MessageLabs Free Trial
  CST CST 02076219740 Information & System Security
 
Security Solutions
Network Security
Managed Security Services
Remote & Mobile
Network Administration
SOLUTIONS

Product Portfolio
Backup, Archiving & Admin
Client, Device & User Security
Email & Web Security
End Point Protection & NAC
Encryption & Leak Prevention
Firewalls, Networks & VPNs
Intrusion Prevention
Strong / Secure Authentication
Virus & Malware Protection
PRODUCTS

The Next Step
FREE Product Trial
Contact Sales
Call Me!
EVALUATION

Alerts & Bulletins
FREE Security Bulletin
CST Security Newsletter
SECURITY ALERTS
CST

Latest Security Headlines

Symantec’s $695 Million Acquisition of MessageLabs

Symantec made their fifth acquisition of the year on Tuesday 7th October 2008 by buying MessageLabs for $695 Million (£397 million).

MessageLabs deliver security for online chat, email and web applications. The software allows customers to block malware prevent access to certain websites and stop the unauthorised transfer of sensitive information. With over 19,000 customers it claims to be one of the UK's leading company of its kind.

CST believe it is a positive move for Symantec and will enhance their Security portfolios and provided much needed addition in the service arena for Symantec’s SMB customers.

Any existing MessageLabs customers who have any queries regarding changes to their MessageLabs service (now Symantec) or have purchased MessageLabs please contact CST on 0207 621 9740.

MoD admits loss of secret files

More than 100 USB memory sticks, some containing secret information, have been lost or stolen from the Ministry of Defence since 2004, it has emerged. The department also admitted that more than 650 laptops had been stolen over the past four years - nearly double the figure previously claimed.

The Liberal Democrats condemned the latest security breaches as evidence of "shocking incompetence". But the MoD insisted its policies were "generally fit for purpose". Previously the MoD had confirmed that 347 laptops were stolen between 2004 and 2007. The Mod said it has no idea on when, where and how the memory sticks were lost.

Online risk due to browser flaws

Almost half the online population is at risk because users have not installed security updates to their browsers, says a study. The Swiss Institute of Technology, Google and IBM conducted the study and found 600 million users had not updated their browsers.
"Failure to apply patches promptly or missing them entirely is a recipe for disaster," the report said.

Cyber criminals are frequently using websites to attack users, it added. The report authors recommended that a "best before" date, similar to the food industry, should be introduced to browsers, helping to educate users about the need to "refresh" their browser.
Browsers are often "patched" by software providers to tackle recently discovered flaws and security holes. Criminals exploit these holes with malicious code hidden in websites to hijack machines.

Spam experiment overloads inboxes

Surfing the web unprotected will leave the average web user with 70 spam messages each day, according to an experiment by security firm McAfee. It invited 50 people from around the world, including five from the UK, to surf without spam filters.
The experiment revealed that UK residents are most likely to be targeted by the infamous Nigerian e-mails and "adult" spam.

One UK participant received 5,414 spam e-mails during the month-long trial.

Body Shop 'snoop' John Shevlin fined for insider dealing

A former IT technician at Body Shop, the ethical retailer, has been fined for market abuse in a rare victory for the Financial Services Authority in its battle against insider dealing. The City regulator said yesterday that it had fined John Shevlin £85,000 after he was found to have gained inside knowlege by snooping on confidential e-mails between executives.

Mr Shevlin, who worked at the beauty company's head office in London, borrowed more than his annual salary to bet that Body Shop's share price would fall, having obtained a sneak preview of an unexpectedly bleak Christmas trading update. As an IT technician, it is likely that Mr Shevlin had privileged access to executives' passwords, enabling him to access their computers without their knowledge, the FSA said.

Ad system 'will protect privacy'

Two respected privacy campaigners have praised the user protection measures of a controversial online advertising system about to be deployed in the UK. The tools, developed by US firm Phorm, track users' online surfing habits. BT, Virgin and Talk Talk have signed up to trial the technology.

