STE WILLIAMS

Microsoft and Adobe bias their Patch Tuesdays towards the beginning of the month, choosing the second Tuesday, which can be no later than the 14th.

Oracle pitches its fixes at the middle of the month, choosing the Tuesday closest to the 17th (don’t ask – we don’t know why), which can be no earlier than the 14th.

So this is one of these months when they all align and we get a Trifecta – Patch Threesday!

All three companies have issued announcements about their forthcoming announcements, and here they are, though they all use slightly different names:

Adobe’s fixes

If you’re wondering, “What about Adobe Flash” (assuming you still have it installed in your browser), you’ll have to keep on wondering until tomorrow.

Adobe’s only advisory so far in 2014 is the abovementioned “prenotification” for the PDF-related Reader and Acrobat products.

Acrobat and Reader versions X and XI will be getting fixes for critical vulnerabilties, defined by Adobe as:

[Vulnerabilities] which, if exploited would allow malicious native-code to execute, potentially without a user being aware.

That’s what you and I call a drive-by install.

Oracle’s fixes

Oracle’s announcement is the Brobdingnagian bulletin of the three, though that is hardly surprising, considering that the company is patching 40 products in 45 versions, and that it patches only quarterly, not monthly.

The Oracle announcement doesn’t say exactly what bugs are getting squashed, but it does mention a total of 144 vulnerabilities, of which 82 can be considered critical.

In Oracle’s own words:

These vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over a network without the need for a username and password.

That’s what you and I call a drive-by install.

The Oracle update that directly impacts the most users is without doubt the update to Java, which affects users and developers alike.

The new release of Java will supersede all currently-supported versions of Java: 5.0u55 and earlier, 6u65 and earlier, 7u45 and earlier.

Remember that Java is not JavaScript, and while most of us use and need JavaScript in our browsers, many of us can manage perfectly well without browser-based Java.

(Audio player not working? Download to listen offline, or listen on Soundcloud.)

You can have Java installed, allowing you to download and run regular applications written in Java, without activating Java in your browser and thereby exposing it to hostile applets.

Applets are supposed to be safer than applications, but they can be embedded in malicious web pages, and can therefore attack your browser surreptitiously, without triggering any download warnings or asking for permission.

To quote James Wyke of SophosLabs, in our recent Techknow podcast, Understanding Botnets:

Java is one of the most common infection vectors of the last year or so, because lots of people are running an outdated version of Java that lots and lots of exploits exist for.

So you should not only get Oracle’s updates on Tuesday, but also consider turning Java off in your browser if you haven’t already.

(If you aren’t sure, just give it a try. If a website you really need won’t work without Java, you can always turn the Java plugin back on.)

Microsoft’s fixes

Last, and this month, by all means the least, comes Microsoft.

Redmond opens its scorecard for 2014 with an impressively modest set of fixes: four bulletins; no Internet Explorer cumulative fix; and no updates denoted critical.

There are three Elevations of Privilege and one Denial of Service, and that’s that.

Two of the bulletins are listed as related to Windows: one of them applies only to Windows XP (which you are no longer using, right?); the other is for Windows 7 and Server 2008 R2.

(Audio player not working? Download to listen offline, or listen on Soundcloud.)

Windows 8, Server 2012 and the Server Core versions of Windows escaped without patches this month.

And there you have it: there’s something for just about everybody this month, especially those who still have Java installed.

Follow @duckblog

Article source: http://feedproxy.google.com/~r/nakedsecurity/~3/Rp8a2Wsl_CA/

Tags: Apple, botnet, breach, chester wisniewski, chet chat, ios, James Wyke, Java, mavericks, Neiman Marcus, online banking, Oracle, Patch Tuesday, Paul Ducklin, sophos security chet chat, sscc, trget, updates, Zero Access

Article source: http://feedproxy.google.com/~r/nakedsecurity/~3/vb-5CsnC1Ps/

Hot on the heels of yesterday’s announcement that it’s launched a new £4 million campaign to help raise awareness of cyber security issues, the UK government has today urged small and medium-sized businesses (SMEs) to get more clued-up on cyber security.

