security

By 2009 there will be an estimated 2 bn cell phones in use around the
world, and as these devices can be easily intercepted, compromised, and
exploited, security has become a huge issue

TOP 10 HACKS

Early 1990s

Kevin Mitnick, often incorrectly called by many as god of hackers, broke into the computer systems of the world's top technology and telecommunications companies Nokia, Fujitsu, Motorola, and Sun Microsystems. He was arrested by the FBI in 1995, but later released on parole in 2000. He never termed his activity hacking, instead he called it social engineering.
November 2002

F-Secure has said its "Internet Security 2007" will provide consumers with advanced protection against new and unknown threats.

The company said the new product features remarkable new features to help further strengthen its leadership in the data security market.

Speaking about the new product, Ari Alakiuttu, Vice President of Product Marketing, F-Secure, said, "Consumers have a right to data security products that offer them protection at every possible level of interaction with the online world. We believe at F-Secure that the latest version of F-Secure 'Internet Security 2007' incorporates world class features, and will set the standard for all other data security products serving the home and small office segment."

We, at Systems Assurance Institute (Mumbai) are launching exclusively in India the Certified Security Compliance Specialist™ (CSCS™) Program.

This credential is a job-role based designation. This program is designed to enable professionals to understand, prioritize and ultimately assist organizations achieve compliance with information security-based regulations.

Legislations such as Sarbanes-Oxley, Data Protection Acts, PIPEDA, FFIEC, HIPAA and standards such as the COBIT, ISO 17799:2005 are a requirement for organizations to comply with. A key objective for organizations worldwide is to integrate security best practices and be in compliance. Skilled professionals who understand regulatory compliance requirements and information security are valued across several industries, especially ITES, Software, Financial, healthcare and the government.

If FunCade, Jessica Simpson Screensaver, UnSpyPC or Winfixer is installed on your computer, chances are your machine is spying on you.

All four applications are the most recent additions to StopBadware.org's Badware Watch List.

StopBadware.org is a nonprofit consumer protection initiative formed by Harvard Law School's Berkman Center for Internet & Society and Oxford University's Oxford Internet Institute to combat spyware.

According to the organization, "Badware" is any piece of malicious software that tracks users' moves online and then feeds that information back to shady marketing groups.

The marketers sell that data and may use it to ambush people with pop-up ads. The info can also be used to drain bank accounts or carry out identity theft.

Badware is now a $2 billion-a-year industry and 59 million Americans have malicious information collecting software on their computers, according to StopBadware.org.

"Adware and spyware threats have become a paramount threat in the past two years," said Ken Dunham, director of the Rapid Response Team at VeriSign iDefense, a computer security research company.

"And protecting against ad/spyware is not easy in today's world."

Dunham noted that many of these bad programs are embedded into Web site code or included surreptitiously with free applications like games and screensavers.

1. IBM Tivoli Express Solutions Launch.

If you are a growing business facing the challenges of increased IT operations costs, constant infrastructure changes, managing a complex heterogeneous environment, while worrying about compliance and audits, IBM Tivoli Express Solutions Launch is where you can find all the answers.

Mumbai
Date: 19th May, 2006
Venue: Grand Hyatt, Part 3, Mumbai
RSVP: Tel: 022-32632898 Fax: 022-25293201

New Delhi
Date: 23rd May, 2006
Venue: Hyatt Regency Ballroom, Part 1 & 2
RSVP: Tel: 011-26531302 Fax: 011-26531309

2. Laying the foundation for SOA architecture

Another hit from my Google search on information archiving:

http://www.outsourcingstrategy.org/india/ (5 November 2005)

"Offshoring and the ISO 17799 Imperative

"When organizations allow outsourcers or other third parties - whether local or offshore - to handle customers' information, they will increasingly demand evidence that this data is protected while offsite. One way to ensure good practices for security is to use service providers certified to the BS7799 British security standard - or its international equivalent ISO 17799 - ...."

The data is the prime asset in the ICT and any damage to the data is horrendous not just for individual but even to large corporate houses but government.
National security is supreme for the existence of any country and in order to know more about the defence of the opponent, often espinoage is resorted to and the security wing put up its resources to get the data.

Similarly, in the cut throat business world, there is trend in some aspiring managers to achieve successes at any cost.

These are some of reason for securing the data from the vulnerabilty.

Data has become more vulnerable then ever before, people resort to using unfair, illegal means to procure the secret plans of the defence or company.

Today I was just thinking about what would be the big market scope in flexible IT field.
After little bit study I came to one point that applicationlevel is littlebit stable now a days.But still we see that lots of big organizations are also struggling against security in things. So Security is the big eye for IT professionals.

It has been felt as necessary requirement and everybody is taking it seriously. Not individually but incase of organization also. recently you might have heard about news regarding Microsoft Security Shootout challange.

I hope the Security Shootout indicates a genuine shift of direction by Microsoft, towards real security in their products..... but I must admit to being skeptical.

Since 1999, I have been associated with New Media Security, who develop strong encryption solutions for PC and PDA devices, so I've come to understand a lot about the security shortcomings of various Windows versions.

During that period, Microsoft introduced Windows 2000 and the Encrypted File System (EFS). On the face of it, this seemed like a positive development. However, Windows 2000 and XP still suffer from one extremely serious flaw in their security, to do with the way in which passwords are encrypted.

Good Microsoft, well done to have woken up to security threats, after repeatedly promising and failing to deliver OS / Browser / IM which is hack-free. Many times we have written code which we think is proper, yet we have seen some arbitrary applications popping up or even installing apps without user interventin...come on, have a look at the vulnerabilities
http://blogs.technet.com/msrc/default.aspx

Having said that, ofcourse good and experienced developers using bad practises to write code, often are lazy to code enough so that the threat vulnerability is minium. It should be an interesting challenge to know how others did on this content, will participate shortly...am out of here now.

ITVidya have associated with Microsoft to encourage participation and interactivity among our community to share tips on security, writing secure code, resources and taking support from each other to accelerate learning on hack-proof coding.

Slug: Create the safest code – Compete with the best coders all over India & Win some amazing prizes!

Intro: Security Shootout is a unique Microsoft India initiative to promote the concept of writing secure codes amongst Indian developers. To make learning fun and also rewarding, Microsoft are launching this contest targeted at all developers based out of India with over 7500 fabulous prizes to be won.

Hello! This is my first post on ITVidya!

IntelleSecure will conduct a 4 day workshop for aspirants of the Certified Information Systems Security Professional certification. The details are as follows:

The objective of this course is to prepare each participant for the CISSP certification exam & to enable each participant to effectively apply the knowledge gained during the workshop in a working environment. We will provide you with a detailed understanding and knowledge of each domain and topics that will be of value and use within your company. The course focuses not only on the areas from the CISSP exam perspective, but also on a more detailed and practical perspective. This workshop will give you the ability to manage, operate, develop and plan an effective information security infrastructure.

IntelleSecure is a leading Information Security consulting organization providing support to customers helping them understand how to protect their information assets, networks & systems by adopting globally proven methodologies and practices.

With a clearly established presence in Bangalore, IntelleSecure specializes in conducting workshops on

Security Awareness
CISSP Boot camp
BCP & DR (Business Continuity Planning & Disaster Recovery)
BS7799, IS17799
SAS70 (Statement of Auditing Standards)
SOX (Sarbanes Oxley Act)
Computer Forensics
Ethical Hacking, PT & VA (Penetration Testing & Vulnerability Assessment)