This brings to mind the current state of the cloud computing market. The mad gold rush of cloud services providers continues. Everyone wants a piece of the action.  These companies offer a variety of hosting services for IT infrastructure, platforms and applications.  The lure of moving to the cloud is obvious. Let someone else do it better, cheaper, more reliably and worry about the  details. More organizations are taking advantage. Companies, large and small, are moving their data, applications, and systems to one or more of the legion of providers out there.  This means more dependence on these providers for accessing business critical resources.  Although there are some obvious leaders in the cloud market today ( Google, Amazon, Salesforce), there are also a many smaller boutique providers that compete mostly on price.

In coming years, I expect the market to settle. Some providers will flourish, others will go down in flames or be acquired by one of the larger shops. These changes could have real consequences to customers. What happens if your provider is using proprietary technology and goes out of business?  Migrating to a new provider might be difficult. Doing your due diligence before selecting a provider is very important. Verifying the financial stability of the company and developing a strong service level agreement are key requirements.  Your SLA must address uptime, performance and security. The ability to audit your provider is also very important.

Many small businesses would not exist without the cloud. Building, hosting, and managing an IT infrastructure can be cost prohibitive. Choosing the right provider, however, may be the difference between success and failure.

Related posts:

1. The real arguments for Cloud Computing As more vendors dive into the cloud computing market, every...
2. Moving data storage to the cloud? What’s your business continuity plan? Many trumpet increased availability as a reason to move to...
3. Cloud Computing = Loss of Confidentiality? Interesting excerpt from article in ITWorldCanada: “Adi Shamir, a computer...

Cloud Computing — As an emerging technology, security concerns remain a hurdle for organizations looking to adopt cloud computing. As organizations transition to the cloud, IBM recommends that they start by examining the security requirements of the workloads they intend to host in the cloud, rather than starting with an examination of different potential service providers. Gaining a good understanding of the needs and requirements first will help organizations take a more strategic approach to adopting cloud services.

Virtualization – As organizations push workloads into virtual server infrastructures to take advantage of ever increasing CPU performance, questions have been raised about the wisdom of sharing workloads with different security requirements on the same physical hardware. X-Force’s vulnerability data shows that 35 percent of vulnerabilities impacting server class virtualization systems affect the hypervisor, which means that an attacker with control of one virtual system may be able to manipulate other systems on the same machine. This is a significant data point when architecting virtualization projects.

Read more: http://www.prnewswire.com/news-releases/ibm-x-force-report-reveals-global-security-threats-have-reached-record-levels-101460029.html

Related posts:

1. Exploring Cloud Computing Information Leakage If you are in cloud computing security (or part of...
2. Moving data storage to the cloud? What’s your business continuity plan? Many trumpet increased availability as a reason to move to...
3. Will your Cloud Provider be around in two years? I just read that my hosting company, GoDaddy, is on...

A number of similar incidents to this one highlight the threats of online crime facing small and midsize businesses (SMBs), says Stan Stahl, president of Citadel Information Group and president of the Los Angeles chapter of the ISSA.

“Typically, they say, ‘We have firewalls in place and have AV on all the desktops, so I guess we are secure,’” Stahl says. “But today cybercrime is so sophisticated that is not enough anymore.”

Read full article at http://www.darkreading.com/smb-security/security/attacks/showArticle.jhtml?articleID=225702557&cid=RSSfeed

Related posts:

1. Thoughts on Skype security Michael Gough, an information security specialist and president of the...
2. Did Facebook CEO play fast and loose with user login data? Did you Facebook CEO play fast and loose with user...
3. IRS reminds you not to go Phishing this tax season It’s tax time again and IRS phishing scams are alive...

Some companies are faced with this very question this week as storage provider, EMC  announced its plan to shut down its Atmos Online cloud storage service immediately, according to a posting on its website.

EMC launched Atmos Online in May 2009, calling it “Cloud Optimized Storage [with] capabilities that can scale effectively, coupled with security and management tools.”  This placed EMC in direct competition with some of its service provider partners who used EMC’s Atmos technology to provide cloud storage to its customers.