It stresses that SMEs need to increase their protection online, not just for their own safety and that of their customers, but also because it could well present more business opportunities:

• 59% of consumers said they would be more inclined to shop online with a large brand, rather than a SME, because of concerns over cyber security
• 82% of consumers say they would buy more online from SMEs if these businesses were better at showing how well protected they are from cyber crime
• 3 out of 4 (77%) of procurement managers at large businesses say they require SMEs to prove their cyber security worth before they will be considered for selection as a supplier.

Security Minister James Brokenshire said:

Companies who have effective cyber security in place can gain an advantage over their competitors because they are trusted by their customers. If people are aware their data and details are safe they are more likely to do business with you.

The govenment quotes recent research on SME online safety which shows only:

• 46% regularly monitor their IT systems for breaches
• 48% restrict access to their IT networks
• 58% regularly use complex access passwords
• 66% regularly download the latest software updates
• 46% control the use of USB storage devices.

It’s clear that there is work to do, which is why the government is helping to educate SMEs with its new Cyber Streetwise website, which includes lots of tools to help keep everyone safer online.

Brokenshire comments:

The ‘Cyber Streetwise’ website is designed to provide SMEs with impartial advice and tips about how to make some simple but effective changes to improve their online security. This in turn will enhance their reputation, improve consumer confidence and ultimately, boost sales.

Sophos is helping to support Cyber Streetwise with content and advice on the Cyber Streetwise website, as well as a range of tools and tips to help educate people on its own site.

There’s even a ‘Threat hunter’ game to help you spot the threats that might be lying around on your desk.

And if you haven’t yet done so, you can assess the security of your network here.

Follow @NakedSecurity

Article source: http://feedproxy.google.com/~r/nakedsecurity/~3/8Iv9pf5I_Sw/

A US court in the state of Virginia ruled on 7 January that anonymous users aren’t covered by First Amendment protection of free speech if a review “is based on a false statement”.

Joe Hadeed, the owner of Hadeed Carpet Cleaning, which is based in Virginia, told the court that seven Yelp users had left anonymous, negative feedback about his business on the review service.

His lawyers filed against Yelp, demanding that it reveal the names of the posters.

The court agreed and ordered Yelp to comply, deeming that Hadeed had provided enough for it to conclude that the Yelp users might not actually have been customers of his business.

Hadeed had told the court that the bad reviews hadn’t matched up with actual customers in his database.

Therein lies the “false statement” logic.

Judge William G. Petty of the Circuit Court for the City of Alexandria said in his majority decision that being anonymous online isn’t the issue, per se; rather, it’s the possibility that somebody’s posing as a customer and making false, potentially libelous statements:

The anonymous speaker has the right to express himself on the Internet without the fear that his veil of anonymity will be pierced for no other reason than because another person disagrees with him.

[But] if the reviewer was never a customer of the business, then the review is not an opinion; instead the review is based on a false statement.

A dissenting judge, Senior Judge James W. Haley Jr., said in a separate opinion that Hadeed’s assertions about the anonymous bad reviewers not being customers hadn’t been proved and thus amounted to little more than self-serving suspicions.

The Washington Times quoted Justice Haley Jr.:

A business subject to critical commentary should not be permitted to force the disclosure of the identity of anonymous commentators simply by alleging that those commentators may not be customers because they cannot identify them in their database.

Yelp and others are decrying the decision, charging that it is a blow against both free speech and consumers’ access to information about companies.

Paul Levy, one of Yelp’s lawyers and an employee of the Washington, DC-based nonprofit advocacy group Public Citizen, told the news outlet that Hadeed hadn’t justified the unmasking of anonymous users:

Hadeed really did nothing to justify the need for the identity of the [John Does] in this case. … It’s going to make it more difficult for the marketplace of ideas to get valuable information about companies.

Furthermore, Yelp spokesman Vince Sollitto told the Washington Times in a statement, when compared with other states, Virginia’s decision is based on a lack of rigor when it comes to demanding proof before requiring that users be outed:

We are disappointed that the Virginia Court of Appeals has issued a ruling that fails to adequately protect free speech rights on the internet, and which allows businesses to seek personal details about website users — without any evidence of wrongdoing — in efforts to silence online critics. … Other states require that plaintiffs lay out actual facts before such information is allowed to be obtained, and have adopted strong protections in order to prevent online speech from being stifled by those upset with what has been said. We continue to urge Virginia to do the same.

