General discussion

NEWS - February 14, 2005

Security show tackles online threats
Published: February 14, 2005, 4:00 AM PST
By Robert Lemos and Dawn Kawamoto
Staff Writer, CNET News.com

The security industry, which is in the business of paranoia, will be looking over its shoulders more frequently at the annual RSA Security Conference this week.

With phishing attacks plaguing consumers, viruses showing no signs of abating, and regulations such as the Sarbanes-Oxley Act worrying clients, business has been brisk for security companies.

Yet the continuing rise of online threats underscores the lack of progress in solving corporate and consumer security problems, which have many customers demanding easier-to-use and more effective security tools. The result: Large companies--from Cisco Systems and Symantec to Microsoft and Juniper Networks--have reason, not to mention the cash, to go hunting for acquisitions.

more here
http://news.com.com/Security+show+tackles+online+threats/2100-7355-5574790.html?part=dht&tag=ntop&tag=nl.e703

Discussion is locked

Follow
Reply to: NEWS - February 14, 2005
PLEASE NOTE: Do not post advertisements, offensive materials, profanity, or personal attacks. Please remember to be considerate of other members. If you are new to the CNET Forums, please read our CNET Forums FAQ. All submitted content is subject to our Terms of Use.
Reporting: NEWS - February 14, 2005
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Comments
- Collapse -
Sun beefs up Java Comms Suite security

Sun Microsystems today unveiled security enhancements to its Java System Communications (JSC) Suite which it claimed will help customers protect information, ensure end-user privacy and facilitate regulatory compliance.

The JSC Suite, which includes System Messaging Server, System Calendar Server, and System Instant Messaging, is designed to provide a platform for deploying email, calendar, instant messaging and other collaboration services.

More in http://www.vnunet.com/news/1161236

- Collapse -
Microsoft, Paypal, eBay & Visa join WholeSecurity

Microsoft, Paypal, eBay & Visa join WholeSecurity to launched phish report network, the internet's first global anti-phishing aggregation service.

WholeSecurity, the leading provider of behavioral, on-demand endpoint security solutions, today introduced the Phish Report Network (www.phishreport.net), the Internet industry's first worldwide anti-phishing aggregation service. Initial participants in the new business service include Microsoft, eBay, PayPal, and Visa. The Phish Report Network allows any company being victimized by phishing attacks to immediately and securely report fraudulent Web sites to a central database operated by WholeSecurity. Other companies subscribing to the Phish Report Network can then access the database or receive real-time notifications of known phishing sites, enabling them to more effectively protect consumers by blocking these sites in their user-facing security applications.

More in http://www.wholesecurity.com/news/releases/PRN_launch.html

- Collapse -
Ad-Aware did NOT detect WhenU

Suzi of Spyware Warrior wrote:

It looks like associating with WhenU can have some strange effects on people in anti-spyware companies...Today I received a report from Eric L. Howes that during some routine testing, he installed Bear Share, the file sharing app, which bundles WhenU's Save!. Just for fun, he decided to run Lavasoft's Ad-Aware following the install. Eric stated he was dumbfounded by the scan results.

That's right - Ad-Aware did NOT detect WhenU! Eric realized he had an older reffile of 12-29-04 for Ad-Aware, so he scanned again using those definitions. And - yes, Ad-aware did indeed detect WhenU. Conclusion - evidently Lavasoft removed WhenU's Save! from their definitions sometime between 12-29-04 and the current reffile of 02-05-05. Interestingly enough, however, Lavasoft did not "happen" to include that tidbit in their reffile update notifications. One has to wonder now about Lavasoft's commitment and concern for their users. Outrageous? Absolutely! Eric's comments in an email to me, quoted with his permission:

That's poor treatment of Lavasoft's customers - a breach of trust, really. If Lavasoft wants to de-list WhenU, then let them announce it and defend their decision in a straightforward manner. Slipping it in without notifying users is just plain wrong. Is this the kind of behavior we should expect from Lavasoft from here on out? I certainly hope not.

See full blog details on the above at http://netrn.net/spywareblog/archives/2005/02/13/dont-drink-the-whenu-kool-aid/

Also in http://www.spywareinfo.com/articles/spyware/whenu_detection_dropped.php

And in http://castlecops.com/article5739.html

- Collapse -
Hmmm, very interesting
- Collapse -
Interesting Indeed!

I hope someone will report the results from Research and Development Department. Ad-aware will be easily removed if this is true... one wonders what else it may not be catching. Different situation if they didn't know about the malware but to know and then to delete from reference file with an explanation is unacceptable. Sad

Glenn

- Collapse -
More informative posts by Eric Howes
- Collapse -
Thank you Donna... this is a real eye opener.

From your post it seems that hard working Spybot, along with others, is still working to protect us. At least one begins to learn who is friend and who is not. Sad Untrustworthy support is worse than no support!

Thanks again!

Glenn

- Collapse -
Hopefully there is reasonable reason.

A mistake maybe but how can? We can see records in any forums and in their forums that the public was not informed when WhenU was removed from their detections.

Their Threat Assessment Chart also show nothing about WhenU http://www.lavasoftnews.com/ms/searchtac_main.php

We are lucky that Eric Howes has outdated reference file when he first scanned with Ad-aware SE.

- Collapse -
Triple threat: IM viruses get big jump on 2005

Published: February 14, 2005, 11:46 AM PST
By Dinesh C. Sharma
Special to CNET News.com

Ten instant messaging worms and their variants have spread over America Online, ICQ and MSN networks in the first six weeks of 2005, according to Akonix Systems.

That's more than three times the three worms that propagated over public IM networks over the same period last year, the security company said on Monday. Akonix said the growth of malicious attacks targeting IM users will continue through the year, and enterprises should educate their employees about virus attacks and spam that spread via IM.

more here
http://news.com.com/Triple+threat+IM+viruses+get+big+jump+on+2005/2100-7349-5575653.html?part=dht&tag=ntop&tag=nl.e433

- Collapse -
McAfee plans daily virus updates

Published: February 14, 2005, 12:23 PM PST
By Robert Lemos
Staff Writer, CNET News.com

Security specialist McAfee said Monday that it will start updating its virus-matching database every day, and that it will launch a customizable Web site that offers incident and threat information.

Starting Feb. 24, the company will move from weekly updates of its virus definition data files, or DATs, to daily updates, said Vincent Gullotto, vice president of the antivirus emergency response team for the company. DATS make up the dictionary of viruses that McAfee's software recognizes.

more here
http://news.com.com/McAfee+plans+daily+virus+updates/2100-7355_3-5575678.html?tag=fd_nbs_ent&tag=nl.e433

CNET Forums

Forum Info