%original_page%
UPDATE 1-SonicWall says third-party suitor withdraws bid
UPDATE 1-SonicWall says third-party suitor withdraws bid
July 6 (Reuters) – SonicWall Inc said the
third-party bidder that offered to acquire the IT security
company for $12 a share in cash no longer intended to pursue
the deal. Continue Reading »
SonicWall gets higher takeover offer; shares rise
SonicWall gets higher takeover offer; shares rise
BANGALORE, June 22 (Reuters) – IT security company
SonicWall Inc said in a filing it had been approached
by a privately held company to be acquired for $12 a share,
trumping an earlier offer from private equity firm Thoma Bravo. Continue Reading »
Cost of security, IT management add up at healthcare facilities, study finds
Researchers at Harvard University have uncovered what could be a confounding problem facing the healthcare industry: Digitalizing healthcare records and deploying new technologies fails to provide cost benefits. For years, hardware and software vendors have been touting the return on investment (ROI) when enterprises, including healthcare facilities, streamline and eliminate inefficient, manual processes through technology deployments. But the new Harvard University research study shows that introducing technology into hospitals and doctor offices actually increases costs associated with configuration management, upgrading systems and deploying and maintaining healthcare IT security technologies. “Most of the systems are being sold principally to make sure the institution collects every penny it can,” said the report’s lead author Dr. David Himmelstein, an associate professor at Harvard Medical School. “The guts of the system are distorted by the need to make sure it’s a billing system at heart.” Himmelstein and his team reviewed about 4,000 hospitals from 2003 to 2007 and found that while many had digitialized patient records to eliminate paper, administrative costs actually rose, even among the most high-tech institutions. The hospital computing and costs study, published in The American Journal of Medicine , doesn’t point to specific costs such as security and configuration management, but it does find that ongoing IT administrative costs add to the bottom line once new systems are deployed. “Clearly there are some examples of quality of care being worse because of computers and some examples where it’s been better. But overall they’re not saving money,” Himmelstein said in an interview with SearchSecurity.com. “Introducing technology has a trivial effect.” The researchers analyzed hospital Medicare insurance program data and several other reports that compile government data on healthcare costs at patient facilities. They found administrative costs increased slightly from 24.4% in 2003 to 24.9% in 2007, with facilities with the fastest technology deployments seeing the highest cost increases. For systems to be beneficial and provide a true ROI, they need to focus on patient care and be deployed more slowly across an organization, Himmelstein said. The introduction of new technologies also introduces some uncertainties about healthcare privacy and security into an organization. Privacy and security are ongoing concerns that need to be addressed during all stages of a deployment. For example, some hospitals and patient care facilities may be investigating cloud computing in which data center management is outsourced to a third-party provider. “There are still significant issues about security and those issues need to be handled as part of clinical computing and any other setting where technology is introduced,” Himmelstein said. “At this point there are hundreds of hospitals and practices putting enormous amounts of patient data online, but we’ve yet to see the cost benefit or the benefit of patient care.” For now, healthcare facilities continue to modernize systems and eliminate manual processes, buoyed by financial incentives from technology vendors and the federal government’s push to modernize the healthcare system. The economic stimulus package approved by Congress earlier this year offers up to $19 billion in incentives to modernize healthcare systems. The goal is to prevent errors and allow greater coordination among caregivers and patients. Still, security spending in the healthcare industry remains sluggish at best, according to a recent survey. Despite the incentives, security accounts for 3% or less of overall IT spending in a substantial majority of healthcare organizations, virtually unchanged from last year. The survey indicated that healthcare organizations may be first focusing on converting paper records into electronic healthcare records. Himmelstein does have some optimism for future technology deployments if they are handled correctly. He lauded the way Indianapolis’ Ronald Reagan Institute of Emergency Medicine, Boston’s Brigham and Women’s Hospital and the Veterans Administration handled some of its technology investments in recent years, and said many of the organizations knee deep in new technology that use electronic health records, such as Kaiser Permanente and the Mayo Clinic, may deserve further study to understand the long term effects on cost. The Health Insurance Portability and Accountability Act (HIPAA) has also been recently strengthened and forced healthcare organizations to conduct data discovery in current systems and tighten access controls. Despite being online, patient records are protected by HIPAA rules, which make it difficult for some doctors to access patient health records online. Healthcare data security is a unique problem, said analyst Ramon Krikken of the Burton Group. “In this case you’re talking about people’s lives so you don’t want a system to lock out a doctor when the patient needs a life saving procedure,” Krikken said. “Security is very different because the fail-over must grant access when time is essential in a life or death decision.” More: Cost of security, IT management add up at healthcare facilities, study finds
