Stefan Molyneux is a philosopher, not a cybersecurity expert. But he has some interesting thoughts about the SONY hack and who might (or might not) be responsible.
Video (35:14)
https://www.youtube.com/watch?v=kzLyvgMwgUU
Showing posts with label cyber. Show all posts
Showing posts with label cyber. Show all posts
Thursday, January 1, 2015
Wednesday, June 6, 2012
Accertify Named a 2012 Leader in Leading Analyst Firm's Magic Quadrant Report on Web Fraud Detection
News release:
Accertify Named a 2012 Leader in Leading Analyst Firm's Magic Quadrant Report on Web Fraud Detection
CHICAGO, IL, June 6, 2012 --
Accertify Named a 2012 Leader in Leading Analyst Firm's Magic Quadrant Report on Web Fraud Detection
Accertify, a leading fraud prevention and risk management provider, today announced that Gartner, Inc. has named the company as a Leader in its latest report on web fraud detection in 2012. The Magic Quadrant for Web Fraud Detection, published on May 29, 2012 by Avivah Litan, evaluates providers on their completeness of vision and ability to execute. Fifteen firms were included in the study.
"Accertify is honored to be named a Leader by Gartner in the Magic Quadrant, as we believe it echoes our success and understanding of the e-commerce fraud prevention space. With cyber-attacks continuing to be on the rise, we have developed real-time solutions to adapt quickly to changing fraud patterns," said Jeff Liesendahl, President of Accertify. "Our comprehensive, flexible and efficient solution has helped clients across the globe minimize fraud risks when processing transactions."
According to Gartner analyst Avivah Litan's report, "The Leaders quadrant contains four fraud prevention vendors that have well-established records in online fraud detection." The study states that "the companies serve different use cases and don't all compete directly with each other. They all earn high scores from their customers for their ability to effectively stop fraud, while minimizing inconvenience to end users and the organizations that use them" and they "earn high marks for responsive customer service and relatively easy implementations. Their product, sales and marketing strategies and executions are strong, and they continue to innovate and improve their services. They are firmly committed to staying and winning in this market, and to developing their products and services to meet evolving customer needs. They have also demonstrated that they can sell into markets in different parts of the world, other than their home countries. They have demonstrated agility and the ability to move quickly in helping their customers address difficult and fast-changing fraud issues."
About Accertify
Accertify Inc., a wholly owned subsidiary of American Express, based in Itasca, IL, is a leader in providing e-commerce companies with hosted software solutions, tools and strategies for preventing online fraud and mitigating enterprise-wide risks. Accertify's Interceptas® Platform integrates the various components of fraud prevention, applies state-of-the-art automation to each step in process and offers advanced capabilities for managing fraud data. Built with a merchant's perspective, the Interceptas® Platform delivers flexibility in preventing fraud related to card-not-present purchases, online scams and policy abuse, merchandise returns and exchanges and other data management challenges. Accertify is committed to providing online companies with the most cost-effective solution to fraud available. For more information, visit www.accertify.com.
Accertify Inc., a wholly owned subsidiary of American Express, based in Itasca, IL, is a leader in providing e-commerce companies with hosted software solutions, tools and strategies for preventing online fraud and mitigating enterprise-wide risks. Accertify's Interceptas® Platform integrates the various components of fraud prevention, applies state-of-the-art automation to each step in process and offers advanced capabilities for managing fraud data. Built with a merchant's perspective, the Interceptas® Platform delivers flexibility in preventing fraud related to card-not-present purchases, online scams and policy abuse, merchandise returns and exchanges and other data management challenges. Accertify is committed to providing online companies with the most cost-effective solution to fraud available. For more information, visit www.accertify.com.
About the Magic Quadrant
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
Wednesday, April 25, 2012
Microsoft Security Intelligence Report Warns of Ongoing Conficker Threat and Clarifies Reality of Targeted Attacks
Microsoft Security Intelligence Report Warns of Ongoing Conficker Threat and Clarifies Reality of Targeted Attacks
April 25, 2012
Latest study analyzes data from more than 600 million systems worldwide, offers solutions for mitigating both targeted and broad-based attacks such as Conficker.
