Back in December, I wrote about Cisco’s 2009 Security Threat Report and made the comment that application whitelisting was “the patch for the common user”. My point was a simple one: we cannot stop our people from accessing resources, and instead we should focus on stopping the real threat: the payload.
Yesterday, Stan Schroeder at Mashable wrote a great blog about the French and German governments strongly urging users to stop using Internet Explorer and to use other browsers like Safari and Firefox. The recommendation was made because of a similar vulnerability in Internet Explorer 6, 7, and 8 that allows malicious hackers to remotely execute arbitrary code.
I do not want to cause an international incident (especially with countries that I love to ski in), but I think the recommendation is shortsighted and purely based on the status quo mentality of reactive responses to the du jour threats. ( Read More… )
Most recent comment:
Doug Finley @ Naknan
Maybe the Europeans should take it one step further. If problems with IE is good cause for banning IE, then ...
Earlier today, CoreTrace announced a record breaking 2009. The results are further proof that CoreTrace’s award-winning BOUNCER technology continues to be one of the leading endpoint security solutions in the application whitelisting market.
Some of the highlights include:
- Eighth consecutive quarter of record growth.
- 500 percent revenue growth over 2008.
- GlobalSCAPE Inc. investment of $2.3 million. ( Read More… )
As we close the door on another year of protecting our networks from the never-ending security threats, I hope the information I’ve provided in this blog has been valuable in your ongoing efforts to make your enterprise more secure. December was a month with a number of articles focused on the larger trends in security in 2009. ( Read More… )
Zeus isn’t just the ruler of Mount Olympia, for now Zeus is also atop the botnet world.
As I mentioned in my previous blog, the Zeus family of malware is currently the number one botnet online. According to a recent article, “Zeus Trojan moving past anti-virus protections”, this particular type of malware, which targets bank-related information, has infected 3.6 million PC’s in the United States alone. What makes this malicious code so successful is its ability to bypass even the latest anti-virus software without even knowing it. ( Read More… )
According to Gartner’s Avivah Litan, even two-factor authentication systems can’t stop today’s cyber thieves. Over the past few months, banks around the world that rely on one-time-password authentication systems have been compromised by man-in-the-middle attacks, despite having two-factor security in place.
Thomas Claburn of InformationWeek writes in his article, “Strong Authentication Not Strong Enough,” that fraudsters are now using call forwarding to bypass security measures. ( Read More… )