NABU Trend Micro News Summary – 02/20/10 – 02/26/10
Table of Contents
· ChannelWeb (02.24) – Security Superstars 2010
· ComputerWire News (02.22) – TREND MICRO PROFITS DECLINE IN Q4 AND YEAR
· Messaging News (02.25) – The Dark Side of the Web
· MSP
· InfoWorld (02.25) – Update: Court order helps Microsoft tear down Waledac spam botnet; Now disabled Waledac botnet has been a major source of computer infections and spam, with the ability to send over 1.5 billion spam messages daily (
o PC Advisor
o PC World
o SFGate
o Techworld
· Experian QAS (02.24) – Social networking sites 'attractive to fraudsters'
· PC World (02.22) – Get Tough With Your Users to Protect Your Network
o Network World
· FierceCIO (02.23) – FBI probes high school webcam spying incident
· The Register (02.22) – Twitter phish pwned profiles push penis pills; As Facebook 'goldmembers' hoodwinked into costly SMS scam
· The Register (02.25) – Twishers reel in 'distracted' Boing Boing blogger; Hook, (coffee) line, and sinker
· Techie Buzz (02.21) – Free Online Anti-Virus Scan from Trend Micro – the HouseCall
· Network World (02.22) – Best of the Tests
· MSP
· Fudzilla (02.24) – Fewer companies to show up at CeBIT
· Gerson Lehrman Group (02.23) – Hackers Target US – No Breach Resistant Credit Cards
· The Industry Standard (02.26) – Trend Micro Expands its Hosted Security Service
· Inc. (02.22) – The Promise of Cloud Computing
· The Ottawa Citizen (02.26) – Liquid Computing's funding dries up; Once-promising startup firm lays off workers, begins 'winding down the company'
Trend Micro CEO [Eva] Chen also bullishly pioneered the company's foray into the cloud-computing industry with the launch of the Smart Protection Network as the company continues to delve into cloud server security – and - As the Global Director of Education for Trend Micro, [David] Perry is the face of research at Trend Micro,
ChannelWeb – 2/24/10
TREND MICRO PROFITS DECLINE IN Q4 AND YEAR
ComputerWire News – 2/22/10
“Social media is everywhere, and people reveal way too much,” believes
Messaging News – 2/25/10
"They didn't kill it," said
InfoWorld – 2/25/10
Isn’t it time to kick off the old training wheels and allow your small business customers to go fast, set up jumps and turn corners quickly — and safely? (From a guest blog by
Small Business Security: Time to Grow Up
MSP
Social networking sites 'attractive to fraudsters'
Experian QAS – 2/24/10
The most draconian applies to computers that hold customer data, particularly credit card information. "If possible, take them off the Web," says
Get Tough With Your Users to Protect Your Network
PC World – 2/22/10
Trend Micro education director
FBI probes high school webcam spying incident
FierceCIO – 2/23/10
"The survey I tested linked (via a couple of affiliate marketing services) to a 'Werewolf vs Vampire' quiz which promised to tell me which I am, (surely I should know that already?) At the end of the ten questions I am invited to enter my mobile phone number to receive my results. If I do that I am agreeing to pay a £9.00 joining fee followed by £9.00 every week until I cancel my membership via SMS." –
The Register – 2/22/10
Once a mark falls for the come-on, the worm commandeers the Twitter account and sends the same direct message to all of his followers, according to analysis from Trend Micro.
Twishers reel in 'distracted' Boing Boing blogger; Hook, (coffee) line, and sinker
The Register – 2/25/10
Trend Micro Mentions
Trend Micro, one of the most trusted providers of security software, also offers a free online anti-virus scanner, named HouseCall.
Free Online Anti-Virus Scan from Trend Micro – the HouseCall
Techie Buzz – 2/21/10
Trend Micro's combination of Interscan Web Security Virtual Appliance 5.0 and Interscan Messaging Security Virtual Appliance 7.0 is our runnerup.
Network World – 2/22/10
Already, Trend Micro has rebranded its Worry Free hosted security offerings.
Websense Launches Managed Security Service Provider Program
MSP
In addition to the newcomers, some old names are also back, such as AMD, Motorola, Sony Ericsson, Terratec and Trend Micro.
Fewer companies to show up at CeBIT
Fudzilla – 2/24/10
Data loss prevention and encryption vendors who likely benefit include: … Trend Micro LeakProof
Hackers Target US – No Breach Resistant Credit Cards
Gerson Lehrman Group – 2/23/10
Trend Micro is delivering a new subscription-based, hosted service solution that will allow small businesses to be securely connected, according to a release.
Trend Micro Expands its Hosted Security Service
The Industry Standard – 2/26/10
Before moving to the cloud, it used to take on average 12 hours just to back-up our systems. Plus we used to spend $3,000 per year on Trend Micro's spam filtering services.
The Promise of Cloud Computing
Inc. – 2/22/10
Third Brigade was sold to Trend Micro, a Japanese company, for an undisclosed price.
The Ottawa Citizen – 2/26/10
February 26, 2010
Security Superstars 2010
More than ever before, cybercriminals are going for a pay day as they hack into networks and steal credit card data and other personal information.
So it comes as no surprise that security products and services are a huge opportunity for solution providers. What's more, industry regulations such as the PCI DSS, HIPAA and new state data protection laws coming from
Rest assured the security industry has met these challenges head on. Today there are a myriad of seasoned security researchers, thought leaders and executives who are developing technologies and watching trends to keep one step ahead of the bad guys. Here we'll highlight some of the superstars in the security space.
<snip>
Slide No. 3
The Taiwanese-born engineer co-founded Trend Micro in 1988 in
<snip>
Slide No. 17
Perry has long been considered a leading authority on virus prevention, malware and security education with more than 25 years experience in the field. As the Global Director of Education for Trend Micro, Perry is the face of research at Trend Micro, providing insight into attacks such as last year's Conficker. Perry was also on hand in
http://www.crn.com/security/223100604;jsessionid=YKDBBVKX33NGJQE1GHPCKHWATMY32JVN
February 22, 2010
TREND MICRO PROFITS DECLINE IN Q4 AND YEAR
Anti-virus software developer Trend Micro has reported a 27% decline in net income to JPY 3.6bn ($40m) for the fourth quarter 2009, compared to JPY 4.9bn ($54m) in the same quarter of the previous year. Revenue was up 1% at JPY 24.3bn ($268m).
Operating income increased 2% to JPY 7.5bn ($83m), and bookings increased 25% to JPY 27.1bn ($299m) compared to the same quarter of 2008.