Memory trick breaks PC encryption

Encrypted information held on a laptop is more vulnerable than previously thought, US research has shown. Scientists have shown that it is possible to recover the key that unscrambles data from a PC's memory. It was previously thought that data held in so-called "volatile memory" was only retained for a few seconds after the machine was switched off. But the team found that data including encryption keys could be held and retrieved for up to several minutes.

Details of Scots on stolen laptop

A stolen Ministry of Defence computer had the personal details of almost 60,000 Scots stored on it. The revelation came in a written parliamentary answer to SNP defence spokesman Angus Robertson MP. The laptop, which was taken from a Royal Navy officer in Birmingham on 9 January, contained information about 600,000 people. The MoD has set up a freephone help number on 0800 085 3600 for anyone who thinks they may have been affected.

Personal data privacy 'at risk'

Millions of people are leaving themselves open to identity theft when using social networking websites, according to the consumer group Which? Members of sites such as Facebook can join large networks which reveal personal information to thousands of others on the network. Which? says people are at a greater risk of being targeted by fraudsters than they think.

On average, UK residents' details are held on about 700 databases.

M&S Rapped for Data Loss

Marks and Spencers has been told it must encrypt all company laptops containing personal information by April 2008. In May 2007 the knicker-seller admitted it had lost records relating to 26,000 staff when a laptop was nicked from a contractor's house. The laptop contained information on members of the company pension scheme. (more...)

New Rootkit Uses Old Trick to Hide

Trojan.Mebroot malware is read at startup, then changes the Windows kernel to avoid detection. Over the past month, a new type of malicious software has emerged, using a decades-old technique to hide itself from antivirus software.

The malware, called Trojan.Mebroot by Symantec, installs itself on the first part of the computer's hard drive to be read on startup, then makes changes to the Windows kernel, making it hard for security software to detect it. (more...)

Mass web infection leaves researcher scratching her head

Security maven Mary Landesman is in the midst of piecing together a who-done-it involving the infection of hundreds of websites that are generating an enormous amount of traffic. Or maybe it's a how-done-it. Either way, she's mostly drawing blanks.

Landesman is a researcher for ScanSafe, a company that monitors the web surfing of employees at large companies and provides them with real-time intelligence about what sites are spreading malware. When a client visits a site that has already attacked someone else, the service automatically blocks the site from loading in the end user's browser. Viewing some seven billion web requests per month, company researchers see a fair amount of internet gremlins. (more...)

Browser vulns and botnets head threat list

Security experts have looked into the crystal ball to predict the cyber attacks most likely to cause substantial damage this year.

The resulting list (below), drawn together by 12 security experts under the auspices of the SANS Institute, is based on an analysis of emerging attack patterns. Two of the resulting predictions - malware on consumer devices and web application security exploits - have already come true in the early days of 2008, evidence that that the run down is closer to the mark than other security predictions. (more...)

Facebook gets blocked by employers sick of time wasting staff

Facebook is being blocked by many employers who are sick of time wasting staff. “IT experts say that companies are asking for help in blocking access to Facebook, Myspace and bebo after realising that they could not prevent their staff from surfing the sites at work.” (Nugent, H & Bentley, P. July 28 2007, The Times)

Graham Cluley, Senior technology consultant at Sophos, a leading IT security company said: “Websites like Facebook, Bebo and MySpace fall into the category of websites which can easily gobble up hours of worktime and distract from the employees' real duties. Facebook is a procrastinator's paradise”

A study of Facebook has discovered that British members of Facebook spend an average of 143 minutes a month on the site

Mark Murtagh, Product director at Websense, an internet security company, said “We recently conducted research and found that in the UK around a quarter of workers admitted to being addicted or incapable of living without using social networking sites at work. These sites become to a degree a form of personal entertainment system in the office.

Are you having trouble with your employees accessing sites for extended periods of time at work? If so CST can help you implement policies to help control your internet security issues! Please email info@CSTL.com for more details.

Sophos's Step by step guide to adjusting your privacy settings on Facebook

Sophos have published an online guide to adjusting your privacy settings on Facebook so that you can remain vigilant against fraud and keep your personal info private. http://www.sophos.com/security/best-practice/facebook.html

 
Information & System Security