PivX Security Prediction Manifests Itself.

Automatic Executing E-mail Worms are upon us PivX today announced the first Auto-Executing email worm from the Gartner Symposium/ITxpo 2004 For the past two years, PivX Solutions has warned the security industry and the public about the possibility of automatically executing email worms. This past week saw the launch of the first such successful mass auto-executing email worm, namely Beagle.Q and its variants. These worms differ from ordinary email-borne viruses in that they require no user interaction such as opening an email attachment. Instead, they automatically infect a user’s machine the instant an email is displayed. Recognizing this imminent threat, … Continue reading PivX Security Prediction Manifests Itself.

PivX teams with Graff and Van Wyk to Announce Secure Coding Training Seminars

PivX Solutions CEO Rob Shively is pleased to announce a strategic partnership with Mark Graff and Kenneth Van Wyk, the highly accomplished secure coding experts and authors of the definitive book on the subject, titled “Secure Coding: Principles and Practices”.  PivX will begin offering one and two day seminars to its clients in the software industry. Recently PivX has created a new genre in the cyber security space, called Proactive Threat Mitigation.  “It is a major paradigm shift. Everything we are focused on at the present time is proactive,” says Shively.  “From the development of new proactive security tools such … Continue reading PivX teams with Graff and Van Wyk to Announce Secure Coding Training Seminars

PivX at the Gartner Itxpo 2004

PivX Announces ‘Qwik-Fix Pro™’ the first Proactive Threat Mitigation solution, at the Gartner Symposium/Itxpo 2004 PivX, a leader in Software Security Research, has released a revolutionary desktop security application called “Qwik-Fix Pro™” which works together with Anti Virus and Firewall technologies to provide more complete security protection for PC users against worms and viruses. “The recent spate of insidious attacks on computer systems worldwide calls for a “Qwik-Fix” that proactively mitigates vulnerabilities that worm writers have been able to exploit” says Rob Shively, Chairman and CEO of PivX.  “Qwik-Fix Pro is not a substitute for Anti Virus and Personal Firewall … Continue reading PivX at the Gartner Itxpo 2004

Whoa!

Yahoooo! I have a blog page now.  Thanks to Jerry Bryant (my MVP lead) for guiding me on how to get a blog page and to Susan Bradley for setting up one for me.  Most of my forum buddies are aware how much I love reading and posting security news.  So expect to see what’s here is there too LOL.  What really cool with this MVPS blog page is the speed.  If you are a security news hobbyist like me, grab a reader okei?  I promise to keep you up-to-date 😉

Internet users prepared to pay ISPs for better spam protection

Internet users are prepared to pay extra to their ISPs in return for protection against spam and ‘malicious Web content’, according to a new survey. MORI found that the majority of Web users look to their ISPs to block spam, viruses and obscene websites for which 45 per cent are prepared to pay as much as £2 extra per month. Twenty-nine per cent believe the problem is so bad that they would pay an additional £5. The survey, carried out on behalf of Web content security firm Detica, also found that two-thirds of Internet users would switch ISPs in order … Continue reading Internet users prepared to pay ISPs for better spam protection

AutoMate

I think this Automate is cool! “AutoMate is a complete platform, allowing IT Professionals to build automated tasks. These tasks can interact with multiple applications, the Internet, and/or data simultaneously. AutoMate breaks down common user actions into basic steps. The user builds tasks step-by-step in logical progressions. The result emulates an actual user performing the given task or procedure. AutoMate tasks comprise two primary components: “Actions” and “Triggers”. Just learn how these components work, and AutoMate’s wizards will easily guide you through the process of Task design.” UniSyn

Viruses Tag Along

With vulnerability that lets them penetrate defenses. If there’s one thing that anti-virus software makers fear-aside from a mass change of heart by the virus writers-it’s the creation of a virus-delivery mechanism that evades detection by their signature-based products. The development of detection files for every new virus is the meat and potatoes of what anti-virus vendors do. Because each virus is unique, anti-virus products require new signatures to detect each one, even those that are simply variants of previous malware. Without the signatures, anti-virus software is essentially blind: Not only won’t it be able to stop the virus, but … Continue reading Viruses Tag Along

Is patch mgmt. the best protection against vulnerabilities? Yes

Patch management is the optimal solution to protect computers against known software flaws for which vendor patches exist. Third-party products that attempt to correct these flaws solely through firewalls, anti-virus software or intrusion-prevention systems alone are not reliable, for several reasons. An operating system or application vendor that releases a patch is the only organization that truly understands the nature and extent of the flaw; thus, it is best suited to supply the solution. Many times the patch corrects more items and avenues for attack than are known outside of the vendor, including knowledge supplied by the person(s) who originally … Continue reading Is patch mgmt. the best protection against vulnerabilities? Yes

Microsoft’s WUS can’t go it alone, Shavlik says

One result of Microsoft’s developing patch management strategy will be the eventual elimination of Shavlik Technologies LLC’s scanning technology in favor of something developed in-house by Redmond. Microsoft executives said recently that Shavlik’s HFNetChk will not be a part of Windows Update Services (WUS), the next version of Microsoft’s basic patching technology. HFNetChk, which Microsoft uses in its Microsoft Baseline Security Analyzer (MBSA), is the command-line tool that IT administrators use to assess whether computers lack security patches. When WUS, formally called Software Update Services 2.0, is available later this year, customers will have a rebuilt scanning engine made by … Continue reading Microsoft’s WUS can’t go it alone, Shavlik says

ISS slammed for ‘selling’ security patches

ISS’s security products were last week attacked by the Witty worm but the company is refusing to provide patches to customers who do not have a valid maintenance contract  Security vendor ISS has been slammed for only providing security patches to customers who have purchased a maintenance agreement from the company. Last week, this left about 12,000 computers vulnerable to the Witty worm, which has proved one of the most destructive worms to be released for a number of years. ZDnet