Geographically,
For the year, the company reported an 8% decline in net income to JPY 17.6bn ($194m), compared to JPY 19.2bn ($212m) in fiscal 2008. Revenue was down 5% at JPY 96.3bn ($1.06bn).
During the year, the company acquired Canada-based security and compliance software company Third Brigade to extend its malware protection for dynamic datacenter environments through a host-based intrusion defense system for protecting endpoints from zero-day malware.
For the first quarter 2010, it expects revenue to be JPY 23.4bn ($258m), operating income to be JPY 5.7bn ($63m), and net income to be JPY 3.6bn ($40m).
MSP
February 25, 2010
Small Business Security: Time to Grow Up
By
Do you remember your first bike? It gave you a decent start but you outgrew it fast. The same can be said for consumer-focused security products that are used in small businesses. Here’s why.
For some of you, the memory of your first bike may be a sore subject due to the great hammy down incident of ’79 — but I am pretty sure most of you had a similar experience, plus or minus the handle bar tassels, a banana seat, or a bell. It most likely started with some standard equipment: 2 pedals, handle bars, 2 big wheels and a set of training wheels. Back then this was standard issue for learning to ride a bike.
However once we found our confidence, we started finding ways to terrify our mothers. We learned fast is fun, that any undulation in the sidewalk can be a jump and we learned the hard way that you can’t turn too sharply with training wheels. The very thing that kept us safe and upright in the beginning — those training wheels — was now holding us back and putting us at risk.
Shifting Gears
The same can be said for consumer-focused security products for small businesses. They are totally adequate as the business is starting off. But as the business begins to grow, VARs and MSPs that keep small businesses locked in with a consumer-focused products can end up hurting those businesses long term.
As a reseller, it is important to make sure you provide your customers with the right technology to help them grow by moving them to security products that are designed for the small business, and by providing them with managed services. Moving your small business customers to a managed solution will provide better protection for your customers and will allow you to add more value while maintaining their systems and keeping them safe.
Small businesses are at more risk than we may think. In September, the NACHA issued an alert saying that small businesses were being targeted by hackers because of their lack of security infrastructure. They also went on to say small business were targets of phishing attacks with the same look and feel of their financial institution. The FBI also reported that cyber crooks stole more than $44 million from US Small and mid-sized firms over the course of several years.
Isn’t it time to kick off the old training wheels and allow your small business customers to go fast, set up jumps and turn corners quickly — and safely?
http://www.mspmentor.net/2010/02/25/small-business-security-time-to-grow-up/
February 25, 2010
The Dark Side of the Web
By Stephanie Jordan
One could argue that the Internet is among the greatest inventions. Think about the fact that an estimated quarter of the Earth’s population uses the services of the Internet, and that adoption has influenced or reshaped the telephone, television, newspapers, and offered us new ways to communicate and share ideas with social media sites, instant messaging, and blogging. Also remarkable is the fact that this international network has no centralized policy over its use or access. Unfortunately, along with the gift that is Web 2.0 and all that it enables, has come nefarious activities from clever cybercriminals; for much that has attracted the world towards the Internet has also attracted them.
According to Tom Gillis, vice president and general manager for Cisco Security, the Web is composed of a trillion pages at best estimate, and growing at exponential speed. He offers these statistics: it’s estimated that 1 billion new Web pages are created daily and about 32 million domain names are added to the Web every year with this number expected to rise dramatically in 2010, as internationalized domain names (using letters from local languages, such as Arabic and Chinese) are introduced. He also notes that more than 30 percent of domain names change (or churn) on an annual basis. The popularity of social media and blogging explain some of this growth, as blogs and social networking sites dynamically serve up many of these billions of new Web pages. In addition, there are many password-protected sites that cannot be easily identified.
“The problem with these transient and dynamic Web pages is that they resist categorization, which renders URL filtering largely ineffective,” explains Gillis. “According to Cisco Security Intelligence Operations (SIO), only 20 percent of Web site addresses can now be properly categorized. The other 80 percent of Web site pages are now referred to as the “Dark Web”—that is, Web pages that are uncategorized, highly dynamic or otherwise unreachable.”
Workers Introduce Risk to
The Dark Web poses a threat to everyone, even enterprises, employees can expose the company when viewing uncategorized content such as social media. Social media usage is up dramatically, not just in terms of the number of users, but also in terms of the type and regularity of usage, reveals FaceTime Communications’ recent survey on company Internet usage. According to the report, 61 percent of users access social media sites at least once a day from work, up from 51 percent last year.
“Social networking is now used by 95 percent of respondents, with 15 percent using social media “constantly” throughout their work day,” states Sarah Carter, director of marketing for FaceTime Communications. “However, only 24 percent of IT professionals are concerned about this in terms of productivity. Inbound malware is still perceived as the biggest risk from Web 2.0 thought 61 percent of respondents.”
Reports seem to conflict with one another about whether workers honor company policies regarding social networking. A 2008 survey by Cisco and U.S.-based market research firm Insight Express found more than half of the workers that changed the security settings on their company-issued laptop to view restricted Web sites did so because they wanted to visit them, regardless of company policy. On the other hand, the FaceTime survey revealed that 84 percent of users say that they would comply with company policies on usage. Further, 74 percent of users understand that the use of social networks is a risk to the business.
One thing is certain: access of social media sites during work hours is increasing. “Social media is everywhere, and people reveal way too much,” believes
What Is IT’s perspective?
While IT staff appear to be aware of threats, their perception of what’s on the network compared to what actually is, varies significantly. “Using empirical data from our installed base of Unified Security Gateways (155 deployed globally), we compared this with IT professional’s opinions,” says Carter. Here is what the opinion vs. data showed:
· 62 percent of IT professionals estimate social networking is present on their networks; the actual number is 100 percent.
· 32 percent of IT professionals say file-sharing tools are present; the actual number is 74 percent.
· 31 percent of IT professionals believe Web chat is in use; whereas our appliances found that Web chat is used in 95 percent of locations.
For Keith R. Crosley, director of market development for Proofpoint, Inc., the three biggest social media risks include: the use of (or spoofing of) social media platforms as vectors for blended threats, risks of data leakage via social media channels, and policy issues.
“Viruses and other malware that make use of social media sites (for example, the Facebook Koobface worm) have obviously been a significant problem in the past year, and I expect that will continue in 2010,” predicts Crosley. “Additionally, the popularity of social media sites have made them a prime spoofing target for spammers and scammers. We’ve seen many examples of malicious emails (e.g., phishing attempts or malware distribution scams) masquerading as convincing-looking social media notifications such as friend requests, new message notifications or policy change notifications.”