EMC has now  downgraded Atmos Online to a development platform and is offering no guarantee as to the availability of user data moving forward. EMC used its web posting to “strongly encourage [companies to] migrate any critical data or production workloads currently served via Atmos Online to one of our partners offering Atmos based services,”

The provider going out of business is one of the many risks companies have to address when considering moving their critical data into the cloud. In this case, companies now have to spend resources doing the necessary due diligence in selecting an alternative cloud storage provider.

According to Morris Cody, CIO at Washington D.C. based Information Security Services Firm, Secure Intervention, companies moving to the cloud better consider the following:

Related posts:

1. The real arguments for Cloud Computing As more vendors dive into the cloud computing market, every...
2. Will your Cloud Provider be around in two years? I just read that my hosting company, GoDaddy, is on...
3. Cloud Computing = Loss of Confidentiality? Interesting excerpt from article in ITWorldCanada: “Adi Shamir, a computer...

On July 13, Microsoft will officially retire Windows XP Service Pack 2 . Although it will continue to provide security updates for XP Service Pack 3, it will stop providing patches for the older SP2. Microsoft offers support for its products for five years and extended support for another five years. For XP SP2, that journey comes to an end on July 13. Windows XP 3 will be supported until April 2014.

Microsoft issues security updates and other core operating system patches every second Tuesday of the month, known as Patch Tuesday. Whereas most home users typically install these patches automatically, corporate users usually install service packs and security updates manually and only after extensive testing. For large corporate environments,  operating system upgrades are often a very perilous and expensive exercise.

According to security risk and compliance management provider Qualys, 50 percent of the several hundred thousand PCs it monitors for its clients are still running Windows XP SP2.  Most of these are probably user desktops, but some may also be applications and appliances that use Windows XP 2 as the base platform. Upgrading such systems may make them inoperable.

According to Sajed Naseem, principal at Washington DC based security firm, Secure Intervention,

” The longer these systems  linger after the July 13 deadline, the more vulnerable they become. There will undoubtedly be many Windows XP 2 systems still out there and hackers know that. Only there will no longer be security patches coming from Microsoft as new holes are discovered and publicized.”

Related posts:

1. Aaaah The Infamous Blue Screen of Death On Tuesday, Microsoft issued a patch, MS10-015,  to fix a...
2. Microsoft warns of new IE bug being exploited by hackers Microsoft Corp. today warned of a critical vulnerability in Internet...
3. Microsoft resumes pushing Blue Screen Update Microsoft has resumed pushing out the patch connected to the...

Google is apparently making this decision in response to the hacking attacks on late last year in China. The attackers  used vulnerabilities  in Microsoft’s Internet Explorer 6 to go after Google’s intellectual property, believed to be source code.  One could argue that if they had updated their browsers, the attacker would have had to find other vectors for attacks.

Could this be a strategic move by Google to prove that an Enterprise can survive WITHOUT Microsoft? With Google’s Chrome OS on the horizon, this may just be the warm-up act.

Source: http://www.ft.com/cms/s/2/d2f3f04e-6ccf-11df-91c8-00144feab49a.html

Related posts:

1. Google and China: A Dysfunctional Marriage Since making it’s search engine available to Chinese users in...
2. Microsoft says Do Not Call for Help! If it sounds like a horror movie….well, that’s because is...
3. Use Google Apps or Gmail? Avoid getting hacked! It can happen to the best of us. Blogger and...

The question is not  Cloud Computing vs. Open Source.  In fact, there are open source SaaS providers like MindTouch out there.  If considering a product like Nagios, a better comparison would be open source vs. commercial.  In many cases, cost is the determining factor for companies to look  to open source technologies. Other considerations include flexibility and security.

The more relevant  comparison would be hosting and managing a network monitoring system on site vs. moving to a SaaS provider. For many organizations,  IT is considered overhead and not the primary function of the organization. Companies move to the cloud for most of the same reasons companies out-source.  Can someone else do it better for less?  Cost is ually the easier consideration. Companies have to grapple with the ‘better’. Does it mean more security, availability, capacity? Many cloud providers would say ‘yes’ to all and then some.  Organizations have to really consider and make that determination themselves. Make a real comparision between their options and not just follow the typical vendor hype.

