November 16th, 2009

ICSA Labs: Security products often fail and are insecure

Posted by Larry Dignan @ 4:00 am

Categories: General, Security, Software Infrastructure

Tags: Product Quality, ICSA Labs, Security Product, Chances, Security, Larry Dignan

Almost 80 percent of security products fail when first tested and require two rounds of testing before being certified, according to a report from ICSA Labs.

ICSA, a unit of Verizon Business, looked at 20 years of data about security products to cook up that figure. ICSA tests security products and certifies them. So why do these products flop out of the gate? Simply put, security software doesn’t perform as it should. Core functionality—for instance an anti-virus product failing to prevent infections—accounted for 78 percent of failures. In fact, only 4 percent of products pass the first round of ICSA testing.

Logging was the second biggest reason for initial failures. Incomplete or inaccurate logging of who did what and when accounted for 58 percent of failures. Ninety-seven percent of network firewalls and 80 percent of Web application firewalls have at least one logging problem.

Read the rest of this entry »

November 12th, 2009

My scareware night and how McAfee lost a customer

Posted by Larry Dignan @ 5:42 am

Categories: General, Security

Tags: McAfee Inc., Antivirus, Viruses And Worms, Security, Larry Dignan

Updated: I had an ugly run-in with scareware last night, but I’m not sure what left me more annoyed: The dreaded Antivirus Pro 2009 scareware or McAfee, my anti-virus software provider.

First, my PC was overtaken by Antivirus Pro 2009, which is a rogue anti-spyware application. In a nutshell, Antivirus Pro starts automatically when you log on to your computer, creates fake malware and then holds the PC hostage. In addition it hi-jacks Internet Explorer and pelts you with porn sites (sprinkled in with a little Viagra for good measure). Simply put, Antivirus Pro 2009 tries to scare you into registering the software.

It’s not entirely clear how Antivirus Pro got into my Windows XP home PC. I was at work at the time, but the scareware wasn’t flagged by McAfee’s software and the signatures were up to date. Perhaps it was user error, but once Antivirus Pro is installed you’re screwed. Running task manager and add/remove was a disaster.

After McAfee scans (quick and the long versions) failed to turn anything up nefarious it was clear that I needed to manually remove the files. The problem: I couldn’t find them despite some pretty thorough directions.

After a few hours of trying a little of everything (including failed installations of Kaspersky’s anti-virus software and Malwarebytes Anti-Malware) I decided I needed some help. For some odd reason, I figured I’d pay McAfee support almost $90 to go into my PC and fix things. I figured I was running out of time (I was falling asleep at the keyboard) and I’d do anything—except pay the rat bastards behind Antivirus Pro 2009.

First, the McAfee chat client wouldn’t run, but I attributed that to the Antivirus Pro issues. Then I called a number to a call center and was put on hold for what was supposed to be 20 minutes or so. Ninety-minutes later I just gave up. Here’s what was particularly annoying: There was no automated break-in telling me where I stood in the queue or any updates on wait times. If you’re going to operate a call center do it right.

Ultimately, it was the phone service that did McAfee in for me. The weak scans were one thing, but the inability to get enough folks to man the phones was the real killer for me.

The good news: In my 90 minutes of hold time I tried the add/remove icon in the control panel just enough times that it actually stayed up. once. Given that brief Window—I searched for Antivirus Pro to no avail—but did manage to completely remove Internet Explorer from the PC. I figured if I couldn’t find Antivirus Pro I could at least prevent those annoying browser windows from appearing.

Throughout this time, the McAfee Web client was turning up nothing on scans. In addition, searching hidden files on my PC yielded nothing. After a restart, I was fortunate enough to have a trial of Kaspersky successfully installed (I’m not quite sure how that happened). You get bombarded with so many browser windows and fake malware messages that you’re literally looking around dozens of windows to get anything done.

Kaspersky updated its database and found the Antivirus Pro files to eradicate. Thus far, the PC is working fine.

