Removing Administrator Rights Blocks Critical Microsoft Vulnerabilities

Chalk one up for the “It’s so obvious when you think about it,” files. Removing administrator rights from Windows user accounts can block–or at least, slow down–most critical malware infections, according to a new report from Avecto. Of the 147 vulnerabilities published by Microsoft in 2013 with a “critical” rating, meaning that attackers would be…

Details

AlienVault Adds New Partners to Its Crowd-Sourced Threat Intelligence Platform

AlienVault has added new partners to its crowd-sourced threat intelligence platform to improve information sharing between private sector organizations, security vendors, and government organizations. The AlienVault Open Threat Exchange program provides real-time threat data to thousands of private sector companies, security vendors, and government institutions. Over 8,000 sites across 140 countries have participated in OTX…

Details

Vormetric Introduces Application Layer Encryption Solution

Vormetric has announced a new application encryption tool kit, which equips corporate IT departments with the ability to create and integrate encryption in their own applications. The new solution, called Vormetric Application Encryption, extends Vormetric’s data security platform with tools to encrypt data at rest within the enterprise and web applications, as well as cloud and…

Details

Cyberoam Now 100 Percent Subsidiary of Sophos

Post the recent Sophos acquisition of Cyberoam its CEO and MD Hemal Patel gives securitycurrent more information on the terms and what the acquistion means. sc: Sophos already acquired a UTM vendor. What did they see in Cyberoam that complemented or even replaces their current UTM offering?  Hemal Patel: “Sophos and Cyberoam complement each other in many ways…

Details

NIST Releases Long-Anticipated Framework for Improving Critical Infrastructure Security

The National Institute of Standards and Technology (NIST) has released the long-anticipated Framework for Improving Critical Infrastructure Security. The framework, released on February 12th, provides critical infrastructure operators with a broad blueprint of how to defend IT and industrial control systems networks that handle sensitive and critical tasks for a broad range of industries, including energy,…

Details

Congress Moves Substitute Critical Infrastructure Cybersecurity Bill

The House Homeland Security Committee unanimously passed a substitute bill for the National Cybersecurity and Critical Infrastructure Protection Act of 2013 last week. The bill now heads to the full House for a floor vote. Broadly supported by both parties, the current version of HR 3696 gives the Department of Homeland Security (DHS) the responsibility for civilian cybersecurity research…

Details

Sophos Acquires Cyberoam Technologies

Sophos expanded its network security portfolio with its latest acquisition of India-based Cyberoam Technologies for an undisclosed sum, the company said February 10th. The acquisition gives Sophos access to Cyberoam’s expertise in next-generation firewalls and network security, the company said in a statement. Sophos plans to combine its existing line of unified threat management and wireless security products with Cyberoam…

Details

Texas Hospital Exposes Security Breach of Some 405,000 Records

Health records of up to 405,000 past and current patients at St. Joseph Health System may have been exposed in a security incident, the Texas-based hospital said February 5. St. Joseph Health System has already called security forensic experts and the Federal Bureau of Investigation, but the investigation is still in the early stages. Initial findings suggest…

Details

Palo Alto Shares Rally on Favorable Rulings in Juniper Lawsuit

Shares of Palo Alto Networks jumped more than 11 percent on February 6 after a judge handed down a favorable decision for Palo Alto Networks in the patent infringement lawsuit brought by rival Juniper Networks. The saga over patent infringement began in December 2011 when Juniper Networks sued Palo Alto Networks for infringing on several Juniper…

Details

Security Awareness Solutions at a Glance

Security awareness is a waste of time and employees should be punished for being careless! To each his own philosophy as to whether this mindset is believable and sincere. Granted, satisfying the security awareness checkbox doesn’t lead to behavioral change and yields very little value-add back to the company. What’s interesting, and not surprising, is…

Details