InternetNews.com, Sean Michael Kerner - This positive article on the aftermath of the XenSource acquisition noted the many ways in which Citrix is working to advance the Xen open-source project. Simon Crosby, Citrix chief technology officer, stated, “We’re absolutely committed to the Xen project and there are no plans to change that.” Crosby also indicated the open-source development methodology has been internalized at Citrix. InternetNews.com also noted the integration of Xen branding into the Citrix corporate brand, including the renaming of Citrix Presentation Server as Citrix XenApp.

Search doesn’t have to be complicated. You can deliver search solutions to your organization quickly and easily with Microsoft Search Server 2008. Below is a snap-shot view of Microsoft Search Server 2008:

Quickly find the information you need, using a familiar Search Center interface.

Pinpoint the most relevant information you need with recommended best bets, authoritative sources, term definitions, hit highlighting, and query correction.

Retrieve concise and clear search results, using duplicate collapsing, which allows you to quickly review a wide variety of relevant information.

Stay on top of new information relevant to your work by subscribing to update notifications of your search results using e-mail and RSS alerts.

Build upon a familiar user interface and application platform that lets you customize both your search experience and the actions you can take on your search results.

Index common information sources using out-of-the-box indexing connectors for file shares, Web sites, SharePoint sites, Exchange public folders, and Lotus Notes databases.

Use federated search connectors to quickly and easily connect to applications and services, using the Open Search standard.

Scale your deployment to meet your needs with no pre-set document limits, and using advanced indexing features like continuous propagation.

Take advantage of a strong Partner ecosystem to implement and further extend your search solution.

Review common administrative tasks, statuses, and settings in a single view, using a unified administrative dashboard.

Manage content sources, search scopes, authoritative sources, key words, best bets and other configurable relevancy settings through a powerful, easy-to-use management console.

Set crawl rules and schedules that govern how and when your information is indexed.

Maintain high availability and load balancing using a variety of topologies. Configure multiple Web, query, and clustered database servers.

Monitor search performance and improve search relevance with query and results reporting.

Help ensure that only the right people can find information, using query and index-time security trimming.

If you want to know more about Digital Reach’s Managed Services offerings or what Digital Reach can do for your business, click here to schedule a consultation or call us at 214.623.5200.

Core Security Technologies today announced that it has been chosen by the Data Protection Summit as a Best of Show awards winner for 2008 in the category of Most Innovative Data Protection Technology for CORE IMPACT, the most comprehensive product for performing enterprise security assurance testing.

The second annual Best of Show awards is the premier opportunity for industry recognition of innovative technology and how it is being used in the marketplace. Winning companies were judged by a panel of industry experts who evaluated each nomination according to the following criteria:

Distinctiveness of the application, technology or product
Central use of data protection as a solution
Technical and business significance

“The Data Protection Summit Innovation Award for Technology recognizes a company whose products and services have raised the bar for data protection,” said Jay Kramer, vice president of worldwide marketing, iStor Networks, and chairperson of the Data Protection Summit Awards Committee. “The Data Protection Summit is proud to recognize CORE IMPACT from Core Security Technologies as a solution that encompasses data protection innovation and makes a real difference in the marketplace today.”

Core Security Technologies, based in Boston, Mass., is the leading provider of enterprise security assurance testing software. Its product, CORE IMPACT, gives organizations visibility into critical information security weaknesses across network systems, end-user systems and web applications. By pinpointing exploitable vulnerabilities, IMPACT enables customers to regularly evaluate the effectiveness of their defensive infrastructure and end-user security policies. The product generates clear, actionable test reports that detail proven vulnerabilities, possible fixes and other information valuable to improving an organization’s overall security posture.

“Companies are losing the battle when it comes to protecting critical data assets, since they are often unable to view their information security from the perspective of attackers,” said Fred Pinkett, vice president of product management at Core Security Technologies. “Many businesses are now addressing this problem by using penetration testing products such as CORE IMPACT to evaluate their ability to detect, prevent and respond to security threats. We are pleased to receive this honor from the Data Protection Summit, and we are glad it recognizes our innovation as a step forward in enterprise information security.”

