Showing posts sorted by relevance for query security system. Sort by date Show all posts
Showing posts sorted by relevance for query security system. Sort by date Show all posts

WinMend System Doctor

Posted by Avik Sarkar On 4/24/2011 02:08:00 pm


Protect your system from the threats of spyware, adware, Trojans and viruses
With its innovative, intelligent detection engine, WinMend System Doctor can effectively detect and fix securityvulnerabilities in the system, fix software vulnerabilities in third-partyapplications, and prevent the running of malicious startup programs, Trojans, BHOs, processes and system services to significantly improve system security.
It also provides an “Expert”-level system scan option that can scan potentialsecurity threats in the system and protect the system from the threats of spyware, adware, Trojans and virusesand eliminate security risks.
Here are some key features of “WinMend System Doctor”:
· Intelligent Scan Engine WinMend System Doctor is integrated with a brand-new scan engine that can intelligently detect system vulnerabilities in Windows, software vulnerabilities in third-partyapplications and problems corresponding security settings, and it can help users fix problems found. It simplifies user operation, and helps you solve security risks more promptly and efficiently.
· Unique System Security Rating System WinMend System Doctor can rate the security of your operating system for you to see the security status of the system more visually.
· Comprehensive and Detailed Security Report WinMend System Doctor can generate comprehensive security reports that elaborate all details about each single security vulnerability and potential security threat in your system, so you can understand the security problems in the system and how to fix them with improved clarity.
· Expert-Level System Scan An “Expert”-level system scan is offered by WinMend System Doctor. It scans potential security threats in the system, such as in shared resources, user privilege management, remote control, etc., that could be easily used by malicious programs (or hackers), and can guide you through the steps to fix vulnerabilities and eliminate security risks in the system.
Requirements:
· 800mhz CPU
· 256MB RAM
· 12 MB of free hard disk space
Limitations:
· Can fix 5 windows system vulnerabilities in total
changelog
· Add Hungarian language pack.
· Improve Support for Windows Vista.
Click Here to Download WinMend System Doctor 1.5.7

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Microsoft Patches Serious 34 Vulnerabilities

Posted by Avik Sarkar On 6/15/2011 10:00:00 pm



In today's Patch Tuesday, Microsoft released 16 bulletins addressing 34 vulnerabilities in Microsoft Windows, Microsoft Office, Internet Explorer, .NET, SQL, Visual Studio, Silverlight, VML and ISA. Nine of the bulletins are rated Critical, with seven rated as Important. Wolfgang Kandek, Qualys CTO, comments: "The only bulletin with a known expoit in the wild is MS11-046, a local privilege escalation flaw in the "afd.sys" driver. IT admins can check with their end-point security providers for coverage, but should include this bulletin high on their to-do lists in any case, as it is only a matter of time until we see more attackers use malware taking advantage of this exploit to gain control of your workstations."

Here are the bulletins:-

Vulnerability in OLE Automation 
This security update resolves a privately reported vulnerability in Microsoft Windows Object Linking and Embedding (OLE) Automation. The vulnerability could allow remote code execution if a user visits a Web site containing a specially crafted Windows Metafile (WMF) image. In all cases, however, an attacker would have no way to force users to visit such a Web site. Instead, an attacker would have to convince users to visit a malicious Web site, typically by getting them to click a link in an e-mail message or Instant Messenger request.

Vulnerability in .NET Framework and Microsoft Silverlight
This security update resolves a privately reported vulnerability in Microsoft .NET Framework and Microsoft Silverlight. The vulnerability could allow remote code execution on a client system if a user views a specially crafted Web page using a Web browser that can run XAML Browser Applications (XBAPs) or Silverlight applications. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. The vulnerability could also allow remote code execution on a server system running IIS, if that server allows processing ASP.NET pages and an attacker succeeds in uploading a specially crafted ASP.NET page to that server and then executes the page, as could be the case in a Web hosting scenario. This vulnerability could also be used by Windows .NET applications to bypass Code Access Security (CAS) restrictions.

Vulnerability in Threat Management Gateway Firewall Client 
This security update resolves a privately reported vulnerability in the Microsoft Forefront Threat Management Gateway (TMG) 2010 Client, formerly named the Microsoft Forefront Threat Management Gateway Firewall Client. The vulnerability could allow remote code execution if an attacker leveraged a client computer to make specific requests on a system where the TMG firewall client is used.

Vulnerability in Windows Kernel-Mode Drivers
This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user visits a network share (or visits a web site that points to a network share) containing a specially crafted OpenType font (OTF). In all cases, however, an attacker would have no way to force a user to visit such a web site or network share. Instead, an attacker would have to convince a user to visit the web site or network share, typically by getting them to click a link in an e-mail message or Instant Messenger message.

Vulnerabilities in Distributed File System
This security update resolves two privately reported vulnerabilities in the Microsoft Distributed File System (DFS). The more severe of these vulnerabilities could allow remote code execution when an attacker sends a specially crafted DFS response to a client-initiated DFS request. An attacker who successfully exploited this vulnerability could execute arbitrary code and take complete control of an affected system. Firewall best practices and standard default firewall configurations can help protect networks from attacks that originate outside the enterprise perimeter. Best practices recommend that systems that are connected to the Internet have a minimal number of ports exposed.

