Endpoint Protector Appliance: Stop data theft on Windows and Mac

US thumb drives finally allowed on Pentagon premises

February 28th, 2010 by Agent Smith (0) Data Theft & Loss,In the News,In The Spotlight,Malware Infections

We’ve previously explained how banning something altogether instead of ensuring a safe way to use that piece of technology is not really the smartest idea out there. And our theory seems to be confirmed by the Pentagon: they have recently replaced their strict ban against USB flash drives with a strict usage policy referring to both types of devices used and how they are employed.

The reasons to ban them were serious, as past incidents of misuse led to virus infections, as the Daily Tech reminds us, and the prohibition also covered almost anything you can connect through an USB port to their network, from such as cameras or portable hard drives or smart phones. Yet standing against some of the most common ways to transfer data couldn’t last for too long. The Pentagon is now ready to allow them back into their daily routine, but only if it’s their specific devices which come with their very own hardware and software malware removal kits.

The drives they are planning to allow are headed to Afganistan where they will be used in combat command centers and analysis centers. Let’s hope these ones won’t end up being sold in Afgani markets! Or end up in some library… Maybe they won’t, as these are the rules: Read more

500,000 cards exposed in Network Solutions breach

July 28th, 2009 by Agent Smith (1) Malware Infections,security breach

Hosting company Network Solutions has recently experienced a security breach in an ecommerce services system which resulted in exposing details for a whooping number of over 500,000 credit and debit cards. The data security mishap is the work of hackers penetrated the system and installed software that diverted transactions to a rogue server.

The malicious software was active March 12 to June 8 and affected transactions Network Solutions processed on behalf of over 4,000 merchant websites of small businesses, spokeswoman Susan Wade said to the Register. Although discovered in early June, Network Solutions waited for about a month to disclose the breach, the reason stated being that it took until July 13 for forensics investigators to analyze and understand how the rogue code worked.

Network Solutions has offered to foot the bill for notifying affected cardholders so those costs don’t have to be born by the merchants who used the company’s e-commerce service. [...]The company is also making 12 months of fraud-monitoring services available free of charge to cardholders whose information was exposed. Affected merchants and cardholders can enroll by visiting this site, which walks them through the process.

US Army bans USB devices to stop worm from spreading

December 2nd, 2008 by Agent Smith (0) endpoint security,In The Spotlight,Malware Infections,security breach

The US Army has temporarily banned the use of USB devices, along with floppy discs, CDs, external drives, flash media cards and all other removable media devices, to prevent a worm from spreading through its networks. According to the Register, the worm that caused this extreme measure is Agent-BTZ, a variant of the SillyFDC worm.

While the ban itself is bound to cause some distress, as it would in any other organization, the work flow will be more extensively affected in the US Army because for some offices email or online file transfers are not allowed either.

The measure is a bit drastic, but at least something was done. I personally would have expected a safer endpoint security system and protected USB drives, given the Army’s impressive history with lost hardware and data breaches (see some examples here, here and here). Who knows, maybe this time they will learn :)

Malware Infected Giveaways at Security Conference

May 30th, 2008 by Agent Smith (0) endpoint security,In the News,In The Spotlight,Malware Infections,security breach

One would expect security to be a major concern for those advertising at and attending security conference. But reality shows otherwise. Integrated telecommunication provider Telstra distributed malware-infected USB drives at the 2008 AusCERT security conference.

According to SerchSecurity, as soon as the security issue was discovered, the USB drives have been recalled. The AusCERT security conference was attended by up to 1200 delegates, all of them potentially exposed to a serious infection.

IT Security journalist Davey Winder states security problems at such conferences are no longer surprising. In a blog post published on DaniWeb, he provides insight on how potential breaches are facilitated at security events:

I have lost count of the number of such events where I have been able to quickly scan and detect numerous unsecured wireless networks and where ‘researchers’ attend with the express intention of finding such security holes and jumping in with both feet to see what resources can be compromised. Often it is the people who should know best who seem most liable to suffer from complacency, and security conferences are a great example of this genre of should have known better syndrome.[...]
So you could say I am not easily surprised, but what does surprise and rather shock me about this particular case in Australia is that the USB sticks being distributed by a large telco were apparently pre-owned, second-hand ones. I mean, how cheap do you have to be to use pre-owned USB sticks? These things are so cheap brand new that you will be finding them in Xmas crackers soon…

Next Entries »
© Endpoint Security Info 2012. Wordpress Theme by Arcsin

blogarama - the blog directory Technology Blogs - BlogCatalog Blog Directory Blog Directory Find Blogs in the Blog Directory
valid CSS valid XHTML