The Best of Show winners were honored during a special ceremony at the Data Protection Summit on Wednesday,
March 12.

Contact Digital Reach to discuss your CORE IMPACT implementation.

 Security experts are warning computer users to beware of malware attacks timed to coincide with April Fool’s Day, noting that the keepers of the Storm Trojan have already launched such attacks.

Source: SearchSecurity.com | Information Security Magazine

Researchers at Helsinki-based F-Secure Corp. said in the company blog that a new wave of April Fool’s Day-related Storm mails were spammed out late Monday with a link that points to an IP address. Subject lines carry such messages as “All Fools’ Day,” Doh! April Fool” and “Surprise! The joke’s on you.”

There appears to be no text in the messages, only the URL that, if clicked, downloads executable files with such names as “foolsday.exe” and “kickme.exe.” The files carry the Storm Trojan.

“Virus coverage is poor with the samples we’ve captured, but we’re working with the antivirus vendors to improve that,” Stephen Hall, a handler at the Bethesda, Md.-based SANS Internet Storm Center (ISC), said in a message on the SANS ISC blog.

In a follow-up message on the ISC site, handler Joel Esler reminded people to be aware of this and other April Fool’s tricks.

Controllers of the Storm botnet have a history of using holidays such as Valentine’s Day and news events such as a wave of storms that swept across Europe several months ago to dupe people into opening infected emails.

Meanwhile, victims falling pray to the Pushdo Trojan aren’t finding any love. Sunnyvale, Calif.-based network security vendor, Fortinet has been tracking the Pushdo, which continues to spread as a result of a successful eCard spam campaign. The eCard touts nude photographs, random female names and a fake link to relationship sites.

If the victim opens an attachment in the email, “Pushdo.EV cycles through various IP’s in an attempt to establish an HTTP session where it will download a rootkit component,” Fortinet said in its March threat report. The Pushdo botnet is growing larger and gaining in activity, according to Fortinet security research engineer Derek Manky.

Source: www.widespreadpr.com

This month a serious data breach occured at the Hannaford Bros. supermarket chain which exposed 4+ million credit and debit card numbers to ID theft.  The company explained via a release on their website that the company had detected an intrusion of its computer network that resulted in the theft of customer credit and debit card numbers.

The incident, which occured around Feb. 27th, is very similar to the security breach at Framingham TJX Companies that affected 94 million credit card holders.

The Hannaford breach happened despite investments made to bolster security in the last couple years. As part of its PCI DSS compliance measures, for example, the company worked with its checkout counter computer software vendor to enhance encryption and eliminate some of the credit card data that had been stored. The fact that a breach occurred anyway illustrated the need for companies to create an advance response plan.

Are your systems protected from outside attackers? 

Microsoft’s Windows Server 2008 is the most advanced server operating system designed to power future networks, applications, and web services.  Windows Server 2008 delivers valuable new functionality and powerful improvements to the operating system.  The new web tools, virtualization technologies, and security enhancements provided by Server 2008 help you save time, reduce costs, and provide stability.

Windows Server 2008 provides a solid foundation for all of your server workload and application requirements while being easy to deploy and manage. Hallmark Windows Server reliability and enhanced high availability features help ensure your critical applications and data are available when you need them.

Initial Configuration Tasks moves interactive elements of setup to after installation, eliminating the need for the administrator to interact with the installation of the operating system.

Server Manager, the expanded Microsoft Management Console (MMC), provides a one-stop interface for server configuration and monitoring with wizards to streamline common server management tasks.

Windows PowerShell, a new optional command-line shell and scripting language, enables administrators to automate routine system administration tasks across multiple servers.

Windows Reliability and Performance Monitor provides powerful diagnostic tools to give you ongoing visibility into your server environment, both physical and virtual, to pinpoint and resolve issues quickly.

