2010年6月30日 星期三

FW: NEWSBANK:: Attacks on the Windows Help and Support Center Vulnerability (CVE-2010-1885)


-------------------------------------------
From: Paul Ferguson (RD-US)
Sent: Thursday, July 01, 2010 7:56:03 AM
To: Newsbank
Subject: NEWSBANK:: Attacks on the Windows Help and Support Center Vulnerability (CVE-2010-1885)
Auto forwarded by a Rule


Attacks on the Windows Help and Support Center Vulnerability (CVE-2010-1885)

 

30 Jun 2010 1:35 PM

We've been monitoring for active attacks on the Windows Help and Support Center vulnerability (CVE-2010-1885) since the advisory was released on June 10th.  At first, we only saw legitimate researchers testing innocuous proof-of-concepts.  Then, early on June 15th, the first real public exploits emerged.  Those initial exploits were targeted and fairly limited.  In the past week, however, attacks have picked up and are no longer limited to specific geographies or targets, and we would like to ensure that customers are aware of this broader distribution.  If you have not yet considered the countermeasures listed in the Microsoft Security Advisory (2219475), you should consider them.

As of today, over 10,000 distinct computers have reported seeing this attack at least one time.  Here are some details on the attacks we're seeing.

Geolocation

  • The largest targets in terms of attack volume have been the United States, Russia, Portugal, Germany, and Brazil.
  • A regional saturation rate, the number of attacked computers per a population of monitored systems (counted using a unique identifier), shows a slightly different picture.  In this aspect, Portugal has seen a much higher concentration of attacks - more than ten times the world-wide average per computer.  Russia is second at eight times the world-wide rate.

http://www.microsoft.com/security/portal/blog-images/CVE-2010-1885-saturation-20100629.jpg

Attack Proliferation
Starting last week, we started seeing seemingly-automated, randomly-generated html and php pages hosting this exploit.  This attack methodology constitutes the bulk of attacks that have continued to flourish into this week.  The following chart shows the timeline of the proliferation:

http://www.microsoft.com/security/portal/blog-images/CVE-2010-1885-attacks-20100629.jpg


Payloads of the Exploit
At first, the attacks seemed to focus on downloading Obitel, which is malware that simply downloads other malware.  However, most recently, downloads have run the gamut, varying in methodology (some direct downloads, but also some downloads involving single or double script redirects, which our products detect as TrojanDownloader:JS/Adodb.F and TrojanDownloader:JS/Adodb.G, and also varying in payload.  The following list shows some of the payloads we've detected:

Protection
In addition to the mitigations listed in the advisory, customers using Microsoft Security Essentials, Microsoft Forefront Client Security, Windows Live OneCare, the Forefront Threat Management Gateway, and the Windows Live Safety Platform have had coverage for this exploit since June 10th through the following two antimalware signatures:

Payloads are detected by the signatures mentioned above.

We’ll continue to monitor this situation and provide updates as appropriate.  Special thanks goes to Lena Lin, Rodel Finones, and Chris Stubbs for doing detailed analysis on these attacks and how these exploits are attempting to deliver malware.

- Holly Stewart, MMPC

 

 

http://blogs.technet.com/b/mmpc/archive/2010/06/30/attacks-on-the-windows-help-and-support-center-vulnerability-cve-2010-1885.aspx

 

-ferg

 

--

"Fergie", a.k.a. Paul Ferguson

 Threat Research,

 CoreTech Engineering

 Trend Micro, Inc., Cupertino, California USA

 

FW: Newsbank :: Worldwide Wireless E-Mail Users to Reach 1 Billion by Year-End 2014


-------------------------------------------
From: Susan Wilhite (MKT-US)
Sent: Thursday, July 01, 2010 6:32:08 AM
To: Newsbank
Subject: Newsbank :: Worldwide Wireless E-Mail Users to Reach 1 Billion by Year-End 2014
Auto forwarded by a Rule


http://www.webwire.com/ViewPressRel.asp?aId=119267

Gartner Says Worldwide Wireless E-Mail Users to Reach 1 Billion by Year-End 2014

WEBWIRE – Wednesday, June 30, 2010

By 2014, Social Networking Services Will Replace E-Mail as the Primary Vehicle for Interpersonal Communications for 20 Percent of Business Users

STAMFORD, Conn. - Standardization, interoperability and growing competition from e-mail servers and services are accelerating the commoditization of wireless e-mail, according to Gartner Inc. Vendors are responding by pursuing differentiation in the areas of collaboration, applications and the cloud.

Gartner predicts that worldwide wireless e-mail users will reach 1 billion by year-end 2014. Worldwide business wireless e-mail accounts were estimated at more than 80 million in early 2010, including large, midsize and small organizations, as well as individual professionals — corresponding to about 60 million active users.

"Productivity gains with wireless e-mail are driving adoption beyond executives" said Monica Basso, research vice president at Gartner. "In 2010, enterprise wireless e-mail is still a priority for organizations, whose mobile workforces are up to 40 percent of the total employee base. Most midsize and large organizations in North America and Europe have deployed enterprise wireless e-mail already, but on average, for less than 5 percent of the workforce"

Wireless e-mail makes an individual’s e-mail account accessible and usable via mobile networks on mobile devices, within a local client application or through a Web browser, through a software gateway connected to (or part of) the e-mail server.

