Tuesday, September 14, 2010

“Antivirus Software Doesn't Stand a Chance at Black Hat Hacker Convention” plus 2 more

“Antivirus Software Doesn't Stand a Chance at Black Hat Hacker Convention” plus 2 more

Antivirus Software Doesn't Stand a Chance at Black Hat Hacker Convention

Posted: 13 Sep 2010 08:15 AM PDT

Antivirus software didn't stand a chance, as security consultant Mike Davis, working for IOActive, got a lot of attention last year for buying a "smart" computerized electricity meter on eBay and hacking into its software. At the Black Hat hacker convention in Las Vegas, Davis ran a simulation showing how a "worm" (similar to a virus) could take over a smart grid by replicating itself and passing from meter to meter.

"Malicious code could quickly propagate throughout a neighborhood, ultimately causing power disconnections and calibration modifications, rendering the meters inoperable," IOActive, a Seattle-based computer consultancy, wrote on its website.

Next year, Baltimore Gas & Electric Co. will start installing these smart meters in the 1.1 million households it serves. The idea is to make the grid more efficient, produce better information about how people use energy and give customers incentives to conserve.

All good intentions. But most of the questions I get from readers about BGE's project are similar to those posed at the Black Hat confab. How secure will these meters be? How do I know my energy-use information will be kept confidential? What good are efficiency and conservation if the new meters become a privacy nightmare and gilt invitation to terrorist saboteurs?

So I asked BGE.

The good news is that the utility makes a pledge that security experts consider to be at the core of responsible stewardship of smart-meter information.

"We view the usage data as the customer's data," says Mark Case, the company's senior vice president for strategy and regulation. "We would not make it available to third parties without the consent of the customer."

The bad news is that BGE doesn't have a designated privacy officer of the type recommended in draft protocols for the smart grid published by the National Institute of Standards and Technology. BGE needs one.

"If that becomes the standard and that's put in place, then we would definitely go forward with that," said Case.

BGE can hardly obsess enough over security and privacy even though the first meter installations are months away. The time to start securing the smart grid is the day you being thinking about it. Wait until after it's installed, the security pros say, and it's too late.

Last week, BGE finalized a deal with Silver Spring Networks to buy the computerized meters and related software and hardware.

Silver Spring beat more than a half-dozen other bidders partly because its meters are more upgradable, with greater memory and processing capacity, said Michael Butts, director of BGE's smart grid project. BGE's security consultants -- affiliates of Lockheed Martin and Deloitte -- also rated the Silver Spring system the most hack-proof, along with another company's meters, Butts said.

The wireless signal that beams your electric data to BGE several times a day will be encrypted, Butts said. All connections will be secure. Smart grid components will require authentication before trading information, he said. (This seems to have been the problem with the smart meter cracked by IOActive. The company hasn't said who made the leaky meter.)

"In evaluating technologies, security was one of the highest [priorities] that we were concerned about," Butts said. "We know that this is a critical system. We're going to up the ante on these security requirements."

Hope so. The ways in which a flawed system could potentially compromise privacy and safety are practically limitless, from revealing information about somebody's marijuana grow-lights to shutting down electricity in several states.

Hackers could besiege a local grid as a fake-out "to roll all the maintenance trucks" to one side of town, setting up an attack on the electrical system elsewhere, suggested the Gartner Group in a recent paper, "The Myth of Smart Grid Security." Or they could deliver malicious software into a utility's central computers disguised as customer data.

The smart-meter rollout is in its infancy globally, but already problems have included "insecure meters, hacking of customer details, denial of service attacks and suspected infiltration by foreign intelligence services," Ian Watts, head of energy and utilities for the U.K. consultancy Detica, told the Telegraph newspaper last year.

One of the top U.S. smart-grid security experts, IBM's Jack Danahy, rarely talks to anyone in the business who "doesn't already consider the smart grid to be in pretty desperate need of some shoring up," he wrote on his blog.

This isn't to predict disaster. Properly implemented, the smart grid will deliver benefits that far outweigh the costs. But the potential problems of security and privacy give many customers the creeps. BGE must make preventing them its No. 1 priority or risk losing public support for the whole project.

This entry passed through the Full-Text RSS service — if this is your content and you're reading it on someone else's site, please read our FAQ page at fivefilters.org/content-only/faq.php
Five Filters featured article: Beyond Hiroshima - The Non-Reporting of Falluja's Cancer Catastrophe.

