FW: newsbank: skyrocketing virsues, less danger?

-------------------------------------------
From: Susan Orbuch (MKT-US)
Sent: Saturday, September 04, 2010 7:16:23 AM
To: Newsbank
Subject: newsbank: skyrocketing virsues, less danger?
Auto forwarded by a Rule

Published on InfoWorld (http://www.infoworld.com)

Home > InfoWorld Tech Watch > Skyrocketing viruses, less danger? > Skyrocketing viruses, less danger?

---

Skyrocketing viruses, less danger?

By InfoWorld Tech Watch

Created 2010-09-02 09:32AM

 

In 2008, antivirus firm Sophos processed about 20,000 "new" pieces of malware [1] every day. By mid-year 2010, cyber criminals [2] had apparently tripled the company's workload, producing 60,000 different malware samples.

Other antivirus firms report similar increases in the number of uniquely identified malicious software. In its recently released quarterly threat report, for example, McAfee claims to be processing 55,000 "new" pieces of malware every day. Antivirus firm Panda also states that it recognizes 55,000 variants of malicious software every day.

[ Master your security with InfoWorld's interactive Security iGuide [3]. | Stay up to date on the latest security developments with InfoWorld's Security Central newsletter [4]. ]

Cue the pulling of hair and shouting from the street corners: "The end is nigh!"

Hardly.

While more data is always better, the seemingly inevitable escalation of the volume of malware processed by security firms has little meaning without knowing the context of antivirus firms' operations. While the implication is that more malware equals a greater threat, the reality is that we don't have enough data to figure out how more variance in malware is affecting the threat landscape.

What is the definition of "new," for example? In the past, many antivirus firms classified viruses by their MD5 hashes; add a simple string, even a character, and you have a new piece of malware. Many, if not all, security firms now use signatures as a way to classify what is new -- if they have to include a new pattern in their database to recognize the program, then the malware is "new."

Yet, cyber criminals attempts to get around antivirus software as quickly and as painlessly as possible means that the number of signatures will continue to increase, until every piece of malicious software encountered by a victim's computer is automatically generated to be different.

Perhaps a better measure of the threat posed by malicious programs is the percentage of samples that can bypass the protections of security software. Critics of antivirus software frequently point to dismal numbers on VirusTotal as proof that the software is failing. But the testing of security products rarely tests all of their capabilities, so automated testing such as VirusTotal does not give a perfect picture of the effectiveness of defenses.

A second measure may be the increase in workload for antivirus firms over time. Yet, that is also a complex situation to measure. While security firms are hiring more analysts, they are also improving their automated analysis systems and moving their infrastructures to the cloud. McAfee estimates that only 5 percent of malware need to be seen by an analyst.

"The analysts only want to handle the 5 percent that was not handled by automation," says David Marcus, security research and communications manager for McAfee. "To keep up with the other 95 percent, we have to continually improve our back-end systems."

In the end, the proliferation of malware variants should not, by itself, be considered a threat. The security industry needs to find better measures of how the increase impacts users' efforts to remain secure.

This article, "Skyrocketing viruses, less danger? [5]," was originally published at InfoWorld.com [6]. Get the first word on what the important tech news really means with the InfoWorld Tech Watch blog [7].

 

FW: NEWSBANK: Blue Coat brings in new (mean looking) CEO

-------------------------------------------
寄件者: David Lieberman (PMM-US-ENT)
傳送日期: Saturday, September 04, 2010 12:52:03 AM
收件者: Newsbank
主旨: NEWSBANK: Blue Coat brings in new (mean looking) CEO
自動依照規則轉寄

Blue Coat shares jump as new CEO is named

NEW YORK

Shares of Blue Coat Systems Inc. soared Wednesday after the security hardware and software maker named a new leader.

THE SPARK: The company said after the market close Tuesday that Michael J. Borman, previously the CEO of Avocent Corp., will be its new chief. He replaces Brian NeSmith, who has served as Blue Coat's CEO for more than a decade. NeSmith, 48, will move to the role of chief product officer.

THE ANALYSIS: In a client note, Wedbush analyst Rohit Chopra said the move shows that Blue Coat's board is "serious about improving the company's lackluster execution."

Chopra, who has an "Outperform" rating on the company's stock, said investors should expect a better performance from the company later in the year.

Douglas Ireland, of JMP Securities, said the hiring of Borman could be a prelude to a buyout. Borman, 55, joined Avocent in June 2008, restructured the company and sold it to Emerson Electric in December of last year.

Ireland said one likely scenario is that Blue Coat's board has "decided to tighten spending, increase margins, and sell the company."

 

Blue Coat brings in new CEO

Michael Borman replaces Brian Nesmith, who remains as chief product officer.

