beforeyoukillyourcomputer.com

The Pentagon and Lockheed Martin, the lead defense contractor for the new F-35 Joint Strike Fighter, suggested yesterday that cyber-attacks had not caused any serious security breaches in the Pentagon’s most expensive weapons program.

Still, defense and corporate officials said attacks on the Pentagon as well as the F-35 program are constant, and former defense officials familiar with the program said some of the F-35’s less sensitive systems have been infiltrated by cyber-intruders.

“We know we are probed on this every day. We have very aggressive defensive systems. The more sensitive the information, the greater the safeguards are,” said Pentagon spokesman Bryan Whitman. He said he was not aware of any sensitive F-35 technology having been compromised by a cyber-attack.

Full Story/Source

General Dynamics Information Technology put out an ad last month on behalf of the Homeland Security Department seeking someone who could “think like the bad guy.” Applicants, it said, must understand hackers’ tools and tactics and be able to analyze Internet traffic and identify vulnerabilities in the federal systems.

In the Pentagon’s budget request submitted last week, Defense Secretary Robert Gates said the Pentagon will increase the number of cyberexperts it can train each year from 80 to 250 by 2011.

With warnings that the U.S. is ill-prepared for a cyberattack, the White House conducted a 60-day study of how the government can better manage and use technology to protect everything from the electrical grid and stock markets to tax data, airline flight systems, and nuclear launch codes.

President Barack Obama appointed a former Bush administration aide, Melissa Hathaway, to head the effort, and her report was delivered Friday, the White House said.

While the country had detailed plans for floods, fires or errant planes drifting into protected airspace, there is no similar response etched out for a major computer attack.

David Powner, director of technology issues for the Government Accountability Office, told Congress last month that the U.S. has no recovery plan for a digital disaster.

“We’re clearly not as prepared as we should be,” he said.

Full Story/Source

Brocade® (Nasdaq:BRCD) today announced the Brocade IronView® Network Manager (INM) integration with Microsoft Forefront “Stirling.” This allows network operators to effectively track and perform configuration changes and software updates, identify and resolve network failures, and address network security breaches from a centralized location.

The Brocade INM tool acts as the Forefront “Stirling” gateway for Brocade switches, routers, and wireless LAN (WLAN) products. INM leverages the sFlow traffic monitoring capabilities embedded in Brocade IP networking solutions and combines advanced network management capabilities to expand the functionality of Forefront “Stirling” to Brocade IP devices. It further simplifies network protection, provisioning, diagnostics, and problem resolution to provide critical visibility across endpoints, messaging, collaboration servers, and Brocade IP products.

Key Benefits of Forefront “Stirling”

Forefront “Stirling” is an integrated security suite that delivers comprehensive protection across endpoints, application servers, and edge solutions with the following benefits:

* Comprehensive protection, integrating industry-leading detection technologies
* A single management console for configuring security policies and visibility across organizations
* Part of multi-layered defense that works with existing Microsoft infrastructure

Microsoft Forefront “Stirling” enables software, hardware, and services vendors to share and use security event information across the Forefront “Stirling” environment and through products developed by other members of the extensive partner ecosystem. As a result, partners can enhance the effectiveness of their security technologies and better protect customer IT environments.

Brocade INM Key Benefits with Microsoft Forefront “Stirling”

* Acts as the Forefront “Stirling” gateway for all Brocade IP devices, delivering added network layer security
* Communicates and analyzes security status with Microsoft Forefront “Stirling” products and management console, providing real-time network behavior visibility
* Simplifies Brocade IP networking and Microsoft Forefront “Stirling” network modifications from a centralized point to quickly adapt to changing business demands

“This integration enhances and simplifies the user experience for our customers,” said Ben Taft, senior director of strategic alliances for Brocade. “Through our strategic relationship with Microsoft, we’re empowering network operators with the tools needed to centrally secure broad networks while making it easier to manage and coordinate security across the IT Infrastructure.”

“Microsoft is pleased to work with Brocade to develop interoperability between Forefront ‘Stirling’ and INM in order to give our customers more comprehensive and responsive security across the enterprise,” said John Chirapurath, director in the identity and security business group at Microsoft Corp. “Microsoft is committed to collaborating with top industry vendors and providing solutions that help organizations more effectively achieve their business goals. We call this ‘business-ready security.’”

