ProPartner News
January 2010

Security Predictions for 2010

Social Engineering for Social Networks
The number of 2009 social networking threats will likely pale in comparison to the tidal wave of threats that will hit sites like Facebook and Twitter in 2010. Until recently, security threats such as Koobface have infected users' machines and then subsequently hijacked the session. Now, malware authors are creating malware that actually lives inside the social networking application itself allowing unlimited access to users' profiles and login credentials, whether or not the user accesses the site.

Hackers in the Cloud
Increasingly more IT functions are being offered in the cloud, and cybercrime is no different. Like many companies, cybercriminals will increasingly use cloud-based tools to more quickly and efficiently launch remote malware attacks to an even broader audience to propel an array of "exploit-as-a-service" offerings.

More Mac Attacks
Despite the recession, Apple is actually gaining marketshare, and this fact has not been lost on the hackers. iPhone and MacBook hacks have continued to make front page headlines, and it appears that Mac is the next, and most obvious attack target. Users will increasingly see targeted malicious attacks written and deployed specifically for the Mac OS X platform in 2010.

Riding The Google Wave
As far as attack targets, Web-based services such as Google Wave are right at the top. Security experts predict that there will be at least one major attack on Google's popular communication and collaboration platform because it's a gold mine of data for hackers. In light of its ability to merge e-mail, social networking updates, wikis and IM, Google Wave is the perfect one-stop shop.

Sharpen Their Skills
Granted, this has been happening for a while, but security experts agree that underground criminal networks are not going away any time soon, and in 2010, cybercriminals will continue to hone their craft and specialize their skills. Over the next year, experts anticipate an explosion of cybercrime gangs, due, in part, to widespread unemployment and lack of resources spurred by the global recession.

Reference: "Top 10 Security Predictions for 2010," ChannelWeb, December 18, 2009

Real-Time Monitor

The tool used to monitor employee and/or student Internet activity as it occurs in real-time is Real-Time Monitor (RTM). With RTM, iPrism users can observe Internet traffic on-demand, whether HTTP, IM or P2P and can configure it to capture all or per-user traffic or only those critical events occurring outside of the acceptable use or security policy in place. In those cases, RTM becomes an important diagnostic tool, helping customers determine where security holes have opened and where policy violations are occurring.

When the Real-time Monitor starts, a tabular screen appears and begins showing the monitored activity on the network. Any activity that is not monitored, according to the selected profile, will not appear in the RTM. The columns shown are Time, Type, and Action. Users may move or resize any of the columns and also have the ability to double-click on the URLs to access the site being monitored. The Filter field below the monitor allows you to screen for specific content (User Name, Blocked Traffic, IM Traffic, etc.). This can greatly enhance your ability to view specific activity and then decide how to treat that activity in the future.

Find out more information on Real-Time Monitor and Reporting.

Spotlight on Enroute Networks

Enroute Networks is based in Marietta, Georgia, just north of Atlanta. As a Cisco Preferred Partner and a Microsoft Certified Partner, Enroute Networks specializes in Cisco switches, routers, firewalls, wireless, VoIP and offers desktop & server managed services. Supporting customers across the US, the majority of their customers are headquartered in the Atlanta metro area, ranging anywhere from 5-1500 employees.

"Working with St. Bernard at all levels has been great. Installations have been a snap and tech support was continually involved with troubleshooting all the oddball topology related issues that arose for our clients. Our clients have been very positive about their iPrism, and we have had very few, if any, iPrism support calls post installation. That's almost like buying time for our NOC." - Mike Judd, Director of Technical Support Services

Industry News

ChannelWeb
Obama Appoints Howard Schmidt As U.S. Cybersecurity Czar
Facebook Privacy Updates Open Security Holes, Experts Say
Top 10 Security Predictions For 2010

eChannelLine
2009 sets new record for malware creation with 25 million new strains

CNN
Google vs. China: Free speech, finances or both?

THE Journal
What Are the Top-10 Ed Tech Priorities for 2010?

ProPartner Training

Live iPrism 6.4 webinars are now available for new and existing customers. Visit the Partner Portal for the updated schedule and registration.

New Customers:
This 45 minute iPrism webinar covers the emerging Internet threats in HTTP, IM and P2P traffic including spyware, malware and phishing. You will learn how the iPrism Internet Filtering appliance protects employees as well as organizations, and because iPrism is completely self-contained in one easy-to-use appliance, no additional hardware or software is required to purchase, install or maintain.

Existing Customers:
This 20-minute product demonstration will familiarize your customers with iPrism 6.4 new features.

This live demo will cover:

  • Web-Based GUI that's replacing our Java-based UI
  • Authentication enhancements
  • New WCCP 2.0 support
  • Deployment Options (Bridge versus Proxy)
  • H Series vs. M Series hardware specifications and how H Series is better equipped to handle 6.4
  • Coming Attractions: Mobile and Remote Filtering requiring no DMZ or VPN (6.41)

Questions or comments? E-mail us at propartner@stbernard.com or call 1-858-524-2139

St Bernard Software - 15015 Avenue of Science - San Diego, CA 92128