By Tim Greene, Network World
September 01, 2010 11:39 AM ET

Blue Coat Systems has brought in a new CEO, spinning the change as a way to free up outgoing boss Brian Nesmith from the daily grind of managing the company to instead work on product strategy.

Blue Coat introduces cloud-based analysis system

Michael Borman, who most recently was CEO of Avocent, says he doesn't plan to change the overall strategy of Blue Coat, which focuses on security and improving performance of applications on networks.

"We have more opportunities than we can ever go after," Borman says. "I don't have to worry about a new strategy here."

Nesmith says the company had been looking for someone to replace him since January, not to steer the company in a different strategic direction but to create greater depth in the management team.

Needham analyst Scott Zeller says the appointment acknowledges that operations had faltered at Blue Coat, citing weak quarterly results and warnings that operations in Europe and the Middle East will produce less than expected in the next quarter.

But Blue Coat says the move is not in response to performance in the quarter ended July 1, as evidenced by the company starting its CEO search nine months ago.

In a conference call, Borman said he was not brought in to effect strategic change or to negotiate sale of the company, both of which happened on his watch at Avocent. The circumstances were different there, with the company's KVM switch business running dry, requiring a shift in focus.

Borman worked at IBM for 30 years and held senior executive positions there in products and sales. Later he was president and CEO of Blue Martini, which made intelligent sales software.

 

FW: Hack is Wack - Ad campaign

-------------------------------------------
寄件者: Jamz Yaneza (RD-US)
傳送日期: Friday, September 03, 2010 1:23:30 AM
收件者: Greg Jensen (MKT-US); Robert McArdle (AV-EMEA); Newsbank
主旨: RE: Hack is Wack - Ad campaign
自動依照規則轉寄

This guy actually says the facts:

http://hackiswack.com/index.php/home/viewvideo/15/hack-is-wack/hairetsu-entry.html

 

 

Favorite line: MS Blast and Sub7

 

J

 

 

Cheers,

Jamz

 

 

From: Greg Jensen (MKT-US)
Sent: Thursday, September 02, 2010 10:19 AM
To: Robert McArdle (AV-EMEA); Newsbank
Subject: RE: Hack is Wack - Ad campaign

 

Interesting person to use as your spokesperson. J  I guess if you want a “green” loving spokesperson, I suppose he’s the best person…..as Paris Hilton got caught recently for her “green” efforts. 

 

I heard Norton passed on the  “Attacking is Smacking” campaigns using Cheech and Chong.  Not sure why.

 

Jokes aside…this doesn’t strike me as the most professional form of PR, but it will grab a few headlines.

 

From: Robert McArdle (AV-EMEA)
Sent: Thursday, September 02, 2010 8:22 AM
To: Newsbank
Subject: Hack is Wack - Ad campaign

 

Hack is Wack – apparently - http://www.hackiswack.com/

 

Symantec’s latest ad campaign for Norton

 

Bob

 

Robert McArdle | Sr. Advanced Threat Researcher / Manager IDA Ind Est, Model Farm Road, Cork  Office: +353 (21) 4710289 loc: 18289| Mobile: +353 876578672

 

 

FW: Hack is Wack - Ad campaign

-------------------------------------------
寄件者: Greg Jensen (MKT-US)
傳送日期: Friday, September 03, 2010 1:18:30 AM
收件者: Robert McArdle (AV-EMEA); Newsbank
主旨: RE: Hack is Wack - Ad campaign
自動依照規則轉寄

Interesting person to use as your spokesperson. J  I guess if you want a “green” loving spokesperson, I suppose he’s the best person…..as Paris Hilton got caught recently for her “green” efforts. 

 

I heard Norton passed on the  “Attacking is Smacking” campaigns using Cheech and Chong.  Not sure why.

 

Jokes aside…this doesn’t strike me as the most professional form of PR, but it will grab a few headlines.

 

From: Robert McArdle (AV-EMEA)
Sent: Thursday, September 02, 2010 8:22 AM
To: Newsbank
Subject: Hack is Wack - Ad campaign

 

Hack is Wack – apparently - http://www.hackiswack.com/

 

Symantec’s latest ad campaign for Norton

 

Bob

 

Robert McArdle | Sr. Advanced Threat Researcher / Manager IDA Ind Est, Model Farm Road, Cork  Office: +353 (21) 4710289 loc: 18289| Mobile: +353 876578672

 

 

FW: ::NEWSBANK:: Brian Krebs on Security Measurement (this is an important read, people)

-------------------------------------------
寄件者: David Perry (MKT-US)
傳送日期: Thursday, September 02, 2010 11:45:52 PM
收件者: Newsbank
主旨: ::NEWSBANK:: Brian Krebs on Security Measurement (this is an important read, people)
自動依照規則轉寄

·  About the Author

·  About this Blog

---

Toward a Culture of Security Measurement

digg

X

Hello there Facebook friend! If you like this article, please help spread the word by sharing this post with your friends. To stay up to date on this topic you can subscribe to the RSS feed or subscribe by email in the sidebar ➦

"Our dependence on all things cyber as a society is now inestimably irreversible and irreversibly inestimable."