Source

Trend Micro’s bread-and-butter security package provides protection from both viruses and spyware. AntiVirus+AntiSpyware is designed for home users and comes with a 100% money-back guarantee. Trend Micro says their software is quick to install and easy to use; read on for our take.

PRODUCT OVERVIEW
Trend Micro AntiVirus+AntiSpyware provides no-frills protection for the home user. The software is advertised to block unwanted changes to your computer and prevent computers from becoming infected with viruses. AntiVirus+AntiSpyware provides real-time protection by scanning files that are transferred, downloaded, or attached to email. The software updates itself automatically.

Full Story/Source

The number, scale and sophistication of data breaches fueled by hackers last year is rekindling the debate over the efficacy of the credit card industry’s security standards for safeguarding customer data.

All merchants that handle credit and debit card data are required to show that they have met the payment card industry data security standards (PCI DSS), a set of technical and operational requirements designed to safeguard cardholder information from theft or unauthorized access.

Yet, some of the most notable data breach incidents last year targeted companies that had recently been certified as compliant with those standards, raising the question of whether the standards go far enough, or if entities that experienced a breach are falling out of compliance with the practices that led to their certification…

Verizon’s breach report, available here (PDF), describes another advanced technique used to steal card data, called “memory scraping,” which involves dumping sensitive data that is stored in a computer’s memory before or after it can be encrypted.

“Criminals have re-engineered their processes and developed new tools–such as memory-scraping malware–to steal this valuable commodity,” the report reads. “This has led to the successful execution of complex attack strategies previously thought to be only theoretically possible. As a result, our 2008 caseload is reflective of these trends and includes more targeted, cutting edge, complex, and clever cybercrime attacks than seen in previous years.”

Full Story/Source

One disturbing trend has been noted before: Organized criminal groups around the world are finding profit in phishing scams and “botnets” that surreptitiously take over PCs and steal credit card numbers or other personal information that can be used in various fraudulent schemes.

“We’ve seen the attackers evolve significantly, from amateurs and teenagers to dedicated groups that are much better directed and funded,” said Vincent Weafer, a Symantec vice president.

Those groups are adapting and exploiting new vulnerabilities as fast as the experts fix old ones, he added. While the security of operating systems and browsers is improving, Weafer said, hackers are turning their attention to weaknesses in applications or plug-ins, which are smaller programs that help deliver specific information or content on a Web site.

Hackers can exploit flaws in those programs to deliver malicious code or divert visitors to another server that is under the hackers’ control, he said.

“In the case of a popular, trusted site with high traffic, this can yield thousands of compromises from a single attack,” said the Symantec report. While the report did not cite any example of a major commercial site being compromised, it said Web sites operated by the United Nations and the British government were used last year to deliver malicious material to visitors without their knowledge.

Full Story/Source

Get rid of Malware with this free tool – but please note that it does not include real-time protection.

• Scan your PC for infections of Trojans, Viruses, Spyware, Adware, Worms, Bots, Keyloggers and Dialers.
• 2 Cleaning Scanners in 1: Anti-Virus + Anti-Spyware
• 4 million users world wide rely on a-squared to clean their PC from Malware.

* Not just any scanners, but a combination of two world class products – the a-squared Anti-Spyware, and the Ikarus Anti-Virus engine. Latest tests approve that both are cutting edge in Malware detection.
* No doubling of the scan duration as it would be the case with two separate scanning programs. Considerable performance improvement is possible thanks to the integration of the two engines on the lowest level.

Download a-squared Free 4.0.0.46.

CCleaner is a freeware system optimization and privacy tool. It removes unused files from your system – allowing Windows to run faster and freeing up valuable hard disk space. It also cleans traces of your online activities such as your Internet history. But the best part is that it’s fast (normally taking less than a second to run) and contains NO Spyware or Adware!

CCleaner 2.17.853 Changes:

- Added wiping of disk free space.
- Progress bar changed to go from 0 to 100%.
- Improved Apple Safari history cleaning.
- Improved speed of Uninstaller Tool.
- Interface string changes and fixes.
- Added Ukranian translation.
- Installer language tweaks.
- Minor architecture changes.
- Minor bug fixes.