IBM is taking virtualization security to the next level with a new product designed to safeguard enterprise virtual server infrastructures, the company said.
The product -- IBM Virtual Server Security for VMware vSphere -- purports to help growing companies stay protected as they consolidate their data centers. IBM said it has been working with clients to simplify and optimize their virtual infrastructures, and that this product allows those same businesses to put up a shield against next-gen security threats.
"Clients are asking for solutions to secure their data centers as they move from a traditional environment to virtual deployments. To that end, IBM has built this solution based on feedback of hundreds of customers looking to answer this urgent need," said Brian Truskowski, general manager, IBM Internet Security Systems (ISS).
Some of the automatic protection features of IBM's Virtual Server Security for VMware vSphere include Virtual Network Access Control (CNAC) to limit network access from a virtual server until security posture can be confirmed, rootkit detection, virtual infrastructure monitoring, and more.
The new product will be available in December 2009.
It was reported that just a day after Microsoft squashed a dozen bugs in its software, there remained an unpatched bug in Windows 7 and Server 2008 R2 capable of locking up systems and forcing a complete shutdown in order to regain control. Turns out the report was true, as Microsoft Friday evening confirmed that the unpatched vulnerability does indeed exist.
"Microsoft is aware of public, detailed exploit code that would cause a system to stop functioning or become unreliable," Dave Forstrom, a spokesman for Microsoft security group, said in an email. "The company is not aware of attacks to exploit the reported vulnerability at this time."
In theory, the attacks could be targeted towards any browser. Should a user be tricked into visiting a malicious site, hackers could send out tainted URIs (uniform resource identifiers) and crash their PCs.
Microsoft didn't give a time frame on when it will patch the bug. In the meantime, users can stay protected by blocking TCP ports 139 and 445 at the firewall, although doing so would also disable browsers and a host of critical services, including network file-sharing and IT group policies, ComputerWorld reports.
Security research firm Foregorund has made known today that there is yet another serious flaw in Abobe’s Flash plugin. The problem could potentially affect many of the sites we use every day. Researcher Mike Murray said, “Any site that allows user-uploadable content is vulnerable, and most are not configured to prevent this."
The problem stems from the Flash ActionScript same-origin policy. This system is supposed to limit a Flash object’s access to content from its original domain. But if an attacker is able to insert malicious code into a Flash object, it can execute that code when run. Anyone viewing the malicious Flash object is vulnerable to attack.
Trend Micro has issued a warning that the Koobface botnet has begun pushing out a new component capable of automatically registering a Facebook account and confirming an email address in Gmail to activate the fake persona. Once Koobface becomes part of the social network's community, it begins randomly joining Facebook groups, adding friends, and posting messages to people's walls.
"Overall, this new component behaves like a regular Internet user that starts to connect with friends in Facebook," says Trend Micro. "All Facebook accounts registered by this component are comparable to a regular account made by a human. The details provided about the account are complete such as a photo, birth date, favorite music, and favorite books, among others. In addition, every account registered is unique in such a way that the details vary for every account registered."
That's pretty wild, and it's done using Internet Explorer to create and register the account, according to Trend Micro. But what's interesting is that the Koobnet botnet halts its dastardly deed if the affected user is kicking it old school with IE6.
So how do you avoid being duped by a fake friend? You could become a loner, but that might get, well, lonely. Common sense applies - be sure you know who it is you're adding. And as usual, be wary of clicking on links. Trend Micro says the messages posted through Facebook's wall contain a link that leads to the fake Facebook or YouTube page hosting the Koobface loader component.
Hewlett-Packard is stepping up to the plate with improved data protection and better backup solutions for small and medium businesses, The Register reports.
First on the list is HP's LeftHand Networks P4000 SMB storage area network (SAN) lineup, which will now come equipped with application-integrated snapshots. This will make it easier on admins, who can use the P4000 GUI to signal that a snapshot needs to be made of a volume, and the P4000 array software will handle the rest.
The second change comes to HP's Disk-to-Disk (D2D) backup product, which has been given a file interface allowing applications to view it as a NAS box. In the long-run, customers will be able to reduce their reliance on tape.
For those who want to keep using tape, HP introduced its new DAT320 tape drive. The 8mm DAT320 packs 320GB, or twice as much as the DAT160.