Freedom of speech advocates – The Washington Post, Gannett Co. Inc., the Reporters Committee for Freedom of the Press and the American Society of News Editors – have filed friend of the court briefs in support of Yelp, The Washington Times reports.

Is this court decision an attack on First Amendment rights to free speech?

Justice Petty quotes many court decisions that make it clear that defamatory speech isn’t protected by the First Amendment. One such quote, from Herbert v. Lando, 441 U.S. 153, 171 (1979):

[S]preading false information in and of itself carries no First Amendment credentials.

So really, what it boils down to isn’t so much that negative reviews do or do not merit First Amendment protection. They do. It’s only false negative statements that do not merit protection.

The question at stake is whether this decision was based on evidence that truly substantiated the falsity of Hadeed’s negative reviews – i.e., was it proved that the reviewers weren’t customers, or was it just a suspicion?

Is Yelp being forced to unveil anonymous reviewers because rigorous forensics were done to determine that the reviews were false?

Or was this action taken just because of Hadeed’s gut feeling?

As commenters on my coverage of a recent astroturfing sting made clear, review sites like Yelp not only serve as a platform for puff pieces from astroturfers; they also get bogus negative reviews written about businesses by competitors looking to sink them.

Hadeed may have gotten picked on by a competitor who invented fake customers with fake reviews to discredit him.

If so, then the First Amendment simply doesn’t apply to the bogus customers, and Yelp should, indeed, strip off the cloak of anonymity.

But if Hadeed failed to rigorously establish that the supposed customers were in fact anti-astroturfing then I’m with the dissenting judge in this case.

If you can’t identify a supposed customer in your database who’s posting negative reviews, maybe that review is, indeed, cooked-up defamation. Then again, maybe you’re just not that hot at keeping up your database.

Follow @LisaVaas

Follow @NakedSecurity

Image of Yelp stickers courtesy of Yelp on Flickr.

Article source: http://feedproxy.google.com/~r/nakedsecurity/~3/EXIvsBc5IeI/

As expected Microsoft delivered four patches today covering Windows XP, 2003, 7, 2008 R2, Word and Dynamics. All four patches are rated important, the first time in memory that none of the fixes were critical.

The Word fix applies to all Windows versions and could result in remote code execution (What’s this mean?). The operating system fixes will require a reboot.

Adobe also released fixes today for Acrobat and Reader X and XI. This first update of 2014 for Adobe fixes three remote code execution vulnerabilities and should be considered a critical update.

You can get the updates from the integrated updater tool or from http://get.adobe.com/reader.

The big one today is Oracle’s quarterly update which it calls Critical Patch Update January 2014. As Duck commented, it is a bundle of fixes covering 144 different vulnerabilities.

Many Oracle products are covered, I am only going to highlight the most common ones here. You can view the complete list on Oracle’s security page.

Java has been updated, as expected, fixing 36 vulnerabilities, 34 of which are remotely exploitable without authentication.

If you don’t need Java, please remove it. If you aren’t sure, remove it… You can always reinstall. If you must have it installed, be sure to apply this update immediately.

Oracle also patched 18 vulnerabilities in MySQL, 3 remotely exploitable and 9 vulnerabilities in VirtualBox, 4 of which are remotely exploitable.

As always, we advise you to update as soon as you are able.

Follow @chetwisniewski

Article source: http://feedproxy.google.com/~r/nakedsecurity/~3/G22vCHppqsI/

Master list of DNS terminology

Chinese hackers have launched an internet attack which has hobbled the internet connections of at least 100 British businesses.

An unknown group or individual thought to be based in the People’s Republic used a SYN flood attack to attack the 600 and 660 models of router from Taiwanese firm ZyXEL.

Sources at ZyXEL and the ISP MDNX confirmed that the attack came from a Chinese IP address.

This denial-of-service attack involves sending a torrent of TCP connection requests from a series of spoofed source addresses. Receiving a large number of forged TCP requests – with the SYN flag in each packet set to request a new connection – causes the target system to grind to a halt as it waits for confirmations that will never arrive.

A source familiar with the matter told The Register that more than 100 businesses had phoned in to complain about failed internet connections.

“These [routers] are legacy models which are six years old and there are many, many of them out there in the wild. The attack is carrier agnostic and affects anyone using the router.”

