Feeds

Articles about Endpoint

Zero-day hits Symantec endpoint products

Get patching, sysadmins, there's a zero-day in Symantec Endpoint Protection (SEP). This US-CERT advisory is alerting anyone who ignored Symatec's note about the issue. CVE-2014-3434 is a local access vulnerability with a public exploit. A client buffer overflow can cause a blue-screen-of-death on the client, which could also …
money trap conceptual illustration

Veeam varies virty voyage with free endpoint backup tool

Veeam has set a new price for endpoint backup software: $0. That's £0, ¥0 and €0 for readers beyond the USA. That low, low, price applies to a new product called Veeam Endpoint Backup FREE that pretty much does what it says on the can: install the code on a Windows machine and you can instruct it to back up “files, volumes or …
Simon Sharwood, 10 Oct 2014
Bitdefender security image

Flaws found in Bitdefender enterprise endpoint manager

Holes have been reported in Bitdefender's Gravity end-point protection platform that allow hackers to target corporate infrastructure. Researcher Stefan Viehbock of SEC Consult Vulnerability Lab said the flaw affecting the latest version provided an entry point for attackers to move laterally through the network. "Attackers are …
Darren Pauli, 17 Jul 2014
nuts

Promisec Endpoint Manager: So we gotta cope with BYOD... Help!

The explosion of internet-connected gadgets, sensors and other devices that underpins the "internet of things" concept makes my head hurt. When combined with the completely new security model presented by IPv6, BYOD and cloud computing, automation of endpoint management is rapidly becoming non-optional. I've started taking a …
Trevor Pott, 18 Jul 2013
Cloud security

Keeping your endpoint data safe: some simple precautions

People are out to get you. Your business, your users, your systems and your data all have value to someone. You could be targeted because you have something that someone specifically wants, or because attackers are hoping to find bank account details or email addresses to spam, or because they want your compute power for a …
Adam Fowler, 21 Oct 2013
Facebook privacy image

Crusty API opened Facebook accounts to hijacking

A leftover API that Facebook forgot to kill has left accounts open to spammers and scammers, says security Stephen Sclafani. The flaw means an attacker could view other users' messages and post status updates. Sclafani found that a then mis-configured endpoint, since patched, allowed legacy REST API calls to be made on behalf of …
Darren Pauli, 10 Jul 2014
padlock

Palo Alto Networks splashes $US200 million on Cyvera

Palo Alto Networks has announced that it's buying Tel Aviv-based Cyvera for $US200 million, including $US88 million in cash. The attraction is the Israeli company's TRAPS (Targeted Remote Attack Prevention System), an endpoint protection system for Windows machines, which PAN will add to its existing firewall and cloud security …

Cisco makes ACI control more programmable

Cisco has released a command-line toolkit for its Application Centric Infrastructure (ACI), freeing sys admins from the tyranny of the GUI. The company describes its ACI Toolkit as a combination of “an NX OS-like CLI and some custom Python scripts” that cover the most common daily configuration and admin tasks. The toolkit also …
Fastpass logical diagram

Kill queues for fast data centres: MIT boffins

MIT researchers hope to speed up networking inside the data centre with concepts that will look familiar to old networking hacks: they propose a central arbiter for network traffic that picks out a predetermined path before a packet is transmitted. The boffins call the scheme Fastpass, and its other characteristic is that the …
Josh and some superheroes at Spiceworld 2013

CloudMask dons cape and sets foot on the mean streets of Blighty

Cloud-based security services firm CloudMask, whose technology offers to protect sensitive information in the cloud, even in the case of a network breach, launched in the UK on Tuesday. CloudMask's technology works on the premise that no one can be trusted with data - including cloud administrators, governments, employees, and …
John Leyden, 09 Sep 2014
Clouds_and_sun

Biz data botherer CommVault slips out fresh do-it-all bundle

CommVault has added additional AWS and Azure support and reveals easier, more targeted ways to buy its all-singing, all-dancing backup/archive/data management product Simpana 10. The AWS and Azure facilities include cloud reporting, end-user self-service provisioning, recovery, software snapshots and virtual machine resource …
Chris Mellor, 22 Aug 2014

PRE-SPLINTERED Symantec's Q2 revenue slips, net profit rises

Symantec has reported mixed second quarter results, with revenue down one per cent on the year, but net profit rising by the same amount. The company saw revenue of $1.62bn for its second fiscal 2015 quarter, compared with revenue of $1.64bn a year ago (a fall of one per cent), and $1.74bn in the previous quarter. Net profit of …
Chris Mellor, 06 Nov 2014
The Register breaking news