Stock Market, Antivirus Software: Hot Trends

Posted: 13 Sep 2010 06:13 AM PDT

NEW YORK (TheStreet) -- "Stock market" is a trending topic on Yahoo!(YHOO) this morning as stocks opened strong on a renewed sense of confidence in the banking sector after international regulators agreed to raise capital standards for banks two years after the Lehman Brothers collapse. Positive data concerning the Chinese economy has also eased investor's concerns.


Futures for the Dow Jones Industrial Average was rising by 75 points, to 10,538. The S&P 500 futures was higher by 10 points to 1119 while Nasdaq was up 22 points to 2264. Stocks gained on Friday for the third consecutive session after positive economic reports restored investor confidence. The Dow was up 4.4% in the first seven trading sessions in September, but volumes continue to be light as investors stay cautious and await further confirmation on the economic recovery.
"Antivirus software" is a hot search topic following reports that several harmful viruses were circulating on the Internet last week. The email virus that spammed inboxes around the world is referred to as the "here you have" virus. Reports say the worm can possibly be traced back to a cyber jihad organization called "Brigades of Tariq ibn Ziyad". Companies and organizations affected by the spam, which filled employees inboxes with hundreds of emails with the subject "here you have," include Procter & Gamble(PG), Disney(DIS), Comcast(CMCSA), and American International Group(AIG). Cautious consumers equip their computers with antivirus software systems, such as Norton Antivirus from Symantec(SYMC), McAfee(MFE) software and Kasperksy. Norton claims it has an antivirus software that will protect computers from worms like the one that spread last week. The chatter on Main Street (a.k.a. Google) is always of interest to investors on Wall Street. Thus, each day, TheStreet compiles the stories that are trending on Google, and highlights the news that could make stocks move. --Written by Theresa McCabe in Boston. >To contact the writer of this article, click here: Theresa McCabe. >To follow the writer on Twitter, go to @TheresaMcCabe. >To submit a news tip, send an email to: tips@thestreet.com.

This entry passed through the Full-Text RSS service — if this is your content and you're reading it on someone else's site, please read our FAQ page at fivefilters.org/content-only/faq.php
Five Filters featured article: Beyond Hiroshima - The Non-Reporting of Falluja's Cancer Catastrophe.

ESET launches ESET NOD32 Antivirus 4 Business Edition for Mac

Posted: 13 Sep 2010 04:13 AM PDT

 


13 September 2010
Dubai, United Arab Emirates, September 13, 2010 - ESET, the leader in proactive protection officially announces a new addition to its business  product line. Now businesses can extend the same trusted security of ESET NOD32 Antivirus to Mac endpoints.   

"With ESET NOD32 Antivirus 4 Business Edition for Mac, ESET delivers the most advanced protection to all business networks - employing either PCs or Macs. It is another milestone for our company whose security software has an excellent track record of protecting computer users," says ESET's CEO Miroslav Trnka. By developing a security solution for Mac, ESET is responding to user demand. Since December 2009 when ESET NOD32 Antivirus 4 (Beta) for Mac was released for public testing, ESET has seen more than 135-thousand downloaded installation packages.

With the launch of a security solution for the Macintosh platform, ESET adds an additional layer of security, so OS X systems can participate in a heterogeneous networked environment with the highest possible security, and with supporting compliance initiatives.  "Engineered with our award winning ThreatSense scanning engine, it ensures industry-leading protection against emerging threats," details ESET's Chief Technology Officer Richard Marko.

ESET NOD32 Antivirus 4 Business Edition now offers enterprise-class threat protection for Macs in all business environments. ThreatSense® solution  automatically detects and cleans malware, including threats designed for Windows operating systems, preventing Macs from becoming carriers of malware in a  corporate  network. In addition, ESET NOD32 Antivirus 4 Business Edition for Mac OS X gives IT administrators the ability to monitor all network endpoints across  multitude operating systems with ease, all from a single management console.

ESET NOD32 Antivirus 4 Business Edition for Mac is now available in English, with other languages following in the coming months. Additionally, soon home users will be able to  purchase a home edition of ESET's security solution called "ESET Cybersecurity for Mac."

Key features of ESET NOD32 Antivirus 4 for Mac Business Edition:

Market-proven scanning engine now offering enterprise-class protection for Macs in corporate networks.

Proactive protection from cross platform threats to prevent Macs from becoming carriers and spread malicious code across the network.

Centralized management of ESET products from a single console.

Universal installer package for remote deployment using existing tools.

Removable media control that blocks USB, Firewire, CD/DVD devices. 

Additional benefits for Mac business users:

Flexible scheduling tasks - An integrated scheduler  allows to plan tasks to run on the system like virus signature updates and on-demand computer scan.

Advanced scanning settings - Scans can be configured to suit the needs and requirements of IT professionals.

