Archivo de la etiqueta: security

Cisco, Control Panels, Parallels Plesk Panel, Security Updates

Parallels supports Cisco researcher assessment: “website operators and administrators must keep systems up-to-date.”

 

Recently, a Cisco security research analyst used an old Parallels Plesk Panel vulnerability as an example of why it is important to patch servers that may be running old software. His point is valid, and Parallels agrees fully that “the active exploit of this year-old vulnerability serves as an important reminder that website operators and administrators must keep systems up-to-date.”

 

It turns out the exploit this researcher was referring to was (a) for Parallels Plesk Panel 9.3 and earlier – products from 2009 and earlier that are now at end-of-life, and (b) in the 3rd party Horde webmail component, not in the Parallels Plesk control panel itself. A patch was promptly issued by Parallels in February 2012.

 

This reported vulnerability – which certainly is not anything new (considering the patch has been out for over a year), was later confused in some subsequent blogs and comments with another vulnerability in Parallels Plesk 10.3 and earlier versions (products from summer 2011 and earlier) also discovered and fixed in February 2012. Though the current version of Parallels Plesk Panel at that time, 10.4, did not have this vulnerability, Parallels immediately issued a security advisory and patches in February 2012 for all prior impacted versions and advised partners about actions to take. Additionally, Parallels created a comprehensive page on securing Parallels Plesk Panel and a Malware Removal Tool, responding quickly and thoroughly to these exploits.

 

For Parallels partners who install patches and reset passwords, Parallels Plesk Panel is not subject to this vulnerability. Customers running Parallels Plesk Panel 10.4 and 11 never had this vulnerability in the first place.

 

Parallels agrees that the point of the Cisco researcher is still very valid: “The active exploit of this year-old vulnerability serves as an important reminder that website operators and administrators must keep systems up-to-date. This is especially urgent with vulnerabilities that are remotely detectable. This means not just the operating system, but every program and add-on for those programs also needs to be kept up-to-date. A vulnerability left unpatched in any one of them can lead to total system compromise.”

 

We strongly encourage our customers to subscribe to our support e-mails by clicking here, subscribe to our RSS feed here and add our KnowledgeBase browser plug-in here.

 

Parallels Plesk Panel 11 and the upcoming 11.5 are the most secure versions ever, and we strongly encourage our Partners and customers to upgrade to these versions. In Parallels Plesk Panel 11, all Security Updates are clearly reported in the panel. Partners can force Security Updates when they choose. The option to turn on auto-upgrades is also highly recommended for anyone on Parallels Plesk Panel 10 or above.  It is the best way to keep you fully secure.

 

– The Parallels Plesk Panel Team

 

 

Guest Post, Information technology management, Privacy

Locking Down the Cloud

Guest Post by Pontus Noren, director and co-founder, Cloudreach.

The good news for cloud providers is that forward-thinking CIOs are rushing to embrace all things ‘cloud’, realising that it provides a flexible and cost-effective option for IT infrastructure, data storage and software applications. The bad news is that the most significant obstacle to implementation could be internal: coming from other parts of the organisation where enduring myths about legal implications, security and privacy issues remain. The reality is that today such fears are largely unfounded. CIOs need help in communicating this to their more reluctant colleagues if they want to make the move to the cloud a success.

Myth No 1: The Security Scare

In many cases, moving to the cloud can in fact represent a security upgrade for the organisation. Since the introduction of cloud-based computing and data storage around ten years ago, the issue of security has been so high profile that reputable cloud providers have made vast investments in their security set-ups – one that an individual organisation would be unable to cost-effectively match due to the far different scale on which it operates.

For example, data stored in the cloud is backed-up, encrypted and replicated across multiple geographically distributed data centres in order to protect it from the impact of natural disasters or physical breaches.  All this takes place under the watchful eyes of dedicated data centre security experts. If you compare this to the traditional in-house approach – which all too frequently sees data stored on a single server located somewhere in the basement of an office – it is not difficult to see which is the most secure option. By working with an established and respected cloud provider, such as Google or Amazon Web Services businesses can benefit from such comprehensive security measures without having to make the investment themselves.