Optimized server administration and data replication for increased control over servers located in remote locations, such as a branch office.

Componentized Server Core installation option allows minimal installations where only the server roles and features you need are installed, reducing maintenance needs and decreasing the available attack surface of the server.

Windows Deployment Services (WDS) provides a simplified, highly secure means of rapidly deploying Windows operating systems to computers by using network-based installation.

Failover clustering wizards make it easy for even IT generalists to implement high-availability solutions, Internet Protocol version 6 (IPv6) is now fully integrated, and geographically dispersed cluster nodes no longer need to be on the same IP subnet or configured with complicated Virtual Local Area Networks (VLANs).

Network Load Balancing (NLB) now supports IPv6 and includes multiple dedicated IP address support which allows multiple applications to be hosted on the same NLB cluster.

Windows Server Backup incorporates faster backup technology and simplifies data or operating system restoration.

Businesses such as yours need their data to be highly secure and their IT systems reliable.  Digital Reach, Inc. can help you increase the security features and reliability of your systems with well-supported Microsoft products.  Windows Server® 2008 and other solutions offer robust security features for servers and clients, helping you simplify security management while working to protect your network from intruders. 

Our solutions are designed to automate backups and help optimize performance to make managing desktops easier, allowing you to stay productive and worry less about downtime or losing your critical business information. Plus, they can help stop viruses and malware from infecting desktops and impacting worker productivity. 

How to determine if I have the Storm Worm?
How to determine if my email is infected with the Storm Worm? 

The Storm Worm ( a botnet of infected computers that feeds off unprotected users to strengthen its network ) may arrive in an email with one of the common subject lines listed below: ( see below that for a list of attachment filenames to avoid )

Original Source: Snopes.com

Email Subject Lines:

ATTN!
Spyware Alert!
Spyware Detected!
Trojan Alert!
Trojan Detected!
Virus Activity Detected!
Virus Alert!
Virus Detected!
Warning!
Worm Activity Detected!
230 dead as storm batters Europe.
A killer at 11, he’s free at 21 and…
British Muslims Genocide
Naked teens attack home director.
U.S. Secretary of State Condoleezza Rice has kicked German Chancellor Angela Merkel
Russian missle shot down Chinese satellite
Russian missle shot down USA aircraft
Russian missle shot down USA satellite
Chinese missile shot down USA aircraft
Chinese missile shot down USA satellite
Sadam Hussein alive!
Sadam Hussein safe and sound!
Radical Muslim drinking enemies’ blood.
U.S. Southwest braces for another winter blast. More then 1000 people are dead.
Venezuelan leader: “Let’s the War beginning”.
Hugo Chavez dead.
President of Russia Putin dead.
Third World War just have started!.
The Supreme Court has been attacked by terrorists. Sen. Mark Dayton dead!.
The commander of a U.S. nuclear submarine lunch the rocket by mistake..
First Nuclear Act of Terrorism!.
So in Love
Happy World Religion Day!
Most Beautiful Girl
Someone at Last
I Believe
The Dance of Love
The Miracle of Love
All For You
Vacation Love
I am Complete
Wrapped Up
Moonlit Waterfall
A Little (sex) Card
A Special Kiss
Hugging My Pillow
Safe and Sound
You’re Soo kissable
A Romantic Place
Breakfast in Bed Coupon
For You
I Love You So
Want to Meet?
We Are Different
We Have Walked
You Asked Me Why

The attachment filename may be any of the following:

Full Clip.exe
Full Story.exe
Read More.exe
Video.exe
Full Video.exe
Full Text.exe
Flash Postcard.exe

Nugache is a worm that has actually been around longer than Storm.  The Storm Worm is one of the worst botnets on the net but Nugache could take its place.  Researchers report that Nugache has been revised and updated to make it more powerful…perhaps even more powerful than Storm.

