Networking

Computer Associates International, Inc. (CA), the world's leading provider of eBusiness management solutions, today announced that it is offering a free security assessment service to North American companies. This service will enable IT managers to better understand their business' vulnerability to a wide spectrum of security threats.

CA is offering this service in response to growing cyber-security concerns prompted by recent attacks against the nation's physical and economic infrastructures. The assessment provides insights into key areas of eBusiness security, including:

Source: The Register

Compaq has taken its customer tracking site offline today after the Register alerted it to a security issue that left sensitive customers details exposed on an insecure server.

Source: ZDnet

Internet backbone provider MCI WorldCom has acknowledged that network-intrusion specialist Adrian Lamo used a security hole in a company Web server to grant himself access to its administrative network.

The quizzical hacker poked around WorldCom's system four times over the past two months, ending last Friday when he told the company of the hole and helped it secure a misconfigured server.

Wouldn't it be great if all of us got that kind of attention?

Source: CNET

This is a video clip of Sun Ceo, Scott McNealy, demoing some of Sun's security features.

Source: The Register

Nokia has upgraded its phone software to guard against a security glitch that might allow a cracker to render a phone inoperable by sending a text message. However, older phones may still be vulnerable.

Source: Infoworld

CUSTOMERS ATTENDING THE InfoSecurity 2001 show in New York this week are making their security shopping lists and checking it twice, determined to bring normalcy to IT systems thrown into disarray during a year fraught with security threats.

The Computer Emergency Response Team's Coordination Center, an important national clearinghouse for computer-security information, came under attack Wednesday, leaving its main Web site only intermittently reachable. The so-called denial-of-service attack didn't affect the group's ability to push security incident information to its members, but made public access to its sites a crap shoot.

"We are working with our service providers to resolve this problem," Bill Pollak, public relations coordinator for the CERT Coordination Center, said in a statement.

Nomad Mobile Research Centre found and reported on few vulnerabilities in ValiCert Enterprise VA v3.3 - 4.2.1 releases. Advisory deals with Path Disclosure, Cross Site Scripting Problem, Random Key Generation Issue and Multiple Buffer Overflows.

Read the Advisory here : NMRC.

There's a persistent problem with today's new breed of gigabit-speed intrusion-detection systems: They simply cannot plow through IP traffic fast enough to provide blanket protection on networks running at gigabit speed, according to industry experts and at least three vendors who make such products.

Anti-virus companies today have put a new e-mail-borne worm that targets PCs running Microsoft Windows near the top of lists cataloging prolific Internet intruders. At least one company says the worm, known as "Goner," may be the fastest-spreading e-mail attacker since the infamous "Love Letter virus" circumnavigated the global Internet in the spring of 2000.