An enterprise wireless e-mail deployment has a software gateway that is behind the corporate firewall, possibly connected through a network operations center (NOC) to a mobile client. Most products support Microsoft Exchange Server. IT administration, security and remote device management are supported to a different extent. A consumer wireless e-mail deployment has a software gateway that is deployed by carriers and service providers. The offline e-mail client on the device can be native or downloaded separately. Alternatively, a mobile browser connects to Internet e-mail accounts.

As wireless e-mail begins to integrate with social networking and collaboration, social networking is increasingly complementing e-mail for interpersonal business communications. Gartner predicts that by 2014, social networking services will replace e-mail as the primary vehicle for interpersonal communications for 20 percent of business users.

"People increasingly want to use mobile devices for collaboration to share content, information, and experiences with their communities" Ms. Basso said. "Social paradigms are converging with e-mail, instant messaging, voice over Internet Protocol (VoIP) and presence, creating new collaboration styles"

Cloud e-mail and collaboration services by Microsoft, IBM, Google and other players already include mobile support, but are very early in adoption. However, Gartner predicts that adoption will grow significantly in the next three to five years. In 2009, only 3 percent of e-mail accounts were in the cloud but by the end of 2012, that number will increase to 10 percent.

"Thanks to ease of access, the cloud will generate indirect competition in the wireless e-mail software market and will transform it in the long term" Ms. Basso said. "Cloud e-mail offerings from software and service players, such as Google’s Gmail, will begin to be adopted, pulling wireless e-mail implementations into the cloud as well. Research In Motion and other wireless e-mail vendors will build partnerships with cloud providers to address their customers’ cloud strategies. Through 2012, wireless e-mail products and services will be interchangeable, shipping in large volumes at reduced prices. Wireless e-mail will be highly commoditized and on any device. This commoditization will, in turn, drive standardization and price reductions on service bundles from mobile carriers"

Additional information regarding the wireless e-mail market is available in the Gartner reports "Collaboration and the Cloud Will Transform the Wireless E-Mail Market" on Gartner’s website at http://www.gartner.com/resId=1366945, "Magic Quadrant for Enterprise Wireless E-Mail Software Market" at http://www.gartner.com/resId=1384349, and "Critical Capabilities for Enterprise Wireless E-Mail Software at http://www.gartner.com/resId=1384335.

 

 

Susan Wilhite | UX Researcher & Trend Community Manager

10101 North De Anza Blvd., Cupertino, CA USA 95014

Office: 408.863.6594

P Please consider the environment before printing this e-mail

 

FW: Newsbank: FBI Defends Disruptive Raids on Texas Data Centers


-------------------------------------------
From: Gavin Hill (PM-US-ENT)
Sent: Thursday, July 01, 2010 1:16:02 AM
To: Newsbank
Subject: Newsbank: FBI Defends Disruptive Raids on Texas Data Centers
Auto forwarded by a Rule


Nice play for SecureCloud J

“The FBI on Tuesday defended its raids on at least two data centers in Texas, in which agents carted out equipment and disrupted service to hundreds of businesses.

The raids were part of an investigation prompted by complaints from AT&T and Verizon about unpaid bills allegedly owed by some data center customers, according to court records. One data center owner charges that the telecoms are using the FBI to collect debts that should be resolved in civil court. But on Tuesday, an FBI spokesman disputed that charge.

"We wouldn’t be looking at it if it was a civil matter," says Mark White, spokesman for the FBI’s Dallas office. "And a judge wouldn’t sign a federal search warrant if there wasn’t probable cause to believe that a fraud took place and that the equipment we asked to seize had evidence pertaining to the criminal violation."


Read More http://www.wired.com/threatlevel/2009/04/data-centers-ra/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%253A+wired%252Findex+%2528Wired%253A+Index+3+%2528Top+Stories+2%2529%2529&utm_content=Google+Feedfetcher#ixzz0sMAwFM4h

 

 

Description: cid:image001.gif@01C8CC88.09698CF0

 

 

Gavin Hill | Sr. Product Manager, Data Center Security

500 E. Border St. 7th Floor Arlington, TX. 76010

Office: +1 817.569.7281 | Cell: +1 949.300.0308

Fax: +1 817.274.8193

www.trendmicro.com

 

 

FW: NEWSBANK:: e-Banking Bandits Stole $465,000 From California Escrow Firm

-------------------------------------------
From: David Sancho (AV-EMEA)
Sent: Wednesday, June 30, 2010 7:34:27 PM
To: Paul Ferguson (RD-US); Newsbank
Subject: RE: NEWSBANK:: e-Banking Bandits Stole $465,000 From California Escrow Firm
Auto forwarded by a Rule

That is brilliant. The guy receives the trojan, runs it and doesn't see anything flashy, so he forwards it to his assistant to try it again on her pc. They don't have basic security awareness trainings there (obviously)

Regards,

David


________________________________

From: Paul Ferguson (RD-US)
Sent: 29 June 2010 00:23
To: Newsbank
Subject: NEWSBANK:: e-Banking Bandits Stole $465,000 From California Escrow Firm

http://krebsonsecurity.com/wp-content/uploads/2010/06/dollarkey-300x275.jpg <http://krebsonsecurity.com/wp-content/uploads/2010/06/dollarkey.jpg>

A California escrow firm has been forced to take out a pricey loan to pay back $465,000 that was stolen when hackers hijacked the company's online bank account earlier this year.