Screencast: Find rogue wireless acess points with Vistumbler
So, you like Netstumbler’s ability to pinpoint rogue wireless access points but you’re looking for a tool that works with Windows Vista and Windows 7? Then Vistumbler is for you. This month, Peter Giannoulis of TheAcademyHome.com and TheAcademyPro.com explains how to use the basic features of the free Vistumbler tool including how to find APs, set filters, sort and categorize findings and export them as a CSV file. For more demos of free security tools, visit searchsecurity.com/screencast . Read this article: Screencast: Find rogue wireless acess points with Vistumbler
New Zeus spam poses as Social Security statements
» VIEW ALL POSTS Nov 24 2009 12:28AM GMT Posted by: Marcia Savage The Zeus Trojan continues to find new ways to trick users. Recent spam campaigns trying to spread the malware have pretended to be messages from the FDIC, the IRS, and more recently , the Electronic Payments Association that oversees the Automated Clearing House (ACH) network (NACHA). On Monday, Zeus was turning up in a new spam surge, this time pretending to be messages from the U.S. Social Security Administration. The fraudulent emails try to trick recipients with warnings that their Social Security statement may contain errors. A Symantec researcher wrote in a blog post that the subject of the mail will be something like “review annual Social Security statement“ and the body of the message warns of a potential identity theft risk and asks recipients to review an annual statement by clicking on a link. The link opens to a fake Social Security Administration website with a box for the user to input a Social Security number. If a number is provided, the page tells the user that their statement can be downloaded by clicking on a button; clicking on the button downloads a variant of the Zeus, or Zbot malware, according to Symantec. Zeus has been wreaking havoc in recent months by stealing online banking credentials, mainly of small and midsize businesses, which have been victimized by a surge in fraudulent ACH transactions. UK police last week announced the arrests of two people in connection with the malware, but didn’t provide details on the suspects’ involvement. Read more: New Zeus spam poses as Social Security statements
New Facebook worm uses sexy model to get guys to click da’ button
» VIEW ALL POSTS Nov 23 2009 2:12PM GMT Posted by: Robert Westervelt social networking flaws , social engineering , Facebook Worm Facebook worm uses a cross-site request forgery attack to spread via the victim’s wall posting. Israeli security researcher Gadi Evron and AVG researcher Nick Fitzgerald are reporting a new Facebook worm that uses a suggestive picture of a scantily clad woman to spread on the social network. The picture includes a button and the phrase “Click da’ button, baby!” Once a Facebook user clicks the malicious link they are brought to an attack website landing page which automatically updates and copies the victim’s Facebook wall with the malicious link. It also copies the wall. In blog posting Evron said he stumbled across the Facebook attack after he was tricked by a posting of the link on a friend’s Facebook wall. This shows that even experts can become complacent and trust systems when they really shouldn’t. It’s a good reminder for me to be more careful with social networks, which for some reason I have grown used to trusting more, without even noticing it happen! Fitzgerald wrote that the worm uses a cross-site request forgery (CSRF) attack “resulting in a form submission to Facebook “as if” the victim had submitted a URL for a wall post and clicked on the “Share” button to confirm the post.” Read more: New Facebook worm uses sexy model to get guys to click da’ button
Exploit code targets Internet Explorer zero-day display flaw