Crosley points with concern to the fact that users are overly comfortable clicking on links in social media notification emails. “As social media platforms constantly evolve the way they use notifications, I think we’ll see new risks. For example, Facebook recently enabled commenting by replying to notification emails. On the one hand, this is a good thing because it might reduce the number of users who click on links in Facebook notification emails to access their accounts (which is something I’m always advising people not to do). But on the other hand, I think it’s only a matter of time before we see spoofed Facebook notification phish/spam that takes advantage of this sort of feature to harvest email addresses. That is, the recipient replies to a fraudulent Facebook notice thinking it’ll publish a comment, but all it does is confirm that there’s a valid email recipient at that address.”
With the rise of social media site use at work comes the threat of data leakage. Crosley notes that Proofpoint’s 2009 research on policies and data loss risks found that 17 percent of
Managing User Behavior
As Carter points out, the benefits of Web 2.0 applications outweighs the risks. Since blocking won’t work in most organizations, an alternative tactic is influencing user behavior. “Implementing coaching for users, when they perhaps try to access inappropriate content on YouTube and reminding them of their responsibilities helps,” states Carter. “Providing this type of positive reinforcement, alongside regular education and training really does influence behavior, and increases awareness of risks.”
Organizations need to establish (and enforce) policies for employees to follow. Gillis notes that improper Web use costs businesses billions of dollars in lost productivity and resource misuse each year, and introduces the risk of compliance violations and legal liability. “Changing attitudes on the part of employees toward at-work Internet use are also adding to the urgency of organizations to tighten and strengthen Internet usage policies,” says Gillis. “More workers, particularly younger ones, do not draw a firm line between personal Web browsing, and work-related Web browsing. They expect to check Web mail and social networking sites during the workday, order products online, and read blogs—just as they may access their organization’s networks and email during the evenings and on weekends. In effect, these workers are bringing the Dark Web into the workplace.”
Many organizations that have messaging policies in place may not have included social media. “Enterprises need to formalize their acceptable use policies for social networking sites and help users inside of their organizations understand what is and isn’t acceptable. At the same time, social media is opening up some entirely new policy areas that most organizations are just now coming to grips with,” says Crosley. He offers the example of a growing concern in legal and HR circles around the issue of bosses “friending” their employees (and vice versa) on social networking sites. “Some legal experts have warned that bosses who friend their subordinates on social networking sites may be putting themselves at substantial legal risk. Online relationships between bosses and employees can trigger or exacerbate a host of legal claims, including harassment, discrimination or wrongful termination in addition to potential accusations of favoritism. Some employment lawyers even suggest simply banning such online manager-worker friendships.” Crosley says that not everyone takes this hard a line, but it does point to the fact that this is just one more area of risk exposure that managers now need to navigate on a day to day basis.” I expect that forward-thinking organizations will add some training around the potential liability dangers associated with use of social media in the workplace to their existing liability and discrimination training.”
For Carter, the biggest emerging risk to IT managers with regard to the increased usage of Web 2.0 applications is compliance and eDiscovery. “The users really have gone out there and enabled themselves on Web 2.0,” she says. “Perhaps it’s the economy, perhaps its that social networks level the playing field for big and small companies, perhaps the reality is that Web 2.0 is finally here, but we’ve also seen a rise in the number of regulations and compliance requirements for real time communications, like with FINRA and their 10-06 notice. eDiscovery has become a much bigger concern for IT managers, and while our survey shows that a small percentage (38 percent), up from 31 percent last year, store chat and IM messages for compliance, 27 percent have been provided with guidance by legal counsel on requirements for archiving content posted to social networking sites, with a further 42 percent anticipating this will happen. With the high price tags associated with non-compliance in the event of an audit—as much as $2.1 million USD for failure to comply for a Sarbanes-Oxley audit—eDiscovery is going to be one of the biggest social media security concerns for IT managers moving forward.”
http://www.messagingnews.com/story/dark-side-web
February 25, 2010
Update: Court order helps Microsoft tear down Waledac spam botnet
Now disabled Waledac botnet has been a major source of computer infections and spam, with the ability to send over 1.5 billion spam messages daily
By Robert McMillan IDG News Service
With the help of a
Microsoft said late Wednesday that it had been granted a court order that will cut off 277 .com domains associated with the botnet. This will effectively knock the brains of Waledac off the Internet, by removing the command-and-control servers that criminals use to send commands to hundreds of thousands of infected machines.
[ Learn how to secure your systems with Roger Grimes' Security Adviser blog and Security Central newsletter, both from InfoWorld. ]
Thought to be used by Eastern European spammers, Waledac has been a major source of computer infections and spam over the past year. Microsoft believes the botnet can send over 1.5 billion spam messages daily.
In a lawsuit against the unknown spammers behind Waledac, filed Monday with the U.S. District Court of Eastern Virginia, Microsoft argues that Verisign, which manages the .com domain, is a choke-point for the botnet. The court has apparently ordered Verisign to remove the botnet's command-and-control domains from the Internet.
"This action has quickly and effectively cut off traffic to Waledac at the '.com' or domain registry level, severing the connection between the command and control centers of the botnet and most of its thousands of zombie computers around the world," Microsoft said in its blog post announcing the effort.
Microsoft designed its lawsuit so the court order would sever the control ties to the botnet before its controller had time to react. "That unplugging of the Internet connection had to be done without him knowing," said Richard Boscovich, a senior attorney at Microsoft's digital crimes unit, in a video on the blog post.
Many of the affected domains already appeared to be gone after Microsoft's announcement, but others still appeared to be up.
Verisign could not immediately be reached for comment.
Because Waledac uses peer-to-peer techniques to control hacked boxes as well, Microsoft has more work to do, however.
"It's a busy night tonight and tomorrow is probably going to be a busy day as well," said Jeff Williams, director of Microsoft's
Williams didn't provide details on what Microsoft was doing to further attack Waledac, but in its blog posting the company said it is "taking additional technical countermeasures to downgrade much of the remaining peer-to-peer command and control communication within the botnet." Microsoft expects to "continue to work with the security community to mitigate and respond to this botnet," the post states.
Known internally as Operation b49, Microsoft's takedown operation "was the result of months of investigation and the innovative application of a tried and true legal strategy," Microsoft said.
Microsoft tried to strike a blow against Waledac last April, by adding detection for the infection to its Malicious Software Removal tool. But that didn't stop the botnet, and spam levels have remained high.