Vulnerability in SMB Client
This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if an attacker sent a specially crafted SMB response to a client-initiated SMB request. To exploit the vulnerability, an attacker must convince the user to initiate an SMB connection to a specially crafted SMB server.

Vulnerability in .NET Framework
This security update resolves a publicly disclosed vulnerability in Microsoft .NET Framework. The vulnerability could allow remote code execution on a client system if a user views a specially crafted Web page using a Web browser that can run XAML Browser Applications (XBAPs). Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. The vulnerability could also allow remote code execution on a server system running IIS, if that server allows processing ASP.NET pages and an attacker succeeds in uploading a specially crafted ASP.NET page to that server and then executes the page, as could be the case in a Web hosting scenario. This vulnerability could also be used by Windows .NET applications to bypass Code Access Security (CAS) restrictions.

Cumulative Security Update for Internet Explorer
This security update resolves eleven privately reported vulnerabilities in Internet Explorer. The most severe vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Vulnerability in Vector Markup Language
This security update resolves a privately reported vulnerability in the Microsoft implementation of Vector Markup Language (VML). This security update is rated Critical for Internet Explorer 6, Internet Explorer 7, and Internet Explorer 8 on Windows clients; and Moderate for Internet Explorer 6, Internet Explorer 7, and Internet Explorer 8 on Windows servers. Internet Explorer 9 is not affected by the vulnerability.

The vulnerability could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Vulnerability in MHTML
This security update resolves a publicly disclosed vulnerability in the MHTML protocol handler in Microsoft Windows. The vulnerability could allow information disclosure if a user opens a specially crafted URL from an attacker's Web site. An attacker would have to convince the user to visit the Web site, typically by getting them to follow a link in an e-mail message or Instant Messenger message.

Vulnerabilities in Microsoft Excel
This security update resolves eight privately reported vulnerabilities in Microsoft Office. The vulnerabilities could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the logged-on user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. Installing and configuring Office File Validation (OFV) to prevent the opening of suspicious files blocks the attack vectors for exploiting the vulnerabilities described in CVE-2011-1272, CVE-2011-1273, and CVE-2011-1279. Microsoft Excel 2010 is only affected by CVE-2011-1273 described in this bulletin. The automated Microsoft Fix it solution, "Disable Edit in Protected View for Excel 2010," available in Microsoft Knowledge Base Article 2501584, blocks the attack vectors for exploiting CVE-2011-1273.

Vulnerability in Ancillary Function Driver
This security update resolves a publicly disclosed vulnerability in the Microsoft Windows Ancillary Function Driver (AFD). The vulnerability could allow elevation of privilege if an attacker logs on to a user's system and runs a specially crafted application. An attacker must have valid logon credentials and be able to log on locally to exploit the vulnerability.

Vulnerability in Hyper-V Could
This security update resolves a privately reported vulnerability in Windows Server 2008 Hyper-V and Windows Server 2008 R2 Hyper-V. The vulnerability could allow denial of service if a specially crafted packet is sent to the VMBus by an authenticated user in one of the guest virtual machines hosted by the Hyper-V server. An attacker must have valid logon credentials and be able to send specially crafted content from a guest virtual machine to exploit this vulnerability. The vulnerability could not be exploited remotely or by anonymous users.

Vulnerability in SMB Server
This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow denial of service if an attacker created a specially crafted SMB packet and sent the packet to an affected system. Firewall best practices and standard default firewall configurations can help protect networks from attacks originating outside the enterprise perimeter that would attempt to exploit this vulnerability.

Vulnerability in the Microsoft XML Editor
This security update resolves a privately reported vulnerability in Microsoft XML Editor. The vulnerability could allow information disclosure if a user opened a specially crafted Web Service Discovery (.disco) file with one of the affected software listed in this bulletin. Note that this vulnerability would not allow an attacker to execute code or to elevate their user rights directly, but it could be used to produce information that could be used to try to further compromise the affected system.

Vulnerability in Active Directory Certificate Services Web Enrollment
This security update resolves a privately reported vulnerability in Active Directory Certificate Services Web Enrollment. The vulnerability is a cross-site scripting (XSS) vulnerability that could allow elevation of privilege, enabling an attacker to execute arbitrary commands on the site in the context of the target user. An attacker who successfully exploited this vulnerability would need to send a specially crafted link and convince a user to click the link. In all cases, however, an attacker would have no way to force a user to visit the Web site. Instead, an attacker would have to persuade a user to visit the Web site, typically by getting them to click a link in an e-mail message or Instant Messenger message that takes the user to the vulnerable Web site.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Kaspersky Releases Linux Mail Security With Anti-malware, Anti-spam & Content Filtering

Posted by Avik Sarkar On 9/09/2012 12:59:00 am

Kaspersky Releases Linux Mail Security With Anti-malware, Anti-spam & Content Filtering 

Russian anti virus firm & security giant  Kaspersky Lab has released an anti-spam and anti-malware application called Linux Mail Security which can be integrated into different type of Linux-based mail server to fight spam and block malicious attachments. The latest spam-fighting features – including Reputation Filtering and Enforced Anti-Spam Updates Service  help to filter out zero-hour spam, while our new ZetaShield technology helps to shield businesses from zero-day and targeted attacks. Designed for integration with a range of Linux-based mail systems, Kaspersky Linux Mail Security delivers the security, flexibility and ease of management that businesses and ISPs demand. 

