Peaches

<h2 class="headline">Trend Micro Rolls Out New Endpoint Security Tools </h2> New solutions include Trend Micro OfficeScan Client-Server Suite and Trend Micro Endpoint Security Platform Apr 27, 2009 | 08:41 PM Cupertino, Calif. -- April 13, 2009 -- Independent research shows that two out of every three corporate endpoint devices are infected by malware each year.[1] Trend Micro's new endpoint security solutions are designed to help enterprises that are grappling with keeping their endpoints secure, as well as deployment and management issues associated with the quantit

27 April 2009, 10:48 Vulnerability patched in Symantec Brightmail Gateway Symantec has released an update for its Brightmail Gateway email security appliance to fix a cross-site scripting and privilege escalation vulnerability in the appliances web based Control Centre. Attackers could exploit the vulnerabilities from the internal network as the Control Centre failed to properly filter client input from authorised users of the Control Centre console. The update is available via the Software Update feature of Brightmail and is also available to registered users to download. See also: Syma

[b]Windows 7 gets virtual 'XP mode' Microsoft says beta of backward compatibility add-on available 'soon' By Gregg Keizer April 25, 2009 (Computerworld) Microsoft Corp. will unveil an add-on to Windows 7 that lets users run applications designed for Windows XP in a virtual machine, the company confirmed Friday -- the first time Microsoft has relied on virtualization to provide backward compatibility. Dubbed "Windows XP Mode," the add-on creates an XP virtual environment running under Virtual PC, Microsoft's client virtualization technology, within Windows 7, said Scott Woodgate, the director o

Microsoft names Windows 7 RC1 dates Two-week wave By Gavin Clarke in San Francisco Stable and completed code for Windows 7 will be released to early adopters during the coming week, with mass availability planned for the following Tuesday. The eagerly awaited Windows 7 Release Candidate 1 will be posted to members of Microsoft's Developer Network and TechNet for download on April 30. RC1 will be made generally available on May 5, Microsoft said late Friday. Microsoft confirmed the dates after the RC leaked to four torrent sites, causing excitement and frustration that Microsoft didn't appear

Sun says it's time for MySQL 5.4 Three months after 5.1 By Timothy Prickett Morgan 25th April 2009 00:10 GMT With all the noise about database and application software maker Oracle shelling out $5.6bn to acquire Sun Microsystems, the preview of the MySQL 5.4 relational database slipped through a lot of cracks when it was announced this week at the MySQL Conference & Expo in Santa Clara. Sun just announced MySQL 5.1 back in December 2008, so people were probably not expecting a new release so soon - and certainly not one called 5.4. No one ever said that IT vendors had to be consistent. T

Stealth Botnet Infects Nearly 2 Million Systems Siobhan Chapman, Computerworld UK Saturday, April 25, 2009 1:14 PM PDT One of the largest botnets ever to be discovered has infected 1.9 million computers around the world, including corporate and government machines, according to a security firm. Finjan's Malicious Code Research Center (MCRC) uncovered the huge botnet when researching command and control servers operated by cybercriminals. It is reportedly at least four times larger than botnets that have been discovered in the past, which have tended to include 200,000 to 500,000 computers. Bri

wonder if this joke was applied for real if it would work?? * Go to a secondhand store & buy a pair of men's used work boots - get a really big pair. * Put them outside your front door on top of a copy of "Guns & Ammo Magazine". [if you do not have this magazine, buy it] * Now put a dog dish beside the above - a really big dog dish. * Leave a note on your front door that says something like this ........ "Bubba, Big Mike and I have gone to get more ammunition - back in 1/2 hour. Don't disturb the pitbulls as they have just been de-wormed & neutered".