Related posts:

1. Exploring Cloud Computing Information Leakage If you are in cloud computing security (or part of...
2. Cloud Computing = Loss of Confidentiality? Interesting excerpt from article in ITWorldCanada: “Adi Shamir, a computer...
3. Moving data storage to the cloud? What’s your business continuity plan? Many trumpet increased availability as a reason to move to...

Does the remote chance of your virtual server being attacked by another virtual server on the same host server justify the added cost of a private cloud deployment? That’s for each client to decide. Ensure you are doing your due diligence before making a decision one way or the other.

Abstract:

Amazon’s EC2, allow users to instantiate virtual machines (VMs) on demand and thus purchase precisely the capacity they require when they require it.In turn, the use of virtualization allows third-party cloud providers to maximize the utilization of their sunk capital costs by multiplexing many customer VMs across a shared physical infrastructure. However, in this paper, we show that this approach can also introduce new vulnerabilities.Using the Amazon EC2 service as a case study, we show that it is possible to map the internal cloud infrastructure, identify where a particular target VM is likely to reside, and instantiate new VMs until one is placed co-resident with the target. We explore how such placement can then be used to mount cross-VM side-channel attacks to extract information from a target VM on the same machine.

Download paper: http://people.csail.mit.edu/tromer/papers/cloudsec.pdf

Related posts:

1. Cloud Computing = Loss of Confidentiality? Interesting excerpt from article in ITWorldCanada: “Adi Shamir, a computer...
2. IBM X-Force handicaps future trends in security Looking ahead, the X-Force Research and Development team has identified...
3. Will your Cloud Provider be around in two years? I just read that my hosting company, GoDaddy, is on...

I ran into this article today  titled ” Botnet exploits Linux users’ ignorance“. The writer makes the point that ” a lack of knowledge and awareness about how to use Linux mail servers could be contributing to the disproportionately large number of Linux machines being exploited to send spam”.

I wholeheartedly agree with this. Companies see open source technologies as a means of saving money but do not have staff adequately trained to secure these systems.

The second point I noticed was that the report from Symantec’s Hosted Services referenced in the article pointed out that ” Linux based machines are 5 times more likely to send out spam than Windows based computers”.

The writer quotes a Symantec Malware Analyst as saying:

“…..one reason there is so much spam from Linux could be that many companies that have implemented their own mail servers, and are using open-source software to keep costs down, have not realised that leaving port 25 open to the Internet also leaves them open to abuse.”

Related posts:

1. 5 Open Source Alternatives to Microsoft Office The Microsoft Office productivity suite has risen to become the...
2. 2010 CyberSecurity Watch Survey Cybercrime threats posed to targeted organizations are increasing faster than...
3. Botnets give the hacker espionage tools formerly reserved for nation states The cyber attacks against Google, Adobe and a raft of...

Today, however, Sophos is reporting hackers are compounding the problem by using blackhat SEO (search engine optimisation) techniques to create webpages stuffed with content which appears to be related to McAfee’s false alarm problem – but are really designed to infect visiting computers.

Sophos has identified malicious webpages which appear on the first page of Google results if users search for phrases associated with McAfee’s false positive.

“It’s bad enough if many of the computers in your company are out of action because of a faulty security update, but it’s even worse if you infect your network by Googling for a fix,” explained Graham Cluley, senior technology consultant for Sophos. “These poisoned pages are appearing on the very first page of search engine results, making it likely that many will click on them. If you visit the links you may see pop-up warnings telling you about security issues with your computer. The warnings are fake and designed to trick you into downloading dangerous software, which could result in hackers gaining control of your corporate computers or the theft of your credit card details.”

Related posts:

1. Top ten malware-hosting countries revealed US and UK among the top 10 countries hosting the...
2. Google and China: A Dysfunctional Marriage Since making it’s search engine available to Chinese users in...
3. Beware of Haiti-Themed Scams and Attacks! Our thoughts and prayers go out to all those affected...