Key Features:- 
  • Advanced antivirus engine- Kaspersky Linux Mail Security includes the latest version of Kaspersky Lab’s award-winning antivirus engine – with behaviour stream signatures – to help detect and remove malicious attachments from incoming emails.

  • Zero-Day Exploit and Targeted Attack (ZETA) Shield- Kaspersky’s ZetaShield offers protection against unknown malware and exploits – to defend you from zero-day and zero-hour attacks and APTs (Advanced Persistent Threats).

Powerful Anti-Spam Engine- Kaspersky Linux Mail Security provides the latest version of Kaspersky’s anti-spam engine – including two powerful new technologies:
  • Enforced Anti-Spam Updates Service – uses push technology, directly from the Kaspersky cloud, to deliver real-time updates. By reducing the ‘update window’ from 20 minutes to approximately 1 minute, the Enforced Anti-Spam Updates Service helps to defend businesses against zero-hour spam and spam epidemics.
  • Cloud-assisted Reputation Filtering – fights against unknown spam, to enhance the spam capture rate and reduce the number of false positives.

Kaspersky Security Network -The cloud-based Kaspersky Security Network (KSN) gathers data from millions of participating users’ systems around the world to help defend your system from the very latest viruses and malware attacks. Potential threats are monitored and analysed – in real-time – to help block dangerous actions, before harm is caused.
Attachment filtering- The new Format Recogniser feature can filter attachments – using information about file type, name and message size. This helps businesses to enforce their email usage policy and can help to address corporate liability issues that can arise when users try to distribute illegal music or video files via the corporate email system.
Improved!Global Blacklists and Whitelists- In addition to creating corporate blacklists or whitelists, administrators can manage ‘allowed’ or ‘denied’ senders email – using IPv4 and IPv6, wildcards and regular expressions.
Personal Blacklists and Whitelists- Users also can create their own blacklists and whitelists.
Backup and personal backup with flexible search -Blocked email is quarantined in a backup system. If the system uses Microsoft Active Directory or OpenLDAP, individual users can access their personal backup via the web so they’re less likely to need to call your helpdesk.
Integration with most popular MTAs (Postfix, Sendmail, Exim, qmail and CommunigatePro)- Kaspersky Linux Mail Security lets you select the method of integration, depending on your choice of Mail Transfer Agent (MTA) – so you can integrate as a filter or using a Milter API.
Antivirus command line file scanner- The Kaspersky Anti-Virus On-Demand Scanner can be used for on-demand virus checking of objects – which can include directories, regular files and devices such as hard drives, flash drives and DVD-ROMs.
Amavisd-new- Kaspersky Linux Mail Security supports integration with Linux mail systems using the high-performance AMaViS interface.
Monitoring and Reporting features- 

  • SNMP (Simple Network Management Protocol) support – any type of event can be monitored using SNMP events and traps
  • A new dashboard gives an at-a-glance view of status and monitoring
  • Detailed, flexible reporting in PDF format – for customisable reports that help in the monitoring and analysis of security and policies
  • Notification system – informs administrators and document owners about policy violation incidents
  • Detailed logs – on all product actions, to help in identifying problems

Easy to deploy, maintain and manage- 

  • System administrators can run manual updates or set the rules for fully automatic updates of antivirus, anti-spam and ZetaShield
  • Integration with Active Directory and OpenLDAP
  • Rich email traffic management rules – administrators can create rules according to corporate security policies
  • IPv6 support
  • Scalable architecture – the entire system can be easily migrated from a test server to a production environment
Kaspersky Linux Mail Security will support the following Linux distributions - Red Hat Enterprise Linux 6.2 Server, Fedora 16, SUSE Linux Enterprise Server 11 SP2, Debian GNU/Linux 6.0.4 Squeeze, CentOS 6.2, openSUSE Linux 12.1, Ubuntu 10.04 LTS; 12.04 LTS, Mandriva Enterprise Server 5.2, FreeBSD 8.3, 9.0, Canaima 3.0, Asianux 4 SP1. 


For Detailed Information Click Here



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Oracle to Mitigate 73 Security Vulnerabilities in Upcoming Critical Patch Update

Posted by Avik Sarkar On 4/28/2011 10:18:00 pm


Oracle is all set for the upcoming critical patch update. The pre-release announcement by the company indicates that in all 73 vulnerabilities associated with numerous products will be mitigated during the next critical patch update. The update will mitigate security vulnerabilities associated with Oracle database server, fusion middleware, enterprise manager, e-business suite, supply chain products, PeopleSoft, JD Edwards suite, Siebel CRM, industry applications, Sun products and Open office suite.

The company releases quarterly critical patch updates on Tuesday closest to 17th day of January, April, July and October. The company uses Common Vulnerability Scoring System (CVSS) version 2.0 to rate vulnerabilities. The vulnerabilities are assigned scores based on the prerequisites for exploiting the vulnerability, ease of exploit, and impact of the attack on availability, confidentiality and integrity. Base scores range from 0.0 to 10.0 with ten being the most severe vulnerability.

Vulnerabilities may be caused by technological flaws, programming errors, and other human errors. Developers are required constantly upgrade their technical skills through online IT degree courses, training programs and refresher courses to deal with ever evolving threats.