Full Screen Mode - No disruptions from alerts and information windows when running full screen applications like games or presentations.

Security settings control -  Allows to define users who can alter security features.

And there is good news for home users as well. This month, ESET also introduced  a security solution for smartphone users running Windows Mobile and Symbian. ESET Mobile Security delivers unparalleled data and identity security and protection against emerging threats. In its September 2010 review of mobile security solutions, AV-Comparatives, an independent testing institution, found ESET Mobile Security to be a straightforward and effective solution delivering constant guard against viruses. More information about ESET Mobile Security, its features and benefits can be found here.

-Ends-

About ESET
 Founded in 1992, ESET is a global provider of security solutions for the home and business segment. The industry leader in proactive malware detection, ESET NOD32 Antivirus holds the world record for the number of Virus Bulletin "VB100 Awards," never to have missed a single "In-the-Wild" worm or virus since the inception of testing in 1998.

ESET has global headquarters in Bratislava, Slovakia and offices in San Diego, USA; Buenos Aires, Argentina; Prague, Czech Republic; Singapore and an extensive partner network in more than 180 countries. In 2008, ESET has opened a new research center in Krakow, Poland. ESET was named by Deloitte's Technology Fast 500 as one of the fastest-growing technology companies in the region of Europe, Middle East and Africa.

For further information, please contact:
Aji Joseph
ADAOX Middle East
ESET NOD32 Business Development & Support
Tel: +971 4 3754052
Email: aji@adaox.com

© Press Release 2010

from OAK Consulting

 

x DISCLAIMER

Zawya is a distributor (and not a publisher) of content supplied by third parties and subscribers. Any opinions, advice, statements, services, offers, or other information or content expressed or made available by those third parties, including information providers, subscribers or other users of the Service, are those of the respective author(s) or distributor(s) and not of the Company. The Company neither endorses nor is responsible for the accuracy or reliability of any opinion, advice or statement made on the Service by anyone other than authorized Service employee spokespersons while acting in their official capacities. The Company is not responsible for any infringement of intellectual property rights or breach of any applicable law or regulation, including regulation in relation to financial services or the distribution of financial products, defamation, data protection, telecommunications (including regulations relating to excessive use, spamming or other abusive activities) or obscene, offensive or illegal content). Under no circumstances will the Company be liable for any loss or damage caused by a member's reliance on information obtained through the Service. It is the responsibility of member to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content available through the Service. Please seek the advice of professionals, as appropriate, regarding the evaluation of any specific information, opinion, advice or other content.

Read the full Member Agreement
http://www.zawya.com/legal/NewsLetter.cfm?name=disclaimer

 

 

Access to this article is subject to specific terms and conditions. Read Disclaimer.

 

 

 

  1. Zawya encourages you to add a comment to this discussion. You agree that when you add content to this discussion your comments will not:
    1.1   Contain any material which is libelous or defamatory of any person, is obscene, offensive, hateful or inflammatory or causes damage to the reputation of any person or organisation.
    1.2   Promote sexually explicit material, violence, discrimination based on race, sex, religion, nationality, disability, sexual orientation or age or any illegal activity.
    1.3   Be made in breach of any legal duty owed to a third party, such as a contractual duty or a duty of confidence.
    1.4   Be threatening, abuse or invade another's privacy, or cause annoyance, inconvenience or needless anxiety.
    1.5   Be used to impersonate any person, to misrepresent your identity or affiliation with any person, or be likely to deceive any person.
    1.6   Give the impression that they represent Zawya.
    1.7   Advocate, promote or assist any unlawful act such as (by way of example only) copyright infringement or computer misuse.
  2. The content posted on www.zawya.com is created by members of the public. The views expressed are theirs and unless specifically stated are not those of Zawya. Zawya reserves the right to review all comments prior to posting and edit or delete any contribution, but Zawya is not responsible for and can not be held liable for any content posted by members of the public on www.zawya.com.
  3. Zawya is not responsible for the availability or content of any third party sites that are accessible through www.zawya.com. Any links to third party websites from www.zawya.com do not amount to any endorsement of that site by Zawya and any use of that site by you is at your own risk.
  4. By submitting your comment, you hereby give Zawya the right, but not the obligation, to post, air, edit, exhibit, telecast, webcast, re-use, publish, reproduce, use, license, print, distribute or otherwise use your comments worldwide, in perpetuity.

 

This entry passed through the Full-Text RSS service — if this is your content and you're reading it on someone else's site, please read our FAQ page at fivefilters.org/content-only/faq.php
Five Filters featured article: Beyond Hiroshima - The Non-Reporting of Falluja's Cancer Catastrophe.
Posted by at

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)