Myth No 2: Data in Danger

Security and data privacy are closely related, but different issues. Security is mainly about physical measures taken to mitigate risks, while ‘privacy’ is more of a legal issue about who can access sensitive data, how it is processed, whether or not it is being moved and where it is at any moment in time.

Concerns around compliance with in-country data protection regulations are rife, especially when dealing with other countries.  Across Europe, for example, data protection laws vary from country to country with very strict guidelines about where data can be stored.  A substantial amount of data cannot be moved across geographical boundaries, so the security practice of replicating data across the globe has far-reaching compliance applications for data protection. However, data protection legislation states that there is always a data processor and data controller and a customer never actually ‘hands over’ its data. This doesn’t change when the cloud is involved – all large and reputable cloud services providers are only ever the data processor. For example, the provider will only ever process data on behalf of its customer, and the customer always maintains its ownership of its data, and role of data controller.

However, much of data protection law predates the cloud and is taking a while to catch up. Change is most definitely on its way. Proposed European legislation aims to make data protection laws consistent across Europe, and with highly data-restricted industries such as financial services now starting to move beyond private clouds into public cloud adoption, further change is likely to follow as organisations start to feel reassured.

So what can CIOs do to change perceptions? It comes down to three simple steps:

  • Be Specific – Identify your organization’s top ten queries and concerns and address these clearly.
  • Be Bold – Cloud computing is a well-trodden path and should not be seen as the future, rather as the now. Having tackled company concerns head on, it is important to make the jump and not just dip a toe in the water.
  • Be Early – Engage reluctant individuals early on in the implementation process, making them part of the change. This way CIOs can fend off ill-informed efforts to derail cloud plans and ensure buy-in from the people who will be using the new systems and services.

The cloud has been around for a while now and is a trusted and secure option for businesses of all sizes and across all sectors. In fact, there are more than 50 million business users alone of Google Apps worldwide. It can hold its own in the face of security and privacy concerns.  CIOs have an important role to play in reassuring and informing colleagues so that the firm can harness the many benefits of the cloud; future-proof the business and release IT expertise to add value across the business.  Don’t let fear leave your organisation on the side lines.

Pontus Noren, director and co-founder, Cloudreach Pontus Noren is director and co-founder, Cloudreach.

 

Asia/Pacific Rim, Cloud & IT Management, compliance, Data Loss Prevention, High Tech Security, New Zealand

SmartRulesR DLP Thwarts email Distribution of Confidential Info

New Zealand-owned cloud email security and hosting company SMX has released SmartRules DLP, designed to safeguard confidential information against unauthorized email distribution.

SmartRules DLP (Data Loss Prevention) is one of a number of new service improvements currently being rolled out by SMX, following research and development support from Callaghan Innovation.

SMX’s co-founder and chief technology officer, Thom Hooker, says the R&D funding has enabled SMX to accelerate software development in several key areas. He says SmartRules® DLP has been given urgent priority, following the recent security breaches experienced by Government organizations.

“SMX is the leading cloud email security solution used by Government organizations with around 60 Government sector customers,” Thom Hooker says. “SmartRules® DLP meets the most stringent compliance requirements with easy-to-use rule building and related compliance processes.

“Email makes it very easy for employees to accidentally – or intentionally – send sensitive documents to recipients outside the organization,” Hooker says. “By deploying SMX’s SmartRules® DLP, customers can define rules to block and report on employees attempting to send sensitive documents externally. SmartRules® DLP can be configured to detect visible data as well as scanning for hidden metadata. The use of hidden metadata tags inside documents makes it harder for users to subvert DLP rules looking for visible text – that is, by changing the document name.”

Hooker says SMX’s SmartRules® DLP can also detect sensitive content embedded in archives – such as .zip, .rar, .tar, .gz, and so on – and can be configured to block emails containing archives that cannot be opened – for example, password protected or unknown document types.

Another significant new enhancement to the SMX Cloud Email Security Suite, Hooker says, will be beefing up the SMX email hosting platform with enterprise-grade security, reliability and new features. SMX will offer 100 percent availability, as well as enterprise-ready tools such as shared calendars, online data storage similar to Dropbox, global address books and support for ActiveSync to sync contacts, emails and calendars with mobile devices.