The critical patch update will address six vulnerabilities in database server. The vulnerabilities affect components such as application service level management, database vault, Oracle help, security service, warehouse builder, UIX and network foundation. Two of the six vulnerabilities do not require authentication for exploitation of vulnerabilities. Highest base score for security flaws affecting database server is 6.5. The update will mitigate 9 flaws associated with fusion middleware, 6 of which are exploitable without authentication.

The vulnerabilities affect Oracle help, HTTP server, JRockit, outside In technology, security service, WebLogic server, portal and single sign on. Oracle has assigned highest severity score of 10 for vulnerabilities affecting fusion middleware. 4 vulnerabilities will be fixed in Oracle applications, 2 of which are exploitable without authentication. The vulnerabilities have been assigned a base score of 4.3 and affect application object library, applications install, and web ADI. The update will resolve a flaw in Supply chain products suite, which is exploitable without authentication. Highest base score for vulnerability in supply chain products suite is 4.3 and affects Agile technology program.

14 security flaws have related to PeopleSoft Suite will be fixed in the upcoming critical patch, 1 of which is exploitable without authentication. Highest base score for security flaws associated with PeopleSoft suite is 4.3 and affects PeopleSoft Enterprise, Enterprise CRM, ELS, HRMS and People tools. The critical patch update will resolve 8 issues associated with JD Edwards suite, 7 of which are exploitable without authentication. Highest base score for vulnerabilities in JD Edwards suite is 6.4 and affects EnterpriseOne tools.

The update will address a vulnerability associated with industry applications, which affects InForm. Highest base score for vulnerability in industry applications is 5.5. 8 security flaws will be mitigated in Sun products suite, seven of which are exploitable without authentication. Oracle has assigned highest severity score of 10 for security flaws affecting Sun products suite. The components affected include Java Dynamic Management Kit, Java system web server, Solaris, OpenSSO Enterprise, GlassFish Enterprise server, java system application server, java system access manager policy agent, and java system messaging server.

The upcoming critical patch update will fix 8 security issues related to Open Office suite, of which 7 are exploitable without authentication. Highest base score for security flaws in Open Office suite is 9.3. Open Office, StarOffice and StarSuite are affected by the vulnerabilities.

Vulnerabilities are identified by professionals qualified in IT degree programs and security certifications such as penetration testing. Developers encourage both in-house and independent security researchers to detect and report security flaws so that they can be mitigated before exploitation by attackers.

Online IT courses, e-tutorials, security blogs and alerts from computer emergency response teams could help users in gaining insights on security threats, their implications and importance of security updates. Users must keep track of the security releases and install necessary updates to safeguard their systems and data from unauthorized access. 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

'Indian OS' DRDO Introducing It's Own Operating System to Harden Cyber Security

Posted by Avik Sarkar On 12/25/2012 02:12:00 am

'Indian OS' DRDO Introducing It's Own Operating System to Harden Cyber Security 

On the 3rd Worldwide Cyber security Summit, Telecom and IT Minister of India, Kapil Sibal said the Indian Government will invest $200 million in coming 4 years. This high tech plan of Indian govt in now getting executed, as Defence Research and Development Organisation (DRDO) along-with other premier institutes is developing India's own operating system (OS), which is likely to be ready in next three years. One of the key purpose of developing this operating system named "Indian OS" to enhance cyber security and strengthen the cyber and digital fence of India. In September the Prime Minister of India Dr. Manmohan Singh  said the government is working on a robust cyber security structure, and this project of introducing the own and secure OS can be calculated as one of the very major part of that very robust cyber security system. 
Speaking to newsmen on sidelines of NAVCOM-2012', two-day international conference on Navigation and Communication that began here, Saraswat, Scientific Adviser to Defence Minister, said, "We have already started a major programme and are one-and-half-years into that programme. It (Indian OS) is a major effort requiring large number of software engineers working together." In his speech the Director-General of DRDO said "One of the major elements of cyber security is having our own operating system because today we are dependent on all OS systems which are imported whether it is based on Windows, Linux which is likely to be having malicious worms/things and hence it is essential that we have our own OS" 
He also said that 150 engineers were working across the country on creating Indian OS, and added it will take at least three more years for getting the Indian OS ready.

So, till that time being, we have to keep patience and wait. We the Team VOGH congratulates DRDO for making such a fruitful Operating System (Indian OS). We strongly believe that day by day the cyber fence of India will be safer and secure. Along with this, the Indian OS will definitely strengthen the nation's cyber security. 


