Uri Unplugged

It’s February 14th, and you’re slugging through the work day, counting down the hours until the romantic dinner you planned tonight with your sweetie.

An unexpected e-mail pops into your inbox. Someone sent you a Valentine’s Day e-card! “Click here to retrieve your greeting,” instructs the message.

“How sweet,” you gush in excited anticipation, as you dutifully click on the email’s embedded link to retrieve your e-card.

Oops. What unleashes next is anything but words of endearment. It’s the Storm Worm virus, and faster than you can say “Roses are Red”, malware is downloaded to your PC. Congratulations! You’ve been infected, and are now the latest unwitting victim of the Storm Worm botnet.

Not exactly the love you were looking for, but you’re far from alone. According to Time Magazine, the Storm Worm virus has already infected upwards of one million computers worldwide since it was first discovered about a year ago.

Looks like you’ll have to wait for that romantic dinner after all, since this e-card was actually spam in disguise.

If you haven’t heard of the Storm Worm virus, it spreads itself under a wide range of pretenses - most recently under the guise of an e-card, and often around popular holidays like Christmas or Valentine’s Day. A recent FBI warning announced that this Valentine’s Day is expected to be the next big target. Additional warnings have been showing up on numerous web sites, including this one from Network World.

This is just one real-life example of how quickly and easily malicious threats can wreak havoc on your corporate network. At RADirect, we’ve noticed an increase lately in organizations (especially SMBs and extra-vulnerable business like hospitals and universities) looking for a solution to protect themselves from such attacks.

We recommend and sell the Radware DefensePro (starting at $9995) intrusion prevention system (IPS). This solution is unique because it has the ability to detect and block both known (signature-based) AND unknown (zero-day) attacks, like Storm Worm and the similarly destructive Rahack. The latter is done via adaptive behavioral analysis, and requires no human intervention.

And by the way, if you do fall victim to the Storm Worm virus, you can notify the Internet Crime Complaint Center (IC3) by filing a complaint at IC3.gov.

So, Happy Valentine’s Day! Hope yours is filled with love, romance, and absolutely nothing involving worms or viruses.

Posted by Uri Zilberman at 08:19 PM | Permalink | Comments (0) | TrackBacks (0)

OK, so I know you’re not sitting at your desk viewing porn all day, but if you suspect (or know) that users on your network might be so inclined, read on...

We all know the expensive pitfalls of pornography in the workplace. Most obviously, it’s intrusive, offensive, and wastes valuable work hours. But even more importantly, it can lead to legal issues involving hostile workplace environments (hello, sexual harassment lawsuits).

With the recent release of their anti-spam appliance Mail-SeCure™ v3.6, PineApp added Inappropriate Content Control, also know as Porn MegaFilter. It's essentially an anti-pornography engine that eliminates the dirty stuff from corporate email systems by automatically detecting and blocking incoming and outgoing pornographic pictures as well as pictures embedded in PowerPoint presentations, videos and other media. It can also identify email with links to child pornography websites, block them and notify the administrator that the link is being sent.

At RADirect, we’ve received feedback from quite a few customers who said they would purchase Mail-SeCure for this feature alone. I find this alarming, only because it demonstrates how pervasive pornography in the workplace really is.

So what about your organization? Is pornography a big issue? How do you measure its costs? Have you faced, or been threatened with, legal action as a result of it? Do send me your feedback.

Posted by Uri Zilberman at 01:25 PM | Permalink | Comments (0) | TrackBacks (0)

With Halloween season in full swing, it seems perfectly natural to have zombies on the mind. But while you may enjoy the treat of having one appear on your doorstep, candy bag in hand, it’s not nearly as entertaining when they turn tricks in your corporate network.

Spam zombies (what’s this?) created by increasingly sophisticated spammers/hackers can wreak major havoc by turning your computers into virtual spamming machines. And you often don’t know about it until it’s too late. These little guys pose a significant threat to your domain, and can possibly get you blacklisted.

Pretty spooky, huh?

PineApp, one of RADirect’s vendor partners for corporate email security, has created a neat little tool called the Zombie Detection System (ZDS) that allows you to test your network IP addresses for the presence of such zombies that could be generating spam messages and using your network to send them.

It’s quick, easy, and free, so try it out here.

And Have a Happy Halloween!

Posted by Lisa Cibellis at 12:39 PM | Permalink | Comments (0) | TrackBacks (0)

I recently came across an eWeek article entitled “The Job of Securing the Database”. It reinforces what we at RADirect have learned about database security: it’s alarmingly lacking. The article cites a Forrester Research stat that estimates database administrators (DBAs) spend only 7 percent of their time addressing database security.