I still have some issues in that I have to call McAfee and get a refund for the expert time I never received. Once that’s taken care of I’m done with McAfee. I was a four-year customer, but this experience (the lack of finds in the scan and the inability to work through its call center calls) forced my hand. There are plenty of anti-virus software companies, but frankly all I want is one that works during crunch time. For now, that company is Kaspersky.

Update: Cody Spears, McAfee’s executive customer assistance team, gave me some color on what happened. He said the scareware I encountered isn’t new, but was updated a couple of days ago. Spears added that the company was prepared for a Conficker, but “unfortunately we weren’t prepared for this.”

As a result call volume spiked at McAfee when I called. According to Spears:

• McAfee is typically staffed to handle about 600 calls a night, but last night it received 2,000. That explains the wait time.
• McAfee said it is pushing out definitions for all the variants of the malware with tonight’s update.
• The company also set up a team just for this issue. “Today, we’re not having the same issue you had last night,” said Spears.

Separately, I got my refund for the customer service call last night. There wasn’t any hold time for that one.

Post script:

The Malwarebytes Anti-Malware has good word of mouth, but I was getting a run-time error and couldn’t launch it.

Ryan Naraine notes that Vista for all its flaws would have stopped Antivirus Pro 2009 at the door. Windows 7 too.

The latest update from Microsoft for XP patches installed on Wednesday. My hunch is havoc ensued Tuesday night with the scareware and screwed up the auto-update that should have run Tuesday.

And here are a few handy links:

• Dancho Danchev: Which antivirus is best at removing malware?
• How to Remove Antivirus System PRO
• How to remove Antivirus Pro 2009 or AntivirusPro 2009 (Uninstall Instructions)
• AVC’s ratings of anti-virus software
• Zero Day

November 9th, 2009

'Tis the season for ID fraud: Retailers face $100 billion in losses

Posted by Larry Dignan @ 8:03 am

Categories: E-commerce, General, Security

Tags: Identity Fraud, Retail Company, Fraud, Fraud Loss, Identity Theft, Security, Larry Dignan

As retailers enter the key holiday shopping season they’re about to get pummeled by identification fraud losses.

LexisNexis Risk Solutions and Javelin Strategy & Research have cooked up a study the looks at how U.S. retail fraud hits merchants. Retailers face $100 billion in losses attributed to ID fraud in 2009. Toss in lost and stolen inventory and losses swell to $191 billion.

In the study, LexisNexis argues that retailers take on most of the costs of fraud. Among the key points:

Read the rest of this entry »

November 9th, 2009

60 Minutes: We're not ready for a cyber war

Posted by Larry Dignan @ 2:16 am

Categories: General, Government, Infrastructure, Security

Tags: Grid, Cyberattack, CBS Corp., Attack, Hacking, Security, Viruses And Worms, Larry Dignan

Our electric grid is vulnerable to a cyber attack and come to think of it so is every other piece of U.S. infrastructure.

That not so happy tale was painted by a bevy of folks in a 60 Minutes report. 60 Minutes also unearthed an attack on Brazil’s grid. In a nutshell:

• We’re not ready for a cyberattack;
• The hackers can move much faster than the U.S. government;
• A lot of the worst attacks will revolve around the power grid since everything needs electricity.

For those people paying attention to security none of this news is all that surprising.

Roll the tape:

Watch CBS News Videos Online

And another excerpt on the potential for a online Jihad:

Watch CBS News Videos Online

November 6th, 2009

Google Dashboard brings security settings to the forefront

Posted by Sam Diaz @ 2:15 am

Categories: Google, Security

Tags: Security, Google Inc., Dashboard, Google Dashboard, Sam Diaz

For anyone who has ever complained about Google recording everything you do but has never gone to the trouble of adjusting your various privacy settings, I’d like to introduce you to Google Dashboard.

Google Dashboard is a one-stop shop for access into your settings for 20 Google different products and services - Gmail, Google Docs, Calendar and even Google-owned YouTube and Picasa, among others. From there, you can access the settings - and view some analytics - for each of the products and change whichever ones you don’t like. From the Google blog post:

Today, with hundreds of millions of people using those products around the world, we are very aware of the trust that you have placed in us, and our responsibility to protect your privacy and data. In the past, we’ve taken numerous steps in this area, investing in educating our users with our Privacy Center, making it easier to move data in and out of Google with our Data Liberation Front, and allowing you to control the ads you see with interest-based advertising. Transparency, choice and control have become a key part of Google’s philosophy, and today, we’re happy to announce that we’re doing even more.