DigitalOcean, Fail, Solid-state drive, Start Up, Wired

Oops! Startup DigitalOcean Forgets to Format Recycled Drives, Exposing Private Data

Wired has a cautionary tale for you to read as you consider the perils as well as the promise of could computing.

New York startup DigitalOcean says that its cloud server platform may be leaking data between its customers.

Kenneth White stumbled across several gigabytes of someone else’s data when he was noodling around on DigitalOcean’s service last week. White, who is chief of biomedical informatics with Social and Scientific Systems, found e-mail addresses, web links, website code and even strings that look like usernames and passwords — things like 1234qwe and 1234567passwd.

The problem started in mid-January, when DigitalOcean introduced a new solid state drive storage service. “The code that wipes the data — that securely deletes the data — was not being activated under the new SSD storage plans,” according to DigitalOcean CEO Ben Uretsky .

Read the details (and weep).

ActivIdentity, Authentication, CAM 2.0, compliance, Saas, Single sign-on, Web application security

SaaSID Releases CAM 2.0, Adding Audit Dashboard for Security, Compliance

Web application security provider, SaaSID, has launched Cloud Application Manager 2.0 (CAM), the latest version of its browser-based authentication, management and auditing solution. CAM 2.0’s comprehensive audit report is now displayed in CAM Analytics, an intuitive dashboard that provides clear visibility of Web application use throughout an organization. The new software simplifies administration of authentication, feature controls and password management to help CIOs comply with data security regulations, standards and internal policies, by making it easier to govern, monitor and audit every user interaction with Web applications.

CAM 2.0’s comprehensive suite of dashboards in CAM Analytics provide at-a-glance graphics, showing managers exactly how employees are interacting with Web applications and associated corporate data, regardless of whether employees are working on company workstations or personally-owned computing devices. Detailed analytics provide managers with a complete overview of Web application use and the ability to drill down into reports for additional information. Activities such as exporting customer lists, or attaching sensitive files to Webmail, are tracked and clearly displayed for compliance. A range of graphic elements show social media activity and interactions with corporate applications, providing managers with complete visibility of departmental and individual use of Web applications.

CAM 2.0 users can now be authenticated and logged into Web applications from the SaaSID server. This server-side authentication improves security by ensuring that log-in credentials are protected from malware that might be present on an unsecured device. Users do not know their login details, so they cannot write them down, share them, or access managed applications from unprotected devices. Once CAM 2.0 has authenticated a user, the session is handed to the device and the user works with the application as normal.

Additional new features within CAM 2.0 include:

  • The new Restriction Learning feature which allows in-house IT staff to apply their own restrictions to application features. The simple GUI allows administrators to test the effect of restrictions prior to implementation.
  • Support for more two factor authentication solutions, including offerings from RSA, Vasco and ActivIdentity.
  • The new Password Wizard which learns the workflow for Web application authentication processes, enabling automated password resets. Organisations can use this new feature to change passwords at chosen intervals and to enforce strong password security for all Web applications managed by CAM 2.0: saving administration time and support costs, without impeding productivity.

CAM is a browser extension that goes beyond single sign-on (SSO) by enabling IT staff to manage Web application features according to employee roles. CAM assists organisations in maintaining security and compliance when they adopt Web applications and implement bring your own device (BYOD) programmes, by creating a comprehensive audit trail of all employee interactions with these Web applications.

To request a free trial or a demo of SaaSID’s CAM 2.0, see www.saasid.com.

Amazon S3, CloudBerry Lab, File transfer, File Transfer Protocol, OpenStack, Secure Shell, SSH File Transfer Protocol, Storage

CloudBerry Adds SFTP to Explorer 3.8

CloudBerry Lab, a provider of backup and management solutions for public cloud storage services, has added secure ftp to the newest release of Cloudberry Explorer version 3.8, an application that allows accessing, moving and managing data in remote locations such as FTP servers and public cloud storage services including Amazon S3, Amazon Glacier, Windows Azure, OpenStack and others.

In the new version of CloudBerry Explorer SFTP server is supported as one of the remote location options. Now users can perform file access, file transfer and file management operations across SFTP server and local storage.

Secure File Transfer Protocol (SFTP) also known as SSH File Transfer Protocol is an extension of the SSH-2 protocol that provides a secure file transfer capability. This protocol assumes that it is run over a secure channel, such as SSH, that the server has already authenticated the client, and that the identity of the client user is available to the protocol.