Another source with detailed knowledge of the matter confirmed the attack and said users could save themselves by closing their router’s remote management port.

He said: “We know this attack came from China and used a number of public IP addresses. It seems to be completely random. We don’t know why the attacks are coming.”

One Twitter user tweeted this yesterday evening:

SYN Flood Attack confirmed against ZyXEL and Draytek routers causing power cycling, change management port and lock down access IPs.

— David Hodgson (@DKHodgson) January 13, 2014

The Register contacted ZyXEL for comment but have not yet received a response. We’ll update this article if we hear anything from the company.

Nobody knows why Chinese hackers chose to launch this attack or even whether they are genuinely based in the country. Do you know any more about this SYN flood assault or have you been affected? Get in touch (click my name at the top of this story for contact details) and let us know. ®

An On-Premise Private PaaS

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2014/01/14/chinese_hackers_cripple_british_firms_internet_connections/

The federal government may have specific policies for security, but many of its users aren’t adopting secure mobile practices and behaviors, according to a new study by the Mobile Work Exchange.

The public-private partnership’s study, which was commissioned by Cisco Systems, is based on data gathered from the Mobile Work Exchange’s self-assessment tool for organizations to measure the security of their mobile workforce. The report focused on tablets, smartphones, and laptops, and found that 90 percent of government users who were assessed by the tool use at least one of those devices for work.

More than 40 percent of government users are putting their agencies and devices at risk, according to the report, which encompassed 155 users and 30 different government agencies, mostly civilian. On the flip side, 86 percent lock their computers when they leave their desks and 78 percent store files in a secure place.

More than 30 percent use public wireless networks, the study found, 52 percent don’t use multifactor authentication or encrypt their data, and 25 percent don’t use passwords for their mobile devices. Those that do are employing weak passwords, however: One in three create “easy” passwords, such as “1234” or “password.” Around 15 percent of the government users say they have downloaded a personal app on their work mobile devices, and 10 percent say they have opened either an email or text from a sender they didn’t know.

“The 2014 Mobilometer Tracker study shows that 6 percent of government employees who use a mobile device for work say they have lost or misplaced their phones. In the average federal agency, that’s more than 3,500 chances for a security breach. Organizations need to take the necessary steps to protect their data and minimize the risk of data loss,” says Larry Payne, Cisco vice president for its U.S. Federal group.

Close to 60 percent of feds don’t secure their agencies’ data properly, and more than one in four are not getting any security training for mobile. About half say their agencies have official mobile device programs. The good news: Government users scored better than users in the private sector, where 60 percent of users say they have downloaded a nonwork-related app on the mobile devices they use for work. And more than half of agencies require users to register their mobile devices, while only 21 percent of private industry organizations do so.

“While the government is significantly safer than its counterparts, there is still much work to be done,” says Cindy Auten, general manager of Mobile Work Exchange. “Ensuring policies are being enforced is the best way to secure critical government data. Closing this gap equips government employees with the knowledge to thwart potential security breaches.”

The full report is available here for download.

Have a comment on this story? Please click “Add Your Comment” below. If you’d like to contact Dark Reading’s editors directly, send us a message.

Article source: http://www.darkreading.com/end-user/feds-failing-to-secure-their-mobile-devi/240165345

FORT LAUDERDALE, FL – (January 14, 2014) – Prolexic Technologies, the global leader in Distributed Denial of Service (DDoS) protection services, today reported that mobile applications are being used in DDoS attacks against enterprise customers. This is one of many key findings found in the company’s Q4 2013 Global DDoS Attack Report, which was published today and can be downloaded from www.prolexic.com/attackreports.

“The prevalence of mobile devices and the widespread availability of downloadable apps that can be used for DDoS is a game changer,” said Stuart Scholly, president of Prolexic. “Malicious actors now carry a powerful attack tool in the palm of their hands, which requires minimal skill to use. Because it is so easy for mobile device users to opt-in to DDoS attack campaigns, we expect to see a considerable increase in the use of these attack tools in 2014.”

Data gathered in Q4 from attacks against Prolexic’s global client base shows that mobile devices participated in a DDoS attack campaign against a global financial services firm. Digital forensics and attack signature analysis conducted by the Prolexic Security Engineering and Response Team (PLXsert) detected the use of AnDOSid, an Android operating system tool that performs an HTTP POST flood attack.

