12 total posts
Gates, Vietnamese prime minister talk piracy
Published on ZDNet News: June 21, 2005, 5:10 AM PT
Vietnamese Prime Minister Phan Van Khai pledged to combat software piracy during talks with Microsoft Chairman Bill Gates on Monday as he became the most senior official of the communist state to visit the United States since the Vietnam War ended 30 years ago.
Khai signed two agreements committing Vietnam to work with Microsoft in curbing theft of intellectual-property rights and removing licensing barriers for used computers donated to schools, said Microsoft spokeswoman Tami Begasse.
The Business Software Alliance, a Washington-based lobby group, estimates that 92 percent of the software used in Vietnam in 2004 was pirated, the highest rate in the world.
Pop-up vulnerability found in major browsers
Published: June 22, 2005, 8:03 AM PDT
By Graeme Wearden
Special to CNET News.com
Several popular Web browsers contain a vulnerability that could be used by cybercriminals to steal personal data, security company Secunia has warned.
According to Secunia, the latest versions of Internet Explorer, Internet Explorer for Mac, Safari, iCab, Mozilla, Mozilla Firefox and Camino are all vulnerable. Opera 7 and 8 are affected, but not 8.01, according to Opera.
Microsoft Won't Patch IE Spoofing Bug
Hours after word broke that most browsers were vulnerable to a spoofing flaw that phishers could use to pilfer confidential data, Microsoft has declined to issue a security update. In a security advisory posted on its TechNet site, Microsoft acknowledged that its Internet Explorer browser, including the version packaged with Windows XP SP2, could be used to trick people into entering information such as passwords in a bogus dialog box which appears atop a trusted site.
Microsoft published the advisory, it said, "to clarify the risks associated with browser windows without indications of their origins." But it won't release a security update to fix the flaw because it considers the issue a feature, not a bug.
Some IT Managers don't use security software
In today's fast-paced, high-tech work environment, employees rely on computers to perform most job functions. A recently published research reveals the repercussions of computer viruses and other security problems and their correlation to downtime on the job in small and medium businesses.
The research, conducted by Maritz among IT managers, reveals that nearly all (90 percent) reported that computer performance levels were affected by up to 50 percent due to security issues.
The survey reveals some surprising results despite the common knowledge that security and spam issues are the obvious cause for reduction in employee productivity.
Key findings include: 75 percent of small and medium businesses were hit by at least one virus, with some affected over 100 times, 40 percent of respondents have been hit by hackers at least once, with some targeted more than 200 times, 29 percent don't use anti-spam software, 34 percent don't use spyware software, 4 percent don't use anti-virus software and 9 percent don't have Internet firewalls.
Jail time a penalty in ID theft bill
Published: June 22, 2005, 1:18 PM PDT
Business leaders who fail to tell consumers when they may be at risk of identity theft could face jail under a bipartisan bill expected to be introduced in the U.S. Senate on Wednesday.
Senate Judiciary Committee Chairman Arlen Specter and Sen. Patrick Leahy, the committee's top Democrat, would also restrict a freewheeling trade in Social Security numbers that are prized by identity thieves.
The bill, the first to draw Republican sponsorship, comes on the heels of the largest security breach announced to date after an outsider gained access to 40 million credit card accounts held by CardSystems Solutions, a payment processor.
California ID breach bill gets thumbs-up
Published: June 22, 2005, 1:14 PM PDT
Concerned with the growth of identity theft, California lawmakers gave initial approval on Tuesday to a bill that, with other state safeguards, would require companies to notify consumers of all security breaches involving their personal information.
The California Assembly's judiciary committee voted 6-3 for the bill, which would apply to paper and taped records. Breaches of computer records are already covered by a state law.
The state senate has already approved the bill, which now goes to the Assembly business and professions committee.
SBC launches intrusion prevention service
Published: June 22, 2005, 11:46 AM PDT
By Karen Said
SBC Communications has added an intrusion prevention tool to its lineup of security services for corporate networks. The PremierServ Managed Intrusion Prevention Service, introduced Tuesday, uses a behavior-based approach to detect known worms and viruses, the company said. It also promises to catch "zero day" intrusions, which take advantage of previously unknown vulnerabilities, on servers, desktops and other computers connected to the network.
Security Software Leakier Than Windows
Security software is becoming as riddled with holes as some of the products it is supposed to protect, according to new figures from the Yankee Group. The number of vulnerabilities found in security applications has risen sharply for the third year in a row and now outnumbers those identified in all Microsoft products, according to the research firm.
In 2004, researchers uncovered 60 vulnerabilities in security software, up from 31 in 2003, according to the study. In May of this year, researchers had already turned up 23 security bugs, compared with 22 bugs in Microsoft applications. The figures through May 2005 are up 50 percent over the same period last year, Yankee Group said. The figures were reported by Business Week.
Microsoft pushes spam-filtering technology
Published: June 22, 2005, 6:25 PM PDT
By Joris Evers
Staff Writer, CNET News.com
If your e-mail does not have a Sender ID, Microsoft wants to junk your message.
Around November, Hotmail and MSN will flag as potential spam those messages that do not have the tag to verify the sender, Craig Spiezle, a director in the technology care and safety group at the software maker said Wednesday. The move is meant to spur adoption of Sender ID, he said.
Sender ID is a specification for verifying the authenticity of e-mail by ensuring the validity of the server from which the e-mail came. While the purpose of curbing junk mail may be laudable, the debate on how to stop the tide of junk mail is still ongoing. According to Microsoft, up to 90 percent of e-mail is spam.
Mass hack targets critical Windows flaw
A recent surge in port 445 scanning activity could herald impending hack attacks, and industry experts have warned firms to take "immediate steps" to ensure that the affected Windows ports are secure. Gartner pointed to recent reports that security vulnerability sensors have noted an increase in activity on TCP port 445, which is associated with Microsoft's Windows Server Message Block (SMB) protocol.
"This port could be used to exploit the Microsoft Incoming SMB Packet Validation Remote Buffer Overflow Vulnerability (MS05-027), a critical flaw for which Microsoft released a patch on 14 June, " warned John Pescatore, vice president and research fellow at Gartner Research.