Spyware, Viruses, & Security forum

General discussion

NEWS - August 5, 2009

Data protection player PGP warns business about likely crackdown

"Enterprises in the Asia Pacific have been warned they need to sharpen up their data security or soon face the prospect of having governments forcing them to do so.

Organisations of all types are facing a massive increase in data loss, and yet too many major enterprises lack a comprehensive data protection strategy across their complex networks.

For example, the 2009 annual study by the Ponemon Institute, of encryption use in the enterprise, found that 80 per cent of organisations have no security protection for thumb drives, but only 22 per cent have any plans to take action."

More in http://mis-asia.com/news/articles/improve-data-protection-or-face-govt-intervention
Discussion is locked
You are posting a reply to: NEWS - August 5, 2009
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: NEWS - August 5, 2009
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Top 10 most notable Black Hat/Defcon stories

In reply to: NEWS - August 5, 2009

"Security woes from Las Vegas

Las Vegas airport is now crowded with crackers, hackers and those that oppose them heading home, as the annual Black Hat and Defcon conferences are over for another year.

Here's the most notable happenings of the events, some scary, some funny and some downright disturbing.

Honourable mention: Conversation
10. Internal hacks
9. FAA hacking
8. The Feds
7. SMS hacking
6. Software updates
5. Cloud computing
4. AES hacking
3. ATM hacking
2. Microsoft
1. SSL"

More details in http://www.v3.co.uk/v3/news/2247288/top-notable-black-hat-defcon

Collapse -
Security experts spot holes in Twitter malware filter

In reply to: NEWS - August 5, 2009

"Dancho Danchev, independent security consultant and cyberthreats analyst, noted that the site's latest security move was an indication "Twitter is finally moving from reactive to proactive security practices". However, he pointed out in a blog post on ZDNet.com that the malware filter was "clearly still in development" and showed "disappointing results".

Danchev pointed to how a MySpace phishing page used in a tweet triggered the security filter, but was eventually accepted by adding a 'http://' or removing the 'www'."

Read more in http://news.zdnet.co.uk/security/0,1000000189,39706536,00.htm

Collapse -
Netgear adds proper parental controls and anti-phishing...

In reply to: NEWS - August 5, 2009

to its routers

"Netgear has announced that it will bring OpenDNS parental controls and anti-phishing to its routers.

Netgear's deal will see OpenDNS' services integrated into the router, so everything can be managed from the router's interface. The WNR2000 will be the first router to have OpenDNS built in, but Netgear plans to release firmware updates for its other routers soon.

Unlike D-Link's similar deal with Best Path Networks, Netgear plans to make its extra security available to the entire world not just the US."

Continue reading in http://www.expertreviews.co.uk/news/265093/netgear-adds-proper-parental-controls-and-antiphishing-to-its-routers.html
Collapse -
Verity shows off CD destruction box

In reply to: NEWS - August 5, 2009

"IT staff worried about leaving confidential data on old disc media are being offered an alternative to just binning them and hoping for the best. Verity Systems has come up with a destruction system that literally grinds the data off the surface of a CD or DVD.

The CD-DX2 doesn't come cheap at

Collapse -
Sophos: Malware from Rapidshare links; Flash in the Formula!

In reply to: NEWS - August 5, 2009

Sophos blogs about malicious files in some blog linking with Rapishare, a free online file sharing.

Story in http://www.sophos.com/blogs/sophoslabs/post/5784

In another blog entry, Sophos writes:

"Well the malware authors have discovered yet another vehicle for delivering and triggering their dual-actioned Adobe Flash vulnerability (which I talked about at a recent conference), this time in Microsoft Excel (expect to see them in PowerPoint and Word as well!)

The style of attack was recently outlined by Pob here, where a PDF document with two specifically crafted Flash objects work together to exploit the vulnerability. It was only a matter of time before the AVs caught up and started blocking suspicious PDFs and so the game has moved onto finding other compound files capable of embedding and invoking Flash objects. Microsofts OLE2 compound document format is well suited to this scenario and is being actively exploited as the sample submissions indicate."

Read about it in http://www.sophos.com/blogs/sophoslabs/post/5798

Collapse -
Researchers: XML Security Flaws are Pervasive

In reply to: NEWS - August 5, 2009

"Security researchers today unveiled details about a little-known but ubiquitous class of vulnerabilities that may reside in a range of Internet components, from Web applications to mobile and cloud computing platforms to documents, images and instant messaging products.

At issue are problems with the way many hardware and software makers handle data from an open standard called XML. Short for "eXtensible Markup Language," XML has been used for many years as a fast and efficient way to transport, store and structure information across a wide range of often disparate applications.

Researchers at Codenomicon Ltd., a security testing company out of Oulu, Finland, say they found multiple critical flaws in XML "libraries," chunks of code that are typically used and re-used in software applications to process XML data."

Read more in http://voices.washingtonpost.com/securityfix/2009/08/researchers_xml_security_flaw.html

Collapse -
Here Come The Twitter Patent Lawsuits. TechRadium Files...

In reply to: NEWS - August 5, 2009

Collapse -
Apple Releases Large OS X Security Fix

In reply to: NEWS - August 5, 2009

"Apple has released their Security Update 2009-003 and Mac OS X v10.5.8, addressing 18 security vulnerabilities, some of them quite old.

Many of the vulnerabilities are quite critical and, based on the brief descriptions, sound amenable to exploit in the wild. For instance: "Viewing a maliciously crafted image with an embedded ColorSync profile may lead to an unexpected application termination or arbitrary code execution." So opening some image file could take over your Mac. There are many similar flaws addressed in this update. Another interesting bug is that a locked system with a Multi-Touch TrackPad can still be accessed with "four-finger Multi-Touch gestures."

It's true that Mac users typically run as a standard, less-privileged user, but other vulnerabilities fixed in this update could allow a local user to obtain System Privileges. Even the login window has a vulnerability, and arbitrary code can be executed by using a format string in it.

The updates may be applied through Software Update or by downloading the correct version from http://www.apple.com/support/downloads/."


NOTE: Details of the update is in http://support.apple.com/kb/HT3757

Popular Forums

Computer Newbies 10,686 discussions
Computer Help 54,365 discussions
Laptops 21,181 discussions
Networking & Wireless 16,313 discussions
Phones 17,137 discussions
Security 31,287 discussions
TVs & Home Theaters 22,101 discussions
Windows 7 8,164 discussions
Windows 10 2,657 discussions


Best Black Friday Deals

CNET editors are busy culling the list and highlighting what we think are the best deals out there this holiday season.