This is Google’s second announcement this week that takes security of its users into consideration. Earlier this week, the company put up a blog post about the continued efforts in “hybrid onboarding,” the ability to create accounts on third-party sites using your Google account sign-on information. The idea is to eliminate the need for original user names and passwords on so many different accounts. Google - and others - still have a long way to go on that front - but at least this is a start.

Back to Google Dashboard, it wasn’t until I logged on that I realized just how deeply entrenched I am into the Google world - Docs, Mail, Calendar, Blogger, Reader, Voice… the list goes on. And so, I spent 20 minutes today going through the settings for each of my accounts.

Already, I feel more secure.

November 5th, 2009

Survey: IT workers eyeing security certifications

Posted by Sam Diaz @ 2:15 am

Categories: General, IT jobs, Security

Tags: Security, Certification, Information Technology, Security Certification, Survey, CompTIA, Information Technology Worker, Quality, Training And Certification, Business Operations

A tough economy and new technologies has led to some pretty substantial changes for IT departments. As the IT landscape continues to evolve, IT workers are also looking at their next moves.

A survey of more than 1,500 IT workers found that more than half are eyeing security-themed certifications over the next five years while others will pursue new certifications in green IT, healthcare IT, mobile and software-as-a service.

The survey, conducted by CompTIA, found that 37 percent of the respondents will be pursuing a security certification over the next five years, with 18 percent seeking ethical hacking certifications and 13 percent interested in forensics. From the CompTIA statement:

Economic advancement and personal growth are key drivers for seeking IT certifications, the CompTIA study also reveals. Eighty-eight percent of certification holders indicated they pursue a certification to enhance their resume. An identical 88 percent said personal growth they pursue a certification. IT workers are willing to invest the time and resources necessary to advance their career by adding new certifications to their credentials. On average, candidates for an IT certification spend 44.5 hours studying and preparing to sit for an exam; and approximately one in three individuals spend 60 or more hours preparing. Fifty percent of IT certification holders pay for the exams themselves, while 38 percent rely on an employer to cover the exam fee.

October 30th, 2009

McAfee vs. Symantec: Dueling in consumer and enterprise

Posted by Larry Dignan @ 3:00 am

Categories: Earnings, Economy, General, Security, Symantec

Tags: McAfee Inc., Revenue, Symantec Corp., Security, Larry Dignan

The most recent quarterly reports from McAfee and Symantec highlight some trench warfare in both the enterprise and consumer markets.

Both companies reported solid quarters, but Symantec was the one that really knocked the cover off the ball. Symantec reported fiscal second quarter net income of $150 million, or 18 cents a share, on revenue of $1.47 billion. Non-GAAP earnings were 36 cents a share, three cents ahead of Wall Street estimates.

But what was curious is the reason behind Symantec’s surge. Sure, CEO Enrique Salem has given Symantec more focus, but the quarter got a lift from small and mid-sized businesses and consumers. The consumer business coupled with improving enterprise trends enabled Symantec to maintain its outlook for the next quarter.

Salem said on a conference call:

We started to see initial signs of progress in SMB security as we renewed our relationships with channel partners given the launch of our new security products. We also saw strength in the consumer segment as our business continues to benefit from our market-leading products…The strength of our Consumer business was driven by strong Norton 360 sales and by our relationships with eight of the top nine OEMs…During the quarter, we won consumer online backup deals with Toshiba and Acer. We now have backup relationships with four of the top five OEMs.

Add it up and Symantec’s consumer business was up 6 percent to $463 million in the second quarter compared to a year ago. All other businesses—security and compliance and storage—were down anywhere from 3 percent to 9 percent.

Enter McAfee. McAfee’s quarter was also solid (statement). The company reported fiscal third quarter earnings of $36.8 million, or 23 cents a share, on revenue of $485.3 million, up 18 percent from a year ago. Non-GAAP earnings were 62 cents a share, two cents better than estimates. Revenue, however, fell short of the $487 million projected by Wall Street.