What you can do to enforce endpoint security

Thirty years after the PC was launched, security and management problems for the endpoint seem to be getting worse rather than better. PCs have become more functional, creating a greater surface area for attack. And the number of endpoint devices has proliferated, as tablets, netbooks and smartphones have entered the fray. The …
Danny Bradbury, 27 Dec 2011
Rosetta Flash diagram

Weaponised Flash flaw can pinch just about anything from anywhere

Get cracking with the latest Flash upgrade, because the vulnerability it patches is a peach, allowing a cross-site request forgery (CSRF) attack for stealing user credentials. According to the Switzerland-based Google engineer that turned up the vulnerability, Michele Spagnuolo, sites that are/were vulnerable to the attack …

Google: OK world, make our 'End-to-End' crypto tool SPOOK PROOF

Google has released the source code for an encryption plugin for Chrome that makes the secure sending of email easier. The web giant said its End-to-End Chrome plugin, currently in alpha development status, will provide a secure method for transmitting data between users, with data encrypted locally in a user's browser and …
Shaun Nichols, 03 Jun 2014

FireEye buys outfit that lifted the lid on Chinese cyber-espionage

Threat prevention firm FireEye has acquired privately held net security firm Mandiant. The cash and shares deal, announced Monday, is valued at around $1bn. Mandiant is best known for its landmark study into the Chinese APT1 hacking crew last year, which exposed the organisation's tactics and evidence of its links to the Chinese …
John Leyden, 03 Jan 2014

China's web giants unite to defuse Windows XP bombshell

A gaggle of Chinese web firms have come together with a plan to protect Windows XP users in the Middle Kingdom for at least the next two or three years, according to local reports. The unusual step will see messaging giant Tencent, search engine Sogou, software company Kingsoft and several others offer technical support for XP …
Phil Muncaster, 25 Feb 2014

VMware updates vSphere, recommends new security fixes

VMware has released a second update to vSphere 5.5. The headline news in the new release is that hosts can now run up to six terabytes of RAM. And yes, we do mean terabytes. vCenter Server can now support Oracle 12c, Microsoft SQL Server 2012 Service Pack 1 and Microsoft SQL Server 2014. Those considering hybrid cloud get to …
Simon Sharwood, 10 Sep 2014

Microsoft offers 'free' backup for Azure users with the cloud fear

EVault has promised a year’s worth of cloud backup and disaster recovery services to biz customers who take out an Azure Enterprise agreement with Microsoft. The two firms inked the agreement for EVault to provide the service last week. It's actually a fairly natural fit for users who might be a little unnerved by recent …
Chris Mellor, 05 Nov 2013
balaclava_thief_burglar

Cisco: Hey, IT depts. You're all malware hosts

Everybody – at least every multinational that Cisco checked out for its 2014 Annual Security Report – is hosting malware of some kind, and there aren't enough security professionals to go around. Along with its Managed Threat Defense service launched this week, Cisco also launched the latest publication (here with registration) …

OK, we get the message, Microsoft: Windows Defender splats 1000s of WinXP, Server 2k3 PCs

Microsoft has fixed a snafu with Windows Defender that took down thousands of business PCs and servers running Windows XP and Server 2003. The software giant responded to sysadmins complaining on TechNet that large numbers of their machines were borked after they’d installed Microsoft’s latest set of antivirus definitions. Once …
Gavin Clarke, 17 Apr 2014

Cybercrooks breed SELF-CLONING MUTANT that STEALS your BANK DETAILS

Cybercrooks have put together a botnet client which bundles in worm-like functionality that gives it the potential to spread quickly. Seculert warns that the latest version of the Cridex (AKA Geodo) information stealing Trojan includes a self-spreading infection method. Infected PCs in the botnet download a secondary strain of …
John Leyden, 02 Jul 2014
CTERA_ViPR_video

CTERA gets bitten by EMC's snake, develops ViPR compatibility

Deep breath: cloud storage gateway and cloud services platform product startup CTERA has gone and got itself snake-bitten – it’s now ViPR compatible. ViPR is EMC’s software layer to provide separate control plane orchestration functions and data plane services – such as file, block and object access – across its own and third- …
Chris Mellor, 06 May 2014
Windows XP

Fine! We'll keep updating WinXP's malware sniffer after April, says Microsoft

Microsoft has capitulated to the legions of users who are still running Windows XP once again, by extending support for its antimalware software for the aging OS into 2015. In the past, Redmond has warned that it would discontinue support for Microsoft Security Essentials, Forefront Client Security, Forefront Endpoint Protection …
Neil McAllister, 16 Jan 2014

SPLITTERS! Symantec cleft in twain

The reports have been confirmed: Symantec CEO Michael Brown will split the unwieldy business into separate security and information management concerns, thus undoing the 2004 Veritas acquisition. Brown has moved quickly after his confirmation in the role to lift the cleaver. The San Andreas-style fault running through the heart …
Chris Mellor, 10 Oct 2014

Firewall-floggers in FLAMING MESS: Where'd our mystery margin go?