“Mobile devices add another layer of complexity,” explained Scholly. “Because mobile networks use super proxies, you cannot simply use a hardware appliance to block source IP addresses as it will also block legitimate traffic. Effective DDoS mitigation requires an additional level of fingerprinting and human expertise so specific blocking signatures can be developed on-the-fly and applied in real-time.”

Prolexic believes that developers of applications commonly used in DDoS attacks like Low Orbit Ion Canon (LOIC) will increasingly port them to mobile platforms in 2014. “Traditionally, some type of infection or malware was required,” said Scholly. “With mobile apps, malicious actors can choose to proactively participate in orchestrated DDoS attack campaigns. When you consider how many mobiles device users there are in the world, this presents a significant DDoS threat.”

Prolexic’s latest DDoS attack report shows the total number of attacks against its clients in Q4 2013 once again set a new record for one quarter, illustrating the heightened level of DDoS activity throughout 2013. Compared to the same quarter one year ago, total attack volume increased 26%. A week-by-week comparison to Q4 2012 shows increases in attack volume across eight of the 12 weeks of the quarter.

Highlights from Prolexic’s Q4 2013 Global DDoS Attack Report

Compared to Q4 2012

• 26.09 percent increase in total DDoS attacks

17.42 percent increase in application layer (Layer 7) attacks

28.97 percent increase in infrastructure layer (Layer 3 4) attacks

28.95 percent decrease in average attack duration: 22.88 vs. 32.21 hours

Compared to Q3 2013

1.56 percent increase in total DDoS attacks

0.55 percent increase in application layer (Layer 7) attacks

1.86 percent increase in infrastructure layer (Layer 3 4) attacks

7.25 percent increase in average attack duration: 22.88 vs. 21.33 hours

48.04 percent increase in average peak attack bandwidth to 4.53 Gbps

151.21 percent increase in peak packets-per-second rate to 10.60 Mpps

Analysis and emerging trends

The largest DDoS attack Prolexic mitigated in Q4 peaked at 179 Gbps, which is the largest DDoS attack the company has faced to date. Attack sizes continue to grow and this quarter, Prolexic mitigated several attacks over 100 Gbps.

As in previous quarters, malicious actors continued to favor launching Layer 3 and Layer 4 attacks targeting infrastructure elements. Infrastructure attacks accounted for 76.76 percent of total attacks during the quarter with application layer attacks making up the remaining 23.24 percent. UDP (13.15 percent), UDP fragment (17.11 percent), DNS (9.58 percent), SYN (14.56 percent) and HTTP GET (19.91 percent) floods were the most common attack types directed against Prolexic clients. The CHARGEN protocol, commonly used in reflection attacks, increased 92.31 percent this quarter, illustrating the growing popularity of this attack type.

“Looking back over 2013, a number of significant DDoS trends were observed,” said Scholly. “These include the emergence of Layer 7 toolkits, the rise in DDoS-for-hire services, the resurrection of amplified Distributed Reflection Denial of Service (DrDoS) attacks as a common and powerful attack vector, as well as the steady rise in the number of DDoS attacks originating from Asian countries.”

These trends are discussed in detail in Prolexic’s “Q4 2013 Global DDoS Attack Report.” A complimentary copy is available as a free PDF download from www.prolexic.com/attackreports. Prolexic’s Q1 2014 report will be released early in the second quarter of 2014.

About Prolexic

Prolexic is the world’s largest, most trusted Distributed Denial of Service (DDoS) mitigation provider. Able to absorb the largest and most complex attacks ever launched, Prolexic restores mission-critical Internet-facing infrastructures for global enterprises and government agencies within minutes. Ten of the world’s largest banks and the leading companies in e-Commerce, SaaS, payment processing, travel/hospitality, gaming, energy and other at-risk industries rely on Prolexic to protect their businesses. Founded in 2003 as the world’s first in-the-cloud DDoS mitigation platform, Prolexic is headquartered in Hollywood, Florida, and has scrubbing centers located in the Americas, Europe and Asia. To learn more about how Prolexic can stop DDoS attacks and protect your business, please visit www.prolexic.com, follow us on LinkedIn, Facebook, Google+, YouTube, and @Prolexic on Twitter.

