Home

93% of the Respondents Conduct Firewall Audits Manually; 60% Cited Lack of Time is the Weakest Link in Network Security; Reported Cheating on Audits Has Doubled Since 2010

Ramat Gan, Israel, November 16, 2011 – Tufin Technologies, the market-leading provider of Security Lifecycle Management solutions, has found that 75% of organizations believe their current change management processes could put them at risk of a security breach. Having sampled 100 network security professionals directly involved in firewall management and auditing, this year’s survey reveals that manual processes - and the time constraints they create - are the biggest challenge facing today’s network security professionals.

London, UK, (16 November 2011) — With the increased use of mobile devices to pay for goods and services, traditional wallets with cash and credit cards could one day be obsolete. A new ISACA white paper, “Mobile Payments: Risk, Security and Assurance Issues,” examines this growing trend and offers guidance on managing risk and increasing security. Mobile Payments: Risk, Security and Assurance Issues

Cryptzone says iOS/iTunes revelations mean the iPhone and iPad can be totally `pwned'

Commenting on the fact that Apple's `walled garden' approach to app security on iPhones, iPads and other iOS-driven devices has been seriously compromised by a researcher, Cryptzone says that it expects to see real hacker subversions of the Apple smartphone and tablet computing platform in the near future.

According to Grant Taylor, vice president of the encryption, port control and compliance vendor, until now it was thought that Apple's iOS platform was relatively invulnerable to subversion by conventional malware, but the fact that the security of the iTunes vetting procedure can be side-stepped by sneaking in a darkware app - right under Apple's noses - shows what can be done.

"The revelation that iPhone and iPad malware can be created - and distributed on one of the largest and most trusted portable applications arena on the planet - will create what I call the Colditz effect. Colditz is a Renaissance castle in the town of the same name near Leipzig in Germany - it was used as a prisoner-of-war camp by the Germans in World War II, as it was thought impossible to escape from, on account of its high levels of security," he said.

As part of this week’s ‘Get Safe Online’ campaign, Trusteer today issued a warning that fraudulent phone calls are increasing in popularity amongst the criminal community to commit ID theft and that everyone needs to be on their guard to avoid falling victim – on or offline.  One possible use for these bogus ‘bank’ calls is to utilise personal identification information stolen using malware to give fraudsters credibility as they collect the missing information required to ‘pull off’ their scams.

“The phenomenon of stealing data using one channel such as the web and using it in a different channel or context such as social engineering attacks is often overlooked”, said Amit Klein, CTO of Trusteer.  “Trusteer has found that data collected by Man in the Browser attacks can be used for other purposes than automated transaction fraud.  Defending against the new wave of hybrid attacks requires both technology to detect MitB malware and vigilance from the users of online services.”