The Lone Ranger and Tonto are coma[ing in the desert, set up their tent, and are asleep. Some hours later, the Lone Ranger wakes his faithful friend ...... "Tonto - look up at the sky and tell me what you see?" Tonto replies: "Me see millions of stars". "What does that tell you? asks the Lone Ranger. Tonto ponders for a minues and replies: "Astronomically speaking, it trells me that there are millions of galaxies and potentially billions of planets. Astrologically, it tells me that Saturn is in Leo. Timewise, it appears top be approximately a quarter past 3. Theologically, it is evident t

AppRiver Introduces SaaS Security Portal Company integrates entire technology suite into a single unified interface; services include e-mail hosting, e-mail security, archiving, encryption, and Web protection Apr 23, 2009 | 01:36 PM GULF BREEZE, Fla. --(Business Wire)-- Apr 20, 2009 AppRiver, LLC, a leading provider of messaging and Web security services, today introduced a new security portal that offers customers comprehensive security solutions, which are located in one convenient, easy-to-use Software as a Service (SaaS) delivery platform. Customers may now simply log on to my.appriver.c

Conficker Variant Expected to Self-Destruct Soon Ellen Messmer, Network World -Secure, Trend Micro and SecureWorks are among those that believe Conficker.E -- first spotted just this April and probably created by the same attackers that since last fall let loose the Conficker.A through Conficker.C variants -- has been designed to simply self-detonate on May 5th. "It will simply self-destruct," says Mikko Hypponen, chief research officer at F-Secure, pointing out that researchers, who had been arguing over name for variants, agreed to skip past the name "Conficker.D" entirely to settle on the

25 April 2009, 16:24 Steer clear of JavaScript packers Paul Ducklin, Head of Technology for Sophos, a supplier of anti-virus software, says that developers of legitimate web applications should in future steer clear of tools for packing and encoding JavaScript. Ducklin is convinced that encrypting JavaScript code does more harm than good. He said in his presentation, "The Malware in the Rue Morgue", at the RSA Conference that commercial packers like Aevita's Advanced HTML Encrypt and Password Protect gave hardly any protection against the theft of source code and web developers who thought th

April 24, 2009 12:15 AM PDT Device identification in online banking is privacy threat, expert says by Elinor Mills SAN FRANCISCO--A widely used technology to authenticate users when they log in for online banking may help reduce fraud, but it does so at the expense of consumer privacy, a civil liberties attorney said during a panel at the RSA security conference on Thursday. When logging into bank Web sites, users are typically asked for their user name and password. But that's not all that is happening. Behind the scenes, the server is taking measures to identify the device bein

Conficker virus begins to attack PCs Fri Apr 24, 2009 5:32pm EDT By Jim Finkle BOSTON (Reuters) - A malicious software program known as Conficker that many feared would wreak havoc on April 1 is slowly being activated, weeks after being dismissed as a false alarm, security experts said. Conficker, also known as Downadup or Kido, is quietly turning thousands of personal computers into servers of e-mail spam and installing spyware, they said. The worm started spreading late last year, infecting millions of computers and turning them into "slaves" that respond to commands sent

Google Chrome update patches XSS vulnerability Mark Larson, the Google Chrome Project Manager, has posted an advisory on the Google Chrome Releases blog advising of a high risk vulnerability in the Chrome web browser. The cross-site scripting (XSS) vulnerability is caused by an error in handling URLs in the ChromeHTML URI handler, allowing an attacker to remotely execute code, violating the same origin policy. For an attack to be successful, a victim must first be convinced by an attacker to visit a specially crafted malicious HTML page with Internet Explorer, causing Chrome to launch, open m

Worm Solves Gmail's CAPTCHA, Creates Fake Accounts Jeremy Kirk, IDG News Service Friday, April 24, 2009 6:40 AM PDT A Vietnamese security company has detected what it believes is a new worm that thwarts Google's security protections in order to register new dummy Gmail accounts from which to send spam. Bach Koa Internetwork Security (BKIS) said the worm was discovered earlier this week in one of its honeypots, the term for a computer set up to catch samples of malicious software. BKIS has named the malware "W32.Gaptcha.Worm." Once a computer is infected with Gaptcha, the worm launches the Inte

23 April 2009, 11:22 [b]Trojan demands "Your money or your Windows!" Several anti-virus software suppliers are reporting a new kind of trojan that locks users out of their Windows PCs until they pay a ransom. Dr.Web says that "Trojan.Winlock", under the guise of a video codec, is so far only circulating in the Russian part of the world wide web. It gets into a computer via a download, then manipulates it so that on start-up the user is confronted with a (Russian) dialogue giving instructions for unlocking the machine. This involves sending a given numeric string to a highly priced premium SMS

