Burlington, MA & Redwood Shores, CA, 13th July, 2009 – The hacker attacks on Web sites in South Korea - which spilled over to selected US government sites last week - were almost certainly orchestrated by hackers sympathetic to North Korea, but the attacks could have been organised by anyone with a modest budget, says Imperva, the data security specialist.

"It doesn’t make sense that this attack came exclusively from North Korea.   First, the attack was using widespread code executed by zombie computers all over the world.  Second, this attack is relatively inexpensive to execute—no more than $50,000—making it doable not just by any government, but also by any Tony Soprano.  That’s the really scary part.”, said Amichai Shulman, Imperva's CTO.

July 8, 2009 – Security services are an untapped business opportunity for service providers including Internet service providers (ISPs), data centers and telecom operators according to IP-based security and unified threat management (UTM) specialist, Clavister.

The commoditization of services means that providers face serious challenges as margins are eroded away. Andreas Åsander, VP product management, Clavister explains: “Service providers trade in intensely competitive areas where industry saturation is forcing the price of standard services down virtually eliminating profit margins. The result is that there is little to differentiate suppliers and so no competitive advantage.

TSS’ distributed deployment architecture, new workflow GUI and Tufin Open Platform API’s provide organisations with an automated, flexible, and highly robust platform to create, monitor, manage and audit network security policies LondonJuly 7th, 2009 - Tufin Technologies, the leading provider of Security Lifecycle Management solutions today announced a new release of its Tufin Security Suite (TSS). Version 5.0 elevates TSS from an integrated offering of Tufin’s award-winning SecureTrack and SecureChange Workflow product set to a robust, flexible and fully automated security and network policy management platform. The significant innovations to the TSS architecture and workflow interface, combined with new functionality provided by the Automatic Policy Generator (announced today in a separate release), has provided Tufin with the foundation to deliver on its vision of Security Lifecycle Management: A cohesive framework for centralized network security policy management.

Farnborough, United Kingdom – July 7, 2009 - Cybercriminals are targeting yet another vulnerability in Microsoft product -  the Microsoft Video ActiveX Control. The zero-day vulnerability that was found can be exploited via a malformed Web page. 

The attack, that was already spotted in the wild, enables remote code execution (RCE) on the targeted machine. By exploiting this vulnerability cybercriminals are inserting a data-stealing Trojan to the victim’s machine .

For more information about this zero-day attack and a snapshot of the actual code visit Finjan’s blog at: http://www.finjan.com/MCRCblog.aspx?EntryId=2300