SecurityWeek

Early this month, Juniper Networks conducted an informal survey on the show floor of VMworld 2011. The survey, which garnered responses from some 60 attendees of the Vegas-hosted event, found that more than 77% of respondents ranked security as a top concern for virtualizing workloads. However, the economic benefits of virtualizing are extremely compelling.

Got Vulnerabilities? Deal with it.

IronKey, a company that originally made its mark offering USB-based hardware solutions ranging from flash drives with encrypted storage, to a virtual desktop solution for carrying a secure computer operating system in your pocket, today said it will be selling off that part of its business.This is a strategic move for Sunnyvale, California based IronKey that has decided to focus its efforts on cloud-based solutions to secure access to Internet services.

Following the recent cyber attack that resulted in an intrusion into DigiNotar’s Certificate Authority (CA) infrastructure and the fraudulent issuance of SSL certificates for hundreds of domains, including Google.com, CIA.Gov and many others, DigiNotar officially will be closing its doors for good.

Bit9, a provider of application whitelisting security solutions, announced on Monday that Richard Clarke, former Cybersecurity Czar for President George W. Bush, has joined the company’s Board of Directors.A recognized expert on cyber war and counter-terrorism, Clarke will provide strategic advice and insight to Bit9 and its board.

Security experts urge organizations to test IPv6 compatibility across security products and gateways as networks undergo upgradesIf your IT department hasn’t thought about an IPv6 strategy yet, you're behind the curve. While IPv6 was designed mainly to address the exhaustion of IPv4 addresses, it’s creating several challenges for IT departments in terms of ensuring the end-to-end stability and performance of enterprise IP networks and the Internet as a whole.

Managing ever-growing volumes of data and being prepared for eDiscovery requests challenges many organizations. Email is no longer the primary source of records companies must produce when it comes to eDiscovery requests—at least according to a recent Symantec-sponsored survey of legal and IT personnel at 2,000 enterprises worldwide.

In a rare move, Oracle broke its normal procedures and issued an emergency patch due to concerns about the impact of a successful attack.The fix addresses a denial-of-service vulnerability in Oracle’s Apache Web server software. According to Oracle, the issue affects multiple versions of Oracle Fusion Middleware 11g Release 1, Oracle Application Server 10g Release 3 and Oracle Application Server 10g Release 2.

Since the discovery of Stuxnet in 2010, there has been a bit of a bull’s eye on the software used to run industrial control systems. Just recently, Italian security researcher Luigi Auriemma poked a new set of holes in Supervisory Control and Data Acquisition (SCADA) products from a number of vendors, including Progea, Rockwell Automation, Cogent and Measuresoft.

An Introduction to Modern Malware

Mitsubishi Heavy Industries Ltd, Japan's largest defense contractor, has been a victim of a cyber attack, according to a report from the company. The company said attackers had gained access to company computer systems, with some reports saying the attacks targeted its submarine, missile and nuclear power plant component businesses.

Like any business decision, make a plan on what new technology you are going to use, then support that plan with enabling security controls to put it into reality.

McAfee announced new security technology this week that leverages Intel hardware and could be used to fight rootkits.Dubbed DeepSafe, the technology enables McAfee to develop hardware-assisted security products that take advantage of a “deeper security footprint,” according to the company. The technology sits below the operating system, which officials hope will allow McAfee to proactively block rootkits that bury themselves in the OS to avoid detection.

The SpyEye Trojan has a well-earned place of respect in cyber-underground as an adaptable and effective piece of malware. Those same traits have also made it a bane for countless victims and the security community, and new research by Trend Micro provides yet another reminder of why.

Security experts from Sourcefire talked up the company’s “Agile Security” strategy this week, emphasizing the need for informed, adaptive and automated security products to protect today's dynamic IT environments from constantly changing threats. The strategy comes down what the company calls four essential tenets: