malware variants increased to 403 million and the number of Web attacks blocked per day increased by 36 percent.

Apricorn Introduces the Aegis Padlock 3.0 Secure Portable Drive

Apricorn (www.apricorn.com), a leading designer and manufacturer of data security products for business, has announced a new and improved version of its popular Aegis Padlock drive, the Aegis Padlock 3.0. The reinvented Aegis Padlock 3.0 combines a super fast integrated USB 3.0 cable - increasing data transfer speeds by over 500% over the USB 2.0 version, enhanced AES-XTS hardware encryption, software free design, plus new security features to create a powerful data storage device perfect for taking your data on the road.

Available in capacities up to 1 TB with either a ruggedized, shock mounted hard drive (prices start at $169) or with a super tough SSD (prices start at $199), the Aegis Padlock 3.0 provides powerful data security that is tough enough for a wide variety of needs.

World's 1st Voicecode Security USB Drive - Voicelok

You wouldn't think there would be much to say about a USB flash drive, but in this case, what you say, and how you say it, is your key to data security. Advanced technical skills are definitely not required, because this is a plug-and-play device, requiring no software installation. All critical software is embedded in the flash drive itself, and it is fully functional the moment it is removed from the box.

After inserting the USB into a computer, red and green LEDs flash to signal to the user that the drive is ready to hear the password through its on-board microphone. Armed with a dedicated on-board microprocessor, the drive's voice-recognition software then sorts out the various nuances and frequencies of an authorized voice, and the only necessary password is a spoken one.

Elecom Intros MF-MSU3 USB 3.0 Flash Drives

Japanese company Elecom launched the MF-MSU3 line of stylish USB 3.0 flash drives. Available in four color options: black (MF-MSU30xGBK), white (MF-MSU30xGWH), pink (MF-MSU30xGPN), and blue (MF-MSU30xGBU), where "x" is capacity in GB; the drives are available in four capacity options: 4 GB, 8 GB, 16 GB, and 32 GB. The drives offer transfer rates of 60 MB/s (read/write), and feature Elecom PASS (Password Authenticated Security System), an AES-based data encryption software. Measuring 59.0 x 17.5 x 7.8 (WxDxH), these drives weigh about 9 g. The feature the conventional capped form-factor. Elecom did not give out pricing information, but they will be released to market in October.

Source: Hermitage Akihabara

Kingston Lowers Costs and Increases Capacity for Ultra-Secure USB Flash Solutions

Kingston Digital, Inc., the Flash memory affiliate of Kingston Technology Company, Inc., the independent world leader in memory products, today announced a reduction in price for its line of enterprise and government secure USB Flash drives, as well as new capacities for its DataTraveler 4000 (DT4000) and DataTraveler Vault - Privacy (DTVP) Managed and Unmanaged secure mobile storage solutions. A leader in memory solutions since 1987, Kingston will exhibit at RSA Conference 2012 (booth 1059) to showcase the industry's only secure USB family ranging from general-purpose business use to flexible, managed enterprise offerings, and to platforms for the most secure and rigid government standards.

Corporate and customer data are the lifeline of any company - to be safeguarded at all times and handled cautiously. Data breach trends and recent studies, such as the Ponemon Institute's 2011 report, The State of USB Security, indicate that data breaches continue to occur far more frequently than they should and unsecured USB Flash drives remain a leading culprit. Additionally, failure to protect data can expose a company to a host of negative consequences including non-compliance, fines, financial loss and lack of customer confidence and trust.

UK Govt.'s Idea of "Communications Capabilities Development": Monitoring IP Traffic

The UK government has a bizarre idea of "communications capabilities development": mass-monitoring of IP traffic, and snooping into what British netizens are up to. Despite being defeated during the UK Labour Party rule, there seems to be a revival of the idea of greater monitoring of internet traffic under the Conservative government, under a legislation titled "Communications Capabilities Development Programme".

This legislation proposes that ISPs and other communications providers be required to maintain logs of individual users' communications, all of them, starting from web history, to IM, to in-game text/voice chat, e-mails, Skype calls, even Twitter messages. This monitoring should run for at least an year, so the establishment collects enough data to draw patterns around.

Hackers Held Symantec to Ransom Over pcAnywhere Source Code Leak

Security software maker Symantec confirmed to the press that the group of hackers that obtained source code of its pcAnywhere software were holding it to ransom. The group claims to be linked to Anonymous. The group allegedly demanded US $50,000 from Symantec in return for destroying the source code it stole, on failing to pay it, the group threatened it would leak the source code to the public, which would expose the software to malware writers and competitors.

Symantec has apparently been in negotiations with the hacker group over preventing the leak, it even agreed to pay the group its "ransom", provided it could do so in monthly installments. The group declined, and the negotiations fell through. A transcript of this email conversation was posted on Pastebin (can be accessed here). The hackers claimed to have posted the source code of pcAnywhere (in a 2.3 GB RAR archive), on a popular bit-torrent site. In our opinion, extorting money is very un-Anonymous. Anonymous, being the self-proclaimed hacktivist group that it is, would post the source code "just for the lulz", without even getting into negotiations with Symantec.

Source: Hexus.net

Tomorrow's Internet More Like Yesterday's Internet: McAfee 2012 Threat Predictions

McAfee today unveiled its 2012 Threat Predictions report, outlining the top threats that McAfee foresees for the coming year. The list indicates that emerging threats from 2011 are on track to become the major players for cyberactivity in 2012, including mobile banking, “legal” spam and virtual currency. McAfee Labs also predicts that attacks involving political motivation or notoriety will also make headlines, including high-profile industrial attacks, cyberwarfare demonstrations and hacktivist attacks targeting public figures.

“Many of the threats that will become prominent in 2012 have already been looming under the radar in 2011,” said Vincent Weafer, senior vice president of McAfee Labs. “Over the past year, the general public has become more aware of some of these risks, such as threats to critical infrastructure or the impact of hacktivism as they gain international media attention. In the meantime, we continue to see cybercriminals improving their toolkits and malware and are ready to make a significant impact in 2012.”

Password Security The Windows 8 Way

Windows 8 implements a radical new user interface called Metro for desktop PC's, which has so far received a mixed reception. However, there's many other changes under the hood and one of those is how password security is handled, which we look at here. It's a fact of life, that in today's modern world, we have to remember a plethora of passwords and PIN's, which can be daunting. This leads to security issues as users end up writing down passwords and/or create very insecure ones which can be easily guessed. Windows 8 aims to uphold strong password security, while at the same time, easing the burden on the user. Also, passwords can be obtained in various ways by miscreants, such as phishing, keylogging, guessing, and cracking. Windows addresses each of these problems in three main ways:

Scamming A Good Days' Work: Data Storage Cartel Busted, Slaps On The Wrist All Round

Optical disc drives have been pretty cheap for years now, yet there is enough money in the business, that three executives managed to collude in price fixing of these devices, scamming HP, Dell and Microsoft in the process – and in the end the consumer, who foots the higher prices. The three are from Hitachi-LG Data Storage Inc. (HLDS) and have reached a plea agreement with the U.S. Department of Justice on price fixing charges for optical disc drives during the 2005-2009 timeframe. According to Security Week, the three executives, Sang Hun Kim, Young Keun Park, and Sik Hur, will each pay $25,000 USD in fines and serve little sentences of seven to eight months in prison at a "correctional facility" aka prison, that is yet to be decided.

Microsoft to Roll Out 14 Patches on Tuesday

Tomorrow, Tuesday aka December 13th Microsoft is set to let loose no less than 14 updates which are supposed to resolve 20 vulnerabilities affecting products like Windows, Office, Internet Explorer, Microsoft Publisher, and Windows Media Player.