IBM Unveils Offerings Aimed At Secure Cloud Computing New offerings include virtual appliance, malware scanning, and Web app firewall Apr 23, 2009 | 12:11 PM San Francisco, CA. April 21, 2009: Today, at the RSA Conference, IBM (NYSE: IBM) introduced new services, hardware and software aimed at improving the security of cloud computing environments, helping ensure the confidentiality of data and helping locking down applications from attack. The new security products and services arrive as recent studies from the IBM X-Force security research group revealed that criminal organizations around

Fedora update for firefox and xulrunner HIGHLY CRITICAL Fedora has issued an update for firefox and xulrunner. This fixes some weaknesses, security issues, and vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, conduct spoofing attacks, bypass certain security restrictions, conduct cross-site scripting and cross-site request forgery attacks, and potentially compromise a user's system. Secunia advisories - http://secunia.com/advisories/34894/

April 23, 2009 4:39 PM PDT Hacking online games a widespread problem by Daniel Terdiman SAN FRANCISCO--It will likely come as no surprise to anyone familiar with virtual worlds and online games that they can be hacked. But what might come as a shock is the sheer breadth of types of exploits that are possible. That was the broad message of a Thursday panel called, appropriately, "Exploiting Online Games" at the RSA 2009 security conference here. Moderated by Gary McGraw, CTO of software security consulting firm Cigital and an author of several books, the panel took the audience on a deep div

Windows 7 Offers Smarter Security For Road Warriors Microsoft's new operating system boasts flexible firewalls and other new safety features for those on the go. In a boon for mobile workers and the IT personnel who support them, Microsoft's new Windows 7 operating system includes technology designed to erect different lines of defenses depending on the type of network connection in place. and also claims expertise in streaming live video. For instance, Windows 7 will automatically implement "public" firewall settings for a sales rep who connects to the Internet through a hotel broadband se

23 April 2009, 11:28 Linux cache poisoning attacks easier than on Windows? An anonymous security expert on the Microsoft Subnet blog has published sample code for a cache poisoning attack on Linux. The work was based on Joanna Rutkowska's previously announced attack on Intel's System Management Mode, explained in detail in an Invisible Things Lab paper. The anonymous writer was surprised how easy the attack was and noted the exploit code was neither unusual or particularly complex. The aim of the attack is to obtain access to the usually well-secured are of memory used by the system managemen

Yes friends, it really works... it doesn't need a lot of effort, just follow the instruction given ...good luck, good health... I tried it, I liked it, you will too!! The older we get the more important it is to incorporate exercise into our daily routine. This is necessary to maintain cardiovascular health and maintain muscle mass. If you're over 40, you might want to take it easy at first, then do more repetitions as you become more proficient and build stamina. Warning: It may be too strenuous for some. Always consult your doctor before starting any exercise program! SCROLL DOWN.........

Turks hijack Kiwi MSN via DNS cracks A pie in the face of Microsoft (and everyone else) By Dan Goodin in San Francisco • RSA The New Zealand version of Microsoft's MSN website was briefly hijacked after attackers penetrated that country's prominent domain name registrar. Websites for Sony, BitDefender, and HSBC were also commandeered. The mass defacements came as security researchers gathered in San Francisco discussed vulnerabilities in the DNS, or domain name system, and BGP, or border gateway protocol. The two technologies form the core infrastructure for routing traffic over the internet,

Apr22 Fake Form W-8BEN Used in IRS Tax Scams by Maria Alarcon (Anti-spam Research Engineer) Scammers are on the hunt for those who were not able to file their tax statements yet. Knowing how busy people are these days, scammers have taken advantage of this and sent out scam mails that will lure their prey into giving them their personal information. They have even taken the initiative to provide their victims the very form that they have to fill out. These cybercriminals target non-resident aliens in the United States specially since they are the ones who are likely to file a “Certificate o

April 22, 2009 9:00 PM PDT Norton Online Family to leave beta, remain free by Seth Rosenblatt Back in February, Symantec debuted a new security program that sought to help parents talk to their kids about how they use the Internet. Norton Online Family has been a free beta since then, but this Monday at midnight, the program will leave beta and remain free at least until the end of 2009. This parental control suite provides parents with an interesting and possibly unique approach to online child safety. Norton Online Family does provide a blacklist, boilerplate for most parental control sof