"They didn't kill it," said
The majority of the domains ordered cut off are listed as having owners with contact details in
(Owen Fletcher in
Also @
PC Advisor
http://www.pcadvisor.co.uk/news/index.cfm?RSS&NewsID=3213575
PC World
SFGate
Techworld
http://news.techworld.com/security/3213597/microsoft-kills-waledac-spam-botnet/?olo=rss
February 24, 2010
Social networking sites 'attractive to fraudsters'
Social networking sites are extremely attractive to criminals, it has been suggested.
"You can look at something like Facebook with hundreds of millions of users, Twitter with tens of millions, LinkedIn with tens of millions, MySpace I think is hundreds of millions – there are lots of potential targets out there so it's very attractive," he explained.
Mr Ferguson noted that unlike email scams, social networking fraud is based on trust and users believe they know the people they are interacting with.
If someone within a circle of friends admits someone they should not, then the whole network is put at risk, he added.
A recent report published by web and messaging security products provider M86 Security revealed that there has been a steep rise in spam attacks via sites such as Twitter and Bebo.
February 22, 2010
Get Tough With Your Users to Protect Your Network
By Bill Snyder, PCWorld
No one likes to be hated, but if you're running a small business, sometimes you've got to take security measures that will make your employees really angry. You might even have to (gasp) pull some PCs off the Internet, and treat some employees like, well, children.
Here's why:
No matter how hard you work, no matter how many security programs you install, the biggest threat doesn't come from outside the firewall. And it isn't from unpatched software and it doesn't come from buffer overflows, etc. Your own users are your biggest, albeit unwitting, enemy.
"If all software had 0 exploits, it wouldn't drastically change the amount of successful hacking," says security Roger Grimes, a security pro and columnist. It's because the bad guys have elevated social engineering, the hack that takes advantage of a user's greed, lust or simply naivety, to open the gates to malware.
[Antivirus software and a firewall alone can't guarantee your safety. Here's how to foil the latest crop of sneaky attacks and nefarious attempts to steal your data.]
Grimes may be overstating the case a bit. Software exploits are serious and ever present.
But the modern hacker who wants to gain access to data that can be sold, knows that users can be tricked onto sites that are seeded with malware, says
And don't think that all sites infected with malware are XXX rated. By the beginning of 2009, the majority of poisoned sites were mainstream. In a typical attack, users of FoxNews.com were told they needed to install a new codec to watch clips on the site. Once installed, the "codec" was a malicious piece of code undetected by most defenses, Grimes recounts.
What you can do to secure your network
Perry suggests some distinctly unpleasant remedies for the small business.
The most draconian applies to computers that hold customer data, particularly credit card information. "If possible, take them off the Web," he says. Files don't have to be e-mailed internally. Assuming you've got a network, simply drag files from one directory to another without a browser.
Without being patronizing, employees need to be treated with some of the same concerns you might have for your children. You know the drill; tell them going to porn and gambling sites and so on will get them in serious trouble. Since they are adults, you might set up a PC in the break room that has Web access but is not on your network. They may waste time on it, but it won't endanger your firm's security.
You've got to be in control of your network. Trend Micro's Internet Security Package, for example, let's you set security policies for every computer on your network with a simple stratagem: Install the product on PCs that need to be protected and when the program asks for a password, give each PC the same one. (To be clear, we don't mean a network password, but a password to the security program.)
When that's accomplished, one person can block sites and set security policies for all PCs running the program. And if your employees don't know the password -- and they shouldn't -- they can't change the policies.
Your employees may get angry, but your business will be a lot safer. And that's a worthwhile tradeoff.
Also @
Network World
http://www.networkworld.com/news/2010/022210-get-tough-with-your-users.html
February 23, 2010
FBI probes high school webcam spying incident
By Paul Mah
The Federal Bureau of Investigation is now investigating whether
LMSD stressed however, that the ability to remotely activate the webcams was meant solely for the purpose of tracking lost or stolen machines. While students appear to be aware that the webcam can be remotely activated, parents were unfortunately left in the dark. LMSD spokesman Doug Young admitted that the school district committed a "significant mistake." He told the Inquirer, "There was no specific notification given that described the security feature. That notice should have been given, and we regret not giving it."
In the meantime, what of the "improper behavior" by the student that catapulted the case into the limelight? On video, the attorney hired by the parents claimed that the school "caught" Robbins with candies and mistook them for pills.
Trend Micro education director
Anyone got black tape to spare?
http://www.fiercecio.com/techwatch/story/fbi-probes-high-school-webcam-spying-incident/2010-02-23
February 22, 2010
Twitter phish pwned profiles push penis pills
As Facebook 'goldmembers' hoodwinked into costly SMS scam
By John Leyden
Twitter users were hit by potent phishing attacks over the weekend that have already led to spam runs from compromised accounts.
Miscreants posted messages disguised as humorous updates on the Twitter micro-blogging service as part of an ongoing attack that started on Saturday. The messages - which featured phrases such as "Lol. this is me??", "lol , this is funny." and "Lol. this you??" - included links to a counterfeit Twitter login page hosted in
The micro-blogging site warned of the attack on Sunday. It advised anyone that had fallen for the ruse to change their passwords quickly, before hackers had a chance to alter login credentials to hijack compromised accounts.
The BZPharma.net domain prospective marks are directed towards is actually designed to harvest Twitter login details for later misuse in spam and identity theft-based attacks. Initially, the phishing lures appeared as direct messages on Twitter, but later dangerous links were posted in public feeds often via a service called GroupTweet, net security firm Sophos reports. GroupTweet coallows direct messages to be sent to multiple and, optionally, distributed more widely.
The miscreants behind the attacks have already begun spamvertising herbal Viagra from the compromised accounts, Sophos warns, adding that the BZPharma.net domain associated with the Twitter phish has previously been used against Bebo users.
Fools' gold
In other social networking insecurity developments, many Facebook users are getting hoodwinked into joining a bogus group in order to enjoy supposed benefits of a non-existent Gold account. The scam started as a prank on the notorious 4chan image board back in 2007, but has now taken on a life of its own. Scammers are using the supposed benefits of the fictitious group to hoodwink users into taking part in a survey that involves subscribing to text messaging services in order to get the results.
Scammers likely receive a cut of the profit as affiliates of these services. A blog posting by
http://www.theregister.co.uk/2010/02/22/twitter_phish_and_facebook_scam_warnings/
February 24, 2010
Twishers reel in 'distracted' Boing Boing blogger
Hook, (coffee) line, and sinker
By Dan Goodin in
Add prominent blogger Cory Doctorow to the list of people successfully phished by a new Twitter worm that's making the rounds.
The co-editor of Boing Boing surrendered his Twitter password to scammers after receiving a direct message from one of his contacts that included little more than the text "This you????" and a shortened web address.