McAfee also projected fiscal fourth quarter non-GAAP earnings of 61 cents a share to 65 cents a share. Wall Street was looking for 63 cents a share.

Under the hood though, McAfee showed a 25 percent jump in its corporate business. Third quarter corporate revenue checked in at $308 million. On the consumer side of the house, McAfee had revenue of $177 million, up 8 percent from a year ago.

Based on growth rates, it appears Symantec is taking it to McAfee in the consumer market. In the enterprise, McAfee, which is much smaller than Symantec, appears to be gaining some strength from a smaller base.

October 27th, 2009

Cisco continues its buying spree with ScanSafe acquisition

Posted by Sam Diaz @ 12:05 pm

Categories: Cisco, General, Security

Tags: Security, Acquisition, ScanSafe, Web Security, Cisco Systems Inc., Mergers & Acquisitions, Investment, Finance, Sam Diaz

Cisco Systems said today that it plans to acquire ScanSafe, a privately held provider of software-as- a-service (SaaS) Web security products for businesses. The deal is part of Cisco’s plans to build a “borderless network security architecture that combines network and cloud-based services for advanced security enforcement,” the company said.

The deal, which will cost Cisco about $183 million, is expected to close sometime in early 2010. Upon close, Cisco plans to integrate ScanSafe into its AnyConnect VPN Client. In a statement, the company said.

Web security is a large and expanding market expected to grow to $2.3 billion by 2012.  By acquiring ScanSafe, Cisco is building on its successful acquisition of leading on-premise content security provider IronPort.  The acquisition brings together the Cisco IronPort high-performance Web security appliance and ScanSafe’s leading SaaS Web security service.  This combination will expand Cisco’s security portfolio to offer superior on-premise, hosted, and hybrid-hosted Web security solutions.

Earlier this year, Cisco CEO John Chambers said the company planned to be “aggressive” during the downturn and pick up the pace on its acquisitions, largely focused on small private companies with market leadership - such as ScanSafe. In May, the company acquired Tidal Software, which makes application management and automation software, for $105 million to advance its data center and service offerings. The same month, it also finalized the acquisition of Pure Digital Technologies for $590 million.

Earlier this month, Cisco reinforced its commitment to video conferencing technologies by announcing plans to acquire Tandberg, a Norwegian video conferencing outfit, for $3 billion.

October 21st, 2009

CyberThreats: Complacency abounds

Posted by Larry Dignan @ 2:50 am

Categories: Gartner Symposium 2009, General, Security

Tags: Technique, Cyberthreats, Attack, Productivity, Security, Larry Dignan

Gartner security guru John Pescatore gave his 2010 cyberthreat assessment Tuesday and not a lot has changed—other than the complacency levels of companies that are supposed to be protecting your data.

Threats have become more targeted, but the bulk of attacks are using the same techniques found a year ago. In the last year, there has been the Heartland Payment Systems breach, multiple attacks on educational institutions, worms galore and Conficker. The takeaway: Companies are lax.

Pescatore notes at the Gartner IT Symposium in Orlando:

Read the rest of this entry »

October 13th, 2009

TechGuard keeps spam and botnets at bay with one-click, enterprise-level security for SMBs, SOHOs

Posted by Andrew Nusca @ 3:28 am

Categories: General, Government, Security

Tags: Security, Firewall, Network, SOHO, Small And Medium Business, TechGuard, SM, Smb/Sme, Andrew Nusca

One of the most difficult things for a small or medium business to do is set up a security scheme that’s effective, affordable and intelligible to the average employee.

Chesterfield, Mo. and Baltimore, Md.-based TechGuard is attempting to address that problem by bringing its enterprise and government-level knowledge to small and medium businesses and small or home offices.

TechGuard’s PoliWall is currently used by government agencies and large enterprises to control network access. The software enables those organizations to allow or block access from entire countries with a click, as well as block single IP addresses and IP ranges.