In March, computer criminals broke into the network of Redondo Beach based Village View Escrow Inc. and sent 26 consecutive wire transfers to 20 individuals around the world who had no legitimate business with the firm.

Owner Michelle Marisco said her financial institution at the time - Professional Business Bank of Pasedena, Calif. - normally notified her by e-mail each time a new wire was sent out of the company's escrow account. But the attackers apparently disabled that feature before initiating the fraudulent wires.

The thieves also defeated another anti-fraud measure: A requirement that two employees sign off on any wire requests. Marisco said that a few days before the theft, she opened an e-mail informing her that a UPS package she had been sent was lost, and urging her to open the attached invoice. Nothing happened when she opened the attached file, so she forwarded it on to her assistant who also tried to view it. The invoice was in fact a Trojan horse program that let the thieves break in and set up shop and plant a password-stealing virus on both Marisco's computer and the PC belonging to her assistant

As a guarantor of payment for residential real estate transactions, Village View Escrow holds other peoples' money until the sale of a property is complete. Failure to come up with the funds when a real estate deal is finalized can spell bankruptcy and possibly worse for an escrow provider. Since the incident, Marisco has had to take out a $395,000 loan at 12 percent to cover the loss (she managed to get $70,000 in wires reversed).

"I'm working for nothing right now, and can't afford to pay myself," Marisco said in a phone interview.

Officials from Professional Bank did not immediately return calls seeking comment.

Marisco said her bank disavowed any responsibility for the incident early on, and that the bank believes the thieves had even used her company's Internet address to access the account, apparently by leveraging the Trojan they had planted to tunnel their connection through her machine.

Village View Escrow depends on wires to finalize residential real estate sales in the California area, but had never before sent a wire outside the United States. Yet, several of the wires were sent internationally, including a direct $88,000 wire to PrivateBank in Latvia, and a $94,000 transfer to Norvika Bank, also in Latvia.

The rest of the money was sent via wire to numerous individuals across the United States who were willingly or unwittingly recruited over the Internet through work-at-home job scams that promised work as international finance agents for a company that claimed to help corporations move their money abroad faster than they might be able to do otherwise.

At least the thieves were honest on that point.

The case of Village View Escrow shows that while small businesses are frequently the target of this sophisticated type of e-banking fraud, small business owners also often are involved in helping to fleece the victims. Indeed, many of the fraudulent wires that the thieves sent from Village View Escrow's online account were for amounts between $10,000 and $30,000 that were sent to checking or savings accounts belonging to small business owners.

E-banking thieves normally keep their fraudulent transfers to less than $10,000 to avoid the anti-money laundering requirements of the retail banks. But the fraudsters can move far more money through business accounts without raising any red flags.

According to Village View Escrow, one of the mules was a real estate agent in Houston who received two wires totaling $34,000. Another fraudulent wire for $29,000 was sent to an upstart software firm in Tennessee.

"Probably 60 percent of them were people who were trying to start a small business," said Ken Holloman,Village View Escrow's information technology consultant. "They were everything from a guy who had started a gem company, another that had started a watch company...most of them were just trying to some business going and some income coming in."

I have said it before <http://www.businessweek.com/idg/2010-06-17/banking-s-big-dilemma-how-to-stop-cyberheists-via-customer-pcs.html> and will say it again: No online banking authentication system works unless it starts with the premise that the customer's machine is already compromised by malware that gives thieves complete control over the customer system. But for better or worse, the commercial banks have no (dis)incentive to do much to improve the integrity of online banking transactions because the current regulations effectively hold them harmless when a customer loses money.

Some commercial banks are adopting security measures that don't merely involve pushing the security entirely out to the customer's computer. But regardless of whether the legal equation changes, small to mid-sized businesses can dramatically reduce the risk of becoming the next victim of this type of crime by either using a dedicated PC for online banking, or by accessing their accounts only from a computer booted up into a Live CD <http://voices.washingtonpost.com/securityfix/2009/10/avoid_windows_malware_bank_on.html> .

This entry was posted on Monday, June 28th, 2010 at 5:27 pm

http://krebsonsecurity.com/2010/06/e-banking-bandits-stole-465000-from-calif-escrow-firm/

-ferg

--

"Fergie", a.k.a. Paul Ferguson

Threat Research,

CoreTech Engineering

Trend Micro, Inc., Cupertino, California USA


TREND MICRO EMAIL NOTICE
The information contained in this email and any attachments is confidential and may be subject to copyright or other intellectual property protection. If you are not the intended recipient, you are not authorized to use or disclose this information, and we request that you notify us by reply mail or telephone and delete the original message from your mail system.

FW: NEWSBANK: Trend Micro wins out as SME sales crash


-------------------------------------------
From: Fabian Romankewicz (GECS-DE-ENT)
Sent: Wednesday, June 30, 2010 5:05:10 PM
To: Newsbank
Subject: NEWSBANK: Trend Micro wins out as SME sales crash
Auto forwarded by a Rule


Thanks to Michael McLaughlin for pointing on that article in TM EMEA Social Network Yammer

 

http://www.channelweb.co.uk/crn/news/2265622/trend-micro-tops-sme-sales-poll

 

Trend Micro wins out as SME sales crash

Anti-virus vendor leads way in SME security software sales but overall market shrinks

Written by Caroline Donnelly

Trend Micro has been named as the market leader in the SME security software space, but the overall market shrunk back almost a third during 2010's second quarter.