• Nessus-fetch: Proxy issues have been resolved.
• NASL: Fixed a memory leak in the NASL xmlparse() function.
• Networking: Fixed IPv6 routing when talking to a remote host (FreeBSD, Mac OS X). Packet forgery was not always working on ES5 64 bits.
• Packaging: Fixed the Debian /etc/rc init script. Upgraded OpenSSL to version 0.9.8n (Windows, Solaris)
• Stability: Fixed a possible crash when using a badly written custom plugin. Fixed a possible crash when running out of BPFs on Windows.

Related posts:

1. Mozilla confirms Trojan-infected Firefox add-ons If you are a Firefox user, as I am, you...
2. Mozilla Retracts Malware Accusation Against Firefox Extension Six days ago, I posted that Mozilla had reported in...
3. Many companies caught in the lurch as Microsoft ends support for Windows XP 2 On July 13, Microsoft will officially retire Windows XP Service...

As CSO of Qualys, Randy Barr is responsible for security, risk management and business continuity planning of the QualysGuard platform. In this video Randy talks about cloud computing security from an insider’s point of view. He illustrates what a security professional has to go through when building a security program for a cloud environment.

For more security-related material visit Help Net Security: http://www.net-security.org

Related posts:

1. The real arguments for Cloud Computing As more vendors dive into the cloud computing market, every...
2. Cloud Security Alliance For more information on Cloud Computing Security, a good resource...
3. Exploring Cloud Computing Information Leakage If you are in cloud computing security (or part of...

XP Security Tool 2010 is a rogue virus protection program. It reports false scan results and fake security alerts to scare you into purchasing this rogue program. XPSecurityTool2010 claims that your computer is infected with worms, trojans, adware or other malware and that you should purchase XP Security Tool 2010 to remove the infections that actually don’t even exist. Most of the time, this fake program comes from fake or infected video sites or fake online scanners. But may be also promoted on such popular sites as Facebook or MySpace.

Vista Security Tool 2010 is a rogue anti-malware program that usually comes from fake online scanners and fake video websites. While running, this fake program will run a fake system scan and report numerous spyware infections to make you think that your computer is infected with various malware. Then it will ask you to pay for a full version of the program to remove the infections which as well already know don’t even exist.

Total Win 7 Security is a fake anti-spyware program that is promoted through the use of trojans and other malicious software. Most of the time, TotalWin7Security comes from fake online scanners, fake video websites or bundled with other malware. Once installed,Total Win 7 Security will imitate a system scan and display numerous infections that can’t be removed unless you first purchase the program.

For more information on how to rid your systems of these and others of their elk, check out http://www.2-spyware.com/

Related posts:

1. Fake Security Software pose great risk Desktop Security 2010 is the proverbial wolf in sheep’s clothing....
2. Fake virus alert spreads massively across Facebook Panda Security has released the following advisory: In the last...
3. 2010 Year of the Zombie Cloud As more organizations consider moving into the cloud to benefit...

RSA COVERAGE

RSA 2010: Infosec Pros Get Raises Despite Recession An (ISC)2 survey suggests salary increases and hiring went up for many security practitioners in the last year despite the Great Recession. Ironically, the recession may be WHY it’s happening.

RSA 2010: Why 41 Percent of You Would Fail a PCI Audit Miscellaneous news bytes from the RSA 2010 press room: QSAs tell Ponemon Institute that 41 percent of companies would bomb their PCI security audit; hackers industrialize their sinister revolution and VeriSign opens a new compatibility lab.

RSA 2010: Can Adobe Stop the Hate? Security pros are unhappy with Adobe Systems over recent flaws and attacks. Adobe Security Chief Brad Arkin on what the company is doing about it.

RSA Conference 2010: 4 Survival TipsFor the newcomer, the RSA security conference can be overwhelming. Follow these four strategies to get the most from it.

Social Networking is Risky Business From Computerworld: A panel discusses the risks associated with social networking sites.

Chertoff: Tracking Attacks to the Source is Key for Cybersecurity From Computerworld: An exclusive interview with former DHS leader Michael Chertoff.

RSA PODCASTS

RSA 2010: Microsoft’s Plan for Cloud Security Audio: Microsoft VP Jim Jones explains his company’s approach for securing its services in the cloud.