Article source: http://www.darkreading.com/mobile/mobile-applications-being-used-for-ddos/240165390

SAN FRANCISCO – January 14, 2013 – Black Lotus, a leader in availability security and provider of distributed denial of service (DDoS) protection, today announced that its Protection for Networks (PFN) solution is providing data center companies and service providers worldwide with around-the-clock availability, which ensures customers avoid revenue losses from site DDoS outages. Customers are discovering that by implementing Black Lotus’ DDoS mitigation, they can eliminate attack-related interruptions by 99% without having to invest in additional infrastructure to absorb attacks. Additionally, Black Lotus is offering a free PFN service for data centers and service providers that need up to one gigabits per second (Gbps) of DDoS protection or want to offer it as an entry-level service to end users.

For worldwide service providers that offer Web hosting, cloud hosting, collocation, Internet services, and virtualized and dedicated servers, any interruption to client services can result in customers migrating to competitors. Organizations such as Servers Australia, Steadfast, Zone Networks, Rack Nation and Continuum trust Black Lotus’ PFN technology to meet constant availability requirements. The PFN offering allows whole-infrastructure DDoS protection for data center companies and service providers and can also be offered as a value-added service to hosting customers. The end result is a new revenue stream that can defend its own infrastructure and fund the effort through reseller sales to end users.

DDoS attacks lasting hours or even minutes can lead to loss of revenue and customers. Black Lotus’ free PFN service enables data center companies and service providers to get started with border gateway protocol (BGP)-based DDoS protection, which includes an introductory level of protection and clean traffic. Service providers can try the entry-level DDoS protection and then quickly ramp up to full-scale mitigation in the future. The full PFN package lets any BGP network establish a session with the Black Lotus scrubbing center for immediate filtering during a DDoS attack. Once the session is active, only confirmed DDoS attacks are sent to the scrubbing center, where IPs under attack are inspected and filtered, and only clean traffic is routed back to the target’s network.

“Dedicated and managed hosting companies are finally recognizing it’s a matter of ‘when,’ rather than ‘if’ they will suffer an attack against their online presence. These companies are often the backbone of countless sites and businesses that need 24/7 uptime to serve their customers, which also makes them prime attack targets,” said Shawn Marck, CEO of Black Lotus. “Our services deliver rapid deployment of DDoS mitigation, so service providers not only experience cost savings and operational improvements, but they can also focus on their primary mission of providing continuous Web service instead of diverting internal resources to fight fires and worry about customer uptime.”

Service providers or data center companies that are interested in DDoS protection services can send an email to [email protected] or call 866-477-5554 to learn more.

What Black Lotus data center and service provider customers are saying:

“We’ve grown our servers to host huge booking systems, airlines, government systems and many other sensitive services that require the highest level of reliability and uptime, including some of the world’s largest game server providers, which are prone to attacks 24 hours a day, seven days a week. These organizations cannot afford network connectivity issues or downtime, so DDoS protection is a must for us,” said Jared Hirst, managing director of Servers Australia, a provider of Web hosting, cloud hosting, collocation, virtualized and dedicated servers and other services. “Black Lotus can clean large amounts of DDoS attack traffic that can range in the hundreds of gigabits per second. Its network has the cleaning capacity we need, and we have successfully cleaned all sustained DDoS attacks to date.”

“DDoS attack protection is an important component to any comprehensive network security platform,” said Karl Zimmerman, president of Steadfast, a Chicago-based managed cloud and IT infrastructure company with three data centers and about 40 employees. “We have thousands of customers, all with their own needs and requirements, and having a complete security solution is critical to properly serving them. Black Lotus gives us the ability to protect against DDoS attacks while also providing control and flexibility. Because we can now keep customers up and running during DDoS attacks, we’ve been able to keep accounts that we might have otherwise lost.”

“As an offshore data center for high-profile and high-risk clients, we are a constant target for DDoS attacks,” said Felipe Cruz Ferrero, chief technical officer for Rack Nation, a data center that provides IT solutions. “We learned the necessity of DDoS protection the hard way, after we suffered repeated attacks targeted at specific clients. Rather than continuing to rely on a third party, we implemented Black Lotus’ PFN so we could control DDoS protection for our data center and end users. Now we can confidently deliver 99.98 percent uptime to our customers, which would be near-impossible to achieve without Black Lotus’ DDoS protection.”