I spoke with TechGuard CEO Suzanne Magee about their new PoliWall ESE, a suite of security solutions developed specifically for SMBs and SOHOs that turns the government-level security firm into the WD-40 of the cybersecurity industry.

Read the rest of this entry »

October 7th, 2009

FBI's 'Operation Phish Phry' snares nearly 100 people

Posted by Larry Dignan @ 2:53 pm

Categories: General, Government, Security

Tags: Bank, FBI, Phishing, Cyberthreats, Financial Services, Spam, Viruses And Worms, Security, Spam And Phishing, Larry Dignan

The Federal Bureau of Investigation on Wednesday charged almost 100 people in Operation Phish Phry, the largest cyber fraud phishing case to date.

The FBI said it uncovered a sophisticated phishing operation that was designed to swipe personal information and then use the data to defraud banks. On Wednesday, authorities arrested 33 of the 53 defendants named in an indictment. Egyptian authorities charged another 47 alleged cybercrooks.

Operation Phish Phry started in 2007 and authorities ultimately collected enough information used in today’s bust. That information led to the joint U.S.-Egypt sting. In a statement, the FBI outlined the details:

According to the indictment that was unsealed this morning, Egyptian-based hackers obtained bank account numbers and related personal identification information from an unknown number of bank customers through phishing—a technique that involves sending e-mail messages that appear to be official correspondence from banks or credit card vendors. In illegal phishing schemes, bank customers are directed to fake websites purporting to be linked to financial institutions, where the customers are asked to enter their account numbers, passwords and other personal identification information. Because the websites appear to be legitimate—complete with bank logos and legal disclaimers—the customers do not realize that the websites do not belong to legitimate financial institutions.

The indictment alleges that co-conspirators in Egypt collected victims’ bank account information by using information obtained from their phishing activities. Armed with the bank account information, members of the conspiracy hacked into accounts at two banks. Once they accessed the accounts, the individuals operating in Egypt communicated via text messages, telephone calls and Internet chat groups with co-conspirators in the United States. Through these communications, members of the criminal ring coordinated the illicit online transfer of funds from compromised accounts to newly created fraudulent accounts.

In the U.S., three California residents—Kenneth Joseph Lucas, Nichole Michelle Merzi, and Jonathan Preston Clark—were the alleged ringleaders, according to the FBI. These people would direct associates to recruit runners that would set up the bank accounts.

October 1st, 2009

Spam report: Old school techniques are back; companies on alert

Posted by Sam Diaz @ 1:18 pm

Categories: Security, Spam

Tags: Technique, Team, Google Team, E-mail, Team Management, Online Communications, Management, Sam Diaz

An old school spamming technique among Internet bad guys - using images to hack their way into a system or spread viruses - is back.

Google’s e-mail security services team reported Spam trends for the third quarter in a blog post today and, among the findings was a 123 percent year-over-year jump in the amount of spam bytes processed per user. In a nutshell, spam messages are bigger, meaning that they have bad attachments again.

That trend prompted Google to issue an alert to companies that process spam in their own network. The team wrote:

The larger sizes create a bandwidth burden that can impact speed across your network. As the chart shows, Q2′09 delivered the record high to date for spam size – and subsequently for bandwidth drag for teams that manage spam in-house, potentially forcing those organizations to upgrade their capacity limits.

The team also warned business e-mail users to watch out for e-mail spams that appear to come from the company’s domain name. Spoofing emails is allows spammers to mask their real sender and a loophole often created by the company itself: adding its own domain to the approved sender list. The Google team writes:

While this might seem like a good idea at first glance – we want to make sure we don’t block email from our colleagues, right? – in practice all it does is open your organization up to spoofed email. With that in mind, we strongly recommend that organizations not add their own domains to their approved sender lists. (Don’t worry – legitimate mail from within your domain is correctly identified by filters and generally gets through just fine.)

One last note: Emails that appear to come from the IRS about underreported income and those that include fake package tracking attachments are being received in large numbers. While most people know to avoid clicking on such e-mails, the volume of them means that only a small percentage of users have to open them for the damage to be done.

Consider yourself warned.