According to figures from analyst Context's SalesWatch, the vendor sold the highest number of security licences via distribution in the UK, France, Germany and Italy during the second quarter of 2010.

Alex Mesguich, vice president of enterprise research at Context, said: “The growth is largely attributable to Trend Micro's popular Worry-Free Business Security suite, with some products in this suite ranking first, second and fourth amongst the top-10 products sold in the SME security segment.”

But the findings also show that sales of security software licences within the SME space are down 30 per cent overall on last year.

 

2010年6月29日 星期二

FW: NEWSBANK:: Adobe Issues Acrobat and Reader Updates


-------------------------------------------
From: Paul Ferguson (RD-US)
Sent: Wednesday, June 30, 2010 3:06:27 AM
To: Newsbank
Subject: NEWSBANK:: Adobe Issues Acrobat and Reader Updates
Auto forwarded by a Rule


Tuesday June 29, 2010

Adobe Issues Acrobat and Reader Updates

 

As promised last week, Adobe has released new versions of Reader and Acrobat to address an unpatched vulnerability revealed earlier this month.

In fact this update addresses a total of 17 vulnerabilities, including the one that made news weeks ago. Because they are clearing a backlog of vulnerability fixing work in this release, there will no longer be a regularly-scheduled update this coming Patch Tuesday, July 13.

All 17 vulnerabilities are listed as enabling remote code execution, at least possibly. The one which had been previously reported, CVE-2010-1297, has also been exploited in the wild. Note that this particular vulnerability is actually a Flash vulnerability which has already been fixed in the standalone Flash client. Acrobat and Reader are affected because they support Flash content embedded in PDF files.

The new versions of Acrobat and Reader are 8.2.3 and 9.3.3, but Adobe strongly recommends using the 9.x products. Windows, Mac and UNIX/Linux are all affected and all patched.

Adobe credits 9 different researchers and companies for reporting the vulnerabilities fixed here. The usual suspects are all there (VUPEN, TippingPoint, Didier Stevens, Tavis Ormandy, etc) but one was reported in from NATO.

On their Reader blog, Adobe also adds some updates on other security issues:

One common complaint about Reader is that the version offered as a full installer is not always completely up to date. Often you have to download a new version from http://get.adobe.com/reader and then do an update process in order to get it up to date. Adobe has been working on a method of always offering a full-updated full version, and this method will be implemented next Patch Tuesday (July 13) when version 9.3.3 will be available in full form.

Adobe also noted that they have been using their new updating software since April and that it is going well, with users much quicker to apply updates than with the earlier software.

Finally, Adobe has made changes to the /Launch functionality which Didier Stevens showed how to abuse a few months back. The feature no longer works by default and the dialog box used in the attack has been modified in order to prevent

 

http://blogs.pcmag.com/securitywatch/2010/06/adobe_issues_acrobat_and_reade.php

 

-ferg

 

--

"Fergie", a.k.a. Paul Ferguson

 Threat Research,

 CoreTech Engineering

 Trend Micro, Inc., Cupertino, California USA

 

 

FW: NEWSBANK :: Falling Security software sales buoyed by SMB


-------------------------------------------
寄件者: Jon Clay (MKT-US)
傳送日期: Tuesday, June 29, 2010 11:14:39 PM
收件者: Tony Larks (MKT-EMEA); Newsbank
主旨: RE: NEWSBANK :: Falling Security software sales buoyed by SMB
自動依照規則轉寄


EMEA,

 

Great job over there guys and gals.  Keep up the great work and let’s crush our competition this year!!!

 

Thanks,


Jon Clay

Sr. Core Technology Marketing Manager

(970) 419-0611

From: Tony Larks (MKT-EMEA)
Sent: Tuesday, June 29, 2010 2:24 AM
To: Newsbank
Subject: NEWSBANK :: Falling Security software sales buoyed by SMB

 

News release being made by Context on SMB Security later today – paints Trend as market leader for SMB solutions in Europe (DE, FR, IT, UK) based upon Distribution sales numbers.

Trend Micro #1 in SMB Security!

T<

 

 

Falling Security software sales buoyed by SMB

Context, the technology market research specialists and leaders in providing competitive analysis, today reveals that sales of security software through distribution in the small to medium business space continue to grow strong in the second quarter of 2010.

Figures from Context’s SalesWatch Security Software show that sales of security licenses in the sub 100 seats SMB segment through largest distributors in France, UK, Germany and Italy were led by Trend Micro, recording 26.9% market share.

“The growth is largely attributable to Trend Micro's popular Worry-Free Business Security suite, with some products in this suite ranking first, second and fourth amongst the top 10 products sold in the small to medium business security segment”, said Alex Mesguich, VP of Enterprise Research at Context

McAfee, with its Active Virus Scan Family, accounted for third place in Context's Top Seller ranking, which left the vendor in second place in this particular segment at 24.6% market share. 

