Security Now Blog: Addressing Today's Information Security Issues

Since January 2010, over 100,000, possibly up to 5,000,000 websites have been unleashing drive-by download attacks on visitors that were using Internet Explorer or Adobe Reader/Acrobat.  Less than a week ago, less than half of the roughly 50 leading antivirus products were detecting the attack.  If during this time you visited a website without any content because the owner hasn’t posted any content yet, and there’s some kind of boilerplate content along the lines of ‘under construction’, and if such a “parked” page were hosted by Network Solutions Inc., which may be the largest in the industry,  then your computer may be infected! (more…)

Researchers at Black Hat 2010 and DefCon 18 demonstrated how to circumvent security restrictions intended to prevent malicious PowerShell scripts from doing harm.  The researchers say antiVirus, host intrusion prevention system (HIPS), as well as software restriction policies (SRP) built into Windows Group Policies, and other advanced security software products cannot protect computers from these attacks.  AppGuard protects Windows computers from these sophisticated zero day attacks. (more…)

Microsoft issued a critical security advisory on Friday (16 July 2010) concerning a vulnerability affecting most Windows operating systems. Security pundits consider this an extremely serious persistent [malware] threat (APT). Speculation suggests no Microsoft patch until August 10, but never for Windows XP SP2 users. This vulnerability poses little risk to AppGuard or AppGuard Enterprise protected Windows computers, even XP SP2. (more…)

Since AppGuard was released in 2008 for consumers, many parents have requested some form of parental controls that protect the family from what the family members do not know or appreciate about information security.  With the release of AppGuard 2.0 within the next month, Blue Ridge delivers parental controls. (more…)

When it comes to protecting federal interests from the security risks of telecommuting from employee-owned Windows PCs by providing or insisting that they use a recommended anti-virus suite is similar to asking someone wearing protected by nothing but a helmet to walk into a hot combat zone. Yes, the helmet can do some good. But, for the most part, it is a symbolic, worthless protection. There is however a practical solution to federal telecommuting. (more…)