October 1st, 2009

AT&T acquires VeriSign's security consulting unit

Posted by Larry Dignan @ 9:08 am

Categories: AT&T, General, Security, Telecommunications

Tags: VeriSign Inc., AT&T Corp., Consulting, Outsourcing, Security, It Operations, Business Operations, Outsourcing & Subcontracting, Larry Dignan

AT&T said Thursday that it has acquired VeriSign’s security consulting business in a move to beef up its services.

Terms of the deal weren’t disclosed.

AT&T said in a statement that it will use the acquired VeriSign team, which counsels large companies on vulnerabilities, defenses and compliance, to broaden its cybersecurity business.

AT&T along with other telecom providers like Verizon provides network-based security services. The aim: make the network intelligent enough to fend off attacks.

September 30th, 2009

Researchers devise way to deny denial-of-service attacks

Posted by Andrew Nusca @ 1:10 pm

Categories: Security

Tags: Denial Of Service, Researcher, Server, Distributed Denial Of Service, Computer, Filter Value, Security, Andrew Nusca

Researchers say they have devised a way to filter out denial of service attacks on computer networks, including cloud computing systems, improving security on government, commercial, and educational systems.

Methods do exist for configuring a network to filter out known denial of service (DoS) and distributed denial of service (DDoS) attack software and to recognize some of the traffic patterns associated with a mounting DoS attack.

But current filters usually rely on the computer being attacked to check the legitimacy of incoming information requests, consuming resources and, in the case of a massive DDoS, compounding the problem.

Computer engineers John Wu, Tong Liu, Andy Huang and David Irwin of Auburn University have developed a filter to protect systems against DoS attacks that they say circumvents this problem.

How? With the use of a new passive protocol that must be in place at each end of the connection, user and resource.

Their protocol, called “Identity-Based Privacy-Protected Access Control Filter,” or IPACF, is said to block threats to the gatekeeping Authentication Servers, allowing legitimate users with valid passwords to access private resources.

Here’s how it works:

The user’s computer has to present a filter value for the server to do a quick check. The filter value is a one-time secret that needs to be presented with the pseudo ID. The pseudo ID is also one-time use. Attackers cannot forge either of these values correctly and so attack packets are filtered out.

There is a drawback. The added layer of information transfer required for checking user requests could take up more resources needed by the server.

The researchers say they have tested how well the protocol manages a massive DDoS attack, simulating one on a network consisting of 1000 nodes with 10 Gbps bandwidth. The result? Little server degradation, negligible latency and minimal extra processor usage even when the 10 Gbps pipe to the authentication server is filled with DoS packets.

The protocol takes 6 nanoseconds to reject a non-legitimate information packet associated with the DoS attack, the researchers said.

Their results will be published in a forthcoming issue of international journal Information and Computer Security.

The protocol was first introduced at a conference in 2007.

September 25th, 2009

Viagra, Prozac, Levitra spam rakes in more than $4,000 per day

Posted by Andrew Nusca @ 11:38 am

Categories: Security

Tags: Pharmaceutical Company, Viagra, GlavMed, Sales Strategy, Cyberthreats, Spam, Sales Force Management, Sales, Security, Spam And Phishing

Spam about pharmaceutical drugs can generate more than $4,000 per day in sales, according to a new report.

In a study titled “The Partnerka — what is it, and why should you care?,” Sophos security researcher Dmitry Samosseiko analyzed the growth and operation of the “partnerka,” or Russian affiliate partner networks, which are behind much of the pharmaceutical spam in Canada.

(ZDNet’s own Ryan Naraine wrote about the same study today with different news: “Malware affiliate bounty: Infect a Mac, earn 43 cents“)

Using sales logs, Samosseiko confirmed a long-known fact: online pharmaceuticals are quite lucrative. In fact, the largest affiliate network — named GlavMed — has a sister company, SpamIt, thought to be responsible for the Storm, Waledec, and Conficker botnets.

[Zero Day: Inside an affiliate spam program for pharmaceuticals]

GlavMed claims to be anti-spam, but Samosseiko writes that he discovered a wide-open PHP back-end to GlavMed containing evidence that SpamIt rakes in the real dough for the company.