"I think the primary prerequisite for this kind of phishing attack is that the target be distracted," Doctorow wrote in fessing up to the goof. "I was in the line at the coffee shop, I had a new phone that didn't have my stored passwords in its browser (so I wasn't surprised to be prompted for a password), and I had a little screen that didn't prominently display the URL I was on."
Once a mark falls for the come-on, the worm commandeers the Twitter account and sends the same direct message to all of his followers, according to analysis from Trend Micro. That gives the attack a viral nature, since each successful phish results in ever more attempts.
Doctorow said he "realized immediately what had happened" and changed his password within five minutes.
The "this you?" scam has been spreading since last weekend and prompted a warning from the micro-blogging site on Sunday. The ongoing attacks are designed to harvest Twitter login details for later misuse in spam and identity theft-based attacks.
The website hosting at least some of the phishing pages was kevanshome.org, according to a video posted by Sophos. It's not the first time the people behind that domain have been implicated in a Twitter scam.
http://www.theregister.co.uk/2010/02/24/twitter_doctorow_scammed/
February 21, 2010
Free Online Anti-Virus Scan from Trend Micro – the HouseCall
Here at Techie-Buzz, we keep our eyes open for free and easy to use online services. One of the most important things you need to manage is your computer’s security. If you surf the internet, it’s always possible that you’ve either gotten infected, or may suspect you’ve been infected by Malware, Trojans or Viruses.
Fortunately, there’s no shortage of security tools that you can install on your PC. There are also several online tools that you can use, and most of the online tools are free. Trend Micro, one of the most trusted providers of security software, also offers a free online anti-virus scanner, named HouseCall.
Don’t consider online scanners as any replacement for installing good anti-virus and anti-malware tools. The online scanners are there in case you need a second opinion.
It’s easy to use and you can see the steps involved below in a screen-show I’ve inserted.
If you can’t see the screen-show here, follow this link to view it.
http://techie-buzz.com/online-security/free-online-anti-virus-scan-from-trend-micro.html
February 22, 2010
Best of the Tests
By Neal Weinberg
We tested more than 100 products in 2009 in a wide variety of categories, but 15 of those products were head and shoulders above the rest and earn our Best of the Tests Award. Here are the categories and winners:
Vendor: Microsoft
Product: Windows Server 2008 R2
We tested a raft of operating systems in 2009, including SUSE Linux, Ubuntu, and Apple Snow Leopard. But the operating system that stood out was Microsoft's Windows Server 2008 R2. This product delivers advancements in speed, security and management.
Windows Server 2008 R2 boasts new server administrative roles for better security, an improved Server Manager program, revamped
Internet Information Server (IIS) Web management functionality, better Active Directory controls, and redesigned Windows Terminal Services. Also, Windows Server 2008 is also significantly faster than Windows Server 2003.
And while Windows Server 2008 R2 certainly stands on its own, the fact that it's integrated so nicely with Windows 7 is an additional bonus for IT execs.
Review of Windows Server 2008 R2
Five things we love/hate about Windows Server 2008 R2 and Windows 7
Vendor: Research in Motion
Product: BlackBerry Server 5.0
There's no keeping end users from their BlackBerries, but there is a way for IT to manage those devices -- Research in Motion's BlackBerry Enterprise Server 5.0. We found BES to be an easy-to-use, Web-based tool that provides centralized administration, high availability and the ability to set rules and policies on a granular level.
With BlackBerry Enterprise Server, an administrator can publish and push updates and applications to one user or groups of users. The administrator can also identify unauthorized applications and prevent users from downloading, using or updating prohibited programs or applications. When a BlackBerry device is activated, the new security policy supersedes any previously installed programs or policies. Can your iPhone do that?
BES 5.0 a smart choice for smartphone management
Vendor: IBM
Product: BladeCenter Server HS22
Two eight-core Intel 5570 Nehalem processors, two 10Gigabit Ethernet network interface cards, 50GB SSD drives, 150GB 15k hard drives and 48GB of RAM. Not to mention energy efficiency and strong management features. And all for around $10,000. What's not to like?
In our tests, the Nehalem-based blade delivered a 10x increase in performance when compared with Intel's Core-based Xeon processor.
In terms of total overall power consumption, the Nehalem processors consumed 17% more power than the Xeon-based system, which
is a pretty good bargain when you're gaining a 10x boost in performance.
Bottom line: The combination of Nehalem processors, 10G Ethernet, and lots of RAM make the HS22 a great choice for data center virtualization.
IBM BladeCenter delivers speeds, power savings
Vendor: McAfee
Product: Web Gateway
McAfee's Web Gateway bested the competition in every one of our performance tests. We attacked each vendor's product with 100 malware instances. Web Gateway turned aside 99. We fed each gateway 1,000 e-mails - 500 phish and 500 non-phish. Web Gateway came in first with a 90% success rate. And in our latency tests, Web Gateway exhibited the lowest latency - 28 ms.
Web Gateway sports an easy-to-use, intuitive browser-based interface that's especially responsive. Reports are quick and informative, and the Web Gateway dashboard is completely customizable. And the McAfee Web Gateway installation was the slickest. A USB memory stick containing a configuration program accompanies the device. Insert the memory stick in a Windows machine, run the program, save your configuration, move the memory stick to the Web Gateway before boot time and - voila! - the Web Gateway uses the IP address and other configuration data you've specified.
This is the second time around for McAfee's Web Gateway. The product was a Best of the Tests winner back in 2006 as well.
How to fight malware
Runnerup: Vendor: Trend Micro
Product: Interscan Web Security
Trend Micro's combination of Interscan Web Security Virtual Appliance 5.0 and Interscan Messaging Security Virtual Appliance 7.0 is our runnerup. The Trend Micro software delivered a 96% success rate in blocking malware and an 84% success rate in blocking phishes.
Trend Micro's tool gave us consolidated threat reporting and corporate policy management across our network. We easily varied security policies by network segment, company division and company department, at our option. We particularly liked Trend Micro's unified view of network security across an entire enterprise.
Also, you install the software on your own computers, thus giving you fine control over the speed and capacity of your gateway.
Installation is a snap.
Vendor: VMware
Product: VMware vSphere 4.0
VMware created the market for x86 server virtualization in 2001 and has been the leader ever since, although Microsoft's Hyper-V and Citrix XenServer are strong competitors. In 2009, VMware raised the bar with the introduction of vSphere, a cloud-focused product that is faster than its predecessor, ESX 3.51, easier to manage, and designed for provisioning fleets of virtual machine farms.