 -Source (TOI)




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Apple’s Based Networks are More Vulnerable to Attack than Windows (BH 2011)

Posted by Avik Sarkar On 8/05/2011 10:01:00 pm


For many years, Apple enjoyed security through obscurity. The market share for Mac computers was so small that malware creators bypassed it to go after the much bigger target, Microsoft Windows. Not anymore.
Apple’s market share has been slowly rising and the popularity of the iPhone has put Apple’s products into the spotlight. Hackers are taking notice and they’re figuring out that Apple’s computers have security vulnerabilities, some of them more severe than Windows machines, according to a talk by the iSEC Partners security consulting team at the Black Hat security conference today.
Alex Stamos (pictured), Paul Youn, and B.J. Orvis of iSEC Partners said in their talk that it is possible for hackers to penetrate a network of Apple Mac computers and lurk undetected while gathering data. They concluded that there were so many vulnerabilities on the networking level that Mac machines could be considered more vulnerable than Windows machines.
Apple has not yet responded to a request for comment. At Black Hat, there will also be talks about the vulnerabilities of other operating systems, including Windows. In years past, security researchers have blamed Microsoft for producing vulnerable Windows code. And immediately following the Apple talk, security researchers had another talk about hacking Google’s Chrome operating system.
“This is all changing,” Stamos said. “If [recent hacking events] tell us anything, it’s that any computer is vulnerable to attack.”
The iSEC team said they looked at attacks on the Mac and its latest operating system, code-named Lion, or OS X version 10.7, from the perspective of Advanced Persistent Threats, or long-term security break-ins on networks of computers. They showed examples of the vulnerabilities and detailed proof that they had hacked into the operating system.
The category of Advanced Persistent Threats is a hot one because Google discovered that, under Operation Aurora, dozens of companies were compromised over a long period of time. And McAfee reported today that a similar attacked, dubbed Operation Shady RAT, compromised a total of 72 governments and corporations over a five-year period.
A network of Mac computers can be compromised in the usual way, iSEC’s Stamos said. A single user can be tricked out of giving up a username and password through social engineering or targeted “phishing attacks,” or attacks that use a believable ruse to get you to enter your username and password, which is then captured and compromised by the hackers.
Once inside the network, Stamos said that it is easy for the attacker to escalate the privileges he or she has on the network. That is where Apple’s operating system falls down in comparison to Windows. ”Once you have access, you can compromise the networking,” Orvis said. “Network privilege escalation is where it really gets bad on the Mac.”
The security researchers said that Apple has made improvements to security in version 10.7 of OS X, such as putting applications in a “sandbox,” or isolating them so that they can run (or crash) without taking down the rest of the operating system. Still, the researchers said they had figured out a couple of different ways to compromise the security of Macs through a test program dubbed Bonjoof. They said that it’s possible to lurk on a network and cover your tracks so that intelligence can be gathered on a network over time.
“All of Apple’s major authentication protocols suffer” from some kind of weakness, Orvis said.
There are ways to deal with the vulnerabilities, but company security professionals have to know how to use security forensics technology, which can take a long time. In the meantime, attackers can detect the forensics tools and react to their usage in an attempt to hide. The security researchers said they did talk with Apple about the vulnerabilities they found and communicated a number of ideas about how to improve the security of Apple’s computers.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Key Role of McAfee In Largest IT Security System Deployment Extended By U.S. Department of Defense

Posted by Avik Sarkar On 3/10/2012 06:08:00 pm

The Key Role of McAfee In Largest IT Security System Deployment Extended By U.S. Department of Defense 

U.S. Department of Defense officially extends the key role of McAfee in largest IT security system deployment. McAfee announced that it will serve as the primary subcontractor to Northrop Grumman Information Systems (NGIS), the prime integration contractor, for the Host Based Security System (HBSS) program. The Defense Information Systems Agency (DISA) awarded Northrop Grumman a $189 million HBSS task order, which has a three-year base period with two one-year options.
HBSS is a flexible, commercial-off-the-shelf (COTS)-based program that monitors, detects, and counters against known cyber-threats to the DoD Enterprise in accordance with the Enterprise-wide Information Assurance and Computer Network Defense Solutions Steering Group. DISA serves as the lead organization providing program oversight for DoD for the HBSS solution. "DISA and McAfee have built a HBSS partnership that has resulted in vastly improved protection and situational awareness across the large and complex DoD global IT enterprise." said Ken Kartsen, vice president, Federal Sales, Public Sector, McAfee. "With the HBSS security framework, DoD can quickly deploy new protection capabilities for its host inventory of servers, desktops and notebooks. The highly scalable and open framework behind HBSS, McAfee ePolicy Orchestrator platform, is especially necessary in today's environment of rapidly escalating cyber threats and declining DoD budgets. We are honored and humbled by the continued trust that DISA has placed in us and will continue to innovate and drive the capabilities of this highly important system."
Under the terms of the agreement, the Northrop Grumman/McAfee team will continue to enhance the operational capability of the HBSS solution through McAfee advanced enterprise host technologies, solution training of DoD personnel, and McAfee Global Professional Services. HBSS is currently supported by the ePolicy Orchestrator(R) platform and by McAfee(R) Host Intrusion Prevention Systems (HIPS). Cyber training for HBSS will continue to be a key initiative under the new HBSS agreement with DISA. Continued Kartsen, "HBSS is the most extensive cybersecurity training program ever undertaken in the history of DoD."  For detailed information click here. 

-Source (McAfee)




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Adobe Released Security Bulletin to Patch Multiple Vulnerable Products

Posted by Avik Sarkar On 8/12/2011 03:26:00 am

Adobe released a security bulletin to patch their multiple vulnerable products. Here are the list with detail information of those products.
  • APSB11-19 – Security update available for Adobe Shockwave Player (Critical)
  • APSB11-20 – Security update available for Adobe Flash Media Server (Critical)
  • APSB11-21 – Security update available for Adobe Flash Player (Critical)
  • APSB11-22 – Security update available for Adobe Photoshop CS5 (Critical)
  • APSB11-23 – Security updates available for RoboHelp (Important)
Security update available for Adobe Shockwave Player:-
 
Critical vulnerabilities have been identified in Adobe Shockwave Player 11.6.0.626 and earlier versions on the Windows and Macintosh operating systems. These vulnerabilities could allow an attacker, who successfully exploits these vulnerabilities, to run malicious code on the affected system.
Adobe recommends users of Adobe Shockwave Player 11.6.0.626 and earlier versions update to Adobe Shockwave Player 11.6.1.629.

