Week in Security: Cisco Router Flaw, Windows Patch, Earnings
• A pair of major vulnerabilities, one from Microsoft and the other from Cisco, prompted a slew of warnings from security companies. Microsoft issued a patch for a critical vulnerability that affects most versions of Windows, including the new Windows Server 2003. (View story.) Cisco said a flaw in its operating software that makes its routers and switches vulnerable to a denial-of-service attack and offered a software fix. Internet Security Systems and Symantec both said they raised their Internet threat levels because of evidence that attackers were exploiting the flaw. "Third parties that ISS works with have confirmed that network routers have been affected," ISS said in an advisory. Symantec said it raised its Internet Threat level from two to three with five being the highest.(View story)
• RSA Security posted second-quarter earnings that topped Wall Street estimates by a penny. The vendor reported earnings of $3.2 million on $63.4 million in revenue for its second quarter. That compares with a loss of $25 million on $56.5 million in revenue for the same quarter a year ago, which included restructuring and other one-time charges. Network Associates posted earnings of $1.1 million on $216.6 million in revenue, down substantially from earnings of $21.2 million on revenue of $232.9 million in the same quarter a year ago. Meanwhile, SonicWall posted a second-quarter loss of $8.1 million on $21.4 million in revenue compared with a loss of $2.1 million on $27.7 million in revenue for the same quarter a year ago. SonicWall President and CEO Matt Medeiros, who joined the vendor in March, said the company is making progress in its revitalization plan. SonicWall also named Kathy Fisher as CFO.
• Michael Hershman, former president and CEO of security consulting firm Decision Strategies and a former federal official, launched Civitas Group, a new consulting firm based Washington, D.C. Richard Clarke, former cybersecurity advisor to the president, is on the firm's advisory board. Civitas will offer services to private sector and government clients in the homeland security field.
• Sophos introduced a new version of its antivirus software for the Macintosh platform. Sophos Antivirus for Mac OS X includes new security features and an enhanced user interface. The vendor also announced the availability of EM Reporter, a new management tool for its Enterprise Manager suite, which provides management reports about virus alerts throughout an enterprise.
• Netilla Networks, a supplier of SSL VPN appliances, named Bryan Bain as vice president of business development. Bain was regional vice president of sales and business development at competitor Array Networks.
• Tumbleweed released a new e-mail firewall appliance to help midsize companies combat spam. Tumbleweed MMS Appliance Edition integrates Tumbleweed's Dynamic Anti-Spam Service, providing midsize companies with the same anti-spam, antivirus and e-mail policy management capabilities in Tumbleweed's enterprise products, the vendor said.
• DeepNines Technologies announced the Sleuth9 Security System for Sun Linux, an integrated intrusion prevention and antivirus software solution.