Three out of the 14 patches are rated 'Critical' and target bugs that could lead to remote code execution, while the other 11 are rated 'Important' and are set to plug in holes that can result in remote code execution and (unwanted) privilege elevation. As always, Microsoft isn't giving out specifics on the vulnerabilities that will be patched so we'll have to wait for tomorrow to get the full scoop. And to update of course.Source: Microsoft Security Response Center

AMD Announces Fusion '12 Developer Summit

AMD (NYSE: AMD) today announced that AMD Fusion ’12 will be held June 11-14, 2012 in Bellevue, Washington. The company’s annual developer summit will return to the Meydenbauer Center and the Hyatt Regency in Bellevue.

This event will build on the success of AMD Fusion ’11, where more than 700 leaders from industry, academia, and government converged on the forefront of heterogeneous computing. The summit offers an engaging opportunity to learn more about next-generation software development and AMD Fusion System Architecture (FSA), Accelerated Processing Unit (APU) technology, central processing unit (CPU) and graphics processing unit (GPU) processor technologies, and programming methods using industry-standard application programming interfaces (APIs) such as OpenCL, OpenGL, Microsoft DirectCompute and C++ AMP.

Got A Virus? It's Your Fault Says Microsoft

Yes, that's right the maker of notoriously vulnerable software is now blaming you, the user, should you get a virus, trojan or other malware infection on your Windows computer. However, it does look like they have some justification for saying this. For those with long attention spans, Microsoft have just released their 168 page Microsoft Security Intelligence Report 6MB PDF, with the stated aim of providing:
An in-depth perspective on software vulnerabilities and exploits, malicious code threats, and potentially unwanted software in the first half of 2011
The first thing to note about the report is that it is limited to its Malicious Software Removal Tool and Microsoft's other anti-malware products. Zero-day attacks that it can't detect are not included in the findings. So, surely it can't all be the user's fault then? It also means that the security angles from third party security vendors such as Kaspersky, Norton and McAfee aren't represented here.

Toshiba Announces Next Gen Security Feature, Better Security for Self-Encrypting HDDs

Toshiba announces the first family of self-encrypting hard disk drives (HDDs) engineered to automatically invalidate protected data when connected to an unknown host. The new Toshiba Self-Encrypting Drive (SED) models enable OEMs to configure different data invalidation options that align with various end-user scenarios. Designed to address the increasing need for IT departments to comply with privacy laws and regulations governing data security, the drives are ideally suited for PC, copier and multi-function printer, and point-of-sale systems used in government, financial, medical, or similar environments with an acute need to protect sensitive information.

Building on the industry-standard Trusted Computing Group “Opal” Specification, the new Toshiba MKxx61GSYG models leverage advanced access security and on-board encryption alongside second generation data wipe technology. Whether to protect against data loss resulting from lost or stolen notebooks or to maintain the security of document image data stored within copier and printer systems, Toshiba SEDs can securely invalidate protected data. Data invalidation attributes can be set for multiple data ranges, enabling targeted data in the drive to be rendered indecipherable by command, on power cycle, or on host authentication error—an industry first. This flexibility provides systems designers with a powerful set of data security options that can be easily incorporated into existing system architecture.

Toshiba Launches Self-Encrypting to Deliver Cost-Effective Security to Businesses

Toshiba Storage Device Division (SDD), the pioneer in small form factor hard disk drives (HDDs), today announced a 7,200 RPM 2.5-inch (6.4cm) Self-Encrypting Drive (SED) that provides government-grade AES-256 hardware encryption incorporated in the disk drive’s controller electronics. The MKxx61GSYD is the newest addition to the Toshiba family of drives designed for commercial notebooks and security-sensitive applications, including shared desktop PCs. The drive’s built-in hardware encryption offers benefits that go beyond software encryption.