Security update available for Adobe Flash Media Server :-

A critical vulnerability has been identified in Adobe Flash Media Server (FMS) 4.0.2 and earlier versions, and Adobe Flash Media Server (FMS) 3.5.6 and earlier versions for Windows and Linux.
This vulnerability could allow an attacker, who successfully exploits the vulnerability, to cause a denial of service on the affected system. Adobe has provided an update to address the reported vulnerability and recommends that users update their installations to Flash Media Server 4.0.3 or 3.5.7 respectively.

Security update available for Adobe Flash Player :-

Critical vulnerabilities have been identified in Adobe Flash Player 10.3.181.36 and earlier versions for Windows, Macintosh, Linux and Solaris, and Adobe Flash Player 10.3.185.25 and earlier versions for Android. These vulnerabilities could cause a crash and potentially allow an attacker to take control of the affected system.
Adobe recommends users of Adobe Flash Player 10.3.181.36 and earlier versions for Windows, Macintosh, Linux and Solaris update to Adobe Flash Player 10.3.183.5. Users of Adobe Flash Player for Android 10.3.185.25 and earlier versions should update to Adobe Flash Player for Android 10.3.186.3. Users of Adobe AIR 2.7 for Windows and Macintosh, should update to 2.7.1 and users of AIR 2.7 for Android should update to Adobe AIR 2.7.1.1961.

Security update available for Adobe Photoshop CS5 :-

A critical vulnerability has been identified in Photoshop CS5 and CS5.1 (12.0 and 12.1) and earlier for Windows and Macintosh that could allow an attacker who successfully exploits this vulnerability to take control of the affected system. To successfully exploit this vulnerability, an attacker would have to convince a user to open a malicious .GIF file in Photoshop CS5.

Security updates available for RoboHelp :-

An important vulnerability has been identified in RoboHelp 9 (versions 9.0.1.232 and earlier), RoboHelp 8, RoboHelp Server 9 and RoboHelp Server 8. A specially crafted URL could be used to create a cross-site scripting attack on RoboHelp installations. 

-News Source (Adobe & Help Security)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

NASSCOM-Data Security Council of India Announces Annual Information Security Summit 2012

Posted by Avik Sarkar On 10/28/2012 04:38:00 am

NASSCOM-Data Security Council of India Announces Annual Information Security Summit 2012

NASSCOM-Data Security Council of India (DSCI) announced that the Annual Information Security Summit 2012 will be held on 11-12 December at Taj Lands End, Mumbai. The NASSCOM-DSCI Annual Information Security Summit this year will focus on the national cyber security elements- Framework, Machinery, Responsibility & Operations for all the critical information sectors like power, energy and finance where deliberation will take place on operating technologies like smart grid and industrial control system; the security and privacy imperatives of eCommerce, mCommerce and eGovernance application and platforms. The Summit will provide an opportunity to have focused discussions with government leaders along with global experts who will talk about the security ramifications at the global level. Special features such as celebrating the success of women leaders in the field of security, Workshop on IT Act and release of DSCI assessment frameworks will also be part of the annual summit. The addition of DSCIExcellence Awards 2012 to Corporate and LEAs this year along with Annual summit will truly make this as a platform where India Meets for Security. 

Who Should Attend:-

Organizations:
  • User Organization – Banks, Finance, Telecom, Manufacturing, Energy
  • Government & PSUs
  • Technology & Service Providers
  • Security Product/ Services Companies
  • Academia
Individuals:
  • Business Leaders
  • IT Leadership
  • Security & Privacy Leadership
  • Security Professionals
  • Security Implementer | Administrator | Officer

Participation benefits:
  • Learn about new challenges, threats and vulnerabilities
  • Gain Strategic direction & practical guidance
  • Explore new approaches, practices, technologies and services
  • Discover market developments and get a feel of technology products
  • Discuss on public policies for cyber security and privacy
  • Interact with national, government and global leadership
Agenda:- 
 