Read the rest of this entry »

September 23rd, 2009

Injury to insult: Madoff victims data stolen in laptop theft

Posted by Larry Dignan @ 9:55 am

Categories: General, Security

Tags: Bernard Madoff, Laptop Computer, Laptop Theft, AlixPartners, Madoff, Notebooks, Hardware, Notebooks & Tablets, Larry Dignan

As if Bernie Madoff’s victims didn’t have enough to worry about now they have to watch their credit reports after personally identifiable information was stolen in a laptop theft.

According to Newsday, more than 2,200 Madoff victims may have had their data breached in a July laptop theft in Dallas. In case you were living under a rock, Madoff was the architect of a massive Ponzi scheme that bilked investors of billions of dollars.

The laptop contained the names, addresses, Social Security numbers and account information of 2,246 investors. The laptop was stolen from the car of AlixPartners Llp, the firm trying to process victim claims.

Read the rest of this entry »

August 31st, 2009

Apps make mobile banking cool; Banks working on security perceptions

Posted by Sam Diaz @ 10:43 am

Categories: E-commerce, General, Mobile, Security

Tags: Bank, Security, Mobile, Mobile Banking, Mobile Applications, Wireless And Mobility, Sam Diaz

The popularity of mobile applications for the Blackberry, iPhone and others has given new life to the concept of mobile banking - and the banks out there are pushing their customers to give it a try.

Mintel Comperemedia, a service that provides direct marketing competitive intelligence, said today that the phrase “mobile banking” appeared in direct mail offers from banks twice as often as it did in the first half of 2008, according to research. And, mobile banking is also more often the subject of e-mail offers, as well.

So does that mean that mobile banking has finally hit the mainstream? Well, yes and no.

The big banks out there are further along with the mobile banking offerings than, say, a small credit union. And increasingly, customers who have become comfortable with online banking - a growing number - are likely to give mobile banking a try. Said Susan Wolfe, VP of financial services at Mintel Comperemedia:

Mobile banking isn’t new, but it’s getting a huge push from the popularity of the iPhone and BlackBerry. As more consumers adopt smart phones and adapt to truly on-the-go lifestyles, they’re seeking banking applications and technology that keeps up with them.

I have to admit that I’ve only had limited exposure with mobile banking - but I have done it. The apps do make the process much more appealing than trying to use a mobile web browser to replicate the PC experience. But I also have to admit that I kept checking my bank account regularly for a week after I conducted a mobile transfer between accounts once.

Call me a bit paranoid still.

Wolfe, in the company’s news release, said security perceptions remains a challenge but that banks will soon start addressing those concerns by focusing on the security of the apps and transactions. She said:

Online banking was intimidating to customers early on too but once banks could guarantee security, customers flocked online for flexibility and convenience. I expect the transition into mobile banking will happen in a similar way.

I would agree.

August 31st, 2009

Trend Micro launches enhanced security, tools for tracking Web usage

Posted by Sam Diaz @ 6:01 am

Categories: General, Security, Social networking, VMware

Tags: Security, Web, Network, Trend Micro Inc., Site, Tool, Social Networking, Internet, Productivity, Online Communications

It used to be that an IT administrator could warn employees about opening attachments from unknown sources or clicking on links from unknown e-mail senders as the first line of defense against spam, malware and other bad stuff on the Internet.

Today, the seedy side of the Internet comes in many different forms and from many different sources. Stop for a moment and think about the new places where malware might be buried, hidden, released and shared - a legitimate site that’s been hacked, a bit.ly link on Twitter or even an image on a Facebook friend’s page. Now, think about how many of these links you’ve clicked on from within the corporate network.

Trend Micro, in an effort to fight a modern-day Internet security war, is announcing today the launch of its Web Gateway Security, a product that does more than just enhance URL filtering or expand the database of trouble spots, red flags and other information used to keep its customers safe. The product also comes with tools that provide IT admins with detailed information about who on the network is doing what, when and from where - even just a few moments ago. The dashboard (pictured below) gives the admin a nearly real-time look at the users, the traffic and the sites being downloaded across the entire with just a glance.

