McAfee broadens its reach in regard to network access control, announcing a new NAC software module and plans for an NAC appliance. The NAC Module for Network Security Platform is integrated with the McAfee ePolicy Orchestrator management platform. The announcement was made during McAfee's Focus security conference in Las Vegas.
- McAfee is taking another shot at network access control with a new module for its Network Security Platform and plans for a new appliance. The announcement, made at the company's Focus security conference in Las Vegas, held Oct. 20 to 23, significantly broadens McAfee's network security portfol...

Anti-malware vendors are increasingly embracing application whitelisting a security trend underscored by Bit9's integration with McAfee ePolicy Orchestrator. McAfee customers will be able to manage Bit9's whitelisting technology through ePO as a result of the integration, as well as access Bit9's database of software.
- McAfee and Bit9 products tied the technological knot recently, providing another example of anti-malware vendors embracing whitelisting. Now certified by McAfee, Bit9's whitelisting technology can be managed by McAfee ePO (ePolicy Orchestrator). Bit9 Parity for McAfee ePO allows McAfee custome...

Microsoft issues an out-of-cycle patch to fix a flaw being exploited by hackers. The vulnerability lies in the Server service and affects users of Microsoft Windows 2000, Windows XP, Windows Server 2003 and Windows Vista.
- With hackers at the door, Microsoft released a critical security fix for a remote code execution flaw in the Server service. The vulnerability is caused by the Server service failing to properly handle specifically crafted RPC (remote procedure call) requests. The Server service provides RPC s...

Chinese Internet users are furious about Microsoft's launch of an anti-piracy tool targeting Chinese computer users to ensure they buy genuine software. Why is Microsoft automatically connected with my computer? The computer is mine! one angry blogger wrote.
- BEIJING, Oct 22 (Reuters) - Chinese Internet users have expressed fury at Microsoft's launch of an anti-piracy tool targeting Chinese computer users to ensure they buy genuine software. The quot;Windows Genuine Advantage quot; programme, which turns the user's screen black if the installed softwar...

McAfee has announced technology partnerships with Intel and HP as well as a sales partnership with VMware. The new alliance with HP is set around improving network security in conjunction with HP's ProCurve division. Meanwhile, McAfee revealed plans to partner with Intel and leverage Intel's vPro technology.
- McAfee has announced a strategic alliance with HP ProCurve, Intel and VMware focusing on network, hardware and virtualization security. The partnerships were announced at McAfees Focus 2008 Security Conference in Las Vegas and cover a large swath of security issues. According to McAfee, the company...

Google launches a program to alert thousands of Webmasters using Google Webmaster Tools that they are using an out-of-date version of WordPress, a popular blog publishing application. The move serves as a reminder of the importance of using current versions of software and applications to ensure security.
- Google has taken a different tack to improve Web security it's going to the Web site owners directly. The effort, announced by Google Oct.16, is a way for Google to warn Webmasters that their sites are vulnerable to hackers. According to Google, the test will focus on 5,000 to 6,000 Webmasters u...

Industry and the law are still figuring out how to handle e-discovery, both legally and technically. As fast as technology and security advance, the claims of industry and the claims of the lawyers aren't always in sync when it comes to handling documents in legal cases. Take Google's recent e-mail search argument as an example.
- Companies will pull the most outrageous crap imaginable when responding to legal requests. It may be hard to prove they lied, but they will obstruct. Consider Google in a recent case. The case was a suit between Sprint Nextel and some of its affiliates over the Sprint-Clearwire WiMax venture. Go...

As part of Microsoft's Global Anti-Piracy Day, the company has announced lawsuits against 20 U.S. software resellers for counterfeiting. Here is a list of the resellers and a little information about Microsoft's legal counterpunch.
- Microsoft has announced that it is suing 20 software resellers in the United States as part of a global anti-piracy initiative. According to Microsoft, all of the cases involve hard disk loading and/or counterfeit software. The products involved include Office 2007 Enterprise, Microsoft Windows X...

Microsoft is launching a global effort to fight software piracy. As part of the effort, the company has filed 20 lawsuits against software resellers in the U.S. for selling pirated copies of Microsoft Windows XP and various versions of Office.
- Microsoft is partnering with customers and governments around the globe to combat counterfeit software. Dubbed Global Anti-Piracy Day, the effort includes a series of education and enforcement actions in 49 countries. As part of the strategy, Microsoft has filed 20 lawsuits against software r...

By looking at how early implementers are going about it, we can see some of the challenges in implementing what some feel is the future of PC security.
- I've been bombarded with pitches and inquiries about whitelisting ever since I discussed the issue with Microsoft's Mark Russinovich. Russinovich, you will remember, thinks that current approaches to security are unsustainable and that the way out, the paradigm shift that takes the advantage back...

Sun Microsystems, Oracle and Novell all have something to say about identity and access management. Each vendor is releasing a new security product to answer needs in the market. While Oracle focuses on thwarting online and insider fraud, Sun and Novell take different security approaches rooted in compliance.
- Three of the major identity and access management vendors Oracle, Novell and Sun Microsystems put a new horse in the race for control of the security space today, Oct. 20. While Oracle turned its attention towards fighting online threats, however, Novell and Sun kept their eyes on compliance man...

SecureWorks is reporting that the Warezov botnet is back spewing spam--this time using compromised Hotmail accounts. Whoever is behind the spam campaign has defeated Microsoft Hotmail's CAPTCHA system and is part of a trend security researchers call reputation hijacking.
- Just as the Storm botnet appears to have died down, the Warezov botnet has once again reared its head. New research from SecureWorks shows the Warezov botnet has begun spamming again but this time, its tactics have changed. Having apparently defeated CAPTCHA, the bot is using a tool to spew spa...

Security software-as-a-service vendors want your business and are offering services from URL filtering to message security. With large security vendors such as Symantec and Trend Micro placing their own bets on SAAS, customers and vendors alike should consider just what security technologies can be best delivered as an in-the-cloud service.
- There has been no shortage of predictions about how much or how quickly the security software-as-a-service market will grow. But what remains to be seen is which security services make the most sense to deliver via SAAS. Messaging security remains one of the most popular security services being ...

Microsoft pushes out 11 security bulletins as part of October's Patch Tuesday. Microsoft also unveils its Exploitability Index, which includes information about vulnerabilities that are likely to be exploited. Four of the 11 bulletin cover security issues are rated critical.
- Microsoft released 11 security bulletins for Patch Tuesday Oct. 14 as well as a new measuring stick to judge them by. The quot;Exploitability Index quot; appears as a new table on the monthly Microsoft Security Bulletin Summary. Next to each bulletin is an additional rating based on how likely ...

The lack of standards or consistency in the industry makes prioritization difficult for IT. Microsoft's severity ratings are probably on target, but their definitions are obsolete.
- Today's Patch Tuesday bulletins announced 11 vulnerabilities: four critical, six important, and one moderate. What do these terms mean? You see severity ratings most of the time you see a vulnerability disclosure, but there are no hard standards for severity ratings. In fact some vendors most inf...