Tentative Agenda Topics for Annual Information Security Summit’12 : Day 1
Time
Session
0930 to 1015
Inaugural + Key Note
1015 to 1115
National Imperatives of Securing Operational Technologies … Smart Grids, Oil & Gas, & Public Utilities
1115 to 1140
Tea Break
1140 to 1200
Platinum Session 1 by Verizon
1200 to 1250
Protecting Key Economic Assets, Securing Financial Backbone
…. Stock Exchange, Payment Infrastructures & Financial Switches
1250 to 1310
Platinum Session 2 by TCG
1310 to 1415
Lunch Break
1415 to 1430
Special feature
1430 to 1520
Architecting Security for New Age Banking
… Business Models, Technology Transformations & Channel Revolutions in the midst of Organized, Focused, Advanced & Persistent Cyber Threats
1520 to 1540
Special feature by HP
1540 to 1640
Revolution named Clobile, Nightmare for Security? … Enterprise Mobility, Mobile Apps and Cloud Enablement Data driven Businesses
1640 to 1700
Tea Break
1700 to 1800
Data driven Businesses – Data reason for Empowerment and Concern
… Big Data, Context Computing & Social Media Computing
1800 to 1900
Networking and Exhibition
1900 to 2030
DSCI Excellence Awards 2012
  • Corporate
  • Law Enforcement
2030 Onwards
Cocktail Dinner
Day 2
Time
Session
0930 to 1030
Cyber Security, from National Responsibility to Global Accountability
… Cyber diplomacy, converging national and international interests
1030 to 1100
Special Feature by CISCO
1100 to 1130
Tea Break
1130 to 1230
Securing Technology Transformation of Governance … eGovernance projects, Security Challenges & Solutions
1230 to 1315
Rendezvous with Women Security Leaders: Special Interaction …. Security, Challenges and Opportunities for Women
1315 to 1415
Lunch Break
1415 to 1515
Security Enablement of Growing Electronic & Mobile Commerce
… Rising Volume & Growth of Commerce, Security as Enabler
1515 to 1600
Securing core, edge, access & connect: reappearance of network on agenda of security
… Finding the role of network security: Infrastructure Core, Hyer-extensive organizations, Access complexities, Mobility & External exposures
1600 to 1630
Tea Break
1630 to 1730
Consumer Behaviors and Business Responsibilities In the Information Age … Responsible Behaviors, Fair Business Practices & Enabling Technologies

To Get Yourself Registrar For the Event Click Here


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Enhanced Anti-Logger, Privacyware PC Security & Hacking Protection supported by IPv6

Posted by Avik Sarkar On 6/09/2011 05:41:00 pm

 


Privacyware, an innovative provider of web application firewall, pc security and security data analytics software, announced today that it has released a new version of Privatefirewall, the leading free security product for Windows PCs. The new software features full support for IPv6 and enhanced protection against critical hacking, privacy and identity theft threats.
"The frequency and magnitude of reported data theft incidents consistently reminds us of the real threat that exists as our reliance on the Internet to bank, shop, and personally or professionally interconnect continues to grow,” said Greg Salvato, chief executive officer at Privacyware. “Our new Privatefirewall release provides expanded packet inspection to support IPv6 and offers greater protection from keyboard, screen, clipboard and other logging techniques used by hackers and malware to steal private data.”
Privatefirewall employs a multi-layered security architecture that combines stateful packet inspection of inbound and outbound traffic and intelligent HIPS technologies that model and monitor system and application behavior to identify and block activity characteristic of Trojans, keyloggers, port scanning, program hijacking and zero-day threats. Privatefirewall ranks among the best performing desktop defense applications tested against the industry's most rigorous leak, general bypass, spying and termination tests.

Privatefirewall delivers four key benefits:
•Stateful inbound/outbound firewall, process monitor and behavioral monitoring technologies provide deep, proactive protection from malware and hackers for your system and personal data.

•Simple setup and operation ensures powerful out-of-box protection and peace of mind with ease.

•Elegant solution design is extremely light on system resources and won't slow down your PC.

•Unsurpassed value – Privatefirewall is available free of charge.

Key Features of this Privatefirewall Update Include:

•IPv6 packet filtering and tunneling support.

•Expanded anti-logger protection including clipboard and screenshot logging detection, driver load attempt detection and enhanced code injection monitoring.

•Improved leak, general bypass, spying and termination defense performance.

Privatefirewall provides an excellent layer of additional protection for the Windows operating system and supports 32 and 64 bit versions of Windows 7, Vista, and Server 2008/R2 as well as 32 bit versions of XP and Server 2003.

Pricing and Availability:
Privatefirewall 7 is free and available now. Visit http://www.privacyware.com to download today. Privatefirewall supports 32 and 64 bit versions of Windows 7, Vista, and Server 2008/R2 as well as 32 bit versions of XP and Server 2003. Private label and OEM licensing and integration options are also available to ISVs, ISPs and hardware and peripheral equipment vendors.

About Privacyware:
Privacyware is an innovative provider of award-winning pc security, web application firewall and security data analytics software. Privacyware products leverage conventional and neural analytics technologies to help systems administrators, IT security and compliance personnel more effectively identify, understand and prevent malicious, unauthorized and/or deviant computing system activity. Privacyware is a member of the Microsoft Partner Network with Gold Independent Software Vendor (ISV), and Silver Business Intelligence and Data Platform Competencies.
Privacyware and ThreatSentry, Privatefirewall, and Adaptive Security Analyzer are registered trademarks of PWI, Inc. All other registered or unregistered trademarks are the sole property of their respective owners. ©2011 PWI, Inc. All rights reserved.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Registration Open For Cairo Security Camp 2012 (Information Security Conference)

Posted by Avik Sarkar On 8/17/2012 02:36:00 am

Registration Open For Cairo Security Camp 2012 (Information Security Conference) 

We have a very good news for hackers, security experts, cyber-security junkies. The good news is -the registration for Cairo Security Camp 2012 is now open. CSCAMP is an annual event targeting the Information Security Community of the Middle East and North Africa (MENA Region) organized by Blue Kaizen. IT Professionals and security practitioners from throughout the region are invited to attend. The Conference purpose is to gather, in one place, everyone interested in helping to improve and enrich the Information Security field in the MENA region. The Goal is to raise the level of information security field in the MENA region, hoping that one day we live up to international standards. Cairo Security Camp is the first annual conference organized by an Arab Country.

