As if they needed more stress, organizations are facing evolving and increasingly stringent compliance regulations from the Payment Card Industry, as well as Sarbanes-Oxley, HIPAA and others. Here are a few security compliance products that can make the audit process less excruciating.
Here are 10 of the distributor's hottest new offerings winning over solution providers.
New smartphones from Sony, Motorola and the first-ever Twitter-only mobile device -- the TwitterPeek -- headline a busy week for handset makers as the holiday shopping season heats up.
Spam Watch 10/6-10/8
Malware volumes continued to climb yesterday. Blocked connections and spam accounted for 90 percent of total mail volume, which is a higher percentage than seen in previous weeks. A bulk of these came from Russia, Italy and Spain.
There were more viruses yesterday than on Tuesday. The most common ones remain Troj/Agent-HUH and Mal/EncPk-ES. MX Logic Threat Center reported a high occurence of W32/Postcard.N, which we haven't seen yet. The most active virus relays were in China and Germany.
Along with foreign language spam, there are a lot of spam headlines related to Microsoft and the latest O.J. Simpson verdict.
Threat Centers from eSoft, MX Logic and McAfee all report a high or elevated threat level.
Attack Watch 10/9
There was a mix of the familiar and the new:
One new intrusion attempt was made using the simulated Ident service. Ident is a somewhat dated server daemon used to aid in identifying the user of a particular TCP connection. Hackers potentially can use this service to mine information about a machine. The attempts were carried out by a visitor logged as static.theplanet.com. Research on this domain name shows that Trend Micro has it listed as part of URL from which the Trojan virus TSPY_BANCOS can be downloaded.
This Trojan seems to be an entryway for particularly obnoxious malware that can ferret banking and user account information from a machine. Not only is there that alarming security risk, but this particular bot from static.theplanet.com uses up hordes of bandwidth as it pummels a port with endless requests. This can, of course, significantly reduce network performance. The IP traces back to New York.
One note: the planet.com is a legitimate hosting provider, so the offender or offenders may either be using the domain as a spoofed address or is using an actual IP address provided by theplanet.com.
Back to the familiar: Log files report the usual brute force attempts to hack into SQL Server. All of the IP addresses trace back to China. All attempts were made using the default "sa" account.
Scans for a Symantec antivirus exploit were also made again via three different IPs. One of the IPs traced back to New York and two to China.
An intrusion attempt using terminals services was made from an address that traces to South Korea.
One last new type of threat logged—a scan for a Veritas Backup exploit. The intruder's originating domain was logged as telepacific.net. This type of threat underscores the need for administrators and solution providers to make sure third-party software patches and updates are applied, not just the ones for Windows and antivirus software.
Subscribe To This Feed