About Black Lotus Communications

Black Lotus Communications is a security innovator that pioneered the first commercially viable DDoS mitigation solutions. These advanced solutions enhance the security posture of small and medium businesses and enterprise clients while reducing capital expenditures, managing risk, ensuring compliance, and improving earnings and retention. Breakthrough developments at Black Lotus include the world’s first DDoS-protected hosting network, the first IPv6 DDoS mitigation environment, and the first highly effective Layer 7 attack mitigation strategy. For more information, visit www.blacklotus.net or follow Black Lotus on Twitter at https://twitter.com/ddosprotection.

Article source: http://www.darkreading.com/end-user/black-lotus-delivers-ddos-protection-for/240165369

CAMPBELL, Calif., Jan. 13, 2014 (GLOBE NEWSWIRE) — ForeScout Technologies, Inc., a leading provider of pervasive network security solutions for Global 2000 enterprises and government organizations, today announced that Enrique Salem, former Symantec CEO, will join the ForeScout Technologies, Inc. board of directors. Salem brings more than 25 years of executive leadership and business strategy experience to ForeScout.

“Enterprise and government IT executives need to rethink how to better leverage their security investments to address BYOD and advanced threats,” said Salem. “ForeScout’s network security platform delivers the visibility, control and interoperability necessary to optimize IT resources and evolve defenses. I look forward to working with ForeScout’s board and contributing to the company’s success.”

Salem has vast expertise working with high-technology corporations and is currently on the board at FireEye, Netskope, Atlassian, DocuSign and Biba. During his 19 years at Symantec, Salem served as president and CEO, chief operating officer and group president of worldwide sales and marketing, among other senior leadership roles with the company. Salem was president and CEO of Brightmail prior to its successful acquisition by Symantec. In March 2011, Salem was appointed to President Barack Obama’s Management Advisory Board.

“We are honored to have Enrique join our board as we continue to expand capabilities to support our burgeoning global business,” said Hezy Yeshurun, chairman of the ForeScout board. “His tremendous enterprise technology and business achievements complement the acumen of our board members.”

ForeScout helps organizations gain complete visibility and automated control for all devices, users, systems and applications attempting to connect to an enterprise network – wired or wireless, managed or unmanaged, PC or mobile. ForeScout CounterACT identifies enterprise security control gaps, such as rogue devices, non-compliant systems or personal mobile device use, and offers options to isolate threats and dynamically fix issues with little or no IT intervention. More recently, the company made its platform more extensible for developers, system integrators and customers through its new ControlFabric Interface. This set of standards-based integration mechanisms allows disparate security and management systems to communicate bi-directionally with the platform and, ultimately, the CounterACT network security appliance to resolve a broad array of security risks and exposures.

Salem joins the board composed of Richard Anton, director of Amadeus Capital Partners Limited; Gord Boyce, CEO of ForeScout; T. Kent Elliot, a security and telecommunications industry veteran; Mark Jensen, a veteran of Deloitte Touche; Rami Kalish, managing director and founder of Pitango Venture Capital; Theresia Gouw, general partner of Accel Partners; Doron Shikmoni, co-founder and chief strategy officer and Hezy Yeshurun, co-founder and chairman of the board.

Relevant Links

ForeScout Blog

ForeScout Facebook

ForeScout Twitter

About ForeScout Technologies, Inc.

ForeScout delivers pervasive network security by allowing organizations to continuously monitor and mitigate security exposures and cyberattacks. The company’s CounterACT platform dynamically identifies and assesses all network users, endpoints and applications to provide complete visibility, intelligence and policy-based mitigation of security issues. ForeScout’s open ControlFabric technology allows a broad range of IT security products and management systems to share information and automate remediation actions. Because ForeScout’s solutions are easy to deploy, unobtrusive, flexible and scalable, they have been chosen by more than 1,500 enterprises and government agencies. Headquartered in Campbell, California, ForeScout offers its solutions through its network of authorized partners worldwide. Learn more at www.forescout.com.

Article source: http://www.darkreading.com/management/forescout-names-enrique-salem-former-sym/240165370