If you work in the fields of technology distribution, services and resale, you'll surely hear about cloud, mobile, social and virtual more than anything else. However, it is the changing patterns in security spending that are perhaps most dramatically re-shaping our businesses. Gone are the good old days of pushing traditional …
Covert Redirect modified logo

'Covert Redirect' OAuth flaw more chest-beat than Heartbleed

A recently reported new "vulnerability" in OAuth appears to be anything but. That unkind assessment has come from security specialists after a flaw called "Covert Redirect" made headlines that conflated the flaw with the Heartbleed vulnerability, a major security risk that legitimately sent administrators scrambling to fix their …
Darren Pauli, 05 May 2014

Will EMC swallow cloudy upstart? These analysts seem to think so

Any move by EMC to acquire Maginatics — and the latter’s software-only cloud storage gateway — would be a “very smart buy”, according to analyst Ben Woo at technical consultancy Neuralytics, following speculation the storage giant is closing in on the startup. “Software defined storage is not just about on-premise [developments …
Chris Mellor, 21 Oct 2014
Various devices including phone, laptop and tablet

How mobile device management is taking on the BYOD challenge

Every IT manager worth his or her salt would really like to get hold of users’ physical devices to lock down security and manage privileges, protocols and permissions in the perpetual quest for control. This is not always possible. The situation has given rise to industry terminology such as mobile device management (MDM) and …

Don't lose control of those fast-breeding endpoints

So you want to know about security? Well you have come to the right place. I have been here for a while and I can tell you that outside these gates it’s full of cowboys, sharks and pirates, none of whom will hesitate to take what is yours and call it their own. The above is is a quote from a brochure I wrote in an attempt to …
Aaron Milne, 22 Oct 2013

Amazon seeds cloud with apps that flow to streams

Amazon Web Services (AWS') big day it ats re:Invent cloud shindig in fabulous Las Vegas may have been headlined by its disruptive entry into the desktop virtualisation market, but the company also announced a new tributary to its cloudy river in the form of the new AppStream service. Here's how it works. You build and app and …
Simon Sharwood, 14 Nov 2013

Securo-borg FireEye coughs $70m to buy 'flight-recorder-for-networks' tech

Security vendor FireEye has bought network forensics firm nPulse Technologies in a $70m deal. FireEye is stumping up $60m in cash and $10m in stock to get its hands on nPulse, a privately held startup that boasts it offers the industry's fastest full packet capture and indexing technology. nPulse’s forensics will be integrated …
John Leyden, 07 May 2014
named data networking

DEATH TO TCP/IP cry Cisco, Intel, US gov and boffins galore

The US National Science Foundation, Cisco, Verisign, Panasonic and boffins from around the world have thrown their weight behind a new “Named Data Networking Consortium” that aims to develop “a practically deployable set of protocols replacing TCP/IP that increases network trustworthiness and security, addresses the growing …
Simon Sharwood, 05 Sep 2014
Kaspersky Lab logo

Kaspersky's Security for Virtualization pushed to XenServer and HyperV

Kaspersky is extending its Security for Virtualuzation Light Agent security tool to the Citrix XenServer and Microsoft HyperV platforms. The company said that the Light Agent tool will launch on April 22 with XenServer and HyperV support as well as new options for VMware's vSphere hypervisor. The company will continue to …
Shaun Nichols, 15 Apr 2014
Steve Bennett

Symantec BACKS OUT of Backup Exec.cloud

Symantec's resellers have reportedly been given notice to stop providing annual subscriptions to Backup Exec.cloud by 6 January. Backup Exec.cloud lets small and medium businesses store backups in a Symantec remote vault (the cloud) or on-site and in the cloud. Customers have been told they can use the service until one year …
Chris Mellor, 28 Nov 2013

Symantec: Antivirus is 'DEAD' – no longer 'a moneymaker'

Symantec, a company that has made huge amounts of cash as the largest antivirus software vendor for the last quarter of a century, looks to be getting out of that business and into fixing hacking problems rather than stopping them. "We don't think of antivirus as a moneymaker in any way," Brian Dye, Symantec's senior vice …
Iain Thomson, 06 May 2014

Symantec to offload Altiris: report

Almost six years to the day since announcing it would acquire infrastructure management outfit Altiris for a cool $US830m, Symantec is said to be offloading the company. The Wall Street Journal reports “people familiar with the process” Symantec is willing to offload the products it acquired for less than the purchase price. …
Simon Sharwood, 16 Jan 2013
Sphere 3D