Sales of security software licenses in the overall small business segment fell by 30% in comparison to the same period last year, with only Kaspersky outperforming the market showing over 8% growth in May compared to the same month last year. 

In contrast, the small business market showed soaring sales of data management software licenses, which grew by 60% in April and May 2010 respectively in comparison to last year, mainly attributed sales by McAfee and Symantec. Top Seller products in this segment were Symantec’s Ghost Solution and Enterprise Vault product families, followed by the ARCserve Backup Client Agent family from CA Technologies ranking at number ten.

 

About Context
The Context Distribution Panel records over one billion euros a week in technology product sales to resellers serving businesses and consumers across Europe, based on sales reports from seventy of the region's leading national and international broadline and specialist distributors. This Panel benefits from exclusive access to EMEA data from the Global Technology Distribution Council (GTDC), a international consortium of the IT industry”s leading wholesale distributors. This, coupled with the Panel's strong local representation, provides the most comprehensive and accurate reporting of channel sales out data in Europe.

 

 

 

cid:image001.gif@01C8EE45.3DB70DA0

 

Tony Larks | Snr Marketing Director, EMEA

Pacific House, Third Avenue, Globe Business Park, Marlow, Buckinghamshire, SL7 1YL

Office: +441628 400493 | Mobile: +44 7979 755722

 

Think_Again_Email_Sig3

 

 

FW: NEWSBANK :: CIO magazine says Trend worth exploring


-------------------------------------------
寄件者: Tony Larks (MKT-EMEA)
傳送日期: Tuesday, June 29, 2010 4:31:51 PM
收件者: Newsbank
主旨: NEWSBANK :: CIO magazine says Trend worth exploring
自動依照規則轉寄


Great work on part of Declan, Rik and the NSPR team to nurture this relationship on the back of an Exec Briefing with Eva last year.

Rik & Trend blog directly to the CIO Community on a regular basis @ http://www.cio.co.uk/author/rik-ferguson/

 

 

10 vendors CIOs should watch, part 1

The first 10 new vendors to consider

By Martin Veitch | Published: 07:23 GMT, 22 June 10 | CIO UK

http://media.cio.co.uk/cmsdata/features/3227578/20towatch_dec09%5b1%5d_thumb160.JPG

So many ICT companies, so little time... Here at CIO, a great many companies pass through our doors or ghost across our desktops. There’s not always the time or place to give them the mentions they deserve but they stay lodged in our minds in a virtual file marked ‘hmm, they’re quite interesting.’ Sometimes they’re startups, sometimes huge multi-billion concerns, although in the latter case we’ve probably written about them numerous times in the past. At other times they’re just folks that have come up with a new slant and made us think. Here is the first batch of 20 vendors of whom you might not have heard, but you might want to investigate.

Cobalt Datacentre
There are plenty of datacentres around and plenty of demand to fill them. It’s just a pity so many of them have been squeezed into the south-east of England because London-obsessed companies want to feel that their bytes are only an hour’s drive away. Cobalt’s datacentre on the other hand is in the former mining village of West Allotment in North Tyneside, midway between one of the world’s most charming cities, Newcastle-Upon-Tyne, and the coast. It’s located next to a highly successful modern business park and has state-of-the-art connectivity and resilience and uses free cooling, doubtless helped by the chill winds blowing in from Scandinavia. The boldness of the developer, Highbridge, merits success. www.cobaltdatacentre.com

Swiss Post Solutions
I’ve been pitched a lot of times but I’ve never ever been told that the mail room could become the nerve centre of the enterprise... at least until Swiss Post came knocking. Of course that’s overselling, but Swiss Post’s attempts to modernise the mailroom is admirable. Letters and parcels are digitised and workflow disciplines instilled: a letter might be scanned and disposed of if recognised as junk mail, for example. The old post incumbents are in the process of reinventing themselves in many ways and this is an interesting example of the species.
www.swisspostsolutions.com

Rosslyn Analytics
Business intelligence and analytics generally is a hot topic for CIOs today. Most large organisations will have ‘done’ BI at least once but early tools were relatively clunky and very expensive, and several of the larger players got subsumed into enterprise software stacks via M&A. A new generation aims to provide a sleeker presentation layer at an affordable price and drill down to address specific issues. Rosslyn Analytics is a fast-growing, aggressively marketed company that has narrowed in on analysing companies’ spending patterns via a SaaS model and is winning very strong word-of-mouth approval.
www.rosslynanalytics.com

Trend Micro
Symantec has become the 800-pound gorilla of a security software industry that has risen on the tide of panic caused by the internet and ridden another wave of executive fear, courtesy of corporate governance rules and regulations. But every attempt to build a one-stop-shop leaves gaps and Trend has done an outstanding job in building its reputation in antivirus but also in a host of related malware concerns. Perhaps customers like the slightly different approach borne of the Asian roots of this company or maybe it’s the fearless marketing and outspoken commentary but Trend is trending upwards.
http://uk.trendmicro.com

Ooyala
Brightcove has emerged as the 800-pound gorilla in online video platforms that let you publish video, analyse what happened afterwards (who watched it, for how long, where did they come from, what did they do next etc) and figure out how to make money from the whole project. Three-year-old Ooyala is a well financed challenger that many good pundits believe is the one to watch in the category. And it does have a wonderful name.
www.ooyala.com

