Every organization is going for virtualization. The main reason being cost cutting and to ensure maximum utilization of hardware resources. Virtualization has revolutionized the data centre and is one of the key foundational technologies underlying cloud computing. This has made Several companies rushing frantically into deploying virtualization solutions both in their private and public clouds, without taking into account the risks involved. But when organizations are going virtualization, the technology has got its own inherent vulnerabilities.
Continue reading Securing virtual servers
The Internet Security threat report 2013 by semantic group has been released. Symantec “maintains one of the world’s most comprehensive vulnerability databases, currently consisting of more than 51,644 recorded vulnerabilities (spanning more than two decades) from over 16,687 vendors representing over 43,391 products.” (Internet Security threat report 2013). “Symantec has established some of the most comprehensive sources of Internet threat data in the world through the Symantec Global Intelligence Network, which is made up of approximately 69 million attack sensors and records thousands of events per second. This network monitors threat activity in over 157 countries and territories through a combination of Symantec products and services such as Symantec DeepSight™ Threat Management System, Symantec™ Managed Security Services and Norton™ consumer products, and other third-party data sources” (Internet Security threat report 2013). The report has got in-depth details about the growth of cyber attacks in the year 2012. The biggest area being the mobile malware , this will shock many because the main drive of this is too steal information and track movements.Whats the other new part, Zero-day vulnerabilities continue to trend upward; 14 were reported in 2012.Wait a munute! and you say that you are secure?
Get yourself a copy here. Continue reading The Internet Security threat report 2013
I have skimmed through the report and i cant wait to digest it further. It has critical intelligence details about the security architecture aof Microsoft OS, I truly recommend this for ICT security experts.
For intelligence diggers, the most interesting bit is how the report comprehensively maps about the most affected area, this will help the security admins to determine the level of security required to secure the systems.
Get a copy here! Ket me know your opinion…
About this report
The Microsoft Security Intelligence Report (SIR) focuses on software vulnerabilities, software vulnerability exploits, and malicious and potentially unwanted software. Past reports and related resources are available for download at http://www.microsoft.com/sir. We hope that readers find the data, insights, and guidance provided in this report useful in helping them protect their organizations, software, and users.
Continue reading The Microsoft Security Intelligence Report (SIR)
Is iOS security unbreakable, thanks to Apple’s mix of strong encryption for all data stored on such devices, combined with hardware-controlled PIN entry requirements that make brute-force attacks difficult?
“I can tell you from the Department of Justice perspective, if that drive is encrypted, you’re done,” said Ovie Carroll, director of the cyber-crime lab at the Computer Crime and Intellectual Property section in the Department of Justice, during a recent keynote address at a computer forensics conference in Washington, D.C. “When conducting criminal investigations, if you pull the power on a drive that is whole-disk encrypted, you have lost any chance of recovering that data.” Continue reading iPhone Security Unbreakable? Security Gurus Disagree
Google has been forced to temporarily deactivate a security feature in Android 4.1 (Jelly Bean) intended to make it harder to pirate paid-for apps. The feature resulted in some purchased apps no longer working after devices on which they were installed on were restarted, requiring the user to reconfigure or even reinstall them. According to a bug report on Google Code, affected apps include several live wallpapers and applications with widgets or access to Google’s account system. Continue reading Google forced to temporarily deactivate copy protection for Android apps
Microsoft has released version 1.0 of of its Attack Surface Analyzer, bringing the application out of beta status. Attack Surface Analyzer was originally announced in January 2011 and is designed to give developers and system administrators the ability to gauge how installing a certain application will effect the attack surface of a Windows system.The company says that it has received “quite a bit of positive feedback” on the tool and is now ready to make it available to the wider public. Continue reading Microsoft’s Attack Surface Analyzer matures