The basic components of what VMware calls the vSphere 'cloud operating system' are an improved hypervisor and VMware's VirtualCenter management application, along with options like vMotion (live VM inter-server migration), vSphere Zones (network security aggregation), distributed resource allocation, and even a distributed network switch.
These improvements allow vSphere 4.0 to manage and automate provisioning of internally-controlled VM farms and infrastructure with hosting platforms located outside an organizations traditional computing 'perimeter'.
VMware upgrade reaches for the clouds~~
Vendor: Parallels
Product: Parallels Desktop for the Mac
Want to run Windows on your Mac? Check out Parallels Desktop for the Mac. In our testing, Parallels was strong in features and usability, and its 64-bit guest virtual machine support provides flexibility for developers. We could run Mac OS X Leopard client or server as a guest.
We were able to import VMware or Virtual Box files (guest VM snapshots, or rapidly mountable VM guest operating systems) easily.
Parallels Transporter let us convert other formats of VMs into the Parallels format.
Windows XP (this test took place before Windows 7 was released) installed easily for us, with no interaction except for entering the username and product key. Parallels has preformatted settings for XP. Another useful Parallels feature was the ability to mount a Windows VM guest's NTFS file system into the Apple MacOS 10.5 Finder application. We could access all the files directly like an external hard disk. We could easily drag and drop files and folders between Mac and XP VMs. It's even possible to have the Apple Spotlight application index the VM Windows guest drive, a feature that wasn't available in the other hypervisor products we tested.
Parallels Desktop 4.0 for the Mac
Runnerup: Pano Logic
Product: Pano Cube
Pano Logic's Pano Cube is a very small 'designer'-looking cube containing three USB jacks, VGA and audio/mic jacks. It has no CPU or memory/storage inside, permitting it to be used strictly as a KVM+ access device.
The Pano Manager provisions desktops through ESX/vCenter and also enables policy controls about what IO can go through the Pano Cube. It's possible to restrict printers, and so on for any particular session. The Pano Gateway in turn, sets up connection brokerage relationships for VPN and proxy access from branch to 'home'.
Pano Device setup was very simple. Pano Manager allows for persistent and non-persistent VMs to be used. VMs can be organized into collections, which can host a number of VMs in which the Pano Cubes connect as a single logical unit The Cube Clients, we found, are extremely fast. They logon in just seconds, and were able to reproduce multimedia very well -- even when we loaded the hosted VMware server down (a local host with 8GB of RAM) with all 10 Cubes sent to us.
The Pano Manager and Cube require VMware, but it's a decent investment. And Pano Cube's simplicity is bliss.
Pano Logic: Fast, easy, VMware-based
Vendor: Microsoft
Product: SharePoint Server 2010
Our policy is to not test beta versions of products. There are lots of reasons for this, but mostly it comes down to the notion that we're trying to give readers information to help them make buying decisions. And that means we test the actual product that customers would buy. But there's an exception to every policy - and it's SharePoint Server 2010, which we tested in beta, and which came out on top in this year's software category. Interest in this product was so high that we felt we had to write a review as soon as we could get our hands on the product. And we weren't disappointed.
We tested beta versions of SharePoint Server, and two related apps, Visual Studio and Office 2010, in a virtualized environment and found that SharePoint Server 2010 is faster and more intuitive than the previous version. SharePoint 2010 allows IT departments to run applications such as enterprise search, content management, collaboration and business intelligence on a single platform.
Together with improved Internet site capabilities, SharePoint 2010 means companies can avoid the licensing and training costs associated with separate apps. SharePoint 2010 also offers improved developer and administration capabilities, which will likely speed application creation while easing server management.
SharePoint 2010 is expected to ship early this year.
Review: SharePoint Server 2010 beta pulls it all together
Company: Microsoft
Product: Exchange
Yes, 2009 was quite a year for Microsoft, with major releases of Windows, Windows Server and Exchange, Microsoft's e-mail platform. So, is Exchange 2010 an overgrown, bloated hog of an undocumented application, requiring enormous resources and costing a fortune? Or has Microsoft finally gotten it right, building the speed and reliability we need into a mailbox server that goes beyond simple e-mail and raises the bar for collaboration tools? The answer to both question is "yes." It all depends on how you use it.
The core of Exchange is finally where we want it: reliable, fast, and resource-stingy. Exchange 2010 is also heavily Web-focused, supporting the inevitable march towards a clientless e-mail, calendar and address book experience.
Of course, Exchange 2010 also has the expected bloat. Obscure inter-server communications pathways, connections to VoIP PBXs, obscure digital rights management, and an edge server that is best described as "not entirely useless," all are part of the Exchange experience, too.
Still, Exchange is here to stay and if 2010 is the direction we're going, then the good far outweighs the bad. Two steps forward and one step back still adds up to one step forward!
Best and worst of Exchange 2010
Runnerup Zimbra
Product: Collaboration Suite
Want the benefits of Exchange, without actually running Exchange? We tested six alternatives, most of which closed in pretty well on the essence of what a collaboration server should be. We preferred Zimbra for its broad cross-platform support and powerful mail server.
Sure, inside, it's a complicated maze of interlocking scripts held together by strings of commands that only a few select people truly understand. But when it works, which it did very well in our testing, Zimbra does what you want on the platform of your choice, and the price is slightly less than Microsoft Exchange. Plus, VMware seems to believe in it, since they announced they're buying Zimbra from Yahoo.
Exchange alternatives: Pros and cons
Vendor: Compellent
Product:
The best of our SAN systems test was the Compellent Storage Center 4.0. The product offers a compelling mix of high performance, great ease of use and wide feature set, at a price that isn't over the top. It has all the features you'd expect in a SAN system, such as synchronous and asynchronous replication, snapshots and thin provisioning, as well as some features that other systems don't have - particularly the data progression feature, which automatically migrates the most-used data on the system to the fastest storage. This feature makes the best use of the fastest storage on the system, whether 15k drives or SSDs, with little or no effort on the part of the administrator. Mature, easy to use and operating at the block level, it is more usable than the recently released and widely publicized LUN-level automated storage tiering from one of the big names in SAN technology.
The biggest differentiator for Compellent may be its ease of use. While most SAN systems offer similar functionalities, a system that can set up remote replication over the Internet to another SAN in six mouse clicks is noteworthy. Add to that a good value and high performance, with support for SSDs, 8Gbps Fibre Channel and 10Gbps iSCSI and you have a winner.
Vendor: CACE Technologies
Product: AirPcap Ex
Our extensive WLAN testing in 2009 results in several products which received a perfect score of 5.0. But the best of the best is the AirPcap Ex tool from CACE Technologies. This comprehensive yet simple packet-capture tool is perfect for those all-too-common situations faced by practitioners and operations professionals alike when it's necessary to dig into the dialog between client and access point to really understand why performance is so unexpected, why security is now so tight that no one can in fact connect, or why erratic client behavior is just that.