Evil-minded villains anxiously awaiting the day their organization’s sensitive information is blasted across the universe?

Not exactly.

It’s just that they are often bogged down with other things, or simply don’t know enough about security to deploy the necessary tools.

But the article also has good news: Seems the urgency of it all isn’t lost on those to whom it’s most critical (for example, the financial sector). Many organizations are taking steps towards improved database security by reorganizing the key team members responsible for it – i.e. moving DBAs out of their regular departments and inserting them within an IT security team. This win-win strategy brings more database knowledge into the IT Group while exposing the DBAs to the security-centric environment they need to gain more expertise.

Still Not Enough Time to Adequately Address Database Security?

If you're a DBA, you might also consider a tool like Sentrigo’s Hedgehog Oracle database security software.

I especially like this solution because it provides protection against both outsider and insider breaches and also helps facilitate regulatory compliance with reporting and forensics.

Perhaps even more importantly, it also offers virtual patching – predefined rules added in real-time to the Hedgehog system that address newly discovered vulnerabilities. This keeps your database protected from such threats during that critical interval between when they first become known and when Oracle releases the patch code (this can often take months!) and the organization actually applies it (several more months!). With Sentrigo's solution, there is no need to take the system down for the virtual patch installation.

Facing your own database security challenges? What's the bigger issue for you - lack of time or lack of knowledge? Please drop me a line and share your pains and gains.

Posted by Uri Zilberman at 10:54 AM | Permalink | Comments (0) | TrackBacks (0)

We at RADirect get pretty excited when one of the products we sell wins an industry award. Sure, we can rave all day long to customers about how great a product is, but it means a heck of a lot more when that product has the industry accolades to back up our claims.

So naturally, I was thrilled to learn today that one of our enterprise network security products, the PineApp Mail-SeCure anti-spam appliance, is currently in the running for a title in Info Security Products Guide’s “2008 Product Excellence Awards” competition. It's nominated in two categories:

1. Best Anti-Spam Solution
2. Best Email Security Solution

Of course, we're already privy to the Mail-SeCure's award-worthiness. Not only do we rely on it for our own email security, but we've also seen it drastically reduce spam for many of our customers. In fact, one of our PineApp customers, a large ISP that trusts PineApp to handle their 65 million monthly mails, just bought their 4th Mail-SeCure unit (a 5080 model - the 'big dog'!).

Wanna See PineApp Win?

We do, and we've already cast our votes (yup, this one lets real users have a say!). You can vote, too. Just visit the online voting booth to vote for the PineApp Mail-SeCure as your pick for the best anti-spam solution and best email security solution.

Remember to cast your vote in both categories, and invite your spam-hating colleagues to vote too! All votes must be submitted by October 8th.

UPDATE - 10/17/07: The PineApp Mail-Secure has achieved "finalist" status in both categories! Winners will be honored at the Technosium 2008 event in Santa Clara, CA on January 30, 2008.

Good Luck, PineApp!

Posted by Lisa Cibellis at 01:23 PM | Permalink | Comments (0) | TrackBacks (0)

I recently received a letter from my bank informing me that some of my personal information had been breached. While they did offer a one-year free subscription to Experian’s credit report monitoring system, they offered no explanation in regards to the type of breach, what specific information was stolen, and by whom.

I can’t say that I was very pleased with this outcome, and couldn’t help but feel resentful that my bank hadn’t taken any real measures to protect my sensitive information BEFORE it fell into the wrong hands.

I did a little research on this topic, and didn’t have to look very hard to find an alarming number of similar breaches (and these are just a few examples of the published ones!). They include:

1. July 2007 – A DBA contractor for a subsidiary of Fidelity Information Services was caught selling 2.3 million customer records, including credit card and bank account details.

2. July 2007 – An employee of a credit card processing company servicing the Disney Movie Club was caught by federal agents trying to sell credit card information.

3. December 2006 – Hackers gained access to a UCLA database containing personal information on 800,000 current and former students, faculty and staff, financial aid applicants and their parents (including those who did not even attend!). In this case, the university set up a dedicated website to help those affected by possible identity theft following the breach.

The good news is that there are now solutions that can prevent (or at least significantly reduce) this type of database security risk. In fact, we at RADirect are currently reselling a software offering from Sentrigo – the Hedgehog Oracle database security system (support for more databases coming soon). You can download a free 14-day eval license for the enterprise version.

If your business owns or maintains a database of personal information, please take real measures to protect it. It is the responsible thing to do, and represents a solid business practice.

Posted by Uri Zilberman at 02:13 PM | Permalink | Comments (0) | TrackBacks (0)