Security firm FireEye has reportedly struck a massive blow against spam. The so called “Mega-D” or “Ozdok” spam botnet was effectively dismantled by these intrepid security researchers. After studying the beast, FireEye launched an attack by notifying ISPs, having command and control (CnC) domains removed, and then registering unused CnC domains.
Almost immediately, the spam ceased. No small feat, considering Ozdok was probably responsible for one third of the world’s spam. This takes the load off ISPs which were forced to filter the spam from this botnet. Individual users probably won’t notice much difference.
FireEye found that over 246,000 zombie machines were reporting to the CnC domains in their possession after the takedown. The security firm plans to work with ISPs to indentify the owners of the PCs so they may remove the malicious software.
It turns out our favorite browser might also be the most susceptible to security breaches. According to application security vendor Cenzic, Firefox leads the way in terms of total vulnerabilities, accounting for 44 percent of all browser vulnerabilities reported in the first half of 2009.
Coming in second is Apple's Safari browser, which accounted for 35 percent. And what about everyone's favorite whipping browser, Internet Explorer? A comparatively low 15 percent. The Opera faithful will be stoked to learn that their favorite browser was the least vulnerable of the bunch with just a 6 percent share.
As to why Firefox's numbers were so high, Cenzic said it was a combination of things.
"They've gotten more traction as a browser, which is good for them and the more you get used the more exposure you have. As well a fair amount of the vulnerabilities have come by way of plug-ins," noted Lars Ewe, CTO of Cenzic.
In other words, Firefox's biggest strength -- customization through plug-ins -- might also be its biggest weakness. However, it's important to note that just because the tweakable browser had the most vulnerabilities, it doesn't mean that Firefox users were more at risk. According to Ewe, Ceznic looked at all reported vulnerabilities and made no distinction between a zero day bug and less serious security holes.
After sitting in beta for six months, Panda today announced its Cloud Antivirus is now ready for prime time and is available as a free download for all consumers.
"Since the beta release of Panda Cloud Antivirus in April, we have been judiciously testing our cloud-based protection model, making upgrades in security and performance, and listening to our user community," said Juan Santana, CEO of Panda Security. "With Panda Cloud Antivirus 1.0, we've really changed the game, providing our users the most powerful and lightweight free protection available on the market today."
There's been a few improvements from when we first glimpsed the beta back in April, such as a polished interface, better performance thanks in large part to cache optimizations and memory management schemes, a Collective Intelligence Monitor which keeps a list of malware from the community updated in real time, and new support forums.
You can grab the free download here (and if you're a fan of the banjo, be sure to check out the video in that same link).
Apple told us jailbreaking wasn’t a good idea. Sure, we mocked them at the time, but it is looking a little less safe these days. The first iPhone worm has been discovered affecting iPhones in Australia. The virus takes advantage of a massive security hole in the SSH client for jailbroken phones. The “ikee” worm is fairly benign, simply changing the user’s wallpaper to a picture of Rick Astley of “Rickroll” fame.
As it turns out, the default password for the SSH client is ‘alpine’. The worm accesses the phone via this route, and then attempts to infect other phones on the network. The worm’s creator, a 21 year-old student, said in an interview, “The virus itself is not malicious and is not out to hurt people. It's just poking fun and hoping waking people up a little.”
Un-jailbroken phones, and jailbroken phones that don’t have SSH installed are not vulnerable. Jailbreakers should head to the Cydia store, and use the Mobile Terminal app to change their default password. With a zillion iPhones out there, it was only a matter of time.
As part of a restructuring effort, Blue Coat Systems said it plans to slash nearly 20 percent of its workforce. The firm will issue about 280 layoffs in all and close its facilities in Riga, Latvia, South Plainfield, New Jersey, and Zoelemeer, Netherlands.
At the same time, Blue Coat announced plans to acquire S7 Software, a services company out of Banglaore, for $5.25 million in cash. The acquisition will also add 65 employees to Blue Coat's workforce.
"The combination of the restructuring program and the acquisition of S7 Software strikes an appropriate balance between profitability and investment for innovation," said Gordon Brooks, senior vice president and chief financial officer. "Together these actions will allow us to invest for future growth while aligning the Company’s cost structure to its current revenue level, which should drive higher and more consistent levels of profitability."
In addition to the layoffs, Blue Coat will relocate an undisclosed number of engineering jobs from its Sunnyvale, California, and Austin, Texas offices to S7's offices in Bangalore and a few other locations. After factoring in S7's employees and a few new hires, Blue Coat's workforce reduction will be closer to 10 percent.