It's based on the very popular WireShark tool, and integration is seamless. It's available at a bargain price, and developer tools are available.
Formidable tools for capturing and analyzing WLAN traffic abound
Vendor: Cisco
Product: ASR router
With enterprises looking to consolidate data centers and devices, Cisco's new ASR 1000 series router offers a compelling message: Do more with less.
In our exclusive test, the ASR not only moved traffic at 20Gbps but also did so while running QoS, security and monitoring functions on 120 million flows from hundreds of concurrent routing sessions.
The ASR also proved a capable performer when handling multicast and IPSec VPN traffic. And with a 40-core processor, the ASR has enough headroom to run firewalls, load balancers and other services without requiring additional hardware.
That's not to say the ASR isn't still a work in progress. Its data-plane capacity still needs to grow, and Cisco hasn't yet rolled out all the services that ASRs eventually will support. But this is a strong effort, well worth considering for the many enterprises looking to replace tiers of aging Cisco 7200 routers with a single more powerful system.
Cisco's ASR 1000 router built for 10-year tenure
Runnerup: 3Com
Product: H3C switch
3Com says it has an alternative for network managers considering high-end switches from Cisco and others. And our exclusive test of this core switch backs up 3Com's claim. The chassis-based, 288-port device delivered line-rate throughput in all performance tests, supported more Open Shortest Path First routing sessions than we've ever set up and consumed remarkably little power all the while.
While the device doesn't have all the features of some competitors (for example, the switch doesn't yet support hitless upgrades), its strong performance and low power consumption make it a viable option for large and midsized organizations in the market for core and aggregation switches.
3Com's high-end switch: A fast, green alternative to Cisco
MSP
February 22, 2010
Websense Launches Managed Security Service Provider Program
By Joe Panettieri
Websense, Inc. is jumping on the managed security bandwagon. The software specialist has launched a global, managed security service provider (MSSP) program. Plenty of security software companies are preparing similar moves. Here are some of the details.
According to Websense:
The Websense MSSP program is designed to facilitate more effective end-user adoption of the recently announced Websense TRITON system. TRITON is the industry’s first unified content security solution that combines leading Web security gateway, data loss prevention and email security technology into a single, unified architecture.
As you may recall, Websense launched TRITON earlier this month.
The MSSP partner program arrives at a key time. Websense overhauled its partner program management team only days before the company’s partner conference. At the same time, rival security software providers have been planning managed security moves of their own.
At the recent Kaspersky Lab partner conference in the
Already, Trend Micro has rebranded its Worry Free hosted security offerings. And established players like Symantec and McAfee have been making numerous SaaS and managed security moves. Upstarts like Panda Security also are making moves in the managed security market, working closely with N-able on a freemium endpoint security strategy.
Now, Websense is making its MSSP move. According to a prepared statement:
Websense MSSP program rollout is available for select service providers that meet Websense minimum criteria in technical competency, services capacity and investment in joint core business on an invitation-only basis. Websense is enabling these MSSPs with the best practices, an integrated solution framework, services delivery platform, certification, training, and sales enablement resources to cost effectively deploy enterprise wide protection. The program’s service delivery framework includes managed Web and DLP content security services for customer on-premise equipment, as well as white-label branding options for Websense and unified security software-as-a-services (SaaS) for Web and email.
We’ll be watching to see if Websense’s MSSP moves catch on with MSPmentor’s readers.
http://www.mspmentor.net/2010/02/22/websense-launches-managed-security-service-provider-program/
February 24, 2010
Fewer companies to show up at CeBIT
Written by Fudzilla staff
But some old names are back
Europe's biggest trade show is set to kick off March 2 in
Last year's CeBIT was quite a bit smaller that what we've grown accustomed to, and it seems the trend will continue in 2010. A total of 4,157 exhibitors from 68 countries will take part this year. Last year the number was 4,292 and although the numbers seem impressive, they were considered to be quite low by some punters.
On the upside, several tech heavyweights will be present for the first time, such as Google and Amazon. It is estimated around 300 exhibitors will be new. In addition to the newcomers, some old names are also back, such as AMD, Motorola, Sony Ericsson, Terratec and Trend Micro.
It's not clear how many visitors will flock to
Be as it may, three or four of those visitors will be our reporters, so you can expect good coverage, provided they steer clear of sausages and beer. (In that case, you guys really shouldn't bother coming back. sub.ed.)
http://www.fudzilla.com/content/view/17805/1/
February 23, 2010
Hackers Target US – No Breach Resistant Credit Cards
* Analysis by: Michael Cherry
* Analysis of: Credit card data security: Who's responsible?
* Published at: www.networkworld.com
Summary
Should
Security at Heartland Payment Systems Inc. was breached and information affecting more than 100 million credit cards stolen.
Henry Helgeson, CEO of Merchant Warehouse, argues that it's the job of merchant account providers like his company (and Heartland), to take the security measures necessary to prevent breaches, but enhancing existing cards could help.
.
Analysis
Phil Lieberman, CEO of Lieberman Software, argues that A perfectly good solution is being used in other countries to minimize.fraud and card cloning: smart cards. This solution is not available to American consumers, merchants or credit card processors because card issuers American Express, JCB, MasterCard Inc (NYSE: MA), Discover and Visa Inc. have not been mandated by the
Mr. Lieberman has a valid point but the parties at risk including TJX, Wal-mart Stores Inc. and the general public are not complaining. Things may be different a year from now or much sooner if federal judges require Hanover Farms Inc., TD Ameritrade and UniCare Life & Health Insurance Co. to make class action payments for exposing third party information that can open the door to ID theft.
Data loss prevention and encryption vendors who likely benefit include: Palisade Systems, Safend, Fidelis Security, GTB Technologies, CA inc (NASDAQ:CA) DLP, Identity Finder, Websense (NASDAQ:WBSN) Data Endpoint, Trend Micro LeakProof, Indorse, Proofpoint, Vericept, Workshare, Symantec (NASDAQ:SYMC) Vontu, EMC (NYSE:EMC) RSA, Voltage, Verdasys and PGP.
http://www.glgroup.com/News/Hackers-Target-US-%E2%80%93-No-Breach-Resistant-Credit-Cards-46769.html
February 26, 2010
Trend Micro Expands its Hosted Security Service
By Channelworld staff, Channelworld
Trend Micro is delivering a new subscription-based, hosted service solution that will allow small businesses to be securely connected, according to a release.