Application programming interface, Cloud Security Alliance, Data loss, Denial-of-service attack, Notorious Nine, Opinion, Research

Do You Know the Top Threats to Cloud Security?

Where computing goes, trouble follows — in the form of hackers, disgruntled employees, and plain old destructive bugs. And as computing is moving to the Cloud (it says so right there in our logo!) that’s where some of the newest threats are emerging.

The Cloud Security Alliance has identified The Notorious Nine, (registration required) the top nine cloud computing threats for 2013.

Data breaches, data loss, account and traffic hijacking, insecure interfaces and APIs, denial of service attacks, malicious insiders, cloud “abuse” (using the power of the cloud to crack passwords), lack of due diligence, and shared technology platforms leading to shared vulnerabilities.

 

Malware, Mandiant, Network security, Palo Alto Networks, Partnerships, WildFire

Mandian, Palo Alto Networks Partner for Malware Security

Mandiant has announced that it will team with Palo Alto Networks, a network security company, to integrate Palo Alto Networks’  firewalls and its WildFire malware prevention subscription with Mandiant’s recently announced product, Mandiant for Security Operation. Both companies will be presenting their solutions as participants at the RSA Conference 2013 in San Francisco from February 25th to 28th.

The joint solution from Palo Alto Networks and Mandiant provides a holistic approach to thwart advanced attackers by integrating malware detection and prevention capabilities on the network with the ability to resolve security incidents on endpoints. With this integration, Mandiant for Security Operations will automatically generate Indicators of Compromise (IOC) based on malware alerts generated by the Palo Alto Networks platform and identify which endpoints have been compromised. WildFire modern malware prevention service uses the inherent advantages of Palo Alto Networks next-generation firewalls to find new types of malware that have never been seen before across all applications – not just Web and email. To date, WildFire has discovered more than 70,000 new malware files that had not been identified by existing anti-malware solutions.

“Our mutual customers view this joint solution as a significant advantage to creating actionable insights to assess risk, prevent threats, and improve security,” said Chad Kinzelberg, senior vice president of business and corporate development, Palo Alto Networks. “We are also confident that this strategic partnership will continue to lead our industry in security intelligence for enterprise organizations.”

Mandiant for Security Operations is an appliance-based solution that utilizes a lightweight agent deployed on endpoints to enable security teams to confidently detect, analyze and resolve security incidents in a fraction of the time it takes using conventional approaches.

Palo Alto Networks offers a subscription service for WildFire, the company’s cloud-based modern malware prevention service. The WildFire service gives subscribers one-hour response times for the delivery of modern malware signatures, and integrated, on-box logging and reporting. The enhanced response time ensures that the damage caused by attackers using “zero-day” malware is mitigated for Palo Alto Networks customers.

“The tactics of targeted attackers and well-funded adversaries are constantly evolving,” said Mandiant’s Chief Technology Officer, Dave Merkel. “With the integration of the WildFire subscription malware detection service and Mandiant for Security Operations, security professionals will now be able to respond to threats faster and automatically investigate alerts from WildFire so they can confirm and resolve targeted attacks as they are unfolding.”

Conventional PCI, Intellectual Property, nCircle PureCloud, Network security, Patent, PureCloud

nCircle Gets Additional Patent for Their Security Services

nCircle today announced the award of its second PureCloud patent by the U.S. Patent and Trademark Office. nCircle’s intellectual property portfolio now includes 11 patents. nCircle’s patents cover a wide range of security innovations and represent the company’s significant, ongoing investment in security technology research and innovation.

nCircle PureCloud is a cloud-based security services platform that requires no hardware or software to be installed or managed. nCircle PureCloud dramatically reduces the cost and complexity of a wide range of security services — including vulnerability scanning, PCI scanning and web application scanning — making these practices easily accessible to small and medium businesses.

“Attackers are targeting smaller businesses that typically have fewer security resources than larger companies,” said Tim ‘TK’ Keanini, chief research officer for nCircle. “The breakthrough technology in nCircle PureCloud helps level the playing field by making enterprise class security tools accessible to all businesses, regardless of size.”