Thoughtworks

In IT services it can be hard to differentiate yourself. It’s a people and numbers game and you just count the certification badges, right? That might be OK for bog-standard ‘your mess for less’ outsourcing but in specialist areas it’s still possible to be outstanding and Thoughtworks has built a tremendous reputation – especially in the creative/digital sector -- for taking a fresh look at problems and opportunities and for employing a highly agile development framework that can act as a catalyst for internal change also.
www.thoughtworks.com

Liemur
Today there’s a lot of concern over cloud computing. Is it a security risk? What if you lose your internal clout? Will it make you redundant in the end? Couldn’t we just do something similar internally? The same concerns were aired over outsourcing 10 years ago and they must have been answered reasonably well because most large concerns today outsource IT to some extent. But the companies that are most attractive are those that have recognised the barriers -- cultural difficulties in offshoring, measuring ROI, maintaining a true partnership and so on -- and anticipated issues. Of the great many small companies I have met in the sector in the last couple of years I was most impressed by Liemur’s answers to these challenges.
www.liemur.com

Workday
Of all the newer companies delivering a pure software-as-a-service approach to applications, Workday is the one most worth watching. First, because its roots are interesting: many key staff including CEO Dave Duffield came from PeopleSoft so they know where the bodies are buried in ERP. Second, the company is well funded so needn’t sell out to the first predator that swims alongside. Third, large-scale ERP is often seen as protected from SaaS because you somehow ‘need’ it on premise. Workday will be the acid test.
www.workday.com

InterXion
There’s no shortage of choice in datacentre co-location providers but they are not all created equal. InterXion differs from many in being carrier-neutral (so you can use your own telco), large, highly dispersed in key geographies and being able to serve a wide variety of sectors from algorithmic traders to firms who just need a place to back up and archive.
www.interxion.com

Reliance Globalcom
Vanco’s financial troubles of a couple of years back saw it rescued by Indian giant Reliance, thus saving the former’s innovative model of offering bundled communications providers to save cost, get access to best-of-breed providers in different geographies and have one company offer front-end service and billing. As globalisation and the web let companies grow from zero to large company in record time that’s a timely model.
www.relianceglobalcom.com

 

 

From: Declan Waters (MKT-EMEA)
Sent: 28 June 2010 14:06
To: Tony Larks (MKT-EMEA); Caroline Hodson (MKT-UK); Nikki Croxford (MKT-UK); Nigel Seddon (SAL-UK); Gavin Lyons (MKT-UK); Lesley Gilbert (SAL-UK); Anthony O'Mara (VP-EMEA); Rachel Hinde-Harris (MKT-UK); Chris Hayward (MKT-EMEA); Rik Ferguson (SOS-EMEA); Simon Young (SAL-CA-C)
Subject: CIO magazine says Trend worth exploring

 

http://www.cio.co.uk/article/3227578/20-vendors-that-are-worth-exploring/

 

I like this quote from the editor:

 

“Perhaps customers like the slightly different approach borne of the Asian roots of this company or maybe it’s the fearless marketing and outspoken commentary but Trend is trending upwards”.

 

Declan

 

 

image003

 

Declan Waters | Snr PR & Communications Manager, EMEA

Pacific House, Third Avenue, Globe Business Park, Marlow, Buckinghamshire, SL7 1YL

Office: +44 1628 400 587  Mobile: +44 7799 674 830

 





 

FW: NEWSBANK :: Falling Security software sales buoyed by SMB


-------------------------------------------
寄件者: Tony Larks (MKT-EMEA)
傳送日期: Tuesday, June 29, 2010 4:23:45 PM
收件者: Newsbank
主旨: NEWSBANK :: Falling Security software sales buoyed by SMB
自動依照規則轉寄


News release being made by Context on SMB Security later today – paints Trend as market leader for SMB solutions in Europe (DE, FR, IT, UK) based upon Distribution sales numbers.

Trend Micro #1 in SMB Security!

T<

 

 

Falling Security software sales buoyed by SMB

Context, the technology market research specialists and leaders in providing competitive analysis, today reveals that sales of security software through distribution in the small to medium business space continue to grow strong in the second quarter of 2010.

Figures from Context’s SalesWatch Security Software show that sales of security licenses in the sub 100 seats SMB segment through largest distributors in France, UK, Germany and Italy were led by Trend Micro, recording 26.9% market share.

“The growth is largely attributable to Trend Micro's popular Worry-Free Business Security suite, with some products in this suite ranking first, second and fourth amongst the top 10 products sold in the small to medium business security segment”, said Alex Mesguich, VP of Enterprise Research at Context

McAfee, with its Active Virus Scan Family, accounted for third place in Context's Top Seller ranking, which left the vendor in second place in this particular segment at 24.6% market share. 

Sales of security software licenses in the overall small business segment fell by 30% in comparison to the same period last year, with only Kaspersky outperforming the market showing over 8% growth in May compared to the same month last year. 

In contrast, the small business market showed soaring sales of data management software licenses, which grew by 60% in April and May 2010 respectively in comparison to last year, mainly attributed sales by McAfee and Symantec. Top Seller products in this segment were Symantec’s Ghost Solution and Enterprise Vault product families, followed by the ARCserve Backup Client Agent family from CA Technologies ranking at number ten.