The new services are part of both the Trend Micro 'Worry-Free' family, and its hosted security portfolio.
"The troubling economy has affected everyone, including our channel partners. Trend Micro's commitment to enabling channel-success is recognized throughout the industry and we designed Worry-Free Business Security Services for stronger partner-profitability," said
"Worry-Free Business Security Services sets up and installs in three easy steps so that a partner's cost of sale dramatically reduce. As a hosted solution, and through the benefits of Trend Micro Worry-Free Remote Manager, partners have the ability to provide on-going services at zero cost for multiple customers from one interface. The roll out of the new offerings further reiterates our commitment to our channel partners," commented Amit Nath, Country Manager, India & SAARC, Trend Micro.
http://www.thestandard.com/news/2010/02/25/trend-micro-expands-its-hosted-security-service
February 22, 2010
The Promise of Cloud Computing
A global public relations firm with 120 employees transitions to cloud computing and the IT director lives to tell about the potential relief that software-as-a-service offers to IT.
The promise of cloud computing has been around for years.
Like any new technology, it's taken time for the vendor community to work out the kinks and get cloud computing ready for prime time.
While cloud computing comes in numerous flavors, what I'm going to address and what's typically most relevant to small or mid-sized businesses is software-as-a-service (SaaS). This means that applications are hosted by service providers instead of running on your hardware in the office.
This is a big deal.
My company -- a global PR firm with offices across the
This is what led me to evaluate cloud computing for our office applications. After doing my homework, three options were left on the table: Microsoft, Google, and Amazon.
We opted to go with Microsoft's Business Productivity Online Suite (BPOS) solution which was best-suited for our size, reach, and 24x7 response requirements. This said, you should take the time to evaluate all three options because each provider offers a little different functionality.
Microsoft BPOS is a fully deployed, cloud-based version of Exchange, SharePoint, Office Communications Online, and Office Live Meeting, which allows us to offload basic functions such as e-mail and Web-based collaboration tools.
Why was this important?
For one, our e-mail servers were almost four-years-old -- ancient in "hardware years." The money saved by not purchasing three new servers was a "no brainer."
Furthermore, this approach meant substantial time savings for our IT department -- i.e., that would be me. Microsoft now handles all updates and maintenance, and we no longer have to pay for applications to screen our e-mail for spam or check e-mail for viruses.
For context, consider that our users send and receive over 100,000 e-mails a month. Before moving to the cloud, it used to take on average 12 hours just to back-up our systems. Plus we used to spend $3,000 per year on Trend Micro's spam filtering services.
Rounding out the picture, we were shelling out a chunk of change for collaboration tools such as eRoom (at $300 per license) and Citrix conferencing software ($1,200/per year for just three licenses).
Microsoft's BPOS enabled us to eliminate these costs and ensure that we always have the most current versions of comparable software and a secure environment. The service also comes with 24x7 technical support including support for multiple languages.
This last point carried some weight in our evaluation process. With Microsoft BPOS, our overseas offices now have quicker response time to e-mail and receive support in their local languages.
I also can't emphasize enough the value of engaging with a knowledgeable third-party IT consultant to assist with the transition to the cloud. Just the task of importing e-mails from the legacy system into the cloud application is not for the squeamish. You want to make sure you have someone at your side who has been through this exercise before.
In our case, we partnered with firm called Zag Technical Services. Zag is a Microsoft Gold Partner, and their consultants helped us wade through all of the costs and steps involved in a successful transition, including the migration of 45 gigabytes of e-mail (which is why I used the term "not for the squeamish.")
As you would expect, our transition to the cloud did not come without its challenges. For example, even though our transition was completed six months ago, I'm still receiving feedback -- prefer that word to "complaints" -- about e-mail limitations. Employees who have been with the company for five, 10, 15 or more years used to have no limitations when it came to e-mail use. Now, all of a sudden they're confined by such parameters as a 15MB limit to attachments and 2GB of storage space.
And it's worth pointing out that moving to the cloud has also meant that I had to relinquish some control. Simple requests to modify backend applications now have to go through Microsoft.
Not a problem going through a service provider if the changes are made fairly instantaneously with a three-, six-, even a 12-hour turnaround. But we are currently looking at three days -- a bit frustrating for an IT director who is used to doing everything herself in-house.
Nevertheless, from my perspective as well as from our CFO's, the benefits far outweigh any downside.
Our mantra for 2010 is "shaking up the status quo."
Our move to the cloud has IT leading the charge.
Linda Wilson is the IT director of The Hoffman Agency, a global public relations firm with 120 employees.
http://www.inc.com/software/articles/201002/wilson.html
February 26, 2010
Liquid Computing's funding dries up
Once-promising startup firm lays off workers, begins 'winding down the company'
By Bert Hill, The Ottawa Citizen
Liquid Computing, once one of
Chief executive Vikram Desai, hired just 14 months ago to drive growth, has left the company and most of the
"We thought we were in position for a new round of funding but two of our three major investors were unable to contribute," Liquid chairman Adam Chowaniec said Thursday.
"We have no alternative, but to start winding down the company to preserve as much of the intellectual property as possible."
He said Liquid is looking at plans including the possible sale of intellectual property.
Chowaniec said more than 20
Liquid appears destined to join the long line of
Pat DiPietro, a Liquid director and partner with VG Partners, formerly VenGrowth, said backers "are trying to assemble a package to keep the company going but there is just no capital anywhere."
Investors had poured about $50 million
"Liquid has a phenomenal product that competes with anything Cisco is trying to develop," DiPietro said. "I was on a road trip with Liquid people and I saw the customer excitement."
Just last summer, Liquid appeared to be doing better than other startups, quietly raising $8.3 million
But DiPietro said the global economic crisis crushed sales and fundraising opportunities.
"Basically, we built the foundations and installed the drywall of this building, but now we need the money for a sales and marketing team to carry it forward."
Liquid was founded in 2003 by former engineers from Nortel and other companies. At one point, it was one of the most cocky of startups, dressing employees in penguin suits in hiring campaigns in the midst of the post-bubble collapse.
But the first products got a cool market reception, forcing management changes and a new focus on delivering low-cost products that integrate rather than replace existing data centre gear.
It calls the strategy "unified computing" and the approach has set off an industry battle.
Companies like Hewlett-Packard and Cisco -- which previously co-existed in parts of the profitable market, are now fighting each other.
In addition to Vengrowth, Liquid got financial backing from Business Development Canada and Export Development Canada and some
http://www.ottawacitizen.com/business/Liquid+Computing+funding+dries/2615906/story.html
沒有留言:
張貼留言