Based on the Opal Security Subsystem Class (Opal SSC) specification from the Trusted Computing Group (TCG), the new Toshiba SED enables secure and quick deployment of encryption on notebook and desktop PCs to protect confidential information. Many organisations are taking steps to comply with security policies and new laws governing data privacy. The SED technology from Toshiba helps IT departments to achieve strong, cost-effective security without interrupting business flow or impacting application performance.

Intel Introduces 2010 Core i7 Extreme, and Most Secure Data Center Processors

Combining unprecedented security, performance and energy efficiency, Intel Corporation today launched the Intel Xeon Processor 5600 series. The new processors deliver two new security features -- Intel Advanced Encryption Standard New Instructions (Intel AES-NI), and Intel Trusted Execution Technology (Intel TXT) -- that enable faster encryption and decryption performance for more secure transactions and virtualized environments, providing data centers with a stronger foundation for cloud security.

These are also the first server and workstation chips based on the groundbreaking, new Intel 32nm logic technology, which uses Intel's second-generation high-k metal gate transistors to increase speed and decrease energy consumption. The Intel Xeon Processor 5600 series supports up to six cores per processor and delivers up to 60 percent greater performance than the 45nm Intel Xeon processor 5500 series. In addition, data centers can replace 15 single-core servers with a single new one, and achieve a return on their investment in as little as 5 months.

Seagate First To Ship Enterprise-Class Self-Encrypting Drives

Seagate Technology today announced worldwide availability of the Seagate Secure Self-Encrypting Drive (SED) option across its portfolio of enterprise-class hard drives. Products with the Seagate Secure option include: Savvio 15K.2, Savvio 10K.3, Constellation and Cheetah 15K.7 drives. These enterprise-class products are an extension of Seagate’s first-to-market leadership with Seagate Secure Self-Encrypting Drive (SED) technology, designed to deliver data-at-rest security for servers and storage systems.

“Self-Encrypting Drives are one of the easiest, most cost-effective security measures companies can implement,” said Eric Ouellet, vice president at Gartner. “The use of SEDs provides businesses with complete data-at-rest protection against information breaches that can occur in drives and systems that have been repurposed, decommissioned, disposed of, sent for repair, misplaced or stolen. Because all disk media eventually leaves a company’s control, the use of SEDs ensures that data is protected at these critical stages of a system’s life cycle.”

QNAP Introduces VioStor-8040U-RP NVR and VioStor-8040 NVR

QNAP Security today unveils the high performance 8-bay chassis VioStor-8040U-RP NVR and 8-bay tower VioStor-8040 NVR network surveillance systems featuring Intel Core 2 Duo 2.8 GHz CPU, 2 GB DDRII memory, 8 hot-swappable hard drive bays for up to 16TB storage capacity, 40-channel recording from IP cameras, megapixel recording (up to 8 megapixels) and other advanced features such as RAID 0/1/5/6/5+spare/6+spare, Online RAID Capacity Expansion, and Online RAID Level Migration. The VioStor-8040U-RP NVR and VioStor-8040 NVR support M-JPEG, MPEG-4, and H.264 video compression and are compatible with the IP-based cameras and network video servers from AXIS, ACTi, Arecont, Canon, Cisco, D-Link, EDIMAX, ELMO, EtroVision, GANZ, iPUX, IQeye, LevelOne, Linksys, MOBOTIX, Panasonic BB/ BL/ i-Pro, SANYO, SONY, TOA, TOSHIBA, TRENDnet, VIVOTEK, and Y-CAM, etc.

VIA Offers Customized Security Solution Service to Embedded Customers

VIA Technologies, Inc, a leading innovator of power efficient x86 processor platforms, today announced that it will be showing examples of its customized security solution service at Computex 2009, helping customers to employ a comprehensive and effective security infrastructure in all segments.