Symantec Corp. is warning of a new publicly available exploit code targeting an unpatched display vulnerability in Internet Explorer (IE) that could enable hackers to conduct drive-by attacks and spread malware on unsuspecting victim machines. The IE zero-day vulnerability affects the way the browser handles cascading style sheet (CSS) information used to lay out webpages. The vulnerability affects Internet Explorer versions 6 and 7. Symantec said the IE zero-day attack could infect users by using malicious JavaScript code. “The exploit currently exhibits signs of poor reliability, but we expect that a fully functional a reliable exploit will be available in the near future,” Symantec said in a blog posting on Saturday. “For an attacker to launch a successful attack, they must lure victims to their malicious webpage or a website they have compromised.” Cupertino, Calif.-based Symantec said the IE zero-day exploit code appeared Friday on the Bugtraq mailing list. Symantec and several other security vendors are providing antivirus and IPS signatures to protect against the attack. “Internet Explorer users should ensure their antivirus definitions are up to date, disable JavaScript and only visit websites they trust until fixes are available from Microsoft,” Symantec said. IT security research and alert vendor VUPEN Security also reported the vulnerability on Saturday, saying the flaw is a dangling pointer in the Microsoft HTML Viewer (mshtml.dll). Danish vulnerability clearinghouse Secunia gave the IE zero-day flaw a highly critical rating in an alert issued today. Secunia confirmed the vulnerability in IE6 on Windows XP SP2 and IE7 on Windows XP SP3A. Microsoft has not yet acknowledged the vulnerabilities. The software giant patched a serious Windows kernel flaw earlier this month, fixing a vulnerability that enabled attackers to set up a malicious website and target users of Internet Explorer using embedded OpenType font. Read more from the original source: Exploit code targets Internet Explorer zero-day display flaw
News: Major IE8 flaw makes ’safe’ sites unsafe
The flaw in IE 8 can be exploited to introduce XSS, or cross-site scripting, errors on webpages that are otherwise safe, according to two Register sources, who discussed the bug on the condition they not be identified. Microsoft was notified of the vulnerability a few months ago, they said. Ironically, the flaw resides in a protection added by Microsoft developers to IE 8 that’s designed to prevent XSS attacks against sites. The feature works by rewriting vulnerable pages using a technique known as output encoding so that harmful characters and values are replaced with safer ones. A Google spokesman confirmed there is a “significant flaw” in the IE 8 feature but declined to provide specifics. It’s not clear how the protections can cause XSS vulnerabilities in websites that are otherwise safe. Michael Coates – a senior application security engineer at Aspect Security who has closely studied the feature but was unaware of the vulnerability – speculates it may be possible to cause IE 8 to rewrite pages in such a way that the new values trigger an attack on a clean site. “If the attacker can figure out a flaw in the way IE 8 is actually doing that output encoding and then create a specific string the attacker will know will be transformed into an actual attack, they could use that to input a value … that actually results in an attack firing on the page,” he said. “This could be a way to introduce an attack into a page that didn’t have a vulnerability otherwise.” XSS attacks are a way of manipulating a site’s URL to inject malicious code or content into a trusted webpage. Many security watchers have come to view the IE 8 protections as Microsoft’s answer to NoScript , a popular extension that helps prevent XSS and other types of attacks against users of the Firefox browser. Late on Thursday afternoon, Microsoft told The Register : “Microsoft is investigating new public claims of a vulnerability in Internet Explorer. We’re currently unaware of any attacks trying to use the claimed vulnerability or of customer impact.” Once its investigation is finished, the company will “take appropriate action,” including issuing a patch or guidance on how users can protect themselves against exploits. When Microsoft introduced the protections, it also created a way for webmasters to override the feature (by adding the response header “X-XSS-Protection: 0″). A review of the top 50 most visited websites shows that only web properties owned by Google have actually opted to do so. The small number of sites blocking the protection calls into question how widespread the vulnerability is. Asked why Google was forgoing the protection, a company spokesman wrote in an email: “We’re aware of a significant flaw affecting the XSS Filter in IE8, and we’ve taken steps to help protect our users by disabling the mechanism on our properties until a fix has been released.” He didn’t elaborate. In addition to potentially introducing serious vulnerabilities into webpages, the XSS protections can bring other undesirable results. That’s because its engine frequently flags perfectly acceptable characters as potentially harmful. An example of such a false positive is here . David Ross, a senior software security engineer for Microsoft, has said developers designing the feature aimed to strike strike a pragmatic balance between protecting users and not breaking the web. “We needed to find a way to make the filtering automatic and painless and thus provide maximum benefit to users,” he wrote. “In summary, the XSS Filter will prove its worth by raising the bar and mitigating the types of XSS most commonly found across the web today, by default , for users of Internet Explorer 8.” Visit link: News: Major IE8 flaw makes ’safe’ sites unsafe