It’s a tool that gives companies the ability to monitor for unusual activity and track it - nearly in real-time - to a particular site or particular user.  No more waiting for reports the next morning to make some sort of discovery or identify the root of a problem.

Sure, there’s potential for companies to take “big brother” to a new level. But the execs at Trend Micro pointed instead to the ability to identify a problem at a company-approved site. If a particular user is using an excessive amount of bandwidth, for example, but isn’t visiting any out-of-the-ordinary sites, it may be the result of a problem at one of those sites.

Companies have long reserved the right to monitor or restrict Web surfing activities for the sake of protecting the network and sensitive company data. In a recent survey of IT executives by Trend Micro, 75 percent said they were concerned about unauthorized online activities at work and that nearly 70 percent would consider prohibiting access to certain sites, such as shopping or social networking properties. But the company also highlights another statistic - 42 percent say they’re willing to accept the risks of social networking on office computers because they see social networking as something that will benefit the company in the long run.

The company today also announced a virtual appliance, which allows companies to either dedicate their own standardized hardware to the app or install in a VMWare environment with other apps.

Previous coverage: Trend Micro wants enterprise to re-think security

August 31st, 2009

Hacker Gonzalez to plead guilty in TJX hack; A hollow victory?

Posted by Larry Dignan @ 2:17 am

Categories: General, Security

Tags: Cybercrime, Debit Card, Hacker, Albert Gonzalez, Debit Card Number, Hacking, Financial Services, Security, Larry Dignan

Albert Gonzalez, a hacker charged with stealing as many as 130 million credit and debit card numbers, will plead guilty to 19 counts of charges related to the TJX breach and surrender assets such as his Miami condo, BMW, Glock 27 firearm and PCs. Gonzalez will get 15 to 25 years under sentencing guidelines. Any cybercrime satisfaction, however, will be short-lived.

Simply put, the game is far from over. Gonzalez may be the mastermind or just the hacker taking the brunt of a wider cybercrime Web. These thefts aren’t going to disappear and Gonzalez’s accomplices are still at large. Gonzalez may have been the big dog, but he was far from the only one. Make no mistake: The Gonzalez plea is a victory for the Feds. But it may be a hollow one. Gonzalez’s biggest mistake was operating on U.S. soil. Most cybercrime occurs offshore and out of reach of prosecutors.

That’s why Gonzalez’s plea deal—to be official on or before Sept. 11—is a bit of a nice little read but little more. Here’s the PDF and original indictment.

In a nutshell, Gonzalez pleads guilty, stays in jail (he already is awaiting trail and forfeits a bunch of items including:

• $1.65 million in cash;
• a Glock27 firearm;
• a condo in Miami;
• a 2006 BMW 330I;
• computer gear such as a Toshiba laptop, Everex Stepnote PC; Nokia phone. Maxtor 300 GB hard drive and a Sharp Zaurus PDA.

Federal prosecutors accused Gonzalez and others with stealing credit card and debit card numbers from TJX, BJ’s, OfficeMax, Barnes & Noble and Sports Authority. The charges were lodged a year ago.

Also see: Alleged TJX hacker spun a wide web of cybercrime

Last month, Gonzalez was indicted for the data breaches at Heartland Payment Systems and others. That complaint alleges that Gonzalez was connected with the theft of 130 million credit and debit card numbers.

I’d feel a lot better if Gonzalez’s international band of accomplices was headed behind bars too.

August 27th, 2009

Researchers crack WPA Wi-Fi encryption in 60 seconds

Posted by Andrew Nusca @ 6:54 am

Categories: Security

Tags: WPA, Encryption, Network Security, Wi-Fi, Wireless And Mobility, Networking, Andrew Nusca

Computer scientists in Japan have developed a way to break the WPA encryption system used in wireless routers in just one minute.

The attack, which reads encrypted traffic sent between computers and certain types of routers that use the WPA (Wi-Fi Protected Access) encryption system, was devised by Toshihiro Ohigashi of Hiroshima University and Masakatu Morii of Kobe University.

Read the rest of this entry »