11 total posts
Microsoft's antipiracy plan heads south
Published on ZDNet News: February 17, 2005, 8:40 AM PT
Microsoft has launched its biggest initiative yet to combat rampant software piracy in Brazil, allowing only registered customers access to "non-critical" updates of its Windows operating system.
The program, launched Wednesday, will give Microsoft's Brazilian users access to certain software updates, such as the latest version of its Windows Media Player, only if they have registered their operating system on a special Web site. Legal users will also have access to special offers, such as discounts for some products offered by Microsoft and its partners.
Other updates related to security and defined as "critical" by the company will still be available to everyone.
Unveiled last fall in the United States, Canada, China and the Czech Republic, "Windows Genuine Advantage" aims to ween consumers away from cheap versions of Microsoft's OS sold on the black market.
Industry groups say more than 60 percent of the software running on computers in Brazil was purchased or copied illegally.
Feds urged to tighten cybersecurity
By Robert Lemos, CNET News.com
Published on ZDNet News: February 17, 2005, 4:49 PM PT
SAN FRANCISCO--As experts warned that major cyberattacks could be brewing, a government report gave U.S. federal systems a "D+" for computer security.
While the overall mark is an improvement on last year's "D" average, seven of the 24 agencies surveyed did not provide enough protection on their networks to get a passing grade on the computer security report card, which was released on Wednesday in Washington by the House Committee on Government Reform and here at the RSA Conference 2005.
"Several agencies continue to receive failing grades, and that's unacceptable," Rep. Tom Davis, the Virginia Republican who chairs the committee, said in a statement. The committee oversees the annual audit, which is required by the Federal Information Security Management Act.
System Monitor and Trojan Horse Infection Rates Rise in the
Corporate SpyAudit Continues to Expose Spyware Vulnerabilities of Enterprise Networks
Two of the most dangerous forms of spyware, system monitors and Trojan horses, are appearing on enterprise networks at an alarming rate, according the most recent Webroot Corporate SpyAudit, demonstrating the continued vulnerability of corporate systems to the escalating spyware threat.
For every 100 scans, an average of 14.5 PCs showed the presence of system monitors, while 9.1 carried Trojan horses, according to the audit of companies. To date, the Webroot Corporate SpyAudit has scanned more than 27,865 systems, representing more than 11,375 companies and discovered an average of 17.8 pieces of spyware per corporate desktop computer.
More in http://www.webroot.com/company/pressreleases/20050215-spyware/
InterMute Announces Broad Anti-Spyware Solution Set
InterMute Announces Broad 'Anti-Spyware Solution Set'; CWShredder Now Defeats Polymorphic and Other Variants of CoolWebSearch
InterMute Inc. announced an updated release of CWShredder that defeats new variants of CoolWebSearch spyware. CWShredder v.2.13 now includes the ability to detect and remove Look2Me, a variant of CoolWebSearch spyware that defies attempts to manually remove it from an infected PC. This tenacious browser hijacker wreaks havoc with IT administrators that attempt manual removal because Look2Me removes the required account privileges. See the press release here
They also announced the InterMute "Anti-Spyware Solution Set". The InterMute Anti-Spyware Solution Set includes:
* SpySubtract(R) Enterprise Edition: Centrally managed offering with a Web-based console, featuring a true enterprise architecture, automatic and transparent deployment to desktops, with IT-controlled scanning, cleaning and reporting of spyware.
* SpySubtract(R) SDK: Toolkit for ISVs, network appliance manufacturers and OEMs that need to integrate robust anti-spyware capability into their products and accelerate time-to-market cycles.
* SpySubtract(R) Rx: ASP/"no-install" solution for academic, wireless and Internet cafe environments; it features spyware scanning, detection and cleaning via a Web page UI and ActiveX(R).
* SpySubtract(R) MD: Web-based spyware scanner to assist tech-support help desks in diagnosing malware problems.
* SpySubtract(R) PRO: For consumers and SOHO users.
View the press release here
Shavlik announced NetChk Security: Providing a Defense
Against Threats That Patching Won't Fix
Shavlik Technologies, announced Shavlik NetChk Security, a security information and configuration management tool that identifies security configuration errors on Microsoft-based workstations and enables system administrators to correct the errors.
"The two most common vulnerabilities exploited by hackers are configuration errors and software defects. Patch management tools such as Shavlik HFNetChkPro 5 can prevent attacks on software defects," said Mark Shavlik, president and CEO of Shavlik Technologies. "Unfortunately, configuration errors are the responsibility of the security managers, information technology personnel, and even the individual user. Shavlik NetChk Security eliminates these errors by providing both security
best practices from Shavlik's security consulting team and scanning engines to
implement recommended settings."
More in http://www.prnewswire.com/cgi-bin/stories.pl?ACCT=104&STORY=/www/story/02-17-2005/0003027072&EDATE=
ChoicePoint data theft widens to 145,000 people
ChoicePoint has confirmed that scammers culled the personal information of tens of thousands of Americans in a recent attack on its consumer database, resulting in 750 individual cases of identity theft.
The Atlanta-based company said that it plans to inform approximately 110,000 consumers outside the state of California whose information may have been accessed in the criminal scheme, originally reported on Tuesday. The company has already told some 35,000 Californians that their personal data, including their names, addresses, Social Security numbers and credit reports, was stolen by scammers. California is the only U.S. state with legislation in place that requires companies to notify its residents when their personal data has been compromised.
ChoicePoint also said that law enforcement officials informed the company of 750 cases of identity theft tied directly to the incident. One California man has already pleaded no contest to felony charges related to the ChoicePoint attack, while federal and state law enforcement agencies continue to look for others involved in the operation.
By Matt Hines, CNET News.com http://news.zdnet.com/2100-1009_22-5582144.html
Published on ZDNet News: February 18, 2005, 9:18 AM PT
Gartner: Microsoft Still Lacks a Security Vision
"Microsoft has offered more details of its security plans. But these announcements do not add up to a strategy for protecting Microsoft's products and customers."
Read the analysis at http://www3.gartner.com/DisplayDocument?doc_cd=126360
Cabir mobile virus found in U.S.
Published: February 18, 2005, 9:24 AM PST
By Ben Charny
Staff Writer, CNET News.com
A version of the Cabir virus has turned up in two Nokia 6600s on display in a California cell phone store, in what is believed to be the first "on-the-ground" sighting of the virus in the United States.
Just how the phones were infected isn't known, but it would have been very easy, given that both were on public display in the Santa Monica, Calif., shop's window. Anyone walking past the store could have dosed the handsets via their built-in Bluetooth antennas. In announcing the infection, antivirus company F-Secure did not specify exactly when the infections were discovered.
Two sources familiar with the sighting said the phones in the window could have been spreading Cabir to passers-by; although additional instances haven't been reported. A Nokia representative had no immediate comment.
Gmail moves to next stage
This is not really security related but I thought it may be of interest to some people, it would also explain why I finally got my invite today after putting in for it many months ago LOL
Published: February 18, 2005, 12:04 PM PST
By Matt Loney
Special to CNET News.com
Social networking is out and straight invitations are in at Google's free e-mail service, but the official line is that the shift does not signal an end to Gmail's beta status.
Google is giving more people the chance to sign up for Gmail, but the search giant insists the move does not signify an impending full-scale launch of the free e-mail service, which has been in beta since it launched on April 1 last year.
To date, Google has been relying on social networking to roll out Gmail, initially inviting some 2,000 people, who were then able to invite a limited number of others themselves. This week though, Google started sending invitations directly to those who have signed up to be kept abreast of updates to the service.