Print

Welcome to Smokey's Security Forums.

Guests have only limited access to the board and it's features, please consider registering to gain full access!

Registration is free and it only takes a few moments to complete.

Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

[rv56]

Yuuguu adds Skype to conferencing app
22 May 2009, 6:00 pm

Web conferencing newcomer Yuuguu has added Skype integration to a roster of features that already lists instant messaging (IM) integration and screen sharing.

Source: Network World on Security

[rv56]

Phishing using scary bait
22 May 2009, 6:00 pm

Job offers in phishing e-mail are designed to trick users into revealing confidential personally identifiable information (PII); they may also be hoping to fool victims into sending criminals some money.

Source: Network World on Security

[rv56]

X86 virutalization not ready for regulated, mission-critical apps, IBM security expert says
21 May 2009, 6:00 pm

X86 virtualization is not ready for highly regulated, mission-critical applications, IBM security expert Joshua Corman argued at Interop Las Vegas this week.

Source: Network World on Security

[rv56]

Twitter hit with phishing attacks
21 May 2009, 6:00 pm

Twitter users who thought friends were directing them to a "funny blog" Thursday ended up experiencing something completely different: a phishing scam.

Source: Network World on Security

[rv56]

Wedded bliss: NAC and identity management
21 May 2009, 11:00 am

Network access control is one of those technology categories that has a lot of promise but not a lot of users, despite the fact that solutions have been available for years. There are so many challenges to deploying a NAC solution, including cost, network security and infrastructure. A couple of veteran Cisco engineers set out to address those challenges and came up with a standards-based solution that combines NAC with identity management.

Source: Network World on Security

[rv56]

Security experts: No Java fix in OS X leaves Macs vulnerable
21 May 2009, 6:00 pm

Last week's sizable Mac OS X 10.5.7 update, which included 20 bug fixes as well as a number of security updates, failed to fix a critical Java flaw security experts have warned.

Source: Network World on Security

[rv56]

iPhones in the enterprise leaving IT pros at wit's end
21 May 2009, 6:00 pm

LAS VEGAS--Executives smitten with iPhones are forcing enterprise IT departments to come up with ways to support the mobile devices even though big security and management questions abound.

IT pros peppered panelists at a standing-room only Interop session titled “The iPhone and the Enterprise: Is this the Future of IT?” with such questions and left without many answers.

One healthcare IT pro said supporting iPhones would be a nightmare given industry data protection regulations and the ability of end users to relatively easily “jailbreak” their iPhones. Another IT pro pointed out that supporting a bunch of native apps on iPhones would seem to run counter to other IT trends, such as the move toward desktop virtualization and centralized applications control.

Panelist J.T. Starzecki, president of application development and consulting company iPhone Zen Masters, acknowledged that IT pros are left with the “dilemma of how to fit iPhones into their current infrastructure” in light of executives adopting iPhones for personal use and then calling on IT to support them in the business.

“iPhone 2.0 made some leaps toward enterprise adoption [with support for Exchange ActiveSync, etc, but it’s not where it should be,” he said.

One big challenge in supporting iPhones is that it’s hard to find an organization that wouldn’t also have a handful of other mobile device types to support, said Adam Blum, CEO of Rhomobile, which makes a framework for building native mobile device apps that can work across platforms. Supporting multiple platforms would only add to an IT department’s workload, he said. “We’ll always have heterogeneity,” he said.

While IT shops might not be happy about losing control over end devices stuffed with applications, Blum said there’s not much they can do about the shift. He noted that some applications, such as GPS and cameras, must be on the end device. He pointed to the emergence of applications on iPhones and other smartphones in the enterprise as part of the seemingly never-ending back and forth nature of centralized and decentralized computing.

While some IT shops might being feeling forced to support iPhones because of top execs’ desires, others might be the supporters themselves. In these cases, the panelists recommended selling higher ups on iPhone support by showing first how it could benefit customers. “The wedge is ‘We want to support our customers,’” Starzecki said.

The panelists pointed to some high profile iPhone business apps, such as AAA enabling customers to report their location via the iPhone and Nationwide allowing insurance clients with iPhones to send in claims data, including accident photos.

Among inhibitors to iPhones taking off in the enterprise is the lack of a good iTunes-like distribution channel for enterprise apps, Blum said. He said enterprise app developers can’t abide by a system that wouldn’t allow them to have more control over when their offerings become available. “This is an area that’s ripe for innovation,” he said.

Source: Network World on Security

[rv56]

Investigators replicate Nokia 1100 online banking hack
21 May 2009, 6:00 pm

An old candy-bar style Nokia 1100 mobile phone has been used to break into someone's online bank account, affirming why criminals are willing to paying thousands of euros for the device.

Source: Network World on Security

[rv56]

'Security Metrics' and risk-assessment guides out this week
21 May 2009, 6:00 pm

The Center for Internet Security and the Open Group's security division have each published comprehensive risk-management guides, the first defining a basis for security metrics and the second a high-level view on the pros and cons of risk-assessment approaches.

Source: Network World on Security

[rv56]

DNS attack downs Internet in parts of China
21 May 2009, 6:00 pm

An attack on the servers of a domain registrar in China caused an online video application to cripple Internet access in parts of the country late on Wednesday.

Source: Network World on Security

[rv56]

Microsoft sets July kill date for Office 2000
21 May 2009, 6:00 pm

Microsoft is reminding Office 2000 users that it will discontinue security updates for the aged suite in less than two months when it drops all support for the software.

Source: Network World on Security

[rv56]

Conficker still infecting 50,000 PCs per day
21 May 2009, 6:00 pm

The Conficker worm is still infecting systems at a brisk rate and continues to snag computers in Fortune 1000 companies, according to security researchers.

Source: Network World on Security

[rv56]

Facing criticism, Adobe rethinks PDF security
20 May 2009, 6:00 pm

Blasted in February for being slow to fix a zero-day vulnerability in its popular PDF viewer, Adobe today pledged to root out bugs in older code, speed up the patching process and release regular security updates for Adobe Reader and Acrobat.

Source: Network World on Security

[rv56]

Adobe snaps to attention over security vulnerabilities
20 May 2009, 6:00 pm

Adobe Systems, whose applications have been hit hard by hackers, is combing through legacy code for bugs in its products and plans a regular quarterly patch release, according to a top security official.

Source: Network World on Security

[rv56]

Angered by Apple delay, hacker posts Mac Java attack
20 May 2009, 6:00 pm

In an effort to draw attention to an long-standing security problem in Apple's Mac OS X operating system, a security researcher has posted attack code that exploits the flaw.

Source: Network World on Security