RSA 2010: Verizon Releases Its Threat Report Recipe Verizon Business will share the research framework used for its Data Breach Investigations Reports so companies can create reports tailored to their specific environments.

SECURITY B-SIDES COVERAGE

Security B-Sides: Perfect Authentication Remains Elusive Everyone realizes passwords have their shortcomings. But alternatives like two-factor authentication are not as powerful as one would expect. The problem? As always — human behavior.

One Man’s Life on the Security D-List At Security B-Sides, infosec author Andrew Hay explains the four pillars for moving from the bottom of the IT security shop to a place of respect, and why getting to the A-list isn’t all it’s cracked up to be.

Security B-Sides: Rise of the ‘Anti-conference’ The RSA 2010 conference had some nearby competition. Here’s the story of Security B-Sides as the conference alternative.

Related posts:

1. Shmoocon 2010 Videos Online Shmoocon was this weekend. Unfortunately,I couldn’t get a ticket this...
2. Top 10 Web Application Security Risks for 2010 Yesterday, OWASP released its list of top ten web application...
3. Black Hat DC -2010 is here! Black Hat, one of the biggest and most popular security...

This article walks you through scheduling backups and restoring your data in Windows XP and Windows 7.

PC Advisor: How to back up your digital media

PC Advisor: How to restore data from a backup

Related posts:

1. Moving data storage to the cloud? What’s your business continuity plan? Many trumpet increased availability as a reason to move to...
2. 2010 CyberSecurity Watch Survey Cybercrime threats posed to targeted organizations are increasing faster than...
3. Many companies caught in the lurch as Microsoft ends support for Windows XP 2 On July 13, Microsoft will officially retire Windows XP Service...

As more organizations consider moving into the cloud to benefit from the evident cost savings  and focus more on their core business functions, the bad guys are also looking for the benefits.

2009 has been a notable year for malware and malicious online activity for a number of reasons and several of them relate to what is known as botnets. A zombie, or a bot, is a PC infected by malware that brings it under the remote control of a criminal. Criminals run networks that can range from thousands to millions of infected machines and they use them to power most of the cybercrime we see today including spam, DDoS, scareware, phishing, and malicious or illegal website hosting. They have a finger in every cybercriminal pie.

In the first half of the year, the Conficker worm (also known as Downadup or Kido) stole all the headlines in the malware world. Eventually the Conficker botnet was seen to deliver standard cybercriminal payloads, such as spambots and Fake AV (or scareware), much to the disappointment of some of the more hysterical commentators. Just because the outbreak received so much coverage that died away just as rapidly, don’t be fooled into thinking this threat has gone away. The Conficker Working Group, an alliance of security vendors, researchers and other commercial organisations is currently showing around 6 million unique IP addresses as appearing to be infected with this malware.

An unrelated, but important trend in 2009 was the exponential increase in the abuse of social networking providers for malicious purposes. The enormous active user populations on sites like Facebook, Twitter and MySpace prove a very attractive lure to organised online crime and its attendant money-making, bot recruitment and Fake AV pushing scams. Facebook has been abused by rogue Apps, designed to fool users into clicking links that reward the creator through pay-per-click affiliate advertising networks. It has also been used to spread malware through many means; malicious links in wall posts and messages, malware designed specifically to hijack accounts and by external compromise of legitimate Facebook Apps. The Koobface family of malware (also a botnet) has evolved over the course of 2009; it was initially spread through malicious messages and wall posts with links to fake YouTube sites punting a supposed codec in order to view the video. The codec of course was nothing of the sort and led to infection and account hijacking. Koobface now though has evolved to the point where it is fully capable of creating its own fake Facebook profile pages, complete with confirmed Gmail address, photo and biographical data. These fake accounts then set about joining networks and sending friend requests again all in a completely automated fashion.

Read more at http://countermeasures.trendmicro.eu/2010-year-of-the-zombie-cloud/

Related posts:

1. Another fake security software alert I”ve previously warned of fake security software or scareware. Here’s...
2. Fake virus alert spreads massively across Facebook Panda Security has released the following advisory: In the last...
3. Sweet!! Yourr bootyy look awseome on thiss ivdeo! Gee Thanks! I’ve been working out! …..oh wait a minute!...