REDMOND, Wash. — April 25, 2012 — Microsoft Corp. today released the Microsoft Security Intelligence Report volume 12 (.pdf file), which found that the Conficker worm was detected approximately 220 million times worldwide in the past two and a half years, making it one of the biggest ongoing threats to enterprises. The study also revealed the worm continues to spread because of weak or stolen passwords and vulnerabilities for which a security update exists.
According to the SIRv12, quarterly detections of the Conficker worm have increased by more than 225 percent since the beginning of 2009. In the fourth quarter of 2011 alone, Conficker was detected on 1.7 million systems worldwide. In examining the reasons behind Conficker’s prevalence in organizations, research showed that 92 percent of Conficker infections were a result of weak or stolen passwords, and 8 percent of infections exploited vulnerabilities for which a security update exists.
“Conficker is one of the biggest security problems we face, yet it is well within our power to defend against,” said Tim Rains, director of Microsoft Trustworthy Computing. “It is critically important that organizations focus on the security fundamentals to help protect against the most common threats.”
The SIRv12 also revealed that many of the threats often referred to as Advanced Persistent Threats (APTs) are no more advanced or sophisticated than other types of attacks. In most cases, these attacks leverage known vectors such as exploiting weak or stolen passwords and vulnerabilities for which security updates exist, but their success lies in the persistence and determination in trying different tactics to compromise the target. This is why Microsoft refers to these types of threats as Targeted Attacks performed by Determined Adversaries, rather than APTs.
“Labeling cyberthreats as ‘advanced’ is often times misleading and can divert organizations’ attention away from addressing basic security issues, which can prevent more common threats from infiltrating their systems,” Rains said. “Most attacks do not possess new, super-advanced techniques or technology as the APT label implies; in the majority of cases, they simply exploit weak or stolen passwords or vulnerabilities for which a security update exists and employ social engineering.”
Microsoft recommends that customers and businesses adhere to the following security fundamentals to help ensure they are protected:
• Use strong passwords and educate employees on their importance
• Keep systems up to date by regularly applying available updates for all products
• Use antivirus software from a trusted source
• Invest in newer products with a higher quality of software protection
• Consider the cloud as a business resource
“With organizations being presented with significant amounts of data and media reports on cyberthreats, the Microsoft Security Intelligence Report volume 12 gives us good perspective on recent trends in the global threat landscape,” said Bob Rodger, global head of IT Infrastructure Security at HSBC. “The report, in combination with other sources of intelligence, assists us to more accurately and effectively invest, prioritize and make informed decisions about our security infrastructure to ensure that our business continues to be optimally protected from threats.”
For businesses, as Scott Charney, corporate vice president of Microsoft Trustworthy Computing, outlined in his keynote presentation at RSA 2012, Microsoft recommends a more holistic approach to risk management to help protect against both broad-based and targeted attacks, including the following:
• Prevention. Employ security fundamentals and pay close attention to configuration management and timely security update deployment.
• Detection. Carefully monitor and perform advanced analysis to identify threats. Keep abreast of security events and leverage credible sources of security intelligence.
• Containment. If the targeted organization has configured its environment with targeted attacks by determined adversaries in mind, it is possible to contain the attacker’s activities and thereby buy time to detect, respond to and mitigate the attack. To contain an attack, consideration should be given to architecting domain administration models that limit the availability of administrator credentials and apply available technologies, such as IPsec-based network encryption, to restrict unnecessary interconnectivity on the network.
• Recovery. It is important to have a well-conceived recovery plan, supported by suitably skilled incident response capability. Maintain a “crisis committee” to set response priorities and engage in exercises to test the organization’s ability to recover from different attack scenarios.
Microsoft produces the SIR twice per year to keep the industry informed on the changing threat landscape and provide actionable guidance for customers in an effort to create safer more trusted computing experiences for everyone. The latest report, volume 12, provides insight into online threat data with new information for July 2011 through December 2011 and analysis of data from more than 100 countries and regions around the world. More information about SIRv12 is available at http://www.microsoft.com/sir.
Founded in 1975, Microsoft (Nasdaq “MSFT”) is the worldwide leader in software, services and solutions that help people and businesses realize their full potential.
Note to editors: For more information, news and perspectives from Microsoft, please visit the Microsoft News Center at http://www.microsoft.com/news. Web links, telephone numbers and titles were correct at time of publication, but may have changed. For additional assistance, journalists and analysts may contact Microsoft’s Rapid Response Team or other appropriate contacts listed at http://www.microsoft.com/news/contactpr.mspx.