Both Nugache and Storm are botnets.  That means they are made up of networks of infected computers that work together to distribute spam to millions of users.  These networks are then bought by spammers to distribute spam email like mortgage offers, performance enhancing drugs, pump-and-dump stocks and ecards. 

The problem is these networks could just as easily mail out a keylogger program that would record items like your login to your bank or credit card number entered in at an ecommerce site.  The keylogger program would then send that back to the botnet creator to be sold.

Are you protected?  Contact Digital Reach and let us protect your network!

Cisco has announced the “end-of-life” for Cisco PIX Security related products and has encouraged the migration to Cisco ASA 5500.  Businesses face a growing number of network security challenges due to many different dynamics in the industry.

The number and sophistication of attacks is increasing, with threats such as botnets and the exploitation of multiple vulnerabilities in many of today’s Web services, applications, and back-end systems. Increasing collaboration with business partners and customers requires more security at what was the Internet edge and new forms of secure remote access to critical business data. Many advanced technologies, such as unified communications and wireless, are being adopted as mission-critical infrastructure and require new forms of security to protect them. Finally, regulations pertaining to business governance and privacy are affecting businesses more than ever and forcing them to change their business practices and increase their overall level of information security.

On January 28, 2008, Cisco announced the end-of-sale and end-of life dates for Cisco PIX Security Appliances, software, accessories, and licenses. The last day for purchasing Cisco PIX Security Appliance platforms/bundles will be July 28, 2008 and the last day to purchase accessories and licenses will be January 27, 2009. It is important to note that Cisco will continue to support Cisco PIX Security Appliance customers through July 27, 2013.

Cisco PIX Security Appliance customers are encouraged to migrate to Cisco ASA 5500 Series Adaptive Security Appliances. In addition to providing the same robust firewall and IPsec VPN capabilities as Cisco PIX Security Appliances, the Cisco ASA 5500 Series offers significantly better performance and scalability, SSL VPN support, advanced Unified Communications (voice/video) security, and a modular design that allows you to add features such as intrusion prevention (IPS), antivirus, antispam, antiphishing, and URL filtering. Migration to the Cisco ASA 5500 Series is straightforward, because consistent management and monitoring interfaces allow you to take advantage of your knowledge and investment in Cisco PIX Security Appliances.

The Cisco ASA 5500 delivers many benefits, including the following:

• Assists businesses meet compliance and regulatory requirements like HIPAA, PCI and many more.
• Delivers secure mobility services to improve access to SSL VPN technologies.
• Overall cost to maintain one or more security services is lowered.
• Gives customeres the ability to take advantage of training and operational experience from Cisco PIX Security Appliances.
• Secures unified communications with end-to-end encrypted voice and video communication with greater capacity and scalability.

Why Migrate to Cisco ASA 5500? 

Better Performance. Stronger Security. Increased Scalability. Protection from application-layer threats.

Digital Reach PIX to ASA Migration Services

The Stration Worm, found mostly in SPAM, could pose a real threat given the potential its creators could unleash.

Security vendors are rating the Stration Worm ( also known as Warezov, Stration and Stratio ) as a low risk infection but admit that the worm is difficult to work with. 

The malware is a virus spread via mass-email and infects machines running Windows.  The infected computer, usually infected due to opening an attachment via email from a spam message, then sends itself out again to other email addresses located in the host computer’s contact list. 

The tricky part is the code is capable of downloading new versions of itself as frequently as every 30 minutes from a batch of websites on the Internet.  The new versions are created by the creator of the original hacker.  This new way is more difficult to identify and solve because the code resides on host computers that can be altered to stay ahead of the virus protection efforts.

Sample Email Subject: “This is not shown on TV.” with attachment: picture0000.zip.

This leading email worm is certainly something to watch.

Are you protected?

Related:
http://antivirus.about.com/od/virusdescriptions/p/stration.htm

http://www.spywareguide.com/product_show.php?id=3108

http://www.sophos.com/security/analyses/w32strationx.html