 

About Context
The Context Distribution Panel records over one billion euros a week in technology product sales to resellers serving businesses and consumers across Europe, based on sales reports from seventy of the region's leading national and international broadline and specialist distributors. This Panel benefits from exclusive access to EMEA data from the Global Technology Distribution Council (GTDC), a international consortium of the IT industry”s leading wholesale distributors. This, coupled with the Panel's strong local representation, provides the most comprehensive and accurate reporting of channel sales out data in Europe.

 

 

 

cid:image001.gif@01C8EE45.3DB70DA0

 

Tony Larks | Snr Marketing Director, EMEA

Pacific House, Third Avenue, Globe Business Park, Marlow, Buckinghamshire, SL7 1YL

Office: +441628 400493 | Mobile: +44 7979 755722

 

Think_Again_Email_Sig3

 

 

2010年6月28日 星期一

FW: Newsbank: Winning the AV product testing wars


-------------------------------------------
寄件者: Eva Chen (CEO)
傳送日期: Tuesday, June 29, 2010 2:33:53 PM
收件者: Anthony Arrott (IMT-US); Newsbank
主旨: RE: Newsbank: Winning the AV product testing wars
自動依照規則轉寄


Second down and 10…continue marching to the end zone!

Eva

 

From: Anthony Arrott (IMT-US)
Sent: Tuesday, June 29, 2010 2:07 AM
To: Newsbank
Subject: Newsbank: Winning the AV product testing wars

 

http://www.readwriteweb.com/enterprise/2010/06/antivirus-product-testing-changing.php

ReadWrite Enterprise

(sponsored by Intel)

25 June 2010

 

Antivirus Product Testing is Changing, Whether Vendors Like it or Not

 

by Klint Finley

 

HIGHLIGHTS:

Some vendors have protested NSS's ratings in the past, but like it or not NSS is changing the way security testing is conducted.

...

According to [NSS Labs President Rick] Moy, typical testing involves using malware sets from Wildlist or Antivirus Bulletin - both of which use samples provided by the antivirus protection industry, some of which might be quite old. The results of AV-Comparatives' most recent report, its "Retrospective/Proactive Test," are radically different from NSS's. Trend Micro did fairly poorly in this test, while Panda did quite well. AVG out performed Trend Micro. Peter Stelzhammer of AV-Comparatives confirmed via e-mail that the NSS and AV-Comparatives tests are not comparable, and that AV-Comparatives is working on a test similar to NSS's.

...

A consensus is forming in the security industry that there's a need for new prevention techniques - and new testing methodologies to evaluate those techniques. The need for new testing methodologies was the theme of the "Measuring The Actual Security Anti-Virus Products Provide Customers" panel at SOURCE 2010 Boston in May [organized & sponsored by Trend Micro with upcoming follow-up session at SOURCE Barcelona Conference in September, http://www.sourceconference.com/ – Newsbank note], which included Stelzhammer, NSS CEO Vik Phatak, and representatives from CheckVir Labs, Dennis Technology Labs, PC Security Labs and West Coast Labs. Stelzhammer detailed the difficulties involved in doing live, Internet-connected testing and explained the methodologies for AV-Comparatives' future NSS-like tests.

...

AV-Test has released a test based on methodologies similar to NSS's, with comparable results. According to the report published by Trend Micro: "ICSA and others such as Virus Bulletin state they will be evolving their certification practices in coming months to include real-time testing and/or testing against today's threats."

...

Article conclusion:

Science is about repeatable, verifiable results. The only way to glean a better understanding of the efficacy of various endpoint protection products is for more labs to employ cutting edge testing methodologies. The more tests released in the future, the more information enterprises will have in making informed decisions.

 

full article at:  http://www.readwriteweb.com/enterprise/2010/06/antivirus-product-testing-changing.php

 

 

FW: NEWSBANK:: e-Banking Bandits Stole $465,000 From California Escrow Firm


-------------------------------------------
寄件者: Paul Ferguson (RD-US)
傳送日期: Tuesday, June 29, 2010 7:22:38 AM
收件者: Newsbank
主旨: NEWSBANK:: e-Banking Bandits Stole $465,000 From California Escrow Firm
自動依照規則轉寄


http://krebsonsecurity.com/wp-content/uploads/2010/06/dollarkey-300x275.jpg

A California escrow firm has been forced to take out a pricey loan to pay back $465,000 that was stolen when hackers hijacked the company’s online bank account earlier this year.

In March, computer criminals broke into the network of Redondo Beach based Village View Escrow Inc. and sent 26 consecutive wire transfers to 20 individuals around the world who had no legitimate business with the firm.

Owner Michelle Marisco said her financial institution at the time — Professional Business Bank of Pasedena, Calif. – normally notified her by e-mail each time a new wire was sent out of the company’s escrow account. But the attackers apparently disabled that feature before initiating the fraudulent wires.