Overland Storage, 'miracle' flirty virty Sphere 3D jump in bed

Perennial loss-making Overland Storage will merge with Canadian company Sphere 3D. The combined companies will take the name of Sphere 3D, whose Glassware software apparently does the seemingly impossible: “Enable mobile device users the full functionality of any software program or application on any device, anywhere.” …
Chris Mellor, 16 May 2014
The Register breaking news

MIT boffins give computers control to clock faster TCP

A group of MIT researchers has unveiled a machine learning approach to TCP congestion which could form the foundation of the next round of improvements to the venerable protocol's performance. Dubbed “Remy”, their TCP control software is based on the idea that even sophisticated modern congestion control algorithms (like …

Microsoft's security apps still trip up on Windows 8

German independent security firm AV-Test has released evaluations of security software for Windows 8 for the first time, and – not entirely surprisingly – it once again found Microsoft's own products were among the weaker performers. The firm tested its usual batch of 25 antivirus products for consumers, plus eight aimed at …
Neil McAllister, 09 Apr 2013
Druva

Druva: We can do a mixture of anything you can do

Mobile, desktop and notebook backup startup Druva has dropped file sharing into its product mix and reckons it's distanced itself from pure-play endpoint backup vendors and file sync 'n' share players. Druva was founded in 2008 and says its software is used to protect more than a million endpoints - desktop and notebook PCs, and …
Chris Mellor, 27 Nov 2012

Symantec's 'Hamlet' becomes 'Endpoint Protection'

Symantec is cracking open the lid today on a gumbo of acquired security technologies which will replace its current business security software, Symantec AntiVirus. Endpoint Protection 11.0, formally code-named Hamlet, has entered public beta for users curious to get a whiff of Symantec's latest concoction, expected to be ready …
Austin Modine, 13 Jun 2007
Amuse bouche

Reg man picks out tastiest tidbits from heaping mounds of storage announcements

Suppliers are furiously ladling out news like demented cafeteria workers attempting to feed the multitudes, so we thought we'd slice off a few of the tastier morsels and present them to you on a sideplate – all the better to prevent any storage indigestion. A3CUBE introduces RONNIEE 2S, a Network Interface Card that can transmit …
Chris Mellor, 19 May 2014

Top ten biz software vendors reveal Heartbleed exposure

The advent of the Heartbleed Open SSL vulnerability has enterprise software development teams scrambling to figure out if they have a problem, and the news is not always good. Vulture South has ploughed through the recently updated list of the world's top 10 software vendors. Here's how each fares. Microsoft is chilling out …
Simon Sharwood, 11 Apr 2014
John McAfee

McAfee chap is back in crypto-wrap chat app back flap

Antivirus pioneer and one-time fugitive John McAfee has backed Chadder, a new instant-messaging app for smartphones that promises "the highest degree of security and privacy." The app is being marketed by Future Tense Central, a J.McAfee-owned company that claims to be headquartered in Silicon Valley, although McAfee himself was …
Neil McAllister, 05 May 2014

FireEye enters crowded IPS market

Late last week, FireEye took something of a plunge, throwing its hat into the ring of the crowded intrusion prevention system (IPS) market, with a beta of software that adds IPS capability to its virtualised MVX environment. With the IPS to be made available as a license add-on for the company's NX network threat prevention …
ITU ballot box

UN takeover of internet postponed indefinitely

Efforts to squeeze the United Nations into the throne of the internet have been comprehensively defeated at a key meeting in South Korea. The result raises the possibility that after more than a decade of fighting, the threat of a UN takeover is a thing of the past. After more than two weeks of negotiations at the United …
Kieren McCarthy, 05 Nov 2014
IT Crowd. Source: Channel 4 / 2entertain

Sophos to offshore American support operations

Sophos plans to offshore support operations from the US to Canada and the Philippines as part of a wide-ranging restructuring of its support operations. The plans were outlined in an internal email to staff from Mary Winfield, SVP Global Support, leaked to El Reg by an anonymous tipster. "Another year, another round of layoffs …
John Leyden, 20 Oct 2014
The Register breaking news

Your nicked iPad now likelier than ever to show up in Mongolia

The number of laptops and tablets stolen in one country and recovered in another is on the rise. Absolute Software's second annual Endpoint Security Report records that stolen kit that had not been nicked locally had been recovered in an additional eight countries as far afield as Mongolia, Gambia, Vietnam and Zimbabwe. In the …
John Leyden, 05 Sep 2013

They've taken my storage hostage ... now what?

There's an encrypting ransomware Trojan making the rounds called Cryptolocker. I will save the details on my battle with this beastie for later*, but suffice it to say that if this encrypts your stuff you are done. There is no getting your data back unless you have backups or pay the ransom. Let's set aside the ultra-well …
Trevor Pott, 24 Oct 2013