ESET Releases BETA Versions of Next Generation Products for Mac: New Line ESET Cyber Security Pro and ESET Cyber Security
San Diego,CA, April 25, 2012
ESET Releases BETA Versions of Next Generation Products for Mac: New Line ESET Cyber Security Pro and ESET Cyber Security
ESET, today announced the BETA launch of the next generation of ESET products: ESET Cyber Security, and adding a brand new product to its portfolio - ESET Cyber Security Pro. Both deliver ultimate protection against emerging threats for the Mac platform, as well as security against cross-platform attacks targeting Windows or Linux based systems in mixed networks. ESET Cyber Security BETA and ESET Cyber Security Pro BETA offer more than a dozen new or enhanced features. ESET Cyber Security Pro BETA comes with all the features of ESET Cyber Security BETA, plus personal firewall and parental control.
ESET’s advanced ThreatSense scanning engine delivers the comprehensive detection capability needed to stop known threats from harming users’ computers and neutralizes new attacks like the Flashback Trojan that has according to the ESET research infected more than 500,000 Mac computers. Ultimate protection is enhanced by ESET’s cloud-powered reputation system called ESET Live Grid®. ESET invites Mac users to join in public testing of ESET Cyber Security BETA and ESET Cyber Security Pro BETA both are available for free download at ESET.com.
"The use of Mac platform is on the rise and cyber criminals are fast adapting to this new situation. Even as Mac users themselves are often not targets of attack, they can act as carriers for infections that can infiltrate other platforms,” said Mario Turner, ESET product manager for Mac platform.
ESET Cyber Security adds an extra layer of protection to Apple’s built-in Internet security features, detecting and blocking attempts to infect users’ computers. ESET Cyber Security focuses on effective detection of yet unknown malware by utilizing advanced heuristics, generic signatures and genetic technology and is engineered with low memory usage and minimal notifications to protect Macs while keeping them running at peak performance.
Selected New Features of ESET Cyber Security Pro and ESET Cyber Security
Parental Control (available only in the Pro version): Gives users the option to employ the web page filter functionality allowing them to set up a “role” for each account. Each role has its own set of default URL categories (editable), which dictates whether it should or should not be displayed to the user while browsing. The user also has the option to black/white-list additional web pages and applications to be blocked or allowed for a particular account.
Personal Firewall (available only in the Pro version): Newly integrated firewall prevents unauthorized users from accessing a computer remotely and allows the root user to define a range of profiles, each with special settings assigned for a specific situation.
Cloud-Powered Scanning (ESET Live Grid): Optimization of scanning based on whitelisting of "safe" files, in line with the file reputation database in the cloud. This functionality limits possible false positives to a very minimum. ESET Live Grid identifies “safe” files on the user's hard drive improving the scanning performance with passing time.
Web and Email Scanning: Enhanced Proxy server agent for Email > POP3/IMAP and Web > HTTP scanning. This functionality is integrated independently from Mail/Web client solution.
Removable Media Control: Adds another level of protection allowing the user to scan any potentially unsafe removable device for potential threats (USB, CD, DVD, Fire wire).
Cloud Statistics: Provides a list of running processes displaying data specified by: the risk level, number of users, time of discovery and application bundle ID.
ESET would like to thank its Mac customers for taking part in our BETA program. If you have experienced any problems or would like to submit feedback, please fill in the form on this page:http://www.eset.com/us/beta/form/
About ESET
ESET is on the forefront of security innovation, delivering trusted protection to make the Internet safer forbusinesses and consumers. IDC has recognized ESET as a top five corporate anti-malware vendor and one of the fastest growing companies in its category. Trusted by millions of users worldwide, ESET is one of the most recommended security solutions in the world. ESET NOD32 Antivirus consistently achieves the highest accolades in all types of comparative testing, and powers the virus and spyware detection in ESET Smart Security and ESET Cybersecurity for Mac. Sold in more than 180 countries, ESET’s global headquarters is in Bratislava, Slovakia, with distribution headquarters for North America located in San Diego, California. ESET also has offices in Buenos Aires, Prague, Krakow and Singapore and is represented by an extensive global partner network. For more information, visit http://www.eset.com/us or call +1 (619) 876-5400.
Subscribe to:
Comments (Atom)