Yeah, I had to re-read that line a few times, too. Which is probably why I've put off posting a note here about the article from which the above quote was taken, a thought-provoking essay in the Harvard National Security Journal by Dan Geer, chief information security philosopher officer for In-Q-Tel, the not-for-profit venture capital arm of the Central Intelligence Agency.

The essay is well worth reading for anyone remotely interested in hard-to-solve security problems. Geer is better than most at tossing conversational hand grenades and then walking away, and this piece doesn't disappoint on that front. For example:

"Looking forward, without universal strong authentication, tomorrow's cybercriminal will not need the fuss and bother of maintaining a botnet when, with a few hundred stolen credit cards, he will be able to buy all the virtual machines he needs from cloud computing operators. In short, my third conclusion is that if the tariff of security is paid, it will be paid in the coin of privacy."

Geer's prose can be long-winded and occasionally sesquipedalian ("Accretive sequestration of social policy"…gah!), but then he turns around and shows off his selective economy with words by crafting statements like:

"..demand for security expertise so outstrips supply that the charlatan fraction is rising."

I'm bringing up the essay because he also touches on a pet issue of mine: Accountability for insecurity. I mention it here because I recently wrote an editorial for CSO Online in response to a public request for advice by the Federal Communications Commission (FCC), which wants ideas on how to craft a "Cybersecurity Roadmap" as part of its $7 billion national broadband initiative.

In that column, I suggest the FCC find a way to measure and publish data about the number and longevity of specific cyber security threats resident on domestic ISPs and hosting providers. I also suggest that the government could achieve this goal largely by collecting and analyzing data from a large number of mostly volunteer-led efforts that are already measuring this stuff.

Geer warns readers that "the demand for 'safe pipes' inexorably leads to deputizing those who own the most pipes." But mine isn't a punish or regulate ISPs-for-having-lots-of-security-problems" approach. Instead, it's more of a "publish a reputation score with the imprimatur of the federal government in the hopes that the ISPs will be shamed into more proactively addressing abuse issues" idea.

Who knows if my idea would work, but it wouldn't be terribly risky or expensive to try. After all, as Geer said, "security is a means and that game play cannot improve without a scorekeeping mechanism."

"These are heady problems," he concludes. "They go to the heart of sovereignty.  They go to the heart of culture.  They go to the heart of 'Land of the Free and Home of the Brave'.  They will not be solved centrally, yet neither will they be solved without central assistance.  We have before us a set of bargains, bargains between the Devil and the Deep Blue Sea.  And not to decide is to decide."

Cue the music.

---

© 2010 Krebs on Security.  Powered by WordPress.  Privacy PolicyBookmark & Share

X

 

 

David Perry | Global Director of Education 10101 North De Anza - Cupertino, California 95014 USA Office: +1 (714) 846-5689 | Mobile: +1 (949) 500-2033

 

 

 

 

 

 

 

FW: Hack is Wack - Ad campaign

-------------------------------------------
寄件者: James Bennett (RD-US-NCSG)
傳送日期: Thursday, September 02, 2010 9:31:52 PM
收件者: Newsbank
主旨: RE: Hack is Wack - Ad campaign
自動依照規則轉寄

This is almost as cool as “Don’t Copy That Floppy”: http://www.youtube.com/watch?v=up863eQKGUI

 

-tom

 

---

From: Robert McArdle (AV-EMEA)
Sent: Thursday, September 02, 2010 6:22 AM
To: Newsbank
Subject: Hack is Wack - Ad campaign

 

Hack is Wack – apparently - http://www.hackiswack.com/

 

Symantec’s latest ad campaign for Norton

 

Bob

 

Robert McArdle | Sr. Advanced Threat Researcher / Manager IDA Ind Est, Model Farm Road, Cork  Office: +353 (21) 4710289 loc: 18289| Mobile: +353 876578672

 

 

FW: Hack is Wack - Ad campaign

-------------------------------------------
寄件者: Robert McArdle (AV-EMEA)
傳送日期: Thursday, September 02, 2010 9:22:09 PM
收件者: Newsbank
主旨: Hack is Wack - Ad campaign
自動依照規則轉寄

Hack is Wack – apparently - http://www.hackiswack.com/

 

Symantec’s latest ad campaign for Norton

 

Bob

 

Robert McArdle | Sr. Advanced Threat Researcher / Manager IDA Ind Est, Model Farm Road, Cork  Office: +353 (21) 4710289 loc: 18289| Mobile: +353 876578672