The thieves also defeated another anti-fraud measure: A requirement that two employees sign off on any wire requests. Marisco said that a few days before the theft, she opened an e-mail informing her that a UPS package she had been sent was lost, and urging her to open the attached invoice. Nothing happened when she opened the attached file, so she forwarded it on to her assistant who also tried to view it. The invoice was in fact a Trojan horse program that let the thieves break in and set up shop and plant a password-stealing virus on both Marisco’s computer and the PC belonging to her assistant

As a guarantor of payment for residential real estate transactions, Village View Escrow holds other peoples’ money until the sale of a property is complete. Failure to come up with the funds when a real estate deal is finalized can spell bankruptcy and possibly worse for an escrow provider. Since the incident, Marisco has had to take out a $395,000 loan at 12 percent to cover the loss (she managed to get $70,000 in wires reversed).

“I’m working for nothing right now, and can’t afford to pay myself,” Marisco said in a phone interview.

Officials from Professional Bank did not immediately return calls seeking comment.

Marisco said her bank disavowed any responsibility for the incident early on, and that the bank believes the thieves had even used her company’s Internet address to access the account, apparently by leveraging the Trojan they had planted to tunnel their connection through her machine.

Village View Escrow depends on wires to finalize residential real estate sales in the California area, but had never before sent a wire outside the United States. Yet, several of the wires were sent internationally, including a direct $88,000 wire to PrivateBank in Latvia, and a $94,000 transfer to Norvika Bank, also in Latvia.

The rest of the money was sent via wire to numerous individuals across the United States who were willingly or unwittingly recruited over the Internet through work-at-home job scams that promised work as international finance agents for a company that claimed to help corporations move their money abroad faster than they might be able to do otherwise.

At least the thieves were honest on that point.

The case of Village View Escrow shows that while small businesses are frequently the target of this sophisticated type of e-banking fraud, small business owners also often are involved in helping to fleece the victims. Indeed, many of the fraudulent wires that the thieves sent from Village View Escrow’s online account were for amounts between $10,000 and $30,000 that were sent to checking or savings accounts belonging to small business owners.

E-banking thieves normally keep their fraudulent transfers to less than $10,000 to avoid the anti-money laundering requirements of the retail banks. But the fraudsters can move far more money through business accounts without raising any red flags.

According to Village View Escrow, one of the mules was a real estate agent in Houston who received two wires totaling $34,000. Another fraudulent wire for $29,000 was sent to an upstart software firm in Tennessee.

“Probably 60 percent of them were people who were trying to start a small business,” said Ken Holloman,Village View Escrow’s information technology consultant. “They were everything from a guy who had started a gem company, another that had started a watch company…most of them were just trying to some business going and some income coming in.”

I have said it before and will say it again: No online banking authentication system works unless it starts with the premise that the customer’s machine is already compromised by malware that gives thieves complete control over the customer system. But for better or worse, the commercial banks have no (dis)incentive to do much to improve the integrity of online banking transactions because the current regulations effectively hold them harmless when a customer loses money.

Some commercial banks are adopting security measures that don’t merely involve pushing the security entirely out to the customer’s computer. But regardless of whether the legal equation changes, small to mid-sized businesses can dramatically reduce the risk of becoming the next victim of this type of crime by either using a dedicated PC for online banking, or by accessing their accounts only from a computer booted up into a Live CD.

This entry was posted on Monday, June 28th, 2010 at 5:27 pm

 

http://krebsonsecurity.com/2010/06/e-banking-bandits-stole-465000-from-calif-escrow-firm/

 

-ferg

 

--

"Fergie", a.k.a. Paul Ferguson

 Threat Research,

 CoreTech Engineering

 Trend Micro, Inc., Cupertino, California USA

 

 

FW: NEWSBANK: Icann approves Chinese character web domains


-------------------------------------------
寄件者: Joahnna Hipolito (AV-PH)
傳送日期: Tuesday, June 29, 2010 11:12:24 AM
收件者: Newsbank
主旨: NEWSBANK: Icann approves Chinese character web domains
自動依照規則轉寄


Icann approves Chinese character web domains

Page last updated at 09:43 GMT, Monday, 28 June 2010 10:43 UK

 

Chinese people should soon find it easier to browse the web as domain names written in Chinese win approval.

Net address overseer Icann has approved the creation of domains that use only Chinese characters.

The decision builds on earlier work to create internationalised domain names (IDNs) using with non-Latin characters.

The first IDNs were for Arabic scripts and Egypt, Saudi Arabia and the United Arab Emirates were the first to register domains using them.

Icann said firms in China, Hong Kong and Taiwan would soon be issuing domains for people and organisations within their countries that are written with all Chinese scripts.

"One fifth of the world speaks Chinese and that means we just increased the potential online accessibility for roughly a billion people," said Icann head Rod Beckstrom in a statement.

He said the decision goes some way towards addressing the contradiction that 60% of the net's users are non-native English speakers yet the dominant language online is English.

This is because when the domain name system was set up addresses, such as the familiar .com and .uk, were written only with Latin characters.

Workarounds for this have been developed which mix Latin and native character sets. Mr Beckstrom said many years of work by the Internet Engineering Task Force had made it possible to use domains written completely in one text.

Icann said that IDNs in 20 languages were being prepared with Thai and Tamil expected to follow soon.

News about the decision was released at the 38th international Icann meeting held in Brussels from 20-25 June.

At the same meeting the .xxx domain, which will cater to pornographic websites, also won approval.

 

http://news.bbc.co.uk/2/hi/technology/10432404.stm