Cairo Security Camp 2012 Venue Details:
Target Venue: TBD
Target Date: 18th – 24th of November 2012
Organizers: BlueKaizen.org

Who should attend?
- Chief Security Officers.
- Corporate/Government Security Directors.
- Information Security Managers.
- Information Security Experts.
- Information Security Professionals.
- Information Security Officers.
- Information Security Students.
- Information Security Education & Training Specialists.
- Government Agency Security Specialists.
- Information Security Programs Professors.
- CIOs/ IT Managers.
- IT/ System Administrators.

We would also love to share with our readers that Voiceofgreyhat feel proud to take part is this event  as official Media Sponsor CSCAMP. Its our honor to be associated with Blue Kaizen. Being the official media partner, Team Voiceofgreyhat wishes a huge sucess of Cairo Security Camp 2012. For more details about the event, click Here.






SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Adobe Patches Multiple Security Holes in Adobe Flash Player & AIR (CVE-2012-5274 to 5280)

Posted by Avik Sarkar On 11/09/2012 04:30:00 am

Critical Buffer Overflow, Memory Corruption & Security bypass Vulnerability in Adobe Flash Player & AIR Patched

Adobe- American multinational computer software company has released new versions of its Flash Player to eliminate a number of critical vulnerabilities  in Flash Player that could lead to system crashes or remote attackers controlling computers running compromised software. All the flaws were discovered by members of the Google Security Team are associated with several CVE numbers; CVE-2012-5274, CVE-2012-5275, CVE-2012-5276, CVE-2012-5277, CVE-2012-5280 are buffer overflows, CVE-2012-5279 is a memory corruption issue and CVE-2012-5278 is a security bypass; all of which are listed as potentially allowing an attacker to inject malicious code into the system. Google said it will update Flash Player installed with Google Chrome, and Microsoft will do the same with Internet Explorer 10. In the security bulletin Adobe said that it has released security updates for Adobe Flash Player 11.4.402.287 and earlier versions for Windows and Macintosh, Adobe Flash Player 11.2.202.243 and earlier versions for Linux, Adobe Flash Player 11.1.115.20 and earlier versions for Android 4.x, and Adobe Flash Player 11.1.111.19 and earlier versions for Android 3.x and 2.x. These updates address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system. 

Adobe recommends users update their product installations to the latest versions:-
  • Users of Adobe Flash Player 11.4.402.287 and earlier versions for Windows and Macintosh should update to Adobe Flash Player 11.5.502.110.
  • Users of Adobe Flash Player 11.2.202.243 and earlier versions for Linux should update to Adobe Flash Player 11.2.202.251.
  • Flash Player installed with Google Chrome will automatically be updated to the latest Google Chrome version, which will include Adobe Flash Player 11.5.31.2 for Windows, Macintosh and Linux.
  • Flash Player installed with Internet Explorer 10 will automatically be updated to the latest Internet Explorer 10 version, which will include Adobe Flash Player 11.3.376.12 for Windows.
  • Users of Adobe Flash Player 11.1.115.20 and earlier versions on Android 4.x devices should update to Adobe Flash Player 11.1.115.27.
  • Users of Adobe Flash Player 11.1.111.19 and earlier versions for Android 3.x and earlier versions should update to Flash Player 11.1.111.24.
  • Users of Adobe AIR 3.4.0.2710 and earlier versions for Windows and Macintosh, SDK (including AIR for iOS) and Android should update to Adobe AIR 3.5.0.600.

AFFECTED SOFTWARE VERSIONS:- 
  • Adobe Flash Player 11.4.402.287 and earlier versions for Windows and Macintosh
  • Adobe Flash Player 11.2.202.243 and earlier versions for Linux
  • Adobe Flash Player 11.1.115.20 and earlier versions for Android 4.x
  • Adobe Flash Player 11.1.111.19 and earlier versions for Android 3.x and 2.x
  • Adobe AIR 3.4.0.2710 and earlier versions for Windows and Macintosh, SDK (includes AIR for iOS) and Android
To verify the version of Adobe Flash Player installed on your system, access the About Flash Player page, or right-click on content running in Flash Player and select "About Adobe (or Macromedia) Flash Player" from the menu. If you use multiple browsers, perform the check for each browser you have installed on your system. To verify the version of Adobe Flash Player for Android, go to Settings > Applications > Manage Applications > Adobe Flash Player x.x.  To verify the version of Adobe AIR installed on your system, follow the instructions in the Adobe AIR TechNote. Adobe also recommended its Adobe AIR users to update  to 3.5.0.600.
While talking about security patches in Adobe product, we want to give to reminder that just couple of weeks ago Adobe also plugged buffer overflow vulnerability in its Shockwave Player. Also in late September, Adobe disclosed that it had been attacked and hackers were using a valid Adobe certificate to sign two malicious utilities used most often in targeted attacks. Adobe revoked the certificate Oct. 4.



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Related Posts Plugin for WordPress, Blogger...

Site search