VIA Nano, VIA C7 and VIA Eden processor platforms are the only processors that currently offer a built-in Advanced Cryptographic Engine. In order to better help customers access this unique feature, VIA is now offering a comprehensive security solution service that can accurately meet the security needs of individual customers across a range of embedded segments.

Mozilla Firefox Updated to 3.0.8

Mozilla today released an important security update to Firefox. With sub-version 3.0.8, The browser has been patched for two critical security vulnerabilities, which are all that make it to this release.

The first vulnerability, titled "Arbitrary code execution via XUL tree element" could allow attackers to compromise a box by using a browser crash to run arbitrary code. The second one titled "XSL Transformation vulnerability" is where attackers get to use browser crashes caused by XSL stylesheets during XSL transformation, to run arbitrary code. For more information, refer to the Security Advisories page for Firefox. Existing Firefox versions will be updated to version 3.0.8 automatically by default. Firefox 3.0.8 can be downloaded from the Mozilla Website.

QNAP Unveils New Firmware for VioStor NVR Series- NVR w/ Multi-server Monitoring

QNAP Security today announces the new firmware version 2.8 for the entire VioStor NVR series (VioStor-101/ 201/ 5020) to support the world’s first innovative multi-server monitoring. By the firmware update, the VioStor NVR is turned to be a high expansibility network surveillance system which is capable of monitoring up to 120 channels simultaneously.

"We are more than excited to unveil the new firmware for our VioStor NVR series. The multi-server monitoring function is a significant technology breakthrough in the network surveillance industry. By upgrading the firmware on one single VioStor NVR, our users can add other QNAP NVR servers regardless of their physical locations and monitor the channels. There is no need to install any other software and no complicated configuration is required," remarked by Jacky Cheng, Senior Product Manager from QNAP. "More importantly, a maximum of 120 IP-based cameras can be monitored on a standalone server with this embedded feature. The scale of the network surveillance is boundlessly expanded by grouping the multiple NVR servers together for simultaneous monitoring."

Shuttle Launches New D 1416S Surveillance Barebone PC

Shuttle Inc., the market leader in the Mini-PC segment and manufacturer of Multi-Form-Factor solutions, today presents its first product in the "Special Solutions" category. The new Shuttle D 1416S surveillance system offers a unique operating convenience through an easy to understand software interface. Up to 16 separately available CCTV cameras can be connected and video signals can be recorded.

Seagate And McAfee Drive Advances In Self-Encrypting Notebook Computers

Seagate today announced sweeping advances in its global push to help secure notebook computer information from theft or loss. To combat growing threats to mobile information, Seagate, the world leader in storage solutions, is now shipping its groundbreaking, self-encrypting notebook PC hard drives, now with up to 320GB of capacity, to the worldwide distribution channel, with 500GB models coming soon. Additionally, Dell is now shipping a notebook with a 160GB self-encrypting hard drive. McAfee is set to provide software for the enterprise-wide management of notebooks with Seagate Secure hard drives.

Powerful, easy-to-use notebook data security is increasingly important as the global adoption of mobile PCs continues to soar and more notebooks are used to store sensitive personal and business information. Lost or stolen notebooks can cost companies millions of dollars in compromised proprietary information and threaten consumers with the high cost of identity theft, yet many computers remain unprotected. According to the United States FBI, a notebook computer is stolen every 53 seconds and 97% are never recovered*.

CPU Errata Turn Security Vulnerabilities

Security vulnerabilities have plagued the computing world ever since computing became a significant advance of mankind. As of today, the plethora of security software we use that gobble money, system resources and network bandwidth to keep our computers and networks safe, have done a good job and it's relatively 'peaceful' these days. And just when we thought so, enter Kris Kaspersky, eminent security researcher, comes up with the hypothesis that microcode errors, known errors and flaws in the design of CPUs could be exploited by malicious code to attack and compromise systems irrespective of which operating system (OS) and other software are running. Kaspersky claims that different errata of the CPU could be exploited differently.
Return to Keyword Browsing